summaryrefslogtreecommitdiffstats
path: root/data/CVE/2020.list
blob: 654068a6d01289e687cdf2271a0730ec9d1880fd (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
2476
2477
2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
2529
2530
2531
2532
2533
2534
2535
2536
2537
2538
2539
2540
2541
2542
2543
2544
2545
2546
2547
2548
2549
2550
2551
2552
2553
2554
2555
2556
2557
2558
2559
2560
2561
2562
2563
2564
2565
2566
2567
2568
2569
2570
2571
2572
2573
2574
2575
2576
2577
2578
2579
2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
2621
2622
2623
2624
2625
2626
2627
2628
2629
2630
2631
2632
2633
2634
2635
2636
2637
2638
2639
2640
2641
2642
2643
2644
2645
2646
2647
2648
2649
2650
2651
2652
2653
2654
2655
2656
2657
2658
2659
2660
2661
2662
2663
2664
2665
2666
2667
2668
2669
2670
2671
2672
2673
2674
2675
2676
2677
2678
2679
2680
2681
2682
2683
2684
2685
2686
2687
2688
2689
2690
2691
2692
2693
2694
2695
2696
2697
2698
2699
2700
2701
2702
2703
2704
2705
2706
2707
2708
2709
2710
2711
2712
2713
2714
2715
2716
2717
2718
2719
2720
2721
2722
2723
2724
2725
2726
2727
2728
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
2750
2751
2752
2753
2754
2755
2756
2757
2758
2759
2760
2761
2762
2763
2764
2765
2766
2767
2768
2769
2770
2771
2772
2773
2774
2775
2776
2777
2778
2779
2780
2781
2782
2783
2784
2785
2786
2787
2788
2789
2790
2791
2792
2793
2794
2795
2796
2797
2798
2799
2800
2801
2802
2803
2804
2805
2806
2807
2808
2809
2810
2811
2812
2813
2814
2815
2816
2817
2818
2819
2820
2821
2822
2823
2824
2825
2826
2827
2828
2829
2830
2831
2832
2833
2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860
2861
2862
2863
2864
2865
2866
2867
2868
2869
2870
2871
2872
2873
2874
2875
2876
2877
2878
2879
2880
2881
2882
2883
2884
2885
2886
2887
2888
2889
2890
2891
2892
2893
2894
2895
2896
2897
2898
2899
2900
2901
2902
2903
2904
2905
2906
2907
2908
2909
2910
2911
2912
2913
2914
2915
2916
2917
2918
2919
2920
2921
2922
2923
2924
2925
2926
2927
2928
2929
2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
2940
2941
2942
2943
2944
2945
2946
2947
2948
2949
2950
2951
2952
2953
2954
2955
2956
2957
2958
2959
2960
2961
2962
2963
2964
2965
2966
2967
2968
2969
2970
2971
2972
2973
2974
2975
2976
2977
2978
2979
2980
2981
2982
2983
2984
2985
2986
2987
2988
2989
2990
2991
2992
2993
2994
2995
2996
2997
2998
2999
3000
3001
3002
3003
3004
3005
3006
3007
3008
3009
3010
3011
3012
3013
3014
3015
3016
3017
3018
3019
3020
3021
3022
3023
3024
3025
3026
3027
3028
3029
3030
3031
3032
3033
3034
3035
3036
3037
3038
3039
3040
3041
3042
3043
3044
3045
3046
3047
3048
3049
3050
3051
3052
3053
3054
3055
3056
3057
3058
3059
3060
3061
3062
3063
3064
3065
3066
3067
3068
3069
3070
3071
3072
3073
3074
3075
3076
3077
3078
3079
3080
3081
3082
3083
3084
3085
3086
3087
3088
3089
3090
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
3103
3104
3105
3106
3107
3108
3109
3110
3111
3112
3113
3114
3115
3116
3117
3118
3119
3120
3121
3122
3123
3124
3125
3126
3127
3128
3129
3130
3131
3132
3133
3134
3135
3136
3137
3138
3139
3140
3141
3142
3143
3144
3145
3146
3147
3148
3149
3150
3151
3152
3153
3154
3155
3156
3157
3158
3159
3160
3161
3162
3163
3164
3165
3166
3167
3168
3169
3170
3171
3172
3173
3174
3175
3176
3177
3178
3179
3180
3181
3182
3183
3184
3185
3186
3187
3188
3189
3190
3191
3192
3193
3194
3195
3196
3197
3198
3199
3200
3201
3202
3203
3204
3205
3206
3207
3208
3209
3210
3211
3212
3213
3214
3215
3216
3217
3218
3219
3220
3221
3222
3223
3224
3225
3226
3227
3228
3229
3230
3231
3232
3233
3234
3235
3236
3237
3238
3239
3240
3241
3242
3243
3244
3245
3246
3247
3248
3249
3250
3251
3252
3253
3254
3255
3256
3257
3258
3259
3260
3261
3262
3263
3264
3265
3266
3267
3268
3269
3270
3271
3272
3273
3274
3275
3276
3277
3278
3279
3280
3281
3282
3283
3284
3285
3286
3287
3288
3289
3290
3291
3292
3293
3294
3295
3296
3297
3298
3299
3300
3301
3302
3303
3304
3305
3306
3307
3308
3309
3310
3311
3312
3313
3314
3315
3316
3317
3318
3319
3320
3321
3322
3323
3324
3325
3326
3327
3328
3329
3330
3331
3332
3333
3334
3335
3336
3337
3338
3339
3340
3341
3342
3343
3344
3345
3346
3347
3348
3349
3350
3351
3352
3353
3354
3355
3356
3357
3358
3359
3360
3361
3362
3363
3364
3365
3366
3367
3368
3369
3370
3371
3372
3373
3374
3375
3376
3377
3378
3379
3380
3381
3382
3383
3384
3385
3386
3387
3388
3389
3390
3391
3392
3393
3394
3395
3396
3397
3398
3399
3400
3401
3402
3403
3404
3405
3406
3407
3408
3409
3410
3411
3412
3413
3414
3415
3416
3417
3418
3419
3420
3421
3422
3423
3424
3425
3426
3427
3428
3429
3430
3431
3432
3433
3434
3435
3436
3437
3438
3439
3440
3441
3442
3443
3444
3445
3446
3447
3448
3449
3450
3451
3452
3453
3454
3455
3456
3457
3458
3459
3460
3461
3462
3463
3464
3465
3466
3467
3468
3469
3470
3471
3472
3473
3474
3475
3476
3477
3478
3479
3480
3481
3482
3483
3484
3485
3486
3487
3488
3489
3490
3491
3492
3493
3494
3495
3496
3497
3498
3499
3500
3501
3502
3503
3504
3505
3506
3507
3508
3509
3510
3511
3512
3513
3514
3515
3516
3517
3518
3519
3520
3521
3522
3523
3524
3525
3526
3527
3528
3529
3530
3531
3532
3533
3534
3535
3536
3537
3538
3539
3540
3541
3542
3543
3544
3545
3546
3547
3548
3549
3550
3551
3552
3553
3554
3555
3556
3557
3558
3559
3560
3561
3562
3563
3564
3565
3566
3567
3568
3569
3570
3571
3572
3573
3574
3575
3576
3577
3578
3579
3580
3581
3582
3583
3584
3585
3586
3587
3588
3589
3590
3591
3592
3593
3594
3595
3596
3597
3598
3599
3600
3601
3602
3603
3604
3605
3606
3607
3608
3609
3610
3611
3612
3613
3614
3615
3616
3617
3618
3619
3620
3621
3622
3623
3624
3625
3626
3627
3628
3629
3630
3631
3632
3633
3634
3635
3636
3637
3638
3639
3640
3641
3642
3643
3644
3645
3646
3647
3648
3649
3650
3651
3652
3653
3654
3655
3656
3657
3658
3659
3660
3661
3662
3663
3664
3665
3666
3667
3668
3669
3670
3671
3672
3673
3674
3675
3676
3677
3678
3679
3680
3681
3682
3683
3684
3685
3686
3687
3688
3689
3690
3691
3692
3693
3694
3695
3696
3697
3698
3699
3700
3701
3702
3703
3704
3705
3706
3707
3708
3709
3710
3711
3712
3713
3714
3715
3716
3717
3718
3719
3720
3721
3722
3723
3724
3725
3726
3727
3728
3729
3730
3731
3732
3733
3734
3735
3736
3737
3738
3739
3740
3741
3742
3743
3744
3745
3746
3747
3748
3749
3750
3751
3752
3753
3754
3755
3756
3757
3758
3759
3760
3761
3762
3763
3764
3765
3766
3767
3768
3769
3770
3771
3772
3773
3774
3775
3776
3777
3778
3779
3780
3781
3782
3783
3784
3785
3786
3787
3788
3789
3790
3791
3792
3793
3794
3795
3796
3797
3798
3799
3800
3801
3802
3803
3804
3805
3806
3807
3808
3809
3810
3811
3812
3813
3814
3815
3816
3817
3818
3819
3820
3821
3822
3823
3824
3825
3826
3827
3828
3829
3830
3831
3832
3833
3834
3835
3836
3837
3838
3839
3840
3841
3842
3843
3844
3845
3846
3847
3848
3849
3850
3851
3852
3853
3854
3855
3856
3857
3858
3859
3860
3861
3862
3863
3864
3865
3866
3867
3868
3869
3870
3871
3872
3873
3874
3875
3876
3877
3878
3879
3880
3881
3882
3883
3884
3885
3886
3887
3888
3889
3890
3891
3892
3893
3894
3895
3896
3897
3898
3899
3900
3901
3902
3903
3904
3905
3906
3907
3908
3909
3910
3911
3912
3913
3914
3915
3916
3917
3918
3919
3920
3921
3922
3923
3924
3925
3926
3927
3928
3929
3930
3931
3932
3933
3934
3935
3936
3937
3938
3939
3940
3941
3942
3943
3944
3945
3946
3947
3948
3949
3950
3951
3952
3953
3954
3955
3956
3957
3958
3959
3960
3961
3962
3963
3964
3965
3966
3967
3968
3969
3970
3971
3972
3973
3974
3975
3976
3977
3978
3979
3980
3981
3982
3983
3984
3985
3986
3987
3988
3989
3990
3991
3992
3993
3994
3995
3996
3997
3998
3999
4000
4001
4002
4003
4004
4005
4006
4007
4008
4009
4010
4011
4012
4013
4014
4015
4016
4017
4018
4019
4020
4021
4022
4023
4024
4025
4026
4027
4028
4029
4030
4031
4032
4033
4034
4035
4036
4037
4038
4039
4040
4041
4042
4043
4044
4045
4046
4047
4048
4049
4050
4051
4052
4053
4054
4055
4056
4057
4058
4059
4060
4061
4062
4063
4064
4065
4066
4067
4068
4069
4070
4071
4072
4073
4074
4075
4076
4077
4078
4079
4080
4081
4082
4083
4084
4085
4086
4087
4088
4089
4090
4091
4092
4093
4094
4095
4096
4097
4098
4099
4100
4101
4102
4103
4104
4105
4106
4107
4108
4109
4110
4111
4112
4113
4114
4115
4116
4117
4118
4119
4120
4121
4122
4123
4124
4125
4126
4127
4128
4129
4130
4131
4132
4133
4134
4135
4136
4137
4138
4139
4140
4141
4142
4143
4144
4145
4146
4147
4148
4149
4150
4151
4152
4153
4154
4155
4156
4157
4158
4159
4160
4161
4162
4163
4164
4165
4166
4167
4168
4169
4170
4171
4172
4173
4174
4175
4176
4177
4178
4179
4180
4181
4182
4183
4184
4185
4186
4187
4188
4189
4190
4191
4192
4193
4194
4195
4196
4197
4198
4199
4200
4201
4202
4203
4204
4205
4206
4207
4208
4209
4210
4211
4212
4213
4214
4215
4216
4217
4218
4219
4220
4221
4222
4223
4224
4225
4226
4227
4228
4229
4230
4231
4232
4233
4234
4235
4236
4237
4238
4239
4240
4241
4242
4243
4244
4245
4246
4247
4248
4249
4250
4251
4252
4253
4254
4255
4256
4257
4258
4259
4260
4261
4262
4263
4264
4265
4266
4267
4268
4269
4270
4271
4272
4273
4274
4275
4276
4277
4278
4279
4280
4281
4282
4283
4284
4285
4286
4287
4288
4289
4290
4291
4292
4293
4294
4295
4296
4297
4298
4299
4300
4301
4302
4303
4304
4305
4306
4307
4308
4309
4310
4311
4312
4313
4314
4315
4316
4317
4318
4319
4320
4321
4322
4323
4324
4325
4326
4327
4328
4329
4330
4331
4332
4333
4334
4335
4336
4337
4338
4339
4340
4341
4342
4343
4344
4345
4346
4347
4348
4349
4350
4351
4352
4353
4354
4355
4356
4357
4358
4359
4360
4361
4362
4363
4364
4365
4366
4367
4368
4369
4370
4371
4372
4373
4374
4375
4376
4377
4378
4379
4380
4381
4382
4383
4384
4385
4386
4387
4388
4389
4390
4391
4392
4393
4394
4395
4396
4397
4398
4399
4400
4401
4402
4403
4404
4405
4406
4407
4408
4409
4410
4411
4412
4413
4414
4415
4416
4417
4418
4419
4420
4421
4422
4423
4424
4425
4426
4427
4428
4429
4430
4431
4432
4433
4434
4435
4436
4437
4438
4439
4440
4441
4442
4443
4444
4445
4446
4447
4448
4449
4450
4451
4452
4453
4454
4455
4456
4457
4458
4459
4460
4461
4462
4463
4464
4465
4466
4467
4468
4469
4470
4471
4472
4473
4474
4475
4476
4477
4478
4479
4480
4481
4482
4483
4484
4485
4486
4487
4488
4489
4490
4491
4492
4493
4494
4495
4496
4497
4498
4499
4500
4501
4502
4503
4504
4505
4506
4507
4508
4509
4510
4511
4512
4513
4514
4515
4516
4517
4518
4519
4520
4521
4522
4523
4524
4525
4526
4527
4528
4529
4530
4531
4532
4533
4534
4535
4536
4537
4538
4539
4540
4541
4542
4543
4544
4545
4546
4547
4548
4549
4550
4551
4552
4553
4554
4555
4556
4557
4558
4559
4560
4561
4562
4563
4564
4565
4566
4567
4568
4569
4570
4571
4572
4573
4574
4575
4576
4577
4578
4579
4580
4581
4582
4583
4584
4585
4586
4587
4588
4589
4590
4591
4592
4593
4594
4595
4596
4597
4598
4599
4600
4601
4602
4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
4633
4634
4635
4636
4637
4638
4639
4640
4641
4642
4643
4644
4645
4646
4647
4648
4649
4650
4651
4652
4653
4654
4655
4656
4657
4658
4659
4660
4661
4662
4663
4664
4665
4666
4667
4668
4669
4670
4671
4672
4673
4674
4675
4676
4677
4678
4679
4680
4681
4682
4683
4684
4685
4686
4687
4688
4689
4690
4691
4692
4693
4694
4695
4696
4697
4698
4699
4700
4701
4702
4703
4704
4705
4706
4707
4708
4709
4710
4711
4712
4713
4714
4715
4716
4717
4718
4719
4720
4721
4722
4723
4724
4725
4726
4727
4728
4729
4730
4731
4732
4733
4734
4735
4736
4737
4738
4739
4740
4741
4742
4743
4744
4745
4746
4747
4748
4749
4750
4751
4752
4753
4754
4755
4756
4757
4758
4759
4760
4761
4762
4763
4764
4765
4766
4767
4768
4769
4770
4771
4772
4773
4774
4775
4776
4777
4778
4779
4780
4781
4782
4783
4784
4785
4786
4787
4788
4789
4790
4791
4792
4793
4794
4795
4796
4797
4798
4799
4800
4801
4802
4803
4804
4805
4806
4807
4808
4809
4810
4811
4812
4813
4814
4815
4816
4817
4818
4819
4820
4821
4822
4823
4824
4825
4826
4827
4828
4829
4830
4831
4832
4833
4834
4835
4836
4837
4838
4839
4840
4841
4842
4843
4844
4845
4846
4847
4848
4849
4850
4851
4852
4853
4854
4855
4856
4857
4858
4859
4860
4861
4862
4863
4864
4865
4866
4867
4868
4869
4870
4871
4872
4873
4874
4875
4876
4877
4878
4879
4880
4881
4882
4883
4884
4885
4886
4887
4888
4889
4890
4891
4892
4893
4894
4895
4896
4897
4898
4899
4900
4901
4902
4903
4904
4905
4906
4907
4908
4909
4910
4911
4912
4913
4914
4915
4916
4917
4918
4919
4920
4921
4922
4923
4924
4925
4926
4927
4928
4929
4930
4931
4932
4933
4934
4935
4936
4937
4938
4939
4940
4941
4942
4943
4944
4945
4946
4947
4948
4949
4950
4951
4952
4953
4954
4955
4956
4957
4958
4959
4960
4961
4962
4963
4964
4965
4966
4967
4968
4969
4970
4971
4972
4973
4974
4975
4976
4977
4978
4979
4980
4981
4982
4983
4984
4985
4986
4987
4988
4989
4990
4991
4992
4993
4994
4995
4996
4997
4998
4999
5000
5001
5002
5003
5004
5005
5006
5007
5008
5009
5010
5011
5012
5013
5014
5015
5016
5017
5018
5019
5020
5021
5022
5023
5024
5025
5026
5027
5028
5029
5030
5031
5032
5033
5034
5035
5036
5037
5038
5039
5040
5041
5042
5043
5044
5045
5046
5047
5048
5049
5050
5051
5052
5053
5054
5055
5056
5057
5058
5059
5060
5061
5062
5063
5064
5065
5066
5067
5068
5069
5070
5071
5072
5073
5074
5075
5076
5077
5078
5079
5080
5081
5082
5083
5084
5085
5086
5087
5088
5089
5090
5091
5092
5093
5094
5095
5096
5097
5098
5099
5100
5101
5102
5103
5104
5105
5106
5107
5108
5109
5110
5111
5112
5113
5114
5115
5116
5117
5118
5119
5120
5121
5122
5123
5124
5125
5126
5127
5128
5129
5130
5131
5132
5133
5134
5135
5136
5137
5138
5139
5140
5141
5142
5143
5144
5145
5146
5147
5148
5149
5150
5151
5152
5153
5154
5155
5156
5157
5158
5159
5160
5161
5162
5163
5164
5165
5166
5167
5168
5169
5170
5171
5172
5173
5174
5175
5176
5177
5178
5179
5180
5181
5182
5183
5184
5185
5186
5187
5188
5189
5190
5191
5192
5193
5194
5195
5196
5197
5198
5199
5200
5201
5202
5203
5204
5205
5206
5207
5208
5209
5210
5211
5212
5213
5214
5215
5216
5217
5218
5219
5220
5221
5222
5223
5224
5225
5226
5227
5228
5229
5230
5231
5232
5233
5234
5235
5236
5237
5238
5239
5240
5241
5242
5243
5244
5245
5246
5247
5248
5249
5250
5251
5252
5253
5254
5255
5256
5257
5258
5259
5260
5261
5262
5263
5264
5265
5266
5267
5268
5269
5270
5271
5272
5273
5274
5275
5276
5277
5278
5279
5280
5281
5282
5283
5284
5285
5286
5287
5288
5289
5290
5291
5292
5293
5294
5295
5296
5297
5298
5299
5300
5301
5302
5303
5304
5305
5306
5307
5308
5309
5310
5311
5312
5313
5314
5315
5316
5317
5318
5319
5320
5321
5322
5323
5324
5325
5326
5327
5328
5329
5330
5331
5332
5333
5334
5335
5336
5337
5338
5339
5340
5341
5342
5343
5344
5345
5346
5347
5348
5349
5350
5351
5352
5353
5354
5355
5356
5357
5358
5359
5360
5361
5362
5363
5364
5365
5366
5367
5368
5369
5370
5371
5372
5373
5374
5375
5376
5377
5378
5379
5380
5381
5382
5383
5384
5385
5386
5387
5388
5389
5390
5391
5392
5393
5394
5395
5396
5397
5398
5399
5400
5401
5402
5403
5404
5405
5406
5407
5408
5409
5410
5411
5412
5413
5414
5415
5416
5417
5418
5419
5420
5421
5422
5423
5424
5425
5426
5427
5428
5429
5430
5431
5432
5433
5434
5435
5436
5437
5438
5439
5440
5441
5442
5443
5444
5445
5446
5447
5448
5449
5450
5451
5452
5453
5454
5455
5456
5457
5458
5459
5460
5461
5462
5463
5464
5465
5466
5467
5468
5469
5470
5471
5472
5473
5474
5475
5476
5477
5478
5479
5480
5481
5482
5483
5484
5485
5486
5487
5488
5489
5490
5491
5492
5493
5494
5495
5496
5497
5498
5499
5500
5501
5502
5503
5504
5505
5506
5507
5508
5509
5510
5511
5512
5513
5514
5515
5516
5517
5518
5519
5520
5521
5522
5523
5524
5525
5526
5527
5528
5529
5530
5531
5532
5533
5534
5535
5536
5537
5538
5539
5540
5541
5542
5543
5544
5545
5546
5547
5548
5549
5550
5551
5552
5553
5554
5555
5556
5557
5558
5559
5560
5561
5562
5563
5564
5565
5566
5567
5568
5569
5570
5571
5572
5573
5574
5575
5576
5577
5578
5579
5580
5581
5582
5583
5584
5585
5586
5587
5588
5589
5590
5591
5592
5593
5594
5595
5596
5597
5598
5599
5600
5601
5602
5603
5604
5605
5606
5607
5608
5609
5610
5611
5612
5613
5614
5615
5616
5617
5618
5619
5620
5621
5622
5623
5624
5625
5626
5627
5628
5629
5630
5631
5632
5633
5634
5635
5636
5637
5638
5639
5640
5641
5642
5643
5644
5645
5646
5647
5648
5649
5650
5651
5652
5653
5654
5655
5656
5657
5658
5659
5660
5661
5662
5663
5664
5665
5666
5667
5668
5669
5670
5671
5672
5673
5674
5675
5676
5677
5678
5679
5680
5681
5682
5683
5684
5685
5686
5687
5688
5689
5690
5691
5692
5693
5694
5695
5696
5697
5698
5699
5700
5701
5702
5703
5704
5705
5706
5707
5708
5709
5710
5711
5712
5713
5714
5715
5716
5717
5718
5719
5720
5721
5722
5723
5724
5725
5726
5727
5728
5729
5730
5731
5732
5733
5734
5735
5736
5737
5738
5739
5740
5741
5742
5743
5744
5745
5746
5747
5748
5749
5750
5751
5752
5753
5754
5755
5756
5757
5758
5759
5760
5761
5762
5763
5764
5765
5766
5767
5768
5769
5770
5771
5772
5773
5774
5775
5776
5777
5778
5779
5780
5781
5782
5783
5784
5785
5786
5787
5788
5789
5790
5791
5792
5793
5794
5795
5796
5797
5798
5799
5800
5801
5802
5803
5804
5805
5806
5807
5808
5809
5810
5811
5812
5813
5814
5815
5816
5817
5818
5819
5820
5821
5822
5823
5824
5825
5826
5827
5828
5829
5830
5831
5832
5833
5834
5835
5836
5837
5838
5839
5840
5841
5842
5843
5844
5845
5846
5847
5848
5849
5850
5851
5852
5853
5854
5855
5856
5857
5858
5859
5860
5861
5862
5863
5864
5865
5866
5867
5868
5869
5870
5871
5872
5873
5874
5875
5876
5877
5878
5879
5880
5881
5882
5883
5884
5885
5886
5887
5888
5889
5890
5891
5892
5893
5894
5895
5896
5897
5898
5899
5900
5901
5902
5903
5904
5905
5906
5907
5908
5909
5910
5911
5912
5913
5914
5915
5916
5917
5918
5919
5920
5921
5922
5923
5924
5925
5926
5927
5928
5929
5930
5931
5932
5933
5934
5935
5936
5937
5938
5939
5940
5941
5942
5943
5944
5945
5946
5947
5948
5949
5950
5951
5952
5953
5954
5955
5956
5957
5958
5959
5960
5961
5962
5963
5964
5965
5966
5967
5968
5969
5970
5971
5972
5973
5974
5975
5976
5977
5978
5979
5980
5981
5982
5983
5984
5985
5986
5987
5988
5989
5990
5991
5992
5993
5994
5995
5996
5997
5998
5999
6000
6001
6002
6003
6004
6005
6006
6007
6008
6009
6010
6011
6012
6013
6014
6015
6016
6017
6018
6019
6020
6021
6022
6023
6024
6025
6026
6027
6028
6029
6030
6031
6032
6033
6034
6035
6036
6037
6038
6039
6040
6041
6042
6043
6044
6045
6046
6047
6048
6049
6050
6051
6052
6053
6054
6055
6056
6057
6058
6059
6060
6061
6062
6063
6064
6065
6066
6067
6068
6069
6070
6071
6072
6073
6074
6075
6076
6077
6078
6079
6080
6081
6082
6083
6084
6085
6086
6087
6088
6089
6090
6091
6092
6093
6094
6095
6096
6097
6098
6099
6100
6101
6102
6103
6104
6105
6106
6107
6108
6109
6110
6111
6112
6113
6114
6115
6116
6117
6118
6119
6120
6121
6122
6123
6124
6125
6126
6127
6128
6129
6130
6131
6132
6133
6134
6135
6136
6137
6138
6139
6140
6141
6142
6143
6144
6145
6146
6147
6148
6149
6150
6151
6152
6153
6154
6155
6156
6157
6158
6159
6160
6161
6162
6163
6164
6165
6166
6167
6168
6169
6170
6171
6172
6173
6174
6175
6176
6177
6178
6179
6180
6181
6182
6183
6184
6185
6186
6187
6188
6189
6190
6191
6192
6193
6194
6195
6196
6197
6198
6199
6200
6201
6202
6203
6204
6205
6206
6207
6208
6209
6210
6211
6212
6213
6214
6215
6216
6217
6218
6219
6220
6221
6222
6223
6224
6225
6226
6227
6228
6229
6230
6231
6232
6233
6234
6235
6236
6237
6238
6239
6240
6241
6242
6243
6244
6245
6246
6247
6248
6249
6250
6251
6252
6253
6254
6255
6256
6257
6258
6259
6260
6261
6262
6263
6264
6265
6266
6267
6268
6269
6270
6271
6272
6273
6274
6275
6276
6277
6278
6279
6280
6281
6282
6283
6284
6285
6286
6287
6288
6289
6290
6291
6292
6293
6294
6295
6296
6297
6298
6299
6300
6301
6302
6303
6304
6305
6306
6307
6308
6309
6310
6311
6312
6313
6314
6315
6316
6317
6318
6319
6320
6321
6322
6323
6324
6325
6326
6327
6328
6329
6330
6331
6332
6333
6334
6335
6336
6337
6338
6339
6340
6341
6342
6343
6344
6345
6346
6347
6348
6349
6350
6351
6352
6353
6354
6355
6356
6357
6358
6359
6360
6361
6362
6363
6364
6365
6366
6367
6368
6369
6370
6371
6372
6373
6374
6375
6376
6377
6378
6379
6380
6381
6382
6383
6384
6385
6386
6387
6388
6389
6390
6391
6392
6393
6394
6395
6396
6397
6398
6399
6400
6401
6402
6403
6404
6405
6406
6407
6408
6409
6410
6411
6412
6413
6414
6415
6416
6417
6418
6419
6420
6421
6422
6423
6424
6425
6426
6427
6428
6429
6430
6431
6432
6433
6434
6435
6436
6437
6438
6439
6440
6441
6442
6443
6444
6445
6446
6447
6448
6449
6450
6451
6452
6453
6454
6455
6456
6457
6458
6459
6460
6461
6462
6463
6464
6465
6466
6467
6468
6469
6470
6471
6472
6473
6474
6475
6476
6477
6478
6479
6480
6481
6482
6483
6484
6485
6486
6487
6488
6489
6490
6491
6492
6493
6494
6495
6496
6497
6498
6499
6500
6501
6502
6503
6504
6505
6506
6507
6508
6509
6510
6511
6512
6513
6514
6515
6516
6517
6518
6519
6520
6521
6522
6523
6524
6525
6526
6527
6528
6529
6530
6531
6532
6533
6534
6535
6536
6537
6538
6539
6540
6541
6542
6543
6544
6545
6546
6547
6548
6549
6550
6551
6552
6553
6554
6555
6556
6557
6558
6559
6560
6561
6562
6563
6564
6565
6566
6567
6568
6569
6570
6571
6572
6573
6574
6575
6576
6577
6578
6579
6580
6581
6582
6583
6584
6585
6586
6587
6588
6589
6590
6591
6592
6593
6594
6595
6596
6597
6598
6599
6600
6601
6602
6603
6604
6605
6606
6607
6608
6609
6610
6611
6612
6613
6614
6615
6616
6617
6618
6619
6620
6621
6622
6623
6624
6625
6626
6627
6628
6629
6630
6631
6632
6633
6634
6635
6636
6637
6638
6639
6640
6641
6642
6643
6644
6645
6646
6647
6648
6649
6650
6651
6652
6653
6654
6655
6656
6657
6658
6659
6660
6661
6662
6663
6664
6665
6666
6667
6668
6669
6670
6671
6672
6673
6674
6675
6676
6677
6678
6679
6680
6681
6682
6683
6684
6685
6686
6687
6688
6689
6690
6691
6692
6693
6694
6695
6696
6697
6698
6699
6700
6701
6702
6703
6704
6705
6706
6707
6708
6709
6710
6711
6712
6713
6714
6715
6716
6717
6718
6719
6720
6721
6722
6723
6724
6725
6726
6727
6728
6729
6730
6731
6732
6733
6734
6735
6736
6737
6738
6739
6740
6741
6742
6743
6744
6745
6746
6747
6748
6749
6750
6751
6752
6753
6754
6755
6756
6757
6758
6759
6760
6761
6762
6763
6764
6765
6766
6767
6768
6769
6770
6771
6772
6773
6774
6775
6776
6777
6778
6779
6780
6781
6782
6783
6784
6785
6786
6787
6788
6789
6790
6791
6792
6793
6794
6795
6796
6797
6798
6799
6800
6801
6802
6803
6804
6805
6806
6807
6808
6809
6810
6811
6812
6813
6814
6815
6816
6817
6818
6819
6820
6821
6822
6823
6824
6825
6826
6827
6828
6829
6830
6831
6832
6833
6834
6835
6836
6837
6838
6839
6840
6841
6842
6843
6844
6845
6846
6847
6848
6849
6850
6851
6852
6853
6854
6855
6856
6857
6858
6859
6860
6861
6862
6863
6864
6865
6866
6867
6868
6869
6870
6871
6872
6873
6874
6875
6876
6877
6878
6879
6880
6881
6882
6883
6884
6885
6886
6887
6888
6889
6890
6891
6892
6893
6894
6895
6896
6897
6898
6899
6900
6901
6902
6903
6904
6905
6906
6907
6908
6909
6910
6911
6912
6913
6914
6915
6916
6917
6918
6919
6920
6921
6922
6923
6924
6925
6926
6927
6928
6929
6930
6931
6932
6933
6934
6935
6936
6937
6938
6939
6940
6941
6942
6943
6944
6945
6946
6947
6948
6949
6950
6951
6952
6953
6954
6955
6956
6957
6958
6959
6960
6961
6962
6963
6964
6965
6966
6967
6968
6969
6970
6971
6972
6973
6974
6975
6976
6977
6978
6979
6980
6981
6982
6983
6984
6985
6986
6987
6988
6989
6990
6991
6992
6993
6994
6995
6996
6997
6998
6999
7000
7001
7002
7003
7004
7005
7006
7007
7008
7009
7010
7011
7012
7013
7014
7015
7016
7017
7018
7019
7020
7021
7022
7023
7024
7025
7026
7027
7028
7029
7030
7031
7032
7033
7034
7035
7036
7037
7038
7039
7040
7041
7042
7043
7044
7045
7046
7047
7048
7049
7050
7051
7052
7053
7054
7055
7056
7057
7058
7059
7060
7061
7062
7063
7064
7065
7066
7067
7068
7069
7070
7071
7072
7073
7074
7075
7076
7077
7078
7079
7080
7081
7082
7083
7084
7085
7086
7087
7088
7089
7090
7091
7092
7093
7094
7095
7096
7097
7098
7099
7100
7101
7102
7103
7104
7105
7106
7107
7108
7109
7110
7111
7112
7113
7114
7115
7116
7117
7118
7119
7120
7121
7122
7123
7124
7125
7126
7127
7128
7129
7130
7131
7132
7133
7134
7135
7136
7137
7138
7139
7140
7141
7142
7143
7144
7145
7146
7147
7148
7149
7150
7151
7152
7153
7154
7155
7156
7157
7158
7159
7160
7161
7162
7163
7164
7165
7166
7167
7168
7169
7170
7171
7172
7173
7174
7175
7176
7177
7178
7179
7180
7181
7182
7183
7184
7185
7186
7187
7188
7189
7190
7191
7192
7193
7194
7195
7196
7197
7198
7199
7200
7201
7202
7203
7204
7205
7206
7207
7208
7209
7210
7211
7212
7213
7214
7215
7216
7217
7218
7219
7220
7221
7222
7223
7224
7225
7226
7227
7228
7229
7230
7231
7232
7233
7234
7235
7236
7237
7238
7239
7240
7241
7242
7243
7244
7245
7246
7247
7248
7249
7250
7251
7252
7253
7254
7255
7256
7257
7258
7259
7260
7261
7262
7263
7264
7265
7266
7267
7268
7269
7270
7271
7272
7273
7274
7275
7276
7277
7278
7279
7280
7281
7282
7283
7284
7285
7286
7287
7288
7289
7290
7291
7292
7293
7294
7295
7296
7297
7298
7299
7300
7301
7302
7303
7304
7305
7306
7307
7308
7309
7310
7311
7312
7313
7314
7315
7316
7317
7318
7319
7320
7321
7322
7323
7324
7325
7326
7327
7328
7329
7330
7331
7332
7333
7334
7335
7336
7337
7338
7339
7340
7341
7342
7343
7344
7345
7346
7347
7348
7349
7350
7351
7352
7353
7354
7355
7356
7357
7358
7359
7360
7361
7362
7363
7364
7365
7366
7367
7368
7369
7370
7371
7372
7373
7374
7375
7376
7377
7378
7379
7380
7381
7382
7383
7384
7385
7386
7387
7388
7389
7390
7391
7392
7393
7394
7395
7396
7397
7398
7399
7400
7401
7402
7403
7404
7405
7406
7407
7408
7409
7410
7411
7412
7413
7414
7415
7416
7417
7418
7419
7420
7421
7422
7423
7424
7425
7426
7427
7428
7429
7430
7431
7432
7433
7434
7435
7436
7437
7438
7439
7440
7441
7442
7443
7444
7445
7446
7447
7448
7449
7450
7451
7452
7453
7454
7455
7456
7457
7458
7459
7460
7461
7462
7463
7464
7465
7466
7467
7468
7469
7470
7471
7472
7473
7474
7475
7476
7477
7478
7479
7480
7481
7482
7483
7484
7485
7486
7487
7488
7489
7490
7491
7492
7493
7494
7495
7496
7497
7498
7499
7500
7501
7502
7503
7504
7505
7506
7507
7508
7509
7510
7511
7512
7513
7514
7515
7516
7517
7518
7519
7520
7521
7522
7523
7524
7525
7526
7527
7528
7529
7530
7531
7532
7533
7534
7535
7536
7537
7538
7539
7540
7541
7542
7543
7544
7545
7546
7547
7548
7549
7550
7551
7552
7553
7554
7555
7556
7557
7558
7559
7560
7561
7562
7563
7564
7565
7566
7567
7568
7569
7570
7571
7572
7573
7574
7575
7576
7577
7578
7579
7580
7581
7582
7583
7584
7585
7586
7587
7588
7589
7590
7591
7592
7593
7594
7595
7596
7597
7598
7599
7600
7601
7602
7603
7604
7605
7606
7607
7608
7609
7610
7611
7612
7613
7614
7615
7616
7617
7618
7619
7620
7621
7622
7623
7624
7625
7626
7627
7628
7629
7630
7631
7632
7633
7634
7635
7636
7637
7638
7639
7640
7641
7642
7643
7644
7645
7646
7647
7648
7649
7650
7651
7652
7653
7654
7655
7656
7657
7658
7659
7660
7661
7662
7663
7664
7665
7666
7667
7668
7669
7670
7671
7672
7673
7674
7675
7676
7677
7678
7679
7680
7681
7682
7683
7684
7685
7686
7687
7688
7689
7690
7691
7692
7693
7694
7695
7696
7697
7698
7699
7700
7701
7702
7703
7704
7705
7706
7707
7708
7709
7710
7711
7712
7713
7714
7715
7716
7717
7718
7719
7720
7721
7722
7723
7724
7725
7726
7727
7728
7729
7730
7731
7732
7733
7734
7735
7736
7737
7738
7739
7740
7741
7742
7743
7744
7745
7746
7747
7748
7749
7750
7751
7752
7753
7754
7755
7756
7757
7758
7759
7760
7761
7762
7763
7764
7765
7766
7767
7768
7769
7770
7771
7772
7773
7774
7775
7776
7777
7778
7779
7780
7781
7782
7783
7784
7785
7786
7787
7788
7789
7790
7791
7792
7793
7794
7795
7796
7797
7798
7799
7800
7801
7802
7803
7804
7805
7806
7807
7808
7809
7810
7811
7812
7813
7814
7815
7816
7817
7818
7819
7820
7821
7822
7823
7824
7825
7826
7827
7828
7829
7830
7831
7832
7833
7834
7835
7836
7837
7838
7839
7840
7841
7842
7843
7844
7845
7846
7847
7848
7849
7850
7851
7852
7853
7854
7855
7856
7857
7858
7859
7860
7861
7862
7863
7864
7865
7866
7867
7868
7869
7870
7871
7872
7873
7874
7875
7876
7877
7878
7879
7880
7881
7882
7883
7884
7885
7886
7887
7888
7889
7890
7891
7892
7893
7894
7895
7896
7897
7898
7899
7900
7901
7902
7903
7904
7905
7906
7907
7908
7909
7910
7911
7912
7913
7914
7915
7916
7917
7918
7919
7920
7921
7922
7923
7924
7925
7926
7927
7928
7929
7930
7931
7932
7933
7934
7935
7936
7937
7938
7939
7940
7941
7942
7943
7944
7945
7946
7947
7948
7949
7950
7951
7952
7953
7954
7955
7956
7957
7958
7959
7960
7961
7962
7963
7964
7965
7966
7967
7968
7969
7970
7971
7972
7973
7974
7975
7976
7977
7978
7979
7980
7981
7982
7983
7984
7985
7986
7987
7988
7989
7990
7991
7992
7993
7994
7995
7996
7997
7998
7999
8000
8001
8002
8003
8004
8005
8006
8007
8008
8009
8010
8011
8012
8013
8014
8015
8016
8017
8018
8019
8020
8021
8022
8023
8024
8025
8026
8027
8028
8029
8030
8031
8032
8033
8034
8035
8036
8037
8038
8039
8040
8041
8042
8043
8044
8045
8046
8047
8048
8049
8050
8051
8052
8053
8054
8055
8056
8057
8058
8059
8060
8061
8062
8063
8064
8065
8066
8067
8068
8069
8070
8071
8072
8073
8074
8075
8076
8077
8078
8079
8080
8081
8082
8083
8084
8085
8086
8087
8088
8089
8090
8091
8092
8093
8094
8095
8096
8097
8098
8099
8100
8101
8102
8103
8104
8105
8106
8107
8108
8109
8110
8111
8112
8113
8114
8115
8116
8117
8118
8119
8120
8121
8122
8123
8124
8125
8126
8127
8128
8129
8130
8131
8132
8133
8134
8135
8136
8137
8138
8139
8140
8141
8142
8143
8144
8145
8146
8147
8148
8149
8150
8151
8152
8153
8154
8155
8156
8157
8158
8159
8160
8161
8162
8163
8164
8165
8166
8167
8168
8169
8170
8171
8172
8173
8174
8175
8176
8177
8178
8179
8180
8181
8182
8183
8184
8185
8186
8187
8188
8189
8190
8191
8192
8193
8194
8195
8196
8197
8198
8199
8200
8201
8202
8203
8204
8205
8206
8207
8208
8209
8210
8211
8212
8213
8214
8215
8216
8217
8218
8219
8220
8221
8222
8223
8224
8225
8226
8227
8228
8229
8230
8231
8232
8233
8234
8235
8236
8237
8238
8239
8240
8241
8242
8243
8244
8245
8246
8247
8248
8249
8250
8251
8252
8253
8254
8255
8256
8257
8258
8259
8260
8261
8262
8263
8264
8265
8266
8267
8268
8269
8270
8271
8272
8273
8274
8275
8276
8277
8278
8279
8280
8281
8282
8283
8284
8285
8286
8287
8288
8289
8290
8291
8292
8293
8294
8295
8296
8297
8298
8299
8300
8301
8302
8303
8304
8305
8306
8307
8308
8309
8310
8311
8312
8313
8314
8315
8316
8317
8318
8319
8320
8321
8322
8323
8324
8325
8326
8327
8328
8329
8330
8331
8332
8333
8334
8335
8336
8337
8338
8339
8340
8341
8342
8343
8344
8345
8346
8347
8348
8349
8350
8351
8352
8353
8354
8355
8356
8357
8358
8359
8360
8361
8362
8363
8364
8365
8366
8367
8368
8369
8370
8371
8372
8373
8374
8375
8376
8377
8378
8379
8380
8381
8382
8383
8384
8385
8386
8387
8388
8389
8390
8391
8392
8393
8394
8395
8396
8397
8398
8399
8400
8401
8402
8403
8404
8405
8406
8407
8408
8409
8410
8411
8412
8413
8414
8415
8416
8417
8418
8419
8420
8421
8422
8423
8424
8425
8426
8427
8428
8429
8430
8431
8432
8433
8434
8435
8436
8437
8438
8439
8440
8441
8442
8443
8444
8445
8446
8447
8448
8449
8450
8451
8452
8453
8454
8455
8456
8457
8458
8459
8460
8461
8462
8463
8464
8465
8466
8467
8468
8469
8470
8471
8472
8473
8474
8475
8476
8477
8478
8479
8480
8481
8482
8483
8484
8485
8486
8487
8488
8489
8490
8491
8492
8493
8494
8495
8496
8497
8498
8499
8500
8501
8502
8503
8504
8505
8506
8507
8508
8509
8510
8511
8512
8513
8514
8515
8516
8517
8518
8519
8520
8521
8522
8523
8524
8525
8526
8527
8528
8529
8530
8531
8532
8533
8534
8535
8536
8537
8538
8539
8540
8541
8542
8543
8544
8545
8546
8547
8548
8549
8550
8551
8552
8553
8554
8555
8556
8557
8558
8559
8560
8561
8562
8563
8564
8565
8566
8567
8568
8569
8570
8571
8572
8573
8574
8575
8576
8577
8578
8579
8580
8581
8582
8583
8584
8585
8586
8587
8588
8589
8590
8591
8592
8593
8594
8595
8596
8597
8598
8599
8600
8601
8602
8603
8604
8605
8606
8607
8608
8609
8610
8611
8612
8613
8614
8615
8616
8617
8618
8619
8620
8621
8622
8623
8624
8625
8626
8627
8628
8629
8630
8631
8632
8633
8634
8635
8636
8637
8638
8639
8640
8641
8642
8643
8644
8645
8646
8647
8648
8649
8650
8651
8652
8653
8654
8655
8656
8657
8658
8659
8660
8661
8662
8663
8664
8665
8666
8667
8668
8669
8670
8671
8672
8673
8674
8675
8676
8677
8678
8679
8680
8681
8682
8683
8684
8685
8686
8687
8688
8689
8690
8691
8692
8693
8694
8695
8696
8697
8698
8699
8700
8701
8702
8703
8704
8705
8706
8707
8708
8709
8710
8711
8712
8713
8714
8715
8716
8717
8718
8719
8720
8721
8722
8723
8724
8725
8726
8727
8728
8729
8730
8731
8732
8733
8734
8735
8736
8737
8738
8739
8740
8741
8742
8743
8744
8745
8746
8747
8748
8749
8750
8751
8752
8753
8754
8755
8756
8757
8758
8759
8760
8761
8762
8763
8764
8765
8766
8767
8768
8769
8770
8771
8772
8773
8774
8775
8776
8777
8778
8779
8780
8781
8782
8783
8784
8785
8786
8787
8788
8789
8790
8791
8792
8793
8794
8795
8796
8797
8798
8799
8800
8801
8802
8803
8804
8805
8806
8807
8808
8809
8810
8811
8812
8813
8814
8815
8816
8817
8818
8819
8820
8821
8822
8823
8824
8825
8826
8827
8828
8829
8830
8831
8832
8833
8834
8835
8836
8837
8838
8839
8840
8841
8842
8843
8844
8845
8846
8847
8848
8849
8850
8851
8852
8853
8854
8855
8856
8857
8858
8859
8860
8861
8862
8863
8864
8865
8866
8867
8868
8869
8870
8871
8872
8873
8874
8875
8876
8877
8878
8879
8880
8881
8882
8883
8884
8885
8886
8887
8888
8889
8890
8891
8892
8893
8894
8895
8896
8897
8898
8899
8900
8901
8902
8903
8904
8905
8906
8907
8908
8909
8910
8911
8912
8913
8914
8915
8916
8917
8918
8919
8920
8921
8922
8923
8924
8925
8926
8927
8928
8929
8930
8931
8932
8933
8934
8935
8936
8937
8938
8939
8940
8941
8942
8943
8944
8945
8946
8947
8948
8949
8950
8951
8952
8953
8954
8955
8956
8957
8958
8959
8960
8961
8962
8963
8964
8965
8966
8967
8968
8969
8970
8971
8972
8973
8974
8975
8976
8977
8978
8979
8980
8981
8982
8983
8984
8985
8986
8987
8988
8989
8990
8991
8992
8993
8994
8995
8996
8997
8998
8999
9000
9001
9002
9003
9004
9005
9006
9007
9008
9009
9010
9011
9012
9013
9014
9015
9016
9017
9018
9019
9020
9021
9022
9023
9024
9025
9026
9027
9028
9029
9030
9031
9032
9033
9034
9035
9036
9037
9038
9039
9040
9041
9042
9043
9044
9045
9046
9047
9048
9049
9050
9051
9052
9053
9054
9055
9056
9057
9058
9059
9060
9061
9062
9063
9064
9065
9066
9067
9068
9069
9070
9071
9072
9073
9074
9075
9076
9077
9078
9079
9080
9081
9082
9083
9084
9085
9086
9087
9088
9089
9090
9091
9092
9093
9094
9095
9096
9097
9098
9099
9100
9101
9102
9103
9104
9105
9106
9107
9108
9109
9110
9111
9112
9113
9114
9115
9116
9117
9118
9119
9120
9121
9122
9123
9124
9125
9126
9127
9128
9129
9130
9131
9132
9133
9134
9135
9136
9137
9138
9139
9140
9141
9142
9143
9144
9145
9146
9147
9148
9149
9150
9151
9152
9153
9154
9155
9156
9157
9158
9159
9160
9161
9162
9163
9164
9165
9166
9167
9168
9169
9170
9171
9172
9173
9174
9175
9176
9177
9178
9179
9180
9181
9182
9183
9184
9185
9186
9187
9188
9189
9190
9191
9192
9193
9194
9195
9196
9197
9198
9199
9200
9201
9202
9203
9204
9205
9206
9207
9208
9209
9210
9211
9212
9213
9214
9215
9216
9217
9218
9219
9220
9221
9222
9223
9224
9225
9226
9227
9228
9229
9230
9231
9232
9233
9234
9235
9236
9237
9238
9239
9240
9241
9242
9243
9244
9245
9246
9247
9248
9249
9250
9251
9252
9253
9254
9255
9256
9257
9258
9259
9260
9261
9262
9263
9264
9265
9266
9267
9268
9269
9270
9271
9272
9273
9274
9275
9276
9277
9278
9279
9280
9281
9282
9283
9284
9285
9286
9287
9288
9289
9290
9291
9292
9293
9294
9295
9296
9297
9298
9299
9300
9301
9302
9303
9304
9305
9306
9307
9308
9309
9310
9311
9312
9313
9314
9315
9316
9317
9318
9319
9320
9321
9322
9323
9324
9325
9326
9327
9328
9329
9330
9331
9332
9333
9334
9335
9336
9337
9338
9339
9340
9341
9342
9343
9344
9345
9346
9347
9348
9349
9350
9351
9352
9353
9354
9355
9356
9357
9358
9359
9360
9361
9362
9363
9364
9365
9366
9367
9368
9369
9370
9371
9372
9373
9374
9375
9376
9377
9378
9379
9380
9381
9382
9383
9384
9385
9386
9387
9388
9389
9390
9391
9392
9393
9394
9395
9396
9397
9398
9399
9400
9401
9402
9403
9404
9405
9406
9407
9408
9409
9410
9411
9412
9413
9414
9415
9416
9417
9418
9419
9420
9421
9422
9423
9424
9425
9426
9427
9428
9429
9430
9431
9432
9433
9434
9435
9436
9437
9438
9439
9440
9441
9442
9443
9444
9445
9446
9447
9448
9449
9450
9451
9452
9453
9454
9455
9456
9457
9458
9459
9460
9461
9462
9463
9464
9465
9466
9467
9468
9469
9470
9471
9472
9473
9474
9475
9476
9477
9478
9479
9480
9481
9482
9483
9484
9485
9486
9487
9488
9489
9490
9491
9492
9493
9494
9495
9496
9497
9498
9499
9500
9501
9502
9503
9504
9505
9506
9507
9508
9509
9510
9511
9512
9513
9514
9515
9516
9517
9518
9519
9520
9521
9522
9523
9524
9525
9526
9527
9528
9529
9530
9531
9532
9533
9534
9535
9536
9537
9538
9539
9540
9541
9542
9543
9544
9545
9546
9547
9548
9549
9550
9551
9552
9553
9554
9555
9556
9557
9558
9559
9560
9561
9562
9563
9564
9565
9566
9567
9568
9569
9570
9571
9572
9573
9574
9575
9576
9577
9578
9579
9580
9581
9582
9583
9584
9585
9586
9587
9588
9589
9590
9591
9592
9593
9594
9595
9596
9597
9598
9599
9600
9601
9602
9603
9604
9605
9606
9607
9608
9609
9610
9611
9612
9613
9614
9615
9616
9617
9618
9619
9620
9621
9622
9623
9624
9625
9626
9627
9628
9629
9630
9631
9632
9633
9634
9635
9636
9637
9638
9639
9640
9641
9642
9643
9644
9645
9646
9647
9648
9649
9650
9651
9652
9653
9654
9655
9656
9657
9658
9659
9660
9661
9662
9663
9664
9665
9666
9667
9668
9669
9670
9671
9672
9673
9674
9675
9676
9677
9678
9679
9680
9681
9682
9683
9684
9685
9686
9687
9688
9689
9690
9691
9692
9693
9694
9695
9696
9697
9698
9699
9700
9701
9702
9703
9704
9705
9706
9707
9708
9709
9710
9711
9712
9713
9714
9715
9716
9717
9718
9719
9720
9721
9722
9723
9724
9725
9726
9727
9728
9729
9730
9731
9732
9733
9734
9735
9736
9737
9738
9739
9740
9741
9742
9743
9744
9745
9746
9747
9748
9749
9750
9751
9752
9753
9754
9755
9756
9757
9758
9759
9760
9761
9762
9763
9764
9765
9766
9767
9768
9769
9770
9771
9772
9773
9774
9775
9776
9777
9778
9779
9780
9781
9782
9783
9784
9785
9786
9787
9788
9789
9790
9791
9792
9793
9794
9795
9796
9797
9798
9799
9800
9801
9802
9803
9804
9805
9806
9807
9808
9809
9810
9811
9812
9813
9814
9815
9816
9817
9818
9819
9820
9821
9822
9823
9824
9825
9826
9827
9828
9829
9830
9831
9832
9833
9834
9835
9836
9837
9838
9839
9840
9841
9842
9843
9844
9845
9846
9847
9848
9849
9850
9851
9852
9853
9854
9855
9856
9857
9858
9859
9860
9861
9862
9863
9864
9865
9866
9867
9868
9869
9870
9871
9872
9873
9874
9875
9876
9877
9878
9879
9880
9881
9882
9883
9884
9885
9886
9887
9888
9889
9890
9891
9892
9893
9894
9895
9896
9897
9898
9899
9900
9901
9902
9903
9904
9905
9906
9907
9908
9909
9910
9911
9912
9913
9914
9915
9916
9917
9918
9919
9920
9921
9922
9923
9924
9925
9926
9927
9928
9929
9930
9931
9932
9933
9934
9935
9936
9937
9938
9939
9940
9941
9942
9943
9944
9945
9946
9947
9948
9949
9950
9951
9952
9953
9954
9955
9956
9957
9958
9959
9960
9961
9962
9963
9964
9965
9966
9967
9968
9969
9970
9971
9972
9973
9974
9975
9976
9977
9978
9979
9980
9981
9982
9983
9984
9985
9986
9987
9988
9989
9990
9991
9992
9993
9994
9995
9996
9997
9998
9999
10000
10001
10002
10003
10004
10005
10006
10007
10008
10009
10010
10011
10012
10013
10014
10015
10016
10017
10018
10019
10020
10021
10022
10023
10024
10025
10026
10027
10028
10029
10030
10031
10032
10033
10034
10035
10036
10037
10038
10039
10040
10041
10042
10043
10044
10045
10046
10047
10048
10049
10050
10051
10052
10053
10054
10055
10056
10057
10058
10059
10060
10061
10062
10063
10064
10065
10066
10067
10068
10069
10070
10071
10072
10073
10074
10075
10076
10077
10078
10079
10080
10081
10082
10083
10084
10085
10086
10087
10088
10089
10090
10091
10092
10093
10094
10095
10096
10097
10098
10099
10100
10101
10102
10103
10104
10105
10106
10107
10108
10109
10110
10111
10112
10113
10114
10115
10116
10117
10118
10119
10120
10121
10122
10123
10124
10125
10126
10127
10128
10129
10130
10131
10132
10133
10134
10135
10136
10137
10138
10139
10140
10141
10142
10143
10144
10145
10146
10147
10148
10149
10150
10151
10152
10153
10154
10155
10156
10157
10158
10159
10160
10161
10162
10163
10164
10165
10166
10167
10168
10169
10170
10171
10172
10173
10174
10175
10176
10177
10178
10179
10180
10181
10182
10183
10184
10185
10186
10187
10188
10189
10190
10191
10192
10193
10194
10195
10196
10197
10198
10199
10200
10201
10202
10203
10204
10205
10206
10207
10208
10209
10210
10211
10212
10213
10214
10215
10216
10217
10218
10219
10220
10221
10222
10223
10224
10225
10226
10227
10228
10229
10230
10231
10232
10233
10234
10235
10236
10237
10238
10239
10240
10241
10242
10243
10244
10245
10246
10247
10248
10249
10250
10251
10252
10253
10254
10255
10256
10257
10258
10259
10260
10261
10262
10263
10264
10265
10266
10267
10268
10269
10270
10271
10272
10273
10274
10275
10276
10277
10278
10279
10280
10281
10282
10283
10284
10285
10286
10287
10288
10289
10290
10291
10292
10293
10294
10295
10296
10297
10298
10299
10300
10301
10302
10303
10304
10305
10306
10307
10308
10309
10310
10311
10312
10313
10314
10315
10316
10317
10318
10319
10320
10321
10322
10323
10324
10325
10326
10327
10328
10329
10330
10331
10332
10333
10334
10335
10336
10337
10338
10339
10340
10341
10342
10343
10344
10345
10346
10347
10348
10349
10350
10351
10352
10353
10354
10355
10356
10357
10358
10359
10360
10361
10362
10363
10364
10365
10366
10367
10368
10369
10370
10371
10372
10373
10374
10375
10376
10377
10378
10379
10380
10381
10382
10383
10384
10385
10386
10387
10388
10389
10390
10391
10392
10393
10394
10395
10396
10397
10398
10399
10400
10401
10402
10403
10404
10405
10406
10407
10408
10409
10410
10411
10412
10413
10414
10415
10416
10417
10418
10419
10420
10421
10422
10423
10424
10425
10426
10427
10428
10429
10430
10431
10432
10433
10434
10435
10436
10437
10438
10439
10440
10441
10442
10443
10444
10445
10446
10447
10448
10449
10450
10451
10452
10453
10454
10455
10456
10457
10458
10459
10460
10461
10462
10463
10464
10465
10466
10467
10468
10469
10470
10471
10472
10473
10474
10475
10476
10477
10478
10479
10480
10481
10482
10483
10484
10485
10486
10487
10488
10489
10490
10491
10492
10493
10494
10495
10496
10497
10498
10499
10500
10501
10502
10503
10504
10505
10506
10507
10508
10509
10510
10511
10512
10513
10514
10515
10516
10517
10518
10519
10520
10521
10522
10523
10524
10525
10526
10527
10528
10529
10530
10531
10532
10533
10534
10535
10536
10537
10538
10539
10540
10541
10542
10543
10544
10545
10546
10547
10548
10549
10550
10551
10552
10553
10554
10555
10556
10557
10558
10559
10560
10561
10562
10563
10564
10565
10566
10567
10568
10569
10570
10571
10572
10573
10574
10575
10576
10577
10578
10579
10580
10581
10582
10583
10584
10585
10586
10587
10588
10589
10590
10591
10592
10593
10594
10595
10596
10597
10598
10599
10600
10601
10602
10603
10604
10605
10606
10607
10608
10609
10610
10611
10612
10613
10614
10615
10616
10617
10618
10619
10620
10621
10622
10623
10624
10625
10626
10627
10628
10629
10630
10631
10632
10633
10634
10635
10636
10637
10638
10639
10640
10641
10642
10643
10644
10645
10646
10647
10648
10649
10650
10651
10652
10653
10654
10655
10656
10657
10658
10659
10660
10661
10662
10663
10664
10665
10666
10667
10668
10669
10670
10671
10672
10673
10674
10675
10676
10677
10678
10679
10680
10681
10682
10683
10684
10685
10686
10687
10688
10689
10690
10691
10692
10693
10694
10695
10696
10697
10698
10699
10700
10701
10702
10703
10704
10705
10706
10707
10708
10709
10710
10711
10712
10713
10714
10715
10716
10717
10718
10719
10720
10721
10722
10723
10724
10725
10726
10727
10728
10729
10730
10731
10732
10733
10734
10735
10736
10737
10738
10739
10740
10741
10742
10743
10744
10745
10746
10747
10748
10749
10750
10751
10752
10753
10754
10755
10756
10757
10758
10759
10760
10761
10762
10763
10764
10765
10766
10767
10768
10769
10770
10771
10772
10773
10774
10775
10776
10777
10778
10779
10780
10781
10782
10783
10784
10785
10786
10787
10788
10789
10790
10791
10792
10793
10794
10795
10796
10797
10798
10799
10800
10801
10802
10803
10804
10805
10806
10807
10808
10809
10810
10811
10812
10813
10814
10815
10816
10817
10818
10819
10820
10821
10822
10823
10824
10825
10826
10827
10828
10829
10830
10831
10832
10833
10834
10835
10836
10837
10838
10839
10840
10841
10842
10843
10844
10845
10846
10847
10848
10849
10850
10851
10852
10853
10854
10855
10856
10857
10858
10859
10860
10861
10862
10863
10864
10865
10866
10867
10868
10869
10870
10871
10872
10873
10874
10875
10876
10877
10878
10879
10880
10881
10882
10883
10884
10885
10886
10887
10888
10889
10890
10891
10892
10893
10894
10895
10896
10897
10898
10899
10900
10901
10902
10903
10904
10905
10906
10907
10908
10909
10910
10911
10912
10913
10914
10915
10916
10917
10918
10919
10920
10921
10922
10923
10924
10925
10926
10927
10928
10929
10930
10931
10932
10933
10934
10935
10936
10937
10938
10939
10940
10941
10942
10943
10944
10945
10946
10947
10948
10949
10950
10951
10952
10953
10954
10955
10956
10957
10958
10959
10960
10961
10962
10963
10964
10965
10966
10967
10968
10969
10970
10971
10972
10973
10974
10975
10976
10977
10978
10979
10980
10981
10982
10983
10984
10985
10986
10987
10988
10989
10990
10991
10992
10993
10994
10995
10996
10997
10998
10999
11000
11001
11002
11003
11004
11005
11006
11007
11008
11009
11010
11011
11012
11013
11014
11015
11016
11017
11018
11019
11020
11021
11022
11023
11024
11025
11026
11027
11028
11029
11030
11031
11032
11033
11034
11035
11036
11037
11038
11039
11040
11041
11042
11043
11044
11045
11046
11047
11048
11049
11050
11051
11052
11053
11054
11055
11056
11057
11058
11059
11060
11061
11062
11063
11064
11065
11066
11067
11068
11069
11070
11071
11072
11073
11074
11075
11076
11077
11078
11079
11080
11081
11082
11083
11084
11085
11086
11087
11088
11089
11090
11091
11092
11093
11094
11095
11096
11097
11098
11099
11100
11101
11102
11103
11104
11105
11106
11107
11108
11109
11110
11111
11112
11113
11114
11115
11116
11117
11118
11119
11120
11121
11122
11123
11124
11125
11126
11127
11128
11129
11130
11131
11132
11133
11134
11135
11136
11137
11138
11139
11140
11141
11142
11143
11144
11145
11146
11147
11148
11149
11150
11151
11152
11153
11154
11155
11156
11157
11158
11159
11160
11161
11162
11163
11164
11165
11166
11167
11168
11169
11170
11171
11172
11173
11174
11175
11176
11177
11178
11179
11180
11181
11182
11183
11184
11185
11186
11187
11188
11189
11190
11191
11192
11193
11194
11195
11196
11197
11198
11199
11200
11201
11202
11203
11204
11205
11206
11207
11208
11209
11210
11211
11212
11213
11214
11215
11216
11217
11218
11219
11220
11221
11222
11223
11224
11225
11226
11227
11228
11229
11230
11231
11232
11233
11234
11235
11236
11237
11238
11239
11240
11241
11242
11243
11244
11245
11246
11247
11248
11249
11250
11251
11252
11253
11254
11255
11256
11257
11258
11259
11260
11261
11262
11263
11264
11265
11266
11267
11268
11269
11270
11271
11272
11273
11274
11275
11276
11277
11278
11279
11280
11281
11282
11283
11284
11285
11286
11287
11288
11289
11290
11291
11292
11293
11294
11295
11296
11297
11298
11299
11300
11301
11302
11303
11304
11305
11306
11307
11308
11309
11310
11311
11312
11313
11314
11315
11316
11317
11318
11319
11320
11321
11322
11323
11324
11325
11326
11327
11328
11329
11330
11331
11332
11333
11334
11335
11336
11337
11338
11339
11340
11341
11342
11343
11344
11345
11346
11347
11348
11349
11350
11351
11352
11353
11354
11355
11356
11357
11358
11359
11360
11361
11362
11363
11364
11365
11366
11367
11368
11369
11370
11371
11372
11373
11374
11375
11376
11377
11378
11379
11380
11381
11382
11383
11384
11385
11386
11387
11388
11389
11390
11391
11392
11393
11394
11395
11396
11397
11398
11399
11400
11401
11402
11403
11404
11405
11406
11407
11408
11409
11410
11411
11412
11413
11414
11415
11416
11417
11418
11419
11420
11421
11422
11423
11424
11425
11426
11427
11428
11429
11430
11431
11432
11433
11434
11435
11436
11437
11438
11439
11440
11441
11442
11443
11444
11445
11446
11447
11448
11449
11450
11451
11452
11453
11454
11455
11456
11457
11458
11459
11460
11461
11462
11463
11464
11465
11466
11467
11468
11469
11470
11471
11472
11473
11474
11475
11476
11477
11478
11479
11480
11481
11482
11483
11484
11485
11486
11487
11488
11489
11490
11491
11492
11493
11494
11495
11496
11497
11498
11499
11500
11501
11502
11503
11504
11505
11506
11507
11508
11509
11510
11511
11512
11513
11514
11515
11516
11517
11518
11519
11520
11521
11522
11523
11524
11525
11526
11527
11528
11529
11530
11531
11532
11533
11534
11535
11536
11537
11538
11539
11540
11541
11542
11543
11544
11545
11546
11547
11548
11549
11550
11551
11552
11553
11554
11555
11556
11557
11558
11559
11560
11561
11562
11563
11564
11565
11566
11567
11568
11569
11570
11571
11572
11573
11574
11575
11576
11577
11578
11579
11580
11581
11582
11583
11584
11585
11586
11587
11588
11589
11590
11591
11592
11593
11594
11595
11596
11597
11598
11599
11600
11601
11602
11603
11604
11605
11606
11607
11608
11609
11610
11611
11612
11613
11614
11615
11616
11617
11618
11619
11620
11621
11622
11623
11624
11625
11626
11627
11628
11629
11630
11631
11632
11633
11634
11635
11636
11637
11638
11639
11640
11641
11642
11643
11644
11645
11646
11647
11648
11649
11650
11651
11652
11653
11654
11655
11656
11657
11658
11659
11660
11661
11662
11663
11664
11665
11666
11667
11668
11669
11670
11671
11672
11673
11674
11675
11676
11677
11678
11679
11680
11681
11682
11683
11684
11685
11686
11687
11688
11689
11690
11691
11692
11693
11694
11695
11696
11697
11698
11699
11700
11701
11702
11703
11704
11705
11706
11707
11708
11709
11710
11711
11712
11713
11714
11715
11716
11717
11718
11719
11720
11721
11722
11723
11724
11725
11726
11727
11728
11729
11730
11731
11732
11733
11734
11735
11736
11737
11738
11739
11740
11741
11742
11743
11744
11745
11746
11747
11748
11749
11750
11751
11752
11753
11754
11755
11756
11757
11758
11759
11760
11761
11762
11763
11764
11765
11766
11767
11768
11769
11770
11771
11772
11773
11774
11775
11776
11777
11778
11779
11780
11781
11782
11783
11784
11785
11786
11787
11788
11789
11790
11791
11792
11793
11794
11795
11796
11797
11798
11799
11800
11801
11802
11803
11804
11805
11806
11807
11808
11809
11810
11811
11812
11813
11814
11815
11816
11817
11818
11819
11820
11821
11822
11823
11824
11825
11826
11827
11828
11829
11830
11831
11832
11833
11834
11835
11836
11837
11838
11839
11840
11841
11842
11843
11844
11845
11846
11847
11848
11849
11850
11851
11852
11853
11854
11855
11856
11857
11858
11859
11860
11861
11862
11863
11864
11865
11866
11867
11868
11869
11870
11871
11872
11873
11874
11875
11876
11877
11878
11879
11880
11881
11882
11883
11884
11885
11886
11887
11888
11889
11890
11891
11892
11893
11894
11895
11896
11897
11898
11899
11900
11901
11902
11903
11904
11905
11906
11907
11908
11909
11910
11911
11912
11913
11914
11915
11916
11917
11918
11919
11920
11921
11922
11923
11924
11925
11926
11927
11928
11929
11930
11931
11932
11933
11934
11935
11936
11937
11938
11939
11940
11941
11942
11943
11944
11945
11946
11947
11948
11949
11950
11951
11952
11953
11954
11955
11956
11957
11958
11959
11960
11961
11962
11963
11964
11965
11966
11967
11968
11969
11970
11971
11972
11973
11974
11975
11976
11977
11978
11979
11980
11981
11982
11983
11984
11985
11986
11987
11988
11989
11990
11991
11992
11993
11994
11995
11996
11997
11998
11999
12000
12001
12002
12003
12004
12005
12006
12007
12008
12009
12010
12011
12012
12013
12014
12015
12016
12017
12018
12019
12020
12021
12022
12023
12024
12025
12026
12027
12028
12029
12030
12031
12032
12033
12034
12035
12036
12037
12038
12039
12040
12041
12042
12043
12044
12045
12046
12047
12048
12049
12050
12051
12052
12053
12054
12055
12056
12057
12058
12059
12060
12061
12062
12063
12064
12065
12066
12067
12068
12069
12070
12071
12072
12073
12074
12075
12076
12077
12078
12079
12080
12081
12082
12083
12084
12085
12086
12087
12088
12089
12090
12091
12092
12093
12094
12095
12096
12097
12098
12099
12100
12101
12102
12103
12104
12105
12106
12107
12108
12109
12110
12111
12112
12113
12114
12115
12116
12117
12118
12119
12120
12121
12122
12123
12124
12125
12126
12127
12128
12129
12130
12131
12132
12133
12134
12135
12136
12137
12138
12139
12140
12141
12142
12143
12144
12145
12146
12147
12148
12149
12150
12151
12152
12153
12154
12155
12156
12157
12158
12159
12160
12161
12162
12163
12164
12165
12166
12167
12168
12169
12170
12171
12172
12173
12174
12175
12176
12177
12178
12179
12180
12181
12182
12183
12184
12185
12186
12187
12188
12189
12190
12191
12192
12193
12194
12195
12196
12197
12198
12199
12200
12201
12202
12203
12204
12205
12206
12207
12208
12209
12210
12211
12212
12213
12214
12215
12216
12217
12218
12219
12220
12221
12222
12223
12224
12225
12226
12227
12228
12229
12230
12231
12232
12233
12234
12235
12236
12237
12238
12239
12240
12241
12242
12243
12244
12245
12246
12247
12248
12249
12250
12251
12252
12253
12254
12255
12256
12257
12258
12259
12260
12261
12262
12263
12264
12265
12266
12267
12268
12269
12270
12271
12272
12273
12274
12275
12276
12277
12278
12279
12280
12281
12282
12283
12284
12285
12286
12287
12288
12289
12290
12291
12292
12293
12294
12295
12296
12297
12298
12299
12300
12301
12302
12303
12304
12305
12306
12307
12308
12309
12310
12311
12312
12313
12314
12315
12316
12317
12318
12319
12320
12321
12322
12323
12324
12325
12326
12327
12328
12329
12330
12331
12332
12333
12334
12335
12336
12337
12338
12339
12340
12341
12342
12343
12344
12345
12346
12347
12348
12349
12350
12351
12352
12353
12354
12355
12356
12357
12358
12359
12360
12361
12362
12363
12364
12365
12366
12367
12368
12369
12370
12371
12372
12373
12374
12375
12376
12377
12378
12379
12380
12381
12382
12383
12384
12385
12386
12387
12388
12389
12390
12391
12392
12393
12394
12395
12396
12397
12398
12399
12400
12401
12402
12403
12404
12405
12406
12407
12408
12409
12410
12411
12412
12413
12414
12415
12416
12417
12418
12419
12420
12421
12422
12423
12424
12425
12426
12427
12428
12429
12430
12431
12432
12433
12434
12435
12436
12437
12438
12439
12440
12441
12442
12443
12444
12445
12446
12447
12448
12449
12450
12451
12452
12453
12454
12455
12456
12457
12458
12459
12460
12461
12462
12463
12464
12465
12466
12467
12468
12469
12470
12471
12472
12473
12474
12475
12476
12477
12478
12479
12480
12481
12482
12483
12484
12485
12486
12487
12488
12489
12490
12491
12492
12493
12494
12495
12496
12497
12498
12499
12500
12501
12502
12503
12504
12505
12506
12507
12508
12509
12510
12511
12512
12513
12514
12515
12516
12517
12518
12519
12520
12521
12522
12523
12524
12525
12526
12527
12528
12529
12530
12531
12532
12533
12534
12535
12536
12537
12538
12539
12540
12541
12542
12543
12544
12545
12546
12547
12548
12549
12550
12551
12552
12553
12554
12555
12556
12557
12558
12559
12560
12561
12562
12563
12564
12565
12566
12567
12568
12569
12570
12571
12572
12573
12574
12575
12576
12577
12578
12579
12580
12581
12582
12583
12584
12585
12586
12587
12588
12589
12590
12591
12592
12593
12594
12595
12596
12597
12598
12599
12600
12601
12602
12603
12604
12605
12606
12607
12608
12609
12610
12611
12612
12613
12614
12615
12616
12617
12618
12619
12620
12621
12622
12623
12624
12625
12626
12627
12628
12629
12630
12631
12632
12633
12634
12635
12636
12637
12638
12639
12640
12641
12642
12643
12644
12645
12646
12647
12648
12649
12650
12651
12652
12653
12654
12655
12656
12657
12658
12659
12660
12661
12662
12663
12664
12665
12666
12667
12668
12669
12670
12671
12672
12673
12674
12675
12676
12677
12678
12679
12680
12681
12682
12683
12684
12685
12686
12687
12688
12689
12690
12691
12692
12693
12694
12695
12696
12697
12698
12699
12700
12701
12702
12703
12704
12705
12706
12707
12708
12709
12710
12711
12712
12713
12714
12715
12716
12717
12718
12719
12720
12721
12722
12723
12724
12725
12726
12727
12728
12729
12730
12731
12732
12733
12734
12735
12736
12737
12738
12739
12740
12741
12742
12743
12744
12745
12746
12747
12748
12749
12750
12751
12752
12753
12754
12755
12756
12757
12758
12759
12760
12761
12762
12763
12764
12765
12766
12767
12768
12769
12770
12771
12772
12773
12774
12775
12776
12777
12778
12779
12780
12781
12782
12783
12784
12785
12786
12787
12788
12789
12790
12791
12792
12793
12794
12795
12796
12797
12798
12799
12800
12801
12802
12803
12804
12805
12806
12807
12808
12809
12810
12811
12812
12813
12814
12815
12816
12817
12818
12819
12820
12821
12822
12823
12824
12825
12826
12827
12828
12829
12830
12831
12832
12833
12834
12835
12836
12837
12838
12839
12840
12841
12842
12843
12844
12845
12846
12847
12848
12849
12850
12851
12852
12853
12854
12855
12856
12857
12858
12859
12860
12861
12862
12863
12864
12865
12866
12867
12868
12869
12870
12871
12872
12873
12874
12875
12876
12877
12878
12879
12880
12881
12882
12883
12884
12885
12886
12887
12888
12889
12890
12891
12892
12893
12894
12895
12896
12897
12898
12899
12900
12901
12902
12903
12904
12905
12906
12907
12908
12909
12910
12911
12912
12913
12914
12915
12916
12917
12918
12919
12920
12921
12922
12923
12924
12925
12926
12927
12928
12929
12930
12931
12932
12933
12934
12935
12936
12937
12938
12939
12940
12941
12942
12943
12944
12945
12946
12947
12948
12949
12950
12951
12952
12953
12954
12955
12956
12957
12958
12959
12960
12961
12962
12963
12964
12965
12966
12967
12968
12969
12970
12971
12972
12973
12974
12975
12976
12977
12978
12979
12980
12981
12982
12983
12984
12985
12986
12987
12988
12989
12990
12991
12992
12993
12994
12995
12996
12997
12998
12999
13000
13001
13002
13003
13004
13005
13006
13007
13008
13009
13010
13011
13012
13013
13014
13015
13016
13017
13018
13019
13020
13021
13022
13023
13024
13025
13026
13027
13028
13029
13030
13031
13032
13033
13034
13035
13036
13037
13038
13039
13040
13041
13042
13043
13044
13045
13046
13047
13048
13049
13050
13051
13052
13053
13054
13055
13056
13057
13058
13059
13060
13061
13062
13063
13064
13065
13066
13067
13068
13069
13070
13071
13072
13073
13074
13075
13076
13077
13078
13079
13080
13081
13082
13083
13084
13085
13086
13087
13088
13089
13090
13091
13092
13093
13094
13095
13096
13097
13098
13099
13100
13101
13102
13103
13104
13105
13106
13107
13108
13109
13110
13111
13112
13113
13114
13115
13116
13117
13118
13119
13120
13121
13122
13123
13124
13125
13126
13127
13128
13129
13130
13131
13132
13133
13134
13135
13136
13137
13138
13139
13140
13141
13142
13143
13144
13145
13146
13147
13148
13149
13150
13151
13152
13153
13154
13155
13156
13157
13158
13159
13160
13161
13162
13163
13164
13165
13166
13167
13168
13169
13170
13171
13172
13173
13174
13175
13176
13177
13178
13179
13180
13181
13182
13183
13184
13185
13186
13187
13188
13189
13190
13191
13192
13193
13194
13195
13196
13197
13198
13199
13200
13201
13202
13203
13204
13205
13206
13207
13208
13209
13210
13211
13212
13213
13214
13215
13216
13217
13218
13219
13220
13221
13222
13223
13224
13225
13226
13227
13228
13229
13230
13231
13232
13233
13234
13235
13236
13237
13238
13239
13240
13241
13242
13243
13244
13245
13246
13247
13248
13249
13250
13251
13252
13253
13254
13255
13256
13257
13258
13259
13260
13261
13262
13263
13264
13265
13266
13267
13268
13269
13270
13271
13272
13273
13274
13275
13276
13277
13278
13279
13280
13281
13282
13283
13284
13285
13286
13287
13288
13289
13290
13291
13292
13293
13294
13295
13296
13297
13298
13299
13300
13301
13302
13303
13304
13305
13306
13307
13308
13309
13310
13311
13312
13313
13314
13315
13316
13317
13318
13319
13320
13321
13322
13323
13324
13325
13326
13327
13328
13329
13330
13331
13332
13333
13334
13335
13336
13337
13338
13339
13340
13341
13342
13343
13344
13345
13346
13347
13348
13349
13350
13351
13352
13353
13354
13355
13356
13357
13358
13359
13360
13361
13362
13363
13364
13365
13366
13367
13368
13369
13370
13371
13372
13373
13374
13375
13376
13377
13378
13379
13380
13381
13382
13383
13384
13385
13386
13387
13388
13389
13390
13391
13392
13393
13394
13395
13396
13397
13398
13399
13400
13401
13402
13403
13404
13405
13406
13407
13408
13409
13410
13411
13412
13413
13414
13415
13416
13417
13418
13419
13420
13421
13422
13423
13424
13425
13426
13427
13428
13429
13430
13431
13432
13433
13434
13435
13436
13437
13438
13439
13440
13441
13442
13443
13444
13445
13446
13447
13448
13449
13450
13451
13452
13453
13454
13455
13456
13457
13458
13459
13460
13461
13462
13463
13464
13465
13466
13467
13468
13469
13470
13471
13472
13473
13474
13475
13476
13477
13478
13479
13480
13481
13482
13483
13484
13485
13486
13487
13488
13489
13490
13491
13492
13493
13494
13495
13496
13497
13498
13499
13500
13501
13502
13503
13504
13505
13506
13507
13508
13509
13510
13511
13512
13513
13514
13515
13516
13517
13518
13519
13520
13521
13522
13523
13524
13525
13526
13527
13528
13529
13530
13531
13532
13533
13534
13535
13536
13537
13538
13539
13540
13541
13542
13543
13544
13545
13546
13547
13548
13549
13550
13551
13552
13553
13554
13555
13556
13557
13558
13559
13560
13561
13562
13563
13564
13565
13566
13567
13568
13569
13570
13571
13572
13573
13574
13575
13576
13577
13578
13579
13580
13581
13582
13583
13584
13585
13586
13587
13588
13589
13590
13591
13592
13593
13594
13595
13596
13597
13598
13599
13600
13601
13602
13603
13604
13605
13606
13607
13608
13609
13610
13611
13612
13613
13614
13615
13616
13617
13618
13619
13620
13621
13622
13623
13624
13625
13626
13627
13628
13629
13630
13631
13632
13633
13634
13635
13636
13637
13638
13639
13640
13641
13642
13643
13644
13645
13646
13647
13648
13649
13650
13651
13652
13653
13654
13655
13656
13657
13658
13659
13660
13661
13662
13663
13664
13665
13666
13667
13668
13669
13670
13671
13672
13673
13674
13675
13676
13677
13678
13679
13680
13681
13682
13683
13684
13685
13686
13687
13688
13689
13690
13691
13692
13693
13694
13695
13696
13697
13698
13699
13700
13701
13702
13703
13704
13705
13706
13707
13708
13709
13710
13711
13712
13713
13714
13715
13716
13717
13718
13719
13720
13721
13722
13723
13724
13725
13726
13727
13728
13729
13730
13731
13732
13733
13734
13735
13736
13737
13738
13739
13740
13741
13742
13743
13744
13745
13746
13747
13748
13749
13750
13751
13752
13753
13754
13755
13756
13757
13758
13759
13760
13761
13762
13763
13764
13765
13766
13767
13768
13769
13770
13771
13772
13773
13774
13775
13776
13777
13778
13779
13780
13781
13782
13783
13784
13785
13786
13787
13788
13789
13790
13791
13792
13793
13794
13795
13796
13797
13798
13799
13800
13801
13802
13803
13804
13805
13806
13807
13808
13809
13810
13811
13812
13813
13814
13815
13816
13817
13818
13819
13820
13821
13822
13823
13824
13825
13826
13827
13828
13829
13830
13831
13832
13833
13834
13835
13836
13837
13838
13839
13840
13841
13842
13843
13844
13845
13846
13847
13848
13849
13850
13851
13852
13853
13854
13855
13856
13857
13858
13859
13860
13861
13862
13863
13864
13865
13866
13867
13868
13869
13870
13871
13872
13873
13874
13875
13876
13877
13878
13879
13880
13881
13882
13883
13884
13885
13886
13887
13888
13889
13890
13891
13892
13893
13894
13895
13896
13897
13898
13899
13900
13901
13902
13903
13904
13905
13906
13907
13908
13909
13910
13911
13912
13913
13914
13915
13916
13917
13918
13919
13920
13921
13922
13923
13924
13925
13926
13927
13928
13929
13930
13931
13932
13933
13934
13935
13936
13937
13938
13939
13940
13941
13942
13943
13944
13945
13946
13947
13948
13949
13950
13951
13952
13953
13954
13955
13956
13957
13958
13959
13960
13961
13962
13963
13964
13965
13966
13967
13968
13969
13970
13971
13972
13973
13974
13975
13976
13977
13978
13979
13980
13981
13982
13983
13984
13985
13986
13987
13988
13989
13990
13991
13992
13993
13994
13995
13996
13997
13998
13999
14000
14001
14002
14003
14004
14005
14006
14007
14008
14009
14010
14011
14012
14013
14014
14015
14016
14017
14018
14019
14020
14021
14022
14023
14024
14025
14026
14027
14028
14029
14030
14031
14032
14033
14034
14035
14036
14037
14038
14039
14040
14041
14042
14043
14044
14045
14046
14047
14048
14049
14050
14051
14052
14053
14054
14055
14056
14057
14058
14059
14060
14061
14062
14063
14064
14065
14066
14067
14068
14069
14070
14071
14072
14073
14074
14075
14076
14077
14078
14079
14080
14081
14082
14083
14084
14085
14086
14087
14088
14089
14090
14091
14092
14093
14094
14095
14096
14097
14098
14099
14100
14101
14102
14103
14104
14105
14106
14107
14108
14109
14110
14111
14112
14113
14114
14115
14116
14117
14118
14119
14120
14121
14122
14123
14124
14125
14126
14127
14128
14129
14130
14131
14132
14133
14134
14135
14136
14137
14138
14139
14140
14141
14142
14143
14144
14145
14146
14147
14148
14149
14150
14151
14152
14153
14154
14155
14156
14157
14158
14159
14160
14161
14162
14163
14164
14165
14166
14167
14168
14169
14170
14171
14172
14173
14174
14175
14176
14177
14178
14179
14180
14181
14182
14183
14184
14185
14186
14187
14188
14189
14190
14191
14192
14193
14194
14195
14196
14197
14198
14199
14200
14201
14202
14203
14204
14205
14206
14207
14208
14209
14210
14211
14212
14213
14214
14215
14216
14217
14218
14219
14220
14221
14222
14223
14224
14225
14226
14227
14228
14229
14230
14231
14232
14233
14234
14235
14236
14237
14238
14239
14240
14241
14242
14243
14244
14245
14246
14247
14248
14249
14250
14251
14252
14253
14254
14255
14256
14257
14258
14259
14260
14261
14262
14263
14264
14265
14266
14267
14268
14269
14270
14271
14272
14273
14274
14275
14276
14277
14278
14279
14280
14281
14282
14283
14284
14285
14286
14287
14288
14289
14290
14291
14292
14293
14294
14295
14296
14297
14298
14299
14300
14301
14302
14303
14304
14305
14306
14307
14308
14309
14310
14311
14312
14313
14314
14315
14316
14317
14318
14319
14320
14321
14322
14323
14324
14325
14326
14327
14328
14329
14330
14331
14332
14333
14334
14335
14336
14337
14338
14339
14340
14341
14342
14343
14344
14345
14346
14347
14348
14349
14350
14351
14352
14353
14354
14355
14356
14357
14358
14359
14360
14361
14362
14363
14364
14365
14366
14367
14368
14369
14370
14371
14372
14373
14374
14375
14376
14377
14378
14379
14380
14381
14382
14383
14384
14385
14386
14387
14388
14389
14390
14391
14392
14393
14394
14395
14396
14397
14398
14399
14400
14401
14402
14403
14404
14405
14406
14407
14408
14409
14410
14411
14412
14413
14414
14415
14416
14417
14418
14419
14420
14421
14422
14423
14424
14425
14426
14427
14428
14429
14430
14431
14432
14433
14434
14435
14436
14437
14438
14439
14440
14441
14442
14443
14444
14445
14446
14447
14448
14449
14450
14451
14452
14453
14454
14455
14456
14457
14458
14459
14460
14461
14462
14463
14464
14465
14466
14467
14468
14469
14470
14471
14472
14473
14474
14475
14476
14477
14478
14479
14480
14481
14482
14483
14484
14485
14486
14487
14488
14489
14490
14491
14492
14493
14494
14495
14496
14497
14498
14499
14500
14501
14502
14503
14504
14505
14506
14507
14508
14509
14510
14511
14512
14513
14514
14515
14516
14517
14518
14519
14520
14521
14522
14523
14524
14525
14526
14527
14528
14529
14530
14531
14532
14533
14534
14535
14536
14537
14538
14539
14540
14541
14542
14543
14544
14545
14546
14547
14548
14549
14550
14551
14552
14553
14554
14555
14556
14557
14558
14559
14560
14561
14562
14563
14564
14565
14566
14567
14568
14569
14570
14571
14572
14573
14574
14575
14576
14577
14578
14579
14580
14581
14582
14583
14584
14585
14586
14587
14588
14589
14590
14591
14592
14593
14594
14595
14596
14597
14598
14599
14600
14601
14602
14603
14604
14605
14606
14607
14608
14609
14610
14611
14612
14613
14614
14615
14616
14617
14618
14619
14620
14621
14622
14623
14624
14625
14626
14627
14628
14629
14630
14631
14632
14633
14634
14635
14636
14637
14638
14639
14640
14641
14642
14643
14644
14645
14646
14647
14648
14649
14650
14651
14652
14653
14654
14655
14656
14657
14658
14659
14660
14661
14662
14663
14664
14665
14666
14667
14668
14669
14670
14671
14672
14673
14674
14675
14676
14677
14678
14679
14680
14681
14682
14683
14684
14685
14686
14687
14688
14689
14690
14691
14692
14693
14694
14695
14696
14697
14698
14699
14700
14701
14702
14703
14704
14705
14706
14707
14708
14709
14710
14711
14712
14713
14714
14715
14716
14717
14718
14719
14720
14721
14722
14723
14724
14725
14726
14727
14728
14729
14730
14731
14732
14733
14734
14735
14736
14737
14738
14739
14740
14741
14742
14743
14744
14745
14746
14747
14748
14749
14750
14751
14752
14753
14754
14755
14756
14757
14758
14759
14760
14761
14762
14763
14764
14765
14766
14767
14768
14769
14770
14771
14772
14773
14774
14775
14776
14777
14778
14779
14780
14781
14782
14783
14784
14785
14786
14787
14788
14789
14790
14791
14792
14793
14794
14795
14796
14797
14798
14799
14800
14801
14802
14803
14804
14805
14806
14807
14808
14809
14810
14811
14812
14813
14814
14815
14816
14817
14818
14819
14820
14821
14822
14823
14824
14825
14826
14827
14828
14829
14830
14831
14832
14833
14834
14835
14836
14837
14838
14839
14840
14841
14842
14843
14844
14845
14846
14847
14848
14849
14850
14851
14852
14853
14854
14855
14856
14857
14858
14859
14860
14861
14862
14863
14864
14865
14866
14867
14868
14869
14870
14871
14872
14873
14874
14875
14876
14877
14878
14879
14880
14881
14882
14883
14884
14885
14886
14887
14888
14889
14890
14891
14892
14893
14894
14895
14896
14897
14898
14899
14900
14901
14902
14903
14904
14905
14906
14907
14908
14909
14910
14911
14912
14913
14914
14915
14916
14917
14918
14919
14920
14921
14922
14923
14924
14925
14926
14927
14928
14929
14930
14931
14932
14933
14934
14935
14936
14937
14938
14939
14940
14941
14942
14943
14944
14945
14946
14947
14948
14949
14950
14951
14952
14953
14954
14955
14956
14957
14958
14959
14960
14961
14962
14963
14964
14965
14966
14967
14968
14969
14970
14971
14972
14973
14974
14975
14976
14977
14978
14979
14980
14981
14982
14983
14984
14985
14986
14987
14988
14989
14990
14991
14992
14993
14994
14995
14996
14997
14998
14999
15000
15001
15002
15003
15004
15005
15006
15007
15008
15009
15010
15011
15012
15013
15014
15015
15016
15017
15018
15019
15020
15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
15120
15121
15122
15123
15124
15125
15126
15127
15128
15129
15130
15131
15132
15133
15134
15135
15136
15137
15138
15139
15140
15141
15142
15143
15144
15145
15146
15147
15148
15149
15150
15151
15152
15153
15154
15155
15156
15157
15158
15159
15160
15161
15162
15163
15164
15165
15166
15167
15168
15169
15170
15171
15172
15173
15174
15175
15176
15177
15178
15179
15180
15181
15182
15183
15184
15185
15186
15187
15188
15189
15190
15191
15192
15193
15194
15195
15196
15197
15198
15199
15200
15201
15202
15203
15204
15205
15206
15207
15208
15209
15210
15211
15212
15213
15214
15215
15216
15217
15218
15219
15220
15221
15222
15223
15224
15225
15226
15227
15228
15229
15230
15231
15232
15233
15234
15235
15236
15237
15238
15239
15240
15241
15242
15243
15244
15245
15246
15247
15248
15249
15250
15251
15252
15253
15254
15255
15256
15257
15258
15259
15260
15261
15262
15263
15264
15265
15266
15267
15268
15269
15270
15271
15272
15273
15274
15275
15276
15277
15278
15279
15280
15281
15282
15283
15284
15285
15286
15287
15288
15289
15290
15291
15292
15293
15294
15295
15296
15297
15298
15299
15300
15301
15302
15303
15304
15305
15306
15307
15308
15309
15310
15311
15312
15313
15314
15315
15316
15317
15318
15319
15320
15321
15322
15323
15324
15325
15326
15327
15328
15329
15330
15331
15332
15333
15334
15335
15336
15337
15338
15339
15340
15341
15342
15343
15344
15345
15346
15347
15348
15349
15350
15351
15352
15353
15354
15355
15356
15357
15358
15359
15360
15361
15362
15363
15364
15365
15366
15367
15368
15369
15370
15371
15372
15373
15374
15375
15376
15377
15378
15379
15380
15381
15382
15383
15384
15385
15386
15387
15388
15389
15390
15391
15392
15393
15394
15395
15396
15397
15398
15399
15400
15401
15402
15403
15404
15405
15406
15407
15408
15409
15410
15411
15412
15413
15414
15415
15416
15417
15418
15419
15420
15421
15422
15423
15424
15425
15426
15427
15428
15429
15430
15431
15432
15433
15434
15435
15436
15437
15438
15439
15440
15441
15442
15443
15444
15445
15446
15447
15448
15449
15450
15451
15452
15453
15454
15455
15456
15457
15458
15459
15460
15461
15462
15463
15464
15465
15466
15467
15468
15469
15470
15471
15472
15473
15474
15475
15476
15477
15478
15479
15480
15481
15482
15483
15484
15485
15486
15487
15488
15489
15490
15491
15492
15493
15494
15495
15496
15497
15498
15499
15500
15501
15502
15503
15504
15505
15506
15507
15508
15509
15510
15511
15512
15513
15514
15515
15516
15517
15518
15519
15520
15521
15522
15523
15524
15525
15526
15527
15528
15529
15530
15531
15532
15533
15534
15535
15536
15537
15538
15539
15540
15541
15542
15543
15544
15545
15546
15547
15548
15549
15550
15551
15552
15553
15554
15555
15556
15557
15558
15559
15560
15561
15562
15563
15564
15565
15566
15567
15568
15569
15570
15571
15572
15573
15574
15575
15576
15577
15578
15579
15580
15581
15582
15583
15584
15585
15586
15587
15588
15589
15590
15591
15592
15593
15594
15595
15596
15597
15598
15599
15600
15601
15602
15603
15604
15605
15606
15607
15608
15609
15610
15611
15612
15613
15614
15615
15616
15617
15618
15619
15620
15621
15622
15623
15624
15625
15626
15627
15628
15629
15630
15631
15632
15633
15634
15635
15636
15637
15638
15639
15640
15641
15642
15643
15644
15645
15646
15647
15648
15649
15650
15651
15652
15653
15654
15655
15656
15657
15658
15659
15660
15661
15662
15663
15664
15665
15666
15667
15668
15669
15670
15671
15672
15673
15674
15675
15676
15677
15678
15679
15680
15681
15682
15683
15684
15685
15686
15687
15688
15689
15690
15691
15692
15693
15694
15695
15696
15697
15698
15699
15700
15701
15702
15703
15704
15705
15706
15707
15708
15709
15710
15711
15712
15713
15714
15715
15716
15717
15718
15719
15720
15721
15722
15723
15724
15725
15726
15727
15728
15729
15730
15731
15732
15733
15734
15735
15736
15737
15738
15739
15740
15741
15742
15743
15744
15745
15746
15747
15748
15749
15750
15751
15752
15753
15754
15755
15756
15757
15758
15759
15760
15761
15762
15763
15764
15765
15766
15767
15768
15769
15770
15771
15772
15773
15774
15775
15776
15777
15778
15779
15780
15781
15782
15783
15784
15785
15786
15787
15788
15789
15790
15791
15792
15793
15794
15795
15796
15797
15798
15799
15800
15801
15802
15803
15804
15805
15806
15807
15808
15809
15810
15811
15812
15813
15814
15815
15816
15817
15818
15819
15820
15821
15822
15823
15824
15825
15826
15827
15828
15829
15830
15831
15832
15833
15834
15835
15836
15837
15838
15839
15840
15841
15842
15843
15844
15845
15846
15847
15848
15849
15850
15851
15852
15853
15854
15855
15856
15857
15858
15859
15860
15861
15862
15863
15864
15865
15866
15867
15868
15869
15870
15871
15872
15873
15874
15875
15876
15877
15878
15879
15880
15881
15882
15883
15884
15885
15886
15887
15888
15889
15890
15891
15892
15893
15894
15895
15896
15897
15898
15899
15900
15901
15902
15903
15904
15905
15906
15907
15908
15909
15910
15911
15912
15913
15914
15915
15916
15917
15918
15919
15920
15921
15922
15923
15924
15925
15926
15927
15928
15929
15930
15931
15932
15933
15934
15935
15936
15937
15938
15939
15940
15941
15942
15943
15944
15945
15946
15947
15948
15949
15950
15951
15952
15953
15954
15955
15956
15957
15958
15959
15960
15961
15962
15963
15964
15965
15966
15967
15968
15969
15970
15971
15972
15973
15974
15975
15976
15977
15978
15979
15980
15981
15982
15983
15984
15985
15986
15987
15988
15989
15990
15991
15992
15993
15994
15995
15996
15997
15998
15999
16000
16001
16002
16003
16004
16005
16006
16007
16008
16009
16010
16011
16012
16013
16014
16015
16016
16017
16018
16019
16020
16021
16022
16023
16024
16025
16026
16027
16028
16029
16030
16031
16032
16033
16034
16035
16036
16037
16038
16039
16040
16041
16042
16043
16044
16045
16046
16047
16048
16049
16050
16051
16052
16053
16054
16055
16056
16057
16058
16059
16060
16061
16062
16063
16064
16065
16066
16067
16068
16069
16070
16071
16072
16073
16074
16075
16076
16077
16078
16079
16080
16081
16082
16083
16084
16085
16086
16087
16088
16089
16090
16091
16092
16093
16094
16095
16096
16097
16098
16099
16100
16101
16102
16103
16104
16105
16106
16107
16108
16109
16110
16111
16112
16113
16114
16115
16116
16117
16118
16119
16120
16121
16122
16123
16124
16125
16126
16127
16128
16129
16130
16131
16132
16133
16134
16135
16136
16137
16138
16139
16140
16141
16142
16143
16144
16145
16146
16147
16148
16149
16150
16151
16152
16153
16154
16155
16156
16157
16158
16159
16160
16161
16162
16163
16164
16165
16166
16167
16168
16169
16170
16171
16172
16173
16174
16175
16176
16177
16178
16179
16180
16181
16182
16183
16184
16185
16186
16187
16188
16189
16190
16191
16192
16193
16194
16195
16196
16197
16198
16199
16200
16201
16202
16203
16204
16205
16206
16207
16208
16209
16210
16211
16212
16213
16214
16215
16216
16217
16218
16219
16220
16221
16222
16223
16224
16225
16226
16227
16228
16229
16230
16231
16232
16233
16234
16235
16236
16237
16238
16239
16240
16241
16242
16243
16244
16245
16246
16247
16248
16249
16250
16251
16252
16253
16254
16255
16256
16257
16258
16259
16260
16261
16262
16263
16264
16265
16266
16267
16268
16269
16270
16271
16272
16273
16274
16275
16276
16277
16278
16279
16280
16281
16282
16283
16284
16285
16286
16287
16288
16289
16290
16291
16292
16293
16294
16295
16296
16297
16298
16299
16300
16301
16302
16303
16304
16305
16306
16307
16308
16309
16310
16311
16312
16313
16314
16315
16316
16317
16318
16319
16320
16321
16322
16323
16324
16325
16326
16327
16328
16329
16330
16331
16332
16333
16334
16335
16336
16337
16338
16339
16340
16341
16342
16343
16344
16345
16346
16347
16348
16349
16350
16351
16352
16353
16354
16355
16356
16357
16358
16359
16360
16361
16362
16363
16364
16365
16366
16367
16368
16369
16370
16371
16372
16373
16374
16375
16376
16377
16378
16379
16380
16381
16382
16383
16384
16385
16386
16387
16388
16389
16390
16391
16392
16393
16394
16395
16396
16397
16398
16399
16400
16401
16402
16403
16404
16405
16406
16407
16408
16409
16410
16411
16412
16413
16414
16415
16416
16417
16418
16419
16420
16421
16422
16423
16424
16425
16426
16427
16428
16429
16430
16431
16432
16433
16434
16435
16436
16437
16438
16439
16440
16441
16442
16443
16444
16445
16446
16447
16448
16449
16450
16451
16452
16453
16454
16455
16456
16457
16458
16459
16460
16461
16462
16463
16464
16465
16466
16467
16468
16469
16470
16471
16472
16473
16474
16475
16476
16477
16478
16479
16480
16481
16482
16483
16484
16485
16486
16487
16488
16489
16490
16491
16492
16493
16494
16495
16496
16497
16498
16499
16500
16501
16502
16503
16504
16505
16506
16507
16508
16509
16510
16511
16512
16513
16514
16515
16516
16517
16518
16519
16520
16521
16522
16523
16524
16525
16526
16527
16528
16529
16530
16531
16532
16533
16534
16535
16536
16537
16538
16539
16540
16541
16542
16543
16544
16545
16546
16547
16548
16549
16550
16551
16552
16553
16554
16555
16556
16557
16558
16559
16560
16561
16562
16563
16564
16565
16566
16567
16568
16569
16570
16571
16572
16573
16574
16575
16576
16577
16578
16579
16580
16581
16582
16583
16584
16585
16586
16587
16588
16589
16590
16591
16592
16593
16594
16595
16596
16597
16598
16599
16600
16601
16602
16603
16604
16605
16606
16607
16608
16609
16610
16611
16612
16613
16614
16615
16616
16617
16618
16619
16620
16621
16622
16623
16624
16625
16626
16627
16628
16629
16630
16631
16632
16633
16634
16635
16636
16637
16638
16639
16640
16641
16642
16643
16644
16645
16646
16647
16648
16649
16650
16651
16652
16653
16654
16655
16656
16657
16658
16659
16660
16661
16662
16663
16664
16665
16666
16667
16668
16669
16670
16671
16672
16673
16674
16675
16676
16677
16678
16679
16680
16681
16682
16683
16684
16685
16686
16687
16688
16689
16690
16691
16692
16693
16694
16695
16696
16697
16698
16699
16700
16701
16702
16703
16704
16705
16706
16707
16708
16709
16710
16711
16712
16713
16714
16715
16716
16717
16718
16719
16720
16721
16722
16723
16724
16725
16726
16727
16728
16729
16730
16731
16732
16733
16734
16735
16736
16737
16738
16739
16740
16741
16742
16743
16744
16745
16746
16747
16748
16749
16750
16751
16752
16753
16754
16755
16756
16757
16758
16759
16760
16761
16762
16763
16764
16765
16766
16767
16768
16769
16770
16771
16772
16773
16774
16775
16776
16777
16778
16779
16780
16781
16782
16783
16784
16785
16786
16787
16788
16789
16790
16791
16792
16793
16794
16795
16796
16797
16798
16799
16800
16801
16802
16803
16804
16805
16806
16807
16808
16809
16810
16811
16812
16813
16814
16815
16816
16817
16818
16819
16820
16821
16822
16823
16824
16825
16826
16827
16828
16829
16830
16831
16832
16833
16834
16835
16836
16837
16838
16839
16840
16841
16842
16843
16844
16845
16846
16847
16848
16849
16850
16851
16852
16853
16854
16855
16856
16857
16858
16859
16860
16861
16862
16863
16864
16865
16866
16867
16868
16869
16870
16871
16872
16873
16874
16875
16876
16877
16878
16879
16880
16881
16882
16883
16884
16885
16886
16887
16888
16889
16890
16891
16892
16893
16894
16895
16896
16897
16898
16899
16900
16901
16902
16903
16904
16905
16906
16907
16908
16909
16910
16911
16912
16913
16914
16915
16916
16917
16918
16919
16920
16921
16922
16923
16924
16925
16926
16927
16928
16929
16930
16931
16932
16933
16934
16935
16936
16937
16938
16939
16940
16941
16942
16943
16944
16945
16946
16947
16948
16949
16950
16951
16952
16953
16954
16955
16956
16957
16958
16959
16960
16961
16962
16963
16964
16965
16966
16967
16968
16969
16970
16971
16972
16973
16974
16975
16976
16977
16978
16979
16980
16981
16982
16983
16984
16985
16986
16987
16988
16989
16990
16991
16992
16993
16994
16995
16996
16997
16998
16999
17000
17001
17002
17003
17004
17005
17006
17007
17008
17009
17010
17011
17012
17013
17014
17015
17016
17017
17018
17019
17020
17021
17022
17023
17024
17025
17026
17027
17028
17029
17030
17031
17032
17033
17034
17035
17036
17037
17038
17039
17040
17041
17042
17043
17044
17045
17046
17047
17048
17049
17050
17051
17052
17053
17054
17055
17056
17057
17058
17059
17060
17061
17062
17063
17064
17065
17066
17067
17068
17069
17070
17071
17072
17073
17074
17075
17076
17077
17078
17079
17080
17081
17082
17083
17084
17085
17086
17087
17088
17089
17090
17091
17092
17093
17094
17095
17096
17097
17098
17099
17100
17101
17102
17103
17104
17105
17106
17107
17108
17109
17110
17111
17112
17113
17114
17115
17116
17117
17118
17119
17120
17121
17122
17123
17124
17125
17126
17127
17128
17129
17130
17131
17132
17133
17134
17135
17136
17137
17138
17139
17140
17141
17142
17143
17144
17145
17146
17147
17148
17149
17150
17151
17152
17153
17154
17155
17156
17157
17158
17159
17160
17161
17162
17163
17164
17165
17166
17167
17168
17169
17170
17171
17172
17173
17174
17175
17176
17177
17178
17179
17180
17181
17182
17183
17184
17185
17186
17187
17188
17189
17190
17191
17192
17193
17194
17195
17196
17197
17198
17199
17200
17201
17202
17203
17204
17205
17206
17207
17208
17209
17210
17211
17212
17213
17214
17215
17216
17217
17218
17219
17220
17221
17222
17223
17224
17225
17226
17227
17228
17229
17230
17231
17232
17233
17234
17235
17236
17237
17238
17239
17240
17241
17242
17243
17244
17245
17246
17247
17248
17249
17250
17251
17252
17253
17254
17255
17256
17257
17258
17259
17260
17261
17262
17263
17264
17265
17266
17267
17268
17269
17270
17271
17272
17273
17274
17275
17276
17277
17278
17279
17280
17281
17282
17283
17284
17285
17286
17287
17288
17289
17290
17291
17292
17293
17294
17295
17296
17297
17298
17299
17300
17301
17302
17303
17304
17305
17306
17307
17308
17309
17310
17311
17312
17313
17314
17315
17316
17317
17318
17319
17320
17321
17322
17323
17324
17325
17326
17327
17328
17329
17330
17331
17332
17333
17334
17335
17336
17337
17338
17339
17340
17341
17342
17343
17344
17345
17346
17347
17348
17349
17350
17351
17352
17353
17354
17355
17356
17357
17358
17359
17360
17361
17362
17363
17364
17365
17366
17367
17368
17369
17370
17371
17372
17373
17374
17375
17376
17377
17378
17379
17380
17381
17382
17383
17384
17385
17386
17387
17388
17389
17390
17391
17392
17393
17394
17395
17396
17397
17398
17399
17400
17401
17402
17403
17404
17405
17406
17407
17408
17409
17410
17411
17412
17413
17414
17415
17416
17417
17418
17419
17420
17421
17422
17423
17424
17425
17426
17427
17428
17429
17430
17431
17432
17433
17434
17435
17436
17437
17438
17439
17440
17441
17442
17443
17444
17445
17446
17447
17448
17449
17450
17451
17452
17453
17454
17455
17456
17457
17458
17459
17460
17461
17462
17463
17464
17465
17466
17467
17468
17469
17470
17471
17472
17473
17474
17475
17476
17477
17478
17479
17480
17481
17482
17483
17484
17485
17486
17487
17488
17489
17490
17491
17492
17493
17494
17495
17496
17497
17498
17499
17500
17501
17502
17503
17504
17505
17506
17507
17508
17509
17510
17511
17512
17513
17514
17515
17516
17517
17518
17519
17520
17521
17522
17523
17524
17525
17526
17527
17528
17529
17530
17531
17532
17533
17534
17535
17536
17537
17538
17539
17540
17541
17542
17543
17544
17545
17546
17547
17548
17549
17550
17551
17552
17553
17554
17555
17556
17557
17558
17559
17560
17561
17562
17563
17564
17565
17566
17567
17568
17569
17570
17571
17572
17573
17574
17575
17576
17577
17578
17579
17580
17581
17582
17583
17584
17585
17586
17587
17588
17589
17590
17591
17592
17593
17594
17595
17596
17597
17598
17599
17600
17601
17602
17603
17604
17605
17606
17607
17608
17609
17610
17611
17612
17613
17614
17615
17616
17617
17618
17619
17620
17621
17622
17623
17624
17625
17626
17627
17628
17629
17630
17631
17632
17633
17634
17635
17636
17637
17638
17639
17640
17641
17642
17643
17644
17645
17646
17647
17648
17649
17650
17651
17652
17653
17654
17655
17656
17657
17658
17659
17660
17661
17662
17663
17664
17665
17666
17667
17668
17669
17670
17671
17672
17673
17674
17675
17676
17677
17678
17679
17680
17681
17682
17683
17684
17685
17686
17687
17688
17689
17690
17691
17692
17693
17694
17695
17696
17697
17698
17699
17700
17701
17702
17703
17704
17705
17706
17707
17708
17709
17710
17711
17712
17713
17714
17715
17716
17717
17718
17719
17720
17721
17722
17723
17724
17725
17726
17727
17728
17729
17730
17731
17732
17733
17734
17735
17736
17737
17738
17739
17740
17741
17742
17743
17744
17745
17746
17747
17748
17749
17750
17751
17752
17753
17754
17755
17756
17757
17758
17759
17760
17761
17762
17763
17764
17765
17766
17767
17768
17769
17770
17771
17772
17773
17774
17775
17776
17777
17778
17779
17780
17781
17782
17783
17784
17785
17786
17787
17788
17789
17790
17791
17792
17793
17794
17795
17796
17797
17798
17799
17800
17801
17802
17803
17804
17805
17806
17807
17808
17809
17810
17811
17812
17813
17814
17815
17816
17817
17818
17819
17820
17821
17822
17823
17824
17825
17826
17827
17828
17829
17830
17831
17832
17833
17834
17835
17836
17837
17838
17839
17840
17841
17842
17843
17844
17845
17846
17847
17848
17849
17850
17851
17852
17853
17854
17855
17856
17857
17858
17859
17860
17861
17862
17863
17864
17865
17866
17867
17868
17869
17870
17871
17872
17873
17874
17875
17876
17877
17878
17879
17880
17881
17882
17883
17884
17885
17886
17887
17888
17889
17890
17891
17892
17893
17894
17895
17896
17897
17898
17899
17900
17901
17902
17903
17904
17905
17906
17907
17908
17909
17910
17911
17912
17913
17914
17915
17916
17917
17918
17919
17920
17921
17922
17923
17924
17925
17926
17927
17928
17929
17930
17931
17932
17933
17934
17935
17936
17937
17938
17939
17940
17941
17942
17943
17944
17945
17946
17947
17948
17949
17950
17951
17952
17953
17954
17955
17956
17957
17958
17959
17960
17961
17962
17963
17964
17965
17966
17967
17968
17969
17970
17971
17972
17973
17974
17975
17976
17977
17978
17979
17980
17981
17982
17983
17984
17985
17986
17987
17988
17989
17990
17991
17992
17993
17994
17995
17996
17997
17998
17999
18000
18001
18002
18003
18004
18005
18006
18007
18008
18009
18010
18011
18012
18013
18014
18015
18016
18017
18018
18019
18020
18021
18022
18023
18024
18025
18026
18027
18028
18029
18030
18031
18032
18033
18034
18035
18036
18037
18038
18039
18040
18041
18042
18043
18044
18045
18046
18047
18048
18049
18050
18051
18052
18053
18054
18055
18056
18057
18058
18059
18060
18061
18062
18063
18064
18065
18066
18067
18068
18069
18070
18071
18072
18073
18074
18075
18076
18077
18078
18079
18080
18081
18082
18083
18084
18085
18086
18087
18088
18089
18090
18091
18092
18093
18094
18095
18096
18097
18098
18099
18100
18101
18102
18103
18104
18105
18106
18107
18108
18109
18110
18111
18112
18113
18114
18115
18116
18117
18118
18119
18120
18121
18122
18123
18124
18125
18126
18127
18128
18129
18130
18131
18132
18133
18134
18135
18136
18137
18138
18139
18140
18141
18142
18143
18144
18145
18146
18147
18148
18149
18150
18151
18152
18153
18154
18155
18156
18157
18158
18159
18160
18161
18162
18163
18164
18165
18166
18167
18168
18169
18170
18171
18172
18173
18174
18175
18176
18177
18178
18179
18180
18181
18182
18183
18184
18185
18186
18187
18188
18189
18190
18191
18192
18193
18194
18195
18196
18197
18198
18199
18200
18201
18202
18203
18204
18205
18206
18207
18208
18209
18210
18211
18212
18213
18214
18215
18216
18217
18218
18219
18220
18221
18222
18223
18224
18225
18226
18227
18228
18229
18230
18231
18232
18233
18234
18235
18236
18237
18238
18239
18240
18241
18242
18243
18244
18245
18246
18247
18248
18249
18250
18251
18252
18253
18254
18255
18256
18257
18258
18259
18260
18261
18262
18263
18264
18265
18266
18267
18268
18269
18270
18271
18272
18273
18274
18275
18276
18277
18278
18279
18280
18281
18282
18283
18284
18285
18286
18287
18288
18289
18290
18291
18292
18293
18294
18295
18296
18297
18298
18299
18300
18301
18302
18303
18304
18305
18306
18307
18308
18309
18310
18311
18312
18313
18314
18315
18316
18317
18318
18319
18320
18321
18322
18323
18324
18325
18326
18327
18328
18329
18330
18331
18332
18333
18334
18335
18336
18337
18338
18339
18340
18341
18342
18343
18344
18345
18346
18347
18348
18349
18350
18351
18352
18353
18354
18355
18356
18357
18358
18359
18360
18361
18362
18363
18364
18365
18366
18367
18368
18369
18370
18371
18372
18373
18374
18375
18376
18377
18378
18379
18380
18381
18382
18383
18384
18385
18386
18387
18388
18389
18390
18391
18392
18393
18394
18395
18396
18397
18398
18399
18400
18401
18402
18403
18404
18405
18406
18407
18408
18409
18410
18411
18412
18413
18414
18415
18416
18417
18418
18419
18420
18421
18422
18423
18424
18425
18426
18427
18428
18429
18430
18431
18432
18433
18434
18435
18436
18437
18438
18439
18440
18441
18442
18443
18444
18445
18446
18447
18448
18449
18450
18451
18452
18453
18454
18455
18456
18457
18458
18459
18460
18461
18462
18463
18464
18465
18466
18467
18468
18469
18470
18471
18472
18473
18474
18475
18476
18477
18478
18479
18480
18481
18482
18483
18484
18485
18486
18487
18488
18489
18490
18491
18492
18493
18494
18495
18496
18497
18498
18499
18500
18501
18502
18503
18504
18505
18506
18507
18508
18509
18510
18511
18512
18513
18514
18515
18516
18517
18518
18519
18520
18521
18522
18523
18524
18525
18526
18527
18528
18529
18530
18531
18532
18533
18534
18535
18536
18537
18538
18539
18540
18541
18542
18543
18544
18545
18546
18547
18548
18549
18550
18551
18552
18553
18554
18555
18556
18557
18558
18559
18560
18561
18562
18563
18564
18565
18566
18567
18568
18569
18570
18571
18572
18573
18574
18575
18576
18577
18578
18579
18580
18581
18582
18583
18584
18585
18586
18587
18588
18589
18590
18591
18592
18593
18594
18595
18596
18597
18598
18599
18600
18601
18602
18603
18604
18605
18606
18607
18608
18609
18610
18611
18612
18613
18614
18615
18616
18617
18618
18619
18620
18621
18622
18623
18624
18625
18626
18627
18628
18629
18630
18631
18632
18633
18634
18635
18636
18637
18638
18639
18640
18641
18642
18643
18644
18645
18646
18647
18648
18649
18650
18651
18652
18653
18654
18655
18656
18657
18658
18659
18660
18661
18662
18663
18664
18665
18666
18667
18668
18669
18670
18671
18672
18673
18674
18675
18676
18677
18678
18679
18680
18681
18682
18683
18684
18685
18686
18687
18688
18689
18690
18691
18692
18693
18694
18695
18696
18697
18698
18699
18700
18701
18702
18703
18704
18705
18706
18707
18708
18709
18710
18711
18712
18713
18714
18715
18716
18717
18718
18719
18720
18721
18722
18723
18724
18725
18726
18727
18728
18729
18730
18731
18732
18733
18734
18735
18736
18737
18738
18739
18740
18741
18742
18743
18744
18745
18746
18747
18748
18749
18750
18751
18752
18753
18754
18755
18756
18757
18758
18759
18760
18761
18762
18763
18764
18765
18766
18767
18768
18769
18770
18771
18772
18773
18774
18775
18776
18777
18778
18779
18780
18781
18782
18783
18784
18785
18786
18787
18788
18789
18790
18791
18792
18793
18794
18795
18796
18797
18798
18799
18800
18801
18802
18803
18804
18805
18806
18807
18808
18809
18810
18811
18812
18813
18814
18815
18816
18817
18818
18819
18820
18821
18822
18823
18824
18825
18826
18827
18828
18829
18830
18831
18832
18833
18834
18835
18836
18837
18838
18839
18840
18841
18842
18843
18844
18845
18846
18847
18848
18849
18850
18851
18852
18853
18854
18855
18856
18857
18858
18859
18860
18861
18862
18863
18864
18865
18866
18867
18868
18869
18870
18871
18872
18873
18874
18875
18876
18877
18878
18879
18880
18881
18882
18883
18884
18885
18886
18887
18888
18889
18890
18891
18892
18893
18894
18895
18896
18897
18898
18899
18900
18901
18902
18903
18904
18905
18906
18907
18908
18909
18910
18911
18912
18913
18914
18915
18916
18917
18918
18919
18920
18921
18922
18923
18924
18925
18926
18927
18928
18929
18930
18931
18932
18933
18934
18935
18936
18937
18938
18939
18940
18941
18942
18943
18944
18945
18946
18947
18948
18949
18950
18951
18952
18953
18954
18955
18956
18957
18958
18959
18960
18961
18962
18963
18964
18965
18966
18967
18968
18969
18970
18971
18972
18973
18974
18975
18976
18977
18978
18979
18980
18981
18982
18983
18984
18985
18986
18987
18988
18989
18990
18991
18992
18993
18994
18995
18996
18997
18998
18999
19000
19001
19002
19003
19004
19005
19006
19007
19008
19009
19010
19011
19012
19013
19014
19015
19016
19017
19018
19019
19020
19021
19022
19023
19024
19025
19026
19027
19028
19029
19030
19031
19032
19033
19034
19035
19036
19037
19038
19039
19040
19041
19042
19043
19044
19045
19046
19047
19048
19049
19050
19051
19052
19053
19054
19055
19056
19057
19058
19059
19060
19061
19062
19063
19064
19065
19066
19067
19068
19069
19070
19071
19072
19073
19074
19075
19076
19077
19078
19079
19080
19081
19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
19130
19131
19132
19133
19134
19135
19136
19137
19138
19139
19140
19141
19142
19143
19144
19145
19146
19147
19148
19149
19150
19151
19152
19153
19154
19155
19156
19157
19158
19159
19160
19161
19162
19163
19164
19165
19166
19167
19168
19169
19170
19171
19172
19173
19174
19175
19176
19177
19178
19179
19180
19181
19182
19183
19184
19185
19186
19187
19188
19189
19190
19191
19192
19193
19194
19195
19196
19197
19198
19199
19200
19201
19202
19203
19204
19205
19206
19207
19208
19209
19210
19211
19212
19213
19214
19215
19216
19217
19218
19219
19220
19221
19222
19223
19224
19225
19226
19227
19228
19229
19230
19231
19232
19233
19234
19235
19236
19237
19238
19239
19240
19241
19242
19243
19244
19245
19246
19247
19248
19249
19250
19251
19252
19253
19254
19255
19256
19257
19258
19259
19260
19261
19262
19263
19264
19265
19266
19267
19268
19269
19270
19271
19272
19273
19274
19275
19276
19277
19278
19279
19280
19281
19282
19283
19284
19285
19286
19287
19288
19289
19290
19291
19292
19293
19294
19295
19296
19297
19298
19299
19300
19301
19302
19303
19304
19305
19306
19307
19308
19309
19310
19311
19312
19313
19314
19315
19316
19317
19318
19319
19320
19321
19322
19323
19324
19325
19326
19327
19328
19329
19330
19331
19332
19333
19334
19335
19336
19337
19338
19339
19340
19341
19342
19343
19344
19345
19346
19347
19348
19349
19350
19351
19352
19353
19354
19355
19356
19357
19358
19359
19360
19361
19362
19363
19364
19365
19366
19367
19368
19369
19370
19371
19372
19373
19374
19375
19376
19377
19378
19379
19380
19381
19382
19383
19384
19385
19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
19484
19485
19486
19487
19488
19489
19490
19491
19492
19493
19494
19495
19496
19497
19498
19499
19500
19501
19502
19503
19504
19505
19506
19507
19508
19509
19510
19511
19512
19513
19514
19515
19516
19517
19518
19519
19520
19521
19522
19523
19524
19525
19526
19527
19528
19529
19530
19531
19532
19533
19534
19535
19536
19537
19538
19539
19540
19541
19542
19543
19544
19545
19546
19547
19548
19549
19550
19551
19552
19553
19554
19555
19556
19557
19558
19559
19560
19561
19562
19563
19564
19565
19566
19567
19568
19569
19570
19571
19572
19573
19574
19575
19576
19577
19578
19579
19580
19581
19582
19583
19584
19585
19586
19587
19588
19589
19590
19591
19592
19593
19594
19595
19596
19597
19598
19599
19600
19601
19602
19603
19604
19605
19606
19607
19608
19609
19610
19611
19612
19613
19614
19615
19616
19617
19618
19619
19620
19621
19622
19623
19624
19625
19626
19627
19628
19629
19630
19631
19632
19633
19634
19635
19636
19637
19638
19639
19640
19641
19642
19643
19644
19645
19646
19647
19648
19649
19650
19651
19652
19653
19654
19655
19656
19657
19658
19659
19660
19661
19662
19663
19664
19665
19666
19667
19668
19669
19670
19671
19672
19673
19674
19675
19676
19677
19678
19679
19680
19681
19682
19683
19684
19685
19686
19687
19688
19689
19690
19691
19692
19693
19694
19695
19696
19697
19698
19699
19700
19701
19702
19703
19704
19705
19706
19707
19708
19709
19710
19711
19712
19713
19714
19715
19716
19717
19718
19719
19720
19721
19722
19723
19724
19725
19726
19727
19728
19729
19730
19731
19732
19733
19734
19735
19736
19737
19738
19739
19740
19741
19742
19743
19744
19745
19746
19747
19748
19749
19750
19751
19752
19753
19754
19755
19756
19757
19758
19759
19760
19761
19762
19763
19764
19765
19766
19767
19768
19769
19770
19771
19772
19773
19774
19775
19776
19777
19778
19779
19780
19781
19782
19783
19784
19785
19786
19787
19788
19789
19790
19791
19792
19793
19794
19795
19796
19797
19798
19799
19800
19801
19802
19803
19804
19805
19806
19807
19808
19809
19810
19811
19812
19813
19814
19815
19816
19817
19818
19819
19820
19821
19822
19823
19824
19825
19826
19827
19828
19829
19830
19831
19832
19833
19834
19835
19836
19837
19838
19839
19840
19841
19842
19843
19844
19845
19846
19847
19848
19849
19850
19851
19852
19853
19854
19855
19856
19857
19858
19859
19860
19861
19862
19863
19864
19865
19866
19867
19868
19869
19870
19871
19872
19873
19874
19875
19876
19877
19878
19879
19880
19881
19882
19883
19884
19885
19886
19887
19888
19889
19890
19891
19892
19893
19894
19895
19896
19897
19898
19899
19900
19901
19902
19903
19904
19905
19906
19907
19908
19909
19910
19911
19912
19913
19914
19915
19916
19917
19918
19919
19920
19921
19922
19923
19924
19925
19926
19927
19928
19929
19930
19931
19932
19933
19934
19935
19936
19937
19938
19939
19940
19941
19942
19943
19944
19945
19946
19947
19948
19949
19950
19951
19952
19953
19954
19955
19956
19957
19958
19959
19960
19961
19962
19963
19964
19965
19966
19967
19968
19969
19970
19971
19972
19973
19974
19975
19976
19977
19978
19979
19980
19981
19982
19983
19984
19985
19986
19987
19988
19989
19990
19991
19992
19993
19994
19995
19996
19997
19998
19999
20000
20001
20002
20003
20004
20005
20006
20007
20008
20009
20010
20011
20012
20013
20014
20015
20016
20017
20018
20019
20020
20021
20022
20023
20024
20025
20026
20027
20028
20029
20030
20031
20032
20033
20034
20035
20036
20037
20038
20039
20040
20041
20042
20043
20044
20045
20046
20047
20048
20049
20050
20051
20052
20053
20054
20055
20056
20057
20058
20059
20060
20061
20062
20063
20064
20065
20066
20067
20068
20069
20070
20071
20072
20073
20074
20075
20076
20077
20078
20079
20080
20081
20082
20083
20084
20085
20086
20087
20088
20089
20090
20091
20092
20093
20094
20095
20096
20097
20098
20099
20100
20101
20102
20103
20104
20105
20106
20107
20108
20109
20110
20111
20112
20113
20114
20115
20116
20117
20118
20119
20120
20121
20122
20123
20124
20125
20126
20127
20128
20129
20130
20131
20132
20133
20134
20135
20136
20137
20138
20139
20140
20141
20142
20143
20144
20145
20146
20147
20148
20149
20150
20151
20152
20153
20154
20155
20156
20157
20158
20159
20160
20161
20162
20163
20164
20165
20166
20167
20168
20169
20170
20171
20172
20173
20174
20175
20176
20177
20178
20179
20180
20181
20182
20183
20184
20185
20186
20187
20188
20189
20190
20191
20192
20193
20194
20195
20196
20197
20198
20199
20200
20201
20202
20203
20204
20205
20206
20207
20208
20209
20210
20211
20212
20213
20214
20215
20216
20217
20218
20219
20220
20221
20222
20223
20224
20225
20226
20227
20228
20229
20230
20231
20232
20233
20234
20235
20236
20237
20238
20239
20240
20241
20242
20243
20244
20245
20246
20247
20248
20249
20250
20251
20252
20253
20254
20255
20256
20257
20258
20259
20260
20261
20262
20263
20264
20265
20266
20267
20268
20269
20270
20271
20272
20273
20274
20275
20276
20277
20278
20279
20280
20281
20282
20283
20284
20285
20286
20287
20288
20289
20290
20291
20292
20293
20294
20295
20296
20297
20298
20299
20300
20301
20302
20303
20304
20305
20306
20307
20308
20309
20310
20311
20312
20313
20314
20315
20316
20317
20318
20319
20320
20321
20322
20323
20324
20325
20326
20327
20328
20329
20330
20331
20332
20333
20334
20335
20336
20337
20338
20339
20340
20341
20342
20343
20344
20345
20346
20347
20348
20349
20350
20351
20352
20353
20354
20355
20356
20357
20358
20359
20360
20361
20362
20363
20364
20365
20366
20367
20368
20369
20370
20371
20372
20373
20374
20375
20376
20377
20378
20379
20380
20381
20382
20383
20384
20385
20386
20387
20388
20389
20390
20391
20392
20393
20394
20395
20396
20397
20398
20399
20400
20401
20402
20403
20404
20405
20406
20407
20408
20409
20410
20411
20412
20413
20414
20415
20416
20417
20418
20419
20420
20421
20422
20423
20424
20425
20426
20427
20428
20429
20430
20431
20432
20433
20434
20435
20436
20437
20438
20439
20440
20441
20442
20443
20444
20445
20446
20447
20448
20449
20450
20451
20452
20453
20454
20455
20456
20457
20458
20459
20460
20461
20462
20463
20464
20465
20466
20467
20468
20469
20470
20471
20472
20473
20474
20475
20476
20477
20478
20479
20480
20481
20482
20483
20484
20485
20486
20487
20488
20489
20490
20491
20492
20493
20494
20495
20496
20497
20498
20499
20500
20501
20502
20503
20504
20505
20506
20507
20508
20509
20510
20511
20512
20513
20514
20515
20516
20517
20518
20519
20520
20521
20522
20523
20524
20525
20526
20527
20528
20529
20530
20531
20532
20533
20534
20535
20536
20537
20538
20539
20540
20541
20542
20543
20544
20545
20546
20547
20548
20549
20550
20551
20552
20553
20554
20555
20556
20557
20558
20559
20560
20561
20562
20563
20564
20565
20566
20567
20568
20569
20570
20571
20572
20573
20574
20575
20576
20577
20578
20579
20580
20581
20582
20583
20584
20585
20586
20587
20588
20589
20590
20591
20592
20593
20594
20595
20596
20597
20598
20599
20600
20601
20602
20603
20604
20605
20606
20607
20608
20609
20610
20611
20612
20613
20614
20615
20616
20617
20618
20619
20620
20621
20622
20623
20624
20625
20626
20627
20628
20629
20630
20631
20632
20633
20634
20635
20636
20637
20638
20639
20640
20641
20642
20643
20644
20645
20646
20647
20648
20649
20650
20651
20652
20653
20654
20655
20656
20657
20658
20659
20660
20661
20662
20663
20664
20665
20666
20667
20668
20669
20670
20671
20672
20673
20674
20675
20676
20677
20678
20679
20680
20681
20682
20683
20684
20685
20686
20687
20688
20689
20690
20691
20692
20693
20694
20695
20696
20697
20698
20699
20700
20701
20702
20703
20704
20705
20706
20707
20708
20709
20710
20711
20712
20713
20714
20715
20716
20717
20718
20719
20720
20721
20722
20723
20724
20725
20726
20727
20728
20729
20730
20731
20732
20733
20734
20735
20736
20737
20738
20739
20740
20741
20742
20743
20744
20745
20746
20747
20748
20749
20750
20751
20752
20753
20754
20755
20756
20757
20758
20759
20760
20761
20762
20763
20764
20765
20766
20767
20768
20769
20770
20771
20772
20773
20774
20775
20776
20777
20778
20779
20780
20781
20782
20783
20784
20785
20786
20787
20788
20789
20790
20791
20792
20793
20794
20795
20796
20797
20798
20799
20800
20801
20802
20803
20804
20805
20806
20807
20808
20809
20810
20811
20812
20813
20814
20815
20816
20817
20818
20819
20820
20821
20822
20823
20824
20825
20826
20827
20828
20829
20830
20831
20832
20833
20834
20835
20836
20837
20838
20839
20840
20841
20842
20843
20844
20845
20846
20847
20848
20849
20850
20851
20852
20853
20854
20855
20856
20857
20858
20859
20860
20861
20862
20863
20864
20865
20866
20867
20868
20869
20870
20871
20872
20873
20874
20875
20876
20877
20878
20879
20880
20881
20882
20883
20884
20885
20886
20887
20888
20889
20890
20891
20892
20893
20894
20895
20896
20897
20898
20899
20900
20901
20902
20903
20904
20905
20906
20907
20908
20909
20910
20911
20912
20913
20914
20915
20916
20917
20918
20919
20920
20921
20922
20923
20924
20925
20926
20927
20928
20929
20930
20931
20932
20933
20934
20935
20936
20937
20938
20939
20940
20941
20942
20943
20944
20945
20946
20947
20948
20949
20950
20951
20952
20953
20954
20955
20956
20957
20958
20959
20960
20961
20962
20963
20964
20965
20966
20967
20968
20969
20970
20971
20972
20973
20974
20975
20976
20977
20978
20979
20980
20981
20982
20983
20984
20985
20986
20987
20988
20989
20990
20991
20992
20993
20994
20995
20996
20997
20998
20999
21000
21001
21002
21003
21004
21005
21006
21007
21008
21009
21010
21011
21012
21013
21014
21015
21016
21017
21018
21019
21020
21021
21022
21023
21024
21025
21026
21027
21028
21029
21030
21031
21032
21033
21034
21035
21036
21037
21038
21039
21040
21041
21042
21043
21044
21045
21046
21047
21048
21049
21050
21051
21052
21053
21054
21055
21056
21057
21058
21059
21060
21061
21062
21063
21064
21065
21066
21067
21068
21069
21070
21071
21072
21073
21074
21075
21076
21077
21078
21079
21080
21081
21082
21083
21084
21085
21086
21087
21088
21089
21090
21091
21092
21093
21094
21095
21096
21097
21098
21099
21100
21101
21102
21103
21104
21105
21106
21107
21108
21109
21110
21111
21112
21113
21114
21115
21116
21117
21118
21119
21120
21121
21122
21123
21124
21125
21126
21127
21128
21129
21130
21131
21132
21133
21134
21135
21136
21137
21138
21139
21140
21141
21142
21143
21144
21145
21146
21147
21148
21149
21150
21151
21152
21153
21154
21155
21156
21157
21158
21159
21160
21161
21162
21163
21164
21165
21166
21167
21168
21169
21170
21171
21172
21173
21174
21175
21176
21177
21178
21179
21180
21181
21182
21183
21184
21185
21186
21187
21188
21189
21190
21191
21192
21193
21194
21195
21196
21197
21198
21199
21200
21201
21202
21203
21204
21205
21206
21207
21208
21209
21210
21211
21212
21213
21214
21215
21216
21217
21218
21219
21220
21221
21222
21223
21224
21225
21226
21227
21228
21229
21230
21231
21232
21233
21234
21235
21236
21237
21238
21239
21240
21241
21242
21243
21244
21245
21246
21247
21248
21249
21250
21251
21252
21253
21254
21255
21256
21257
21258
21259
21260
21261
21262
21263
21264
21265
21266
21267
21268
21269
21270
21271
21272
21273
21274
21275
21276
21277
21278
21279
21280
21281
21282
21283
21284
21285
21286
21287
21288
21289
21290
21291
21292
21293
21294
21295
21296
21297
21298
21299
21300
21301
21302
21303
21304
21305
21306
21307
21308
21309
21310
21311
21312
21313
21314
21315
21316
21317
21318
21319
21320
21321
21322
21323
21324
21325
21326
21327
21328
21329
21330
21331
21332
21333
21334
21335
21336
21337
21338
21339
21340
21341
21342
21343
21344
21345
21346
21347
21348
21349
21350
21351
21352
21353
21354
21355
21356
21357
21358
21359
21360
21361
21362
21363
21364
21365
21366
21367
21368
21369
21370
21371
21372
21373
21374
21375
21376
21377
21378
21379
21380
21381
21382
21383
21384
21385
21386
21387
21388
21389
21390
21391
21392
21393
21394
21395
21396
21397
21398
21399
21400
21401
21402
21403
21404
21405
21406
21407
21408
21409
21410
21411
21412
21413
21414
21415
21416
21417
21418
21419
21420
21421
21422
21423
21424
21425
21426
21427
21428
21429
21430
21431
21432
21433
21434
21435
21436
21437
21438
21439
21440
21441
21442
21443
21444
21445
21446
21447
21448
21449
21450
21451
21452
21453
21454
21455
21456
21457
21458
21459
21460
21461
21462
21463
21464
21465
21466
21467
21468
21469
21470
21471
21472
21473
21474
21475
21476
21477
21478
21479
21480
21481
21482
21483
21484
21485
21486
21487
21488
21489
21490
21491
21492
21493
21494
21495
21496
21497
21498
21499
21500
21501
21502
21503
21504
21505
21506
21507
21508
21509
21510
21511
21512
21513
21514
21515
21516
21517
21518
21519
21520
21521
21522
21523
21524
21525
21526
21527
21528
21529
21530
21531
21532
21533
21534
21535
21536
21537
21538
21539
21540
21541
21542
21543
21544
21545
21546
21547
21548
21549
21550
21551
21552
21553
21554
21555
21556
21557
21558
21559
21560
21561
21562
21563
21564
21565
21566
21567
21568
21569
21570
21571
21572
21573
21574
21575
21576
21577
21578
21579
21580
21581
21582
21583
21584
21585
21586
21587
21588
21589
21590
21591
21592
21593
21594
21595
21596
21597
21598
21599
21600
21601
21602
21603
21604
21605
21606
21607
21608
21609
21610
21611
21612
21613
21614
21615
21616
21617
21618
21619
21620
21621
21622
21623
21624
21625
21626
21627
21628
21629
21630
21631
21632
21633
21634
21635
21636
21637
21638
21639
21640
21641
21642
21643
21644
21645
21646
21647
21648
21649
21650
21651
21652
21653
21654
21655
21656
21657
21658
21659
21660
21661
21662
21663
21664
21665
21666
21667
21668
21669
21670
21671
21672
21673
21674
21675
21676
21677
21678
21679
21680
21681
21682
21683
21684
21685
21686
21687
21688
21689
21690
21691
21692
21693
21694
21695
21696
21697
21698
21699
21700
21701
21702
21703
21704
21705
21706
21707
21708
21709
21710
21711
21712
21713
21714
21715
21716
21717
21718
21719
21720
21721
21722
21723
21724
21725
21726
21727
21728
21729
21730
21731
21732
21733
21734
21735
21736
21737
21738
21739
21740
21741
21742
21743
21744
21745
21746
21747
21748
21749
21750
21751
21752
21753
21754
21755
21756
21757
21758
21759
21760
21761
21762
21763
21764
21765
21766
21767
21768
21769
21770
21771
21772
21773
21774
21775
21776
21777
21778
21779
21780
21781
21782
21783
21784
21785
21786
21787
21788
21789
21790
21791
21792
21793
21794
21795
21796
21797
21798
21799
21800
21801
21802
21803
21804
21805
21806
21807
21808
21809
21810
21811
21812
21813
21814
21815
21816
21817
21818
21819
21820
21821
21822
21823
21824
21825
21826
21827
21828
21829
21830
21831
21832
21833
21834
21835
21836
21837
21838
21839
21840
21841
21842
21843
21844
21845
21846
21847
21848
21849
21850
21851
21852
21853
21854
21855
21856
21857
21858
21859
21860
21861
21862
21863
21864
21865
21866
21867
21868
21869
21870
21871
21872
21873
21874
21875
21876
21877
21878
21879
21880
21881
21882
21883
21884
21885
21886
21887
21888
21889
21890
21891
21892
21893
21894
21895
21896
21897
21898
21899
21900
21901
21902
21903
21904
21905
21906
21907
21908
21909
21910
21911
21912
21913
21914
21915
21916
21917
21918
21919
21920
21921
21922
21923
21924
21925
21926
21927
21928
21929
21930
21931
21932
21933
21934
21935
21936
21937
21938
21939
21940
21941
21942
21943
21944
21945
21946
21947
21948
21949
21950
21951
21952
21953
21954
21955
21956
21957
21958
21959
21960
21961
21962
21963
21964
21965
21966
21967
21968
21969
21970
21971
21972
21973
21974
21975
21976
21977
21978
21979
21980
21981
21982
21983
21984
21985
21986
21987
21988
21989
21990
21991
21992
21993
21994
21995
21996
21997
21998
21999
22000
22001
22002
22003
22004
22005
22006
22007
22008
22009
22010
22011
22012
22013
22014
22015
22016
22017
22018
22019
22020
22021
22022
22023
22024
22025
22026
22027
22028
22029
22030
22031
22032
22033
22034
22035
22036
22037
22038
22039
22040
22041
22042
22043
22044
22045
22046
22047
22048
22049
22050
22051
22052
22053
22054
22055
22056
22057
22058
22059
22060
22061
22062
22063
22064
22065
22066
22067
22068
22069
22070
22071
22072
22073
22074
22075
22076
22077
22078
22079
22080
22081
22082
22083
22084
22085
22086
22087
22088
22089
22090
22091
22092
22093
22094
22095
22096
22097
22098
22099
22100
22101
22102
22103
22104
22105
22106
22107
22108
22109
22110
22111
22112
22113
22114
22115
22116
22117
22118
22119
22120
22121
22122
22123
22124
22125
22126
22127
22128
22129
22130
22131
22132
22133
22134
22135
22136
22137
22138
22139
22140
22141
22142
22143
22144
22145
22146
22147
22148
22149
22150
22151
22152
22153
22154
22155
22156
22157
22158
22159
22160
22161
22162
22163
22164
22165
22166
22167
22168
22169
22170
22171
22172
22173
22174
22175
22176
22177
22178
22179
22180
22181
22182
22183
22184
22185
22186
22187
22188
22189
22190
22191
22192
22193
22194
22195
22196
22197
22198
22199
22200
22201
22202
22203
22204
22205
22206
22207
22208
22209
22210
22211
22212
22213
22214
22215
22216
22217
22218
22219
22220
22221
22222
22223
22224
22225
22226
22227
22228
22229
22230
22231
22232
22233
22234
22235
22236
22237
22238
22239
22240
22241
22242
22243
22244
22245
22246
22247
22248
22249
22250
22251
22252
22253
22254
22255
22256
22257
22258
22259
22260
22261
22262
22263
22264
22265
22266
22267
22268
22269
22270
22271
22272
22273
22274
22275
22276
22277
22278
22279
22280
22281
22282
22283
22284
22285
22286
22287
22288
22289
22290
22291
22292
22293
22294
22295
22296
22297
22298
22299
22300
22301
22302
22303
22304
22305
22306
22307
22308
22309
22310
22311
22312
22313
22314
22315
22316
22317
22318
22319
22320
22321
22322
22323
22324
22325
22326
22327
22328
22329
22330
22331
22332
22333
22334
22335
22336
22337
22338
22339
22340
22341
22342
22343
22344
22345
22346
22347
22348
22349
22350
22351
22352
22353
22354
22355
22356
22357
22358
22359
22360
22361
22362
22363
22364
22365
22366
22367
22368
22369
22370
22371
22372
22373
22374
22375
22376
22377
22378
22379
22380
22381
22382
22383
22384
22385
22386
22387
22388
22389
22390
22391
22392
22393
22394
22395
22396
22397
22398
22399
22400
22401
22402
22403
22404
22405
22406
22407
22408
22409
22410
22411
22412
22413
22414
22415
22416
22417
22418
22419
22420
22421
22422
22423
22424
22425
22426
22427
22428
22429
22430
22431
22432
22433
22434
22435
22436
22437
22438
22439
22440
22441
22442
22443
22444
22445
22446
22447
22448
22449
22450
22451
22452
22453
22454
22455
22456
22457
22458
22459
22460
22461
22462
22463
22464
22465
22466
22467
22468
22469
22470
22471
22472
22473
22474
22475
22476
22477
22478
22479
22480
22481
22482
22483
22484
22485
22486
22487
22488
22489
22490
22491
22492
22493
22494
22495
22496
22497
22498
22499
22500
22501
22502
22503
22504
22505
22506
22507
22508
22509
22510
22511
22512
22513
22514
22515
22516
22517
22518
22519
22520
22521
22522
22523
22524
22525
22526
22527
22528
22529
22530
22531
22532
22533
22534
22535
22536
22537
22538
22539
22540
22541
22542
22543
22544
22545
22546
22547
22548
22549
22550
22551
22552
22553
22554
22555
22556
22557
22558
22559
22560
22561
22562
22563
22564
22565
22566
22567
22568
22569
22570
22571
22572
22573
22574
22575
22576
22577
22578
22579
22580
22581
22582
22583
22584
22585
22586
22587
22588
22589
22590
22591
22592
22593
22594
22595
22596
22597
22598
22599
22600
22601
22602
22603
22604
22605
22606
22607
22608
22609
22610
22611
22612
22613
22614
22615
22616
22617
22618
22619
22620
22621
22622
22623
22624
22625
22626
22627
22628
22629
22630
22631
22632
22633
22634
22635
22636
22637
22638
22639
22640
22641
22642
22643
22644
22645
22646
22647
22648
22649
22650
22651
22652
22653
22654
22655
22656
22657
22658
22659
22660
22661
22662
22663
22664
22665
22666
22667
22668
22669
22670
22671
22672
22673
22674
22675
22676
22677
22678
22679
22680
22681
22682
22683
22684
22685
22686
22687
22688
22689
22690
22691
22692
22693
22694
22695
22696
22697
22698
22699
22700
22701
22702
22703
22704
22705
22706
22707
22708
22709
22710
22711
22712
22713
22714
22715
22716
22717
22718
22719
22720
22721
22722
22723
22724
22725
22726
22727
22728
22729
22730
22731
22732
22733
22734
22735
22736
22737
22738
22739
22740
22741
22742
22743
22744
22745
22746
22747
22748
22749
22750
22751
22752
22753
22754
22755
22756
22757
22758
22759
22760
22761
22762
22763
22764
22765
22766
22767
22768
22769
22770
22771
22772
22773
22774
22775
22776
22777
22778
22779
22780
22781
22782
22783
22784
22785
22786
22787
22788
22789
22790
22791
22792
22793
22794
22795
22796
22797
22798
22799
22800
22801
22802
22803
22804
22805
22806
22807
22808
22809
22810
22811
22812
22813
22814
22815
22816
22817
22818
22819
22820
22821
22822
22823
22824
22825
22826
22827
22828
22829
22830
22831
22832
22833
22834
22835
22836
22837
22838
22839
22840
22841
22842
22843
22844
22845
22846
22847
22848
22849
22850
22851
22852
22853
22854
22855
22856
22857
22858
22859
22860
22861
22862
22863
22864
22865
22866
22867
22868
22869
22870
22871
22872
22873
22874
22875
22876
22877
22878
22879
22880
22881
22882
22883
22884
22885
22886
22887
22888
22889
22890
22891
22892
22893
22894
22895
22896
22897
22898
22899
22900
22901
22902
22903
22904
22905
22906
22907
22908
22909
22910
22911
22912
22913
22914
22915
22916
22917
22918
22919
22920
22921
22922
22923
22924
22925
22926
22927
22928
22929
22930
22931
22932
22933
22934
22935
22936
22937
22938
22939
22940
22941
22942
22943
22944
22945
22946
22947
22948
22949
22950
22951
22952
22953
22954
22955
22956
22957
22958
22959
22960
22961
22962
22963
22964
22965
22966
22967
22968
22969
22970
22971
22972
22973
22974
22975
22976
22977
22978
22979
22980
22981
22982
22983
22984
22985
22986
22987
22988
22989
22990
22991
22992
22993
22994
22995
22996
22997
22998
22999
23000
23001
23002
23003
23004
23005
23006
23007
23008
23009
23010
23011
23012
23013
23014
23015
23016
23017
23018
23019
23020
23021
23022
23023
23024
23025
23026
23027
23028
23029
23030
23031
23032
23033
23034
23035
23036
23037
23038
23039
23040
23041
23042
23043
23044
23045
23046
23047
23048
23049
23050
23051
23052
23053
23054
23055
23056
23057
23058
23059
23060
23061
23062
23063
23064
23065
23066
23067
23068
23069
23070
23071
23072
23073
23074
23075
23076
23077
23078
23079
23080
23081
23082
23083
23084
23085
23086
23087
23088
23089
23090
23091
23092
23093
23094
23095
23096
23097
23098
23099
23100
23101
23102
23103
23104
23105
23106
23107
23108
23109
23110
23111
23112
23113
23114
23115
23116
23117
23118
23119
23120
23121
23122
23123
23124
23125
23126
23127
23128
23129
23130
23131
23132
23133
23134
23135
23136
23137
23138
23139
23140
23141
23142
23143
23144
23145
23146
23147
23148
23149
23150
23151
23152
23153
23154
23155
23156
23157
23158
23159
23160
23161
23162
23163
23164
23165
23166
23167
23168
23169
23170
23171
23172
23173
23174
23175
23176
23177
23178
23179
23180
23181
23182
23183
23184
23185
23186
23187
23188
23189
23190
23191
23192
23193
23194
23195
23196
23197
23198
23199
23200
23201
23202
23203
23204
23205
23206
23207
23208
23209
23210
23211
23212
23213
23214
23215
23216
23217
23218
23219
23220
23221
23222
23223
23224
23225
23226
23227
23228
23229
23230
23231
23232
23233
23234
23235
23236
23237
23238
23239
23240
23241
23242
23243
23244
23245
23246
23247
23248
23249
23250
23251
23252
23253
23254
23255
23256
23257
23258
23259
23260
23261
23262
23263
23264
23265
23266
23267
23268
23269
23270
23271
23272
23273
23274
23275
23276
23277
23278
23279
23280
23281
23282
23283
23284
23285
23286
23287
23288
23289
23290
23291
23292
23293
23294
23295
23296
23297
23298
23299
23300
23301
23302
23303
23304
23305
23306
23307
23308
23309
23310
23311
23312
23313
23314
23315
23316
23317
23318
23319
23320
23321
23322
23323
23324
23325
23326
23327
23328
23329
23330
23331
23332
23333
23334
23335
23336
23337
23338
23339
23340
23341
23342
23343
23344
23345
23346
23347
23348
23349
23350
23351
23352
23353
23354
23355
23356
23357
23358
23359
23360
23361
23362
23363
23364
23365
23366
23367
23368
23369
23370
23371
23372
23373
23374
23375
23376
23377
23378
23379
23380
23381
23382
23383
23384
23385
23386
23387
23388
23389
23390
23391
23392
23393
23394
23395
23396
23397
23398
23399
23400
23401
23402
23403
23404
23405
23406
23407
23408
23409
23410
23411
23412
23413
23414
23415
23416
23417
23418
23419
23420
23421
23422
23423
23424
23425
23426
23427
23428
23429
23430
23431
23432
23433
23434
23435
23436
23437
23438
23439
23440
23441
23442
23443
23444
23445
23446
23447
23448
23449
23450
23451
23452
23453
23454
23455
23456
23457
23458
23459
23460
23461
23462
23463
23464
23465
23466
23467
23468
23469
23470
23471
23472
23473
23474
23475
23476
23477
23478
23479
23480
23481
23482
23483
23484
23485
23486
23487
23488
23489
23490
23491
23492
23493
23494
23495
23496
23497
23498
23499
23500
23501
23502
23503
23504
23505
23506
23507
23508
23509
23510
23511
23512
23513
23514
23515
23516
23517
23518
23519
23520
23521
23522
23523
23524
23525
23526
23527
23528
23529
23530
23531
23532
23533
23534
23535
23536
23537
23538
23539
23540
23541
23542
23543
23544
23545
23546
23547
23548
23549
23550
23551
23552
23553
23554
23555
23556
23557
23558
23559
23560
23561
23562
23563
23564
23565
23566
23567
23568
23569
23570
23571
23572
23573
23574
23575
23576
23577
23578
23579
23580
23581
23582
23583
23584
23585
23586
23587
23588
23589
23590
23591
23592
23593
23594
23595
23596
23597
23598
23599
23600
23601
23602
23603
23604
23605
23606
23607
23608
23609
23610
23611
23612
23613
23614
23615
23616
23617
23618
23619
23620
23621
23622
23623
23624
23625
23626
23627
23628
23629
23630
23631
23632
23633
23634
23635
23636
23637
23638
23639
23640
23641
23642
23643
23644
23645
23646
23647
23648
23649
23650
23651
23652
23653
23654
23655
23656
23657
23658
23659
23660
23661
23662
23663
23664
23665
23666
23667
23668
23669
23670
23671
23672
23673
23674
23675
23676
23677
23678
23679
23680
23681
23682
23683
23684
23685
23686
23687
23688
23689
23690
23691
23692
23693
23694
23695
23696
23697
23698
23699
23700
23701
23702
23703
23704
23705
23706
23707
23708
23709
23710
23711
23712
23713
23714
23715
23716
23717
23718
23719
23720
23721
23722
23723
23724
23725
23726
23727
23728
23729
23730
23731
23732
23733
23734
23735
23736
23737
23738
23739
23740
23741
23742
23743
23744
23745
23746
23747
23748
23749
23750
23751
23752
23753
23754
23755
23756
23757
23758
23759
23760
23761
23762
23763
23764
23765
23766
23767
23768
23769
23770
23771
23772
23773
23774
23775
23776
23777
23778
23779
23780
23781
23782
23783
23784
23785
23786
23787
23788
23789
23790
23791
23792
23793
23794
23795
23796
23797
23798
23799
23800
23801
23802
23803
23804
23805
23806
23807
23808
23809
23810
23811
23812
23813
23814
23815
23816
23817
23818
23819
23820
23821
23822
23823
23824
23825
23826
23827
23828
23829
23830
23831
23832
23833
23834
23835
23836
23837
23838
23839
23840
23841
23842
23843
23844
23845
23846
23847
23848
23849
23850
23851
23852
23853
23854
23855
23856
23857
23858
23859
23860
23861
23862
23863
23864
23865
23866
23867
23868
23869
23870
23871
23872
23873
23874
23875
23876
23877
23878
23879
23880
23881
23882
23883
23884
23885
23886
23887
23888
23889
23890
23891
23892
23893
23894
23895
23896
23897
23898
23899
23900
23901
23902
23903
23904
23905
23906
23907
23908
23909
23910
23911
23912
23913
23914
23915
23916
23917
23918
23919
23920
23921
23922
23923
23924
23925
23926
23927
23928
23929
23930
23931
23932
23933
23934
23935
23936
23937
23938
23939
23940
23941
23942
23943
23944
23945
23946
23947
23948
23949
23950
23951
23952
23953
23954
23955
23956
23957
23958
23959
23960
23961
23962
23963
23964
23965
23966
23967
23968
23969
23970
23971
23972
23973
23974
23975
23976
23977
23978
23979
23980
23981
23982
23983
23984
23985
23986
23987
23988
23989
23990
23991
23992
23993
23994
23995
23996
23997
23998
23999
24000
24001
24002
24003
24004
24005
24006
24007
24008
24009
24010
24011
24012
24013
24014
24015
24016
24017
24018
24019
24020
24021
24022
24023
24024
24025
24026
24027
24028
24029
24030
24031
24032
24033
24034
24035
24036
24037
24038
24039
24040
24041
24042
24043
24044
24045
24046
24047
24048
24049
24050
24051
24052
24053
24054
24055
24056
24057
24058
24059
24060
24061
24062
24063
24064
24065
24066
24067
24068
24069
24070
24071
24072
24073
24074
24075
24076
24077
24078
24079
24080
24081
24082
24083
24084
24085
24086
24087
24088
24089
24090
24091
24092
24093
24094
24095
24096
24097
24098
24099
24100
24101
24102
24103
24104
24105
24106
24107
24108
24109
24110
24111
24112
24113
24114
24115
24116
24117
24118
24119
24120
24121
24122
24123
24124
24125
24126
24127
24128
24129
24130
24131
24132
24133
24134
24135
24136
24137
24138
24139
24140
24141
24142
24143
24144
24145
24146
24147
24148
24149
24150
24151
24152
24153
24154
24155
24156
24157
24158
24159
24160
24161
24162
24163
24164
24165
24166
24167
24168
24169
24170
24171
24172
24173
24174
24175
24176
24177
24178
24179
24180
24181
24182
24183
24184
24185
24186
24187
24188
24189
24190
24191
24192
24193
24194
24195
24196
24197
24198
24199
24200
24201
24202
24203
24204
24205
24206
24207
24208
24209
24210
24211
24212
24213
24214
24215
24216
24217
24218
24219
24220
24221
24222
24223
24224
24225
24226
24227
24228
24229
24230
24231
24232
24233
24234
24235
24236
24237
24238
24239
24240
24241
24242
24243
24244
24245
24246
24247
24248
24249
24250
24251
24252
24253
24254
24255
24256
24257
24258
24259
24260
24261
24262
24263
24264
24265
24266
24267
24268
24269
24270
24271
24272
24273
24274
24275
24276
24277
24278
24279
24280
24281
24282
24283
24284
24285
24286
24287
24288
24289
24290
24291
24292
24293
24294
24295
24296
24297
24298
24299
24300
24301
24302
24303
24304
24305
24306
24307
24308
24309
24310
24311
24312
24313
24314
24315
24316
24317
24318
24319
24320
24321
24322
24323
24324
24325
24326
24327
24328
24329
24330
24331
24332
24333
24334
24335
24336
24337
24338
24339
24340
24341
24342
24343
24344
24345
24346
24347
24348
24349
24350
24351
24352
24353
24354
24355
24356
24357
24358
24359
24360
24361
24362
24363
24364
24365
24366
24367
24368
24369
24370
24371
24372
24373
24374
24375
24376
24377
24378
24379
24380
24381
24382
24383
24384
24385
24386
24387
24388
24389
24390
24391
24392
24393
24394
24395
24396
24397
24398
24399
24400
24401
24402
24403
24404
24405
24406
24407
24408
24409
24410
24411
24412
24413
24414
24415
24416
24417
24418
24419
24420
24421
24422
24423
24424
24425
24426
24427
24428
24429
24430
24431
24432
24433
24434
24435
24436
24437
24438
24439
24440
24441
24442
24443
24444
24445
24446
24447
24448
24449
24450
24451
24452
24453
24454
24455
24456
24457
24458
24459
24460
24461
24462
24463
24464
24465
24466
24467
24468
24469
24470
24471
24472
24473
24474
24475
24476
24477
24478
24479
24480
24481
24482
24483
24484
24485
24486
24487
24488
24489
24490
24491
24492
24493
24494
24495
24496
24497
24498
24499
24500
24501
24502
24503
24504
24505
24506
24507
24508
24509
24510
24511
24512
24513
24514
24515
24516
24517
24518
24519
24520
24521
24522
24523
24524
24525
24526
24527
24528
24529
24530
24531
24532
24533
24534
24535
24536
24537
24538
24539
24540
24541
24542
24543
24544
24545
24546
24547
24548
24549
24550
24551
24552
24553
24554
24555
24556
24557
24558
24559
24560
24561
24562
24563
24564
24565
24566
24567
24568
24569
24570
24571
24572
24573
24574
24575
24576
24577
24578
24579
24580
24581
24582
24583
24584
24585
24586
24587
24588
24589
24590
24591
24592
24593
24594
24595
24596
24597
24598
24599
24600
24601
24602
24603
24604
24605
24606
24607
24608
24609
24610
24611
24612
24613
24614
24615
24616
24617
24618
24619
24620
24621
24622
24623
24624
24625
24626
24627
24628
24629
24630
24631
24632
24633
24634
24635
24636
24637
24638
24639
24640
24641
24642
24643
24644
24645
24646
24647
24648
24649
24650
24651
24652
24653
24654
24655
24656
24657
24658
24659
24660
24661
24662
24663
24664
24665
24666
24667
24668
24669
24670
24671
24672
24673
24674
24675
24676
24677
24678
24679
24680
24681
24682
24683
24684
24685
24686
24687
24688
24689
24690
24691
24692
24693
24694
24695
24696
24697
24698
24699
24700
24701
24702
24703
24704
24705
24706
24707
24708
24709
24710
24711
24712
24713
24714
24715
24716
24717
24718
24719
24720
24721
24722
24723
24724
24725
24726
24727
24728
24729
24730
24731
24732
24733
24734
24735
24736
24737
24738
24739
24740
24741
24742
24743
24744
24745
24746
24747
24748
24749
24750
24751
24752
24753
24754
24755
24756
24757
24758
24759
24760
24761
24762
24763
24764
24765
24766
24767
24768
24769
24770
24771
24772
24773
24774
24775
24776
24777
24778
24779
24780
24781
24782
24783
24784
24785
24786
24787
24788
24789
24790
24791
24792
24793
24794
24795
24796
24797
24798
24799
24800
24801
24802
24803
24804
24805
24806
24807
24808
24809
24810
24811
24812
24813
24814
24815
24816
24817
24818
24819
24820
24821
24822
24823
24824
24825
24826
24827
24828
24829
24830
24831
24832
24833
24834
24835
24836
24837
24838
24839
24840
24841
24842
24843
24844
24845
24846
24847
24848
24849
24850
24851
24852
24853
24854
24855
24856
24857
24858
24859
24860
24861
24862
24863
24864
24865
24866
24867
24868
24869
24870
24871
24872
24873
24874
24875
24876
24877
24878
24879
24880
24881
24882
24883
24884
24885
24886
24887
24888
24889
24890
24891
24892
24893
24894
24895
24896
24897
24898
24899
24900
24901
24902
24903
24904
24905
24906
24907
24908
24909
24910
24911
24912
24913
24914
24915
24916
24917
24918
24919
24920
24921
24922
24923
24924
24925
24926
24927
24928
24929
24930
24931
24932
24933
24934
24935
24936
24937
24938
24939
24940
24941
24942
24943
24944
24945
24946
24947
24948
24949
24950
24951
24952
24953
24954
24955
24956
24957
24958
24959
24960
24961
24962
24963
24964
24965
24966
24967
24968
24969
24970
24971
24972
24973
24974
24975
24976
24977
24978
24979
24980
24981
24982
24983
24984
24985
24986
24987
24988
24989
24990
24991
24992
24993
24994
24995
24996
24997
24998
24999
25000
25001
25002
25003
25004
25005
25006
25007
25008
25009
25010
25011
25012
25013
25014
25015
25016
25017
25018
25019
25020
25021
25022
25023
25024
25025
25026
25027
25028
25029
25030
25031
25032
25033
25034
25035
25036
25037
25038
25039
25040
25041
25042
25043
25044
25045
25046
25047
25048
25049
25050
25051
25052
25053
25054
25055
25056
25057
25058
25059
25060
25061
25062
25063
25064
25065
25066
25067
25068
25069
25070
25071
25072
25073
25074
25075
25076
25077
25078
25079
25080
25081
25082
25083
25084
25085
25086
25087
25088
25089
25090
25091
25092
25093
25094
25095
25096
25097
25098
25099
25100
25101
25102
25103
25104
25105
25106
25107
25108
25109
25110
25111
25112
25113
25114
25115
25116
25117
25118
25119
25120
25121
25122
25123
25124
25125
25126
25127
25128
25129
25130
25131
25132
25133
25134
25135
25136
25137
25138
25139
25140
25141
25142
25143
25144
25145
25146
25147
25148
25149
25150
25151
25152
25153
25154
25155
25156
25157
25158
25159
25160
25161
25162
25163
25164
25165
25166
25167
25168
25169
25170
25171
25172
25173
25174
25175
25176
25177
25178
25179
25180
25181
25182
25183
25184
25185
25186
25187
25188
25189
25190
25191
25192
25193
25194
25195
25196
25197
25198
25199
25200
25201
25202
25203
25204
25205
25206
25207
25208
25209
25210
25211
25212
25213
25214
25215
25216
25217
25218
25219
25220
25221
25222
25223
25224
25225
25226
25227
25228
25229
25230
25231
25232
25233
25234
25235
25236
25237
25238
25239
25240
25241
25242
25243
25244
25245
25246
25247
25248
25249
25250
25251
25252
25253
25254
25255
25256
25257
25258
25259
25260
25261
25262
25263
25264
25265
25266
25267
25268
25269
25270
25271
25272
25273
25274
25275
25276
25277
25278
25279
25280
25281
25282
25283
25284
25285
25286
25287
25288
25289
25290
25291
25292
25293
25294
25295
25296
25297
25298
25299
25300
25301
25302
25303
25304
25305
25306
25307
25308
25309
25310
25311
25312
25313
25314
25315
25316
25317
25318
25319
25320
25321
25322
25323
25324
25325
25326
25327
25328
25329
25330
25331
25332
25333
25334
25335
25336
25337
25338
25339
25340
25341
25342
25343
25344
25345
25346
25347
25348
25349
25350
25351
25352
25353
25354
25355
25356
25357
25358
25359
25360
25361
25362
25363
25364
25365
25366
25367
25368
25369
25370
25371
25372
25373
25374
25375
25376
25377
25378
25379
25380
25381
25382
25383
25384
25385
25386
25387
25388
25389
25390
25391
25392
25393
25394
25395
25396
25397
25398
25399
25400
25401
25402
25403
25404
25405
25406
25407
25408
25409
25410
25411
25412
25413
25414
25415
25416
25417
25418
25419
25420
25421
25422
25423
25424
25425
25426
25427
25428
25429
25430
25431
25432
25433
25434
25435
25436
25437
25438
25439
25440
25441
25442
25443
25444
25445
25446
25447
25448
25449
25450
25451
25452
25453
25454
25455
25456
25457
25458
25459
25460
25461
25462
25463
25464
25465
25466
25467
25468
25469
25470
25471
25472
25473
25474
25475
25476
25477
25478
25479
25480
25481
25482
25483
25484
25485
25486
25487
25488
25489
25490
25491
25492
25493
25494
25495
25496
25497
25498
25499
25500
25501
25502
25503
25504
25505
25506
25507
25508
25509
25510
25511
25512
25513
25514
25515
25516
25517
25518
25519
25520
25521
25522
25523
25524
25525
25526
25527
25528
25529
25530
25531
25532
25533
25534
25535
25536
25537
25538
25539
25540
25541
25542
25543
25544
25545
25546
25547
25548
25549
25550
25551
25552
25553
25554
25555
25556
25557
25558
25559
25560
25561
25562
25563
25564
25565
25566
25567
25568
25569
25570
25571
25572
25573
25574
25575
25576
25577
25578
25579
25580
25581
25582
25583
25584
25585
25586
25587
25588
25589
25590
25591
25592
25593
25594
25595
25596
25597
25598
25599
25600
25601
25602
25603
25604
25605
25606
25607
25608
25609
25610
25611
25612
25613
25614
25615
25616
25617
25618
25619
25620
25621
25622
25623
25624
25625
25626
25627
25628
25629
25630
25631
25632
25633
25634
25635
25636
25637
25638
25639
25640
25641
25642
25643
25644
25645
25646
25647
25648
25649
25650
25651
25652
25653
25654
25655
25656
25657
25658
25659
25660
25661
25662
25663
25664
25665
25666
25667
25668
25669
25670
25671
25672
25673
25674
25675
25676
25677
25678
25679
25680
25681
25682
25683
25684
25685
25686
25687
25688
25689
25690
25691
25692
25693
25694
25695
25696
25697
25698
25699
25700
25701
25702
25703
25704
25705
25706
25707
25708
25709
25710
25711
25712
25713
25714
25715
25716
25717
25718
25719
25720
25721
25722
25723
25724
25725
25726
25727
25728
25729
25730
25731
25732
25733
25734
25735
25736
25737
25738
25739
25740
25741
25742
25743
25744
25745
25746
25747
25748
25749
25750
25751
25752
25753
25754
25755
25756
25757
25758
25759
25760
25761
25762
25763
25764
25765
25766
25767
25768
25769
25770
25771
25772
25773
25774
25775
25776
25777
25778
25779
25780
25781
25782
25783
25784
25785
25786
25787
25788
25789
25790
25791
25792
25793
25794
25795
25796
25797
25798
25799
25800
25801
25802
25803
25804
25805
25806
25807
25808
25809
25810
25811
25812
25813
25814
25815
25816
25817
25818
25819
25820
25821
25822
25823
25824
25825
25826
25827
25828
25829
25830
25831
25832
25833
25834
25835
25836
25837
25838
25839
25840
25841
25842
25843
25844
25845
25846
25847
25848
25849
25850
25851
25852
25853
25854
25855
25856
25857
25858
25859
25860
25861
25862
25863
25864
25865
25866
25867
25868
25869
25870
25871
25872
25873
25874
25875
25876
25877
25878
25879
25880
25881
25882
25883
25884
25885
25886
25887
25888
25889
25890
25891
25892
25893
25894
25895
25896
25897
25898
25899
25900
25901
25902
25903
25904
25905
25906
25907
25908
25909
25910
25911
25912
25913
25914
25915
25916
25917
25918
25919
25920
25921
25922
25923
25924
25925
25926
25927
25928
25929
25930
25931
25932
25933
25934
25935
25936
25937
25938
25939
25940
25941
25942
25943
25944
25945
25946
25947
25948
25949
25950
25951
25952
25953
25954
25955
25956
25957
25958
25959
25960
25961
25962
25963
25964
25965
25966
25967
25968
25969
25970
25971
25972
25973
25974
25975
25976
25977
25978
25979
25980
25981
25982
25983
25984
25985
25986
25987
25988
25989
25990
25991
25992
25993
25994
25995
25996
25997
25998
25999
26000
26001
26002
26003
26004
26005
26006
26007
26008
26009
26010
26011
26012
26013
26014
26015
26016
26017
26018
26019
26020
26021
26022
26023
26024
26025
26026
26027
26028
26029
26030
26031
26032
26033
26034
26035
26036
26037
26038
26039
26040
26041
26042
26043
26044
26045
26046
26047
26048
26049
26050
26051
26052
26053
26054
26055
26056
26057
26058
26059
26060
26061
26062
26063
26064
26065
26066
26067
26068
26069
26070
26071
26072
26073
26074
26075
26076
26077
26078
26079
26080
26081
26082
26083
26084
26085
26086
26087
26088
26089
26090
26091
26092
26093
26094
26095
26096
26097
26098
26099
26100
26101
26102
26103
26104
26105
26106
26107
26108
26109
26110
26111
26112
26113
26114
26115
26116
26117
26118
26119
26120
26121
26122
26123
26124
26125
26126
26127
26128
26129
26130
26131
26132
26133
26134
26135
26136
26137
26138
26139
26140
26141
26142
26143
26144
26145
26146
26147
26148
26149
26150
26151
26152
26153
26154
26155
26156
26157
26158
26159
26160
26161
26162
26163
26164
26165
26166
26167
26168
26169
26170
26171
26172
26173
26174
26175
26176
26177
26178
26179
26180
26181
26182
26183
26184
26185
26186
26187
26188
26189
26190
26191
26192
26193
26194
26195
26196
26197
26198
26199
26200
26201
26202
26203
26204
26205
26206
26207
26208
26209
26210
26211
26212
26213
26214
26215
26216
26217
26218
26219
26220
26221
26222
26223
26224
26225
26226
26227
26228
26229
26230
26231
26232
26233
26234
26235
26236
26237
26238
26239
26240
26241
26242
26243
26244
26245
26246
26247
26248
26249
26250
26251
26252
26253
26254
26255
26256
26257
26258
26259
26260
26261
26262
26263
26264
26265
26266
26267
26268
26269
26270
26271
26272
26273
26274
26275
26276
26277
26278
26279
26280
26281
26282
26283
26284
26285
26286
26287
26288
26289
26290
26291
26292
26293
26294
26295
26296
26297
26298
26299
26300
26301
26302
26303
26304
26305
26306
26307
26308
26309
26310
26311
26312
26313
26314
26315
26316
26317
26318
26319
26320
26321
26322
26323
26324
26325
26326
26327
26328
26329
26330
26331
26332
26333
26334
26335
26336
26337
26338
26339
26340
26341
26342
26343
26344
26345
26346
26347
26348
26349
26350
26351
26352
26353
26354
26355
26356
26357
26358
26359
26360
26361
26362
26363
26364
26365
26366
26367
26368
26369
26370
26371
26372
26373
26374
26375
26376
26377
26378
26379
26380
26381
26382
26383
26384
26385
26386
26387
26388
26389
26390
26391
26392
26393
26394
26395
26396
26397
26398
26399
26400
26401
26402
26403
26404
26405
26406
26407
26408
26409
26410
26411
26412
26413
26414
26415
26416
26417
26418
26419
26420
26421
26422
26423
26424
26425
26426
26427
26428
26429
26430
26431
26432
26433
26434
26435
26436
26437
26438
26439
26440
26441
26442
26443
26444
26445
26446
26447
26448
26449
26450
26451
26452
26453
26454
26455
26456
26457
26458
26459
26460
26461
26462
26463
26464
26465
26466
26467
26468
26469
26470
26471
26472
26473
26474
26475
26476
26477
26478
26479
26480
26481
26482
26483
26484
26485
26486
26487
26488
26489
26490
26491
26492
26493
26494
26495
26496
26497
26498
26499
26500
26501
26502
26503
26504
26505
26506
26507
26508
26509
26510
26511
26512
26513
26514
26515
26516
26517
26518
26519
26520
26521
26522
26523
26524
26525
26526
26527
26528
26529
26530
26531
26532
26533
26534
26535
26536
26537
26538
26539
26540
26541
26542
26543
26544
26545
26546
26547
26548
26549
26550
26551
26552
26553
26554
26555
26556
26557
26558
26559
26560
26561
26562
26563
26564
26565
26566
26567
26568
26569
26570
26571
26572
26573
26574
26575
26576
26577
26578
26579
26580
26581
26582
26583
26584
26585
26586
26587
26588
26589
26590
26591
26592
26593
26594
26595
26596
26597
26598
26599
26600
26601
26602
26603
26604
26605
26606
26607
26608
26609
26610
26611
26612
26613
26614
26615
26616
26617
26618
26619
26620
26621
26622
26623
26624
26625
26626
26627
26628
26629
26630
26631
26632
26633
26634
26635
26636
26637
26638
26639
26640
26641
26642
26643
26644
26645
26646
26647
26648
26649
26650
26651
26652
26653
26654
26655
26656
26657
26658
26659
26660
26661
26662
26663
26664
26665
26666
26667
26668
26669
26670
26671
26672
26673
26674
26675
26676
26677
26678
26679
26680
26681
26682
26683
26684
26685
26686
26687
26688
26689
26690
26691
26692
26693
26694
26695
26696
26697
26698
26699
26700
26701
26702
26703
26704
26705
26706
26707
26708
26709
26710
26711
26712
26713
26714
26715
26716
26717
26718
26719
26720
26721
26722
26723
26724
26725
26726
26727
26728
26729
26730
26731
26732
26733
26734
26735
26736
26737
26738
26739
26740
26741
26742
26743
26744
26745
26746
26747
26748
26749
26750
26751
26752
26753
26754
26755
26756
26757
26758
26759
26760
26761
26762
26763
26764
26765
26766
26767
26768
26769
26770
26771
26772
26773
26774
26775
26776
26777
26778
26779
26780
26781
26782
26783
26784
26785
26786
26787
26788
26789
26790
26791
26792
26793
26794
26795
26796
26797
26798
26799
26800
26801
26802
26803
26804
26805
26806
26807
26808
26809
26810
26811
26812
26813
26814
26815
26816
26817
26818
26819
26820
26821
26822
26823
26824
26825
26826
26827
26828
26829
26830
26831
26832
26833
26834
26835
26836
26837
26838
26839
26840
26841
26842
26843
26844
26845
26846
26847
26848
26849
26850
26851
26852
26853
26854
26855
26856
26857
26858
26859
26860
26861
26862
26863
26864
26865
26866
26867
26868
26869
26870
26871
26872
26873
26874
26875
26876
26877
26878
26879
26880
26881
26882
26883
26884
26885
26886
26887
26888
26889
26890
26891
26892
26893
26894
26895
26896
26897
26898
26899
26900
26901
26902
26903
26904
26905
26906
26907
26908
26909
26910
26911
26912
26913
26914
26915
26916
26917
26918
26919
26920
26921
26922
26923
26924
26925
26926
26927
26928
26929
26930
26931
26932
26933
26934
26935
26936
26937
26938
26939
26940
26941
26942
26943
26944
26945
26946
26947
26948
26949
26950
26951
26952
26953
26954
26955
26956
26957
26958
26959
26960
26961
26962
26963
26964
26965
26966
26967
26968
26969
26970
26971
26972
26973
26974
26975
26976
26977
26978
26979
26980
26981
26982
26983
26984
26985
26986
26987
26988
26989
26990
26991
26992
26993
26994
26995
26996
26997
26998
26999
27000
27001
27002
27003
27004
27005
27006
27007
27008
27009
27010
27011
27012
27013
27014
27015
27016
27017
27018
27019
27020
27021
27022
27023
27024
27025
27026
27027
27028
27029
27030
27031
27032
27033
27034
27035
27036
27037
27038
27039
27040
27041
27042
27043
27044
27045
27046
27047
27048
27049
27050
27051
27052
27053
27054
27055
27056
27057
27058
27059
27060
27061
27062
27063
27064
27065
27066
27067
27068
27069
27070
27071
27072
27073
27074
27075
27076
27077
27078
27079
27080
27081
27082
27083
27084
27085
27086
27087
27088
27089
27090
27091
27092
27093
27094
27095
27096
27097
27098
27099
27100
27101
27102
27103
27104
27105
27106
27107
27108
27109
27110
27111
27112
27113
27114
27115
27116
27117
27118
27119
27120
27121
27122
27123
27124
27125
27126
27127
27128
27129
27130
27131
27132
27133
27134
27135
27136
27137
27138
27139
27140
27141
27142
27143
27144
27145
27146
27147
27148
27149
27150
27151
27152
27153
27154
27155
27156
27157
27158
27159
27160
27161
27162
27163
27164
27165
27166
27167
27168
27169
27170
27171
27172
27173
27174
27175
27176
27177
27178
27179
27180
27181
27182
27183
27184
27185
27186
27187
27188
27189
27190
27191
27192
27193
27194
27195
27196
27197
27198
27199
27200
27201
27202
27203
27204
27205
27206
27207
27208
27209
27210
27211
27212
27213
27214
27215
27216
27217
27218
27219
27220
27221
27222
27223
27224
27225
27226
27227
27228
27229
27230
27231
27232
27233
27234
27235
27236
27237
27238
27239
27240
27241
27242
27243
27244
27245
27246
27247
27248
27249
27250
27251
27252
27253
27254
27255
27256
27257
27258
27259
27260
27261
27262
27263
27264
27265
27266
27267
27268
27269
27270
27271
27272
27273
27274
27275
27276
27277
27278
27279
27280
27281
27282
27283
27284
27285
27286
27287
27288
27289
27290
27291
27292
27293
27294
27295
27296
27297
27298
27299
27300
27301
27302
27303
27304
27305
27306
27307
27308
27309
27310
27311
27312
27313
27314
27315
27316
27317
27318
27319
27320
27321
27322
27323
27324
27325
27326
27327
27328
27329
27330
27331
27332
27333
27334
27335
27336
27337
27338
27339
27340
27341
27342
27343
27344
27345
27346
27347
27348
27349
27350
27351
27352
27353
27354
27355
27356
27357
27358
27359
27360
27361
27362
27363
27364
27365
27366
27367
27368
27369
27370
27371
27372
27373
27374
27375
27376
27377
27378
27379
27380
27381
27382
27383
27384
27385
27386
27387
27388
27389
27390
27391
27392
27393
27394
27395
27396
27397
27398
27399
27400
27401
27402
27403
27404
27405
27406
27407
27408
27409
27410
27411
27412
27413
27414
27415
27416
27417
27418
27419
27420
27421
27422
27423
27424
27425
27426
27427
27428
27429
27430
27431
27432
27433
27434
27435
27436
27437
27438
27439
27440
27441
27442
27443
27444
27445
27446
27447
27448
27449
27450
27451
27452
27453
27454
27455
27456
27457
27458
27459
27460
27461
27462
27463
27464
27465
27466
27467
27468
27469
27470
27471
27472
27473
27474
27475
27476
27477
27478
27479
27480
27481
27482
27483
27484
27485
27486
27487
27488
27489
27490
27491
27492
27493
27494
27495
27496
27497
27498
27499
27500
27501
27502
27503
27504
27505
27506
27507
27508
27509
27510
27511
27512
27513
27514
27515
27516
27517
27518
27519
27520
27521
27522
27523
27524
27525
27526
27527
27528
27529
27530
27531
27532
27533
27534
27535
27536
27537
27538
27539
27540
27541
27542
27543
27544
27545
27546
27547
27548
27549
27550
27551
27552
27553
27554
27555
27556
27557
27558
27559
27560
27561
27562
27563
27564
27565
27566
27567
27568
27569
27570
27571
27572
27573
27574
27575
27576
27577
27578
27579
27580
27581
27582
27583
27584
27585
27586
27587
27588
27589
27590
27591
27592
27593
27594
27595
27596
27597
27598
27599
27600
27601
27602
27603
27604
27605
27606
27607
27608
27609
27610
27611
27612
27613
27614
27615
27616
27617
27618
27619
27620
27621
27622
27623
27624
27625
27626
27627
27628
27629
27630
27631
27632
27633
27634
27635
27636
27637
27638
27639
27640
27641
27642
27643
27644
27645
27646
27647
27648
27649
27650
27651
27652
27653
27654
27655
27656
27657
27658
27659
27660
27661
27662
27663
27664
27665
27666
27667
27668
27669
27670
27671
27672
27673
27674
27675
27676
27677
27678
27679
27680
27681
27682
27683
27684
27685
27686
27687
27688
27689
27690
27691
27692
27693
27694
27695
27696
27697
27698
27699
27700
27701
27702
27703
27704
27705
27706
27707
27708
27709
27710
27711
27712
27713
27714
27715
27716
27717
27718
27719
27720
27721
27722
27723
27724
27725
27726
27727
27728
27729
27730
27731
27732
27733
27734
27735
27736
27737
27738
27739
27740
27741
27742
27743
27744
27745
27746
27747
27748
27749
27750
27751
27752
27753
27754
27755
27756
27757
27758
27759
27760
27761
27762
27763
27764
27765
27766
27767
27768
27769
27770
27771
27772
27773
27774
27775
27776
27777
27778
27779
27780
27781
27782
27783
27784
27785
27786
27787
27788
27789
27790
27791
27792
27793
27794
27795
27796
27797
27798
27799
27800
27801
27802
27803
27804
27805
27806
27807
27808
27809
27810
27811
27812
27813
27814
27815
27816
27817
27818
27819
27820
27821
27822
27823
27824
27825
27826
27827
27828
27829
27830
27831
27832
27833
27834
27835
27836
27837
27838
27839
27840
27841
27842
27843
27844
27845
27846
27847
27848
27849
27850
27851
27852
27853
27854
27855
27856
27857
27858
27859
27860
27861
27862
27863
27864
27865
27866
27867
27868
27869
27870
27871
27872
27873
27874
27875
27876
27877
27878
27879
27880
27881
27882
27883
27884
27885
27886
27887
27888
27889
27890
27891
27892
27893
27894
27895
27896
27897
27898
27899
27900
27901
27902
27903
27904
27905
27906
27907
27908
27909
27910
27911
27912
27913
27914
27915
27916
27917
27918
27919
27920
27921
27922
27923
27924
27925
27926
27927
27928
27929
27930
27931
27932
27933
27934
27935
27936
27937
27938
27939
27940
27941
27942
27943
27944
27945
27946
27947
27948
27949
27950
27951
27952
27953
27954
27955
27956
27957
27958
27959
27960
27961
27962
27963
27964
27965
27966
27967
27968
27969
27970
27971
27972
27973
27974
27975
27976
27977
27978
27979
27980
27981
27982
27983
27984
27985
27986
27987
27988
27989
27990
27991
27992
27993
27994
27995
27996
27997
27998
27999
28000
28001
28002
28003
28004
28005
28006
28007
28008
28009
28010
28011
28012
28013
28014
28015
28016
28017
28018
28019
28020
28021
28022
28023
28024
28025
28026
28027
28028
28029
28030
28031
28032
28033
28034
28035
28036
28037
28038
28039
28040
28041
28042
28043
28044
28045
28046
28047
28048
28049
28050
28051
28052
28053
28054
28055
28056
28057
28058
28059
28060
28061
28062
28063
28064
28065
28066
28067
28068
28069
28070
28071
28072
28073
28074
28075
28076
28077
28078
28079
28080
28081
28082
28083
28084
28085
28086
28087
28088
28089
28090
28091
28092
28093
28094
28095
28096
28097
28098
28099
28100
28101
28102
28103
28104
28105
28106
28107
28108
28109
28110
28111
28112
28113
28114
28115
28116
28117
28118
28119
28120
28121
28122
28123
28124
28125
28126
28127
28128
28129
28130
28131
28132
28133
28134
28135
28136
28137
28138
28139
28140
28141
28142
28143
28144
28145
28146
28147
28148
28149
28150
28151
28152
28153
28154
28155
28156
28157
28158
28159
28160
28161
28162
28163
28164
28165
28166
28167
28168
28169
28170
28171
28172
28173
28174
28175
28176
28177
28178
28179
28180
28181
28182
28183
28184
28185
28186
28187
28188
28189
28190
28191
28192
28193
28194
28195
28196
28197
28198
28199
28200
28201
28202
28203
28204
28205
28206
28207
28208
28209
28210
28211
28212
28213
28214
28215
28216
28217
28218
28219
28220
28221
28222
28223
28224
28225
28226
28227
28228
28229
28230
28231
28232
28233
28234
28235
28236
28237
28238
28239
28240
28241
28242
28243
28244
28245
28246
28247
28248
28249
28250
28251
28252
28253
28254
28255
28256
28257
28258
28259
28260
28261
28262
28263
28264
28265
28266
28267
28268
28269
28270
28271
28272
28273
28274
28275
28276
28277
28278
28279
28280
28281
28282
28283
28284
28285
28286
28287
28288
28289
28290
28291
28292
28293
28294
28295
28296
28297
28298
28299
28300
28301
28302
28303
28304
28305
28306
28307
28308
28309
28310
28311
28312
28313
28314
28315
28316
28317
28318
28319
28320
28321
28322
28323
28324
28325
28326
28327
28328
28329
28330
28331
28332
28333
28334
28335
28336
28337
28338
28339
28340
28341
28342
28343
28344
28345
28346
28347
28348
28349
28350
28351
28352
28353
28354
28355
28356
28357
28358
28359
28360
28361
28362
28363
28364
28365
28366
28367
28368
28369
28370
28371
28372
28373
28374
28375
28376
28377
28378
28379
28380
28381
28382
28383
28384
28385
28386
28387
28388
28389
28390
28391
28392
28393
28394
28395
28396
28397
28398
28399
28400
28401
28402
28403
28404
28405
28406
28407
28408
28409
28410
28411
28412
28413
28414
28415
28416
28417
28418
28419
28420
28421
28422
28423
28424
28425
28426
28427
28428
28429
28430
28431
28432
28433
28434
28435
28436
28437
28438
28439
28440
28441
28442
28443
28444
28445
28446
28447
28448
28449
28450
28451
28452
28453
28454
28455
28456
28457
28458
28459
28460
28461
28462
28463
28464
28465
28466
28467
28468
28469
28470
28471
28472
28473
28474
28475
28476
28477
28478
28479
28480
28481
28482
28483
28484
28485
28486
28487
28488
28489
28490
28491
28492
28493
28494
28495
28496
28497
28498
28499
28500
28501
28502
28503
28504
28505
28506
28507
28508
28509
28510
28511
28512
28513
28514
28515
28516
28517
28518
28519
28520
28521
28522
28523
28524
28525
28526
28527
28528
28529
28530
28531
28532
28533
28534
28535
28536
28537
28538
28539
28540
28541
28542
28543
28544
28545
28546
28547
28548
28549
28550
28551
28552
28553
28554
28555
28556
28557
28558
28559
28560
28561
28562
28563
28564
28565
28566
28567
28568
28569
28570
28571
28572
28573
28574
28575
28576
28577
28578
28579
28580
28581
28582
28583
28584
28585
28586
28587
28588
28589
28590
28591
28592
28593
28594
28595
28596
28597
28598
28599
28600
28601
28602
28603
28604
28605
28606
28607
28608
28609
28610
28611
28612
28613
28614
28615
28616
28617
28618
28619
28620
28621
28622
28623
28624
28625
28626
28627
28628
28629
28630
28631
28632
28633
28634
28635
28636
28637
28638
28639
28640
28641
28642
28643
28644
28645
28646
28647
28648
28649
28650
28651
28652
28653
28654
28655
28656
28657
28658
28659
28660
28661
28662
28663
28664
28665
28666
28667
28668
28669
28670
28671
28672
28673
28674
28675
28676
28677
28678
28679
28680
28681
28682
28683
28684
28685
28686
28687
28688
28689
28690
28691
28692
28693
28694
28695
28696
28697
28698
28699
28700
28701
28702
28703
28704
28705
28706
28707
28708
28709
28710
28711
28712
28713
28714
28715
28716
28717
28718
28719
28720
28721
28722
28723
28724
28725
28726
28727
28728
28729
28730
28731
28732
28733
28734
28735
28736
28737
28738
28739
28740
28741
28742
28743
28744
28745
28746
28747
28748
28749
28750
28751
28752
28753
28754
28755
28756
28757
28758
28759
28760
28761
28762
28763
28764
28765
28766
28767
28768
28769
28770
28771
28772
28773
28774
28775
28776
28777
28778
28779
28780
28781
28782
28783
28784
28785
28786
28787
28788
28789
28790
28791
28792
28793
28794
28795
28796
28797
28798
28799
28800
28801
28802
28803
28804
28805
28806
28807
28808
28809
28810
28811
28812
28813
28814
28815
28816
28817
28818
28819
28820
28821
28822
28823
28824
28825
28826
28827
28828
28829
28830
28831
28832
28833
28834
28835
28836
28837
28838
28839
28840
28841
28842
28843
28844
28845
28846
28847
28848
28849
28850
28851
28852
28853
28854
28855
28856
28857
28858
28859
28860
28861
28862
28863
28864
28865
28866
28867
28868
28869
28870
28871
28872
28873
28874
28875
28876
28877
28878
28879
28880
28881
28882
28883
28884
28885
28886
28887
28888
28889
28890
28891
28892
28893
28894
28895
28896
28897
28898
28899
28900
28901
28902
28903
28904
28905
28906
28907
28908
28909
28910
28911
28912
28913
28914
28915
28916
28917
28918
28919
28920
28921
28922
28923
28924
28925
28926
28927
28928
28929
28930
28931
28932
28933
28934
28935
28936
28937
28938
28939
28940
28941
28942
28943
28944
28945
28946
28947
28948
28949
28950
28951
28952
28953
28954
28955
28956
28957
28958
28959
28960
28961
28962
28963
28964
28965
28966
28967
28968
28969
28970
28971
28972
28973
28974
28975
28976
28977
28978
28979
28980
28981
28982
28983
28984
28985
28986
28987
28988
28989
28990
28991
28992
28993
28994
28995
28996
28997
28998
28999
29000
29001
29002
29003
29004
29005
29006
29007
29008
29009
29010
29011
29012
29013
29014
29015
29016
29017
29018
29019
29020
29021
29022
29023
29024
29025
29026
29027
29028
29029
29030
29031
29032
29033
29034
29035
29036
29037
29038
29039
29040
29041
29042
29043
29044
29045
29046
29047
29048
29049
29050
29051
29052
29053
29054
29055
29056
29057
29058
29059
29060
29061
29062
29063
29064
29065
29066
29067
29068
29069
29070
29071
29072
29073
29074
29075
29076
29077
29078
29079
29080
29081
29082
29083
29084
29085
29086
29087
29088
29089
29090
29091
29092
29093
29094
29095
29096
29097
29098
29099
29100
29101
29102
29103
29104
29105
29106
29107
29108
29109
29110
29111
29112
29113
29114
29115
29116
29117
29118
29119
29120
29121
29122
29123
29124
29125
29126
29127
29128
29129
29130
29131
29132
29133
29134
29135
29136
29137
29138
29139
29140
29141
29142
29143
29144
29145
29146
29147
29148
29149
29150
29151
29152
29153
29154
29155
29156
29157
29158
29159
29160
29161
29162
29163
29164
29165
29166
29167
29168
29169
29170
29171
29172
29173
29174
29175
29176
29177
29178
29179
29180
29181
29182
29183
29184
29185
29186
29187
29188
29189
29190
29191
29192
29193
29194
29195
29196
29197
29198
29199
29200
29201
29202
29203
29204
29205
29206
29207
29208
29209
29210
29211
29212
29213
29214
29215
29216
29217
29218
29219
29220
29221
29222
29223
29224
29225
29226
29227
29228
29229
29230
29231
29232
29233
29234
29235
29236
29237
29238
29239
29240
29241
29242
29243
29244
29245
29246
29247
29248
29249
29250
29251
29252
29253
29254
29255
29256
29257
29258
29259
29260
29261
29262
29263
29264
29265
29266
29267
29268
29269
29270
29271
29272
29273
29274
29275
29276
29277
29278
29279
29280
29281
29282
29283
29284
29285
29286
29287
29288
29289
29290
29291
29292
29293
29294
29295
29296
29297
29298
29299
29300
29301
29302
29303
29304
29305
29306
29307
29308
29309
29310
29311
29312
29313
29314
29315
29316
29317
29318
29319
29320
29321
29322
29323
29324
29325
29326
29327
29328
29329
29330
29331
29332
29333
29334
29335
29336
29337
29338
29339
29340
29341
29342
29343
29344
29345
29346
29347
29348
29349
29350
29351
29352
29353
29354
29355
29356
29357
29358
29359
29360
29361
29362
29363
29364
29365
29366
29367
29368
29369
29370
29371
29372
29373
29374
29375
29376
29377
29378
29379
29380
29381
29382
29383
29384
29385
29386
29387
29388
29389
29390
29391
29392
29393
29394
29395
29396
29397
29398
29399
29400
29401
29402
29403
29404
29405
29406
29407
29408
29409
29410
29411
29412
29413
29414
29415
29416
29417
29418
29419
29420
29421
29422
29423
29424
29425
29426
29427
29428
29429
29430
29431
29432
29433
29434
29435
29436
29437
29438
29439
29440
29441
29442
29443
29444
29445
29446
29447
29448
29449
29450
29451
29452
29453
29454
29455
29456
29457
29458
29459
29460
29461
29462
29463
29464
29465
29466
29467
29468
29469
29470
29471
29472
29473
29474
29475
29476
29477
29478
29479
29480
29481
29482
29483
29484
29485
29486
29487
29488
29489
29490
29491
29492
29493
29494
29495
29496
29497
29498
29499
29500
29501
29502
29503
29504
29505
29506
29507
29508
29509
29510
29511
29512
29513
29514
29515
29516
29517
29518
29519
29520
29521
29522
29523
29524
29525
29526
29527
29528
29529
29530
29531
29532
29533
29534
29535
29536
29537
29538
29539
29540
29541
29542
29543
29544
29545
29546
29547
29548
29549
29550
29551
29552
29553
29554
29555
29556
29557
29558
29559
29560
29561
29562
29563
29564
29565
29566
29567
29568
29569
29570
29571
29572
29573
29574
29575
29576
29577
29578
29579
29580
29581
29582
29583
29584
29585
29586
29587
29588
29589
29590
29591
29592
29593
29594
29595
29596
29597
29598
29599
29600
29601
29602
29603
29604
29605
29606
29607
29608
29609
29610
29611
29612
29613
29614
29615
29616
29617
29618
29619
29620
29621
29622
29623
29624
29625
29626
29627
29628
29629
29630
29631
29632
29633
29634
29635
29636
29637
29638
29639
29640
29641
29642
29643
29644
29645
29646
29647
29648
29649
29650
29651
29652
29653
29654
29655
29656
29657
29658
29659
29660
29661
29662
29663
29664
29665
29666
29667
29668
29669
29670
29671
29672
29673
29674
29675
29676
29677
29678
29679
29680
29681
29682
29683
29684
29685
29686
29687
29688
29689
29690
29691
29692
29693
29694
29695
29696
29697
29698
29699
29700
29701
29702
29703
29704
29705
29706
29707
29708
29709
29710
29711
29712
29713
29714
29715
29716
29717
29718
29719
29720
29721
29722
29723
29724
29725
29726
29727
29728
29729
29730
29731
29732
29733
29734
29735
29736
29737
29738
29739
29740
29741
29742
29743
29744
29745
29746
29747
29748
29749
29750
29751
29752
29753
29754
29755
29756
29757
29758
29759
29760
29761
29762
29763
29764
29765
29766
29767
29768
29769
29770
29771
29772
29773
29774
29775
29776
29777
29778
29779
29780
29781
29782
29783
29784
29785
29786
29787
29788
29789
29790
29791
29792
29793
29794
29795
29796
29797
29798
29799
29800
29801
29802
29803
29804
29805
29806
29807
29808
29809
29810
29811
29812
29813
29814
29815
29816
29817
29818
29819
29820
29821
29822
29823
29824
29825
29826
29827
29828
29829
29830
29831
29832
29833
29834
29835
29836
29837
29838
29839
29840
29841
29842
29843
29844
29845
29846
29847
29848
29849
29850
29851
29852
29853
29854
29855
29856
29857
29858
29859
29860
29861
29862
29863
29864
29865
29866
29867
29868
29869
29870
29871
29872
29873
29874
29875
29876
29877
29878
29879
29880
29881
29882
29883
29884
29885
29886
29887
29888
29889
29890
29891
29892
29893
29894
29895
29896
29897
29898
29899
29900
29901
29902
29903
29904
29905
29906
29907
29908
29909
29910
29911
29912
29913
29914
29915
29916
29917
29918
29919
29920
29921
29922
29923
29924
29925
29926
29927
29928
29929
29930
29931
29932
29933
29934
29935
29936
29937
29938
29939
29940
29941
29942
29943
29944
29945
29946
29947
29948
29949
29950
29951
29952
29953
29954
29955
29956
29957
29958
29959
29960
29961
29962
29963
29964
29965
29966
29967
29968
29969
29970
29971
29972
29973
29974
29975
29976
29977
29978
29979
29980
29981
29982
29983
29984
29985
29986
29987
29988
29989
29990
29991
29992
29993
29994
29995
29996
29997
29998
29999
30000
30001
30002
30003
30004
30005
30006
30007
30008
30009
30010
30011
30012
30013
30014
30015
30016
30017
30018
30019
30020
30021
30022
30023
30024
30025
30026
30027
30028
30029
30030
30031
30032
30033
30034
30035
30036
30037
30038
30039
30040
30041
30042
30043
30044
30045
30046
30047
30048
30049
30050
30051
30052
30053
30054
30055
30056
30057
30058
30059
30060
30061
30062
30063
30064
30065
30066
30067
30068
30069
30070
30071
30072
30073
30074
30075
30076
30077
30078
30079
30080
30081
30082
30083
30084
30085
30086
30087
30088
30089
30090
30091
30092
30093
30094
30095
30096
30097
30098
30099
30100
30101
30102
30103
30104
30105
30106
30107
30108
30109
30110
30111
30112
30113
30114
30115
30116
30117
30118
30119
30120
30121
30122
30123
30124
30125
30126
30127
30128
30129
30130
30131
30132
30133
30134
30135
30136
30137
30138
30139
30140
30141
30142
30143
30144
30145
30146
30147
30148
30149
30150
30151
30152
30153
30154
30155
30156
30157
30158
30159
30160
30161
30162
30163
30164
30165
30166
30167
30168
30169
30170
30171
30172
30173
30174
30175
30176
30177
30178
30179
30180
30181
30182
30183
30184
30185
30186
30187
30188
30189
30190
30191
30192
30193
30194
30195
30196
30197
30198
30199
30200
30201
30202
30203
30204
30205
30206
30207
30208
30209
30210
30211
30212
30213
30214
30215
30216
30217
30218
30219
30220
30221
30222
30223
30224
30225
30226
30227
30228
30229
30230
30231
30232
30233
30234
30235
30236
30237
30238
30239
30240
30241
30242
30243
30244
30245
30246
30247
30248
30249
30250
30251
30252
30253
30254
30255
30256
30257
30258
30259
30260
30261
30262
30263
30264
30265
30266
30267
30268
30269
30270
30271
30272
30273
30274
30275
30276
30277
30278
30279
30280
30281
30282
30283
30284
30285
30286
30287
30288
30289
30290
30291
30292
30293
30294
30295
30296
30297
30298
30299
30300
30301
30302
30303
30304
30305
30306
30307
30308
30309
30310
30311
30312
30313
30314
30315
30316
30317
30318
30319
30320
30321
30322
30323
30324
30325
30326
30327
30328
30329
30330
30331
30332
30333
30334
30335
30336
30337
30338
30339
30340
30341
30342
30343
30344
30345
30346
30347
30348
30349
30350
30351
30352
30353
30354
30355
30356
30357
30358
30359
30360
30361
30362
30363
30364
30365
30366
30367
30368
30369
30370
30371
30372
30373
30374
30375
30376
30377
30378
30379
30380
30381
30382
30383
30384
30385
30386
30387
30388
30389
30390
30391
30392
30393
30394
30395
30396
30397
30398
30399
30400
30401
30402
30403
30404
30405
30406
30407
30408
30409
30410
30411
30412
30413
30414
30415
30416
30417
30418
30419
30420
30421
30422
30423
30424
30425
30426
30427
30428
30429
30430
30431
30432
30433
30434
30435
30436
30437
30438
30439
30440
30441
30442
30443
30444
30445
30446
30447
30448
30449
30450
30451
30452
30453
30454
30455
30456
30457
30458
30459
30460
30461
30462
30463
30464
30465
30466
30467
30468
30469
30470
30471
30472
30473
30474
30475
30476
30477
30478
30479
30480
30481
30482
30483
30484
30485
30486
30487
30488
30489
30490
30491
30492
30493
30494
30495
30496
30497
30498
30499
30500
30501
30502
30503
30504
30505
30506
30507
30508
30509
30510
30511
30512
30513
30514
30515
30516
30517
30518
30519
30520
30521
30522
30523
30524
30525
30526
30527
30528
30529
30530
30531
30532
30533
30534
30535
30536
30537
30538
30539
30540
30541
30542
30543
30544
30545
30546
30547
30548
30549
30550
30551
30552
30553
30554
30555
30556
30557
30558
30559
30560
30561
30562
30563
30564
30565
30566
30567
30568
30569
30570
30571
30572
30573
30574
30575
30576
30577
30578
30579
30580
30581
30582
30583
30584
30585
30586
30587
30588
30589
30590
30591
30592
30593
30594
30595
30596
30597
30598
30599
30600
30601
30602
30603
30604
30605
30606
30607
30608
30609
30610
30611
30612
30613
30614
30615
30616
30617
30618
30619
30620
30621
30622
30623
30624
30625
30626
30627
30628
30629
30630
30631
30632
30633
30634
30635
30636
30637
30638
30639
30640
30641
30642
30643
30644
30645
30646
30647
30648
30649
30650
30651
30652
30653
30654
30655
30656
30657
30658
30659
30660
30661
30662
30663
30664
30665
30666
30667
30668
30669
30670
30671
30672
30673
30674
30675
30676
30677
30678
30679
30680
30681
30682
30683
30684
30685
30686
30687
30688
30689
30690
30691
30692
30693
30694
30695
30696
30697
30698
30699
30700
30701
30702
30703
30704
30705
30706
30707
30708
30709
30710
30711
30712
30713
30714
30715
30716
30717
30718
30719
30720
30721
30722
30723
30724
30725
30726
30727
30728
30729
30730
30731
30732
30733
30734
30735
30736
30737
30738
30739
30740
30741
30742
30743
30744
30745
30746
30747
30748
30749
30750
30751
30752
30753
30754
30755
30756
30757
30758
30759
30760
30761
30762
30763
30764
30765
30766
30767
30768
30769
30770
30771
30772
30773
30774
30775
30776
30777
30778
30779
30780
30781
30782
30783
30784
30785
30786
30787
30788
30789
30790
30791
30792
30793
30794
30795
30796
30797
30798
30799
30800
30801
30802
30803
30804
30805
30806
30807
30808
30809
30810
30811
30812
30813
30814
30815
30816
30817
30818
30819
30820
30821
30822
30823
30824
30825
30826
30827
30828
30829
30830
30831
30832
30833
30834
30835
30836
30837
30838
30839
30840
30841
30842
30843
30844
30845
30846
30847
30848
30849
30850
30851
30852
30853
30854
30855
30856
30857
30858
30859
30860
30861
30862
30863
30864
30865
30866
30867
30868
30869
30870
30871
30872
30873
30874
30875
30876
30877
30878
30879
30880
30881
30882
30883
30884
30885
30886
30887
30888
30889
30890
30891
30892
30893
30894
30895
30896
30897
30898
30899
30900
30901
30902
30903
30904
30905
30906
30907
30908
30909
30910
30911
30912
30913
30914
30915
30916
30917
30918
30919
30920
30921
30922
30923
30924
30925
30926
30927
30928
30929
30930
30931
30932
30933
30934
30935
30936
30937
30938
30939
30940
30941
30942
30943
30944
30945
30946
30947
30948
30949
30950
30951
30952
30953
30954
30955
30956
30957
30958
30959
30960
30961
30962
30963
30964
30965
30966
30967
30968
30969
30970
30971
30972
30973
30974
30975
30976
30977
30978
30979
30980
30981
30982
30983
30984
30985
30986
30987
30988
30989
30990
30991
30992
30993
30994
30995
30996
30997
30998
30999
31000
31001
31002
31003
31004
31005
31006
31007
31008
31009
31010
31011
31012
31013
31014
31015
31016
31017
31018
31019
31020
31021
31022
31023
31024
31025
31026
31027
31028
31029
31030
31031
31032
31033
31034
31035
31036
31037
31038
31039
31040
31041
31042
31043
31044
31045
31046
31047
31048
31049
31050
31051
31052
31053
31054
31055
31056
31057
31058
31059
31060
31061
31062
31063
31064
31065
31066
31067
31068
31069
31070
31071
31072
31073
31074
31075
31076
31077
31078
31079
31080
31081
31082
31083
31084
31085
31086
31087
31088
31089
31090
31091
31092
31093
31094
31095
31096
31097
31098
31099
31100
31101
31102
31103
31104
31105
31106
31107
31108
31109
31110
31111
31112
31113
31114
31115
31116
31117
31118
31119
31120
31121
31122
31123
31124
31125
31126
31127
31128
31129
31130
31131
31132
31133
31134
31135
31136
31137
31138
31139
31140
31141
31142
31143
31144
31145
31146
31147
31148
31149
31150
31151
31152
31153
31154
31155
31156
31157
31158
31159
31160
31161
31162
31163
31164
31165
31166
31167
31168
31169
31170
31171
31172
31173
31174
31175
31176
31177
31178
31179
31180
31181
31182
31183
31184
31185
31186
31187
31188
31189
31190
31191
31192
31193
31194
31195
31196
31197
31198
31199
31200
31201
31202
31203
31204
31205
31206
31207
31208
31209
31210
31211
31212
31213
31214
31215
31216
31217
31218
31219
31220
31221
31222
31223
31224
31225
31226
31227
31228
31229
31230
31231
31232
31233
31234
31235
31236
31237
31238
31239
31240
31241
31242
31243
31244
31245
31246
31247
31248
31249
31250
31251
31252
31253
31254
31255
31256
31257
31258
31259
31260
31261
31262
31263
31264
31265
31266
31267
31268
31269
31270
31271
31272
31273
31274
31275
31276
31277
31278
31279
31280
31281
31282
31283
31284
31285
31286
31287
31288
31289
31290
31291
31292
31293
31294
31295
31296
31297
31298
31299
31300
31301
31302
31303
31304
31305
31306
31307
31308
31309
31310
31311
31312
31313
31314
31315
31316
31317
31318
31319
31320
31321
31322
31323
31324
31325
31326
31327
31328
31329
31330
31331
31332
31333
31334
31335
31336
31337
31338
31339
31340
31341
31342
31343
31344
31345
31346
31347
31348
31349
31350
31351
31352
31353
31354
31355
31356
31357
31358
31359
31360
31361
31362
31363
31364
31365
31366
31367
31368
31369
31370
31371
31372
31373
31374
31375
31376
31377
31378
31379
31380
31381
31382
31383
31384
31385
31386
31387
31388
31389
31390
31391
31392
31393
31394
31395
31396
31397
31398
31399
31400
31401
31402
31403
31404
31405
31406
31407
31408
31409
31410
31411
31412
31413
31414
31415
31416
31417
31418
31419
31420
31421
31422
31423
31424
31425
31426
31427
31428
31429
31430
31431
31432
31433
31434
31435
31436
31437
31438
31439
31440
31441
31442
31443
31444
31445
31446
31447
31448
31449
31450
31451
31452
31453
31454
31455
31456
31457
31458
31459
31460
31461
31462
31463
31464
31465
31466
31467
31468
31469
31470
31471
31472
31473
31474
31475
31476
31477
31478
31479
31480
31481
31482
31483
31484
31485
31486
31487
31488
31489
31490
31491
31492
31493
31494
31495
31496
31497
31498
31499
31500
31501
31502
31503
31504
31505
31506
31507
31508
31509
31510
31511
31512
31513
31514
31515
31516
31517
31518
31519
31520
31521
31522
31523
31524
31525
31526
31527
31528
31529
31530
31531
31532
31533
31534
31535
31536
31537
31538
31539
31540
31541
31542
31543
31544
31545
31546
31547
31548
31549
31550
31551
31552
31553
31554
31555
31556
31557
31558
31559
31560
31561
31562
31563
31564
31565
31566
31567
31568
31569
31570
31571
31572
31573
31574
31575
31576
31577
31578
31579
31580
31581
31582
31583
31584
31585
31586
31587
31588
31589
31590
31591
31592
31593
31594
31595
31596
31597
31598
31599
31600
31601
31602
31603
31604
31605
31606
31607
31608
31609
31610
31611
31612
31613
31614
31615
31616
31617
31618
31619
31620
31621
31622
31623
31624
31625
31626
31627
31628
31629
31630
31631
31632
31633
31634
31635
31636
31637
31638
31639
31640
31641
31642
31643
31644
31645
31646
31647
31648
31649
31650
31651
31652
31653
31654
31655
31656
31657
31658
31659
31660
31661
31662
31663
31664
31665
31666
31667
31668
31669
31670
31671
31672
31673
31674
31675
31676
31677
31678
31679
31680
31681
31682
31683
31684
31685
31686
31687
31688
31689
31690
31691
31692
31693
31694
31695
31696
31697
31698
31699
31700
31701
31702
31703
31704
31705
31706
31707
31708
31709
31710
31711
31712
31713
31714
31715
31716
31717
31718
31719
31720
31721
31722
31723
31724
31725
31726
31727
31728
31729
31730
31731
31732
31733
31734
31735
31736
31737
31738
31739
31740
31741
31742
31743
31744
31745
31746
31747
31748
31749
31750
31751
31752
31753
31754
31755
31756
31757
31758
31759
31760
31761
31762
31763
31764
31765
31766
31767
31768
31769
31770
31771
31772
31773
31774
31775
31776
31777
31778
31779
31780
31781
31782
31783
31784
31785
31786
31787
31788
31789
31790
31791
31792
31793
31794
31795
31796
31797
31798
31799
31800
31801
31802
31803
31804
31805
31806
31807
31808
31809
31810
31811
31812
31813
31814
31815
31816
31817
31818
31819
31820
31821
31822
31823
31824
31825
31826
31827
31828
31829
31830
31831
31832
31833
31834
31835
31836
31837
31838
31839
31840
31841
31842
31843
31844
31845
31846
31847
31848
31849
31850
31851
31852
31853
31854
31855
31856
31857
31858
31859
31860
31861
31862
31863
31864
31865
31866
31867
31868
31869
31870
31871
31872
31873
31874
31875
31876
31877
31878
31879
31880
31881
31882
31883
31884
31885
31886
31887
31888
31889
31890
31891
31892
31893
31894
31895
31896
31897
31898
31899
31900
31901
31902
31903
31904
31905
31906
31907
31908
31909
31910
31911
31912
31913
31914
31915
31916
31917
31918
31919
31920
31921
31922
31923
31924
31925
31926
31927
31928
31929
31930
31931
31932
31933
31934
31935
31936
31937
31938
31939
31940
31941
31942
31943
31944
31945
31946
31947
31948
31949
31950
31951
31952
31953
31954
31955
31956
31957
31958
31959
31960
31961
31962
31963
31964
31965
31966
31967
31968
31969
31970
31971
31972
31973
31974
31975
31976
31977
31978
31979
31980
31981
31982
31983
31984
31985
31986
31987
31988
31989
31990
31991
31992
31993
31994
31995
31996
31997
31998
31999
32000
32001
32002
32003
32004
32005
32006
32007
32008
32009
32010
32011
32012
32013
32014
32015
32016
32017
32018
32019
32020
32021
32022
32023
32024
32025
32026
32027
32028
32029
32030
32031
32032
32033
32034
32035
32036
32037
32038
32039
32040
32041
32042
32043
32044
32045
32046
32047
32048
32049
32050
32051
32052
32053
32054
32055
32056
32057
32058
32059
32060
32061
32062
32063
32064
32065
32066
32067
32068
32069
32070
32071
32072
32073
32074
32075
32076
32077
32078
32079
32080
32081
32082
32083
32084
32085
32086
32087
32088
32089
32090
32091
32092
32093
32094
32095
32096
32097
32098
32099
32100
32101
32102
32103
32104
32105
32106
32107
32108
32109
32110
32111
32112
32113
32114
32115
32116
32117
32118
32119
32120
32121
32122
32123
32124
32125
32126
32127
32128
32129
32130
32131
32132
32133
32134
32135
32136
32137
32138
32139
32140
32141
32142
32143
32144
32145
32146
32147
32148
32149
32150
32151
32152
32153
32154
32155
32156
32157
32158
32159
32160
32161
32162
32163
32164
32165
32166
32167
32168
32169
32170
32171
32172
32173
32174
32175
32176
32177
32178
32179
32180
32181
32182
32183
32184
32185
32186
32187
32188
32189
32190
32191
32192
32193
32194
32195
32196
32197
32198
32199
32200
32201
32202
32203
32204
32205
32206
32207
32208
32209
32210
32211
32212
32213
32214
32215
32216
32217
32218
32219
32220
32221
32222
32223
32224
32225
32226
32227
32228
32229
32230
32231
32232
32233
32234
32235
32236
32237
32238
32239
32240
32241
32242
32243
32244
32245
32246
32247
32248
32249
32250
32251
32252
32253
32254
32255
32256
32257
32258
32259
32260
32261
32262
32263
32264
32265
32266
32267
32268
32269
32270
32271
32272
32273
32274
32275
32276
32277
32278
32279
32280
32281
32282
32283
32284
32285
32286
32287
32288
32289
32290
32291
32292
32293
32294
32295
32296
32297
32298
32299
32300
32301
32302
32303
32304
32305
32306
32307
32308
32309
32310
32311
32312
32313
32314
32315
32316
32317
32318
32319
32320
32321
32322
32323
32324
32325
32326
32327
32328
32329
32330
32331
32332
32333
32334
32335
32336
32337
32338
32339
32340
32341
32342
32343
32344
32345
32346
32347
32348
32349
32350
32351
32352
32353
32354
32355
32356
32357
32358
32359
32360
32361
32362
32363
32364
32365
32366
32367
32368
32369
32370
32371
32372
32373
32374
32375
32376
32377
32378
32379
32380
32381
32382
32383
32384
32385
32386
32387
32388
32389
32390
32391
32392
32393
32394
32395
32396
32397
32398
32399
32400
32401
32402
32403
32404
32405
32406
32407
32408
32409
32410
32411
32412
32413
32414
32415
32416
32417
32418
32419
32420
32421
32422
32423
32424
32425
32426
32427
32428
32429
32430
32431
32432
32433
32434
32435
32436
32437
32438
32439
32440
32441
32442
32443
32444
32445
32446
32447
32448
32449
32450
32451
32452
32453
32454
32455
32456
32457
32458
32459
32460
32461
32462
32463
32464
32465
32466
32467
32468
32469
32470
32471
32472
32473
32474
32475
32476
32477
32478
32479
32480
32481
32482
32483
32484
32485
32486
32487
32488
32489
32490
32491
32492
32493
32494
32495
32496
32497
32498
32499
32500
32501
32502
32503
32504
32505
32506
32507
32508
32509
32510
32511
32512
32513
32514
32515
32516
32517
32518
32519
32520
32521
32522
32523
32524
32525
32526
32527
32528
32529
32530
32531
32532
32533
32534
32535
32536
32537
32538
32539
32540
32541
32542
32543
32544
32545
32546
32547
32548
32549
32550
32551
32552
32553
32554
32555
32556
32557
32558
32559
32560
32561
32562
32563
32564
32565
32566
32567
32568
32569
32570
32571
32572
32573
32574
32575
32576
32577
32578
32579
32580
32581
32582
32583
32584
32585
32586
32587
32588
32589
32590
32591
32592
32593
32594
32595
32596
32597
32598
32599
32600
32601
32602
32603
32604
32605
32606
32607
32608
32609
32610
32611
32612
32613
32614
32615
32616
32617
32618
32619
32620
32621
32622
32623
32624
32625
32626
32627
32628
32629
32630
32631
32632
32633
32634
32635
32636
32637
32638
32639
32640
32641
32642
32643
32644
32645
32646
32647
32648
32649
32650
32651
32652
32653
32654
32655
32656
32657
32658
32659
32660
32661
32662
32663
32664
32665
32666
32667
32668
32669
32670
32671
32672
32673
32674
32675
32676
32677
32678
32679
32680
32681
32682
32683
32684
32685
32686
32687
32688
32689
32690
32691
32692
32693
32694
32695
32696
32697
32698
32699
32700
32701
32702
32703
32704
32705
32706
32707
32708
32709
32710
32711
32712
32713
32714
32715
32716
32717
32718
32719
32720
32721
32722
32723
32724
32725
32726
32727
32728
32729
32730
32731
32732
32733
32734
32735
32736
32737
32738
32739
32740
32741
32742
32743
32744
32745
32746
32747
32748
32749
32750
32751
32752
32753
32754
32755
32756
32757
32758
32759
32760
32761
32762
32763
32764
32765
32766
32767
32768
32769
32770
32771
32772
32773
32774
32775
32776
32777
32778
32779
32780
32781
32782
32783
32784
32785
32786
32787
32788
32789
32790
32791
32792
32793
32794
32795
32796
32797
32798
32799
32800
32801
32802
32803
32804
32805
32806
32807
32808
32809
32810
32811
32812
32813
32814
32815
32816
32817
32818
32819
32820
32821
32822
32823
32824
32825
32826
32827
32828
32829
32830
32831
32832
32833
32834
32835
32836
32837
32838
32839
32840
32841
32842
32843
32844
32845
32846
32847
32848
32849
32850
32851
32852
32853
32854
32855
32856
32857
32858
32859
32860
32861
32862
32863
32864
32865
32866
32867
32868
32869
32870
32871
32872
32873
32874
32875
32876
32877
32878
32879
32880
32881
32882
32883
32884
32885
32886
32887
32888
32889
32890
32891
32892
32893
32894
32895
32896
32897
32898
32899
32900
32901
32902
32903
32904
32905
32906
32907
32908
32909
32910
32911
32912
32913
32914
32915
32916
32917
32918
32919
32920
32921
32922
32923
32924
32925
32926
32927
32928
32929
32930
32931
32932
32933
32934
32935
32936
32937
32938
32939
32940
32941
32942
32943
32944
32945
32946
32947
32948
32949
32950
32951
32952
32953
32954
32955
32956
32957
32958
32959
32960
32961
32962
32963
32964
32965
32966
32967
32968
32969
32970
32971
32972
32973
32974
32975
32976
32977
32978
32979
32980
32981
32982
32983
32984
32985
32986
32987
32988
32989
32990
32991
32992
32993
32994
32995
32996
32997
32998
32999
33000
33001
33002
33003
33004
33005
33006
33007
33008
33009
33010
33011
33012
33013
33014
33015
33016
33017
33018
33019
33020
33021
33022
33023
33024
33025
33026
33027
33028
33029
33030
33031
33032
33033
33034
33035
33036
33037
33038
33039
33040
33041
33042
33043
33044
33045
33046
33047
33048
33049
33050
33051
33052
33053
33054
33055
33056
33057
33058
33059
33060
33061
33062
33063
33064
33065
33066
33067
33068
33069
33070
33071
33072
33073
33074
33075
33076
33077
33078
33079
33080
33081
33082
33083
33084
33085
33086
33087
33088
33089
33090
33091
33092
33093
33094
33095
33096
33097
33098
33099
33100
33101
33102
33103
33104
33105
33106
33107
33108
33109
33110
33111
33112
33113
33114
33115
33116
33117
33118
33119
33120
33121
33122
33123
33124
33125
33126
33127
33128
33129
33130
33131
33132
33133
33134
33135
33136
33137
33138
33139
33140
33141
33142
33143
33144
33145
33146
33147
33148
33149
33150
33151
33152
33153
33154
33155
33156
33157
33158
33159
33160
33161
33162
33163
33164
33165
33166
33167
33168
33169
33170
33171
33172
33173
33174
33175
33176
33177
33178
33179
33180
33181
33182
33183
33184
33185
33186
33187
33188
33189
33190
33191
33192
33193
33194
33195
33196
33197
33198
33199
33200
33201
33202
33203
33204
33205
33206
33207
33208
33209
33210
33211
33212
33213
33214
33215
33216
33217
33218
33219
33220
33221
33222
33223
33224
33225
33226
33227
33228
33229
33230
33231
33232
33233
33234
33235
33236
33237
33238
33239
33240
33241
33242
33243
33244
33245
33246
33247
33248
33249
33250
33251
33252
33253
33254
33255
33256
33257
33258
33259
33260
33261
33262
33263
33264
33265
33266
33267
33268
33269
33270
33271
33272
33273
33274
33275
33276
33277
33278
33279
33280
33281
33282
33283
33284
33285
33286
33287
33288
33289
33290
33291
33292
33293
33294
33295
33296
33297
33298
33299
33300
33301
33302
33303
33304
33305
33306
33307
33308
33309
33310
33311
33312
33313
33314
33315
33316
33317
33318
33319
33320
33321
33322
33323
33324
33325
33326
33327
33328
33329
33330
33331
33332
33333
33334
33335
33336
33337
33338
33339
33340
33341
33342
33343
33344
33345
33346
33347
33348
33349
33350
33351
33352
33353
33354
33355
33356
33357
33358
33359
33360
33361
33362
33363
33364
33365
33366
33367
33368
33369
33370
33371
33372
33373
33374
33375
33376
33377
33378
33379
33380
33381
33382
33383
33384
33385
33386
33387
33388
33389
33390
33391
33392
33393
33394
33395
33396
33397
33398
33399
33400
33401
33402
33403
33404
33405
33406
33407
33408
33409
33410
33411
33412
33413
33414
33415
33416
33417
33418
33419
33420
33421
33422
33423
33424
33425
33426
33427
33428
33429
33430
33431
33432
33433
33434
33435
33436
33437
33438
33439
33440
33441
33442
33443
33444
33445
33446
33447
33448
33449
33450
33451
33452
33453
33454
33455
33456
33457
33458
33459
33460
33461
33462
33463
33464
33465
33466
33467
33468
33469
33470
33471
33472
33473
33474
33475
33476
33477
33478
33479
33480
33481
33482
33483
33484
33485
33486
33487
33488
33489
33490
33491
33492
33493
33494
33495
33496
33497
33498
33499
33500
33501
33502
33503
33504
33505
33506
33507
33508
33509
33510
33511
33512
33513
33514
33515
33516
33517
33518
33519
33520
33521
33522
33523
33524
33525
33526
33527
33528
33529
33530
33531
33532
33533
33534
33535
33536
33537
33538
33539
33540
33541
33542
33543
33544
33545
33546
33547
33548
33549
33550
33551
33552
33553
33554
33555
33556
33557
33558
33559
33560
33561
33562
33563
33564
33565
33566
33567
33568
33569
33570
33571
33572
33573
33574
33575
33576
33577
33578
33579
33580
33581
33582
33583
33584
33585
33586
33587
33588
33589
33590
33591
33592
33593
33594
33595
33596
33597
33598
33599
33600
33601
33602
33603
33604
33605
33606
33607
33608
33609
33610
33611
33612
33613
33614
33615
33616
33617
33618
33619
33620
33621
33622
33623
33624
33625
33626
33627
33628
33629
33630
33631
33632
33633
33634
33635
33636
33637
33638
33639
33640
33641
33642
33643
33644
33645
33646
33647
33648
33649
33650
33651
33652
33653
33654
33655
33656
33657
33658
33659
33660
33661
33662
33663
33664
33665
33666
33667
33668
33669
33670
33671
33672
33673
33674
33675
33676
33677
33678
33679
33680
33681
33682
33683
33684
33685
33686
33687
33688
33689
33690
33691
33692
33693
33694
33695
33696
33697
33698
33699
33700
33701
33702
33703
33704
33705
33706
33707
33708
33709
33710
33711
33712
33713
33714
33715
33716
33717
33718
33719
33720
33721
33722
33723
33724
33725
33726
33727
33728
33729
33730
33731
33732
33733
33734
33735
33736
33737
33738
33739
33740
33741
33742
33743
33744
33745
33746
33747
33748
33749
33750
33751
33752
33753
33754
33755
33756
33757
33758
33759
33760
33761
33762
33763
33764
33765
33766
33767
33768
33769
33770
33771
33772
33773
33774
33775
33776
33777
33778
33779
33780
33781
33782
33783
33784
33785
33786
33787
33788
33789
33790
33791
33792
33793
33794
33795
33796
33797
33798
33799
33800
33801
33802
33803
33804
33805
33806
33807
33808
33809
33810
33811
33812
33813
33814
33815
33816
33817
33818
33819
33820
33821
33822
33823
33824
33825
33826
33827
33828
33829
33830
33831
33832
33833
33834
33835
33836
33837
33838
33839
33840
33841
33842
33843
33844
33845
33846
33847
33848
33849
33850
33851
33852
33853
33854
33855
33856
33857
33858
33859
33860
33861
33862
33863
33864
33865
33866
33867
33868
33869
33870
33871
33872
33873
33874
33875
33876
33877
33878
33879
33880
33881
33882
33883
33884
33885
33886
33887
33888
33889
33890
33891
33892
33893
33894
33895
33896
33897
33898
33899
33900
33901
33902
33903
33904
33905
33906
33907
33908
33909
33910
33911
33912
33913
33914
33915
33916
33917
33918
33919
33920
33921
33922
33923
33924
33925
33926
33927
33928
33929
33930
33931
33932
33933
33934
33935
33936
33937
33938
33939
33940
33941
33942
33943
33944
33945
33946
33947
33948
33949
33950
33951
33952
33953
33954
33955
33956
33957
33958
33959
33960
33961
33962
33963
33964
33965
33966
33967
33968
33969
33970
33971
33972
33973
33974
33975
33976
33977
33978
33979
33980
33981
33982
33983
33984
33985
33986
33987
33988
33989
33990
33991
33992
33993
33994
33995
33996
33997
33998
33999
34000
34001
34002
34003
34004
34005
34006
34007
34008
34009
34010
34011
34012
34013
34014
34015
34016
34017
34018
34019
34020
34021
34022
34023
34024
34025
34026
34027
34028
34029
34030
34031
34032
34033
34034
34035
34036
34037
34038
34039
34040
34041
34042
34043
34044
34045
34046
34047
34048
34049
34050
34051
34052
34053
34054
34055
34056
34057
34058
34059
34060
34061
34062
34063
34064
34065
34066
34067
34068
34069
34070
34071
34072
34073
34074
34075
34076
34077
34078
34079
34080
34081
34082
34083
34084
34085
34086
34087
34088
34089
34090
34091
34092
34093
34094
34095
34096
34097
34098
34099
34100
34101
34102
34103
34104
34105
34106
34107
34108
34109
34110
34111
34112
34113
34114
34115
34116
34117
34118
34119
34120
34121
34122
34123
34124
34125
34126
34127
34128
34129
34130
34131
34132
34133
34134
34135
34136
34137
34138
34139
34140
34141
34142
34143
34144
34145
34146
34147
34148
34149
34150
34151
34152
34153
34154
34155
34156
34157
34158
34159
34160
34161
34162
34163
34164
34165
34166
34167
34168
34169
34170
34171
34172
34173
34174
34175
34176
34177
34178
34179
34180
34181
34182
34183
34184
34185
34186
34187
34188
34189
34190
34191
34192
34193
34194
34195
34196
34197
34198
34199
34200
34201
34202
34203
34204
34205
34206
34207
34208
34209
34210
34211
34212
34213
34214
34215
34216
34217
34218
34219
34220
34221
34222
34223
34224
34225
34226
34227
34228
34229
34230
34231
34232
34233
34234
34235
34236
34237
34238
34239
34240
34241
34242
34243
34244
34245
34246
34247
34248
34249
34250
34251
34252
34253
34254
34255
34256
34257
34258
34259
34260
34261
34262
34263
34264
34265
34266
34267
34268
34269
34270
34271
34272
34273
34274
34275
34276
34277
34278
34279
34280
34281
34282
34283
34284
34285
34286
34287
34288
34289
34290
34291
34292
34293
34294
34295
34296
34297
34298
34299
34300
34301
34302
34303
34304
34305
34306
34307
34308
34309
34310
34311
34312
34313
34314
34315
34316
34317
34318
34319
34320
34321
34322
34323
34324
34325
34326
34327
34328
34329
34330
34331
34332
34333
34334
34335
34336
34337
34338
34339
34340
34341
34342
34343
34344
34345
34346
34347
34348
34349
34350
34351
34352
34353
34354
34355
34356
34357
34358
34359
34360
34361
34362
34363
34364
34365
34366
34367
34368
34369
34370
34371
34372
34373
34374
34375
34376
34377
34378
34379
34380
34381
34382
34383
34384
34385
34386
34387
34388
34389
34390
34391
34392
34393
34394
34395
34396
34397
34398
34399
34400
34401
34402
34403
34404
34405
34406
34407
34408
34409
34410
34411
34412
34413
34414
34415
34416
34417
34418
34419
34420
34421
34422
34423
34424
34425
34426
34427
34428
34429
34430
34431
34432
34433
34434
34435
34436
34437
34438
34439
34440
34441
34442
34443
34444
34445
34446
34447
34448
34449
34450
34451
34452
34453
34454
34455
34456
34457
34458
34459
34460
34461
34462
34463
34464
34465
34466
34467
34468
34469
34470
34471
34472
34473
34474
34475
34476
34477
34478
34479
34480
34481
34482
34483
34484
34485
34486
34487
34488
34489
34490
34491
34492
34493
34494
34495
34496
34497
34498
34499
34500
34501
34502
34503
34504
34505
34506
34507
34508
34509
34510
34511
34512
34513
34514
34515
34516
34517
34518
34519
34520
34521
34522
34523
34524
34525
34526
34527
34528
34529
34530
34531
34532
34533
34534
34535
34536
34537
34538
34539
34540
34541
34542
34543
34544
34545
34546
34547
34548
34549
34550
34551
34552
34553
34554
34555
34556
34557
34558
34559
34560
34561
34562
34563
34564
34565
34566
34567
34568
34569
34570
34571
34572
34573
34574
34575
34576
34577
34578
34579
34580
34581
34582
34583
34584
34585
34586
34587
34588
34589
34590
34591
34592
34593
34594
34595
34596
34597
34598
34599
34600
34601
34602
34603
34604
34605
34606
34607
34608
34609
34610
34611
34612
34613
34614
34615
34616
34617
34618
34619
34620
34621
34622
34623
34624
34625
34626
34627
34628
34629
34630
34631
34632
34633
34634
34635
34636
34637
34638
34639
34640
34641
34642
34643
34644
34645
34646
34647
34648
34649
34650
34651
34652
34653
34654
34655
34656
34657
34658
34659
34660
34661
34662
34663
34664
34665
34666
34667
34668
34669
34670
34671
34672
34673
34674
34675
34676
34677
34678
34679
34680
34681
34682
34683
34684
34685
34686
34687
34688
34689
34690
34691
34692
34693
34694
34695
34696
34697
34698
34699
34700
34701
34702
34703
34704
34705
34706
34707
34708
34709
34710
34711
34712
34713
34714
34715
34716
34717
34718
34719
34720
34721
34722
34723
34724
34725
34726
34727
34728
34729
34730
34731
34732
34733
34734
34735
34736
34737
34738
34739
34740
34741
34742
34743
34744
34745
34746
34747
34748
34749
34750
34751
34752
34753
34754
34755
34756
34757
34758
34759
34760
34761
34762
34763
34764
34765
34766
34767
34768
34769
34770
34771
34772
34773
34774
34775
34776
34777
34778
34779
34780
34781
34782
34783
34784
34785
34786
34787
34788
34789
34790
34791
34792
34793
34794
34795
34796
34797
34798
34799
34800
34801
34802
34803
34804
34805
34806
34807
34808
34809
34810
34811
34812
34813
34814
34815
34816
34817
34818
34819
34820
34821
34822
34823
34824
34825
34826
34827
34828
34829
34830
34831
34832
34833
34834
34835
34836
34837
34838
34839
34840
34841
34842
34843
34844
34845
34846
34847
34848
34849
34850
34851
34852
34853
34854
34855
34856
34857
34858
34859
34860
34861
34862
34863
34864
34865
34866
34867
34868
34869
34870
34871
34872
34873
34874
34875
34876
34877
34878
34879
34880
34881
34882
34883
34884
34885
34886
34887
34888
34889
34890
34891
34892
34893
34894
34895
34896
34897
34898
34899
34900
34901
34902
34903
34904
34905
34906
34907
34908
34909
34910
34911
34912
34913
34914
34915
34916
34917
34918
34919
34920
34921
34922
34923
34924
34925
34926
34927
34928
34929
34930
34931
34932
34933
34934
34935
34936
34937
34938
34939
34940
34941
34942
34943
34944
34945
34946
34947
34948
34949
34950
34951
34952
34953
34954
34955
34956
34957
34958
34959
34960
34961
34962
34963
34964
34965
34966
34967
34968
34969
34970
34971
34972
34973
34974
34975
34976
34977
34978
34979
34980
34981
34982
34983
34984
34985
34986
34987
34988
34989
34990
34991
34992
34993
34994
34995
34996
34997
34998
34999
35000
35001
35002
35003
35004
35005
35006
35007
35008
35009
35010
35011
35012
35013
35014
35015
35016
35017
35018
35019
35020
35021
35022
35023
35024
35025
35026
35027
35028
35029
35030
35031
35032
35033
35034
35035
35036
35037
35038
35039
35040
35041
35042
35043
35044
35045
35046
35047
35048
35049
35050
35051
35052
35053
35054
35055
35056
35057
35058
35059
35060
35061
35062
35063
35064
35065
35066
35067
35068
35069
35070
35071
35072
35073
35074
35075
35076
35077
35078
35079
35080
35081
35082
35083
35084
35085
35086
35087
35088
35089
35090
35091
35092
35093
35094
35095
35096
35097
35098
35099
35100
35101
35102
35103
35104
35105
35106
35107
35108
35109
35110
35111
35112
35113
35114
35115
35116
35117
35118
35119
35120
35121
35122
35123
35124
35125
35126
35127
35128
35129
35130
35131
35132
35133
35134
35135
35136
35137
35138
35139
35140
35141
35142
35143
35144
35145
35146
35147
35148
35149
35150
35151
35152
35153
35154
35155
35156
35157
35158
35159
35160
35161
35162
35163
35164
35165
35166
35167
35168
35169
35170
35171
35172
35173
35174
35175
35176
35177
35178
35179
35180
35181
35182
35183
35184
35185
35186
35187
35188
35189
35190
35191
35192
35193
35194
35195
35196
35197
35198
35199
35200
35201
35202
35203
35204
35205
35206
35207
35208
35209
35210
35211
35212
35213
35214
35215
35216
35217
35218
35219
35220
35221
35222
35223
35224
35225
35226
35227
35228
35229
35230
35231
35232
35233
35234
35235
35236
35237
35238
35239
35240
35241
35242
35243
35244
35245
35246
35247
35248
35249
35250
35251
35252
35253
35254
35255
35256
35257
35258
35259
35260
35261
35262
35263
35264
35265
35266
35267
35268
35269
35270
35271
35272
35273
35274
35275
35276
35277
35278
35279
35280
35281
35282
35283
35284
35285
35286
35287
35288
35289
35290
35291
35292
35293
35294
35295
35296
35297
35298
35299
35300
35301
35302
35303
35304
35305
35306
35307
35308
35309
35310
35311
35312
35313
35314
35315
35316
35317
35318
35319
35320
35321
35322
35323
35324
35325
35326
35327
35328
35329
35330
35331
35332
35333
35334
35335
35336
35337
35338
35339
35340
35341
35342
35343
35344
35345
35346
35347
35348
35349
35350
35351
35352
35353
35354
35355
35356
35357
35358
35359
35360
35361
35362
35363
35364
35365
35366
35367
35368
35369
35370
35371
35372
35373
35374
35375
35376
35377
35378
35379
35380
35381
35382
35383
35384
35385
35386
35387
35388
35389
35390
35391
35392
35393
35394
35395
35396
35397
35398
35399
35400
35401
35402
35403
35404
35405
35406
35407
35408
35409
35410
35411
35412
35413
35414
35415
35416
35417
35418
35419
35420
35421
35422
35423
35424
35425
35426
35427
35428
35429
35430
35431
35432
35433
35434
35435
35436
35437
35438
35439
35440
35441
35442
35443
35444
35445
35446
35447
35448
35449
35450
35451
35452
35453
35454
35455
35456
35457
35458
35459
35460
35461
35462
35463
35464
35465
35466
35467
35468
35469
35470
35471
35472
35473
35474
35475
35476
35477
35478
35479
35480
35481
35482
35483
35484
35485
35486
35487
35488
35489
35490
35491
35492
35493
35494
35495
35496
35497
35498
35499
35500
35501
35502
35503
35504
35505
35506
35507
35508
35509
35510
35511
35512
35513
35514
35515
35516
35517
35518
35519
35520
35521
35522
35523
35524
35525
35526
35527
35528
35529
35530
35531
35532
35533
35534
35535
35536
35537
35538
35539
35540
35541
35542
35543
35544
35545
35546
35547
35548
35549
35550
35551
35552
35553
35554
35555
35556
35557
35558
35559
35560
35561
35562
35563
35564
35565
35566
35567
35568
35569
35570
35571
35572
35573
35574
35575
35576
35577
35578
35579
35580
35581
35582
35583
35584
35585
35586
35587
35588
35589
35590
35591
35592
35593
35594
35595
35596
35597
35598
35599
35600
35601
35602
35603
35604
35605
35606
35607
35608
35609
35610
35611
35612
35613
35614
35615
35616
35617
35618
35619
35620
35621
35622
35623
35624
35625
35626
35627
35628
35629
35630
35631
35632
35633
35634
35635
35636
35637
35638
35639
35640
35641
35642
35643
35644
35645
35646
35647
35648
35649
35650
35651
35652
35653
35654
35655
35656
35657
35658
35659
35660
35661
35662
35663
35664
35665
35666
35667
35668
35669
35670
35671
35672
35673
35674
35675
35676
35677
35678
35679
35680
35681
35682
35683
35684
35685
35686
35687
35688
35689
35690
35691
35692
35693
35694
35695
35696
35697
35698
35699
35700
35701
35702
35703
35704
35705
35706
35707
35708
35709
35710
35711
35712
35713
35714
35715
35716
35717
35718
35719
35720
35721
35722
35723
35724
35725
35726
35727
35728
35729
35730
35731
35732
35733
35734
35735
35736
35737
35738
35739
35740
35741
35742
35743
35744
35745
35746
35747
35748
35749
35750
35751
35752
35753
35754
35755
35756
35757
35758
35759
35760
35761
35762
35763
35764
35765
35766
35767
35768
35769
35770
35771
35772
35773
35774
35775
35776
35777
35778
35779
35780
35781
35782
35783
35784
35785
35786
35787
35788
35789
35790
35791
35792
35793
35794
35795
35796
35797
35798
35799
35800
35801
35802
35803
35804
35805
35806
35807
35808
35809
35810
35811
35812
35813
35814
35815
35816
35817
35818
35819
35820
35821
35822
35823
35824
35825
35826
35827
35828
35829
35830
35831
35832
35833
35834
35835
35836
35837
35838
35839
35840
35841
35842
35843
35844
35845
35846
35847
35848
35849
35850
35851
35852
35853
35854
35855
35856
35857
35858
35859
35860
35861
35862
35863
35864
35865
35866
35867
35868
35869
35870
35871
35872
35873
35874
35875
35876
35877
35878
35879
35880
35881
35882
35883
35884
35885
35886
35887
35888
35889
35890
35891
35892
35893
35894
35895
35896
35897
35898
35899
35900
35901
35902
35903
35904
35905
35906
35907
35908
35909
35910
35911
35912
35913
35914
35915
35916
35917
35918
35919
35920
35921
35922
35923
35924
35925
35926
35927
35928
35929
35930
35931
35932
35933
35934
35935
35936
35937
35938
35939
35940
35941
35942
35943
35944
35945
35946
35947
35948
35949
35950
35951
35952
35953
35954
35955
35956
35957
35958
35959
35960
35961
35962
35963
35964
35965
35966
35967
35968
35969
35970
35971
35972
35973
35974
35975
35976
35977
35978
35979
35980
35981
35982
35983
35984
35985
35986
35987
35988
35989
35990
35991
35992
35993
35994
35995
35996
35997
35998
35999
36000
36001
36002
36003
36004
36005
36006
36007
36008
36009
36010
36011
36012
36013
36014
36015
36016
36017
36018
36019
36020
36021
36022
36023
36024
36025
36026
36027
36028
36029
36030
36031
36032
36033
36034
36035
36036
36037
36038
36039
36040
36041
36042
36043
36044
36045
36046
36047
36048
36049
36050
36051
36052
36053
36054
36055
36056
36057
36058
36059
36060
36061
36062
36063
36064
36065
36066
36067
36068
36069
36070
36071
36072
36073
36074
36075
36076
36077
36078
36079
36080
36081
36082
36083
36084
36085
36086
36087
36088
36089
36090
36091
36092
36093
36094
36095
36096
36097
36098
36099
36100
36101
36102
36103
36104
36105
36106
36107
36108
36109
36110
36111
36112
36113
36114
36115
36116
36117
36118
36119
36120
36121
36122
36123
36124
36125
36126
36127
36128
36129
36130
36131
36132
36133
36134
36135
36136
36137
36138
36139
36140
36141
36142
36143
36144
36145
36146
36147
36148
36149
36150
36151
36152
36153
36154
36155
36156
36157
36158
36159
36160
36161
36162
36163
36164
36165
36166
36167
36168
36169
36170
36171
36172
36173
36174
36175
36176
36177
36178
36179
36180
36181
36182
36183
36184
36185
36186
36187
36188
36189
36190
36191
36192
36193
36194
36195
36196
36197
36198
36199
36200
36201
36202
36203
36204
36205
36206
36207
36208
36209
36210
36211
36212
36213
36214
36215
36216
36217
36218
36219
36220
36221
36222
36223
36224
36225
36226
36227
36228
36229
36230
36231
36232
36233
36234
36235
36236
36237
36238
36239
36240
36241
36242
36243
36244
36245
36246
36247
36248
36249
36250
36251
36252
36253
36254
36255
36256
36257
36258
36259
36260
36261
36262
36263
36264
36265
36266
36267
36268
36269
36270
36271
36272
36273
36274
36275
36276
36277
36278
36279
36280
36281
36282
36283
36284
36285
36286
36287
36288
36289
36290
36291
36292
36293
36294
36295
36296
36297
36298
36299
36300
36301
36302
36303
36304
36305
36306
36307
36308
36309
36310
36311
36312
36313
36314
36315
36316
36317
36318
36319
36320
36321
36322
36323
36324
36325
36326
36327
36328
36329
36330
36331
36332
36333
36334
36335
36336
36337
36338
36339
36340
36341
36342
36343
36344
36345
36346
36347
36348
36349
36350
36351
36352
36353
36354
36355
36356
36357
36358
36359
36360
36361
36362
36363
36364
36365
36366
36367
36368
36369
36370
36371
36372
36373
36374
36375
36376
36377
36378
36379
36380
36381
36382
36383
36384
36385
36386
36387
36388
36389
36390
36391
36392
36393
36394
36395
36396
36397
36398
36399
36400
36401
36402
36403
36404
36405
36406
36407
36408
36409
36410
36411
36412
36413
36414
36415
36416
36417
36418
36419
36420
36421
36422
36423
36424
36425
36426
36427
36428
36429
36430
36431
36432
36433
36434
36435
36436
36437
36438
36439
36440
36441
36442
36443
36444
36445
36446
36447
36448
36449
36450
36451
36452
36453
36454
36455
36456
36457
36458
36459
36460
36461
36462
36463
36464
36465
36466
36467
36468
36469
36470
36471
36472
36473
36474
36475
36476
36477
36478
36479
36480
36481
36482
36483
36484
36485
36486
36487
36488
36489
36490
36491
36492
36493
36494
36495
36496
36497
36498
36499
36500
36501
36502
36503
36504
36505
36506
36507
36508
36509
36510
36511
36512
36513
36514
36515
36516
36517
36518
36519
36520
36521
36522
36523
36524
36525
36526
36527
36528
36529
36530
36531
36532
36533
36534
36535
36536
36537
36538
36539
36540
36541
36542
36543
36544
36545
36546
36547
36548
36549
36550
36551
36552
36553
36554
36555
36556
36557
36558
36559
36560
36561
36562
36563
36564
36565
36566
36567
36568
36569
36570
36571
36572
36573
36574
36575
36576
36577
36578
36579
36580
36581
36582
36583
36584
36585
36586
36587
36588
36589
36590
36591
36592
36593
36594
36595
36596
36597
36598
36599
36600
36601
36602
36603
36604
36605
36606
36607
36608
36609
36610
36611
36612
36613
36614
36615
36616
36617
36618
36619
36620
36621
36622
36623
36624
36625
36626
36627
36628
36629
36630
36631
36632
36633
36634
36635
36636
36637
36638
36639
36640
36641
36642
36643
36644
36645
36646
36647
36648
36649
36650
36651
36652
36653
36654
36655
36656
36657
36658
36659
36660
36661
36662
36663
36664
36665
36666
36667
36668
36669
36670
36671
36672
36673
36674
36675
36676
36677
36678
36679
36680
36681
36682
36683
36684
36685
36686
36687
36688
36689
36690
36691
36692
36693
36694
36695
36696
36697
36698
36699
36700
36701
36702
36703
36704
36705
36706
36707
36708
36709
36710
36711
36712
36713
36714
36715
36716
36717
36718
36719
36720
36721
36722
36723
36724
36725
36726
36727
36728
36729
36730
36731
36732
36733
36734
36735
36736
36737
36738
36739
36740
36741
36742
36743
36744
36745
36746
36747
36748
36749
36750
36751
36752
36753
36754
36755
36756
36757
36758
36759
36760
36761
36762
36763
36764
36765
36766
36767
36768
36769
36770
36771
36772
36773
36774
36775
36776
36777
36778
36779
36780
36781
36782
36783
36784
36785
36786
36787
36788
36789
36790
36791
36792
36793
36794
36795
36796
36797
36798
36799
36800
36801
36802
36803
36804
36805
36806
36807
36808
36809
36810
36811
36812
36813
36814
36815
36816
36817
36818
36819
36820
36821
36822
36823
36824
36825
36826
36827
36828
36829
36830
36831
36832
36833
36834
36835
36836
36837
36838
36839
36840
36841
36842
36843
36844
36845
36846
36847
36848
36849
36850
36851
36852
36853
36854
36855
36856
36857
36858
36859
36860
36861
36862
36863
36864
36865
36866
36867
36868
36869
36870
36871
36872
36873
36874
36875
36876
36877
36878
36879
36880
36881
36882
36883
36884
36885
36886
36887
36888
36889
36890
36891
36892
36893
36894
36895
36896
36897
36898
36899
36900
36901
36902
36903
36904
36905
36906
36907
36908
36909
36910
36911
36912
36913
36914
36915
36916
36917
36918
36919
36920
36921
36922
36923
36924
36925
36926
36927
36928
36929
36930
36931
36932
36933
36934
36935
36936
36937
36938
36939
36940
36941
36942
36943
36944
36945
36946
36947
36948
36949
36950
36951
36952
36953
36954
36955
36956
36957
36958
36959
36960
36961
36962
36963
36964
36965
36966
36967
36968
36969
36970
36971
36972
36973
36974
36975
36976
36977
36978
36979
36980
36981
36982
36983
36984
36985
36986
36987
36988
36989
36990
36991
36992
36993
36994
36995
36996
36997
36998
36999
37000
37001
37002
37003
37004
37005
37006
37007
37008
37009
37010
37011
37012
37013
37014
37015
37016
37017
37018
37019
37020
37021
37022
37023
37024
37025
37026
37027
37028
37029
37030
37031
37032
37033
37034
37035
37036
37037
37038
37039
37040
37041
37042
37043
37044
37045
37046
37047
37048
37049
37050
37051
37052
37053
37054
37055
37056
37057
37058
37059
37060
37061
37062
37063
37064
37065
37066
37067
37068
37069
37070
37071
37072
37073
37074
37075
37076
37077
37078
37079
37080
37081
37082
37083
37084
37085
37086
37087
37088
37089
37090
37091
37092
37093
37094
37095
37096
37097
37098
37099
37100
37101
37102
37103
37104
37105
37106
37107
37108
37109
37110
37111
37112
37113
37114
37115
37116
37117
37118
37119
37120
37121
37122
37123
37124
37125
37126
37127
37128
37129
37130
37131
37132
37133
37134
37135
37136
37137
37138
37139
37140
37141
37142
37143
37144
37145
37146
37147
37148
37149
37150
37151
37152
37153
37154
37155
37156
37157
37158
37159
37160
37161
37162
37163
37164
37165
37166
37167
37168
37169
37170
37171
37172
37173
37174
37175
37176
37177
37178
37179
37180
37181
37182
37183
37184
37185
37186
37187
37188
37189
37190
37191
37192
37193
37194
37195
37196
37197
37198
37199
37200
37201
37202
37203
37204
37205
37206
37207
37208
37209
37210
37211
37212
37213
37214
37215
37216
37217
37218
37219
37220
37221
37222
37223
37224
37225
37226
37227
37228
37229
37230
37231
37232
37233
37234
37235
37236
37237
37238
37239
37240
37241
37242
37243
37244
37245
37246
37247
37248
37249
37250
37251
37252
37253
37254
37255
37256
37257
37258
37259
37260
37261
37262
37263
37264
37265
37266
37267
37268
37269
37270
37271
37272
37273
37274
37275
37276
37277
37278
37279
37280
37281
37282
37283
37284
37285
37286
37287
37288
37289
37290
37291
37292
37293
37294
37295
37296
37297
37298
37299
37300
37301
37302
37303
37304
37305
37306
37307
37308
37309
37310
37311
37312
37313
37314
37315
37316
37317
37318
37319
37320
37321
37322
37323
37324
37325
37326
37327
37328
37329
37330
37331
37332
37333
37334
37335
37336
37337
37338
37339
37340
37341
37342
37343
37344
37345
37346
37347
37348
37349
37350
37351
37352
37353
37354
37355
37356
37357
37358
37359
37360
37361
37362
37363
37364
37365
37366
37367
37368
37369
37370
37371
37372
37373
37374
37375
37376
37377
37378
37379
37380
37381
37382
37383
37384
37385
37386
37387
37388
37389
37390
37391
37392
37393
37394
37395
37396
37397
37398
37399
37400
37401
37402
37403
37404
37405
37406
37407
37408
37409
37410
37411
37412
37413
37414
37415
37416
37417
37418
37419
37420
37421
37422
37423
37424
37425
37426
37427
37428
37429
37430
37431
37432
37433
37434
37435
37436
37437
37438
37439
37440
37441
37442
37443
37444
37445
37446
37447
37448
37449
37450
37451
37452
37453
37454
37455
37456
37457
37458
37459
37460
37461
37462
37463
37464
37465
37466
37467
37468
37469
37470
37471
37472
37473
37474
37475
37476
37477
37478
37479
37480
37481
37482
37483
37484
37485
37486
37487
37488
37489
37490
37491
37492
37493
37494
37495
37496
37497
37498
37499
37500
37501
37502
37503
37504
37505
37506
37507
37508
37509
37510
37511
37512
37513
37514
37515
37516
37517
37518
37519
37520
37521
37522
37523
37524
37525
37526
37527
37528
37529
37530
37531
37532
37533
37534
37535
37536
37537
37538
37539
37540
37541
37542
37543
37544
37545
37546
37547
37548
37549
37550
37551
37552
37553
37554
37555
37556
37557
37558
37559
37560
37561
37562
37563
37564
37565
37566
37567
37568
37569
37570
37571
37572
37573
37574
37575
37576
37577
37578
37579
37580
37581
37582
37583
37584
37585
37586
37587
37588
37589
37590
37591
37592
37593
37594
37595
37596
37597
37598
37599
37600
37601
37602
37603
37604
37605
37606
37607
37608
37609
37610
37611
37612
37613
37614
37615
37616
37617
37618
37619
37620
37621
37622
37623
37624
37625
37626
37627
37628
37629
37630
37631
37632
37633
37634
37635
37636
37637
37638
37639
37640
37641
37642
37643
37644
37645
37646
37647
37648
37649
37650
37651
37652
37653
37654
37655
37656
37657
37658
37659
37660
37661
37662
37663
37664
37665
37666
37667
37668
37669
37670
37671
37672
37673
37674
37675
37676
37677
37678
37679
37680
37681
37682
37683
37684
37685
37686
37687
37688
37689
37690
37691
37692
37693
37694
37695
37696
37697
37698
37699
37700
37701
37702
37703
37704
37705
37706
37707
37708
37709
37710
37711
37712
37713
37714
37715
37716
37717
37718
37719
37720
37721
37722
37723
37724
37725
37726
37727
37728
37729
37730
37731
37732
37733
37734
37735
37736
37737
37738
37739
37740
37741
37742
37743
37744
37745
37746
37747
37748
37749
37750
37751
37752
37753
37754
37755
37756
37757
37758
37759
37760
37761
37762
37763
37764
37765
37766
37767
37768
37769
37770
37771
37772
37773
37774
37775
37776
37777
37778
37779
37780
37781
37782
37783
37784
37785
37786
37787
37788
37789
37790
37791
37792
37793
37794
37795
37796
37797
37798
37799
37800
37801
37802
37803
37804
37805
37806
37807
37808
37809
37810
37811
37812
37813
37814
37815
37816
37817
37818
37819
37820
37821
37822
37823
37824
37825
37826
37827
37828
37829
37830
37831
37832
37833
37834
37835
37836
37837
37838
37839
37840
37841
37842
37843
37844
37845
37846
37847
37848
37849
37850
37851
37852
37853
37854
37855
37856
37857
37858
37859
37860
37861
37862
37863
37864
37865
37866
37867
37868
37869
37870
37871
37872
37873
37874
37875
37876
37877
37878
37879
37880
37881
37882
37883
37884
37885
37886
37887
37888
37889
37890
37891
37892
37893
37894
37895
37896
37897
37898
37899
37900
37901
37902
37903
37904
37905
37906
37907
37908
37909
37910
37911
37912
37913
37914
37915
37916
37917
37918
37919
37920
37921
37922
37923
37924
37925
37926
37927
37928
37929
37930
37931
37932
37933
37934
37935
37936
37937
37938
37939
37940
37941
37942
37943
37944
37945
37946
37947
37948
37949
37950
37951
37952
37953
37954
37955
37956
37957
37958
37959
37960
37961
37962
37963
37964
37965
37966
37967
37968
37969
37970
37971
37972
37973
37974
37975
37976
37977
37978
37979
37980
37981
37982
37983
37984
37985
37986
37987
37988
37989
37990
37991
37992
37993
37994
37995
37996
37997
37998
37999
38000
38001
38002
38003
38004
38005
38006
38007
38008
38009
38010
38011
38012
38013
38014
38015
38016
38017
38018
38019
38020
38021
38022
38023
38024
38025
38026
38027
38028
38029
38030
38031
38032
38033
38034
38035
38036
38037
38038
38039
38040
38041
38042
38043
38044
38045
38046
38047
38048
38049
38050
38051
38052
38053
38054
38055
38056
38057
38058
38059
38060
38061
38062
38063
38064
38065
38066
38067
38068
38069
38070
38071
38072
38073
38074
38075
38076
38077
38078
38079
38080
38081
38082
38083
38084
38085
38086
38087
38088
38089
38090
38091
38092
38093
38094
38095
38096
38097
38098
38099
38100
38101
38102
38103
38104
38105
38106
38107
38108
38109
38110
38111
38112
38113
38114
38115
38116
38117
38118
38119
38120
38121
38122
38123
38124
38125
38126
38127
38128
38129
38130
38131
38132
38133
38134
38135
38136
38137
38138
38139
38140
38141
38142
38143
38144
38145
38146
38147
38148
38149
38150
38151
38152
38153
38154
38155
38156
38157
38158
38159
38160
38161
38162
38163
38164
38165
38166
38167
38168
38169
38170
38171
38172
38173
38174
38175
38176
38177
38178
38179
38180
38181
38182
38183
38184
38185
38186
38187
38188
38189
38190
38191
38192
38193
38194
38195
38196
38197
38198
38199
38200
38201
38202
38203
38204
38205
38206
38207
38208
38209
38210
38211
38212
38213
38214
38215
38216
38217
38218
38219
38220
38221
38222
38223
38224
38225
38226
38227
38228
38229
38230
38231
38232
38233
38234
38235
38236
38237
38238
38239
38240
38241
38242
38243
38244
38245
38246
38247
38248
38249
38250
38251
38252
38253
38254
38255
38256
38257
38258
38259
38260
38261
38262
38263
38264
38265
38266
38267
38268
38269
38270
38271
38272
38273
38274
38275
38276
38277
38278
38279
38280
38281
38282
38283
38284
38285
38286
38287
38288
38289
38290
38291
38292
38293
38294
38295
38296
38297
38298
38299
38300
38301
38302
38303
38304
38305
38306
38307
38308
38309
38310
38311
38312
38313
38314
38315
38316
38317
38318
38319
38320
38321
38322
38323
38324
38325
38326
38327
38328
38329
38330
38331
38332
38333
38334
38335
38336
38337
38338
38339
38340
38341
38342
38343
38344
38345
38346
38347
38348
38349
38350
38351
38352
38353
38354
38355
38356
38357
38358
38359
38360
38361
38362
38363
38364
38365
38366
38367
38368
38369
38370
38371
38372
38373
38374
38375
38376
38377
38378
38379
38380
38381
38382
38383
38384
38385
38386
38387
38388
38389
38390
38391
38392
38393
38394
38395
38396
38397
38398
38399
38400
38401
38402
38403
38404
38405
38406
38407
38408
38409
38410
38411
38412
38413
38414
38415
38416
38417
38418
38419
38420
38421
38422
38423
38424
38425
38426
38427
38428
38429
38430
38431
38432
38433
38434
38435
38436
38437
38438
38439
38440
38441
38442
38443
38444
38445
38446
38447
38448
38449
38450
38451
38452
38453
38454
38455
38456
38457
38458
38459
38460
38461
38462
38463
38464
38465
38466
38467
38468
38469
38470
38471
38472
38473
38474
38475
38476
38477
38478
38479
38480
38481
38482
38483
38484
38485
38486
38487
38488
38489
38490
38491
38492
38493
38494
38495
38496
38497
38498
38499
38500
38501
38502
38503
38504
38505
38506
38507
38508
38509
38510
38511
38512
38513
38514
38515
38516
38517
38518
38519
38520
38521
38522
38523
38524
38525
38526
38527
38528
38529
38530
38531
38532
38533
38534
38535
38536
38537
38538
38539
38540
38541
38542
38543
38544
38545
38546
38547
38548
38549
38550
38551
38552
38553
38554
38555
38556
38557
38558
38559
38560
38561
38562
38563
38564
38565
38566
38567
38568
38569
38570
38571
38572
38573
38574
38575
38576
38577
38578
38579
38580
38581
38582
38583
38584
38585
38586
38587
38588
38589
38590
38591
38592
38593
38594
38595
38596
38597
38598
38599
38600
38601
38602
38603
38604
38605
38606
38607
38608
38609
38610
38611
38612
38613
38614
38615
38616
38617
38618
38619
38620
38621
38622
38623
38624
38625
38626
38627
38628
38629
38630
38631
38632
38633
38634
38635
38636
38637
38638
38639
38640
38641
38642
38643
38644
38645
38646
38647
38648
38649
38650
38651
38652
38653
38654
38655
38656
38657
38658
38659
38660
38661
38662
38663
38664
38665
38666
38667
38668
38669
38670
38671
38672
38673
38674
38675
38676
38677
38678
38679
38680
38681
38682
38683
38684
38685
38686
38687
38688
38689
38690
38691
38692
38693
38694
38695
38696
38697
38698
38699
38700
38701
38702
38703
38704
38705
38706
38707
38708
38709
38710
38711
38712
38713
38714
38715
38716
38717
38718
38719
38720
38721
38722
38723
38724
38725
38726
38727
38728
38729
38730
38731
38732
38733
38734
38735
38736
38737
38738
38739
38740
38741
38742
38743
38744
38745
38746
38747
38748
38749
38750
38751
38752
38753
38754
38755
38756
38757
38758
38759
38760
38761
38762
38763
38764
38765
38766
38767
38768
38769
38770
38771
38772
38773
38774
38775
38776
38777
38778
38779
38780
38781
38782
38783
38784
38785
38786
38787
38788
38789
38790
38791
38792
38793
38794
38795
38796
38797
38798
38799
38800
38801
38802
38803
38804
38805
38806
38807
38808
38809
38810
38811
38812
38813
38814
38815
38816
38817
38818
38819
38820
38821
38822
38823
38824
38825
38826
38827
38828
38829
38830
38831
38832
38833
38834
38835
38836
38837
38838
38839
38840
38841
38842
38843
38844
38845
38846
38847
38848
38849
38850
38851
38852
38853
38854
38855
38856
38857
38858
38859
38860
38861
38862
38863
38864
38865
38866
38867
38868
38869
38870
38871
38872
38873
38874
38875
38876
38877
38878
38879
38880
38881
38882
38883
38884
38885
38886
38887
38888
38889
38890
38891
38892
38893
38894
38895
38896
38897
38898
38899
38900
38901
38902
38903
38904
38905
38906
38907
38908
38909
38910
38911
38912
38913
38914
38915
38916
38917
38918
38919
38920
38921
38922
38923
38924
38925
38926
38927
38928
38929
38930
38931
38932
38933
38934
38935
38936
38937
38938
38939
38940
38941
38942
38943
38944
38945
38946
38947
38948
38949
38950
38951
38952
38953
38954
38955
38956
38957
38958
38959
38960
38961
38962
38963
38964
38965
38966
38967
38968
38969
38970
38971
38972
38973
38974
38975
38976
38977
38978
38979
38980
38981
38982
38983
38984
38985
38986
38987
38988
38989
38990
38991
38992
38993
38994
38995
38996
38997
38998
38999
39000
39001
39002
39003
39004
39005
39006
39007
39008
39009
39010
39011
39012
39013
39014
39015
39016
39017
39018
39019
39020
39021
39022
39023
39024
39025
39026
39027
39028
39029
39030
39031
39032
39033
39034
39035
39036
39037
39038
39039
39040
39041
39042
39043
39044
39045
39046
39047
39048
39049
39050
39051
39052
39053
39054
39055
39056
39057
39058
39059
39060
39061
39062
39063
39064
39065
39066
39067
39068
39069
39070
39071
39072
39073
39074
39075
39076
39077
39078
39079
39080
39081
39082
39083
39084
39085
39086
39087
39088
39089
39090
39091
39092
39093
39094
39095
39096
39097
39098
39099
39100
39101
39102
39103
39104
39105
39106
39107
39108
39109
39110
39111
39112
39113
39114
39115
39116
39117
39118
39119
39120
39121
39122
39123
39124
39125
39126
39127
39128
39129
39130
39131
39132
39133
39134
39135
39136
39137
39138
39139
39140
39141
39142
39143
39144
39145
39146
39147
39148
39149
39150
39151
39152
39153
39154
39155
39156
39157
39158
39159
39160
39161
39162
39163
39164
39165
39166
39167
39168
39169
39170
39171
39172
39173
39174
39175
39176
39177
39178
39179
39180
39181
39182
39183
39184
39185
39186
39187
39188
39189
39190
39191
39192
39193
39194
39195
39196
39197
39198
39199
39200
39201
39202
39203
39204
39205
39206
39207
39208
39209
39210
39211
39212
39213
39214
39215
39216
39217
39218
39219
39220
39221
39222
39223
39224
39225
39226
39227
39228
39229
39230
39231
39232
39233
39234
39235
39236
39237
39238
39239
39240
39241
39242
39243
39244
39245
39246
39247
39248
39249
39250
39251
39252
39253
39254
39255
39256
39257
39258
39259
39260
39261
39262
39263
39264
39265
39266
39267
39268
39269
39270
39271
39272
39273
39274
39275
39276
39277
39278
39279
39280
39281
39282
39283
39284
39285
39286
39287
39288
39289
39290
39291
39292
39293
39294
39295
39296
39297
39298
39299
39300
39301
39302
39303
39304
39305
39306
39307
39308
39309
39310
39311
39312
39313
39314
39315
39316
39317
39318
39319
39320
39321
39322
39323
39324
39325
39326
39327
39328
39329
39330
39331
39332
39333
39334
39335
39336
39337
39338
39339
39340
39341
39342
39343
39344
39345
39346
39347
39348
39349
39350
39351
39352
39353
39354
39355
39356
39357
39358
39359
39360
39361
39362
39363
39364
39365
39366
39367
39368
39369
39370
39371
39372
39373
39374
39375
39376
39377
39378
39379
39380
39381
39382
39383
39384
39385
39386
39387
39388
39389
39390
39391
39392
39393
39394
39395
39396
39397
39398
39399
39400
39401
39402
39403
39404
39405
39406
39407
39408
39409
39410
39411
39412
39413
39414
39415
39416
39417
39418
39419
39420
39421
39422
39423
39424
39425
39426
39427
39428
39429
39430
39431
39432
39433
39434
39435
39436
39437
39438
39439
39440
39441
39442
39443
39444
39445
39446
39447
39448
39449
39450
39451
39452
39453
39454
39455
39456
39457
39458
39459
39460
39461
39462
39463
39464
39465
39466
39467
39468
39469
39470
39471
39472
39473
39474
39475
39476
39477
39478
39479
39480
39481
39482
39483
39484
39485
39486
39487
39488
39489
39490
39491
39492
39493
39494
39495
39496
39497
39498
39499
39500
39501
39502
39503
39504
39505
39506
39507
39508
39509
39510
39511
39512
39513
39514
39515
39516
39517
39518
39519
39520
39521
39522
39523
39524
39525
39526
39527
39528
39529
39530
39531
39532
39533
39534
39535
39536
39537
39538
39539
39540
39541
39542
39543
39544
39545
39546
39547
39548
39549
39550
39551
39552
39553
39554
39555
39556
39557
39558
39559
39560
39561
39562
39563
39564
39565
39566
39567
39568
39569
39570
39571
39572
39573
39574
39575
39576
39577
39578
39579
39580
39581
39582
39583
39584
39585
39586
39587
39588
39589
39590
39591
39592
39593
39594
39595
39596
39597
39598
39599
39600
39601
39602
39603
39604
39605
39606
39607
39608
39609
39610
39611
39612
39613
39614
39615
39616
39617
39618
39619
39620
39621
39622
39623
39624
39625
39626
39627
39628
39629
39630
39631
39632
39633
39634
39635
39636
39637
39638
39639
39640
39641
39642
39643
39644
39645
39646
39647
39648
39649
39650
39651
39652
39653
39654
39655
39656
39657
39658
39659
39660
39661
39662
39663
39664
39665
39666
39667
39668
39669
39670
39671
39672
39673
39674
39675
39676
39677
39678
39679
39680
39681
39682
39683
39684
39685
39686
39687
39688
39689
39690
39691
39692
39693
39694
39695
39696
39697
39698
39699
39700
39701
39702
39703
39704
39705
39706
39707
39708
39709
39710
39711
39712
39713
39714
39715
39716
39717
39718
39719
39720
39721
39722
39723
39724
39725
39726
39727
39728
39729
39730
39731
39732
39733
39734
39735
39736
39737
39738
39739
39740
39741
39742
39743
39744
39745
39746
39747
39748
39749
39750
39751
39752
39753
39754
39755
39756
39757
39758
39759
39760
39761
39762
39763
39764
39765
39766
39767
39768
39769
39770
39771
39772
39773
39774
39775
39776
39777
39778
39779
39780
39781
39782
39783
39784
39785
39786
39787
39788
39789
39790
39791
39792
39793
39794
39795
39796
39797
39798
39799
39800
39801
39802
39803
39804
39805
39806
39807
39808
39809
39810
39811
39812
39813
39814
39815
39816
39817
39818
39819
39820
39821
39822
39823
39824
39825
39826
39827
39828
39829
39830
39831
39832
39833
39834
39835
39836
39837
39838
39839
39840
39841
39842
39843
39844
39845
39846
39847
39848
39849
39850
39851
39852
39853
39854
39855
39856
39857
39858
39859
39860
39861
39862
39863
39864
39865
39866
39867
39868
39869
39870
39871
39872
39873
39874
39875
39876
39877
39878
39879
39880
39881
39882
39883
39884
39885
39886
39887
39888
39889
39890
39891
39892
39893
39894
39895
39896
39897
39898
39899
39900
39901
39902
39903
39904
39905
39906
39907
39908
39909
39910
39911
39912
39913
39914
39915
39916
39917
39918
39919
39920
39921
39922
39923
39924
39925
39926
39927
39928
39929
39930
39931
39932
39933
39934
39935
39936
39937
39938
39939
39940
39941
39942
39943
39944
39945
39946
39947
39948
39949
39950
39951
39952
39953
39954
39955
39956
39957
39958
39959
39960
39961
39962
39963
39964
39965
39966
39967
39968
39969
39970
39971
39972
39973
39974
39975
39976
39977
39978
39979
39980
39981
39982
39983
39984
39985
39986
39987
39988
39989
39990
39991
39992
39993
39994
39995
39996
39997
39998
39999
40000
40001
40002
40003
40004
40005
40006
40007
40008
40009
40010
40011
40012
40013
40014
40015
40016
40017
40018
40019
40020
40021
40022
40023
40024
40025
40026
40027
40028
40029
40030
40031
40032
40033
40034
40035
40036
40037
40038
40039
40040
40041
40042
40043
40044
40045
40046
40047
40048
40049
40050
40051
40052
40053
40054
40055
40056
40057
40058
40059
40060
40061
40062
40063
40064
40065
40066
40067
40068
40069
40070
40071
40072
40073
40074
40075
40076
40077
40078
40079
40080
40081
40082
40083
40084
40085
40086
40087
40088
40089
40090
40091
40092
40093
40094
40095
40096
40097
40098
40099
40100
40101
40102
40103
40104
40105
40106
40107
40108
40109
40110
40111
40112
40113
40114
40115
40116
40117
40118
40119
40120
40121
40122
40123
40124
40125
40126
40127
40128
40129
40130
40131
40132
40133
40134
40135
40136
40137
40138
40139
40140
40141
40142
40143
40144
40145
40146
40147
40148
40149
40150
40151
40152
40153
40154
40155
40156
40157
40158
40159
40160
40161
40162
40163
40164
40165
40166
40167
40168
40169
40170
40171
40172
40173
40174
40175
40176
40177
40178
40179
40180
40181
40182
40183
40184
40185
40186
40187
40188
40189
40190
40191
40192
40193
40194
40195
40196
40197
40198
40199
40200
40201
40202
40203
40204
40205
40206
40207
40208
40209
40210
40211
40212
40213
40214
40215
40216
40217
40218
40219
40220
40221
40222
40223
40224
40225
40226
40227
40228
40229
40230
40231
40232
40233
40234
40235
40236
40237
40238
40239
40240
40241
40242
40243
40244
40245
40246
40247
40248
40249
40250
40251
40252
40253
40254
40255
40256
40257
40258
40259
40260
40261
40262
40263
40264
40265
40266
40267
40268
40269
40270
40271
40272
40273
40274
40275
40276
40277
40278
40279
40280
40281
40282
40283
40284
40285
40286
40287
40288
40289
40290
40291
40292
40293
40294
40295
40296
40297
40298
40299
40300
40301
40302
40303
40304
40305
40306
40307
40308
40309
40310
40311
40312
40313
40314
40315
40316
40317
40318
40319
40320
40321
40322
40323
40324
40325
40326
40327
40328
40329
40330
40331
40332
40333
40334
40335
40336
40337
40338
40339
40340
40341
40342
40343
40344
40345
40346
40347
40348
40349
40350
40351
40352
40353
40354
40355
40356
40357
40358
40359
40360
40361
40362
40363
40364
40365
40366
40367
40368
40369
40370
40371
40372
40373
40374
40375
40376
40377
40378
40379
40380
40381
40382
40383
40384
40385
40386
40387
40388
40389
40390
40391
40392
40393
40394
40395
40396
40397
40398
40399
40400
40401
40402
40403
40404
40405
40406
40407
40408
40409
40410
40411
40412
40413
40414
40415
40416
40417
40418
40419
40420
40421
40422
40423
40424
40425
40426
40427
40428
40429
40430
40431
40432
40433
40434
40435
40436
40437
40438
40439
40440
40441
40442
40443
40444
40445
40446
40447
40448
40449
40450
40451
40452
40453
40454
40455
40456
40457
40458
40459
40460
40461
40462
40463
40464
40465
40466
40467
40468
40469
40470
40471
40472
40473
40474
40475
40476
40477
40478
40479
40480
40481
40482
40483
40484
40485
40486
40487
40488
40489
40490
40491
40492
40493
40494
40495
40496
40497
40498
40499
40500
40501
40502
40503
40504
40505
40506
40507
40508
40509
40510
40511
40512
40513
40514
40515
40516
40517
40518
40519
40520
40521
40522
40523
40524
40525
40526
40527
40528
40529
40530
40531
40532
40533
40534
40535
40536
40537
40538
40539
40540
40541
40542
40543
40544
40545
40546
40547
40548
40549
40550
40551
40552
40553
40554
40555
40556
40557
40558
40559
40560
40561
40562
40563
40564
40565
40566
40567
40568
40569
40570
40571
40572
40573
40574
40575
40576
40577
40578
40579
40580
40581
40582
40583
40584
40585
40586
40587
40588
40589
40590
40591
40592
40593
40594
40595
40596
40597
40598
40599
40600
40601
40602
40603
40604
40605
40606
40607
40608
40609
40610
40611
40612
40613
40614
40615
40616
40617
40618
40619
40620
40621
40622
40623
40624
40625
40626
40627
40628
40629
40630
40631
40632
40633
40634
40635
40636
40637
40638
40639
40640
40641
40642
40643
40644
40645
40646
40647
40648
40649
40650
40651
40652
40653
40654
40655
40656
40657
40658
40659
40660
40661
40662
40663
40664
40665
40666
40667
40668
40669
40670
40671
40672
40673
40674
40675
40676
40677
40678
40679
40680
40681
40682
40683
40684
40685
40686
40687
40688
40689
40690
40691
40692
40693
40694
40695
40696
40697
40698
40699
40700
40701
40702
40703
40704
40705
40706
40707
40708
40709
40710
40711
40712
40713
40714
40715
40716
40717
40718
40719
40720
40721
40722
40723
40724
40725
40726
40727
40728
40729
40730
40731
40732
40733
40734
40735
40736
40737
40738
40739
40740
40741
40742
40743
40744
40745
40746
40747
40748
40749
40750
40751
40752
40753
40754
40755
40756
40757
40758
40759
40760
40761
40762
40763
40764
40765
40766
40767
40768
40769
40770
40771
40772
40773
40774
40775
40776
40777
40778
40779
40780
40781
40782
40783
40784
40785
40786
40787
40788
40789
40790
40791
40792
40793
40794
40795
40796
40797
40798
40799
40800
40801
40802
40803
40804
40805
40806
40807
40808
40809
40810
40811
40812
40813
40814
40815
40816
40817
40818
40819
40820
40821
40822
40823
40824
40825
40826
40827
40828
40829
40830
40831
40832
40833
40834
40835
40836
40837
40838
40839
40840
40841
40842
40843
40844
40845
40846
40847
40848
40849
40850
40851
40852
40853
40854
40855
40856
40857
40858
40859
40860
40861
40862
40863
40864
40865
40866
40867
40868
40869
40870
40871
40872
40873
40874
40875
40876
40877
40878
40879
40880
40881
40882
40883
40884
40885
40886
40887
40888
40889
40890
40891
40892
40893
40894
40895
40896
40897
40898
40899
40900
40901
40902
40903
40904
40905
40906
40907
40908
40909
40910
40911
40912
40913
40914
40915
40916
40917
40918
40919
40920
40921
40922
40923
40924
40925
40926
40927
40928
40929
40930
40931
40932
40933
40934
40935
40936
40937
40938
40939
40940
40941
40942
40943
40944
40945
40946
40947
40948
40949
40950
40951
40952
40953
40954
40955
40956
40957
40958
40959
40960
40961
40962
40963
40964
40965
40966
40967
40968
40969
40970
40971
40972
40973
40974
40975
40976
40977
40978
40979
40980
40981
40982
40983
40984
40985
40986
40987
40988
40989
40990
40991
40992
40993
40994
40995
40996
40997
40998
40999
41000
41001
41002
41003
41004
41005
41006
41007
41008
41009
41010
41011
41012
41013
41014
41015
41016
41017
41018
41019
41020
41021
41022
41023
41024
41025
41026
41027
41028
41029
41030
41031
41032
41033
41034
41035
41036
41037
41038
41039
41040
41041
41042
41043
41044
41045
41046
41047
41048
41049
41050
41051
41052
41053
41054
41055
41056
41057
41058
41059
41060
41061
41062
41063
41064
41065
41066
41067
41068
41069
41070
41071
41072
41073
41074
41075
41076
41077
41078
41079
41080
41081
41082
41083
41084
41085
41086
41087
41088
41089
41090
41091
41092
41093
41094
41095
41096
41097
41098
41099
41100
41101
41102
41103
41104
41105
41106
41107
41108
41109
41110
41111
41112
41113
41114
41115
41116
41117
41118
41119
41120
41121
41122
41123
41124
41125
41126
41127
41128
41129
41130
41131
41132
41133
41134
41135
41136
41137
41138
41139
41140
41141
41142
41143
41144
41145
41146
41147
41148
41149
41150
41151
41152
41153
41154
41155
41156
41157
41158
41159
41160
41161
41162
41163
41164
41165
41166
41167
41168
41169
41170
41171
41172
41173
41174
41175
41176
41177
41178
41179
41180
41181
41182
41183
41184
41185
41186
41187
41188
41189
41190
41191
41192
41193
41194
41195
41196
41197
41198
41199
41200
41201
41202
41203
41204
41205
41206
41207
41208
41209
41210
41211
41212
41213
41214
41215
41216
41217
41218
41219
41220
41221
41222
41223
41224
41225
41226
41227
41228
41229
41230
41231
41232
41233
41234
41235
41236
41237
41238
41239
41240
41241
41242
41243
41244
41245
41246
41247
41248
41249
41250
41251
41252
41253
41254
41255
41256
41257
41258
41259
41260
41261
41262
41263
41264
41265
41266
41267
41268
41269
41270
41271
41272
41273
41274
41275
41276
41277
41278
41279
41280
41281
41282
41283
41284
41285
41286
41287
41288
41289
41290
41291
41292
41293
41294
41295
41296
41297
41298
41299
41300
41301
41302
41303
41304
41305
41306
41307
41308
41309
41310
41311
41312
41313
41314
41315
41316
41317
41318
41319
41320
41321
41322
41323
41324
41325
41326
41327
41328
41329
41330
41331
41332
41333
41334
41335
41336
41337
41338
41339
41340
41341
41342
41343
41344
41345
41346
41347
41348
41349
41350
41351
41352
41353
41354
41355
41356
41357
41358
41359
41360
41361
41362
41363
41364
41365
41366
41367
41368
41369
41370
41371
41372
41373
41374
41375
41376
41377
41378
41379
41380
41381
41382
41383
41384
41385
41386
41387
41388
41389
41390
41391
41392
41393
41394
41395
41396
41397
41398
41399
41400
41401
41402
41403
41404
41405
41406
41407
41408
41409
41410
41411
41412
41413
41414
41415
41416
41417
41418
41419
41420
41421
41422
41423
41424
41425
41426
41427
41428
41429
41430
41431
41432
41433
41434
41435
41436
41437
41438
41439
41440
41441
41442
41443
41444
41445
41446
41447
41448
41449
41450
41451
41452
41453
41454
41455
41456
41457
41458
41459
41460
41461
41462
41463
41464
41465
41466
41467
41468
41469
41470
41471
41472
41473
41474
41475
41476
41477
41478
41479
41480
41481
41482
41483
41484
41485
41486
41487
41488
41489
41490
41491
41492
41493
41494
41495
41496
41497
41498
41499
41500
41501
41502
41503
41504
41505
41506
41507
41508
41509
41510
41511
41512
41513
41514
41515
41516
41517
41518
41519
41520
41521
41522
41523
41524
41525
41526
41527
41528
41529
41530
41531
41532
41533
41534
41535
41536
41537
41538
41539
41540
41541
41542
41543
41544
41545
41546
41547
41548
41549
41550
41551
41552
41553
41554
41555
41556
41557
41558
41559
41560
41561
41562
41563
41564
41565
41566
41567
41568
41569
41570
41571
41572
41573
41574
41575
41576
41577
41578
41579
41580
41581
41582
41583
41584
41585
41586
41587
41588
41589
41590
41591
41592
41593
41594
41595
41596
41597
41598
41599
41600
41601
41602
41603
41604
41605
41606
41607
41608
41609
41610
41611
41612
41613
41614
41615
41616
41617
41618
41619
41620
41621
41622
41623
41624
41625
41626
41627
41628
41629
41630
41631
41632
41633
41634
41635
41636
41637
41638
41639
41640
41641
41642
41643
41644
41645
41646
41647
41648
41649
41650
41651
41652
41653
41654
41655
41656
41657
41658
41659
41660
41661
41662
41663
41664
41665
41666
41667
41668
41669
41670
41671
41672
41673
41674
41675
41676
41677
41678
41679
41680
41681
41682
41683
41684
41685
41686
41687
41688
41689
41690
41691
41692
41693
41694
41695
41696
41697
41698
41699
41700
41701
41702
41703
41704
41705
41706
41707
41708
41709
41710
41711
41712
41713
41714
41715
41716
41717
41718
41719
41720
41721
41722
41723
41724
41725
41726
41727
41728
41729
41730
41731
41732
41733
41734
41735
41736
41737
41738
41739
41740
41741
41742
41743
41744
41745
41746
41747
41748
41749
41750
41751
41752
41753
41754
41755
41756
41757
41758
41759
41760
41761
41762
41763
41764
41765
41766
41767
41768
41769
41770
41771
41772
41773
41774
41775
41776
41777
41778
41779
41780
41781
41782
41783
41784
41785
41786
41787
41788
41789
41790
41791
41792
41793
41794
41795
41796
41797
41798
41799
41800
41801
41802
41803
41804
41805
41806
41807
41808
41809
41810
41811
41812
41813
41814
41815
41816
41817
41818
41819
41820
41821
41822
41823
41824
41825
41826
41827
41828
41829
41830
41831
41832
41833
41834
41835
41836
41837
41838
41839
41840
41841
41842
41843
41844
41845
41846
41847
41848
41849
41850
41851
41852
41853
41854
41855
41856
41857
41858
41859
41860
41861
41862
41863
41864
41865
41866
41867
41868
41869
41870
41871
41872
41873
41874
41875
41876
41877
41878
41879
41880
41881
41882
41883
41884
41885
41886
41887
41888
41889
41890
41891
41892
41893
41894
41895
41896
41897
41898
41899
41900
41901
41902
41903
41904
41905
41906
41907
41908
41909
41910
41911
41912
41913
41914
41915
41916
41917
41918
41919
41920
41921
41922
41923
41924
41925
41926
41927
41928
41929
41930
41931
41932
41933
41934
41935
41936
41937
41938
41939
41940
41941
41942
41943
41944
41945
41946
41947
41948
41949
41950
41951
41952
41953
41954
41955
41956
41957
41958
41959
41960
41961
41962
41963
41964
41965
41966
41967
41968
41969
41970
41971
41972
41973
41974
41975
41976
41977
41978
41979
41980
41981
41982
41983
41984
41985
41986
41987
41988
41989
41990
41991
41992
41993
41994
41995
41996
41997
41998
41999
42000
42001
42002
42003
42004
42005
42006
42007
42008
42009
42010
42011
42012
42013
42014
42015
42016
42017
42018
42019
42020
42021
42022
42023
42024
42025
42026
42027
42028
42029
42030
42031
42032
42033
42034
42035
42036
42037
42038
42039
42040
42041
42042
42043
42044
42045
42046
42047
42048
42049
42050
42051
42052
42053
42054
42055
42056
42057
42058
42059
42060
42061
42062
42063
42064
42065
42066
42067
42068
42069
42070
42071
42072
42073
42074
42075
42076
42077
42078
42079
42080
42081
42082
42083
42084
42085
42086
42087
42088
42089
42090
42091
42092
42093
42094
42095
42096
42097
42098
42099
42100
42101
42102
42103
42104
42105
42106
42107
42108
42109
42110
42111
42112
42113
42114
42115
42116
42117
42118
42119
42120
42121
42122
42123
42124
42125
42126
42127
42128
42129
42130
42131
42132
42133
42134
42135
42136
42137
42138
42139
42140
42141
42142
42143
42144
42145
42146
42147
42148
42149
42150
42151
42152
42153
42154
42155
42156
42157
42158
42159
42160
42161
42162
42163
42164
42165
42166
42167
42168
42169
42170
42171
42172
42173
42174
42175
42176
42177
42178
42179
42180
42181
42182
42183
42184
42185
42186
42187
42188
42189
42190
42191
42192
42193
42194
42195
42196
42197
42198
42199
42200
42201
42202
42203
42204
42205
42206
42207
42208
42209
42210
42211
42212
42213
42214
42215
42216
42217
42218
42219
42220
42221
42222
42223
42224
42225
42226
42227
42228
42229
42230
42231
42232
42233
42234
42235
42236
42237
42238
42239
42240
42241
42242
42243
42244
42245
42246
42247
42248
42249
42250
42251
42252
42253
42254
42255
42256
42257
42258
42259
42260
42261
42262
42263
42264
42265
42266
42267
42268
42269
42270
42271
42272
42273
42274
42275
42276
42277
42278
42279
42280
42281
42282
42283
42284
42285
42286
42287
42288
42289
42290
42291
42292
42293
42294
42295
42296
42297
42298
42299
42300
42301
42302
42303
42304
42305
42306
42307
42308
42309
42310
42311
42312
42313
42314
42315
42316
42317
42318
42319
42320
42321
42322
42323
42324
42325
42326
42327
42328
42329
42330
42331
42332
42333
42334
42335
42336
42337
42338
42339
42340
42341
42342
42343
42344
42345
42346
42347
42348
42349
42350
42351
42352
42353
42354
42355
42356
42357
42358
42359
42360
42361
42362
42363
42364
42365
42366
42367
42368
42369
42370
42371
42372
42373
42374
42375
42376
42377
42378
42379
42380
42381
42382
42383
42384
42385
42386
42387
42388
42389
42390
42391
42392
42393
42394
42395
42396
42397
42398
42399
42400
42401
42402
42403
42404
42405
42406
42407
42408
42409
42410
42411
42412
42413
42414
42415
42416
42417
42418
42419
42420
42421
42422
42423
42424
42425
42426
42427
42428
42429
42430
42431
42432
42433
42434
42435
42436
42437
42438
42439
42440
42441
42442
42443
42444
42445
42446
42447
42448
42449
42450
42451
42452
42453
42454
42455
42456
42457
42458
42459
42460
42461
42462
42463
42464
42465
42466
42467
42468
42469
42470
42471
42472
42473
42474
42475
42476
42477
42478
42479
42480
42481
42482
42483
42484
42485
42486
42487
42488
42489
42490
42491
42492
42493
42494
42495
42496
42497
42498
42499
42500
42501
42502
42503
42504
42505
42506
42507
42508
42509
42510
42511
42512
42513
42514
42515
42516
42517
42518
42519
42520
42521
42522
42523
42524
42525
42526
42527
42528
42529
42530
42531
42532
42533
42534
42535
42536
42537
42538
42539
42540
42541
42542
42543
42544
42545
42546
42547
42548
42549
42550
42551
42552
42553
42554
42555
42556
42557
42558
42559
42560
42561
42562
42563
42564
42565
42566
42567
42568
42569
42570
42571
42572
42573
42574
42575
42576
42577
42578
42579
42580
42581
42582
42583
42584
42585
42586
42587
42588
42589
42590
42591
42592
42593
42594
42595
42596
42597
42598
42599
42600
42601
42602
42603
42604
42605
42606
42607
42608
42609
42610
42611
42612
42613
42614
42615
42616
42617
42618
42619
42620
42621
42622
42623
42624
42625
42626
42627
42628
42629
42630
42631
42632
42633
42634
42635
42636
42637
42638
42639
42640
42641
42642
42643
42644
42645
42646
42647
42648
42649
42650
42651
42652
42653
42654
42655
42656
42657
42658
42659
42660
42661
42662
42663
42664
42665
42666
42667
42668
42669
42670
42671
42672
42673
42674
42675
42676
42677
42678
42679
42680
42681
42682
42683
42684
42685
42686
42687
42688
42689
42690
42691
42692
42693
42694
42695
42696
42697
42698
42699
42700
42701
42702
42703
42704
42705
42706
42707
42708
42709
42710
42711
42712
42713
42714
42715
42716
42717
42718
42719
42720
42721
42722
42723
42724
42725
42726
42727
42728
42729
42730
42731
42732
42733
42734
42735
42736
42737
42738
42739
42740
42741
42742
42743
42744
42745
42746
42747
42748
42749
42750
42751
42752
42753
42754
42755
42756
42757
42758
42759
42760
42761
42762
42763
42764
42765
42766
42767
42768
42769
42770
42771
42772
42773
42774
42775
42776
42777
42778
42779
42780
42781
42782
42783
42784
42785
42786
42787
42788
42789
42790
42791
42792
42793
42794
42795
42796
42797
42798
42799
42800
42801
42802
42803
42804
42805
42806
42807
42808
42809
42810
42811
42812
42813
42814
42815
42816
42817
42818
42819
42820
42821
42822
42823
42824
42825
42826
42827
42828
42829
42830
42831
42832
42833
42834
42835
42836
42837
42838
42839
42840
42841
42842
42843
42844
42845
42846
42847
42848
42849
42850
42851
42852
42853
42854
42855
42856
42857
42858
42859
42860
42861
42862
42863
42864
42865
42866
42867
42868
42869
42870
42871
42872
42873
42874
42875
42876
42877
42878
42879
42880
42881
42882
42883
42884
42885
42886
42887
42888
42889
42890
42891
42892
42893
42894
42895
42896
42897
42898
42899
42900
42901
42902
42903
42904
42905
42906
42907
42908
42909
42910
42911
42912
42913
42914
42915
42916
42917
42918
42919
42920
42921
42922
42923
42924
42925
42926
42927
42928
42929
42930
42931
42932
42933
42934
42935
42936
42937
42938
42939
42940
42941
42942
42943
42944
42945
42946
42947
42948
42949
42950
42951
42952
42953
42954
42955
42956
42957
42958
42959
42960
42961
42962
42963
42964
42965
42966
42967
42968
42969
42970
42971
42972
42973
42974
42975
42976
42977
42978
42979
42980
42981
42982
42983
42984
42985
42986
42987
42988
42989
42990
42991
42992
42993
42994
42995
42996
42997
42998
42999
43000
43001
43002
43003
43004
43005
43006
43007
43008
43009
43010
43011
43012
43013
43014
43015
43016
43017
43018
43019
43020
43021
43022
43023
43024
43025
43026
43027
43028
43029
43030
43031
43032
43033
43034
43035
43036
43037
43038
43039
43040
43041
43042
43043
43044
43045
43046
43047
43048
43049
43050
43051
43052
43053
43054
43055
43056
43057
43058
43059
43060
43061
43062
43063
43064
43065
43066
43067
43068
43069
43070
43071
43072
43073
43074
43075
43076
43077
43078
43079
43080
43081
43082
43083
43084
43085
43086
43087
43088
43089
43090
43091
43092
43093
43094
43095
43096
43097
43098
43099
43100
43101
43102
43103
43104
43105
43106
43107
43108
43109
43110
43111
43112
43113
43114
43115
43116
43117
43118
43119
43120
43121
43122
43123
43124
43125
43126
43127
43128
43129
43130
43131
43132
43133
43134
43135
43136
43137
43138
43139
43140
43141
43142
43143
43144
43145
43146
43147
43148
43149
43150
43151
43152
43153
43154
43155
43156
43157
43158
43159
43160
43161
43162
43163
43164
43165
43166
43167
43168
43169
43170
43171
43172
43173
43174
43175
43176
43177
43178
43179
43180
43181
43182
43183
43184
43185
43186
43187
43188
43189
43190
43191
43192
43193
43194
43195
43196
43197
43198
43199
43200
43201
43202
43203
43204
43205
43206
43207
43208
43209
43210
43211
43212
43213
43214
43215
43216
43217
43218
43219
43220
43221
43222
43223
43224
43225
43226
43227
43228
43229
43230
43231
43232
43233
43234
43235
43236
43237
43238
43239
43240
43241
43242
43243
43244
43245
43246
43247
43248
43249
43250
43251
43252
43253
43254
43255
43256
43257
43258
43259
43260
43261
43262
43263
43264
43265
43266
43267
43268
43269
43270
43271
43272
43273
43274
43275
43276
43277
43278
43279
43280
43281
43282
43283
43284
43285
43286
43287
43288
43289
43290
43291
43292
43293
43294
43295
43296
43297
43298
43299
43300
43301
43302
43303
43304
43305
43306
43307
43308
43309
43310
43311
43312
43313
43314
43315
43316
43317
43318
43319
43320
43321
43322
43323
43324
43325
43326
43327
43328
43329
43330
43331
43332
43333
43334
43335
43336
43337
43338
43339
43340
43341
43342
43343
43344
43345
43346
43347
43348
43349
43350
43351
43352
43353
43354
43355
43356
43357
43358
43359
43360
43361
43362
43363
43364
43365
43366
43367
43368
43369
43370
43371
43372
43373
43374
43375
43376
43377
43378
43379
43380
43381
43382
43383
43384
43385
43386
43387
43388
43389
43390
43391
43392
43393
43394
43395
43396
43397
43398
43399
43400
43401
43402
43403
43404
43405
43406
43407
43408
43409
43410
43411
43412
43413
43414
43415
43416
43417
43418
43419
43420
43421
43422
43423
43424
43425
43426
43427
43428
43429
43430
43431
43432
43433
43434
43435
43436
43437
43438
43439
43440
43441
43442
43443
43444
43445
43446
43447
43448
43449
43450
43451
43452
43453
43454
43455
43456
43457
43458
43459
43460
43461
43462
43463
43464
43465
43466
43467
43468
43469
43470
43471
43472
43473
43474
43475
43476
43477
43478
43479
43480
43481
43482
43483
43484
43485
43486
43487
43488
43489
43490
43491
43492
43493
43494
43495
43496
43497
43498
43499
43500
43501
43502
43503
43504
43505
43506
43507
43508
43509
43510
43511
43512
43513
43514
43515
43516
43517
43518
43519
43520
43521
43522
43523
43524
43525
43526
43527
43528
43529
43530
43531
43532
43533
43534
43535
43536
43537
43538
43539
43540
43541
43542
43543
43544
43545
43546
43547
43548
43549
43550
43551
43552
43553
43554
43555
43556
43557
43558
43559
43560
43561
43562
43563
43564
43565
43566
43567
43568
43569
43570
43571
43572
43573
43574
43575
43576
43577
43578
43579
43580
43581
43582
43583
43584
43585
43586
43587
43588
43589
43590
43591
43592
43593
43594
43595
43596
43597
43598
43599
43600
43601
43602
43603
43604
43605
43606
43607
43608
43609
43610
43611
43612
43613
43614
43615
43616
43617
43618
43619
43620
43621
43622
43623
43624
43625
43626
43627
43628
43629
43630
43631
43632
43633
43634
43635
43636
43637
43638
43639
43640
43641
43642
43643
43644
43645
43646
43647
43648
43649
43650
43651
43652
43653
43654
43655
43656
43657
43658
43659
43660
43661
43662
43663
43664
43665
43666
43667
43668
43669
43670
43671
43672
43673
43674
43675
43676
43677
43678
43679
43680
43681
43682
43683
43684
43685
43686
43687
43688
43689
43690
43691
43692
43693
43694
43695
43696
43697
43698
43699
43700
43701
43702
43703
43704
43705
43706
43707
43708
43709
43710
43711
43712
43713
43714
43715
43716
43717
43718
43719
43720
43721
43722
43723
43724
43725
43726
43727
43728
43729
43730
43731
43732
43733
43734
43735
43736
43737
43738
43739
43740
43741
43742
43743
43744
43745
43746
43747
43748
43749
43750
43751
43752
43753
43754
43755
43756
43757
43758
43759
43760
43761
43762
43763
43764
43765
43766
43767
43768
43769
43770
43771
43772
43773
43774
43775
43776
43777
43778
43779
43780
43781
43782
43783
43784
43785
43786
43787
43788
43789
43790
43791
43792
43793
43794
43795
43796
43797
43798
43799
43800
43801
43802
43803
43804
43805
43806
43807
43808
43809
43810
43811
43812
43813
43814
43815
43816
43817
43818
43819
43820
43821
43822
43823
43824
43825
43826
43827
43828
43829
43830
43831
43832
43833
43834
43835
43836
43837
43838
43839
43840
43841
43842
43843
43844
43845
43846
43847
43848
43849
43850
43851
43852
43853
43854
43855
43856
43857
43858
43859
43860
43861
43862
43863
43864
43865
43866
43867
43868
43869
43870
43871
43872
43873
43874
43875
43876
43877
43878
43879
43880
43881
43882
43883
43884
43885
43886
43887
43888
43889
43890
43891
43892
43893
43894
43895
43896
43897
43898
43899
43900
43901
43902
43903
43904
43905
43906
43907
43908
43909
43910
43911
43912
43913
43914
43915
43916
43917
43918
43919
43920
43921
43922
43923
43924
43925
43926
43927
43928
43929
43930
43931
43932
43933
43934
43935
43936
43937
43938
43939
43940
43941
43942
43943
43944
43945
43946
43947
43948
43949
43950
43951
43952
43953
43954
43955
43956
43957
43958
43959
43960
43961
43962
43963
43964
43965
43966
43967
43968
43969
43970
43971
43972
43973
43974
43975
43976
43977
43978
43979
43980
43981
43982
43983
43984
43985
43986
43987
43988
43989
43990
43991
43992
43993
43994
43995
43996
43997
43998
43999
44000
44001
44002
44003
44004
44005
44006
44007
44008
44009
44010
44011
44012
44013
44014
44015
44016
44017
44018
44019
44020
44021
44022
44023
44024
44025
44026
44027
44028
44029
44030
44031
44032
44033
44034
44035
44036
44037
44038
44039
44040
44041
44042
44043
44044
44045
44046
44047
44048
44049
44050
44051
44052
44053
44054
44055
44056
44057
44058
44059
44060
44061
44062
44063
44064
44065
44066
44067
44068
44069
44070
44071
44072
44073
44074
44075
44076
44077
44078
44079
44080
44081
44082
44083
44084
44085
44086
44087
44088
44089
44090
44091
44092
44093
44094
44095
44096
44097
44098
44099
44100
44101
44102
44103
44104
44105
44106
44107
44108
44109
44110
44111
44112
44113
44114
44115
44116
44117
44118
44119
44120
44121
44122
44123
44124
44125
44126
44127
44128
44129
44130
44131
44132
44133
44134
44135
44136
44137
44138
44139
44140
44141
44142
44143
44144
44145
44146
44147
44148
44149
44150
44151
44152
44153
44154
44155
44156
44157
44158
44159
44160
44161
44162
44163
44164
44165
44166
44167
44168
44169
44170
44171
44172
44173
44174
44175
44176
44177
44178
44179
44180
44181
44182
44183
44184
44185
44186
44187
44188
44189
44190
44191
44192
44193
44194
44195
44196
44197
44198
44199
44200
44201
44202
44203
44204
44205
44206
44207
44208
44209
44210
44211
44212
44213
44214
44215
44216
44217
44218
44219
44220
44221
44222
44223
44224
44225
44226
44227
44228
44229
44230
44231
44232
44233
44234
44235
44236
44237
44238
44239
44240
44241
44242
44243
44244
44245
44246
44247
44248
44249
44250
44251
44252
44253
44254
44255
44256
44257
44258
44259
44260
44261
44262
44263
44264
44265
44266
44267
44268
44269
44270
44271
44272
44273
44274
44275
44276
44277
44278
44279
44280
44281
44282
44283
44284
44285
44286
44287
44288
44289
44290
44291
44292
44293
44294
44295
44296
44297
44298
44299
44300
44301
44302
44303
44304
44305
44306
44307
44308
44309
44310
44311
44312
44313
44314
44315
44316
44317
44318
44319
44320
44321
44322
44323
44324
44325
44326
44327
44328
44329
44330
44331
44332
44333
44334
44335
44336
44337
44338
44339
44340
44341
44342
44343
44344
44345
44346
44347
44348
44349
44350
44351
44352
44353
44354
44355
44356
44357
44358
44359
44360
44361
44362
44363
44364
44365
44366
44367
44368
44369
44370
44371
44372
44373
44374
44375
44376
44377
44378
44379
44380
44381
44382
44383
44384
44385
44386
44387
44388
44389
44390
44391
44392
44393
44394
44395
44396
44397
44398
44399
44400
44401
44402
44403
44404
44405
44406
44407
44408
44409
44410
44411
44412
44413
44414
44415
44416
44417
44418
44419
44420
44421
44422
44423
44424
44425
44426
44427
44428
44429
44430
44431
44432
44433
44434
44435
44436
44437
44438
44439
44440
44441
44442
44443
44444
44445
44446
44447
44448
44449
44450
44451
44452
44453
44454
44455
44456
44457
44458
44459
44460
44461
44462
44463
44464
44465
44466
44467
44468
44469
44470
44471
44472
44473
44474
44475
44476
44477
44478
44479
44480
44481
44482
44483
44484
44485
44486
44487
44488
44489
44490
44491
44492
44493
44494
44495
44496
44497
44498
44499
44500
44501
44502
44503
44504
44505
44506
44507
44508
44509
44510
44511
44512
44513
44514
44515
44516
44517
44518
44519
44520
44521
44522
44523
44524
44525
44526
44527
44528
44529
44530
44531
44532
44533
44534
44535
44536
44537
44538
44539
44540
44541
44542
44543
44544
44545
44546
44547
44548
44549
44550
44551
44552
44553
44554
44555
44556
44557
44558
44559
44560
44561
44562
44563
44564
44565
44566
44567
44568
44569
44570
44571
44572
44573
44574
44575
44576
44577
44578
44579
44580
44581
44582
44583
44584
44585
44586
44587
44588
44589
44590
44591
44592
44593
44594
44595
44596
44597
44598
44599
44600
44601
44602
44603
44604
44605
44606
44607
44608
44609
44610
44611
44612
44613
44614
44615
44616
44617
44618
44619
44620
44621
44622
44623
44624
44625
44626
44627
44628
44629
44630
44631
44632
44633
44634
44635
44636
44637
44638
44639
44640
44641
44642
44643
44644
44645
44646
44647
44648
44649
44650
44651
44652
44653
44654
44655
44656
44657
44658
44659
44660
44661
44662
44663
44664
44665
44666
44667
44668
44669
44670
44671
44672
44673
44674
44675
44676
44677
44678
44679
44680
44681
44682
44683
44684
44685
44686
44687
44688
44689
44690
44691
44692
44693
44694
44695
44696
44697
44698
44699
44700
44701
44702
44703
44704
44705
44706
44707
44708
44709
44710
44711
44712
44713
44714
44715
44716
44717
44718
44719
44720
44721
44722
44723
44724
44725
44726
44727
44728
44729
44730
44731
44732
44733
44734
44735
44736
44737
44738
44739
44740
44741
44742
44743
44744
44745
44746
44747
44748
44749
44750
44751
44752
44753
44754
44755
44756
44757
44758
44759
44760
44761
44762
44763
44764
44765
44766
44767
44768
44769
44770
44771
44772
44773
44774
44775
44776
44777
44778
44779
44780
44781
44782
44783
44784
44785
44786
44787
44788
44789
44790
44791
44792
44793
44794
44795
44796
44797
44798
44799
44800
44801
44802
44803
44804
44805
44806
44807
44808
44809
44810
44811
44812
44813
44814
44815
44816
44817
44818
44819
44820
44821
44822
44823
44824
44825
44826
44827
44828
44829
44830
44831
44832
44833
44834
44835
44836
44837
44838
44839
44840
44841
44842
44843
44844
44845
44846
44847
44848
44849
44850
44851
44852
44853
44854
44855
44856
44857
44858
44859
44860
44861
44862
44863
44864
44865
44866
44867
44868
44869
44870
44871
44872
44873
44874
44875
44876
44877
44878
44879
44880
44881
44882
44883
44884
44885
44886
44887
44888
44889
44890
44891
44892
44893
44894
44895
44896
44897
44898
44899
44900
44901
44902
44903
44904
44905
44906
44907
44908
44909
44910
44911
44912
44913
44914
44915
44916
44917
44918
44919
44920
44921
44922
44923
44924
44925
44926
44927
44928
44929
44930
44931
44932
44933
44934
44935
44936
44937
44938
44939
44940
44941
44942
44943
44944
44945
44946
44947
44948
44949
44950
44951
44952
44953
44954
44955
44956
44957
44958
44959
44960
44961
44962
44963
44964
44965
44966
44967
44968
44969
44970
44971
44972
44973
44974
44975
44976
44977
44978
44979
44980
44981
44982
44983
44984
44985
44986
44987
44988
44989
44990
44991
44992
44993
44994
44995
44996
44997
44998
44999
45000
45001
45002
45003
45004
45005
45006
45007
45008
45009
45010
45011
45012
45013
45014
45015
45016
45017
45018
45019
45020
45021
45022
45023
45024
45025
45026
45027
45028
45029
45030
45031
45032
45033
45034
45035
45036
45037
45038
45039
45040
45041
45042
45043
45044
45045
45046
45047
45048
45049
45050
45051
45052
45053
45054
45055
45056
45057
45058
45059
45060
45061
45062
45063
45064
45065
45066
45067
45068
45069
45070
45071
45072
45073
45074
45075
45076
45077
45078
45079
45080
45081
45082
45083
45084
45085
45086
45087
45088
45089
45090
45091
45092
45093
45094
45095
45096
45097
45098
45099
45100
45101
45102
45103
45104
45105
45106
45107
45108
45109
45110
45111
45112
45113
45114
45115
45116
45117
45118
45119
45120
45121
45122
45123
45124
45125
45126
45127
45128
45129
45130
45131
45132
45133
45134
45135
45136
45137
45138
45139
45140
45141
45142
45143
45144
45145
45146
45147
45148
45149
45150
45151
45152
45153
45154
45155
45156
45157
45158
45159
45160
45161
45162
45163
45164
45165
45166
45167
45168
45169
45170
45171
45172
45173
45174
45175
45176
45177
45178
45179
45180
45181
45182
45183
45184
45185
45186
45187
45188
45189
45190
45191
45192
45193
45194
45195
45196
45197
45198
45199
45200
45201
45202
45203
45204
45205
45206
45207
45208
45209
45210
45211
45212
45213
45214
45215
45216
45217
45218
45219
45220
45221
45222
45223
45224
45225
45226
45227
45228
45229
45230
45231
45232
45233
45234
45235
45236
45237
45238
45239
45240
45241
45242
45243
45244
45245
45246
45247
45248
45249
45250
45251
45252
45253
45254
45255
45256
45257
45258
45259
45260
45261
45262
45263
45264
45265
45266
45267
45268
45269
45270
45271
45272
45273
45274
45275
45276
45277
45278
45279
45280
45281
45282
45283
45284
45285
45286
45287
45288
45289
45290
45291
45292
45293
45294
45295
45296
45297
45298
45299
45300
45301
45302
45303
45304
45305
45306
45307
45308
45309
45310
45311
45312
45313
45314
45315
45316
45317
45318
45319
45320
45321
45322
45323
45324
45325
45326
45327
45328
45329
45330
45331
45332
45333
45334
45335
45336
45337
45338
45339
45340
45341
45342
45343
45344
45345
45346
45347
45348
45349
45350
45351
45352
45353
45354
45355
45356
45357
45358
45359
45360
45361
45362
45363
45364
45365
45366
45367
45368
45369
45370
45371
45372
45373
45374
45375
45376
45377
45378
45379
45380
45381
45382
45383
45384
45385
45386
45387
45388
45389
45390
45391
45392
45393
45394
45395
45396
45397
45398
45399
45400
45401
45402
45403
45404
45405
45406
45407
45408
45409
45410
45411
45412
45413
45414
45415
45416
45417
45418
45419
45420
45421
45422
45423
45424
45425
45426
45427
45428
45429
45430
45431
45432
45433
45434
45435
45436
45437
45438
45439
45440
45441
45442
45443
45444
45445
45446
45447
45448
45449
45450
45451
45452
45453
45454
45455
45456
45457
45458
45459
45460
45461
45462
45463
45464
45465
45466
45467
45468
45469
45470
45471
45472
45473
45474
45475
45476
45477
45478
45479
45480
45481
45482
45483
45484
45485
45486
45487
45488
45489
45490
45491
45492
45493
45494
45495
45496
45497
45498
45499
45500
45501
45502
45503
45504
45505
45506
45507
45508
45509
45510
45511
45512
45513
45514
45515
45516
45517
45518
45519
45520
45521
45522
45523
45524
45525
45526
45527
45528
45529
45530
45531
45532
45533
45534
45535
45536
45537
45538
45539
45540
45541
45542
45543
45544
45545
45546
45547
45548
45549
45550
45551
45552
45553
45554
45555
45556
45557
45558
45559
45560
45561
45562
45563
45564
45565
45566
45567
45568
45569
45570
45571
45572
45573
45574
45575
45576
45577
45578
45579
45580
45581
45582
45583
45584
45585
45586
45587
45588
45589
45590
45591
45592
45593
45594
45595
45596
45597
45598
45599
45600
45601
45602
45603
45604
45605
45606
45607
45608
45609
45610
45611
45612
45613
45614
45615
45616
45617
45618
45619
45620
45621
45622
45623
45624
45625
45626
45627
45628
45629
45630
45631
45632
45633
45634
45635
45636
45637
45638
45639
45640
45641
45642
45643
45644
45645
45646
45647
45648
45649
45650
45651
45652
45653
45654
45655
45656
45657
45658
45659
45660
45661
45662
45663
45664
45665
45666
45667
45668
45669
45670
45671
45672
45673
45674
45675
45676
45677
45678
45679
45680
45681
45682
45683
45684
45685
45686
45687
45688
45689
45690
45691
45692
45693
45694
45695
45696
45697
45698
45699
45700
45701
45702
45703
45704
45705
45706
45707
45708
45709
45710
45711
45712
45713
45714
45715
45716
45717
45718
45719
45720
45721
45722
45723
45724
45725
45726
45727
45728
45729
45730
45731
45732
45733
45734
45735
45736
45737
45738
45739
45740
45741
45742
45743
45744
45745
45746
45747
45748
45749
45750
45751
45752
45753
45754
45755
45756
45757
45758
45759
45760
45761
45762
45763
45764
45765
45766
45767
45768
45769
45770
45771
45772
45773
45774
45775
45776
45777
45778
45779
45780
45781
45782
45783
45784
45785
45786
45787
45788
45789
45790
45791
45792
45793
45794
45795
45796
45797
45798
45799
45800
45801
45802
45803
45804
45805
45806
45807
45808
45809
45810
45811
45812
45813
45814
45815
45816
45817
45818
45819
45820
45821
45822
45823
45824
45825
45826
45827
45828
45829
45830
45831
45832
45833
45834
45835
45836
45837
45838
45839
45840
45841
45842
45843
45844
45845
45846
45847
45848
45849
45850
45851
45852
45853
45854
45855
45856
45857
45858
45859
45860
45861
45862
45863
45864
45865
45866
45867
45868
45869
45870
45871
45872
45873
45874
45875
45876
45877
45878
45879
45880
45881
45882
45883
45884
45885
45886
45887
45888
45889
45890
45891
45892
45893
45894
45895
45896
45897
45898
45899
45900
45901
45902
45903
45904
45905
45906
45907
45908
45909
45910
45911
45912
45913
45914
45915
45916
45917
45918
45919
45920
45921
45922
45923
45924
45925
45926
45927
45928
45929
45930
45931
45932
45933
45934
45935
45936
45937
45938
45939
45940
45941
45942
45943
45944
45945
45946
45947
45948
45949
45950
45951
45952
45953
45954
45955
45956
45957
45958
45959
45960
45961
45962
45963
45964
45965
45966
45967
45968
45969
45970
45971
45972
45973
45974
45975
45976
45977
45978
45979
45980
45981
45982
45983
45984
45985
45986
45987
45988
45989
45990
45991
45992
45993
45994
45995
45996
45997
45998
45999
46000
46001
46002
46003
46004
46005
46006
46007
46008
46009
46010
46011
46012
46013
46014
46015
46016
46017
46018
46019
46020
46021
46022
46023
46024
46025
46026
46027
46028
46029
46030
46031
46032
46033
46034
46035
46036
46037
46038
46039
46040
46041
46042
46043
46044
46045
46046
46047
46048
46049
46050
46051
46052
46053
46054
46055
46056
46057
46058
46059
46060
46061
46062
46063
46064
46065
46066
46067
46068
46069
46070
46071
46072
46073
46074
46075
46076
46077
46078
46079
46080
46081
46082
46083
46084
46085
46086
46087
46088
46089
46090
46091
46092
46093
46094
46095
46096
46097
46098
46099
46100
46101
46102
46103
46104
46105
46106
46107
46108
46109
46110
46111
46112
46113
46114
46115
46116
46117
46118
46119
46120
46121
46122
46123
46124
46125
46126
46127
46128
46129
46130
46131
46132
46133
46134
46135
46136
46137
46138
46139
46140
46141
46142
46143
46144
46145
46146
46147
46148
46149
46150
46151
46152
46153
46154
46155
46156
46157
46158
46159
46160
46161
46162
46163
46164
46165
46166
46167
46168
46169
46170
46171
46172
46173
46174
46175
46176
46177
46178
46179
46180
46181
46182
46183
46184
46185
46186
46187
46188
46189
46190
46191
46192
46193
46194
46195
46196
46197
46198
46199
46200
46201
46202
46203
46204
46205
46206
46207
46208
46209
46210
46211
46212
46213
46214
46215
46216
46217
46218
46219
46220
46221
46222
46223
46224
46225
46226
46227
46228
46229
46230
46231
46232
46233
46234
46235
46236
46237
46238
46239
46240
46241
46242
46243
46244
46245
46246
46247
46248
46249
46250
46251
46252
46253
46254
46255
46256
46257
46258
46259
46260
46261
46262
46263
46264
46265
46266
46267
46268
46269
46270
46271
46272
46273
46274
46275
46276
46277
46278
46279
46280
46281
46282
46283
46284
46285
46286
46287
46288
46289
46290
46291
46292
46293
46294
46295
46296
46297
46298
46299
46300
46301
46302
46303
46304
46305
46306
46307
46308
46309
46310
46311
46312
46313
46314
46315
46316
46317
46318
46319
46320
46321
46322
46323
46324
46325
46326
46327
46328
46329
46330
46331
46332
46333
46334
46335
46336
46337
46338
46339
46340
46341
46342
46343
46344
46345
46346
46347
46348
46349
46350
46351
46352
46353
46354
46355
46356
46357
46358
46359
46360
46361
46362
46363
46364
46365
46366
46367
46368
46369
46370
46371
46372
46373
46374
46375
46376
46377
46378
46379
46380
46381
46382
46383
46384
46385
46386
46387
46388
46389
46390
46391
46392
46393
46394
46395
46396
46397
46398
46399
46400
46401
46402
46403
46404
46405
46406
46407
46408
46409
46410
46411
46412
46413
46414
46415
46416
46417
46418
46419
46420
46421
46422
46423
46424
46425
46426
46427
46428
46429
46430
46431
46432
46433
46434
46435
46436
46437
46438
46439
46440
46441
46442
46443
46444
46445
46446
46447
46448
46449
46450
46451
46452
46453
46454
46455
46456
46457
46458
46459
46460
46461
46462
46463
46464
46465
46466
46467
46468
46469
46470
46471
46472
46473
46474
46475
46476
46477
46478
46479
46480
46481
46482
46483
46484
46485
46486
46487
46488
46489
46490
46491
46492
46493
46494
46495
46496
46497
46498
46499
46500
46501
46502
46503
46504
46505
46506
46507
46508
46509
46510
46511
46512
46513
46514
46515
46516
46517
46518
46519
46520
46521
46522
46523
46524
46525
46526
46527
46528
46529
46530
46531
46532
46533
46534
46535
46536
46537
46538
46539
46540
46541
46542
46543
46544
46545
46546
46547
46548
46549
46550
46551
46552
46553
46554
46555
46556
46557
46558
46559
46560
46561
46562
46563
46564
46565
46566
46567
46568
46569
46570
46571
46572
46573
46574
46575
46576
46577
46578
46579
46580
46581
46582
46583
46584
46585
46586
46587
46588
46589
46590
46591
46592
46593
46594
46595
46596
46597
46598
46599
46600
46601
46602
46603
46604
46605
46606
46607
46608
46609
46610
46611
46612
46613
46614
46615
46616
46617
46618
46619
46620
46621
46622
46623
46624
46625
46626
46627
46628
46629
46630
46631
46632
46633
46634
46635
46636
46637
46638
46639
46640
46641
46642
46643
46644
46645
46646
46647
46648
46649
46650
46651
46652
46653
46654
46655
46656
46657
46658
46659
46660
46661
46662
46663
46664
46665
46666
46667
46668
46669
46670
46671
46672
46673
46674
46675
46676
46677
46678
46679
46680
46681
46682
46683
46684
46685
46686
46687
46688
46689
46690
46691
46692
46693
46694
46695
46696
46697
46698
46699
46700
46701
46702
46703
46704
46705
46706
46707
46708
46709
46710
46711
46712
46713
46714
46715
46716
46717
46718
46719
46720
46721
46722
46723
46724
46725
46726
46727
46728
46729
46730
46731
46732
46733
46734
46735
46736
46737
46738
46739
46740
46741
46742
46743
46744
46745
46746
46747
46748
46749
46750
46751
46752
46753
46754
46755
46756
46757
46758
46759
46760
46761
46762
46763
46764
46765
46766
46767
46768
46769
46770
46771
46772
46773
46774
46775
46776
46777
46778
46779
46780
46781
46782
46783
46784
46785
46786
46787
46788
46789
46790
46791
46792
46793
46794
46795
46796
46797
46798
46799
46800
46801
46802
46803
46804
46805
46806
46807
46808
46809
46810
46811
46812
46813
46814
46815
46816
46817
46818
46819
46820
46821
46822
46823
46824
46825
46826
46827
46828
46829
46830
46831
46832
46833
46834
46835
46836
46837
46838
46839
46840
46841
46842
46843
46844
46845
46846
46847
46848
46849
46850
46851
46852
46853
46854
46855
46856
46857
46858
46859
46860
46861
46862
46863
46864
46865
46866
46867
46868
46869
46870
46871
46872
46873
46874
46875
46876
46877
46878
46879
46880
46881
46882
46883
46884
46885
46886
46887
46888
46889
46890
46891
46892
46893
46894
46895
46896
46897
46898
46899
46900
46901
46902
46903
46904
46905
46906
46907
46908
46909
46910
46911
46912
46913
46914
46915
46916
46917
46918
46919
46920
46921
46922
46923
46924
46925
46926
46927
46928
46929
46930
46931
46932
46933
46934
46935
46936
46937
46938
46939
46940
46941
46942
46943
46944
46945
46946
46947
46948
46949
46950
46951
46952
46953
46954
46955
46956
46957
46958
46959
46960
46961
46962
46963
46964
46965
46966
46967
46968
46969
46970
46971
46972
46973
46974
46975
46976
46977
46978
46979
46980
46981
46982
46983
46984
46985
46986
46987
46988
46989
46990
46991
46992
46993
46994
46995
46996
46997
46998
46999
47000
47001
47002
47003
47004
47005
47006
47007
47008
47009
47010
47011
47012
47013
47014
47015
47016
47017
47018
47019
47020
47021
47022
47023
47024
47025
47026
47027
47028
47029
47030
47031
47032
47033
47034
47035
47036
47037
47038
47039
47040
47041
47042
47043
47044
47045
47046
47047
47048
47049
47050
47051
47052
47053
47054
47055
47056
47057
47058
47059
47060
47061
47062
47063
47064
47065
47066
47067
47068
47069
47070
47071
47072
47073
47074
47075
47076
47077
47078
47079
47080
47081
47082
47083
47084
47085
47086
47087
47088
47089
47090
47091
47092
47093
47094
47095
47096
47097
47098
47099
47100
47101
47102
47103
47104
47105
47106
47107
47108
47109
47110
47111
47112
47113
47114
47115
47116
47117
47118
47119
47120
47121
47122
47123
47124
47125
47126
47127
47128
47129
47130
47131
47132
47133
47134
47135
47136
47137
47138
47139
47140
47141
47142
47143
47144
47145
47146
47147
47148
47149
47150
47151
47152
47153
47154
47155
47156
47157
47158
47159
47160
47161
47162
47163
47164
47165
47166
47167
47168
47169
47170
47171
47172
47173
47174
47175
47176
47177
47178
47179
47180
47181
47182
47183
47184
47185
47186
47187
47188
47189
47190
47191
47192
47193
47194
47195
47196
47197
47198
47199
47200
47201
47202
47203
47204
47205
47206
47207
47208
47209
47210
47211
47212
47213
47214
47215
47216
47217
47218
47219
47220
47221
47222
47223
47224
47225
47226
47227
47228
47229
47230
47231
47232
47233
47234
47235
47236
47237
47238
47239
47240
47241
47242
47243
47244
47245
47246
47247
47248
47249
47250
47251
47252
47253
47254
47255
47256
47257
47258
47259
47260
47261
47262
47263
47264
47265
47266
47267
47268
47269
47270
47271
47272
47273
47274
47275
47276
47277
47278
47279
47280
47281
47282
47283
47284
47285
47286
47287
47288
47289
47290
47291
47292
47293
47294
47295
47296
47297
47298
47299
47300
47301
47302
47303
47304
47305
47306
47307
47308
47309
47310
47311
47312
47313
47314
47315
47316
47317
47318
47319
47320
47321
47322
47323
47324
47325
47326
47327
47328
47329
47330
47331
47332
47333
47334
47335
47336
47337
47338
47339
47340
47341
47342
47343
47344
47345
47346
47347
47348
47349
47350
47351
47352
47353
47354
47355
47356
47357
47358
47359
47360
47361
47362
47363
47364
47365
47366
47367
47368
47369
47370
47371
47372
47373
47374
47375
47376
47377
47378
47379
47380
47381
47382
47383
47384
47385
47386
47387
47388
47389
47390
47391
47392
47393
47394
47395
47396
47397
47398
47399
47400
47401
47402
47403
47404
47405
47406
47407
47408
47409
47410
47411
47412
47413
47414
47415
47416
47417
47418
47419
47420
47421
47422
47423
47424
47425
47426
47427
47428
47429
47430
47431
47432
47433
47434
47435
47436
47437
47438
47439
47440
47441
47442
47443
47444
47445
47446
47447
47448
47449
47450
47451
47452
47453
47454
47455
47456
47457
47458
47459
47460
47461
47462
47463
47464
47465
47466
47467
47468
47469
47470
47471
47472
47473
47474
47475
47476
47477
47478
47479
47480
47481
47482
47483
47484
47485
47486
47487
47488
47489
47490
47491
47492
47493
47494
47495
47496
47497
47498
47499
47500
47501
47502
47503
47504
47505
47506
47507
47508
47509
47510
47511
47512
47513
47514
47515
47516
47517
47518
47519
47520
47521
47522
47523
47524
47525
47526
47527
47528
47529
47530
47531
47532
47533
47534
47535
47536
47537
47538
47539
47540
47541
47542
47543
47544
47545
47546
47547
47548
47549
47550
47551
47552
47553
47554
47555
47556
47557
47558
47559
47560
47561
47562
47563
47564
47565
47566
47567
47568
47569
47570
47571
47572
47573
47574
47575
47576
47577
47578
47579
47580
47581
47582
47583
47584
47585
47586
47587
47588
47589
47590
47591
47592
47593
47594
47595
47596
47597
47598
47599
47600
47601
47602
47603
47604
47605
47606
47607
47608
47609
47610
47611
47612
47613
47614
47615
47616
47617
47618
47619
47620
47621
47622
47623
47624
47625
47626
47627
47628
47629
47630
47631
47632
47633
47634
47635
47636
47637
47638
47639
47640
47641
47642
47643
47644
47645
47646
47647
47648
47649
47650
47651
47652
47653
47654
47655
47656
47657
47658
47659
47660
47661
47662
47663
47664
47665
47666
47667
47668
47669
47670
47671
47672
47673
47674
47675
47676
47677
47678
47679
47680
47681
47682
47683
47684
47685
47686
47687
47688
47689
47690
47691
47692
47693
47694
47695
47696
47697
47698
47699
47700
47701
47702
47703
47704
47705
47706
47707
47708
47709
47710
47711
47712
47713
47714
47715
47716
47717
47718
47719
47720
47721
47722
47723
47724
47725
47726
47727
47728
47729
47730
47731
47732
47733
47734
47735
47736
47737
47738
47739
47740
47741
47742
47743
47744
47745
47746
47747
47748
47749
47750
47751
47752
47753
47754
47755
47756
47757
47758
47759
47760
47761
47762
47763
47764
47765
47766
47767
47768
47769
47770
47771
47772
47773
47774
47775
47776
47777
47778
47779
47780
47781
47782
47783
47784
47785
47786
47787
47788
47789
47790
47791
47792
47793
47794
47795
47796
47797
47798
47799
47800
47801
47802
47803
47804
47805
47806
47807
47808
47809
47810
47811
47812
47813
47814
47815
47816
47817
47818
47819
47820
47821
47822
47823
47824
47825
47826
47827
47828
47829
47830
47831
47832
47833
47834
47835
47836
47837
47838
47839
47840
47841
47842
47843
47844
47845
47846
47847
47848
47849
47850
47851
47852
47853
47854
47855
47856
47857
47858
47859
47860
47861
47862
47863
47864
47865
47866
47867
47868
47869
47870
47871
47872
47873
47874
47875
47876
47877
47878
47879
47880
47881
47882
47883
47884
47885
47886
47887
47888
47889
47890
47891
47892
47893
47894
47895
47896
47897
47898
47899
47900
47901
47902
47903
47904
47905
47906
47907
47908
47909
47910
47911
47912
47913
47914
47915
47916
47917
47918
47919
47920
47921
47922
47923
47924
47925
47926
47927
47928
47929
47930
47931
47932
47933
47934
47935
47936
47937
47938
47939
47940
47941
47942
47943
47944
47945
47946
47947
47948
47949
47950
47951
47952
47953
47954
47955
47956
47957
47958
47959
47960
47961
47962
47963
47964
47965
47966
47967
47968
47969
47970
47971
47972
47973
47974
47975
47976
47977
47978
47979
47980
47981
47982
47983
47984
47985
47986
47987
47988
47989
47990
47991
47992
47993
47994
47995
47996
47997
47998
47999
48000
48001
48002
48003
48004
48005
48006
48007
48008
48009
48010
48011
48012
48013
48014
48015
48016
48017
48018
48019
48020
48021
48022
48023
48024
48025
48026
48027
48028
48029
48030
48031
48032
48033
48034
48035
48036
48037
48038
48039
48040
48041
48042
48043
48044
48045
48046
48047
48048
48049
48050
48051
48052
48053
48054
48055
48056
48057
48058
48059
48060
48061
48062
48063
48064
48065
48066
48067
48068
48069
48070
48071
48072
48073
48074
48075
48076
48077
48078
48079
48080
48081
48082
48083
48084
48085
48086
48087
48088
48089
48090
48091
48092
48093
48094
48095
48096
48097
48098
48099
48100
48101
48102
48103
48104
48105
48106
48107
48108
48109
48110
48111
48112
48113
48114
48115
48116
48117
48118
48119
48120
48121
48122
48123
48124
48125
48126
48127
48128
48129
48130
48131
48132
48133
48134
48135
48136
48137
48138
48139
48140
48141
48142
48143
48144
48145
48146
48147
48148
48149
48150
48151
48152
48153
48154
48155
48156
48157
48158
48159
48160
48161
48162
48163
48164
48165
48166
48167
48168
48169
48170
48171
48172
48173
48174
48175
48176
48177
48178
48179
48180
48181
48182
48183
48184
48185
48186
48187
48188
48189
48190
48191
48192
48193
48194
48195
48196
48197
48198
48199
48200
48201
48202
48203
48204
48205
48206
48207
48208
48209
48210
48211
48212
48213
48214
48215
48216
48217
48218
48219
48220
48221
48222
48223
48224
48225
48226
48227
48228
48229
48230
48231
48232
48233
48234
48235
48236
48237
48238
48239
48240
48241
48242
48243
48244
48245
48246
48247
48248
48249
48250
48251
48252
48253
48254
48255
48256
48257
48258
48259
48260
48261
48262
48263
48264
48265
48266
48267
48268
48269
48270
48271
48272
48273
48274
48275
48276
48277
48278
48279
48280
48281
48282
48283
48284
48285
48286
48287
48288
48289
48290
48291
48292
48293
48294
48295
48296
48297
48298
48299
48300
48301
48302
48303
48304
48305
48306
48307
48308
48309
48310
48311
48312
48313
48314
48315
48316
48317
48318
48319
48320
48321
48322
48323
48324
48325
48326
48327
48328
48329
48330
48331
48332
48333
48334
48335
48336
48337
48338
48339
48340
48341
48342
48343
48344
48345
48346
48347
48348
48349
48350
48351
48352
48353
48354
48355
48356
48357
48358
48359
48360
48361
48362
48363
48364
48365
48366
48367
48368
48369
48370
48371
48372
48373
48374
48375
48376
48377
48378
48379
48380
48381
48382
48383
48384
48385
48386
48387
48388
48389
48390
48391
48392
48393
48394
48395
48396
48397
48398
48399
48400
48401
48402
48403
48404
48405
48406
48407
48408
48409
48410
48411
48412
48413
48414
48415
48416
48417
48418
48419
48420
48421
48422
48423
48424
48425
48426
48427
48428
48429
48430
48431
48432
48433
48434
48435
48436
48437
48438
48439
48440
48441
48442
48443
48444
48445
48446
48447
48448
48449
48450
48451
48452
48453
48454
48455
48456
48457
48458
48459
48460
48461
48462
48463
48464
48465
48466
48467
48468
48469
48470
48471
48472
48473
48474
48475
48476
48477
48478
48479
48480
48481
48482
48483
48484
48485
48486
48487
48488
48489
48490
48491
48492
48493
48494
48495
48496
48497
48498
48499
48500
48501
48502
48503
48504
48505
48506
48507
48508
48509
48510
48511
48512
48513
48514
48515
48516
48517
48518
48519
48520
48521
48522
48523
48524
48525
48526
48527
48528
48529
48530
48531
48532
48533
48534
48535
48536
48537
48538
48539
48540
48541
48542
48543
48544
48545
48546
48547
48548
48549
48550
48551
48552
48553
48554
48555
48556
48557
48558
48559
48560
48561
48562
48563
48564
48565
48566
48567
48568
48569
48570
48571
48572
48573
48574
48575
48576
48577
48578
48579
48580
48581
48582
48583
48584
48585
48586
48587
48588
48589
48590
48591
48592
48593
48594
48595
48596
48597
48598
48599
48600
48601
48602
48603
48604
48605
48606
48607
48608
48609
48610
48611
48612
48613
48614
48615
48616
48617
48618
48619
48620
48621
48622
48623
48624
48625
48626
48627
48628
48629
48630
48631
48632
48633
48634
48635
48636
48637
48638
48639
48640
48641
48642
48643
48644
48645
48646
48647
48648
48649
48650
48651
48652
48653
48654
48655
48656
48657
48658
48659
48660
48661
48662
48663
48664
48665
48666
48667
48668
48669
48670
48671
48672
48673
48674
48675
48676
48677
48678
48679
48680
48681
48682
48683
48684
48685
48686
48687
48688
48689
48690
48691
48692
48693
48694
48695
48696
48697
48698
48699
48700
48701
48702
48703
48704
48705
48706
48707
48708
48709
48710
48711
48712
48713
48714
48715
48716
48717
48718
48719
48720
48721
48722
48723
48724
48725
48726
48727
48728
48729
48730
48731
48732
48733
48734
48735
48736
48737
48738
48739
48740
48741
48742
48743
48744
48745
48746
48747
48748
48749
48750
48751
48752
48753
48754
48755
48756
48757
48758
48759
48760
48761
48762
48763
48764
48765
48766
48767
48768
48769
48770
48771
48772
48773
48774
48775
48776
48777
48778
48779
48780
48781
48782
48783
48784
48785
48786
48787
48788
48789
48790
48791
48792
48793
48794
48795
48796
48797
48798
48799
48800
48801
48802
48803
48804
48805
48806
48807
48808
48809
48810
48811
48812
48813
48814
48815
48816
48817
48818
48819
48820
48821
48822
48823
48824
48825
48826
48827
48828
48829
48830
48831
48832
48833
48834
48835
48836
48837
48838
48839
48840
48841
48842
48843
48844
48845
48846
48847
48848
48849
48850
48851
48852
48853
48854
48855
48856
48857
48858
48859
48860
48861
48862
48863
48864
48865
48866
48867
48868
48869
48870
48871
48872
48873
48874
48875
48876
48877
48878
48879
48880
48881
48882
48883
48884
48885
48886
48887
48888
48889
48890
48891
48892
48893
48894
48895
48896
48897
48898
48899
48900
48901
48902
48903
48904
48905
48906
48907
48908
48909
48910
48911
48912
48913
48914
48915
48916
48917
48918
48919
48920
48921
48922
48923
48924
48925
48926
48927
48928
48929
48930
48931
48932
48933
48934
48935
48936
48937
48938
48939
48940
48941
48942
48943
48944
48945
48946
48947
48948
48949
48950
48951
48952
48953
48954
48955
48956
48957
48958
48959
48960
48961
48962
48963
48964
48965
48966
48967
48968
48969
48970
48971
48972
48973
48974
48975
48976
48977
48978
48979
48980
48981
48982
48983
48984
48985
48986
48987
48988
48989
48990
48991
48992
48993
48994
48995
48996
48997
48998
48999
49000
49001
49002
49003
49004
49005
49006
49007
49008
49009
49010
49011
49012
49013
49014
49015
49016
49017
49018
49019
49020
49021
49022
49023
49024
49025
49026
49027
49028
49029
49030
49031
49032
49033
49034
49035
49036
49037
49038
49039
49040
49041
49042
49043
49044
49045
49046
49047
49048
49049
49050
49051
49052
49053
49054
49055
49056
49057
49058
49059
49060
49061
49062
49063
49064
49065
49066
49067
49068
49069
49070
49071
49072
49073
49074
49075
49076
49077
49078
49079
49080
49081
49082
49083
49084
49085
49086
49087
49088
49089
49090
49091
49092
49093
49094
49095
49096
49097
49098
49099
49100
49101
49102
49103
49104
49105
49106
49107
49108
49109
49110
49111
49112
49113
49114
49115
49116
49117
49118
49119
49120
49121
49122
49123
49124
49125
49126
49127
49128
49129
49130
49131
49132
49133
49134
49135
49136
49137
49138
49139
49140
49141
49142
49143
49144
49145
49146
49147
49148
49149
49150
49151
49152
49153
49154
49155
49156
49157
49158
49159
49160
49161
49162
49163
49164
49165
49166
49167
49168
49169
49170
49171
49172
49173
49174
49175
49176
49177
49178
49179
49180
49181
49182
49183
49184
49185
49186
49187
49188
49189
49190
49191
49192
49193
49194
49195
49196
49197
49198
49199
49200
49201
49202
49203
49204
49205
49206
49207
49208
49209
49210
49211
49212
49213
49214
49215
49216
49217
49218
49219
49220
49221
49222
49223
49224
49225
49226
49227
49228
49229
49230
49231
49232
49233
49234
49235
49236
49237
49238
49239
49240
49241
49242
49243
49244
49245
49246
49247
49248
49249
49250
49251
49252
49253
49254
49255
49256
49257
49258
49259
49260
49261
49262
49263
49264
49265
49266
49267
49268
49269
49270
49271
49272
49273
49274
49275
49276
49277
49278
49279
49280
49281
49282
49283
49284
49285
49286
49287
49288
49289
49290
49291
49292
49293
49294
49295
49296
49297
49298
49299
49300
49301
49302
49303
49304
49305
49306
49307
49308
49309
49310
49311
49312
49313
49314
49315
49316
49317
49318
49319
49320
49321
49322
49323
49324
49325
49326
49327
49328
49329
49330
49331
49332
49333
49334
49335
49336
49337
49338
49339
49340
49341
49342
49343
49344
49345
49346
49347
49348
49349
49350
49351
49352
49353
49354
49355
49356
49357
49358
49359
49360
49361
49362
49363
49364
49365
49366
49367
49368
49369
49370
49371
49372
49373
49374
49375
49376
49377
49378
49379
49380
49381
49382
49383
49384
49385
49386
49387
49388
49389
49390
49391
49392
49393
49394
49395
49396
49397
49398
49399
49400
49401
49402
49403
49404
49405
49406
49407
49408
49409
49410
49411
49412
49413
49414
49415
49416
49417
49418
49419
49420
49421
49422
49423
49424
49425
49426
49427
49428
49429
49430
49431
49432
49433
49434
49435
49436
49437
49438
49439
49440
49441
49442
49443
49444
49445
49446
49447
49448
49449
49450
49451
49452
49453
49454
49455
49456
49457
49458
49459
49460
49461
49462
49463
49464
49465
49466
49467
49468
49469
49470
49471
49472
49473
49474
49475
49476
49477
49478
49479
49480
49481
49482
49483
49484
49485
49486
49487
49488
49489
49490
49491
49492
49493
49494
49495
49496
49497
49498
49499
49500
49501
49502
49503
49504
49505
49506
49507
49508
49509
49510
49511
49512
49513
49514
49515
49516
49517
49518
49519
49520
49521
49522
49523
49524
49525
49526
49527
49528
49529
49530
49531
49532
49533
49534
49535
49536
49537
49538
49539
49540
49541
49542
49543
49544
49545
49546
49547
49548
49549
49550
49551
49552
49553
49554
49555
49556
49557
49558
49559
49560
49561
49562
49563
49564
49565
49566
49567
49568
49569
49570
49571
49572
49573
49574
49575
49576
49577
49578
49579
49580
49581
49582
49583
49584
49585
49586
49587
49588
49589
49590
49591
49592
49593
49594
49595
49596
49597
49598
49599
49600
49601
49602
49603
49604
49605
49606
49607
49608
49609
49610
49611
49612
49613
49614
49615
49616
49617
49618
49619
49620
49621
49622
49623
49624
49625
49626
49627
49628
49629
49630
49631
49632
49633
49634
49635
49636
49637
49638
49639
49640
49641
49642
49643
49644
49645
49646
49647
49648
49649
49650
49651
49652
49653
49654
49655
49656
49657
49658
49659
49660
49661
49662
49663
49664
49665
49666
49667
49668
49669
49670
49671
49672
49673
49674
49675
49676
49677
49678
49679
49680
49681
49682
49683
49684
49685
49686
49687
49688
49689
49690
49691
49692
49693
49694
49695
49696
49697
49698
49699
49700
49701
49702
49703
49704
49705
49706
49707
49708
49709
49710
49711
49712
49713
49714
49715
49716
49717
49718
49719
49720
49721
49722
49723
49724
49725
49726
49727
49728
49729
49730
49731
49732
49733
49734
49735
49736
49737
49738
49739
49740
49741
49742
49743
49744
49745
49746
49747
49748
49749
49750
49751
49752
49753
49754
49755
49756
49757
49758
49759
49760
49761
49762
49763
49764
49765
49766
49767
49768
49769
49770
49771
49772
49773
49774
49775
49776
49777
49778
49779
49780
49781
49782
49783
49784
49785
49786
49787
49788
49789
49790
49791
49792
49793
49794
49795
49796
49797
49798
49799
49800
49801
49802
49803
49804
49805
49806
49807
49808
49809
49810
49811
49812
49813
49814
49815
49816
49817
49818
49819
49820
49821
49822
49823
49824
49825
49826
49827
49828
49829
49830
49831
49832
49833
49834
49835
49836
49837
49838
49839
49840
49841
49842
49843
49844
49845
49846
49847
49848
49849
49850
49851
49852
49853
49854
49855
49856
49857
49858
49859
49860
49861
49862
49863
49864
49865
49866
49867
49868
49869
49870
49871
49872
49873
49874
49875
49876
49877
49878
49879
49880
49881
49882
49883
49884
49885
49886
49887
49888
49889
49890
49891
49892
49893
49894
49895
49896
49897
49898
49899
49900
49901
49902
49903
49904
49905
49906
49907
49908
49909
49910
49911
49912
49913
49914
49915
49916
49917
49918
49919
49920
49921
49922
49923
49924
49925
49926
49927
49928
49929
49930
49931
49932
49933
49934
49935
49936
49937
49938
49939
49940
49941
49942
49943
49944
49945
49946
49947
49948
49949
49950
49951
49952
49953
49954
49955
49956
49957
49958
49959
49960
49961
49962
49963
49964
49965
49966
49967
49968
49969
49970
49971
49972
49973
49974
49975
49976
49977
49978
49979
49980
49981
49982
49983
49984
49985
49986
49987
49988
49989
49990
49991
49992
49993
49994
49995
49996
49997
49998
49999
50000
50001
50002
50003
50004
50005
50006
50007
50008
50009
50010
50011
50012
50013
50014
50015
50016
50017
50018
50019
50020
50021
50022
50023
50024
50025
50026
50027
50028
50029
50030
50031
50032
50033
50034
50035
50036
50037
50038
50039
50040
50041
50042
50043
50044
50045
50046
50047
50048
50049
50050
50051
50052
50053
50054
50055
50056
50057
50058
50059
50060
50061
50062
50063
50064
50065
50066
50067
50068
50069
50070
50071
50072
50073
50074
50075
50076
50077
50078
50079
50080
50081
50082
50083
50084
50085
50086
50087
50088
50089
50090
50091
50092
50093
50094
50095
50096
50097
50098
50099
50100
50101
50102
50103
50104
50105
50106
50107
50108
50109
50110
50111
50112
50113
50114
50115
50116
50117
50118
50119
50120
50121
50122
50123
50124
50125
50126
50127
50128
50129
50130
50131
50132
50133
50134
50135
50136
50137
50138
50139
50140
50141
50142
50143
50144
50145
50146
50147
50148
50149
50150
50151
50152
50153
50154
50155
50156
50157
50158
50159
50160
50161
50162
50163
50164
50165
50166
50167
50168
50169
50170
50171
50172
50173
50174
50175
50176
50177
50178
50179
50180
50181
50182
50183
50184
50185
50186
50187
50188
50189
50190
50191
50192
50193
50194
50195
50196
50197
50198
50199
50200
50201
50202
50203
50204
50205
50206
50207
50208
50209
50210
50211
50212
50213
50214
50215
50216
50217
50218
50219
50220
50221
50222
50223
50224
50225
50226
50227
50228
50229
50230
50231
50232
50233
50234
50235
50236
50237
50238
50239
50240
50241
50242
50243
50244
50245
50246
50247
50248
50249
50250
50251
50252
50253
50254
50255
50256
50257
50258
50259
50260
50261
50262
50263
50264
50265
50266
50267
50268
50269
50270
50271
50272
50273
50274
50275
50276
50277
50278
50279
50280
50281
50282
50283
50284
50285
50286
50287
50288
50289
50290
50291
50292
50293
50294
50295
50296
50297
50298
50299
50300
50301
50302
50303
50304
50305
50306
50307
50308
50309
50310
50311
50312
50313
50314
50315
50316
50317
50318
50319
50320
50321
50322
50323
50324
50325
50326
50327
50328
50329
50330
50331
50332
50333
50334
50335
50336
50337
50338
50339
50340
50341
50342
50343
50344
50345
50346
50347
50348
50349
50350
50351
50352
50353
50354
50355
50356
50357
50358
50359
50360
50361
50362
50363
50364
50365
50366
50367
50368
50369
50370
50371
50372
50373
50374
50375
50376
50377
50378
50379
50380
50381
50382
50383
50384
50385
50386
50387
50388
50389
50390
50391
50392
50393
50394
50395
50396
50397
50398
50399
50400
50401
50402
50403
50404
50405
50406
50407
50408
50409
50410
50411
50412
50413
50414
50415
50416
50417
50418
50419
50420
50421
50422
50423
50424
50425
50426
50427
50428
50429
50430
50431
50432
50433
50434
50435
50436
50437
50438
50439
50440
50441
50442
50443
50444
50445
50446
50447
50448
50449
50450
50451
50452
50453
50454
50455
50456
50457
50458
50459
50460
50461
50462
50463
50464
50465
50466
50467
50468
50469
50470
50471
50472
50473
50474
50475
50476
50477
50478
50479
50480
50481
50482
50483
50484
50485
50486
50487
50488
50489
50490
50491
50492
50493
50494
50495
50496
50497
50498
50499
50500
50501
50502
50503
50504
50505
50506
50507
50508
50509
50510
50511
50512
50513
50514
50515
50516
50517
50518
50519
50520
50521
50522
50523
50524
50525
50526
50527
50528
50529
50530
50531
50532
50533
50534
50535
50536
50537
50538
50539
50540
50541
50542
50543
50544
50545
50546
50547
50548
50549
50550
50551
50552
50553
50554
50555
50556
50557
50558
50559
50560
50561
50562
50563
50564
50565
50566
50567
50568
50569
50570
50571
50572
50573
50574
50575
50576
50577
50578
50579
50580
50581
50582
50583
50584
50585
50586
50587
50588
50589
50590
50591
50592
50593
50594
50595
50596
50597
50598
50599
50600
50601
50602
50603
50604
50605
50606
50607
50608
50609
50610
50611
50612
50613
50614
50615
50616
50617
50618
50619
50620
50621
50622
50623
50624
50625
50626
50627
50628
50629
50630
50631
50632
50633
50634
50635
50636
50637
50638
50639
50640
50641
50642
50643
50644
50645
50646
50647
50648
50649
50650
50651
50652
50653
50654
50655
50656
50657
50658
50659
50660
50661
50662
50663
50664
50665
50666
50667
50668
50669
50670
50671
50672
50673
50674
50675
50676
50677
50678
50679
50680
50681
50682
50683
50684
50685
50686
50687
50688
50689
50690
50691
50692
50693
50694
50695
50696
50697
50698
50699
50700
50701
50702
50703
50704
50705
50706
50707
50708
50709
50710
50711
50712
50713
50714
50715
50716
50717
50718
50719
50720
50721
50722
50723
50724
50725
50726
50727
50728
50729
50730
50731
50732
50733
50734
50735
50736
50737
50738
50739
50740
50741
50742
50743
50744
50745
50746
50747
50748
50749
50750
50751
50752
50753
50754
50755
50756
50757
50758
50759
50760
50761
50762
50763
50764
50765
50766
50767
50768
50769
50770
50771
50772
50773
50774
50775
50776
50777
50778
50779
50780
50781
50782
50783
50784
50785
50786
50787
50788
50789
50790
50791
50792
50793
50794
50795
50796
50797
50798
50799
50800
50801
50802
50803
50804
50805
50806
50807
50808
50809
50810
50811
50812
50813
50814
50815
50816
50817
50818
50819
50820
50821
50822
50823
50824
50825
50826
50827
50828
50829
50830
50831
50832
50833
50834
50835
50836
50837
50838
50839
50840
50841
50842
50843
50844
50845
50846
50847
50848
50849
50850
50851
50852
50853
50854
50855
50856
50857
50858
50859
50860
50861
50862
50863
50864
50865
50866
50867
50868
50869
50870
50871
50872
50873
50874
50875
50876
50877
50878
50879
50880
50881
50882
50883
50884
50885
50886
50887
50888
50889
50890
50891
50892
50893
50894
50895
50896
50897
50898
50899
50900
50901
50902
50903
50904
50905
50906
50907
50908
50909
50910
50911
50912
50913
50914
50915
50916
50917
50918
50919
50920
50921
50922
50923
50924
50925
50926
50927
50928
50929
50930
50931
50932
50933
50934
50935
50936
50937
50938
50939
50940
50941
50942
50943
50944
50945
50946
50947
50948
50949
50950
50951
50952
50953
50954
50955
50956
50957
50958
50959
50960
50961
50962
50963
50964
50965
50966
50967
50968
50969
50970
50971
50972
50973
50974
50975
50976
50977
50978
50979
50980
50981
50982
50983
50984
50985
50986
50987
50988
50989
50990
50991
50992
50993
50994
50995
50996
50997
50998
50999
51000
51001
51002
51003
51004
51005
51006
51007
51008
51009
51010
51011
51012
51013
51014
51015
51016
51017
51018
51019
51020
51021
51022
51023
51024
51025
51026
51027
51028
51029
51030
51031
51032
51033
51034
51035
51036
51037
51038
51039
51040
51041
51042
51043
51044
51045
51046
51047
51048
51049
51050
51051
51052
51053
51054
51055
51056
51057
51058
51059
51060
51061
51062
51063
51064
51065
51066
51067
51068
51069
51070
51071
51072
51073
51074
51075
51076
51077
51078
51079
51080
51081
51082
51083
51084
51085
51086
51087
51088
51089
51090
51091
51092
51093
51094
51095
51096
51097
51098
51099
51100
51101
51102
51103
51104
51105
51106
51107
51108
51109
51110
51111
51112
51113
51114
51115
51116
51117
51118
51119
51120
51121
51122
51123
51124
51125
51126
51127
51128
51129
51130
51131
51132
51133
51134
51135
51136
51137
51138
51139
51140
51141
51142
51143
51144
51145
51146
51147
51148
51149
51150
51151
51152
51153
51154
51155
51156
51157
51158
51159
51160
51161
51162
51163
51164
51165
51166
51167
51168
51169
51170
51171
51172
51173
51174
51175
51176
51177
51178
51179
51180
51181
51182
51183
51184
51185
51186
51187
51188
51189
51190
51191
51192
51193
51194
51195
51196
51197
51198
51199
51200
51201
51202
51203
51204
51205
51206
51207
51208
51209
51210
51211
51212
51213
51214
51215
51216
51217
51218
51219
51220
51221
51222
51223
51224
51225
51226
51227
51228
51229
51230
51231
51232
51233
51234
51235
51236
51237
51238
51239
51240
51241
51242
51243
51244
51245
51246
51247
51248
51249
51250
51251
51252
51253
51254
51255
51256
51257
51258
51259
51260
51261
51262
51263
51264
51265
51266
51267
51268
51269
51270
51271
51272
51273
51274
51275
51276
51277
51278
51279
51280
51281
51282
51283
51284
51285
51286
51287
51288
51289
51290
51291
51292
51293
51294
51295
51296
51297
51298
51299
51300
51301
51302
51303
51304
51305
51306
51307
51308
51309
51310
51311
51312
51313
51314
51315
51316
51317
51318
51319
51320
51321
51322
51323
51324
51325
51326
51327
51328
51329
51330
51331
51332
51333
51334
51335
51336
51337
51338
51339
51340
51341
51342
51343
51344
51345
51346
51347
51348
51349
51350
51351
51352
51353
51354
51355
51356
51357
51358
51359
51360
51361
51362
51363
51364
51365
51366
51367
51368
51369
51370
51371
51372
51373
51374
51375
51376
51377
51378
51379
51380
51381
51382
51383
51384
51385
51386
51387
51388
51389
51390
51391
51392
51393
51394
51395
51396
51397
51398
51399
51400
51401
51402
51403
51404
51405
51406
51407
51408
51409
51410
51411
51412
51413
51414
51415
51416
51417
51418
51419
51420
51421
51422
51423
51424
51425
51426
51427
51428
51429
51430
51431
51432
51433
51434
51435
51436
51437
51438
51439
51440
51441
51442
51443
51444
51445
51446
51447
51448
51449
51450
51451
51452
51453
51454
51455
51456
51457
51458
51459
51460
51461
51462
51463
51464
51465
51466
51467
51468
51469
51470
51471
51472
51473
51474
51475
51476
51477
51478
51479
51480
51481
51482
51483
51484
51485
51486
51487
51488
51489
51490
51491
51492
51493
51494
51495
51496
51497
51498
51499
51500
51501
51502
51503
51504
51505
51506
51507
51508
51509
51510
51511
51512
51513
51514
51515
51516
51517
51518
51519
51520
51521
51522
51523
51524
51525
51526
51527
51528
51529
51530
51531
51532
51533
51534
51535
51536
51537
51538
51539
51540
51541
51542
51543
51544
51545
51546
51547
51548
51549
51550
51551
51552
51553
51554
51555
51556
51557
51558
51559
51560
51561
51562
51563
51564
51565
51566
51567
51568
51569
51570
51571
51572
51573
51574
51575
51576
51577
51578
51579
51580
51581
51582
51583
51584
51585
51586
51587
51588
51589
51590
51591
51592
51593
51594
51595
51596
51597
51598
51599
51600
51601
51602
51603
51604
51605
51606
51607
51608
51609
51610
51611
51612
51613
51614
51615
51616
51617
51618
51619
51620
51621
51622
51623
51624
51625
51626
51627
51628
51629
51630
51631
51632
51633
51634
51635
51636
51637
51638
51639
51640
51641
51642
51643
51644
51645
51646
51647
51648
51649
51650
51651
51652
51653
51654
51655
51656
51657
51658
51659
51660
51661
51662
51663
51664
51665
51666
51667
51668
51669
51670
51671
51672
51673
51674
51675
51676
51677
51678
51679
51680
51681
51682
51683
51684
51685
51686
51687
51688
51689
51690
51691
51692
51693
51694
51695
51696
51697
51698
51699
51700
51701
51702
51703
51704
51705
51706
51707
51708
51709
51710
51711
51712
51713
51714
51715
51716
51717
51718
51719
51720
51721
51722
51723
51724
51725
51726
51727
51728
51729
51730
51731
51732
51733
51734
51735
51736
51737
51738
51739
51740
51741
51742
51743
51744
51745
51746
51747
51748
51749
51750
51751
51752
51753
51754
51755
51756
51757
51758
51759
51760
51761
51762
51763
51764
51765
51766
51767
51768
51769
51770
51771
51772
51773
51774
51775
51776
51777
51778
51779
51780
51781
51782
51783
51784
51785
51786
51787
51788
51789
51790
51791
51792
51793
51794
51795
51796
51797
51798
51799
51800
51801
51802
51803
51804
51805
51806
51807
51808
51809
51810
51811
51812
51813
51814
51815
51816
51817
51818
51819
51820
51821
51822
51823
51824
51825
51826
51827
51828
51829
51830
51831
51832
51833
51834
51835
51836
51837
51838
51839
51840
51841
51842
51843
51844
51845
51846
51847
51848
51849
51850
51851
51852
51853
51854
51855
51856
51857
51858
51859
51860
51861
51862
51863
51864
51865
51866
51867
51868
51869
51870
51871
51872
51873
51874
51875
51876
51877
51878
51879
51880
51881
51882
51883
51884
51885
51886
51887
51888
51889
51890
51891
51892
51893
51894
51895
51896
51897
51898
51899
51900
51901
51902
51903
51904
51905
51906
51907
51908
51909
51910
51911
51912
51913
51914
51915
51916
51917
51918
51919
51920
51921
51922
51923
51924
51925
51926
51927
51928
51929
51930
51931
51932
51933
51934
51935
51936
51937
51938
51939
51940
51941
51942
51943
51944
51945
51946
51947
51948
51949
51950
51951
51952
51953
51954
51955
51956
51957
51958
51959
51960
51961
51962
51963
51964
51965
51966
51967
51968
51969
51970
51971
51972
51973
51974
51975
51976
51977
51978
51979
51980
51981
51982
51983
51984
51985
51986
51987
51988
51989
51990
51991
51992
51993
51994
51995
51996
51997
51998
51999
52000
52001
52002
52003
52004
52005
52006
52007
52008
52009
52010
52011
52012
52013
52014
52015
52016
52017
52018
52019
52020
52021
52022
52023
52024
52025
52026
52027
52028
52029
52030
52031
52032
52033
52034
52035
52036
52037
52038
52039
52040
52041
52042
52043
52044
52045
52046
52047
52048
52049
52050
52051
52052
52053
52054
52055
52056
52057
52058
52059
52060
52061
52062
52063
52064
52065
52066
52067
52068
52069
52070
52071
52072
52073
52074
52075
52076
52077
52078
52079
52080
52081
52082
52083
52084
52085
52086
52087
52088
52089
52090
52091
52092
52093
52094
52095
52096
52097
52098
52099
52100
52101
52102
52103
52104
52105
52106
52107
52108
52109
52110
52111
52112
52113
52114
52115
52116
52117
52118
52119
52120
52121
52122
52123
52124
52125
52126
52127
52128
52129
52130
52131
52132
52133
52134
52135
52136
52137
52138
52139
52140
52141
52142
52143
52144
52145
52146
52147
52148
52149
52150
52151
52152
52153
52154
52155
52156
52157
52158
52159
52160
52161
52162
52163
52164
52165
52166
52167
52168
52169
52170
52171
52172
52173
52174
52175
52176
52177
52178
52179
52180
52181
52182
52183
52184
52185
52186
52187
52188
52189
52190
52191
52192
52193
52194
52195
52196
52197
52198
52199
52200
52201
52202
52203
52204
52205
52206
52207
52208
52209
52210
52211
52212
52213
52214
52215
52216
52217
52218
52219
52220
52221
52222
52223
52224
52225
52226
52227
52228
52229
52230
52231
52232
52233
52234
52235
52236
52237
52238
52239
52240
52241
52242
52243
52244
52245
52246
52247
52248
52249
52250
52251
52252
52253
52254
52255
52256
52257
52258
52259
52260
52261
52262
52263
52264
52265
52266
52267
52268
52269
52270
52271
52272
52273
52274
52275
52276
52277
52278
52279
52280
52281
52282
52283
52284
52285
52286
52287
52288
52289
52290
52291
52292
52293
52294
52295
52296
52297
52298
52299
52300
52301
52302
52303
52304
52305
52306
52307
52308
52309
52310
52311
52312
52313
52314
52315
52316
52317
52318
52319
52320
52321
52322
52323
52324
52325
52326
52327
52328
52329
52330
52331
52332
52333
52334
52335
52336
52337
52338
52339
52340
52341
52342
52343
52344
52345
52346
52347
52348
52349
52350
52351
52352
52353
52354
52355
52356
52357
52358
52359
52360
52361
52362
52363
52364
52365
52366
52367
52368
52369
52370
52371
52372
52373
52374
52375
52376
52377
52378
52379
52380
52381
52382
52383
52384
52385
52386
52387
52388
52389
52390
52391
52392
52393
52394
52395
52396
52397
52398
52399
52400
52401
52402
52403
52404
52405
52406
52407
52408
52409
52410
52411
52412
52413
52414
52415
52416
52417
52418
52419
52420
52421
52422
52423
52424
52425
52426
52427
52428
52429
52430
52431
52432
52433
52434
52435
52436
52437
52438
52439
52440
52441
52442
52443
52444
52445
52446
52447
52448
52449
52450
52451
52452
52453
52454
52455
52456
52457
52458
52459
52460
52461
52462
52463
52464
52465
52466
52467
52468
52469
52470
52471
52472
52473
52474
52475
52476
52477
52478
52479
52480
52481
52482
52483
52484
52485
52486
52487
52488
52489
52490
52491
52492
52493
52494
52495
52496
52497
52498
52499
52500
52501
52502
52503
52504
52505
52506
52507
52508
52509
52510
52511
52512
52513
52514
52515
52516
52517
52518
52519
52520
52521
52522
52523
52524
52525
52526
52527
52528
52529
52530
52531
52532
52533
52534
52535
52536
52537
52538
52539
52540
52541
52542
52543
52544
52545
52546
52547
52548
52549
52550
52551
52552
52553
52554
52555
52556
52557
52558
52559
52560
52561
52562
52563
52564
52565
52566
52567
52568
52569
52570
52571
52572
52573
52574
52575
52576
52577
52578
52579
52580
52581
52582
52583
52584
52585
52586
52587
52588
52589
52590
52591
52592
52593
52594
52595
52596
52597
52598
52599
52600
52601
52602
52603
52604
52605
52606
52607
52608
52609
52610
52611
52612
52613
52614
52615
52616
52617
52618
52619
52620
52621
52622
52623
52624
52625
52626
52627
52628
52629
52630
52631
52632
52633
52634
52635
52636
52637
52638
52639
52640
52641
52642
52643
52644
52645
52646
52647
52648
52649
52650
52651
52652
52653
52654
52655
52656
52657
52658
52659
52660
52661
52662
52663
52664
52665
52666
52667
52668
52669
52670
52671
52672
52673
52674
52675
52676
52677
52678
52679
52680
52681
52682
52683
52684
52685
52686
52687
52688
52689
52690
52691
52692
52693
52694
52695
52696
52697
52698
52699
52700
52701
52702
52703
52704
52705
52706
52707
52708
52709
52710
52711
52712
52713
52714
52715
52716
52717
52718
52719
52720
52721
52722
52723
52724
52725
52726
52727
52728
52729
52730
52731
52732
52733
52734
52735
52736
52737
52738
52739
52740
52741
52742
52743
52744
52745
52746
52747
52748
52749
52750
52751
52752
52753
52754
52755
52756
52757
52758
52759
52760
52761
52762
52763
52764
52765
52766
52767
52768
52769
52770
52771
52772
52773
52774
52775
52776
52777
52778
52779
52780
52781
52782
52783
52784
52785
52786
52787
52788
52789
52790
52791
52792
52793
52794
52795
52796
52797
52798
52799
52800
52801
52802
52803
52804
52805
52806
52807
52808
52809
52810
52811
52812
52813
52814
52815
52816
52817
52818
52819
52820
52821
52822
52823
52824
52825
52826
52827
52828
52829
52830
52831
52832
52833
52834
52835
52836
52837
52838
52839
52840
52841
52842
52843
52844
52845
52846
52847
52848
52849
52850
52851
52852
52853
52854
52855
52856
52857
52858
52859
52860
52861
52862
52863
52864
52865
52866
52867
52868
52869
52870
52871
52872
52873
52874
52875
52876
52877
52878
52879
52880
52881
52882
52883
52884
52885
52886
52887
52888
52889
52890
52891
52892
52893
52894
52895
52896
52897
52898
52899
52900
52901
52902
52903
52904
52905
52906
52907
52908
52909
52910
52911
52912
52913
52914
52915
52916
52917
52918
52919
52920
52921
52922
52923
52924
52925
52926
52927
52928
52929
52930
52931
52932
52933
52934
52935
52936
52937
52938
52939
52940
52941
52942
52943
52944
52945
52946
52947
52948
52949
52950
52951
52952
52953
52954
52955
52956
52957
52958
52959
52960
52961
52962
52963
52964
52965
52966
52967
52968
52969
52970
52971
52972
52973
52974
52975
52976
52977
52978
52979
52980
52981
52982
52983
52984
52985
52986
52987
52988
52989
52990
52991
52992
52993
52994
52995
52996
52997
52998
52999
53000
53001
53002
53003
53004
53005
53006
53007
53008
53009
53010
53011
53012
53013
53014
53015
53016
53017
53018
53019
53020
53021
53022
53023
53024
53025
53026
53027
53028
53029
53030
53031
53032
53033
53034
53035
53036
53037
53038
53039
53040
53041
53042
53043
53044
53045
53046
53047
53048
53049
53050
53051
53052
53053
53054
53055
53056
53057
53058
53059
53060
53061
53062
53063
53064
53065
53066
53067
53068
53069
53070
53071
53072
53073
53074
53075
53076
53077
53078
53079
53080
53081
53082
53083
53084
53085
53086
53087
53088
53089
53090
53091
53092
53093
53094
53095
53096
53097
53098
53099
53100
53101
53102
53103
53104
53105
53106
53107
53108
53109
53110
53111
53112
53113
53114
53115
53116
53117
53118
53119
53120
53121
53122
53123
53124
53125
53126
53127
53128
53129
53130
53131
53132
53133
53134
53135
53136
53137
53138
53139
53140
53141
53142
53143
53144
53145
53146
53147
53148
53149
53150
53151
53152
53153
53154
53155
53156
53157
53158
53159
53160
53161
53162
53163
53164
53165
53166
53167
53168
53169
53170
53171
53172
53173
53174
53175
53176
53177
53178
53179
53180
53181
53182
53183
53184
53185
53186
53187
53188
53189
53190
53191
53192
53193
53194
53195
53196
53197
53198
53199
53200
53201
53202
53203
53204
53205
53206
53207
53208
53209
53210
53211
53212
53213
53214
53215
53216
53217
53218
53219
53220
53221
53222
53223
53224
53225
53226
53227
53228
53229
53230
53231
53232
53233
53234
53235
53236
53237
53238
53239
53240
53241
53242
53243
53244
53245
53246
53247
53248
53249
53250
53251
53252
53253
53254
53255
53256
53257
53258
53259
53260
53261
53262
53263
53264
53265
53266
53267
53268
53269
53270
53271
53272
53273
53274
53275
53276
53277
53278
53279
53280
53281
53282
53283
53284
53285
53286
53287
53288
53289
53290
53291
53292
53293
53294
53295
53296
53297
53298
53299
53300
53301
53302
53303
53304
53305
53306
53307
53308
53309
53310
53311
53312
53313
53314
53315
53316
53317
53318
53319
53320
53321
53322
53323
53324
53325
53326
53327
53328
53329
53330
53331
53332
53333
53334
53335
53336
53337
53338
53339
53340
53341
53342
53343
53344
53345
53346
53347
53348
53349
53350
53351
53352
53353
53354
53355
53356
53357
53358
53359
53360
53361
53362
53363
53364
53365
53366
53367
53368
53369
53370
53371
53372
53373
53374
53375
53376
53377
53378
53379
53380
53381
53382
53383
53384
53385
53386
53387
53388
53389
53390
53391
53392
53393
53394
53395
53396
53397
53398
53399
53400
53401
53402
53403
53404
53405
53406
53407
53408
53409
53410
53411
53412
53413
53414
53415
53416
53417
53418
53419
53420
53421
53422
53423
53424
53425
53426
53427
53428
53429
53430
53431
53432
53433
53434
53435
53436
53437
53438
53439
53440
53441
53442
53443
53444
53445
53446
53447
53448
53449
53450
53451
53452
53453
53454
53455
53456
53457
53458
53459
53460
53461
53462
53463
53464
53465
53466
53467
53468
53469
53470
53471
53472
53473
53474
53475
53476
53477
53478
53479
53480
53481
53482
53483
53484
53485
53486
53487
53488
53489
53490
53491
53492
53493
53494
53495
53496
53497
53498
53499
53500
53501
53502
53503
53504
53505
53506
53507
53508
53509
53510
53511
53512
53513
53514
53515
53516
53517
53518
53519
53520
53521
53522
53523
53524
53525
53526
53527
53528
53529
53530
53531
53532
53533
53534
53535
53536
53537
53538
53539
53540
53541
53542
53543
53544
53545
53546
53547
53548
53549
53550
53551
53552
53553
53554
53555
53556
53557
53558
53559
53560
53561
53562
53563
53564
53565
53566
53567
53568
53569
53570
53571
53572
53573
53574
53575
53576
53577
53578
53579
53580
53581
53582
53583
53584
53585
53586
53587
53588
53589
53590
53591
53592
53593
53594
53595
53596
53597
53598
53599
53600
53601
53602
53603
53604
53605
53606
53607
53608
53609
53610
53611
53612
53613
53614
53615
53616
53617
53618
53619
53620
53621
53622
53623
53624
53625
53626
53627
53628
53629
53630
53631
53632
53633
53634
53635
53636
53637
53638
53639
53640
53641
53642
53643
53644
53645
53646
53647
53648
53649
53650
53651
53652
53653
53654
53655
53656
53657
53658
53659
53660
53661
53662
53663
53664
53665
53666
53667
53668
53669
53670
53671
53672
53673
53674
53675
53676
53677
53678
53679
53680
53681
53682
53683
53684
53685
53686
53687
53688
53689
53690
53691
53692
53693
53694
53695
53696
53697
53698
53699
53700
53701
53702
53703
53704
53705
53706
53707
53708
53709
53710
53711
53712
53713
53714
53715
53716
53717
53718
53719
53720
53721
53722
53723
53724
53725
53726
53727
53728
53729
53730
53731
53732
53733
53734
53735
53736
53737
53738
53739
53740
53741
53742
53743
53744
53745
53746
53747
53748
53749
53750
53751
53752
53753
53754
53755
53756
53757
53758
53759
53760
53761
53762
53763
53764
53765
53766
53767
53768
53769
53770
53771
53772
53773
53774
53775
53776
53777
53778
53779
53780
53781
53782
53783
53784
53785
53786
53787
53788
53789
53790
53791
53792
53793
53794
53795
53796
53797
53798
53799
53800
53801
53802
53803
53804
53805
53806
53807
53808
53809
53810
53811
53812
53813
53814
53815
53816
53817
53818
53819
53820
53821
53822
53823
53824
53825
53826
53827
53828
53829
53830
53831
53832
53833
53834
53835
53836
53837
53838
53839
53840
53841
53842
53843
53844
53845
53846
53847
53848
53849
53850
53851
53852
53853
53854
53855
53856
53857
53858
53859
53860
53861
53862
53863
53864
53865
53866
53867
53868
53869
53870
53871
53872
53873
53874
53875
53876
53877
53878
53879
53880
53881
53882
53883
53884
53885
53886
53887
53888
53889
53890
53891
53892
53893
53894
53895
53896
53897
53898
53899
53900
53901
53902
53903
53904
53905
53906
53907
53908
53909
53910
53911
53912
53913
53914
53915
53916
53917
53918
53919
53920
53921
53922
53923
53924
53925
53926
53927
53928
53929
53930
53931
53932
53933
53934
53935
53936
53937
53938
53939
53940
53941
53942
53943
53944
53945
53946
53947
53948
53949
53950
53951
53952
53953
53954
53955
53956
53957
53958
53959
53960
53961
53962
53963
53964
53965
53966
53967
53968
53969
53970
53971
53972
53973
53974
53975
53976
53977
53978
53979
53980
53981
53982
53983
53984
53985
53986
53987
53988
53989
53990
53991
53992
53993
53994
53995
53996
53997
53998
53999
54000
54001
54002
54003
54004
54005
54006
54007
54008
54009
54010
54011
54012
54013
54014
54015
54016
54017
54018
54019
54020
54021
54022
54023
54024
54025
54026
54027
54028
54029
54030
54031
54032
54033
54034
54035
54036
54037
54038
54039
54040
54041
54042
54043
54044
54045
54046
54047
54048
54049
54050
54051
54052
54053
54054
54055
54056
54057
54058
54059
54060
54061
54062
54063
54064
54065
54066
54067
54068
54069
54070
54071
54072
54073
54074
54075
54076
54077
54078
54079
54080
54081
54082
54083
54084
54085
54086
54087
54088
54089
54090
54091
54092
54093
54094
54095
54096
54097
54098
54099
54100
54101
54102
54103
54104
54105
54106
54107
54108
54109
54110
54111
54112
54113
54114
54115
54116
54117
54118
54119
54120
54121
54122
54123
54124
54125
54126
54127
54128
54129
54130
54131
54132
54133
54134
54135
54136
54137
54138
54139
54140
54141
54142
54143
54144
54145
54146
54147
54148
54149
54150
54151
54152
54153
54154
54155
54156
54157
54158
54159
54160
54161
54162
54163
54164
54165
54166
54167
54168
54169
54170
54171
54172
54173
54174
54175
54176
54177
54178
54179
54180
54181
54182
54183
54184
54185
54186
54187
54188
54189
54190
54191
54192
54193
54194
54195
54196
54197
54198
54199
54200
54201
54202
54203
54204
54205
54206
54207
54208
54209
54210
54211
54212
54213
54214
54215
54216
54217
54218
54219
54220
54221
54222
54223
54224
54225
54226
54227
54228
54229
54230
54231
54232
54233
54234
54235
54236
54237
54238
54239
54240
54241
54242
54243
54244
54245
54246
54247
54248
54249
54250
54251
54252
54253
54254
54255
54256
54257
54258
54259
54260
54261
54262
54263
54264
54265
54266
54267
54268
54269
54270
54271
54272
54273
54274
54275
54276
54277
54278
54279
54280
54281
54282
54283
54284
54285
54286
54287
54288
54289
54290
54291
54292
54293
54294
54295
54296
54297
54298
54299
54300
54301
54302
54303
54304
54305
54306
54307
54308
54309
54310
54311
54312
54313
54314
54315
54316
54317
54318
54319
54320
54321
54322
54323
54324
54325
54326
54327
54328
54329
54330
54331
54332
54333
54334
54335
54336
54337
54338
54339
54340
54341
54342
54343
54344
54345
54346
54347
54348
54349
54350
54351
54352
54353
54354
54355
54356
54357
54358
54359
54360
54361
54362
54363
54364
54365
54366
54367
54368
54369
54370
54371
54372
54373
54374
54375
54376
54377
54378
54379
54380
54381
54382
54383
54384
54385
54386
54387
54388
54389
54390
54391
54392
54393
54394
54395
54396
54397
54398
54399
54400
54401
54402
54403
54404
54405
54406
54407
54408
54409
54410
54411
54412
54413
54414
54415
54416
54417
54418
54419
54420
54421
54422
54423
54424
54425
54426
54427
54428
54429
54430
54431
54432
54433
54434
54435
54436
54437
54438
54439
54440
54441
54442
54443
54444
54445
54446
54447
54448
54449
54450
54451
54452
54453
54454
54455
54456
54457
54458
54459
54460
54461
54462
54463
54464
54465
54466
54467
54468
54469
54470
54471
54472
54473
54474
54475
54476
54477
54478
54479
54480
54481
54482
54483
54484
54485
54486
54487
54488
54489
54490
54491
54492
54493
54494
54495
54496
54497
54498
54499
54500
54501
54502
54503
54504
54505
54506
54507
54508
54509
54510
54511
54512
54513
54514
54515
54516
54517
54518
54519
54520
54521
54522
54523
54524
54525
54526
54527
54528
54529
54530
54531
54532
54533
54534
54535
54536
54537
54538
54539
54540
54541
54542
54543
54544
54545
54546
54547
54548
54549
54550
54551
54552
54553
54554
54555
54556
54557
54558
54559
54560
54561
54562
54563
54564
54565
54566
54567
54568
54569
54570
54571
54572
54573
54574
54575
54576
54577
54578
54579
54580
54581
54582
54583
54584
54585
54586
54587
54588
54589
54590
54591
54592
54593
54594
54595
54596
54597
54598
54599
54600
54601
54602
54603
54604
54605
54606
54607
54608
54609
54610
54611
54612
54613
54614
54615
54616
54617
54618
54619
54620
54621
54622
54623
54624
54625
54626
54627
54628
54629
54630
54631
54632
54633
54634
54635
54636
54637
54638
54639
54640
54641
54642
54643
54644
54645
54646
54647
54648
54649
54650
54651
54652
54653
54654
54655
54656
54657
54658
54659
54660
54661
54662
54663
54664
54665
54666
54667
54668
54669
54670
54671
54672
54673
54674
54675
54676
54677
54678
54679
54680
54681
54682
54683
54684
54685
54686
54687
54688
54689
54690
54691
54692
54693
54694
54695
54696
54697
54698
54699
54700
54701
54702
54703
54704
54705
54706
54707
54708
54709
54710
54711
54712
54713
54714
54715
54716
54717
54718
54719
54720
54721
54722
54723
54724
54725
54726
54727
54728
54729
54730
54731
54732
54733
54734
54735
54736
54737
54738
54739
54740
54741
54742
54743
54744
54745
54746
54747
54748
54749
54750
54751
54752
54753
54754
54755
54756
54757
54758
54759
54760
54761
54762
54763
54764
54765
54766
54767
54768
54769
54770
54771
54772
54773
54774
54775
54776
54777
54778
54779
54780
54781
54782
54783
54784
54785
54786
54787
54788
54789
54790
54791
54792
54793
54794
54795
54796
54797
54798
54799
54800
54801
54802
54803
54804
54805
54806
54807
54808
54809
54810
54811
54812
54813
54814
54815
54816
54817
54818
54819
54820
54821
54822
54823
54824
54825
54826
54827
54828
54829
54830
54831
54832
54833
54834
54835
54836
54837
54838
54839
54840
54841
54842
54843
54844
54845
54846
54847
54848
54849
54850
54851
54852
54853
54854
54855
54856
54857
54858
54859
54860
54861
54862
54863
54864
54865
54866
54867
54868
54869
54870
54871
54872
54873
54874
54875
54876
54877
54878
54879
54880
54881
54882
54883
54884
54885
54886
54887
54888
54889
54890
54891
54892
54893
54894
54895
54896
54897
54898
54899
54900
54901
54902
54903
54904
54905
54906
54907
54908
54909
54910
54911
54912
54913
54914
54915
54916
54917
54918
54919
54920
54921
54922
54923
54924
54925
54926
54927
54928
54929
54930
54931
54932
54933
54934
54935
54936
54937
54938
54939
54940
54941
54942
54943
54944
54945
54946
54947
54948
54949
54950
54951
54952
54953
54954
54955
54956
54957
54958
54959
54960
54961
54962
54963
54964
54965
54966
54967
54968
54969
54970
54971
54972
54973
54974
54975
54976
54977
54978
54979
54980
54981
54982
54983
54984
54985
54986
54987
54988
54989
54990
54991
54992
54993
54994
54995
54996
54997
54998
54999
55000
55001
55002
55003
55004
55005
55006
55007
55008
55009
55010
55011
55012
55013
55014
55015
55016
55017
55018
55019
55020
55021
55022
55023
55024
55025
55026
55027
55028
55029
55030
55031
55032
55033
55034
55035
55036
55037
55038
55039
55040
55041
55042
55043
55044
55045
55046
55047
55048
55049
55050
55051
55052
55053
55054
55055
55056
55057
55058
55059
55060
55061
55062
55063
55064
55065
55066
55067
55068
55069
55070
55071
55072
55073
55074
55075
55076
55077
55078
55079
55080
55081
55082
55083
55084
55085
55086
55087
55088
55089
55090
55091
55092
55093
55094
55095
55096
55097
55098
55099
55100
55101
55102
55103
55104
55105
55106
55107
55108
55109
55110
55111
55112
55113
55114
55115
55116
55117
55118
55119
55120
55121
55122
55123
55124
55125
55126
55127
55128
55129
55130
55131
55132
55133
55134
55135
55136
55137
55138
55139
55140
55141
55142
55143
55144
55145
55146
55147
55148
55149
55150
55151
55152
55153
55154
55155
55156
55157
55158
55159
55160
55161
55162
55163
55164
55165
55166
55167
55168
55169
55170
55171
55172
55173
55174
55175
55176
55177
55178
55179
55180
55181
55182
55183
55184
55185
55186
55187
55188
55189
55190
55191
55192
55193
55194
55195
55196
55197
55198
55199
55200
55201
55202
55203
55204
55205
55206
55207
55208
55209
55210
55211
55212
55213
55214
55215
55216
55217
55218
55219
55220
55221
55222
55223
55224
55225
55226
55227
55228
55229
55230
55231
55232
55233
55234
55235
55236
55237
55238
55239
55240
55241
55242
55243
55244
55245
55246
55247
55248
55249
55250
55251
55252
55253
55254
55255
55256
55257
55258
55259
55260
55261
55262
55263
55264
55265
55266
55267
55268
55269
55270
55271
55272
55273
55274
55275
55276
55277
55278
55279
55280
55281
55282
55283
55284
55285
55286
55287
55288
55289
55290
55291
55292
55293
55294
55295
55296
55297
55298
55299
55300
55301
55302
55303
55304
55305
55306
55307
55308
55309
55310
55311
55312
55313
55314
55315
55316
55317
55318
55319
55320
55321
55322
55323
55324
55325
55326
55327
55328
55329
55330
55331
55332
55333
55334
55335
55336
55337
55338
55339
55340
55341
55342
55343
55344
55345
55346
55347
55348
55349
55350
55351
55352
55353
55354
55355
55356
55357
55358
55359
55360
55361
55362
55363
55364
55365
55366
55367
55368
55369
55370
55371
55372
55373
55374
55375
55376
55377
55378
55379
55380
55381
55382
55383
55384
55385
55386
55387
55388
55389
55390
55391
55392
55393
55394
55395
55396
55397
55398
55399
55400
55401
55402
55403
55404
55405
55406
55407
55408
55409
55410
55411
55412
55413
55414
55415
55416
55417
55418
55419
55420
55421
55422
55423
55424
55425
55426
55427
55428
55429
55430
55431
55432
55433
55434
55435
55436
55437
55438
55439
55440
55441
55442
55443
55444
55445
55446
55447
55448
55449
55450
55451
55452
55453
55454
55455
55456
55457
55458
55459
55460
55461
55462
55463
55464
55465
55466
55467
55468
55469
55470
55471
55472
55473
55474
55475
55476
55477
55478
55479
55480
55481
55482
55483
55484
55485
55486
55487
55488
55489
55490
55491
55492
55493
55494
55495
55496
55497
55498
55499
55500
55501
55502
55503
55504
55505
55506
55507
55508
55509
55510
55511
55512
55513
55514
55515
55516
55517
55518
55519
55520
55521
55522
55523
55524
55525
55526
55527
55528
55529
55530
55531
55532
55533
55534
55535
55536
55537
55538
55539
55540
55541
55542
55543
55544
55545
55546
55547
55548
55549
55550
55551
55552
55553
55554
55555
55556
55557
55558
55559
55560
55561
55562
55563
55564
55565
55566
55567
55568
55569
55570
55571
55572
55573
55574
55575
55576
55577
55578
55579
55580
55581
55582
55583
55584
55585
55586
55587
55588
55589
55590
55591
55592
55593
55594
55595
55596
55597
55598
55599
55600
55601
55602
55603
55604
55605
55606
55607
55608
55609
55610
55611
55612
55613
55614
55615
55616
55617
55618
55619
55620
55621
55622
55623
55624
55625
55626
55627
55628
55629
55630
55631
55632
55633
55634
55635
55636
55637
55638
55639
55640
55641
55642
55643
55644
55645
55646
55647
55648
55649
55650
55651
55652
55653
55654
55655
55656
55657
55658
55659
55660
55661
55662
55663
55664
55665
55666
55667
55668
55669
55670
55671
55672
55673
55674
55675
55676
55677
55678
55679
55680
55681
55682
55683
55684
55685
55686
55687
55688
55689
55690
55691
55692
55693
55694
55695
55696
55697
55698
55699
55700
55701
55702
55703
55704
55705
55706
55707
55708
55709
55710
55711
55712
55713
55714
55715
55716
55717
55718
55719
55720
55721
55722
55723
55724
55725
55726
55727
55728
55729
55730
55731
55732
55733
55734
55735
55736
55737
55738
55739
55740
55741
55742
55743
55744
55745
55746
55747
55748
55749
55750
55751
55752
55753
55754
55755
55756
55757
55758
55759
55760
55761
55762
55763
55764
55765
55766
55767
55768
55769
55770
55771
55772
55773
55774
55775
55776
55777
55778
55779
55780
55781
55782
55783
55784
55785
55786
55787
55788
55789
55790
55791
55792
55793
55794
55795
55796
55797
55798
55799
55800
55801
55802
55803
55804
55805
55806
55807
55808
55809
55810
55811
55812
55813
55814
55815
55816
55817
55818
55819
55820
55821
55822
55823
55824
55825
55826
55827
55828
55829
55830
55831
55832
55833
55834
55835
55836
55837
55838
55839
55840
55841
55842
55843
55844
55845
55846
55847
55848
55849
55850
55851
55852
55853
55854
55855
55856
55857
55858
55859
55860
55861
55862
55863
55864
55865
55866
55867
55868
55869
55870
55871
55872
55873
55874
55875
55876
55877
55878
55879
55880
55881
55882
55883
55884
55885
55886
55887
55888
55889
55890
55891
55892
55893
55894
55895
55896
55897
55898
55899
55900
55901
55902
55903
55904
55905
55906
55907
55908
55909
55910
55911
55912
55913
55914
55915
55916
55917
55918
55919
55920
55921
55922
55923
55924
55925
55926
55927
55928
55929
55930
55931
55932
55933
55934
55935
55936
55937
55938
55939
55940
55941
55942
55943
55944
55945
55946
55947
55948
55949
55950
55951
55952
55953
55954
55955
55956
55957
55958
55959
55960
55961
55962
55963
55964
55965
55966
55967
55968
55969
55970
55971
55972
55973
55974
55975
55976
55977
55978
55979
55980
55981
55982
55983
55984
55985
55986
55987
55988
55989
55990
55991
55992
55993
55994
55995
55996
55997
55998
55999
56000
56001
56002
56003
56004
56005
56006
56007
56008
56009
56010
56011
56012
56013
56014
56015
56016
56017
56018
56019
56020
56021
56022
56023
56024
56025
56026
56027
56028
56029
56030
56031
56032
56033
56034
56035
56036
56037
56038
56039
56040
56041
56042
56043
56044
56045
56046
56047
56048
56049
56050
56051
56052
56053
56054
56055
56056
56057
56058
56059
56060
56061
56062
56063
56064
56065
56066
56067
56068
56069
56070
56071
56072
56073
56074
56075
56076
56077
56078
56079
56080
56081
56082
56083
56084
56085
56086
56087
56088
56089
56090
56091
56092
56093
56094
56095
56096
56097
56098
56099
56100
56101
56102
56103
56104
56105
56106
56107
56108
56109
56110
56111
56112
56113
56114
56115
56116
56117
56118
56119
56120
56121
56122
56123
56124
56125
56126
56127
56128
56129
56130
56131
56132
56133
56134
56135
56136
56137
56138
56139
56140
56141
56142
56143
56144
56145
56146
56147
56148
56149
56150
56151
56152
56153
56154
56155
56156
56157
56158
56159
56160
56161
56162
56163
56164
56165
56166
56167
56168
56169
56170
56171
56172
56173
56174
56175
56176
56177
56178
56179
56180
56181
56182
56183
56184
56185
56186
56187
56188
56189
56190
56191
56192
56193
56194
56195
56196
56197
56198
56199
56200
56201
56202
56203
56204
56205
56206
56207
56208
56209
56210
56211
56212
56213
56214
56215
56216
56217
56218
56219
56220
56221
56222
56223
56224
56225
56226
56227
56228
56229
56230
56231
56232
56233
56234
56235
56236
56237
56238
56239
56240
56241
56242
56243
56244
56245
56246
56247
56248
56249
56250
56251
56252
56253
56254
56255
56256
56257
56258
56259
56260
56261
56262
56263
56264
56265
56266
56267
56268
56269
56270
56271
56272
56273
56274
56275
56276
56277
56278
56279
56280
56281
56282
56283
56284
56285
56286
56287
56288
56289
56290
56291
56292
56293
56294
56295
56296
56297
56298
56299
56300
56301
56302
56303
56304
56305
56306
56307
56308
56309
56310
56311
56312
56313
56314
56315
56316
56317
56318
56319
56320
56321
56322
56323
56324
56325
56326
56327
56328
56329
56330
56331
56332
56333
56334
56335
56336
56337
56338
56339
56340
56341
56342
56343
56344
56345
56346
56347
56348
56349
56350
56351
56352
56353
56354
56355
56356
56357
56358
56359
56360
56361
56362
56363
56364
56365
56366
56367
56368
56369
56370
56371
56372
56373
56374
56375
56376
56377
56378
56379
56380
56381
56382
56383
56384
56385
56386
56387
56388
56389
56390
56391
56392
56393
56394
56395
56396
56397
56398
56399
56400
56401
56402
56403
56404
56405
56406
56407
56408
56409
56410
56411
56412
56413
56414
56415
56416
56417
56418
56419
56420
56421
56422
56423
56424
56425
56426
56427
56428
56429
56430
56431
56432
56433
56434
56435
56436
56437
56438
56439
56440
56441
56442
56443
56444
56445
56446
56447
56448
56449
56450
56451
56452
56453
56454
56455
56456
56457
56458
56459
56460
56461
56462
56463
56464
56465
56466
56467
56468
56469
56470
56471
56472
56473
56474
56475
56476
56477
56478
56479
56480
56481
56482
56483
56484
56485
56486
56487
56488
56489
56490
56491
56492
56493
56494
56495
56496
56497
56498
56499
56500
56501
56502
56503
56504
56505
56506
56507
56508
56509
56510
56511
56512
56513
56514
56515
56516
56517
56518
56519
56520
56521
56522
56523
56524
56525
56526
56527
56528
56529
56530
56531
56532
56533
56534
56535
56536
56537
56538
56539
56540
56541
56542
56543
56544
56545
56546
56547
56548
56549
56550
56551
56552
56553
56554
56555
56556
56557
56558
56559
56560
56561
56562
56563
56564
56565
56566
56567
56568
56569
56570
56571
56572
56573
56574
56575
56576
56577
56578
56579
56580
56581
56582
56583
56584
56585
56586
56587
56588
56589
56590
56591
56592
56593
56594
56595
56596
56597
56598
56599
56600
56601
56602
56603
56604
56605
56606
56607
56608
56609
56610
56611
56612
56613
56614
56615
56616
56617
56618
56619
56620
56621
56622
56623
56624
56625
56626
56627
56628
56629
56630
56631
56632
56633
56634
56635
56636
56637
56638
56639
56640
56641
56642
56643
56644
56645
56646
56647
56648
56649
56650
56651
56652
56653
56654
56655
56656
56657
56658
56659
56660
56661
56662
56663
56664
56665
56666
56667
56668
56669
56670
56671
56672
56673
56674
56675
56676
56677
56678
56679
56680
56681
56682
56683
56684
56685
56686
56687
56688
56689
56690
56691
56692
56693
56694
56695
56696
56697
56698
56699
56700
56701
56702
56703
56704
56705
56706
56707
56708
56709
56710
56711
56712
56713
56714
56715
56716
56717
56718
56719
56720
56721
56722
56723
56724
56725
56726
56727
56728
56729
56730
56731
56732
56733
56734
56735
56736
56737
56738
56739
56740
56741
56742
56743
56744
56745
56746
56747
56748
56749
56750
56751
56752
56753
56754
56755
56756
56757
56758
56759
56760
56761
56762
56763
56764
56765
56766
56767
56768
56769
56770
56771
56772
56773
56774
56775
56776
56777
56778
56779
56780
56781
56782
56783
56784
56785
56786
56787
56788
56789
56790
56791
56792
56793
56794
56795
56796
56797
56798
56799
56800
56801
56802
56803
56804
56805
56806
56807
56808
56809
56810
56811
56812
56813
56814
56815
56816
56817
56818
56819
56820
56821
56822
56823
56824
56825
56826
56827
56828
56829
56830
56831
56832
56833
56834
56835
56836
56837
56838
56839
56840
56841
56842
56843
56844
56845
56846
56847
56848
56849
56850
56851
56852
56853
56854
56855
56856
56857
56858
56859
56860
56861
56862
56863
56864
56865
56866
56867
56868
56869
56870
56871
56872
56873
56874
56875
56876
56877
56878
56879
56880
56881
56882
56883
56884
56885
56886
56887
56888
56889
56890
56891
56892
56893
56894
56895
56896
56897
56898
56899
56900
56901
56902
56903
56904
56905
56906
56907
56908
56909
56910
56911
56912
56913
56914
56915
56916
56917
56918
56919
56920
56921
56922
56923
56924
56925
56926
56927
56928
56929
56930
56931
56932
56933
56934
56935
56936
56937
56938
56939
56940
56941
56942
56943
56944
56945
56946
56947
56948
56949
56950
56951
56952
56953
56954
56955
56956
56957
56958
56959
56960
56961
56962
56963
56964
56965
56966
56967
56968
56969
56970
56971
56972
56973
56974
56975
56976
56977
56978
56979
56980
56981
56982
56983
56984
56985
56986
56987
56988
56989
56990
56991
56992
56993
56994
56995
56996
56997
56998
56999
57000
57001
57002
57003
57004
57005
57006
57007
57008
57009
57010
57011
57012
57013
57014
57015
57016
57017
57018
57019
57020
57021
57022
57023
57024
57025
57026
57027
57028
57029
57030
57031
57032
57033
57034
57035
57036
57037
57038
57039
57040
57041
57042
57043
57044
57045
57046
57047
57048
57049
57050
57051
57052
57053
57054
57055
57056
57057
57058
57059
57060
57061
57062
57063
57064
57065
57066
57067
57068
57069
57070
57071
57072
57073
57074
57075
57076
57077
57078
57079
57080
57081
57082
57083
57084
57085
57086
57087
57088
57089
57090
57091
57092
57093
57094
57095
57096
57097
57098
57099
57100
57101
57102
57103
57104
57105
57106
57107
57108
57109
57110
57111
57112
57113
57114
57115
57116
57117
57118
57119
57120
57121
57122
57123
57124
57125
57126
57127
57128
57129
57130
57131
57132
57133
57134
57135
57136
57137
57138
57139
57140
57141
57142
57143
57144
57145
57146
57147
57148
57149
57150
57151
57152
57153
57154
57155
57156
57157
57158
57159
57160
57161
57162
57163
57164
57165
57166
57167
57168
57169
57170
57171
57172
57173
57174
57175
57176
57177
57178
57179
57180
57181
57182
57183
57184
57185
57186
57187
57188
57189
57190
57191
57192
57193
57194
57195
57196
57197
57198
57199
57200
57201
57202
57203
57204
57205
57206
57207
57208
57209
57210
57211
57212
57213
57214
57215
57216
57217
57218
57219
57220
57221
57222
57223
57224
57225
57226
57227
57228
57229
57230
57231
57232
57233
57234
57235
57236
57237
57238
57239
57240
57241
57242
57243
57244
57245
57246
57247
57248
57249
57250
57251
57252
57253
57254
57255
57256
57257
57258
57259
57260
57261
57262
57263
57264
57265
57266
57267
57268
57269
57270
57271
57272
57273
57274
57275
57276
57277
57278
57279
57280
57281
57282
57283
57284
57285
57286
57287
57288
57289
57290
57291
57292
57293
57294
57295
57296
57297
57298
57299
57300
57301
57302
57303
57304
57305
57306
57307
57308
57309
57310
57311
57312
57313
57314
57315
57316
57317
57318
57319
57320
57321
57322
57323
57324
57325
57326
57327
57328
57329
57330
57331
57332
57333
57334
57335
57336
57337
57338
57339
57340
57341
57342
57343
57344
57345
57346
57347
57348
57349
57350
57351
57352
57353
57354
57355
57356
57357
57358
57359
57360
57361
57362
57363
57364
57365
57366
57367
57368
57369
57370
57371
57372
57373
57374
57375
57376
57377
57378
57379
57380
57381
57382
57383
57384
57385
57386
57387
57388
57389
57390
57391
57392
57393
57394
57395
57396
57397
57398
57399
57400
57401
57402
57403
57404
57405
57406
57407
57408
57409
57410
57411
57412
57413
57414
57415
57416
57417
57418
57419
57420
57421
57422
57423
57424
57425
57426
57427
57428
57429
57430
57431
57432
57433
57434
57435
57436
57437
57438
57439
57440
57441
57442
57443
57444
57445
57446
57447
57448
57449
57450
57451
57452
57453
57454
57455
57456
57457
57458
57459
57460
57461
57462
57463
57464
57465
57466
57467
57468
57469
57470
57471
57472
57473
57474
57475
57476
57477
57478
57479
57480
57481
57482
57483
57484
57485
57486
57487
57488
57489
57490
57491
57492
57493
57494
57495
57496
57497
57498
57499
57500
57501
57502
57503
57504
57505
57506
57507
57508
57509
57510
57511
57512
57513
57514
57515
57516
57517
57518
57519
57520
57521
57522
57523
57524
57525
57526
57527
57528
57529
57530
57531
57532
57533
57534
57535
57536
57537
57538
57539
57540
57541
57542
57543
57544
57545
57546
57547
57548
57549
57550
57551
57552
57553
57554
57555
57556
57557
57558
57559
57560
57561
57562
57563
57564
57565
57566
57567
57568
57569
57570
57571
57572
57573
57574
57575
57576
57577
57578
57579
57580
57581
57582
57583
57584
57585
57586
57587
57588
57589
57590
57591
57592
57593
57594
57595
57596
57597
57598
57599
57600
57601
57602
57603
57604
57605
57606
57607
57608
57609
57610
57611
57612
57613
57614
57615
57616
57617
57618
57619
57620
57621
57622
57623
57624
57625
57626
57627
57628
57629
57630
57631
57632
57633
57634
57635
57636
57637
57638
57639
57640
57641
57642
57643
57644
57645
57646
57647
57648
57649
57650
57651
57652
57653
57654
57655
57656
57657
57658
57659
57660
57661
57662
57663
57664
57665
57666
57667
57668
57669
57670
57671
57672
57673
57674
57675
57676
57677
57678
57679
57680
57681
57682
57683
57684
57685
57686
57687
57688
57689
57690
57691
57692
57693
57694
57695
57696
57697
57698
57699
57700
57701
57702
57703
57704
57705
57706
57707
57708
57709
57710
57711
57712
57713
57714
57715
57716
57717
57718
57719
57720
57721
57722
57723
57724
57725
57726
57727
57728
57729
57730
57731
57732
57733
57734
57735
57736
57737
57738
57739
57740
57741
57742
57743
57744
57745
57746
57747
57748
57749
57750
57751
57752
57753
57754
57755
57756
57757
57758
57759
57760
57761
57762
57763
57764
57765
57766
57767
57768
57769
57770
57771
57772
57773
57774
57775
57776
57777
57778
57779
57780
57781
57782
57783
57784
57785
57786
57787
57788
57789
57790
57791
57792
57793
57794
57795
57796
57797
57798
57799
57800
57801
57802
57803
57804
57805
57806
57807
57808
57809
57810
57811
57812
57813
57814
57815
57816
57817
57818
57819
57820
57821
57822
57823
57824
57825
57826
57827
57828
57829
57830
57831
57832
57833
57834
57835
57836
57837
57838
57839
57840
57841
57842
57843
57844
57845
57846
57847
57848
57849
57850
57851
57852
57853
57854
57855
57856
57857
57858
57859
57860
57861
57862
57863
57864
57865
57866
57867
57868
57869
57870
57871
57872
57873
57874
57875
57876
57877
57878
57879
57880
57881
57882
57883
57884
57885
57886
57887
57888
57889
57890
57891
57892
57893
57894
57895
57896
57897
57898
57899
57900
57901
57902
57903
57904
57905
57906
57907
57908
57909
57910
57911
57912
57913
57914
57915
57916
57917
57918
57919
57920
57921
57922
57923
57924
57925
57926
57927
57928
57929
57930
57931
57932
57933
57934
57935
57936
57937
57938
57939
57940
57941
57942
57943
57944
57945
57946
57947
57948
57949
57950
57951
57952
57953
57954
57955
57956
57957
57958
57959
57960
57961
57962
57963
57964
57965
57966
57967
57968
57969
57970
57971
57972
57973
57974
57975
57976
57977
57978
57979
57980
57981
57982
57983
57984
57985
57986
57987
57988
57989
57990
57991
57992
57993
57994
57995
57996
57997
57998
57999
58000
58001
58002
58003
58004
58005
58006
58007
58008
58009
58010
58011
58012
58013
58014
58015
58016
58017
58018
58019
58020
58021
58022
58023
58024
58025
58026
58027
58028
58029
58030
58031
58032
58033
58034
58035
58036
58037
58038
58039
58040
58041
58042
58043
58044
58045
58046
58047
58048
58049
58050
58051
58052
58053
58054
58055
58056
58057
58058
58059
58060
58061
58062
58063
58064
58065
58066
58067
58068
58069
58070
58071
58072
58073
58074
58075
58076
58077
58078
58079
58080
58081
58082
58083
58084
58085
58086
58087
58088
58089
58090
58091
58092
58093
58094
58095
58096
58097
58098
58099
58100
58101
58102
58103
58104
58105
58106
58107
58108
58109
58110
58111
58112
58113
58114
58115
58116
58117
58118
58119
58120
58121
58122
58123
58124
58125
58126
58127
58128
58129
58130
58131
58132
58133
58134
58135
58136
58137
58138
58139
58140
58141
58142
58143
58144
58145
58146
58147
58148
58149
58150
58151
58152
58153
58154
58155
58156
58157
58158
58159
58160
58161
58162
58163
58164
58165
58166
58167
58168
58169
58170
58171
58172
58173
58174
58175
58176
58177
58178
58179
58180
58181
58182
58183
58184
58185
58186
58187
58188
58189
58190
58191
58192
58193
58194
58195
58196
58197
58198
58199
58200
58201
58202
58203
58204
58205
58206
58207
58208
58209
58210
58211
58212
58213
58214
58215
58216
58217
58218
58219
58220
58221
58222
58223
58224
58225
58226
58227
58228
58229
58230
58231
58232
58233
58234
58235
58236
58237
58238
58239
58240
58241
58242
58243
58244
58245
58246
58247
58248
58249
58250
58251
58252
58253
58254
58255
58256
58257
58258
58259
58260
58261
58262
58263
58264
58265
58266
58267
58268
58269
58270
58271
58272
58273
58274
58275
58276
58277
58278
58279
58280
58281
58282
58283
58284
58285
58286
58287
58288
58289
58290
58291
58292
58293
58294
58295
58296
58297
58298
58299
58300
58301
58302
58303
58304
58305
58306
58307
58308
58309
58310
58311
58312
58313
58314
58315
58316
58317
58318
58319
58320
58321
58322
58323
58324
58325
58326
58327
58328
58329
58330
58331
58332
58333
58334
58335
58336
58337
58338
58339
58340
58341
58342
58343
58344
58345
58346
58347
58348
58349
58350
58351
58352
58353
58354
58355
58356
58357
58358
58359
58360
58361
58362
58363
58364
58365
58366
58367
58368
58369
58370
58371
58372
58373
58374
58375
58376
58377
58378
58379
58380
58381
58382
58383
58384
58385
58386
58387
58388
58389
58390
58391
58392
58393
58394
58395
58396
58397
58398
58399
58400
58401
58402
58403
58404
58405
58406
58407
58408
58409
58410
58411
58412
58413
58414
58415
58416
58417
58418
58419
58420
58421
58422
58423
58424
58425
58426
58427
58428
58429
58430
58431
58432
58433
58434
58435
58436
58437
58438
58439
58440
58441
58442
58443
58444
58445
58446
58447
58448
58449
58450
58451
58452
58453
58454
58455
58456
58457
58458
58459
58460
58461
58462
58463
58464
58465
58466
58467
58468
58469
58470
58471
58472
58473
58474
58475
58476
58477
58478
58479
58480
58481
58482
58483
58484
58485
58486
58487
58488
58489
58490
58491
58492
58493
58494
58495
58496
58497
58498
58499
58500
58501
58502
58503
58504
58505
58506
58507
58508
58509
58510
58511
58512
58513
58514
58515
58516
58517
58518
58519
58520
58521
58522
58523
58524
58525
58526
58527
58528
58529
58530
58531
58532
58533
58534
58535
58536
58537
58538
58539
58540
58541
58542
58543
58544
58545
58546
58547
58548
58549
58550
58551
58552
58553
58554
58555
58556
58557
58558
58559
58560
58561
58562
58563
58564
58565
58566
58567
58568
58569
58570
58571
58572
58573
58574
58575
58576
58577
58578
58579
58580
58581
58582
58583
58584
58585
58586
58587
58588
58589
58590
58591
58592
58593
58594
58595
58596
58597
58598
58599
58600
58601
58602
58603
58604
58605
58606
58607
58608
58609
58610
58611
58612
58613
58614
58615
58616
58617
58618
58619
58620
58621
58622
58623
58624
58625
58626
58627
58628
58629
58630
58631
58632
58633
58634
58635
58636
58637
58638
58639
58640
58641
58642
58643
58644
58645
58646
58647
58648
58649
58650
58651
58652
58653
58654
58655
58656
58657
58658
58659
58660
58661
58662
58663
58664
58665
58666
58667
58668
58669
58670
58671
58672
58673
58674
58675
58676
58677
58678
58679
58680
58681
58682
58683
58684
58685
58686
58687
58688
58689
58690
58691
58692
58693
58694
58695
58696
58697
58698
58699
58700
58701
58702
58703
58704
58705
58706
58707
58708
58709
58710
58711
58712
58713
58714
58715
58716
58717
58718
58719
58720
58721
58722
58723
58724
58725
58726
58727
58728
58729
58730
58731
58732
58733
58734
58735
58736
58737
58738
58739
58740
58741
58742
58743
58744
58745
58746
58747
58748
58749
58750
58751
58752
58753
58754
58755
58756
58757
58758
58759
58760
58761
58762
58763
58764
58765
58766
58767
58768
58769
58770
58771
58772
58773
58774
58775
58776
58777
58778
58779
58780
58781
58782
58783
58784
58785
58786
58787
58788
58789
58790
58791
58792
58793
58794
58795
58796
58797
58798
58799
58800
58801
58802
58803
58804
58805
58806
58807
58808
58809
58810
58811
58812
58813
58814
58815
58816
58817
58818
58819
58820
58821
58822
58823
58824
58825
58826
58827
58828
58829
58830
58831
58832
58833
58834
58835
58836
58837
58838
58839
58840
58841
58842
58843
58844
58845
58846
58847
58848
58849
58850
58851
58852
58853
58854
58855
58856
58857
58858
58859
58860
58861
58862
58863
58864
58865
58866
58867
58868
58869
58870
58871
58872
58873
58874
58875
58876
58877
58878
58879
58880
58881
58882
58883
58884
58885
58886
58887
58888
58889
58890
58891
58892
58893
58894
58895
58896
58897
58898
58899
58900
58901
58902
58903
58904
58905
58906
58907
58908
58909
58910
58911
58912
58913
58914
58915
58916
58917
58918
58919
58920
58921
58922
58923
58924
58925
58926
58927
58928
58929
58930
58931
58932
58933
58934
58935
58936
58937
58938
58939
58940
58941
58942
58943
58944
58945
58946
58947
58948
58949
58950
58951
58952
58953
58954
58955
58956
58957
58958
58959
58960
58961
58962
58963
58964
58965
58966
58967
58968
58969
58970
58971
58972
58973
58974
58975
58976
58977
58978
58979
58980
58981
58982
58983
58984
58985
58986
58987
58988
58989
58990
58991
58992
58993
58994
58995
58996
58997
58998
58999
59000
59001
59002
59003
59004
59005
59006
59007
59008
59009
59010
59011
59012
59013
59014
59015
59016
59017
59018
59019
59020
59021
59022
59023
59024
59025
59026
59027
59028
59029
59030
59031
59032
59033
59034
59035
59036
59037
59038
59039
59040
59041
59042
59043
59044
59045
59046
59047
59048
59049
59050
59051
59052
59053
59054
59055
59056
59057
59058
59059
59060
59061
59062
59063
59064
59065
59066
59067
59068
59069
59070
59071
59072
59073
59074
59075
59076
59077
59078
59079
59080
59081
59082
59083
59084
59085
59086
59087
59088
59089
59090
59091
59092
59093
59094
59095
59096
59097
59098
59099
59100
59101
59102
59103
59104
59105
59106
59107
59108
59109
59110
59111
59112
59113
59114
59115
59116
59117
59118
59119
59120
59121
59122
59123
59124
59125
59126
59127
59128
59129
59130
59131
59132
59133
59134
59135
59136
59137
59138
59139
59140
59141
59142
59143
59144
59145
59146
59147
59148
59149
59150
59151
59152
59153
59154
59155
59156
59157
59158
59159
59160
59161
59162
59163
59164
59165
59166
59167
59168
59169
59170
59171
59172
59173
59174
59175
59176
59177
59178
59179
59180
59181
59182
59183
59184
59185
59186
59187
59188
59189
59190
59191
59192
59193
59194
59195
59196
59197
59198
59199
59200
59201
59202
59203
59204
59205
59206
59207
59208
59209
59210
59211
59212
59213
59214
59215
59216
59217
59218
59219
59220
59221
59222
59223
59224
59225
59226
59227
59228
59229
59230
59231
59232
59233
59234
59235
59236
59237
59238
59239
59240
59241
59242
59243
59244
59245
59246
59247
59248
59249
59250
59251
59252
59253
59254
59255
59256
59257
59258
59259
59260
59261
59262
59263
59264
59265
59266
59267
59268
59269
59270
59271
59272
59273
59274
59275
59276
59277
59278
59279
59280
59281
59282
59283
59284
59285
59286
59287
59288
59289
59290
59291
59292
59293
59294
59295
59296
59297
59298
59299
59300
59301
59302
59303
59304
59305
59306
59307
59308
59309
59310
59311
59312
59313
59314
59315
59316
59317
59318
59319
59320
59321
59322
59323
59324
59325
59326
59327
59328
59329
59330
59331
59332
59333
59334
59335
59336
59337
59338
59339
59340
59341
59342
59343
59344
59345
59346
59347
59348
59349
59350
59351
59352
59353
59354
59355
59356
59357
59358
59359
59360
59361
59362
59363
59364
59365
59366
59367
59368
59369
59370
59371
59372
59373
59374
59375
59376
59377
59378
59379
59380
59381
59382
59383
59384
59385
59386
59387
59388
59389
59390
59391
59392
59393
59394
59395
59396
59397
59398
59399
59400
59401
59402
59403
59404
59405
59406
59407
59408
59409
59410
59411
59412
59413
59414
59415
59416
59417
59418
59419
59420
59421
59422
59423
59424
59425
59426
59427
59428
59429
59430
59431
59432
59433
59434
59435
59436
59437
59438
59439
59440
59441
59442
59443
59444
59445
59446
59447
59448
59449
59450
59451
59452
59453
59454
59455
59456
59457
59458
59459
59460
59461
59462
59463
59464
59465
59466
59467
59468
59469
59470
59471
59472
59473
59474
59475
59476
59477
59478
59479
59480
59481
59482
59483
59484
59485
59486
59487
59488
59489
59490
59491
59492
59493
59494
59495
59496
59497
59498
59499
59500
59501
59502
59503
59504
59505
59506
59507
59508
59509
59510
59511
59512
59513
59514
59515
59516
59517
59518
59519
59520
59521
59522
59523
59524
59525
59526
59527
59528
59529
59530
59531
59532
59533
59534
59535
59536
59537
59538
59539
59540
59541
59542
59543
59544
59545
59546
59547
59548
59549
59550
59551
59552
59553
59554
59555
59556
59557
59558
59559
59560
59561
59562
59563
59564
59565
59566
59567
59568
59569
59570
59571
59572
59573
59574
59575
59576
59577
59578
59579
59580
59581
59582
59583
59584
59585
59586
59587
59588
59589
59590
59591
59592
59593
59594
59595
59596
59597
59598
59599
59600
59601
59602
59603
59604
59605
59606
59607
59608
59609
59610
59611
59612
59613
59614
59615
59616
59617
59618
59619
59620
59621
59622
59623
59624
59625
59626
59627
59628
59629
59630
59631
59632
59633
59634
59635
59636
59637
59638
59639
59640
59641
59642
59643
59644
59645
59646
59647
59648
59649
59650
59651
59652
59653
59654
59655
59656
59657
59658
59659
59660
59661
59662
59663
59664
59665
59666
59667
59668
59669
59670
59671
59672
59673
59674
59675
59676
59677
59678
59679
59680
59681
59682
59683
59684
59685
59686
59687
59688
59689
59690
59691
59692
59693
59694
59695
59696
59697
59698
59699
59700
59701
59702
59703
59704
59705
59706
59707
59708
59709
59710
59711
59712
59713
59714
59715
59716
59717
59718
59719
59720
59721
59722
59723
59724
59725
59726
59727
59728
59729
59730
59731
59732
59733
59734
59735
59736
59737
59738
59739
59740
59741
59742
59743
59744
59745
59746
59747
59748
59749
59750
59751
59752
59753
59754
59755
59756
59757
59758
59759
59760
59761
59762
59763
59764
59765
59766
59767
59768
59769
59770
59771
59772
59773
59774
59775
59776
59777
59778
59779
59780
59781
59782
59783
59784
59785
59786
59787
59788
59789
59790
59791
59792
59793
59794
59795
59796
59797
59798
59799
59800
59801
59802
59803
59804
59805
59806
59807
59808
59809
59810
59811
59812
59813
59814
59815
59816
59817
59818
59819
59820
59821
59822
59823
59824
59825
59826
59827
59828
59829
59830
59831
59832
59833
59834
59835
59836
59837
59838
59839
59840
59841
59842
59843
59844
59845
59846
59847
59848
59849
59850
59851
59852
59853
59854
59855
59856
59857
59858
59859
59860
59861
59862
59863
59864
59865
59866
59867
59868
59869
59870
59871
59872
59873
59874
59875
59876
59877
59878
59879
59880
59881
59882
59883
59884
59885
59886
59887
59888
59889
59890
59891
59892
59893
59894
59895
59896
59897
59898
59899
59900
59901
59902
59903
59904
59905
59906
59907
59908
59909
59910
59911
59912
59913
59914
59915
59916
59917
59918
59919
59920
59921
59922
59923
59924
59925
59926
59927
59928
59929
59930
59931
59932
59933
59934
59935
59936
59937
59938
59939
59940
59941
59942
59943
59944
59945
59946
59947
59948
59949
59950
59951
59952
59953
59954
59955
59956
59957
59958
59959
59960
59961
59962
59963
59964
59965
59966
59967
59968
59969
59970
59971
59972
59973
59974
59975
59976
59977
59978
59979
59980
59981
59982
59983
59984
59985
59986
59987
59988
59989
59990
59991
59992
59993
59994
59995
59996
59997
59998
59999
60000
60001
60002
60003
60004
60005
60006
60007
60008
60009
60010
60011
60012
60013
60014
60015
60016
60017
60018
60019
60020
60021
60022
60023
60024
60025
60026
60027
60028
60029
60030
60031
60032
60033
60034
60035
60036
60037
60038
60039
60040
60041
60042
60043
60044
60045
60046
60047
60048
60049
60050
60051
60052
60053
60054
60055
60056
60057
60058
60059
60060
60061
60062
60063
60064
60065
60066
60067
60068
60069
60070
60071
60072
60073
60074
60075
60076
60077
60078
60079
60080
60081
60082
60083
60084
60085
60086
60087
60088
60089
60090
60091
60092
60093
60094
60095
60096
60097
60098
60099
60100
60101
60102
60103
60104
60105
60106
60107
60108
60109
60110
60111
60112
60113
60114
60115
60116
60117
60118
60119
60120
60121
60122
60123
60124
60125
60126
60127
60128
60129
60130
60131
60132
60133
60134
60135
60136
60137
60138
60139
60140
60141
60142
60143
60144
60145
60146
60147
60148
60149
60150
60151
60152
60153
60154
60155
60156
60157
60158
60159
60160
60161
60162
60163
60164
60165
60166
60167
60168
60169
60170
60171
60172
60173
60174
60175
60176
60177
60178
60179
60180
60181
60182
60183
60184
60185
60186
60187
60188
60189
60190
60191
60192
60193
60194
60195
60196
60197
60198
60199
60200
60201
60202
60203
60204
60205
60206
60207
60208
60209
60210
60211
60212
60213
60214
60215
60216
60217
60218
60219
60220
60221
60222
60223
60224
60225
60226
60227
60228
60229
60230
60231
60232
60233
60234
60235
60236
60237
60238
60239
60240
60241
60242
60243
60244
60245
60246
60247
60248
60249
60250
60251
60252
60253
60254
60255
60256
60257
60258
60259
60260
60261
60262
60263
60264
60265
60266
60267
60268
60269
60270
60271
60272
60273
60274
60275
60276
60277
60278
60279
60280
60281
60282
60283
60284
60285
60286
60287
60288
60289
60290
60291
60292
60293
60294
60295
60296
60297
60298
60299
60300
60301
60302
60303
60304
60305
60306
60307
60308
60309
60310
60311
60312
60313
60314
60315
60316
60317
60318
60319
60320
60321
60322
60323
60324
60325
60326
60327
60328
60329
60330
60331
60332
60333
60334
60335
60336
60337
60338
60339
60340
60341
60342
60343
60344
60345
60346
60347
60348
60349
60350
60351
60352
60353
60354
60355
60356
60357
60358
60359
60360
60361
60362
60363
60364
60365
60366
60367
60368
60369
60370
60371
60372
60373
60374
60375
60376
60377
60378
60379
60380
60381
60382
60383
60384
60385
60386
60387
60388
60389
60390
60391
60392
60393
60394
60395
60396
60397
60398
60399
60400
60401
60402
60403
60404
60405
60406
60407
60408
60409
60410
60411
60412
60413
60414
60415
60416
60417
60418
60419
60420
60421
60422
60423
60424
60425
60426
60427
60428
60429
60430
60431
60432
60433
60434
60435
60436
60437
60438
60439
60440
60441
60442
60443
60444
60445
60446
60447
60448
60449
60450
60451
60452
60453
60454
60455
60456
60457
60458
60459
60460
60461
60462
60463
60464
60465
60466
60467
60468
60469
60470
60471
60472
60473
60474
60475
60476
60477
60478
60479
60480
60481
60482
60483
60484
60485
60486
60487
60488
60489
60490
60491
60492
60493
60494
60495
60496
60497
60498
60499
60500
60501
60502
60503
60504
60505
60506
60507
60508
60509
60510
60511
60512
60513
60514
60515
60516
60517
60518
60519
60520
60521
60522
60523
60524
60525
60526
60527
60528
60529
60530
60531
60532
60533
60534
60535
60536
60537
60538
60539
60540
60541
60542
60543
60544
60545
60546
60547
60548
60549
60550
60551
60552
60553
60554
60555
60556
60557
60558
60559
60560
60561
60562
60563
60564
60565
60566
60567
60568
60569
60570
60571
60572
60573
60574
60575
60576
60577
60578
60579
60580
60581
60582
60583
60584
60585
60586
60587
60588
60589
60590
60591
60592
60593
60594
60595
60596
60597
60598
60599
60600
60601
60602
60603
60604
60605
60606
60607
60608
60609
60610
60611
60612
60613
60614
60615
60616
60617
60618
60619
60620
60621
60622
60623
60624
60625
60626
60627
60628
60629
60630
60631
60632
60633
60634
60635
60636
60637
60638
60639
60640
60641
60642
60643
60644
60645
60646
60647
60648
60649
60650
60651
60652
60653
60654
60655
60656
60657
60658
60659
60660
60661
60662
60663
60664
60665
60666
60667
60668
60669
60670
60671
60672
60673
60674
60675
60676
60677
60678
60679
60680
60681
60682
60683
60684
60685
60686
60687
60688
60689
60690
60691
60692
60693
60694
60695
60696
60697
60698
60699
60700
60701
60702
60703
60704
60705
60706
60707
60708
60709
60710
60711
60712
60713
60714
60715
60716
60717
60718
60719
60720
60721
60722
60723
60724
60725
60726
60727
60728
60729
60730
60731
60732
60733
60734
60735
60736
60737
60738
60739
60740
60741
60742
60743
60744
60745
60746
60747
60748
60749
60750
60751
60752
60753
60754
60755
60756
60757
60758
60759
60760
60761
60762
60763
60764
60765
60766
60767
60768
60769
60770
60771
60772
60773
60774
60775
60776
60777
60778
60779
60780
60781
60782
60783
60784
60785
60786
60787
60788
60789
60790
60791
60792
60793
60794
60795
60796
60797
60798
60799
60800
60801
60802
60803
60804
60805
60806
60807
60808
60809
60810
60811
60812
60813
60814
60815
60816
60817
60818
60819
60820
60821
60822
60823
60824
60825
60826
60827
60828
60829
60830
60831
60832
60833
60834
60835
60836
60837
60838
60839
60840
60841
60842
60843
60844
60845
60846
60847
60848
60849
60850
60851
60852
60853
60854
60855
60856
60857
60858
60859
60860
60861
60862
60863
60864
60865
60866
60867
60868
60869
60870
60871
60872
60873
60874
60875
60876
60877
60878
60879
60880
60881
60882
60883
60884
60885
60886
60887
60888
60889
60890
60891
60892
60893
60894
60895
60896
60897
60898
60899
60900
60901
60902
60903
60904
60905
60906
60907
60908
60909
60910
60911
60912
60913
60914
60915
60916
60917
60918
60919
60920
60921
60922
60923
60924
60925
60926
60927
60928
60929
60930
60931
60932
60933
60934
60935
60936
60937
60938
60939
60940
60941
60942
60943
60944
60945
60946
60947
60948
60949
60950
60951
60952
60953
60954
60955
60956
60957
60958
60959
60960
60961
60962
60963
60964
60965
60966
60967
60968
60969
60970
60971
60972
60973
60974
60975
60976
60977
60978
60979
60980
60981
60982
60983
60984
60985
60986
60987
60988
60989
60990
60991
60992
60993
60994
60995
60996
60997
60998
60999
61000
61001
61002
61003
61004
61005
61006
61007
61008
61009
61010
61011
61012
61013
61014
61015
61016
61017
61018
61019
61020
61021
61022
61023
61024
61025
61026
61027
61028
61029
61030
61031
61032
61033
61034
61035
61036
61037
61038
61039
61040
61041
61042
61043
61044
61045
61046
61047
61048
61049
61050
61051
61052
61053
61054
61055
61056
61057
61058
61059
61060
61061
61062
61063
61064
61065
61066
61067
61068
61069
61070
61071
61072
61073
61074
61075
61076
61077
61078
61079
61080
61081
61082
61083
61084
61085
61086
61087
61088
61089
61090
61091
61092
61093
61094
61095
61096
61097
61098
61099
61100
61101
61102
61103
61104
61105
61106
61107
61108
61109
61110
61111
61112
61113
61114
61115
61116
61117
61118
61119
61120
61121
61122
61123
61124
61125
61126
61127
61128
61129
61130
61131
61132
61133
61134
61135
61136
61137
61138
61139
61140
61141
61142
61143
61144
61145
61146
61147
61148
61149
61150
61151
61152
61153
61154
61155
61156
61157
61158
61159
61160
61161
61162
61163
61164
61165
61166
61167
61168
61169
61170
61171
61172
61173
61174
61175
61176
61177
61178
61179
61180
61181
61182
61183
61184
61185
61186
61187
61188
61189
61190
61191
61192
61193
61194
61195
61196
61197
61198
61199
61200
61201
61202
61203
61204
61205
61206
61207
61208
61209
61210
61211
61212
61213
61214
61215
61216
61217
61218
61219
61220
61221
61222
61223
61224
61225
61226
61227
61228
61229
61230
61231
61232
61233
61234
61235
61236
61237
61238
61239
61240
61241
61242
61243
61244
61245
61246
61247
61248
61249
61250
61251
61252
61253
61254
61255
61256
61257
61258
61259
61260
61261
61262
61263
61264
61265
61266
61267
61268
61269
61270
61271
61272
61273
61274
61275
61276
61277
61278
61279
61280
61281
61282
61283
61284
61285
61286
61287
61288
61289
61290
61291
61292
61293
61294
61295
61296
61297
61298
61299
61300
61301
61302
61303
61304
61305
61306
61307
61308
61309
61310
61311
61312
61313
61314
61315
61316
61317
61318
61319
61320
61321
61322
61323
61324
61325
61326
61327
61328
61329
61330
61331
61332
61333
61334
61335
61336
61337
61338
61339
61340
61341
61342
61343
61344
61345
61346
61347
61348
61349
61350
61351
61352
61353
61354
61355
61356
61357
61358
61359
61360
61361
61362
61363
61364
61365
61366
61367
61368
61369
61370
61371
61372
61373
61374
61375
61376
61377
61378
61379
61380
61381
61382
61383
61384
61385
61386
61387
61388
61389
61390
61391
61392
61393
61394
61395
61396
61397
61398
61399
61400
61401
61402
61403
61404
61405
61406
61407
61408
61409
61410
61411
61412
61413
61414
61415
61416
61417
61418
61419
61420
61421
61422
61423
61424
61425
61426
61427
61428
61429
61430
61431
61432
61433
61434
61435
61436
61437
61438
61439
61440
61441
61442
61443
61444
61445
61446
61447
61448
61449
61450
61451
61452
61453
61454
61455
61456
61457
61458
61459
61460
61461
61462
61463
61464
61465
61466
61467
61468
61469
61470
61471
61472
61473
61474
61475
61476
61477
61478
61479
61480
61481
61482
61483
61484
61485
61486
61487
61488
61489
61490
61491
61492
61493
61494
61495
61496
61497
61498
61499
61500
61501
61502
61503
61504
61505
61506
61507
61508
61509
61510
61511
61512
61513
61514
61515
61516
61517
61518
61519
61520
61521
61522
61523
61524
61525
61526
61527
61528
61529
61530
61531
61532
61533
61534
61535
61536
61537
61538
61539
61540
61541
61542
61543
61544
61545
61546
61547
61548
61549
61550
61551
61552
61553
61554
61555
61556
61557
61558
61559
61560
61561
61562
61563
61564
61565
61566
61567
61568
61569
61570
61571
61572
61573
61574
61575
61576
61577
61578
61579
61580
61581
61582
61583
61584
61585
61586
61587
61588
61589
61590
61591
61592
61593
61594
61595
61596
61597
61598
61599
61600
61601
61602
61603
61604
61605
61606
61607
61608
61609
61610
61611
61612
61613
61614
61615
61616
61617
61618
61619
61620
61621
61622
61623
61624
61625
61626
61627
61628
61629
61630
61631
61632
61633
61634
61635
61636
61637
61638
61639
61640
61641
61642
61643
61644
61645
61646
61647
61648
61649
61650
61651
61652
61653
61654
61655
61656
61657
61658
61659
61660
61661
61662
61663
61664
61665
61666
61667
61668
61669
61670
61671
61672
61673
61674
61675
61676
61677
61678
61679
61680
61681
61682
61683
61684
61685
61686
61687
61688
61689
61690
61691
61692
61693
61694
61695
61696
61697
61698
61699
61700
61701
61702
61703
61704
61705
61706
61707
61708
61709
61710
61711
61712
61713
61714
61715
61716
61717
61718
61719
61720
61721
61722
61723
61724
61725
61726
61727
61728
61729
61730
61731
61732
61733
61734
61735
61736
61737
61738
61739
61740
61741
61742
61743
61744
61745
61746
61747
61748
61749
61750
61751
61752
61753
61754
61755
61756
61757
61758
61759
61760
61761
61762
61763
61764
61765
61766
61767
61768
61769
61770
61771
61772
61773
61774
61775
61776
61777
61778
61779
61780
61781
61782
61783
61784
61785
61786
61787
61788
61789
61790
61791
61792
61793
61794
61795
61796
61797
61798
61799
61800
61801
61802
61803
61804
61805
61806
61807
61808
61809
61810
61811
61812
61813
61814
61815
61816
61817
61818
61819
61820
61821
61822
61823
61824
61825
61826
61827
61828
61829
61830
61831
61832
61833
61834
61835
61836
61837
61838
61839
61840
61841
61842
61843
61844
61845
61846
61847
61848
61849
61850
61851
61852
61853
61854
61855
61856
61857
61858
61859
61860
61861
61862
61863
61864
61865
61866
61867
61868
61869
61870
61871
61872
61873
61874
61875
61876
61877
61878
61879
61880
61881
61882
61883
61884
61885
61886
61887
61888
61889
61890
61891
61892
61893
61894
61895
61896
61897
61898
61899
61900
61901
61902
61903
61904
61905
61906
61907
61908
61909
61910
61911
61912
61913
61914
61915
61916
61917
61918
61919
61920
61921
61922
61923
61924
61925
61926
61927
61928
61929
61930
61931
61932
61933
61934
61935
61936
61937
61938
61939
61940
61941
61942
61943
61944
61945
61946
61947
61948
61949
61950
61951
61952
61953
61954
61955
61956
61957
61958
61959
61960
61961
61962
61963
61964
61965
61966
61967
61968
61969
61970
61971
61972
61973
61974
61975
61976
61977
61978
61979
61980
61981
61982
61983
61984
61985
61986
61987
61988
61989
61990
61991
61992
61993
61994
61995
61996
61997
61998
61999
62000
62001
62002
62003
62004
62005
62006
62007
62008
62009
62010
62011
62012
62013
62014
62015
62016
62017
62018
62019
62020
62021
62022
62023
62024
62025
62026
62027
62028
62029
62030
62031
62032
62033
62034
62035
62036
62037
62038
62039
62040
62041
62042
62043
62044
62045
62046
62047
62048
62049
62050
62051
62052
62053
62054
62055
62056
62057
62058
62059
62060
62061
62062
62063
62064
62065
62066
62067
62068
62069
62070
62071
62072
62073
62074
62075
62076
62077
62078
62079
62080
62081
62082
62083
62084
62085
62086
62087
62088
62089
62090
62091
62092
62093
62094
62095
62096
62097
62098
62099
62100
62101
62102
62103
62104
62105
62106
62107
62108
62109
62110
62111
62112
62113
62114
62115
62116
62117
62118
62119
62120
62121
62122
62123
62124
62125
62126
62127
62128
62129
62130
62131
62132
62133
62134
62135
62136
62137
62138
62139
62140
62141
62142
62143
62144
62145
62146
62147
62148
62149
62150
62151
62152
62153
62154
62155
62156
62157
62158
62159
62160
62161
62162
62163
62164
62165
62166
62167
62168
62169
62170
62171
62172
62173
62174
62175
62176
62177
62178
62179
62180
62181
62182
62183
62184
62185
62186
62187
62188
62189
62190
62191
62192
62193
62194
62195
62196
62197
62198
62199
62200
62201
62202
62203
62204
62205
62206
62207
62208
62209
62210
62211
62212
62213
62214
62215
62216
62217
62218
62219
62220
62221
62222
62223
62224
62225
62226
62227
62228
62229
62230
62231
62232
62233
62234
62235
62236
62237
62238
62239
62240
62241
62242
62243
62244
62245
62246
62247
62248
62249
62250
62251
62252
62253
62254
62255
62256
62257
62258
62259
62260
62261
62262
62263
62264
62265
62266
62267
62268
62269
62270
62271
62272
62273
62274
62275
62276
62277
62278
62279
62280
62281
62282
62283
62284
62285
62286
62287
62288
62289
62290
62291
62292
62293
62294
62295
62296
62297
62298
62299
62300
62301
62302
62303
62304
62305
62306
62307
62308
62309
62310
62311
62312
62313
62314
62315
62316
62317
62318
62319
62320
62321
62322
62323
62324
62325
62326
62327
62328
62329
62330
62331
62332
62333
62334
62335
62336
62337
62338
62339
62340
62341
62342
62343
62344
62345
62346
62347
62348
62349
62350
62351
62352
62353
62354
62355
62356
62357
62358
62359
62360
62361
62362
62363
62364
62365
62366
62367
62368
62369
62370
62371
62372
62373
62374
62375
62376
62377
62378
62379
62380
62381
62382
62383
62384
62385
62386
62387
62388
62389
62390
62391
62392
62393
62394
62395
62396
62397
62398
62399
62400
62401
62402
62403
62404
62405
62406
62407
62408
62409
62410
62411
62412
62413
62414
62415
62416
62417
62418
62419
62420
62421
62422
62423
62424
62425
62426
62427
62428
62429
62430
62431
62432
62433
62434
62435
62436
62437
62438
62439
62440
62441
62442
62443
62444
62445
62446
62447
62448
62449
62450
62451
62452
62453
62454
62455
62456
62457
62458
62459
62460
62461
62462
62463
62464
62465
62466
62467
62468
62469
62470
62471
62472
62473
62474
62475
62476
62477
62478
62479
62480
62481
62482
62483
62484
62485
62486
62487
62488
62489
62490
62491
62492
62493
62494
62495
62496
62497
62498
62499
62500
62501
62502
62503
62504
62505
62506
62507
62508
62509
62510
62511
62512
62513
62514
62515
62516
62517
62518
62519
62520
62521
62522
62523
62524
62525
62526
62527
62528
62529
62530
62531
62532
62533
62534
62535
62536
62537
62538
62539
62540
62541
62542
62543
62544
62545
62546
62547
62548
62549
62550
62551
62552
62553
62554
62555
62556
62557
62558
62559
62560
62561
62562
62563
62564
62565
62566
62567
62568
62569
62570
62571
62572
62573
62574
62575
62576
62577
62578
62579
62580
62581
62582
62583
62584
62585
62586
62587
62588
62589
62590
62591
62592
62593
62594
62595
62596
62597
62598
62599
62600
62601
62602
62603
62604
62605
62606
62607
62608
62609
62610
62611
62612
62613
62614
62615
62616
62617
62618
62619
62620
62621
62622
62623
62624
62625
62626
62627
62628
62629
62630
62631
62632
62633
62634
62635
62636
62637
62638
62639
62640
62641
62642
62643
62644
62645
62646
62647
62648
62649
62650
62651
62652
62653
62654
62655
62656
62657
62658
62659
62660
62661
62662
62663
62664
62665
62666
62667
62668
62669
62670
62671
62672
62673
62674
62675
62676
62677
62678
62679
62680
62681
62682
62683
62684
62685
62686
62687
62688
62689
62690
62691
62692
62693
62694
62695
62696
62697
62698
62699
62700
62701
62702
62703
62704
62705
62706
62707
62708
62709
62710
62711
62712
62713
62714
62715
62716
62717
62718
62719
62720
62721
62722
62723
62724
62725
62726
62727
62728
62729
62730
62731
62732
62733
62734
62735
62736
62737
62738
62739
62740
62741
62742
62743
62744
62745
62746
62747
62748
62749
62750
62751
62752
62753
62754
62755
62756
62757
62758
62759
62760
62761
62762
62763
62764
62765
62766
62767
62768
62769
62770
62771
62772
62773
62774
62775
62776
62777
62778
62779
62780
62781
62782
62783
62784
62785
62786
62787
62788
62789
62790
62791
62792
62793
62794
62795
62796
62797
62798
62799
62800
62801
62802
62803
62804
62805
62806
62807
62808
62809
62810
62811
62812
62813
62814
62815
62816
62817
62818
62819
62820
62821
62822
62823
62824
62825
62826
62827
62828
62829
62830
62831
62832
62833
62834
62835
62836
62837
62838
62839
62840
62841
62842
62843
62844
62845
62846
62847
62848
62849
62850
62851
62852
62853
62854
62855
62856
62857
62858
62859
62860
62861
62862
62863
62864
62865
62866
62867
62868
62869
62870
62871
62872
62873
62874
62875
62876
62877
62878
62879
62880
62881
62882
62883
62884
62885
62886
62887
62888
62889
62890
62891
62892
62893
62894
62895
62896
62897
62898
62899
62900
62901
62902
62903
62904
62905
62906
62907
62908
62909
62910
62911
62912
62913
62914
62915
62916
62917
62918
62919
62920
62921
62922
62923
62924
62925
62926
62927
62928
62929
62930
62931
62932
62933
62934
62935
62936
62937
62938
62939
62940
62941
62942
62943
62944
62945
62946
62947
62948
62949
62950
62951
62952
62953
62954
62955
62956
62957
62958
62959
62960
62961
62962
62963
62964
62965
62966
62967
62968
62969
62970
62971
62972
62973
62974
62975
62976
62977
62978
62979
62980
62981
62982
62983
62984
62985
62986
62987
62988
62989
62990
62991
62992
62993
62994
62995
62996
62997
62998
62999
63000
63001
63002
63003
63004
63005
63006
63007
63008
63009
63010
63011
63012
63013
63014
63015
63016
63017
63018
63019
63020
63021
63022
63023
63024
63025
63026
63027
63028
63029
63030
63031
63032
63033
63034
63035
63036
63037
63038
63039
63040
63041
63042
63043
63044
63045
63046
63047
63048
63049
63050
63051
63052
63053
63054
63055
63056
63057
63058
63059
63060
63061
63062
63063
63064
63065
63066
63067
63068
63069
63070
63071
63072
63073
63074
63075
63076
63077
63078
63079
63080
63081
63082
63083
63084
63085
63086
63087
63088
63089
63090
63091
63092
63093
63094
63095
63096
63097
63098
63099
63100
63101
63102
63103
63104
63105
63106
63107
63108
63109
63110
63111
63112
63113
63114
63115
63116
63117
63118
63119
63120
63121
63122
63123
63124
63125
63126
63127
63128
63129
63130
63131
63132
63133
63134
63135
63136
63137
63138
63139
63140
63141
63142
63143
63144
63145
63146
63147
63148
63149
63150
63151
63152
63153
63154
63155
63156
63157
63158
63159
63160
63161
63162
63163
63164
63165
63166
63167
63168
63169
63170
63171
63172
63173
63174
63175
63176
63177
63178
63179
63180
63181
63182
63183
63184
63185
63186
63187
63188
63189
63190
63191
63192
63193
63194
63195
63196
63197
63198
63199
63200
63201
63202
63203
63204
63205
63206
63207
63208
63209
63210
63211
63212
63213
63214
63215
63216
63217
63218
63219
63220
63221
63222
63223
63224
63225
63226
63227
63228
63229
63230
63231
63232
63233
63234
63235
63236
63237
63238
63239
63240
63241
63242
63243
63244
63245
63246
63247
63248
63249
63250
63251
63252
63253
63254
63255
63256
63257
63258
63259
63260
63261
63262
63263
63264
63265
63266
63267
63268
63269
63270
63271
63272
63273
63274
63275
63276
63277
63278
63279
63280
63281
63282
63283
63284
63285
63286
63287
63288
63289
63290
63291
63292
63293
63294
63295
63296
63297
63298
63299
63300
63301
63302
63303
63304
63305
63306
63307
63308
63309
63310
63311
63312
63313
63314
63315
63316
63317
63318
63319
63320
63321
63322
63323
63324
63325
63326
63327
63328
63329
63330
63331
63332
63333
63334
63335
63336
63337
63338
63339
63340
63341
63342
63343
63344
63345
63346
63347
63348
63349
63350
63351
63352
63353
63354
63355
63356
63357
63358
63359
63360
63361
63362
63363
63364
63365
63366
63367
63368
63369
63370
63371
63372
63373
63374
63375
63376
63377
63378
63379
63380
63381
63382
63383
63384
63385
63386
63387
63388
63389
63390
63391
63392
63393
63394
63395
63396
63397
63398
63399
63400
63401
63402
63403
63404
63405
63406
63407
63408
63409
63410
63411
63412
63413
63414
63415
63416
63417
63418
63419
63420
63421
63422
63423
63424
63425
63426
63427
63428
63429
63430
63431
63432
63433
63434
63435
63436
63437
63438
63439
63440
63441
63442
63443
63444
63445
63446
63447
63448
63449
63450
63451
63452
63453
63454
63455
63456
63457
63458
63459
63460
63461
63462
63463
63464
63465
63466
63467
63468
63469
63470
63471
63472
63473
63474
63475
63476
63477
63478
63479
63480
63481
63482
63483
63484
63485
63486
63487
63488
63489
63490
63491
63492
63493
63494
63495
63496
63497
63498
63499
63500
63501
63502
63503
63504
63505
63506
63507
63508
63509
63510
63511
63512
63513
63514
63515
63516
63517
63518
63519
63520
63521
63522
63523
63524
63525
63526
63527
63528
63529
63530
63531
63532
63533
63534
63535
63536
63537
63538
63539
63540
63541
63542
63543
63544
63545
63546
63547
63548
63549
63550
63551
63552
63553
63554
63555
63556
63557
63558
63559
63560
63561
63562
63563
63564
63565
63566
63567
63568
63569
63570
63571
63572
63573
63574
63575
63576
63577
63578
63579
63580
63581
63582
63583
63584
63585
63586
63587
63588
63589
63590
63591
63592
63593
63594
63595
63596
63597
63598
63599
63600
63601
63602
63603
63604
63605
63606
63607
63608
63609
63610
63611
63612
63613
63614
63615
63616
63617
63618
63619
63620
63621
63622
63623
63624
63625
63626
63627
63628
63629
63630
63631
63632
63633
63634
63635
63636
63637
63638
63639
63640
63641
63642
63643
63644
63645
63646
63647
63648
63649
63650
63651
63652
63653
63654
63655
63656
63657
63658
63659
63660
63661
63662
63663
63664
63665
63666
63667
63668
63669
63670
63671
63672
63673
63674
63675
63676
63677
63678
63679
63680
63681
63682
63683
63684
63685
63686
63687
63688
63689
63690
63691
63692
63693
63694
63695
63696
63697
63698
63699
63700
63701
63702
63703
63704
63705
63706
63707
63708
63709
63710
63711
63712
63713
63714
63715
63716
63717
63718
63719
63720
63721
63722
63723
63724
63725
63726
63727
63728
63729
63730
63731
63732
63733
63734
63735
63736
63737
63738
63739
63740
63741
63742
63743
63744
63745
63746
63747
63748
63749
63750
63751
63752
63753
63754
63755
63756
63757
63758
63759
63760
63761
63762
63763
63764
63765
63766
63767
63768
63769
63770
63771
63772
63773
63774
63775
63776
63777
63778
63779
63780
63781
63782
63783
63784
63785
63786
63787
63788
63789
63790
63791
63792
63793
63794
63795
63796
63797
63798
63799
63800
63801
63802
63803
63804
63805
63806
63807
63808
63809
63810
63811
63812
63813
63814
63815
63816
63817
63818
63819
63820
63821
63822
63823
63824
63825
63826
63827
63828
63829
63830
63831
63832
63833
63834
63835
63836
63837
63838
63839
63840
63841
63842
63843
63844
63845
63846
63847
63848
63849
63850
63851
63852
63853
63854
63855
63856
63857
63858
63859
63860
63861
63862
63863
63864
63865
63866
63867
63868
63869
63870
63871
63872
63873
63874
63875
63876
63877
63878
63879
63880
63881
63882
63883
63884
63885
63886
63887
63888
63889
63890
63891
63892
63893
63894
63895
63896
63897
63898
63899
63900
63901
63902
63903
63904
63905
63906
63907
63908
63909
63910
63911
63912
63913
63914
63915
63916
63917
63918
63919
63920
63921
63922
63923
63924
63925
63926
63927
63928
63929
63930
63931
63932
63933
63934
63935
63936
63937
63938
63939
63940
63941
63942
63943
63944
63945
63946
63947
63948
63949
63950
63951
63952
63953
63954
63955
63956
63957
63958
63959
63960
63961
63962
63963
63964
63965
63966
63967
63968
63969
63970
63971
63972
63973
63974
63975
63976
63977
63978
63979
63980
63981
63982
63983
63984
63985
63986
63987
63988
63989
63990
63991
63992
63993
63994
63995
63996
63997
63998
63999
64000
64001
64002
64003
64004
64005
64006
64007
64008
64009
64010
64011
64012
64013
64014
64015
64016
64017
64018
64019
64020
64021
64022
64023
64024
64025
64026
64027
64028
64029
64030
64031
64032
64033
64034
64035
64036
64037
64038
64039
64040
64041
64042
64043
64044
64045
64046
64047
64048
64049
64050
64051
64052
64053
64054
64055
64056
64057
64058
64059
64060
64061
64062
64063
64064
64065
64066
64067
64068
64069
64070
64071
64072
64073
64074
64075
64076
64077
64078
64079
64080
64081
64082
64083
64084
64085
64086
64087
64088
64089
64090
64091
64092
64093
64094
64095
64096
64097
64098
64099
64100
64101
64102
64103
64104
64105
64106
64107
64108
64109
64110
64111
64112
64113
64114
64115
64116
64117
64118
64119
64120
64121
64122
64123
64124
64125
64126
64127
64128
64129
64130
64131
64132
64133
64134
64135
64136
64137
64138
64139
64140
64141
64142
64143
64144
64145
64146
64147
64148
64149
64150
64151
64152
64153
64154
64155
64156
64157
64158
64159
64160
64161
64162
64163
64164
64165
64166
64167
64168
64169
64170
64171
64172
64173
64174
64175
64176
64177
64178
64179
64180
64181
64182
64183
64184
64185
64186
64187
64188
64189
64190
64191
64192
64193
64194
64195
64196
64197
64198
64199
64200
64201
64202
64203
64204
64205
64206
64207
64208
64209
64210
64211
64212
64213
64214
64215
64216
64217
64218
64219
64220
64221
64222
64223
64224
64225
64226
64227
64228
64229
64230
64231
64232
64233
64234
64235
64236
64237
64238
64239
64240
64241
64242
64243
64244
64245
64246
64247
64248
64249
64250
64251
64252
64253
64254
64255
64256
64257
64258
64259
64260
64261
64262
64263
64264
64265
64266
64267
64268
64269
64270
64271
64272
64273
64274
64275
64276
64277
64278
64279
64280
64281
64282
64283
64284
64285
64286
64287
64288
64289
64290
64291
64292
64293
64294
64295
64296
64297
64298
64299
64300
64301
64302
64303
64304
64305
64306
64307
64308
64309
64310
64311
64312
64313
64314
64315
64316
64317
64318
64319
64320
64321
64322
64323
64324
64325
64326
64327
64328
64329
64330
64331
64332
64333
64334
64335
64336
64337
64338
64339
64340
64341
64342
64343
64344
64345
64346
64347
64348
64349
64350
64351
64352
64353
64354
64355
64356
64357
64358
64359
64360
64361
64362
64363
64364
64365
64366
64367
64368
64369
64370
64371
64372
64373
64374
64375
64376
64377
64378
64379
64380
64381
64382
64383
64384
64385
64386
64387
64388
64389
64390
64391
64392
64393
64394
64395
64396
64397
64398
64399
64400
64401
64402
64403
64404
64405
64406
64407
64408
64409
64410
64411
64412
64413
64414
64415
64416
64417
64418
64419
64420
64421
64422
64423
64424
64425
64426
64427
64428
64429
64430
64431
64432
64433
64434
64435
64436
64437
64438
64439
64440
64441
64442
64443
64444
64445
64446
64447
64448
64449
64450
64451
64452
64453
64454
64455
64456
64457
64458
64459
64460
64461
64462
64463
64464
64465
64466
64467
64468
64469
64470
64471
64472
64473
64474
64475
64476
64477
64478
64479
64480
64481
64482
64483
64484
64485
64486
64487
64488
64489
64490
64491
64492
64493
64494
64495
64496
64497
64498
64499
64500
64501
64502
64503
64504
64505
64506
64507
64508
64509
64510
64511
64512
64513
64514
64515
64516
64517
64518
64519
64520
64521
64522
64523
64524
64525
64526
64527
64528
64529
64530
64531
64532
64533
64534
64535
64536
64537
64538
64539
64540
64541
64542
64543
64544
64545
64546
64547
64548
64549
64550
64551
64552
64553
64554
64555
64556
64557
64558
64559
64560
64561
64562
64563
64564
64565
64566
64567
64568
64569
64570
64571
64572
64573
64574
64575
64576
64577
64578
64579
64580
64581
64582
64583
64584
64585
64586
64587
64588
64589
64590
64591
64592
64593
64594
64595
64596
64597
64598
64599
64600
64601
64602
64603
64604
64605
64606
64607
64608
64609
64610
64611
64612
64613
64614
64615
64616
64617
64618
64619
64620
64621
64622
64623
64624
64625
64626
64627
64628
64629
64630
64631
64632
64633
64634
64635
64636
64637
64638
64639
64640
64641
64642
64643
64644
64645
64646
64647
64648
64649
64650
64651
64652
64653
64654
64655
64656
64657
64658
64659
64660
64661
64662
64663
64664
64665
64666
64667
64668
64669
64670
64671
64672
64673
64674
64675
64676
64677
64678
64679
64680
64681
64682
64683
64684
64685
64686
64687
64688
64689
64690
64691
64692
64693
64694
64695
64696
64697
64698
64699
64700
64701
64702
64703
64704
64705
64706
64707
64708
64709
64710
64711
64712
64713
64714
64715
64716
64717
64718
64719
64720
64721
64722
64723
64724
64725
64726
64727
64728
64729
64730
64731
64732
64733
64734
64735
64736
64737
64738
64739
64740
64741
64742
64743
64744
64745
64746
64747
64748
64749
64750
64751
64752
64753
64754
64755
64756
64757
64758
64759
64760
64761
64762
64763
64764
64765
64766
64767
64768
64769
64770
64771
64772
64773
64774
64775
64776
64777
64778
64779
64780
64781
64782
64783
64784
64785
64786
64787
64788
64789
64790
64791
64792
64793
64794
64795
64796
64797
64798
64799
64800
64801
64802
64803
64804
64805
64806
64807
64808
64809
64810
64811
64812
64813
64814
64815
64816
64817
64818
64819
64820
64821
64822
64823
64824
64825
64826
64827
64828
64829
64830
64831
64832
64833
64834
64835
64836
64837
64838
64839
64840
64841
64842
64843
64844
64845
64846
64847
64848
64849
64850
64851
64852
64853
64854
64855
64856
64857
64858
64859
64860
64861
64862
64863
64864
64865
64866
64867
64868
64869
64870
64871
64872
64873
64874
64875
64876
64877
64878
64879
64880
64881
64882
64883
64884
64885
64886
64887
64888
64889
64890
64891
64892
64893
64894
64895
64896
64897
64898
64899
64900
64901
64902
64903
64904
64905
64906
64907
64908
64909
64910
64911
64912
64913
64914
64915
64916
64917
64918
64919
64920
64921
64922
64923
64924
64925
64926
64927
64928
64929
64930
64931
64932
64933
64934
64935
64936
64937
64938
64939
64940
64941
64942
64943
64944
64945
64946
64947
64948
64949
64950
64951
64952
64953
64954
64955
64956
64957
64958
64959
64960
64961
64962
64963
64964
64965
64966
64967
64968
64969
64970
64971
64972
64973
64974
64975
64976
64977
64978
64979
64980
64981
64982
64983
64984
64985
64986
64987
64988
64989
64990
64991
64992
64993
64994
64995
64996
64997
64998
64999
65000
65001
65002
65003
65004
65005
65006
65007
65008
65009
65010
65011
65012
65013
65014
65015
65016
65017
65018
65019
65020
65021
65022
65023
65024
65025
65026
65027
65028
65029
65030
65031
65032
65033
65034
65035
65036
65037
65038
65039
65040
65041
65042
65043
65044
65045
65046
65047
65048
65049
65050
65051
65052
65053
65054
65055
65056
65057
65058
65059
65060
65061
65062
65063
65064
65065
65066
65067
65068
65069
65070
65071
65072
65073
65074
65075
65076
65077
65078
65079
65080
65081
65082
65083
65084
65085
65086
65087
65088
65089
65090
65091
65092
65093
65094
65095
65096
65097
65098
65099
65100
65101
65102
65103
65104
65105
65106
65107
65108
65109
65110
65111
65112
65113
65114
65115
65116
65117
65118
65119
65120
65121
65122
65123
65124
65125
65126
65127
65128
65129
65130
65131
65132
65133
65134
65135
65136
65137
65138
65139
65140
65141
65142
65143
65144
65145
65146
65147
65148
65149
65150
65151
65152
65153
65154
65155
65156
65157
65158
65159
65160
65161
65162
65163
65164
65165
65166
65167
65168
65169
65170
65171
65172
65173
65174
65175
65176
65177
65178
65179
65180
65181
65182
65183
65184
65185
65186
65187
65188
65189
65190
65191
65192
65193
65194
65195
65196
65197
65198
65199
65200
65201
65202
65203
65204
65205
65206
65207
65208
65209
65210
65211
65212
65213
65214
65215
65216
65217
65218
65219
65220
65221
65222
65223
65224
65225
65226
65227
65228
65229
65230
65231
65232
65233
65234
65235
65236
65237
65238
65239
65240
65241
65242
65243
65244
65245
65246
65247
65248
65249
65250
65251
65252
65253
65254
65255
65256
65257
65258
65259
65260
65261
65262
65263
65264
65265
65266
65267
65268
65269
65270
65271
65272
65273
65274
65275
65276
65277
65278
65279
65280
65281
65282
65283
65284
65285
65286
65287
65288
65289
65290
65291
65292
65293
65294
65295
65296
65297
65298
65299
65300
65301
65302
65303
65304
65305
65306
65307
65308
65309
65310
65311
65312
65313
65314
65315
65316
65317
65318
65319
65320
65321
65322
65323
65324
65325
65326
65327
65328
65329
65330
65331
65332
65333
65334
65335
65336
65337
65338
65339
65340
65341
65342
65343
65344
65345
65346
65347
65348
65349
65350
65351
65352
65353
65354
65355
65356
65357
65358
65359
65360
65361
65362
65363
65364
65365
65366
65367
65368
65369
65370
65371
65372
65373
65374
65375
65376
65377
65378
65379
65380
65381
65382
65383
65384
65385
65386
65387
65388
65389
65390
65391
65392
65393
65394
65395
65396
65397
65398
65399
65400
65401
65402
65403
65404
65405
65406
65407
65408
65409
65410
65411
65412
65413
65414
65415
65416
65417
65418
65419
65420
65421
65422
65423
65424
65425
65426
65427
65428
65429
65430
65431
65432
65433
65434
65435
65436
65437
65438
65439
65440
65441
65442
65443
65444
65445
65446
65447
65448
65449
65450
65451
65452
65453
65454
65455
65456
65457
65458
65459
65460
65461
65462
65463
65464
65465
65466
65467
65468
65469
65470
65471
65472
65473
65474
65475
65476
65477
65478
65479
65480
65481
65482
65483
65484
65485
65486
65487
65488
65489
65490
65491
65492
65493
65494
65495
65496
65497
65498
65499
65500
65501
65502
65503
65504
65505
65506
65507
65508
65509
65510
65511
65512
65513
65514
65515
65516
65517
65518
65519
65520
65521
65522
65523
65524
65525
65526
65527
65528
65529
65530
65531
65532
65533
65534
65535
65536
65537
65538
65539
65540
65541
65542
65543
65544
65545
65546
65547
65548
65549
65550
65551
65552
65553
65554
65555
65556
65557
65558
65559
65560
65561
65562
65563
65564
65565
65566
65567
65568
65569
65570
65571
65572
65573
65574
65575
65576
65577
65578
65579
65580
65581
65582
65583
65584
65585
65586
65587
65588
65589
65590
65591
65592
65593
65594
65595
65596
65597
65598
65599
65600
65601
65602
65603
65604
65605
65606
65607
65608
65609
65610
65611
65612
65613
65614
65615
65616
65617
65618
65619
65620
65621
65622
65623
65624
65625
65626
65627
65628
65629
65630
65631
65632
65633
65634
65635
65636
65637
65638
65639
65640
65641
65642
65643
65644
65645
65646
65647
65648
65649
65650
65651
65652
65653
65654
65655
65656
65657
65658
65659
65660
65661
65662
65663
65664
65665
65666
65667
65668
65669
65670
65671
65672
65673
65674
65675
65676
65677
65678
65679
65680
65681
65682
65683
65684
65685
65686
65687
65688
65689
65690
65691
65692
65693
65694
65695
65696
65697
65698
65699
65700
65701
65702
65703
65704
65705
65706
65707
65708
65709
65710
65711
65712
65713
65714
65715
65716
65717
65718
65719
65720
65721
65722
65723
65724
65725
65726
65727
65728
65729
65730
65731
65732
65733
65734
65735
65736
65737
65738
65739
65740
65741
65742
65743
65744
65745
65746
65747
65748
65749
65750
65751
65752
65753
65754
65755
65756
65757
65758
65759
65760
65761
65762
65763
65764
65765
65766
65767
65768
65769
65770
65771
65772
65773
65774
65775
65776
65777
65778
65779
65780
65781
65782
65783
65784
65785
65786
65787
65788
65789
65790
65791
65792
65793
65794
65795
65796
65797
65798
65799
65800
65801
65802
65803
65804
65805
65806
65807
65808
65809
65810
65811
65812
65813
65814
65815
65816
65817
65818
65819
65820
65821
65822
65823
65824
65825
65826
65827
65828
65829
65830
65831
65832
65833
65834
65835
65836
65837
65838
65839
65840
65841
65842
65843
65844
65845
65846
65847
65848
65849
65850
65851
65852
65853
65854
65855
65856
65857
65858
65859
65860
65861
65862
65863
65864
65865
65866
65867
65868
65869
65870
65871
65872
65873
65874
65875
65876
65877
65878
65879
65880
65881
65882
65883
65884
65885
65886
65887
65888
65889
65890
65891
65892
65893
65894
65895
65896
65897
65898
65899
65900
65901
65902
65903
65904
65905
65906
65907
65908
65909
65910
65911
65912
65913
65914
65915
65916
65917
65918
65919
65920
65921
65922
65923
65924
65925
65926
65927
65928
65929
65930
65931
65932
65933
65934
65935
65936
65937
65938
65939
65940
65941
65942
65943
65944
65945
65946
65947
65948
65949
65950
65951
65952
65953
65954
65955
65956
65957
65958
65959
65960
65961
65962
65963
65964
65965
65966
65967
65968
65969
65970
65971
65972
65973
65974
65975
65976
65977
65978
65979
65980
65981
65982
65983
65984
65985
65986
65987
65988
65989
65990
65991
65992
65993
65994
65995
65996
65997
65998
65999
66000
66001
66002
66003
66004
66005
66006
66007
66008
66009
66010
66011
66012
66013
66014
66015
66016
66017
66018
66019
66020
66021
66022
66023
66024
66025
66026
66027
66028
66029
66030
66031
66032
66033
66034
66035
66036
66037
66038
66039
66040
66041
66042
66043
66044
66045
66046
66047
66048
66049
66050
66051
66052
66053
66054
66055
66056
66057
66058
66059
66060
66061
66062
66063
66064
66065
66066
66067
66068
66069
66070
66071
66072
66073
66074
66075
66076
66077
66078
66079
66080
66081
66082
66083
66084
66085
66086
66087
66088
66089
66090
66091
66092
66093
66094
66095
66096
66097
66098
66099
66100
66101
66102
66103
66104
66105
66106
66107
66108
66109
66110
66111
66112
66113
66114
66115
66116
66117
66118
66119
66120
66121
66122
66123
66124
66125
66126
66127
66128
66129
66130
66131
66132
66133
66134
66135
66136
66137
66138
66139
66140
66141
66142
66143
66144
66145
66146
66147
66148
66149
66150
66151
66152
66153
66154
66155
66156
66157
66158
66159
66160
66161
66162
66163
66164
66165
66166
66167
66168
66169
66170
66171
66172
66173
66174
66175
66176
66177
66178
66179
66180
66181
66182
66183
66184
66185
66186
66187
66188
66189
66190
66191
66192
66193
66194
66195
66196
66197
66198
66199
66200
66201
66202
66203
66204
66205
66206
66207
66208
66209
66210
66211
66212
66213
66214
66215
66216
66217
66218
66219
66220
66221
66222
66223
66224
66225
66226
66227
66228
66229
66230
66231
66232
66233
66234
66235
66236
66237
66238
66239
66240
66241
66242
66243
66244
66245
66246
66247
66248
66249
66250
66251
66252
66253
66254
66255
66256
66257
66258
66259
66260
66261
66262
66263
66264
66265
66266
66267
66268
66269
66270
66271
66272
66273
66274
66275
66276
66277
66278
66279
66280
66281
66282
66283
66284
66285
66286
66287
66288
66289
66290
66291
66292
66293
66294
66295
66296
66297
66298
66299
66300
66301
66302
66303
66304
66305
66306
66307
66308
66309
66310
66311
66312
66313
66314
66315
66316
66317
66318
66319
66320
66321
66322
66323
66324
66325
66326
66327
66328
66329
66330
66331
66332
66333
66334
66335
66336
66337
66338
66339
66340
66341
66342
66343
66344
66345
66346
66347
66348
66349
66350
66351
66352
66353
66354
66355
66356
66357
66358
66359
66360
66361
66362
66363
66364
66365
66366
66367
66368
66369
66370
66371
66372
66373
66374
66375
66376
66377
66378
66379
66380
66381
66382
66383
66384
66385
66386
66387
66388
66389
66390
66391
66392
66393
66394
66395
66396
66397
66398
66399
66400
66401
66402
66403
66404
66405
66406
66407
66408
66409
66410
66411
66412
66413
66414
66415
66416
66417
66418
66419
66420
66421
66422
66423
66424
66425
66426
66427
66428
66429
66430
66431
66432
66433
66434
66435
66436
66437
66438
66439
66440
66441
66442
66443
66444
66445
66446
66447
66448
66449
66450
66451
66452
66453
66454
66455
66456
66457
66458
66459
66460
66461
66462
66463
66464
66465
66466
66467
66468
66469
66470
66471
66472
66473
66474
66475
66476
66477
66478
66479
66480
66481
66482
66483
66484
66485
66486
66487
66488
66489
66490
66491
66492
66493
66494
66495
66496
66497
66498
66499
66500
66501
66502
66503
66504
66505
66506
66507
66508
66509
66510
66511
66512
66513
66514
66515
66516
66517
66518
66519
66520
66521
66522
66523
66524
66525
66526
66527
66528
66529
66530
66531
66532
66533
66534
66535
66536
66537
66538
66539
66540
66541
66542
66543
66544
66545
66546
66547
66548
66549
66550
66551
66552
66553
66554
66555
66556
66557
66558
66559
66560
66561
66562
66563
66564
66565
66566
66567
66568
66569
66570
66571
66572
66573
66574
66575
66576
66577
66578
66579
66580
66581
66582
66583
66584
66585
66586
66587
66588
66589
66590
66591
66592
66593
66594
66595
66596
66597
66598
66599
66600
66601
66602
66603
66604
66605
66606
66607
66608
66609
66610
66611
66612
66613
66614
66615
66616
66617
66618
66619
66620
66621
66622
66623
66624
66625
66626
66627
66628
66629
66630
66631
66632
66633
66634
66635
66636
66637
66638
66639
66640
66641
66642
66643
66644
66645
66646
66647
66648
66649
66650
66651
66652
66653
66654
66655
66656
66657
66658
66659
66660
66661
66662
66663
66664
66665
66666
66667
66668
66669
66670
66671
66672
66673
66674
66675
66676
66677
66678
66679
66680
66681
66682
66683
66684
66685
66686
66687
66688
66689
66690
66691
66692
66693
66694
66695
66696
66697
66698
66699
66700
66701
66702
66703
66704
66705
66706
66707
66708
66709
66710
66711
66712
66713
66714
66715
66716
66717
66718
66719
66720
66721
66722
66723
66724
66725
66726
66727
66728
66729
66730
66731
66732
66733
66734
66735
66736
66737
66738
66739
66740
66741
66742
66743
66744
66745
66746
66747
66748
66749
66750
66751
66752
66753
66754
66755
66756
66757
66758
66759
66760
66761
66762
66763
66764
66765
66766
66767
66768
66769
66770
66771
66772
66773
66774
66775
66776
66777
66778
66779
66780
66781
66782
66783
66784
66785
66786
66787
66788
66789
66790
66791
66792
66793
66794
66795
66796
66797
66798
66799
66800
66801
66802
66803
66804
66805
66806
66807
66808
66809
66810
66811
66812
66813
66814
66815
66816
66817
66818
66819
66820
66821
66822
66823
66824
66825
66826
66827
66828
66829
66830
66831
66832
66833
66834
66835
66836
66837
66838
66839
66840
66841
66842
66843
66844
66845
66846
66847
66848
66849
66850
66851
66852
66853
66854
66855
66856
66857
66858
66859
66860
66861
66862
66863
66864
66865
66866
66867
66868
66869
66870
66871
66872
66873
66874
66875
66876
66877
66878
66879
66880
66881
66882
66883
66884
66885
66886
66887
66888
66889
66890
66891
66892
66893
66894
66895
66896
66897
66898
66899
66900
66901
66902
66903
66904
66905
66906
66907
66908
66909
66910
66911
66912
66913
66914
66915
66916
66917
66918
66919
66920
66921
66922
66923
66924
66925
66926
66927
66928
66929
66930
66931
66932
66933
66934
66935
66936
66937
66938
66939
66940
66941
66942
66943
66944
66945
66946
66947
66948
66949
66950
66951
66952
66953
66954
66955
66956
66957
66958
66959
66960
66961
66962
66963
66964
66965
66966
66967
66968
66969
66970
66971
66972
66973
66974
66975
66976
66977
66978
66979
66980
66981
66982
66983
66984
66985
66986
66987
66988
66989
66990
66991
66992
66993
66994
66995
66996
66997
66998
66999
67000
67001
67002
67003
67004
67005
67006
67007
67008
67009
67010
67011
67012
67013
67014
67015
67016
67017
67018
67019
67020
67021
67022
67023
67024
67025
67026
67027
67028
67029
67030
67031
67032
67033
67034
67035
67036
67037
67038
67039
67040
67041
67042
67043
67044
67045
67046
67047
67048
67049
67050
67051
67052
67053
67054
67055
67056
67057
67058
67059
67060
67061
67062
67063
67064
67065
67066
67067
67068
67069
67070
67071
67072
67073
67074
67075
67076
67077
67078
67079
67080
67081
67082
67083
67084
67085
67086
67087
67088
67089
67090
67091
67092
67093
67094
67095
67096
67097
67098
67099
67100
67101
67102
67103
67104
67105
67106
67107
67108
67109
67110
67111
67112
67113
67114
67115
67116
67117
67118
67119
67120
67121
67122
67123
67124
67125
67126
67127
67128
67129
67130
67131
67132
67133
67134
67135
67136
67137
67138
67139
67140
67141
67142
67143
67144
67145
67146
67147
67148
67149
67150
67151
67152
67153
67154
67155
67156
67157
67158
67159
67160
67161
67162
67163
67164
67165
67166
67167
67168
67169
67170
67171
67172
67173
67174
67175
67176
67177
67178
67179
67180
67181
67182
67183
67184
67185
67186
67187
67188
67189
67190
67191
67192
67193
67194
67195
67196
67197
67198
67199
67200
67201
67202
67203
67204
67205
67206
67207
67208
67209
67210
67211
67212
67213
67214
67215
67216
67217
67218
67219
67220
67221
67222
67223
67224
67225
67226
67227
67228
67229
67230
67231
67232
67233
67234
67235
67236
67237
67238
67239
67240
67241
67242
67243
67244
67245
67246
67247
67248
67249
67250
67251
67252
67253
67254
67255
67256
67257
67258
67259
67260
67261
67262
67263
67264
67265
67266
67267
67268
67269
67270
67271
67272
67273
67274
67275
67276
67277
67278
67279
67280
67281
67282
67283
67284
67285
67286
67287
67288
67289
67290
67291
67292
67293
67294
67295
67296
67297
67298
67299
67300
67301
67302
67303
67304
67305
67306
67307
67308
67309
67310
67311
67312
67313
67314
67315
67316
67317
67318
67319
67320
67321
67322
67323
67324
67325
67326
67327
67328
67329
67330
67331
67332
67333
67334
67335
67336
67337
67338
67339
67340
67341
67342
67343
67344
67345
67346
67347
67348
67349
67350
67351
67352
67353
67354
67355
67356
67357
67358
67359
67360
67361
67362
67363
67364
67365
67366
67367
67368
67369
67370
67371
67372
67373
67374
67375
67376
67377
67378
67379
67380
67381
67382
67383
67384
67385
67386
67387
67388
67389
67390
67391
67392
67393
67394
67395
67396
67397
67398
67399
67400
67401
67402
67403
67404
67405
67406
67407
67408
67409
67410
67411
67412
67413
67414
67415
67416
67417
67418
67419
67420
67421
67422
67423
67424
67425
67426
67427
67428
67429
67430
67431
67432
67433
67434
67435
67436
67437
67438
67439
67440
67441
67442
67443
67444
67445
67446
67447
67448
67449
67450
67451
67452
67453
67454
67455
67456
67457
67458
67459
67460
67461
67462
67463
67464
67465
67466
67467
67468
67469
67470
67471
67472
67473
67474
67475
67476
67477
67478
67479
67480
67481
67482
67483
67484
67485
67486
67487
67488
67489
67490
67491
67492
67493
67494
67495
67496
67497
67498
67499
67500
67501
67502
67503
67504
67505
67506
67507
67508
67509
67510
67511
67512
67513
67514
67515
67516
67517
67518
67519
67520
67521
67522
67523
67524
67525
67526
67527
67528
67529
67530
67531
67532
67533
67534
67535
67536
67537
67538
67539
67540
67541
67542
67543
67544
67545
67546
67547
67548
67549
67550
67551
67552
67553
67554
67555
67556
67557
67558
67559
67560
67561
67562
67563
67564
67565
67566
67567
67568
67569
67570
67571
67572
67573
67574
67575
67576
67577
67578
67579
67580
67581
67582
67583
67584
67585
67586
67587
67588
67589
67590
67591
67592
67593
67594
67595
67596
67597
67598
67599
67600
67601
67602
67603
67604
67605
67606
67607
67608
67609
67610
67611
67612
67613
67614
67615
67616
67617
67618
67619
67620
67621
67622
67623
67624
67625
67626
67627
67628
67629
67630
67631
67632
67633
67634
67635
67636
67637
67638
67639
67640
67641
67642
67643
67644
67645
67646
67647
67648
67649
67650
67651
67652
67653
67654
67655
67656
67657
67658
67659
67660
67661
67662
67663
67664
67665
67666
67667
67668
67669
67670
67671
67672
67673
67674
67675
67676
67677
67678
67679
67680
67681
67682
67683
67684
67685
67686
67687
67688
67689
67690
67691
67692
67693
67694
67695
67696
67697
67698
67699
67700
67701
67702
67703
67704
67705
67706
67707
67708
67709
67710
67711
67712
67713
67714
67715
67716
67717
67718
67719
67720
67721
67722
67723
67724
67725
67726
67727
67728
67729
67730
67731
67732
67733
67734
67735
67736
67737
67738
67739
67740
67741
67742
67743
67744
67745
67746
67747
67748
67749
67750
67751
67752
67753
67754
67755
67756
67757
67758
67759
67760
67761
67762
67763
67764
67765
67766
67767
67768
67769
67770
67771
67772
67773
67774
67775
67776
67777
67778
67779
67780
67781
67782
67783
67784
67785
67786
67787
67788
67789
67790
67791
67792
67793
67794
67795
67796
67797
67798
67799
67800
67801
67802
67803
67804
67805
67806
67807
67808
67809
67810
67811
67812
67813
67814
67815
67816
67817
67818
67819
67820
67821
67822
67823
67824
67825
67826
67827
67828
67829
67830
67831
67832
67833
67834
67835
67836
67837
67838
67839
67840
67841
67842
67843
67844
67845
67846
67847
67848
67849
67850
67851
67852
67853
67854
67855
67856
67857
67858
67859
67860
67861
67862
67863
67864
67865
67866
67867
67868
67869
67870
67871
67872
67873
67874
67875
67876
67877
67878
67879
67880
67881
67882
67883
67884
67885
67886
67887
67888
67889
67890
67891
67892
67893
67894
67895
67896
67897
67898
67899
67900
67901
67902
67903
67904
67905
67906
67907
67908
67909
67910
67911
67912
67913
67914
67915
67916
67917
67918
67919
67920
67921
67922
67923
67924
67925
67926
67927
67928
67929
67930
67931
67932
67933
67934
67935
67936
67937
67938
67939
67940
67941
67942
67943
67944
67945
67946
67947
67948
67949
67950
67951
67952
67953
67954
67955
67956
67957
67958
67959
67960
67961
67962
67963
67964
67965
67966
67967
67968
67969
67970
67971
67972
67973
67974
67975
67976
67977
67978
67979
67980
67981
67982
67983
67984
67985
67986
67987
67988
67989
67990
67991
67992
67993
67994
67995
67996
67997
67998
67999
68000
68001
68002
68003
68004
68005
68006
68007
68008
68009
68010
68011
68012
68013
68014
68015
68016
68017
68018
68019
68020
68021
68022
68023
68024
68025
68026
68027
68028
68029
68030
68031
68032
68033
68034
68035
68036
68037
68038
68039
68040
68041
68042
68043
68044
68045
68046
68047
68048
68049
68050
68051
68052
68053
68054
68055
68056
68057
68058
68059
68060
68061
68062
68063
68064
68065
68066
68067
68068
68069
68070
68071
68072
68073
68074
68075
68076
68077
68078
68079
68080
68081
68082
68083
68084
68085
68086
68087
68088
68089
68090
68091
68092
68093
68094
68095
68096
68097
68098
68099
68100
68101
68102
68103
68104
68105
68106
68107
68108
68109
68110
68111
68112
68113
68114
68115
68116
68117
68118
68119
68120
68121
68122
68123
68124
68125
68126
68127
68128
68129
68130
68131
68132
68133
68134
68135
68136
68137
68138
68139
68140
68141
68142
68143
68144
68145
68146
68147
68148
68149
68150
68151
68152
68153
68154
68155
68156
68157
68158
68159
68160
68161
68162
68163
68164
68165
68166
68167
68168
68169
68170
68171
68172
68173
68174
68175
68176
68177
68178
68179
68180
68181
68182
68183
68184
68185
68186
68187
68188
68189
68190
68191
68192
68193
68194
68195
68196
68197
68198
68199
68200
68201
68202
68203
68204
68205
68206
68207
68208
68209
68210
68211
68212
68213
68214
68215
68216
68217
68218
68219
68220
68221
68222
68223
68224
68225
68226
68227
68228
68229
68230
68231
68232
68233
68234
68235
68236
68237
68238
68239
68240
68241
68242
68243
68244
68245
68246
68247
68248
68249
68250
68251
68252
68253
68254
68255
68256
68257
68258
68259
68260
68261
68262
68263
68264
68265
68266
68267
68268
68269
68270
68271
68272
68273
68274
68275
68276
68277
68278
68279
68280
68281
68282
68283
68284
68285
68286
68287
68288
68289
68290
68291
68292
68293
68294
68295
68296
68297
68298
68299
68300
68301
68302
68303
68304
68305
68306
68307
68308
68309
68310
68311
68312
68313
68314
68315
68316
68317
68318
68319
68320
68321
68322
68323
68324
68325
68326
68327
68328
68329
68330
68331
68332
68333
68334
68335
68336
68337
68338
68339
68340
68341
68342
68343
68344
68345
68346
68347
68348
68349
68350
68351
68352
68353
68354
68355
68356
68357
68358
68359
68360
68361
68362
68363
68364
68365
68366
68367
68368
68369
68370
68371
68372
68373
68374
68375
68376
68377
68378
68379
68380
68381
68382
68383
68384
68385
68386
68387
68388
68389
68390
68391
68392
68393
68394
68395
68396
68397
68398
68399
68400
68401
68402
68403
68404
68405
68406
68407
68408
68409
68410
68411
68412
68413
68414
68415
68416
68417
68418
68419
68420
68421
68422
68423
68424
68425
68426
68427
68428
68429
68430
68431
68432
68433
68434
68435
68436
68437
68438
68439
68440
68441
68442
68443
68444
68445
68446
68447
68448
68449
68450
68451
68452
68453
68454
68455
68456
68457
68458
68459
68460
68461
68462
68463
68464
68465
68466
68467
68468
68469
68470
68471
68472
68473
68474
68475
68476
68477
68478
68479
68480
68481
68482
68483
68484
68485
68486
68487
68488
68489
68490
68491
68492
68493
68494
68495
68496
68497
68498
68499
68500
68501
68502
68503
68504
68505
68506
68507
68508
68509
68510
68511
68512
68513
68514
68515
68516
68517
68518
68519
68520
68521
68522
68523
68524
68525
68526
68527
68528
68529
68530
68531
68532
68533
68534
68535
68536
68537
68538
68539
68540
68541
68542
68543
68544
68545
68546
68547
68548
68549
68550
68551
68552
68553
68554
68555
68556
68557
68558
68559
68560
68561
68562
68563
68564
68565
68566
68567
68568
68569
68570
68571
68572
68573
68574
68575
68576
68577
68578
68579
68580
68581
68582
68583
68584
68585
68586
68587
68588
68589
68590
68591
68592
68593
68594
68595
68596
68597
68598
68599
68600
68601
68602
68603
68604
68605
68606
68607
68608
68609
68610
68611
68612
68613
68614
68615
68616
68617
68618
68619
68620
68621
68622
68623
68624
68625
68626
68627
68628
68629
68630
68631
68632
68633
68634
68635
68636
68637
68638
68639
68640
68641
68642
68643
68644
68645
68646
68647
68648
68649
68650
68651
68652
68653
68654
68655
68656
68657
68658
68659
68660
68661
68662
68663
68664
68665
68666
68667
68668
68669
68670
68671
68672
68673
68674
68675
68676
68677
68678
68679
68680
68681
68682
68683
68684
68685
68686
68687
68688
68689
68690
68691
68692
68693
68694
68695
68696
68697
68698
68699
68700
68701
68702
68703
68704
68705
68706
68707
68708
68709
68710
68711
68712
68713
68714
68715
68716
68717
68718
68719
68720
68721
68722
68723
68724
68725
68726
68727
68728
68729
68730
68731
68732
68733
68734
68735
68736
68737
68738
68739
68740
68741
68742
68743
68744
68745
68746
68747
68748
68749
68750
68751
68752
68753
68754
68755
68756
68757
68758
68759
68760
68761
68762
68763
68764
68765
68766
68767
68768
68769
68770
68771
68772
68773
68774
68775
68776
68777
68778
68779
68780
68781
68782
68783
68784
68785
68786
68787
68788
68789
68790
68791
68792
68793
68794
68795
68796
68797
68798
68799
68800
68801
68802
68803
68804
68805
68806
68807
68808
68809
68810
68811
68812
68813
68814
68815
68816
68817
68818
68819
68820
68821
68822
68823
68824
68825
68826
68827
68828
68829
68830
68831
68832
68833
68834
68835
68836
68837
68838
68839
68840
68841
68842
68843
68844
68845
68846
68847
68848
68849
68850
68851
68852
68853
68854
68855
68856
68857
68858
68859
68860
68861
68862
68863
68864
68865
68866
68867
68868
68869
68870
68871
68872
68873
68874
68875
68876
68877
68878
68879
68880
68881
68882
68883
68884
68885
68886
68887
68888
68889
68890
68891
68892
68893
68894
68895
68896
68897
68898
68899
68900
68901
68902
68903
68904
68905
68906
68907
68908
68909
68910
68911
68912
68913
68914
68915
68916
68917
68918
68919
68920
68921
68922
68923
68924
68925
68926
68927
68928
68929
68930
68931
68932
68933
68934
68935
68936
68937
68938
68939
68940
68941
68942
68943
68944
68945
68946
68947
68948
68949
68950
68951
68952
68953
68954
68955
68956
68957
68958
68959
68960
68961
68962
68963
68964
68965
68966
68967
68968
68969
68970
68971
68972
68973
68974
68975
68976
68977
68978
68979
68980
68981
68982
68983
68984
68985
68986
68987
68988
68989
68990
68991
68992
68993
68994
68995
68996
68997
68998
68999
69000
69001
69002
69003
69004
69005
69006
69007
69008
69009
69010
69011
69012
69013
69014
69015
69016
69017
69018
69019
69020
69021
69022
69023
69024
69025
69026
69027
69028
69029
69030
69031
69032
69033
69034
69035
69036
69037
69038
69039
69040
69041
69042
69043
69044
69045
69046
69047
69048
69049
69050
69051
69052
69053
69054
69055
69056
69057
69058
69059
69060
69061
69062
69063
69064
69065
69066
69067
69068
69069
69070
69071
69072
69073
69074
69075
69076
69077
69078
69079
69080
69081
69082
69083
69084
69085
69086
69087
69088
69089
69090
69091
69092
69093
69094
69095
69096
69097
69098
69099
69100
69101
69102
69103
69104
69105
69106
69107
69108
69109
69110
69111
69112
69113
69114
69115
69116
69117
69118
69119
69120
69121
69122
69123
69124
69125
69126
69127
69128
69129
69130
69131
69132
69133
69134
69135
69136
69137
69138
69139
69140
69141
69142
69143
69144
69145
69146
69147
69148
69149
69150
69151
69152
69153
69154
69155
69156
69157
69158
69159
69160
69161
69162
69163
69164
69165
69166
69167
69168
69169
69170
69171
69172
69173
69174
69175
69176
69177
69178
69179
69180
69181
69182
69183
69184
69185
69186
69187
69188
69189
69190
69191
69192
69193
69194
69195
69196
69197
69198
69199
69200
69201
69202
69203
69204
69205
69206
69207
69208
69209
69210
69211
69212
69213
69214
69215
69216
69217
69218
69219
69220
69221
69222
69223
69224
69225
69226
69227
69228
69229
69230
69231
69232
69233
69234
69235
69236
69237
69238
69239
69240
69241
69242
69243
69244
69245
69246
69247
69248
69249
69250
69251
69252
69253
69254
69255
69256
69257
69258
69259
69260
69261
69262
69263
69264
69265
69266
69267
69268
69269
69270
69271
69272
69273
69274
69275
69276
69277
69278
69279
69280
69281
69282
69283
69284
69285
69286
69287
69288
69289
69290
69291
69292
69293
69294
69295
69296
69297
69298
69299
69300
69301
69302
69303
69304
69305
69306
69307
69308
69309
69310
69311
69312
69313
69314
69315
69316
69317
69318
69319
69320
69321
69322
69323
69324
69325
69326
69327
69328
69329
69330
69331
69332
69333
69334
69335
69336
69337
69338
69339
69340
69341
69342
69343
69344
69345
69346
69347
69348
69349
69350
69351
69352
69353
69354
69355
69356
69357
69358
69359
69360
69361
69362
69363
69364
69365
69366
69367
69368
69369
69370
69371
69372
69373
69374
69375
69376
69377
69378
69379
69380
69381
69382
69383
69384
69385
69386
69387
69388
69389
69390
69391
69392
69393
69394
69395
69396
69397
69398
69399
69400
69401
69402
69403
69404
69405
69406
69407
69408
69409
69410
69411
69412
69413
69414
69415
69416
69417
69418
69419
69420
69421
69422
69423
69424
69425
69426
69427
69428
69429
69430
69431
69432
69433
69434
69435
69436
69437
69438
69439
69440
69441
69442
69443
69444
69445
69446
69447
69448
69449
69450
69451
69452
69453
69454
69455
69456
69457
69458
69459
69460
69461
69462
69463
69464
69465
69466
69467
69468
69469
69470
69471
69472
69473
69474
69475
69476
69477
69478
69479
69480
69481
69482
69483
69484
69485
69486
69487
69488
69489
69490
69491
69492
69493
69494
69495
69496
69497
69498
69499
69500
69501
69502
69503
69504
69505
69506
69507
69508
69509
69510
69511
69512
69513
69514
69515
69516
69517
69518
69519
69520
69521
69522
69523
69524
69525
69526
69527
69528
69529
69530
69531
69532
69533
69534
69535
69536
69537
69538
69539
69540
69541
69542
69543
69544
69545
69546
69547
69548
69549
69550
69551
69552
69553
69554
69555
69556
69557
69558
69559
69560
69561
69562
69563
69564
69565
69566
69567
69568
69569
69570
69571
69572
69573
69574
69575
69576
69577
69578
69579
69580
69581
69582
69583
69584
69585
69586
69587
69588
69589
69590
69591
69592
69593
69594
69595
69596
69597
69598
69599
69600
69601
69602
69603
69604
69605
69606
69607
69608
69609
69610
69611
69612
69613
69614
69615
69616
69617
69618
69619
69620
69621
69622
69623
69624
69625
69626
69627
69628
69629
69630
69631
69632
69633
69634
69635
69636
69637
69638
69639
69640
69641
69642
69643
69644
69645
69646
69647
69648
69649
69650
69651
69652
69653
69654
69655
69656
69657
69658
69659
69660
69661
69662
69663
69664
69665
69666
69667
69668
69669
69670
69671
69672
69673
69674
69675
69676
69677
69678
69679
69680
69681
69682
69683
69684
69685
69686
69687
69688
69689
69690
69691
69692
69693
69694
69695
69696
69697
69698
69699
69700
69701
69702
69703
69704
69705
69706
69707
69708
69709
69710
69711
69712
69713
69714
69715
69716
69717
69718
69719
69720
69721
69722
69723
69724
69725
69726
69727
69728
69729
69730
69731
69732
69733
69734
69735
69736
69737
69738
69739
69740
69741
69742
69743
69744
69745
69746
69747
69748
69749
69750
69751
69752
69753
69754
69755
69756
69757
69758
69759
69760
69761
69762
69763
69764
69765
69766
69767
69768
69769
69770
69771
69772
69773
69774
69775
69776
69777
69778
69779
69780
69781
69782
69783
69784
69785
69786
69787
69788
69789
69790
69791
69792
69793
69794
69795
69796
69797
69798
69799
69800
69801
69802
69803
69804
69805
69806
69807
69808
69809
69810
69811
69812
69813
69814
69815
69816
69817
69818
69819
69820
69821
69822
69823
69824
69825
69826
69827
69828
69829
69830
69831
69832
69833
69834
69835
69836
69837
69838
69839
69840
69841
69842
69843
69844
69845
69846
69847
69848
69849
69850
69851
69852
69853
69854
69855
69856
69857
69858
69859
69860
69861
69862
69863
69864
69865
69866
69867
69868
69869
69870
69871
69872
69873
69874
69875
69876
69877
69878
69879
69880
69881
69882
69883
69884
69885
69886
69887
69888
69889
69890
69891
69892
69893
69894
69895
69896
69897
69898
69899
69900
69901
69902
69903
69904
69905
69906
69907
69908
69909
69910
69911
69912
69913
69914
69915
69916
69917
69918
69919
69920
69921
69922
69923
69924
69925
69926
69927
69928
69929
69930
69931
69932
69933
69934
69935
69936
69937
69938
69939
69940
69941
69942
69943
69944
69945
69946
69947
69948
69949
69950
69951
69952
69953
69954
69955
69956
69957
69958
69959
69960
69961
69962
69963
69964
69965
69966
69967
69968
69969
69970
69971
69972
69973
69974
69975
69976
69977
69978
69979
69980
69981
69982
69983
69984
69985
69986
69987
69988
69989
69990
69991
69992
69993
69994
69995
69996
69997
69998
69999
70000
70001
70002
70003
70004
70005
70006
70007
70008
70009
70010
70011
70012
70013
70014
70015
70016
70017
70018
70019
70020
70021
70022
70023
70024
70025
70026
70027
70028
70029
70030
70031
70032
70033
70034
70035
70036
70037
70038
70039
70040
70041
70042
70043
70044
70045
70046
70047
70048
70049
70050
70051
70052
70053
70054
70055
70056
70057
70058
70059
70060
70061
70062
70063
70064
70065
70066
70067
70068
70069
70070
70071
70072
70073
70074
70075
70076
70077
70078
70079
70080
70081
70082
70083
70084
70085
70086
70087
70088
70089
70090
70091
70092
70093
70094
70095
70096
70097
70098
70099
70100
70101
70102
70103
70104
70105
70106
70107
70108
70109
70110
70111
70112
70113
70114
70115
70116
70117
70118
70119
70120
70121
70122
70123
70124
70125
70126
70127
70128
70129
70130
70131
70132
70133
70134
70135
70136
70137
70138
70139
70140
70141
70142
70143
70144
70145
70146
70147
70148
70149
70150
70151
70152
70153
70154
70155
70156
70157
70158
70159
70160
70161
70162
70163
70164
70165
70166
70167
70168
70169
70170
70171
70172
70173
70174
70175
70176
70177
70178
70179
70180
70181
70182
70183
70184
70185
70186
70187
70188
70189
70190
70191
70192
70193
70194
70195
70196
70197
70198
70199
70200
70201
70202
70203
70204
70205
70206
70207
70208
70209
70210
70211
70212
70213
70214
70215
70216
70217
70218
70219
70220
70221
70222
70223
70224
70225
70226
70227
70228
70229
70230
70231
70232
70233
70234
70235
70236
70237
70238
70239
70240
70241
70242
70243
70244
70245
70246
70247
70248
70249
70250
70251
70252
70253
70254
70255
70256
70257
70258
70259
70260
70261
70262
70263
70264
70265
70266
70267
70268
70269
70270
70271
70272
70273
70274
70275
70276
70277
70278
70279
70280
70281
70282
70283
70284
70285
70286
70287
70288
70289
70290
70291
70292
70293
70294
70295
70296
70297
70298
70299
70300
70301
70302
70303
70304
70305
70306
70307
70308
70309
70310
70311
70312
70313
70314
70315
70316
70317
70318
70319
70320
70321
70322
70323
70324
70325
70326
70327
70328
70329
70330
70331
70332
70333
70334
70335
70336
70337
70338
70339
70340
70341
70342
70343
70344
70345
70346
70347
70348
70349
70350
70351
70352
70353
70354
70355
70356
70357
70358
70359
70360
70361
70362
70363
70364
70365
70366
70367
70368
70369
70370
70371
70372
70373
70374
70375
70376
70377
70378
70379
70380
70381
70382
70383
70384
70385
70386
70387
70388
70389
70390
70391
70392
70393
70394
70395
70396
70397
70398
70399
70400
70401
70402
70403
70404
70405
70406
70407
70408
70409
70410
70411
70412
70413
70414
70415
70416
70417
70418
70419
70420
70421
70422
70423
70424
70425
70426
70427
70428
70429
70430
70431
70432
70433
70434
70435
70436
70437
70438
70439
70440
70441
70442
70443
70444
70445
70446
70447
70448
70449
70450
70451
70452
70453
70454
70455
70456
70457
70458
70459
70460
70461
70462
70463
70464
70465
70466
70467
70468
70469
70470
70471
70472
70473
70474
70475
70476
70477
70478
70479
70480
70481
70482
70483
70484
70485
70486
70487
70488
70489
70490
70491
70492
70493
70494
70495
70496
70497
70498
70499
70500
70501
70502
70503
70504
70505
70506
70507
70508
70509
70510
70511
70512
70513
70514
70515
70516
70517
70518
70519
70520
70521
70522
70523
70524
70525
70526
70527
70528
70529
70530
70531
70532
70533
70534
70535
70536
70537
70538
70539
70540
70541
70542
70543
70544
70545
70546
70547
70548
70549
70550
70551
70552
70553
70554
70555
70556
70557
70558
70559
70560
70561
70562
70563
70564
70565
70566
70567
70568
70569
70570
70571
70572
70573
70574
70575
70576
70577
70578
70579
70580
70581
70582
70583
70584
70585
70586
70587
70588
70589
70590
70591
70592
70593
70594
70595
70596
70597
70598
70599
70600
70601
70602
70603
70604
70605
70606
70607
70608
70609
70610
70611
70612
70613
70614
70615
70616
70617
70618
70619
70620
70621
70622
70623
70624
70625
70626
70627
70628
70629
70630
70631
70632
70633
70634
70635
70636
70637
70638
70639
70640
70641
70642
70643
70644
70645
70646
70647
70648
70649
70650
70651
70652
70653
70654
70655
70656
70657
70658
70659
70660
70661
70662
70663
70664
70665
70666
70667
70668
70669
70670
70671
70672
70673
70674
70675
70676
70677
70678
70679
70680
70681
70682
70683
70684
70685
70686
70687
70688
70689
70690
70691
70692
70693
70694
70695
70696
70697
70698
70699
70700
70701
70702
70703
70704
70705
70706
70707
70708
70709
70710
70711
70712
70713
70714
70715
70716
70717
70718
70719
70720
70721
70722
70723
70724
70725
70726
70727
70728
70729
70730
70731
70732
70733
70734
70735
70736
70737
70738
70739
70740
70741
70742
70743
70744
70745
70746
70747
70748
70749
70750
70751
70752
70753
70754
70755
70756
70757
70758
70759
70760
70761
70762
70763
70764
70765
70766
70767
70768
70769
70770
70771
70772
70773
70774
70775
70776
70777
70778
70779
70780
70781
70782
70783
70784
70785
70786
70787
70788
70789
70790
70791
70792
70793
70794
70795
70796
70797
70798
70799
70800
70801
70802
70803
70804
70805
70806
70807
70808
70809
70810
70811
70812
70813
70814
70815
70816
70817
70818
70819
70820
70821
70822
70823
70824
70825
70826
70827
70828
70829
70830
70831
70832
70833
70834
70835
70836
70837
70838
70839
70840
70841
70842
70843
70844
70845
70846
70847
70848
70849
70850
70851
70852
70853
70854
70855
70856
70857
70858
70859
70860
70861
70862
70863
70864
70865
70866
70867
70868
70869
70870
70871
70872
70873
70874
70875
70876
70877
70878
70879
70880
70881
70882
70883
70884
70885
70886
70887
70888
70889
70890
70891
70892
70893
70894
70895
70896
70897
70898
70899
70900
70901
70902
70903
70904
70905
70906
70907
70908
70909
70910
70911
70912
70913
70914
70915
70916
70917
70918
70919
70920
70921
70922
70923
70924
70925
70926
70927
70928
70929
70930
70931
70932
70933
70934
70935
70936
70937
70938
70939
70940
70941
70942
70943
70944
70945
70946
70947
70948
70949
70950
70951
70952
70953
70954
70955
70956
70957
70958
70959
70960
70961
70962
70963
70964
70965
70966
70967
70968
70969
70970
70971
70972
70973
70974
70975
70976
70977
70978
70979
70980
70981
70982
70983
70984
70985
70986
70987
70988
70989
70990
70991
70992
70993
70994
70995
70996
70997
70998
70999
71000
71001
71002
71003
71004
71005
71006
71007
71008
71009
71010
71011
71012
71013
71014
71015
71016
71017
71018
71019
71020
71021
71022
71023
71024
71025
71026
71027
71028
71029
71030
71031
71032
71033
71034
71035
71036
71037
71038
71039
71040
71041
71042
71043
71044
71045
71046
71047
71048
71049
71050
71051
71052
71053
71054
71055
71056
71057
71058
71059
71060
71061
71062
71063
71064
71065
71066
71067
71068
71069
71070
71071
71072
71073
71074
71075
71076
71077
71078
71079
71080
71081
71082
71083
71084
71085
71086
71087
71088
71089
71090
71091
71092
71093
71094
71095
71096
71097
71098
71099
71100
71101
71102
71103
71104
71105
71106
71107
71108
71109
71110
71111
71112
71113
71114
71115
71116
71117
71118
71119
71120
71121
71122
71123
71124
71125
71126
71127
71128
71129
71130
71131
71132
71133
71134
71135
71136
71137
71138
71139
71140
71141
71142
71143
71144
71145
71146
71147
71148
71149
71150
71151
71152
71153
71154
71155
71156
71157
71158
71159
71160
71161
71162
71163
71164
71165
71166
71167
71168
71169
71170
71171
71172
71173
71174
71175
71176
71177
71178
71179
71180
71181
71182
71183
71184
71185
71186
71187
71188
71189
71190
71191
71192
71193
71194
71195
71196
71197
71198
71199
71200
71201
71202
71203
71204
71205
71206
71207
71208
71209
71210
71211
71212
71213
71214
71215
71216
71217
71218
71219
71220
71221
71222
71223
71224
71225
71226
71227
71228
71229
71230
71231
71232
71233
71234
71235
71236
71237
71238
71239
71240
71241
71242
71243
71244
71245
71246
71247
71248
71249
71250
71251
71252
71253
71254
71255
71256
71257
71258
71259
71260
71261
71262
71263
71264
71265
71266
71267
71268
71269
71270
71271
71272
71273
71274
71275
71276
71277
71278
71279
71280
71281
71282
71283
71284
71285
71286
71287
71288
71289
71290
71291
71292
71293
71294
71295
71296
71297
71298
71299
71300
71301
71302
71303
71304
71305
71306
71307
71308
71309
71310
71311
71312
71313
71314
71315
71316
71317
71318
71319
71320
71321
71322
71323
71324
71325
71326
71327
71328
71329
71330
71331
71332
71333
71334
71335
71336
71337
71338
71339
71340
71341
71342
71343
71344
71345
71346
71347
71348
71349
71350
71351
71352
71353
71354
71355
71356
71357
71358
71359
71360
71361
71362
71363
71364
71365
71366
71367
71368
71369
71370
71371
71372
71373
71374
71375
71376
71377
71378
71379
71380
71381
71382
71383
71384
71385
71386
71387
71388
71389
71390
71391
71392
71393
71394
71395
71396
71397
71398
71399
71400
71401
71402
71403
71404
71405
71406
71407
71408
71409
71410
71411
71412
71413
71414
71415
71416
71417
71418
71419
71420
71421
71422
71423
71424
71425
71426
71427
71428
71429
71430
71431
71432
71433
71434
71435
71436
71437
71438
71439
71440
71441
71442
71443
71444
71445
71446
71447
71448
71449
71450
71451
71452
71453
71454
71455
71456
71457
71458
71459
71460
71461
71462
71463
71464
71465
71466
71467
71468
71469
71470
71471
71472
71473
71474
71475
71476
71477
71478
71479
71480
71481
71482
71483
71484
71485
71486
71487
71488
71489
71490
71491
71492
71493
71494
71495
71496
71497
71498
71499
71500
71501
71502
71503
71504
71505
71506
71507
71508
71509
71510
71511
71512
71513
71514
71515
71516
71517
71518
71519
71520
71521
71522
71523
71524
71525
71526
71527
71528
71529
71530
71531
71532
71533
71534
71535
71536
71537
71538
71539
71540
71541
71542
71543
71544
71545
71546
71547
71548
71549
71550
71551
71552
71553
71554
71555
71556
71557
71558
71559
71560
71561
71562
71563
71564
71565
71566
71567
71568
71569
71570
71571
71572
71573
71574
71575
71576
71577
71578
71579
71580
71581
71582
71583
71584
71585
71586
71587
71588
71589
71590
71591
71592
71593
71594
71595
71596
71597
71598
71599
71600
71601
71602
71603
71604
71605
71606
71607
71608
71609
71610
71611
71612
71613
71614
71615
71616
71617
71618
71619
71620
71621
71622
71623
71624
71625
71626
71627
71628
71629
71630
71631
71632
71633
71634
71635
71636
71637
71638
71639
71640
71641
71642
71643
71644
71645
71646
71647
71648
71649
71650
71651
71652
71653
71654
71655
71656
71657
71658
71659
71660
71661
71662
71663
71664
71665
71666
71667
71668
71669
71670
71671
71672
71673
71674
71675
71676
71677
71678
71679
71680
71681
71682
71683
71684
71685
71686
71687
71688
71689
71690
71691
71692
71693
71694
71695
71696
71697
71698
71699
71700
71701
71702
71703
71704
71705
71706
71707
71708
71709
71710
71711
71712
71713
71714
71715
71716
71717
71718
71719
71720
71721
71722
71723
71724
71725
71726
71727
71728
71729
71730
71731
71732
71733
71734
71735
71736
71737
71738
71739
71740
71741
71742
71743
71744
71745
71746
71747
71748
71749
71750
71751
71752
71753
71754
71755
71756
71757
71758
71759
71760
71761
71762
71763
71764
71765
71766
71767
71768
71769
71770
71771
71772
71773
71774
71775
71776
71777
71778
71779
71780
71781
71782
71783
71784
71785
71786
71787
71788
71789
71790
71791
71792
71793
71794
71795
71796
71797
71798
71799
71800
71801
71802
71803
71804
71805
71806
71807
71808
71809
71810
71811
71812
71813
71814
71815
71816
71817
71818
71819
71820
71821
71822
71823
71824
71825
71826
71827
71828
71829
71830
71831
71832
71833
71834
71835
71836
71837
71838
71839
71840
71841
71842
71843
71844
71845
71846
71847
71848
71849
71850
71851
71852
71853
71854
71855
71856
71857
71858
71859
71860
71861
71862
71863
71864
71865
71866
71867
71868
71869
71870
71871
71872
71873
71874
71875
71876
71877
71878
71879
71880
71881
71882
71883
71884
71885
71886
71887
71888
71889
71890
71891
71892
71893
71894
71895
71896
71897
71898
71899
71900
71901
71902
71903
71904
71905
71906
71907
71908
71909
71910
71911
71912
71913
71914
71915
71916
71917
71918
71919
71920
71921
71922
71923
71924
71925
71926
71927
71928
71929
71930
71931
71932
71933
71934
71935
71936
71937
71938
71939
71940
71941
71942
71943
71944
71945
71946
71947
71948
71949
71950
71951
71952
71953
71954
71955
71956
71957
71958
71959
71960
71961
71962
71963
71964
71965
71966
71967
71968
71969
71970
71971
71972
71973
71974
71975
71976
71977
71978
71979
71980
71981
71982
71983
71984
71985
71986
71987
71988
71989
71990
71991
71992
71993
71994
71995
71996
71997
71998
71999
72000
72001
72002
72003
72004
72005
72006
72007
72008
72009
72010
72011
72012
72013
72014
72015
72016
72017
72018
72019
72020
72021
72022
72023
72024
72025
72026
72027
72028
72029
72030
72031
72032
72033
72034
72035
72036
72037
72038
72039
72040
72041
72042
72043
72044
72045
72046
72047
72048
72049
72050
72051
72052
72053
72054
72055
72056
72057
72058
72059
72060
72061
72062
72063
72064
72065
72066
72067
72068
72069
72070
72071
72072
72073
72074
72075
72076
72077
72078
72079
72080
72081
72082
72083
72084
72085
72086
72087
72088
72089
72090
72091
72092
72093
72094
72095
72096
72097
72098
72099
72100
72101
72102
72103
72104
72105
72106
72107
72108
72109
72110
72111
72112
72113
72114
72115
72116
72117
72118
72119
72120
72121
72122
72123
72124
72125
72126
72127
72128
72129
72130
72131
72132
72133
72134
72135
72136
72137
72138
72139
72140
72141
72142
72143
72144
72145
72146
72147
72148
72149
72150
72151
72152
72153
72154
72155
72156
72157
72158
72159
72160
72161
72162
72163
72164
72165
72166
72167
72168
72169
72170
72171
72172
72173
72174
72175
72176
72177
72178
72179
72180
72181
72182
72183
72184
72185
72186
72187
72188
72189
72190
72191
72192
72193
72194
72195
72196
72197
72198
72199
72200
72201
72202
72203
72204
72205
72206
72207
72208
72209
72210
72211
72212
72213
72214
72215
72216
72217
72218
72219
72220
72221
72222
72223
72224
72225
72226
72227
72228
72229
72230
72231
72232
72233
72234
72235
72236
72237
72238
72239
72240
72241
72242
72243
72244
72245
72246
72247
72248
72249
72250
72251
72252
72253
72254
72255
72256
72257
72258
72259
72260
72261
72262
72263
72264
72265
72266
72267
72268
72269
72270
72271
72272
72273
72274
72275
72276
72277
72278
72279
72280
72281
72282
72283
72284
72285
72286
72287
72288
72289
72290
72291
72292
72293
72294
72295
72296
72297
72298
72299
72300
72301
72302
72303
72304
72305
72306
72307
72308
72309
72310
72311
72312
72313
72314
72315
72316
72317
72318
72319
72320
72321
72322
72323
72324
72325
72326
72327
72328
72329
72330
72331
72332
72333
72334
72335
72336
72337
72338
72339
72340
72341
72342
72343
72344
72345
72346
72347
72348
72349
72350
72351
72352
72353
72354
72355
72356
72357
72358
72359
72360
72361
72362
72363
72364
72365
72366
72367
72368
72369
72370
72371
72372
72373
72374
72375
72376
72377
72378
72379
72380
72381
72382
72383
72384
72385
72386
72387
72388
72389
72390
72391
72392
72393
72394
72395
72396
72397
72398
72399
72400
72401
72402
72403
72404
72405
72406
72407
72408
72409
72410
72411
72412
72413
72414
72415
72416
72417
72418
72419
72420
72421
72422
72423
72424
72425
72426
72427
72428
72429
72430
72431
72432
72433
72434
72435
72436
72437
72438
72439
72440
72441
72442
72443
72444
72445
72446
72447
72448
72449
72450
72451
72452
72453
72454
72455
72456
72457
72458
72459
72460
72461
72462
72463
72464
72465
72466
72467
72468
72469
72470
72471
72472
72473
72474
72475
72476
72477
72478
72479
72480
72481
72482
72483
72484
72485
72486
72487
72488
72489
72490
72491
72492
72493
72494
72495
72496
72497
72498
72499
72500
72501
72502
72503
72504
72505
72506
72507
72508
72509
72510
72511
72512
72513
72514
72515
72516
72517
72518
72519
72520
72521
72522
72523
72524
72525
72526
72527
72528
72529
72530
72531
72532
72533
72534
72535
72536
72537
72538
72539
72540
72541
72542
72543
72544
72545
72546
72547
72548
72549
72550
72551
72552
72553
72554
72555
72556
72557
72558
72559
72560
72561
72562
72563
72564
72565
72566
72567
72568
72569
72570
72571
72572
72573
72574
72575
72576
72577
72578
72579
72580
72581
72582
72583
72584
72585
72586
72587
72588
72589
72590
72591
72592
72593
72594
72595
72596
72597
72598
72599
72600
72601
72602
72603
72604
72605
72606
72607
72608
72609
72610
72611
72612
72613
72614
72615
72616
72617
72618
72619
72620
72621
72622
72623
72624
72625
72626
72627
72628
72629
72630
72631
72632
72633
72634
72635
72636
72637
72638
72639
72640
72641
72642
72643
72644
72645
72646
72647
72648
72649
72650
72651
72652
72653
72654
72655
72656
72657
72658
72659
72660
72661
72662
72663
72664
CVE-2020-22592
	RESERVED
CVE-2020-36515
	RESERVED
CVE-2020-36514 (An issue was discovered in the acc_reader crate through 2020-12-27 for ...)
	NOT-FOR-US: Rust crate acc_reader
CVE-2020-36513 (An issue was discovered in the acc_reader crate through 2020-12-27 for ...)
	NOT-FOR-US: Rust crate acc_reader
CVE-2020-36512 (An issue was discovered in the buffoon crate through 2020-12-31 for Ru ...)
	NOT-FOR-US: Rust crate buffoon
CVE-2020-36511 (An issue was discovered in the bite crate through 2020-12-31 for Rust. ...)
	NOT-FOR-US: Rust crate bite
CVE-2020-36510
	RESERVED
CVE-2020-36505 (The Delete All Comments Easily WordPress plugin through 1.3 is lacking ...)
	NOT-FOR-US: WordPress plugin
CVE-2020-36504 (The WP-Pro-Quiz WordPress plugin through 0.37 does not have CSRF check ...)
	NOT-FOR-US: WordPress plugin
CVE-2020-36503 (The Connections Business Directory WordPress plugin before 9.7 does no ...)
	NOT-FOR-US: WordPress plugin
CVE-2020-36502 (Swift File Transfer Mobile v1.1.2 was discovered to contain a cross-si ...)
	NOT-FOR-US: Swift File Transfer Mobile
CVE-2020-36501 (Multiple cross-site scripting (XSS) vulnerabilities in the Support mod ...)
	NOT-FOR-US: SugarCRM
CVE-2020-36500
	RESERVED
CVE-2020-36499 (TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to cont ...)
	NOT-FOR-US: TAO Open Source Assessment Platform
CVE-2020-36498 (Macrob7 Macs Framework Content Management System - 1.14f contains a cr ...)
	NOT-FOR-US: Macrob7 Macs Framework Content Management System
CVE-2020-36497 (DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripti ...)
	NOT-FOR-US: DedeCMS
CVE-2020-36496 (DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripti ...)
	NOT-FOR-US: DedeCMS
CVE-2020-36495 (DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripti ...)
	NOT-FOR-US: DedeCMS
CVE-2020-36494 (DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripti ...)
	NOT-FOR-US: DedeCMS
CVE-2020-36493 (DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripti ...)
	NOT-FOR-US: DedeCMS
CVE-2020-36492 (DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripti ...)
	NOT-FOR-US: DedeCMS
CVE-2020-36491 (DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripti ...)
	NOT-FOR-US: DedeCMS
CVE-2020-36490 (DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripti ...)
	NOT-FOR-US: DedeCMS
CVE-2020-36489 (Dropouts Technologies LLP Air Share v1.2 was discovered to contain a c ...)
	NOT-FOR-US: Dropouts Technologies LLP Air Share
CVE-2020-36488 (An issue in the FTP server of Sky File v2.1.0 allows attackers to perf ...)
	NOT-FOR-US: Sky File
CVE-2020-36487
	RESERVED
CVE-2020-36486 (Swift File Transfer Mobile v1.1.2 and below was discovered to contain  ...)
	NOT-FOR-US: Swift File Transfer Mobile
CVE-2020-36485 (Portable Ltd Playable v9.18 was discovered to contain an arbitrary fil ...)
	NOT-FOR-US: Portable Ltd Playable
CVE-2020-36484
	RESERVED
CVE-2020-36483
	RESERVED
CVE-2020-36482
	RESERVED
CVE-2020-36481
	RESERVED
CVE-2020-36480
	RESERVED
CVE-2020-36479
	RESERVED
CVE-2020-36478 (An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 L ...)
	{DLA-2826-1}
	- mbedtls 2.16.9-0.1
	NOTE: https://github.com/ARMmbed/mbedtls/issues/3629
	NOTE: https://github.com/ARMmbed/mbedtls/commit/ca17ebfbc02b57e2bcb42efe64a5f2002c756ea8 (development)
CVE-2020-36477 (An issue was discovered in Mbed TLS before 2.24.0. The verification of ...)
	[experimental] - mbedtls 2.28.0-0.1
	- mbedtls 2.28.0-0.3
	[stretch] - mbedtls <not-affected> (2.4 not affected)
	NOTE: https://github.com/ARMmbed/mbedtls/issues/3498
	NOTE: https://github.com/ARMmbed/mbedtls/commit/f3e4bd8632b71dc491e52e6df87dc3e409d2b869 (development)
CVE-2020-36476 (An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 L ...)
	{DLA-2826-1}
	- mbedtls 2.16.9-0.1
	NOTE: https://github.com/ARMmbed/mbedtls/commit/a321413807927d6e295cec8677733bbde6aeec34 (development)
	NOTE: https://github.com/ARMmbed/mbedtls/commit/ef73875913c66767e7a954aa0b68f42f0756d9b2 (mbedtls-2.7)
CVE-2020-36475 (An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 L ...)
	{DLA-2826-1}
	- mbedtls 2.16.9-0.1
	NOTE: https://github.com/ARMmbed/mbedtls/commit/9246d041500b96fb0694cbda1d833e420696827e
CVE-2020-36474 (SafeCurl before 0.9.2 has a DNS rebinding vulnerability. ...)
	NOT-FOR-US: SafeCurl
CVE-2020-36473 (UCWeb UC 12.12.3.1219 through 12.12.3.1226 uses cleartext HTTP, and th ...)
	NOT-FOR-US: UCWeb UC
CVE-2020-36472 (An issue was discovered in the max7301 crate before 0.2.0 for Rust. Th ...)
	NOT-FOR-US: Rust crate max7301
CVE-2020-36471 (An issue was discovered in the generator crate before 0.7.0 for Rust.  ...)
	- rust-generator <unfixed> (bug #992047)
	[bullseye] - rust-generator <no-dsa> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0151.html
CVE-2020-36470 (An issue was discovered in the disrustor crate through 2020-12-17 for  ...)
	NOT-FOR-US: Rust crate disrustor
CVE-2020-36469 (An issue was discovered in the appendix crate through 2020-11-15 for R ...)
	NOT-FOR-US: Rust crate appendix
CVE-2020-36468 (An issue was discovered in the cgc crate through 2020-12-10 for Rust.  ...)
	NOT-FOR-US: Rust crate cgc
CVE-2020-36467 (An issue was discovered in the cgc crate through 2020-12-10 for Rust.  ...)
	NOT-FOR-US: Rust crate cgc
CVE-2020-36466 (An issue was discovered in the cgc crate through 2020-12-10 for Rust.  ...)
	NOT-FOR-US: Rust crate cgc
CVE-2020-36465 (An issue was discovered in the generic-array crate before 0.13.3 for R ...)
	- rust-generic-array 0.14.4-1
	[buster] - rust-generic-array <no-dsa> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0146.html
CVE-2020-36464 (An issue was discovered in the heapless crate before 0.6.1 for Rust. T ...)
	NOT-FOR-US: Rust crate heapless
CVE-2020-36463 (An issue was discovered in the multiqueue crate through 2020-12-25 for ...)
	NOT-FOR-US: Rust crate multiqueue
CVE-2020-36462 (An issue was discovered in the syncpool crate before 0.1.6 for Rust. T ...)
	NOT-FOR-US: Rust crate syncpool
CVE-2020-36461 (An issue was discovered in the noise_search crate through 2020-12-10 f ...)
	NOT-FOR-US: Rust crate noise_search
CVE-2020-36460 (An issue was discovered in the model crate through 2020-11-10 for Rust ...)
	NOT-FOR-US: Rust crate model
CVE-2020-36459 (An issue was discovered in the dces crate through 2020-12-09 for Rust. ...)
	NOT-FOR-US: Rust crate dces
CVE-2020-36458 (An issue was discovered in the lexer crate through 2020-11-10 for Rust ...)
	NOT-FOR-US: Rust crate lexer
CVE-2020-36457 (An issue was discovered in the lever crate before 0.1.1 for Rust. Atom ...)
	NOT-FOR-US: Rust crate lever
CVE-2020-36456 (An issue was discovered in the toolshed crate through 2020-11-15 for R ...)
	NOT-FOR-US: Rust crate toolshed
CVE-2020-36455 (An issue was discovered in the slock crate through 2020-11-17 for Rust ...)
	NOT-FOR-US: Rust crate slock
CVE-2020-36454 (An issue was discovered in the parc crate through 2020-11-14 for Rust. ...)
	NOT-FOR-US: Rust crate parc
CVE-2020-36453 (An issue was discovered in the scottqueue crate through 2020-11-15 for ...)
	NOT-FOR-US: Rust crate scottqueue
CVE-2020-36452 (An issue was discovered in the array-tools crate before 0.3.2 for Rust ...)
	NOT-FOR-US: Rust crate array-tools
CVE-2020-36451 (An issue was discovered in the rcu_cell crate through 2020-11-14 for R ...)
	NOT-FOR-US: Rust crate rcu_cell
CVE-2020-36450 (An issue was discovered in the bunch crate through 2020-11-12 for Rust ...)
	NOT-FOR-US: Rust crate bunch
CVE-2020-36449 (An issue was discovered in the kekbit crate before 0.3.4 for Rust. For ...)
	NOT-FOR-US: Rust crate kekbit
CVE-2020-36448 (An issue was discovered in the cache crate through 2020-11-24 for Rust ...)
	NOT-FOR-US: Rust crate cache
CVE-2020-36447 (An issue was discovered in the v9 crate through 2020-12-18 for Rust. T ...)
	NOT-FOR-US: Rust crate v9
CVE-2020-36446 (An issue was discovered in the signal-simple crate through 2020-11-15  ...)
	NOT-FOR-US: Rust crate signal-simple
CVE-2020-36445 (An issue was discovered in the convec crate through 2020-11-24 for Rus ...)
	NOT-FOR-US: Rust crate convec
CVE-2020-36444 (An issue was discovered in the async-coap crate through 2020-12-08 for ...)
	NOT-FOR-US: Rust crate async-coap
CVE-2020-36443 (An issue was discovered in the libp2p-deflate crate before 0.27.1 for  ...)
	NOT-FOR-US: Rust crate libp2p-deflate
CVE-2020-36442 (An issue was discovered in the beef crate before 0.5.0 for Rust. beef: ...)
	NOT-FOR-US: Rust crate beef
CVE-2020-36441 (An issue was discovered in the abox crate before 0.4.1 for Rust. It im ...)
	NOT-FOR-US: Rust crate abox
CVE-2020-36440 (An issue was discovered in the libsbc crate before 0.1.5 for Rust. For ...)
	NOT-FOR-US: Rust crate libsbc
CVE-2020-36439 (An issue was discovered in the ticketed_lock crate before 0.3.0 for Ru ...)
	NOT-FOR-US: Rust crate ticketed_lock
CVE-2020-36438 (An issue was discovered in the tiny_future crate before 0.4.0 for Rust ...)
	NOT-FOR-US: Rust crate tiny_future
CVE-2020-36437 (An issue was discovered in the conqueue crate before 0.4.0 for Rust. T ...)
	NOT-FOR-US: Rust crate conqueue
CVE-2020-36436 (An issue was discovered in the unicycle crate before 0.7.1 for Rust. P ...)
	NOT-FOR-US: Rust crate unicycle
CVE-2020-36435 (An issue was discovered in the ruspiro-singleton crate before 0.4.1 fo ...)
	NOT-FOR-US: Rust crate ruspiro-singleton
CVE-2020-36434 (An issue was discovered in the sys-info crate before 0.8.0 for Rust. s ...)
	NOT-FOR-US: Rust crate sys-info
CVE-2020-36433 (An issue was discovered in the chunky crate through 2020-08-25 for Rus ...)
	NOT-FOR-US: Rust crate chunky
CVE-2020-36432 (An issue was discovered in the alg_ds crate through 2020-08-25 for Rus ...)
	NOT-FOR-US: Rust crate alg_ds
CVE-2020-36431 (Unicorn Engine 1.0.2 has an out-of-bounds write in helper_wfe_arm. ...)
	NOT-FOR-US: Unicorn Engine
CVE-2020-36430 (libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decode ...)
	- libass 1:0.15.0-2
	[buster] - libass <not-affected> (Vulnerable code not present)
	[stretch] - libass <not-affected> (Vulnerable code not present)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26674
	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libass/OSV-2020-2099.yaml
	NOTE: Introduced by: https://github.com/libass/libass/commit/910211f1c0078e37546f73e95306724358b89be2 (0.15.0)
	NOTE: Fixed by: https://github.com/libass/libass/commit/017137471d0043e0321e377ed8da48e45a3ec632 (0.15.1)
CVE-2020-36429 (Variant_encodeJson in open62541 1.x before 1.0.4 has an out-of-bounds  ...)
	NOT-FOR-US: open62541
CVE-2020-36428 (matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a heap-base ...)
	- libmatio <unfixed> (bug #991370)
	[bullseye] - libmatio <no-dsa> (Minor issue)
	[buster] - libmatio <not-affected> (Vulnerable code not present, introduced in 1.5.18)
	[stretch] - libmatio <not-affected> (Vulnerable code not present, introduced in 1.5.18)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21421
	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/matio/OSV-2020-799.yaml
CVE-2020-36427 (GNOME gThumb before 3.10.1 allows an application crash via a malformed ...)
	- gthumb 3:3.11.1-0.1 (unimportant)
	NOTE: https://mail.gnome.org/archives/gthumb-list/2020-September/msg00001.html
	NOTE: https://github.com/GNOME/gthumb/commit/e79b4519cc6e27388ddd3f095e97d1559cb47616
	NOTE: Crash in CLI tool, no security impact
CVE-2020-36426 (An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_cr ...)
	- mbedtls 2.16.9-0.1
	[buster] - mbedtls <no-dsa> (Minor issue)
	[stretch] - mbedtls <no-dsa> (Minor issue)
CVE-2020-36425 (An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly  ...)
	- mbedtls 2.16.9-0.1
	[buster] - mbedtls <no-dsa> (Minor issue)
	[stretch] - mbedtls <no-dsa> (Minor issue)
	NOTE: https://github.com/ARMmbed/mbedtls/issues/3340
	NOTE: https://github.com/ARMmbed/mbedtls/pull/3433
CVE-2020-36424 (An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can ...)
	- mbedtls 2.16.9-0.1
	[buster] - mbedtls <no-dsa> (Minor issue)
	[stretch] - mbedtls <no-dsa> (Minor issue)
	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-2
CVE-2020-36423 (An issue was discovered in Arm Mbed TLS before 2.23.0. A remote attack ...)
	- mbedtls 2.16.9-0.1
	[buster] - mbedtls <no-dsa> (Minor issue)
	[stretch] - mbedtls <no-dsa> (Minor issue)
CVE-2020-36422 (An issue was discovered in Arm Mbed TLS before 2.23.0. A side channel  ...)
	- mbedtls 2.16.9-0.1
	[buster] - mbedtls <no-dsa> (Minor issue)
	[stretch] - mbedtls <no-dsa> (Minor issue)
CVE-2020-36421 (An issue was discovered in Arm Mbed TLS before 2.23.0. Because of a si ...)
	- mbedtls 2.16.9-0.1
	[buster] - mbedtls <no-dsa> (Minor issue)
	[stretch] - mbedtls <no-dsa> (Minor issue)
	NOTE: https://github.com/ARMmbed/mbedtls/issues/3394
CVE-2020-36420 (** UNSUPPORTED WHEN ASSIGNED ** Polipo through 1.1.1, when NDEBUG is o ...)
	- polipo <removed>
	[buster] - polipo <ignored> (Minor issue)
	[stretch] - polipo <ignored> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2020/11/18/1
CVE-2020-36419
	RESERVED
CVE-2020-36418
	RESERVED
CVE-2020-36417
	RESERVED
CVE-2020-36416 (A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 ...)
	NOT-FOR-US: CMS Made Simple
CVE-2020-36415 (A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 ...)
	NOT-FOR-US: CMS Made Simple
CVE-2020-36414 (A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 ...)
	NOT-FOR-US: CMS Made Simple
CVE-2020-36413 (A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 ...)
	NOT-FOR-US: CMS Made Simple
CVE-2020-36412 (A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 ...)
	NOT-FOR-US: CMS Made Simple
CVE-2020-36411 (A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 ...)
	NOT-FOR-US: CMS Made Simple
CVE-2020-36410 (A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 ...)
	NOT-FOR-US: CMS Made Simple
CVE-2020-36409 (A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 ...)
	NOT-FOR-US: CMS Made Simple
CVE-2020-36408 (A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 ...)
	NOT-FOR-US: CMS Made Simple
CVE-2020-36407 (libavif 0.8.0 and 0.8.1 has an out-of-bounds write in avifDecoderDataF ...)
	- libavif 0.8.2-1
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24811
	NOTE: https://github.com/AOMediaCodec/libavif/commit/0a8e7244d494ae98e9756355dfbfb6697ded2ff9
	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libavif/OSV-2020-1597.yaml
CVE-2020-36406 (** DISPUTED ** uWebSockets 18.11.0 and 18.12.0 has a stack-based buffe ...)
	NOT-FOR-US: uWebSockets
CVE-2020-36405 (Keystone Engine 0.9.2 has a use-after-free in llvm_ks::X86Operand::get ...)
	NOT-FOR-US: keystone engine
CVE-2020-36404 (Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVectorImpl& ...)
	NOT-FOR-US: keystone engine
CVE-2020-36403 (HTSlib 1.10 through 1.10.2 allows out-of-bounds write access in vcf_pa ...)
	- htslib 1.11-1
	[buster] - htslib <no-dsa> (Minor issue)
	[stretch] - htslib <not-affected> (Vulnerable code added later)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24097
	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/htslib/OSV-2020-955.yaml
	NOTE: https://github.com/samtools/htslib/commit/dcd4b7304941a8832fba2d0fc4c1e716e7a4e72c
CVE-2020-36402 (Solidity 0.7.5 has a stack-use-after-return issue in smtutil::CHCSmtLi ...)
	NOT-FOR-US: Solidity
CVE-2020-36401 (mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_f ...)
	- mruby 2.1.2-3 (bug #990540)
	[buster] - mruby <no-dsa> (Minor issue)
	[stretch] - mruby <not-affected> (Vulnerable code not present)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23801
	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/mruby/OSV-2020-744.yaml
	NOTE: https://github.com/mruby/mruby/commit/97319697c8f9f6ff27b32589947e1918e3015503
CVE-2020-36400 (ZeroMQ libzmq 4.3.3 has a heap-based buffer overflow in zmq::tcp_read, ...)
	- zeromq3 <not-affected> (Never affected a released version)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26042
	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libzmq/OSV-2020-1887.yaml
	NOTE: Introduced by: https://github.com/zeromq/libzmq/commit/b56195e995e0875afabf405826d97b1dd9817bb0 (v4.3.3)
	NOTE: Fixed by: https://github.com/zeromq/libzmq/commit/397ac80850bf8d010fae23dd215db0ee2c677306 (v4.3.3)
CVE-2020-36399 (A stored cross site scripting (XSS) vulnerability in phplist 3.5.4 and ...)
	- phplist <itp> (bug #612288)
CVE-2020-36398 (A stored cross site scripting (XSS) vulnerability in phplist 3.5.4 and ...)
	- phplist <itp> (bug #612288)
CVE-2020-36397 (A stored cross site scripting (XSS) vulnerability in the /admin/contac ...)
	NOT-FOR-US: LavaLite
CVE-2020-36396 (A stored cross site scripting (XSS) vulnerability in the /admin/roles/ ...)
	NOT-FOR-US: LavaLite
CVE-2020-36395 (A stored cross site scripting (XSS) vulnerability in the /admin/user/t ...)
	NOT-FOR-US: LavaLite
CVE-2020-36394 (pam_setquota.c in the pam_setquota module before 2020-05-29 for Linux- ...)
	- pam <not-affected> (Vulnerable code introduced and fixed in v1.4.0)
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1171721
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/04/5
	NOTE: https://github.com/linux-pam/linux-pam/commit/27ded8954a1235bb65ffc9c730ae5a50b1dfed61
CVE-2020-36393
	RESERVED
CVE-2020-36392
	RESERVED
CVE-2020-36391
	RESERVED
CVE-2020-36390
	RESERVED
CVE-2020-36389 (In CiviCRM before 5.28.1 and CiviCRM ESR before 5.27.5 ESR, the CKEdit ...)
	- civicrm 5.28.4+dfsg1-1
	NOTE: https://civicrm.org/advisory/civi-sa-2020-11-csrf-ckeditor-configuration-form
CVE-2020-36388 (In CiviCRM before 5.21.3 and 5.22.x through 5.24.x before 5.24.3, user ...)
	- civicrm 5.24.5+dfsg1-1
	NOTE: https://civicrm.org/advisory/civi-sa-2020-03
CVE-2020-36387 (An issue was discovered in the Linux kernel before 5.8.2. fs/io_uring. ...)
	- linux 5.7.17-1
	[buster] - linux <not-affected> (Vulnerable code not present)
	[stretch] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/6d816e088c359866f9867057e04f244c608c42fe
CVE-2020-36386 (An issue was discovered in the Linux kernel before 5.8.1. net/bluetoot ...)
	- linux 5.7.17-1
	[buster] - linux 4.19.146-1
	[stretch] - linux 4.9.240-1
	NOTE: https://git.kernel.org/linus/51c19bf3d5cfaa66571e4b88ba2a6f6295311101
CVE-2020-36384 (PageLayer before 1.3.5 allows reflected XSS via color settings. ...)
	NOT-FOR-US: PageLayer
CVE-2020-36383 (PageLayer before 1.3.5 allows reflected XSS via the font-size paramete ...)
	NOT-FOR-US: PageLayer
CVE-2020-36385 (An issue was discovered in the Linux kernel before 5.10. drivers/infin ...)
	- linux 5.10.4-1
	NOTE: https://git.kernel.org/linus/f5449e74802c1112dea984aec8af7a33c4516af1
CVE-2020-36382 (OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigge ...)
	NOT-FOR-US: OpenVPN Access Server (security impact for src:openvpn covered by CVE-2020-15078)
CVE-2020-36381 (An issue was discovered in the singleCrunch function in shenzhim aaptj ...)
	NOT-FOR-US: aaptjs
CVE-2020-36380 (An issue was discovered in the crunch function in shenzhim aaptjs 1.3. ...)
	NOT-FOR-US: aaptjs
CVE-2020-36379 (An issue was discovered in the remove function in shenzhim aaptjs 1.3. ...)
	NOT-FOR-US: aaptjs
CVE-2020-36378 (An issue was discovered in the packageCmd function in shenzhim aaptjs  ...)
	NOT-FOR-US: aaptjs
CVE-2020-36377 (An issue was discovered in the dump function in shenzhim aaptjs 1.3.1, ...)
	NOT-FOR-US: aaptjs
CVE-2020-36376 (An issue was discovered in the list function in shenzhim aaptjs 1.3.1, ...)
	NOT-FOR-US: aaptjs
CVE-2020-36375 (Stack overflow vulnerability in parse_equality Cesanta MJS 1.20.1, all ...)
	NOT-FOR-US: Cesanta MJS
CVE-2020-36374 (Stack overflow vulnerability in parse_comparison Cesanta MJS 1.20.1, a ...)
	NOT-FOR-US: Cesanta MJS
CVE-2020-36373 (Stack overflow vulnerability in parse_shifts Cesanta MJS 1.20.1, allow ...)
	NOT-FOR-US: Cesanta MJS
CVE-2020-36372 (Stack overflow vulnerability in parse_plus_minus Cesanta MJS 1.20.1, a ...)
	NOT-FOR-US: Cesanta MJS
CVE-2020-36371 (Stack overflow vulnerability in parse_mul_div_rem Cesanta MJS 1.20.1,  ...)
	NOT-FOR-US: Cesanta MJS
CVE-2020-36370 (Stack overflow vulnerability in parse_unary Cesanta MJS 1.20.1, allows ...)
	NOT-FOR-US: Cesanta MJS
CVE-2020-36369 (Stack overflow vulnerability in parse_statement_list Cesanta MJS 1.20. ...)
	NOT-FOR-US: Cesanta MJS
CVE-2020-36368 (Stack overflow vulnerability in parse_statement Cesanta MJS 1.20.1, al ...)
	NOT-FOR-US: Cesanta MJS
CVE-2020-36367 (Stack overflow vulnerability in parse_block Cesanta MJS 1.20.1, allows ...)
	NOT-FOR-US: Cesanta MJS
CVE-2020-36366 (Stack overflow vulnerability in parse_value Cesanta MJS 1.20.1, allows ...)
	NOT-FOR-US: Cesanta MJS
CVE-2020-36365 (Smartstore (aka SmartStoreNET) before 4.1.0 allows CommonController.Cl ...)
	NOT-FOR-US: Smartstore (aka SmartStoreNET)
CVE-2020-36364 (An issue was discovered in Smartstore (aka SmartStoreNET) before 4.1.0 ...)
	NOT-FOR-US: Smartstore (aka SmartStoreNET)
CVE-2020-36363 (Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_C ...)
	NOT-FOR-US: Amazon AWS CloudFront
CVE-2020-36362
	RESERVED
CVE-2020-36361
	RESERVED
CVE-2020-36360
	RESERVED
CVE-2020-36359
	RESERVED
CVE-2020-36358
	RESERVED
CVE-2020-36357
	RESERVED
CVE-2020-36356
	RESERVED
CVE-2020-36355
	RESERVED
CVE-2020-36354
	RESERVED
CVE-2020-36353
	RESERVED
CVE-2020-36352
	RESERVED
CVE-2020-36351
	RESERVED
CVE-2020-36350
	RESERVED
CVE-2020-36349
	RESERVED
CVE-2020-36348
	RESERVED
CVE-2020-36347
	RESERVED
CVE-2020-36346
	RESERVED
CVE-2020-36345
	RESERVED
CVE-2020-36344
	RESERVED
CVE-2020-36343
	RESERVED
CVE-2020-36342
	RESERVED
CVE-2020-36341
	RESERVED
CVE-2020-36340
	RESERVED
CVE-2020-36339
	RESERVED
CVE-2020-36338
	RESERVED
CVE-2020-36337
	RESERVED
CVE-2020-36336
	RESERVED
CVE-2020-36335
	RESERVED
CVE-2020-36332 (A flaw was found in libwebp in versions before 1.0.1. When reading a f ...)
	{DSA-4930-1}
	- libwebp 0.6.1-2.1
	[stretch] - libwebp <ignored> (Patch is too destructive to implement it; Minor issue)
	NOTE: https://bugs.chromium.org/p/webp/issues/detail?id=391
	NOTE: https://chromium.googlesource.com/webm/libwebp/+/39cb9aad85ca7bb1d193013460db1f8cc6bff109
CVE-2020-36331 (A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds ...)
	{DSA-4930-1 DLA-2677-1}
	- libwebp 0.6.1-2.1
	NOTE: https://bugs.chromium.org/p/webp/issues/detail?id=388
	NOTE: https://chromium.googlesource.com/webm/libwebp/+/be738c6d396fa5a272c1b209be4379a7532debfe
CVE-2020-36330 (A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds ...)
	{DSA-4930-1 DLA-2677-1}
	- libwebp 0.6.1-2.1
	NOTE: https://bugs.chromium.org/p/webp/issues/detail?id=386
	NOTE: https://chromium.googlesource.com/webm/libwebp/+/2c70ad76c94db5427d37ab4b85dc89b94dd75e01
CVE-2020-36329 (A flaw was found in libwebp in versions before 1.0.1. A use-after-free ...)
	{DSA-4930-1 DLA-2677-1}
	- libwebp 0.6.1-2.1
	NOTE: https://bugs.chromium.org/p/webp/issues/detail?id=385
	NOTE: https://chromium.googlesource.com/webm/libwebp/+/569001f19fc81fcb5ab358f587a54c62e7c4665c
CVE-2020-36328 (A flaw was found in libwebp in versions before 1.0.1. A heap-based buf ...)
	{DSA-4930-1 DLA-2677-1}
	- libwebp 0.6.1-2.1
	NOTE: https://bugs.chromium.org/p/webp/issues/detail?id=383
	NOTE: https://chromium.googlesource.com/webm/libwebp/+/71ed73cf86132394ea25ae9c7ed431e0d71043f5
CVE-2020-36327 (Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes choos ...)
	- bundler <removed>
	[buster] - bundler <no-dsa> (Minor issue)
	[stretch] - bundler <no-dsa> (Invasive change, hard to backport; chances of regression)
	- rubygems <unfixed>
	[bullseye] - rubygems <no-dsa> (Minor issue)
	NOTE: https://github.com/rubygems/rubygems/issues/3982
CVE-2020-36326 (PHPMailer 6.1.8 through 6.4.0 allows object injection through Phar Des ...)
	- libphp-phpmailer 6.2.0-2 (bug #988732)
	[buster] - libphp-phpmailer <not-affected> (Regression introduced in 6.1.8)
	[stretch] - libphp-phpmailer <not-affected> (Regression introduced in 6.1.8)
	NOTE: Introduced by: https://github.com/PHPMailer/PHPMailer/commit/e2e07a355ee8ff36aba21d0242c5950c56e4c6f9 (6.1.8)
	NOTE: Fixed by: https://github.com/PHPMailer/PHPMailer/commit/26f2848d3bbb57add5f34a467a1e3b2f9ce5cd2a (v6.4.1)
	NOTE: Also backport: https://github.com/PHPMailer/PHPMailer/commit/7f267fb4aadfcf62e3ddc50494c469c6b9c4405a (v6.4.1)
CVE-2020-36325 (** DISPUTED ** An issue was discovered in Jansson through 2.13.1. Due  ...)
	- jansson <unfixed> (unimportant)
	NOTE: https://github.com/akheron/jansson/issues/548
	NOTE: Disputed security impact (only if programmer fails to follow API specifications)
CVE-2020-13672 (Cross-site Scripting (XSS) vulnerability in Drupal core's sanitization ...)
	{DLA-2637-1}
	- drupal7 <removed>
	NOTE: https://www.drupal.org/sa-core-2021-002
CVE-2020-36324 (Wikimedia Quarry analytics-quarry-web before 2020-12-15 allows Reflect ...)
	NOT-FOR-US: Wikimedia Quarry
CVE-2020-36323 (In the standard library in Rust before 1.52.0, there is an optimizatio ...)
	- rustc 1.53.0+dfsg1-1
	[bullseye] - rustc <no-dsa> (Minor issue)
	[buster] - rustc <no-dsa> (Minor issue)
	[stretch] - rustc <no-dsa> (Minor issue)
	NOTE: https://github.com/rust-lang/rust/issues/80335
	NOTE: https://github.com/rust-lang/rust/pull/81728
CVE-2020-36322 (An issue was discovered in the FUSE filesystem implementation in the L ...)
	{DLA-2689-1}
	- linux 5.10.9-1
	NOTE: https://git.kernel.org/linus/5d069dbe8aaf2a197142558b6fb2978189ba3454
CVE-2020-36334 (themegrill-demo-importer before 1.6.3 allows CSRF, as demonstrated by  ...)
	NOT-FOR-US: WordPress plugin themegrill-demo-importer
CVE-2020-36333 (themegrill-demo-importer before 1.6.2 does not require authentication  ...)
	NOT-FOR-US: WordPress plugin themegrill-demo-importer
CVE-2020-36321 (Improper URL validation in development mode handler in com.vaadin:flow ...)
	NOT-FOR-US: Vaadin
CVE-2020-36320 (Unsafe validation RegEx in EmailValidator class in com.vaadin:vaadin-s ...)
	NOT-FOR-US: Vaadin
CVE-2020-36319 (Insecure configuration of default ObjectMapper in com.vaadin:flow-serv ...)
	NOT-FOR-US: Vaadin
CVE-2020-36318 (In the standard library in Rust before 1.49.0, VecDeque::make_contiguo ...)
	- rustc 1.53.0+dfsg1-1 (bug #986803)
	[bullseye] - rustc <no-dsa> (Minor issue)
	[buster] - rustc <no-dsa> (Minor issue)
	[stretch] - rustc <no-dsa> (Minor issue)
	NOTE: https://github.com/rust-lang/rust/issues/79808
	NOTE: https://github.com/rust-lang/rust/pull/79814
CVE-2020-36317 (In the standard library in Rust before 1.49.0, String::retain() functi ...)
	- rustc 1.53.0+dfsg1-1 (bug #986803)
	[bullseye] - rustc <no-dsa> (Minor issue)
	[buster] - rustc <no-dsa> (Minor issue)
	[stretch] - rustc <no-dsa> (Minor issue)
	NOTE: https://github.com/rust-lang/rust/issues/78498
	NOTE: https://github.com/rust-lang/rust/pull/78499
CVE-2020-36316 (In RELIC before 2021-04-03, there is a buffer overflow in PKCS#1 v1.5  ...)
	NOT-FOR-US: RELIC
CVE-2020-36315 (In RELIC before 2020-08-01, RSA PKCS#1 v1.5 signature forgery can occu ...)
	NOT-FOR-US: RELIC
CVE-2020-36314 (fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used b ...)
	- file-roller 3.38.1-1
	[buster] - file-roller <no-dsa> (Minor issue)
	[stretch] - file-roller <postponed> (Minor issue; can be fixed in next update)
	NOTE: https://gitlab.gnome.org/GNOME/file-roller/-/commit/e970f4966bf388f6e7c277357c8b186c645683ae
	NOTE: https://gitlab.gnome.org/GNOME/file-roller/-/issues/108
CVE-2020-36313 (An issue was discovered in the Linux kernel before 5.7. The KVM subsys ...)
	- linux <not-affected> (No released version affected by the vulnerability)
	NOTE: Fixed by: https://git.kernel.org/linus/0774a964ef561b7170d8d1b1bfe6f88002b6d219
CVE-2020-36312 (An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kv ...)
	- linux 5.8.10-1
	[buster] - linux 4.19.152-1
	[stretch] - linux 4.9.240-1
	NOTE: https://git.kernel.org/linus/f65886606c2d3b562716de030706dfe1bea4ed5e
CVE-2020-36311 (An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/s ...)
	{DSA-4941-1 DLA-2714-1}
	- linux 5.9.1-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/7be74942f184fdfba34ddd19a0d995deb34d4a03
CVE-2020-36310 (An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/s ...)
	- linux 5.8.7-1
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://git.kernel.org/linus/e72436bc3a5206f95bb384e741154166ddb3202e
CVE-2020-36309 (ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty ...)
	- nginx <unfixed> (bug #986787)
	[bullseye] - nginx <ignored> (Minor issue, too intrusive to backport, see #986787)
	[buster] - nginx <ignored> (Minor issue, too intrusive to backport, see #986787)
	[stretch] - nginx <postponed> (Minor issue; can be fixed in next update)
	NOTE: https://github.com/openresty/lua-nginx-module/pull/1654
CVE-2020-36308 (Redmine before 4.0.7 and 4.1.x before 4.1.1 allows attackers to discov ...)
	{DLA-2658-1}
	- redmine 4.0.7-1
CVE-2020-36307 (Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile ...)
	{DLA-2658-1}
	- redmine 4.0.7-1
CVE-2020-36306 (Redmine before 4.0.7 and 4.1.x before 4.1.1 has XSS via the back_url f ...)
	{DLA-2658-1}
	- redmine 4.0.7-1
CVE-2020-36305
	RESERVED
CVE-2020-36304
	RESERVED
CVE-2020-36303
	RESERVED
CVE-2020-36302
	RESERVED
CVE-2020-36301
	RESERVED
CVE-2020-36300
	RESERVED
CVE-2020-36299
	RESERVED
CVE-2020-36298
	RESERVED
CVE-2020-36297
	RESERVED
CVE-2020-36296
	RESERVED
CVE-2020-36295
	RESERVED
CVE-2020-36294
	RESERVED
CVE-2020-36293
	RESERVED
CVE-2020-36292
	RESERVED
CVE-2020-36291
	RESERVED
CVE-2020-36290
	RESERVED
CVE-2020-36289 (Affected versions of Atlassian Jira Server and Data Center allow an un ...)
	NOT-FOR-US: Atlassian
CVE-2020-36288 (The issue navigation and search view in Jira Server and Data Center be ...)
	NOT-FOR-US: Atlassian
CVE-2020-36287 (The dashboard gadgets preference resource of the Atlassian gadgets plu ...)
	NOT-FOR-US: Atlassian
CVE-2020-36286 (The membersOf JQL search function in Jira Server and Data Center befor ...)
	NOT-FOR-US: Atlassian
CVE-2020-36285 (Union Pay up to 3.3.12, for iOS mobile apps, contains a CWE-347: Impro ...)
	NOT-FOR-US: Union Pay
CVE-2020-36284 (Union Pay up to 3.4.93.4.9, for android, contains a CWE-347: Improper  ...)
	NOT-FOR-US: Union Pay
CVE-2020-36283 (HID OMNIKEY 5427 and OMNIKEY 5127 readers are vulnerable to CSRF when  ...)
	NOT-FOR-US: HID OMNIKEY 5427 and OMNIKEY 5127 readers
CVE-2020-36282 (JMS Client for RabbitMQ 1.x before 1.15.2 and 2.x before 2.2.0 is vuln ...)
	NOT-FOR-US: JMS Client for RabbitMQ
CVE-2020-36281 (Leptonica before 1.80.0 allows a heap-based buffer over-read in pixFew ...)
	{DLA-2612-1}
	- leptonlib 1.79.0-1.1 (bug #985089)
	[buster] - leptonlib <no-dsa> (Minor issue)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22140
	NOTE: https://github.com/DanBloomberg/leptonica/commit/5ee24b398bb67666f6d173763eaaedd9c36fb1e5
CVE-2020-36280 (Leptonica before 1.80.0 allows a heap-based buffer over-read in pixRea ...)
	- leptonlib 1.79.0-1.1 (bug #985089)
	[buster] - leptonlib <no-dsa> (Minor issue)
	[stretch] - leptonlib <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23654
	NOTE: https://github.com/DanBloomberg/leptonica/commit/5ba34b1fe741d69d43a6c8cf767756997eadd87c
CVE-2020-36279 (Leptonica before 1.80.0 allows a heap-based buffer over-read in raster ...)
	{DLA-2612-1}
	- leptonlib 1.79.0-1.1 (bug #985089)
	[buster] - leptonlib <no-dsa> (Minor issue)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22512
	NOTE: https://github.com/DanBloomberg/leptonica/commit/3c18c43b6a3f753f0dfff99610d46ad46b8bfac4
CVE-2020-36278 (Leptonica before 1.80.0 allows a heap-based buffer over-read in findNe ...)
	{DLA-2612-1}
	- leptonlib 1.79.0-1.1 (bug #985089)
	[buster] - leptonlib <no-dsa> (Minor issue)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23433
	NOTE: https://github.com/DanBloomberg/leptonica/commit/8d6e1755518cfb98536d6c3daf0601f226d16842
CVE-2020-36277 (Leptonica before 1.80.0 allows a denial of service (application crash) ...)
	{DLA-2612-1}
	- leptonlib 1.79.0-1.1 (bug #985089)
	[buster] - leptonlib <no-dsa> (Minor issue)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21997
	NOTE: https://github.com/DanBloomberg/leptonica/pull/499
CVE-2020-36276
	RESERVED
CVE-2020-36275
	RESERVED
CVE-2020-36274
	RESERVED
CVE-2020-36273
	RESERVED
CVE-2020-36272
	RESERVED
CVE-2020-36271
	RESERVED
CVE-2020-36270
	RESERVED
CVE-2020-36269
	RESERVED
CVE-2020-36268
	RESERVED
CVE-2020-36267
	RESERVED
CVE-2020-36266
	RESERVED
CVE-2020-36265
	RESERVED
CVE-2020-36264
	RESERVED
CVE-2020-36263
	RESERVED
CVE-2020-36262
	RESERVED
CVE-2020-36261
	RESERVED
CVE-2020-36260
	RESERVED
CVE-2020-36259
	RESERVED
CVE-2020-36258
	RESERVED
CVE-2020-36257
	RESERVED
CVE-2020-36256
	RESERVED
CVE-2020-36255 (An issue was discovered in IdentityModel (aka ScottBrady.IdentityModel ...)
	NOT-FOR-US: ScottBrady.IdentityModel
CVE-2020-35358 (DomainMOD domainmod-v4.15.0 is affected by an insufficient session exp ...)
	NOT-FOR-US: DomainMOD
CVE-2020-36254 (scp.c in Dropbear before 2020.79 mishandles the filename of . or an em ...)
	- dropbear 2020.79-1
	[buster] - dropbear <no-dsa> (Minor issue)
	[stretch] - dropbear <postponed> (Minor issue)
	NOTE: https://github.com/mkj/dropbear/commit/8f8a3dff705fad774a10864a2e3dbcfa9779ceff
CVE-2020-36253
	RESERVED
CVE-2020-36252 (ownCloud Server 10.x before 10.3.1 allows an attacker, who has one out ...)
	- owncloud <removed>
CVE-2020-36251 (ownCloud Server before 10.3.0 allows an attacker, who has received non ...)
	- owncloud <removed>
CVE-2020-36250 (In the ownCloud application before 2.15 for Android, the lock protecti ...)
	NOT-FOR-US: ownCloud app for Android
CVE-2020-36249 (The File Firewall before 2.8.0 for ownCloud Server does not properly e ...)
	NOT-FOR-US: ownCloud addon
CVE-2020-36248 (The ownCloud application before 2.15 for Android allows attackers to u ...)
	NOT-FOR-US: ownCloud app for Android
CVE-2020-36247 (Open OnDemand before 1.5.7 and 1.6.x before 1.6.22 allows CSRF. ...)
	NOT-FOR-US: Open OnDemand
CVE-2020-36246 (Amaze File Manager before 3.5.1 allows attackers to obtain root privil ...)
	NOT-FOR-US: Amaze File Manager
CVE-2020-36245 (GramAddict through 1.2.3 allows remote attackers to execute arbitrary  ...)
	NOT-FOR-US: GramAddict
CVE-2020-36244 (The daemon in GENIVI diagnostic log and trace (DLT), is vulnerable to  ...)
	- dlt-daemon 2.18.6-1
	[buster] - dlt-daemon <no-dsa> (Minor issue)
	NOTE: https://github.com/GENIVI/dlt-daemon/issues/265
	NOTE: https://github.com/GENIVI/dlt-daemon/pull/269
	NOTE: https://github.com/GENIVI/dlt-daemon/commit/af734fe097ed379b0aa5fcf551886b1ce5098052 (v2.18.6)
CVE-2020-36243 (The Patient Portal of OpenEMR 5.0.2.1 is affected by a Command Injecti ...)
	NOT-FOR-US: OpenEMR
CVE-2020-36242 (In the cryptography package before 3.3.2 for Python, certain sequences ...)
	- python-cryptography 3.3.2-1
	[buster] - python-cryptography <no-dsa> (Minor issue)
	[stretch] - python-cryptography <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/pyca/cryptography/issues/5615
CVE-2020-36241 (autoar-extractor.c in GNOME gnome-autoar through 0.2.4, as used by GNO ...)
	- gnome-autoar 0.2.4-3 (bug #982737)
	[buster] - gnome-autoar <no-dsa> (Minor issue)
	[stretch] - gnome-autoar <no-dsa> (Minor issue)
	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gnome-autoar/-/commit/adb067e645732fdbe7103516e506d09eb6a54429
	NOTE: https://gitlab.gnome.org/GNOME/gnome-autoar/-/issues/7
	NOTE: Regression fix: https://gitlab.gnome.org/GNOME/gnome-autoar/-/commit/cc4e8b7ccc973ac69d75a7423fbe1bcdc51e2cb3
	NOTE: When fixing the issue make sure to apply as well the followup fix:
	NOTE: https://gitlab.gnome.org/GNOME/gnome-autoar/-/commit/8109c368c6cfdb593faaf698c2bf5da32bb1ace4
	NOTE: to not open CVE-2021-28650.
CVE-2020-36240 (The ResourceDownloadRewriteRule class in Crowd before version 4.0.4, a ...)
	NOT-FOR-US: Atlassian
CVE-2020-36239 (Jira Data Center, Jira Core Data Center, Jira Software Data Center fro ...)
	NOT-FOR-US: Atlassian
CVE-2020-36238 (The /rest/api/1.0/render resource in Jira Server and Data Center befor ...)
	NOT-FOR-US: Atlassian
CVE-2020-36237 (Affected versions of Atlassian Jira Server and Data Center allow unaut ...)
	NOT-FOR-US: Atlassian
CVE-2020-36236 (Affected versions of Atlassian Jira Server and Data Center allow remot ...)
	NOT-FOR-US: Atlassian
CVE-2020-36235 (Affected versions of Atlassian Jira Server and Data Center allow unaut ...)
	NOT-FOR-US: Atlassian
CVE-2020-36234 (Affected versions of Atlassian Jira Server and Data Center allow remot ...)
	NOT-FOR-US: Atlassian
CVE-2020-36233 (The Microsoft Windows Installer for Atlassian Bitbucket Server and Dat ...)
	NOT-FOR-US: Atlassian
CVE-2020-36232 (The MessageBundleWhiteList class of atlassian-gadgets before version 4 ...)
	NOT-FOR-US: Atlassian
CVE-2020-36231 (Affected versions of Atlassian Jira Server and Data Center allow remot ...)
	NOT-FOR-US: Atlassian
CVE-2020-36230 (A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertio ...)
	{DSA-4845-1 DLA-2544-1}
	- openldap 2.4.57+dfsg-1
	NOTE: https://bugs.openldap.org/show_bug.cgi?id=9423
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/8c1d96ee36ed98b32cd0e28b7069c7b8ea09d793 (OPENLDAP_REL_ENG_2_4_57)
CVE-2020-36229 (A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 lead ...)
	{DSA-4845-1 DLA-2544-1}
	- openldap 2.4.57+dfsg-1
	NOTE: https://bugs.openldap.org/show_bug.cgi?id=9425
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/4bdfffd2889c0c5cdf58bebafbdc8fce4bb2bff0 (OPENLDAP_REL_ENG_2_4_57)
CVE-2020-36228 (An integer underflow was discovered in OpenLDAP before 2.4.57 leading  ...)
	{DSA-4845-1 DLA-2544-1}
	- openldap 2.4.57+dfsg-1
	NOTE: https://bugs.openldap.org/show_bug.cgi?id=9427
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/91dccd25c347733b365adc74cb07d074512ed5ad (OPENLDAP_REL_ENG_2_4_57)
CVE-2020-36227 (A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite ...)
	{DSA-4845-1 DLA-2544-1}
	- openldap 2.4.57+dfsg-1
	NOTE: https://bugs.openldap.org/show_bug.cgi?id=9428
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/9d0e8485f3113505743baabf1167e01e4558ccf5 (OPENLDAP_REL_ENG_2_4_57)
CVE-2020-36226 (A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch-&gt ...)
	{DSA-4845-1 DLA-2544-1}
	- openldap 2.4.57+dfsg-1
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/554dff1927176579d652f2fe60c90e9abbad4c65 (OPENLDAP_REL_ENG_2_4_57)
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/c0b61a9486508e5202aa2e0cfb68c9813731b439 (OPENLDAP_REL_ENG_2_4_57)
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/5a2017d4e61a6ddc4dcb4415028e0d08eb6bca26 (OPENLDAP_REL_ENG_2_4_57)
	NOTE: https://bugs.openldap.org/show_bug.cgi?id=9413
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/d169e7958a3e0dc70f59c8374bf8a59833b7bdd8 (OPENLDAP_REL_ENG_2_4_57)
	NOTE: CVE-2020-36224, CVE-2020-36225 and CVE-2020-36226 are related but differend ids
CVE-2020-36225 (A flaw was discovered in OpenLDAP before 2.4.57 leading to a double fr ...)
	{DSA-4845-1 DLA-2544-1}
	- openldap 2.4.57+dfsg-1
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/554dff1927176579d652f2fe60c90e9abbad4c65 (OPENLDAP_REL_ENG_2_4_57)
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/c0b61a9486508e5202aa2e0cfb68c9813731b439 (OPENLDAP_REL_ENG_2_4_57)
	NOTE: https://bugs.openldap.org/show_bug.cgi?id=9412
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/5a2017d4e61a6ddc4dcb4415028e0d08eb6bca26 (OPENLDAP_REL_ENG_2_4_57)
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/d169e7958a3e0dc70f59c8374bf8a59833b7bdd8 (OPENLDAP_REL_ENG_2_4_57)
	NOTE: CVE-2020-36224, CVE-2020-36225 and CVE-2020-36226 are related but differend ids
CVE-2020-36224 (A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid  ...)
	{DSA-4845-1 DLA-2544-1}
	- openldap 2.4.57+dfsg-1
	NOTE: https://bugs.openldap.org/show_bug.cgi?id=9409
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/554dff1927176579d652f2fe60c90e9abbad4c65 (OPENLDAP_REL_ENG_2_4_57)
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/c0b61a9486508e5202aa2e0cfb68c9813731b439 (OPENLDAP_REL_ENG_2_4_57)
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/5a2017d4e61a6ddc4dcb4415028e0d08eb6bca26 (OPENLDAP_REL_ENG_2_4_57)
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/d169e7958a3e0dc70f59c8374bf8a59833b7bdd8 (OPENLDAP_REL_ENG_2_4_57)
	NOTE: CVE-2020-36224, CVE-2020-36225 and CVE-2020-36226 are related but differend ids
CVE-2020-36223 (A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd cra ...)
	{DSA-4845-1 DLA-2544-1}
	- openldap 2.4.57+dfsg-1
	NOTE: https://bugs.openldap.org/show_bug.cgi?id=9408
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/21981053a1195ae1555e23df4d9ac68d34ede9dd (OPENLDAP_REL_ENG_2_4_57)
CVE-2020-36222 (A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertio ...)
	{DSA-4845-1 DLA-2544-1}
	- openldap 2.4.57+dfsg-1
	NOTE: https://bugs.openldap.org/show_bug.cgi?id=9406
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/6ed057b5b728b50746c869bcc9c1f85d0bbbf6ed (OPENLDAP_REL_ENG_2_4_57)
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/02dfc32d658fadc25e4040f78e36592f6e1e1ca0 (OPENLDAP_REL_ENG_2_4_57)
	NOTE: https://bugs.openldap.org/show_bug.cgi?id=9407
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/6ed057b5b728b50746c869bcc9c1f85d0bbbf6ed (OPENLDAP_REL_ENG_2_4_57)
CVE-2020-36221 (An integer underflow was discovered in OpenLDAP before 2.4.57 leading  ...)
	{DSA-4845-1 DLA-2544-1}
	- openldap 2.4.57+dfsg-1
	NOTE: https://bugs.openldap.org/show_bug.cgi?id=9404
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/38ac838e4150c626bbfa0082b7e2cf3a2bb4df31 (OPENLDAP_REL_ENG_2_4_57)
	NOTE: https://bugs.openldap.org/show_bug.cgi?id=9424
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/58c1748e81c843c5b6e61648d2a4d1d82b47e842 (OPENLDAP_REL_ENG_2_4_57)
CVE-2020-36220 (An issue was discovered in the va-ts crate before 0.0.4 for Rust. Beca ...)
	NOT-FOR-US: Rust crate va-ts
CVE-2020-36219 (An issue was discovered in the atomic-option crate through 2020-10-31  ...)
	NOT-FOR-US: Rust crate atomic-option
CVE-2020-36218 (An issue was discovered in the buttplug crate before 1.0.4 for Rust. B ...)
	NOT-FOR-US: Rust crate buttplug
CVE-2020-36217 (An issue was discovered in the may_queue crate through 2020-11-10 for  ...)
	NOT-FOR-US: Rust crate may_queue
CVE-2020-36216 (An issue was discovered in Input&lt;R&gt; in the eventio crate before  ...)
	NOT-FOR-US: Rust crate eventio
CVE-2020-36215 (An issue was discovered in the hashconsing crate before 1.1.0 for Rust ...)
	NOT-FOR-US: Rust crate hashconsing
CVE-2020-36214 (An issue was discovered in the multiqueue2 crate before 0.1.7 for Rust ...)
	NOT-FOR-US: Rust crate multiqueue2
CVE-2020-36213 (An issue was discovered in the abi_stable crate before 0.9.1 for Rust. ...)
	NOT-FOR-US: Rust crate abi_stable
CVE-2020-36212 (An issue was discovered in the abi_stable crate before 0.9.1 for Rust. ...)
	NOT-FOR-US: Rust crate abi_stable
CVE-2020-36211 (An issue was discovered in the gfwx crate before 0.3.0 for Rust. Becau ...)
	NOT-FOR-US: Rust crate gfwx
CVE-2020-36210 (An issue was discovered in the autorand crate before 0.2.3 for Rust. B ...)
	NOT-FOR-US: Rust crate autorand
CVE-2020-36209 (An issue was discovered in the late-static crate before 0.4.0 for Rust ...)
	NOT-FOR-US: Rust crate late-static
CVE-2020-36208 (An issue was discovered in the conquer-once crate before 0.3.2 for Rus ...)
	NOT-FOR-US: Rust crate conquer-once
CVE-2020-36207 (An issue was discovered in the aovec crate through 2020-12-10 for Rust ...)
	NOT-FOR-US: Rust crate aovec
CVE-2020-36206 (An issue was discovered in the rusb crate before 0.7.0 for Rust. Becau ...)
	NOT-FOR-US: Rust crate rusb
CVE-2020-36205 (An issue was discovered in the xcb crate through 2020-12-10 for Rust.  ...)
	- rust-xcb <unfixed>
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0097.html
CVE-2020-36204 (An issue was discovered in the im crate through 2020-11-09 for Rust. B ...)
	NOT-FOR-US: Rust crate im
CVE-2020-36203 (An issue was discovered in the reffers crate through 2020-12-01 for Ru ...)
	NOT-FOR-US: Rust crate reffers
CVE-2020-36202 (An issue was discovered in the async-h1 crate before 2.3.0 for Rust. R ...)
	NOT-FOR-US: Rust crate async-h1
CVE-2020-36201 (An issue was discovered in certain Xerox WorkCentre products. They do  ...)
	NOT-FOR-US: Xerox
CVE-2020-36200 (TinyCheck before commits 9fd360d and ea53de8 allowed an authenticated  ...)
	NOT-FOR-US: TinyCheck
CVE-2020-36199 (TinyCheck before commits 9fd360d and ea53de8 was vulnerable to command ...)
	NOT-FOR-US: TinyCheck
CVE-2020-36198 (A command injection vulnerability has been reported to affect certain  ...)
	NOT-FOR-US: QNAP
CVE-2020-36197 (An improper access control vulnerability has been reported to affect e ...)
	NOT-FOR-US: QNAP
CVE-2020-36196 (A stored XSS vulnerability has been reported to affect QNAP NAS runnin ...)
	NOT-FOR-US: QNAP
CVE-2020-36195 (An SQL injection vulnerability has been reported to affect QNAP NAS ru ...)
	NOT-FOR-US: QNAP
CVE-2020-36194 (An XSS vulnerability has been reported to affect QNAP NAS running QTS  ...)
	NOT-FOR-US: QNAP
CVE-2020-36192 (An issue was discovered in the Source Integration plugin before 2.4.1  ...)
	NOT-FOR-US: Source Integration plugin for MantisBT
CVE-2020-36191 (JupyterHub 1.1.0 allows CSRF in the admin panel via a request that lac ...)
	- jupyterhub <unfixed>
	NOTE: https://github.com/jupyterhub/jupyterhub/issues/3304
CVE-2020-36190 (RailsAdmin (aka rails_admin) before 1.4.3 and 2.x before 2.0.2 allows  ...)
	NOT-FOR-US: RailsAdmin
CVE-2020-36189 (FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interact ...)
	{DLA-2638-1}
	- jackson-databind 2.12.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u3
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2996
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
	NOTE: https://github.com/FasterXML/jackson-databind/commit/33d96c13fe18a2dad01b19ce195548c9acea9da4
CVE-2020-36188 (FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interact ...)
	{DLA-2638-1}
	- jackson-databind 2.12.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u3
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2996
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
	NOTE: https://github.com/FasterXML/jackson-databind/commit/33d96c13fe18a2dad01b19ce195548c9acea9da4
CVE-2020-36187 (FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interact ...)
	{DLA-2638-1}
	- jackson-databind 2.12.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u3
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2997
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
	NOTE: https://github.com/FasterXML/jackson-databind/commit/3e8fa3beea49ea62109df9e643c9cb678dabdde1
CVE-2020-36186 (FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interact ...)
	{DLA-2638-1}
	- jackson-databind 2.12.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u3
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2997
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
	NOTE: https://github.com/FasterXML/jackson-databind/commit/3e8fa3beea49ea62109df9e643c9cb678dabdde1
CVE-2020-36185 (FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interact ...)
	{DLA-2638-1}
	- jackson-databind 2.12.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u3
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2998
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
	NOTE: https://github.com/FasterXML/jackson-databind/commit/567194c53ae91f0a14dc27239afb739b1c10448a
CVE-2020-36184 (FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interact ...)
	{DLA-2638-1}
	- jackson-databind 2.12.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u3
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2998
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
	NOTE: https://github.com/FasterXML/jackson-databind/commit/567194c53ae91f0a14dc27239afb739b1c10448a
CVE-2020-36183 (FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interact ...)
	{DLA-2638-1}
	- jackson-databind 2.12.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u3
	NOTE: https://github.com/FasterXML/jackson-databind/issues/3003
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
	NOTE: https://github.com/FasterXML/jackson-databind/commit/1cddeaf9524e903d08a91fdd9f3dde46d2a68536
CVE-2020-36182 (FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interact ...)
	{DLA-2638-1}
	- jackson-databind 2.12.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u3
	NOTE: https://github.com/FasterXML/jackson-databind/issues/3004
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
	NOTE: https://github.com/FasterXML/jackson-databind/commit/3ded28aece694d0df39c9f0fa1ff385b14a8656b
CVE-2020-36181 (FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interact ...)
	{DLA-2638-1}
	- jackson-databind 2.12.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u3
	NOTE: https://github.com/FasterXML/jackson-databind/issues/3004
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
	NOTE: https://github.com/FasterXML/jackson-databind/commit/3ded28aece694d0df39c9f0fa1ff385b14a8656b
CVE-2020-36180 (FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interact ...)
	{DLA-2638-1}
	- jackson-databind 2.12.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u3
	NOTE: https://github.com/FasterXML/jackson-databind/issues/3004
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
	NOTE: https://github.com/FasterXML/jackson-databind/commit/3ded28aece694d0df39c9f0fa1ff385b14a8656b
CVE-2020-36179 (FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interact ...)
	{DLA-2638-1}
	- jackson-databind 2.12.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u3
	NOTE: https://github.com/FasterXML/jackson-databind/issues/3004
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
	NOTE: https://github.com/FasterXML/jackson-databind/commit/3ded28aece694d0df39c9f0fa1ff385b14a8656b
CVE-2020-36178 (oal_ipt_addBridgeIsolationRules on TP-Link TL-WR840N 6_EU_0.9.1_4.16 d ...)
	NOT-FOR-US: TP-Link
CVE-2020-36177 (RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-o ...)
	- wolfssl 4.6.0-1 (bug #979534)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26567
	NOTE: https://github.com/wolfSSL/wolfssl/commit/fb2288c46dd4c864b78f00a47a364b96a09a5c0f
	NOTE: https://github.com/wolfSSL/wolfssl/pull/3426
CVE-2020-36176 (The iThemes Security (formerly Better WP Security) plugin before 7.7.0 ...)
	NOT-FOR-US: iThemes Security (formerly Better WP Security) plugin for WordPress
CVE-2020-36175 (The Ninja Forms plugin before 3.4.27.1 for WordPress allows attackers  ...)
	NOT-FOR-US: Ninja Forms plugin for WordPress
CVE-2020-36174 (The Ninja Forms plugin before 3.4.27.1 for WordPress allows CSRF via s ...)
	NOT-FOR-US: Ninja Forms plugin for WordPress
CVE-2020-36173 (The Ninja Forms plugin before 3.4.28 for WordPress lacks escaping for  ...)
	NOT-FOR-US: Ninja Forms plugin for WordPress
CVE-2020-36172 (The Advanced Custom Fields plugin before 5.8.12 for WordPress mishandl ...)
	NOT-FOR-US: Advanced Custom Fields plugin for WordPress
CVE-2020-36171 (The Elementor Website Builder plugin before 3.0.14 for WordPress does  ...)
	NOT-FOR-US: Elementor Website Builder plugin for WordPress
CVE-2020-36170 (The Ultimate Member plugin before 2.1.13 for WordPress mishandles hidd ...)
	NOT-FOR-US: Ultimate Member plugin for WordPress
CVE-2020-36169 (An issue was discovered in Veritas NetBackup through 8.3.0.1 and OpsCe ...)
	NOT-FOR-US: Veritas
CVE-2020-36168 (An issue was discovered in Veritas Resiliency Platform 3.4 and 3.5. It ...)
	NOT-FOR-US: Veritas
CVE-2020-36167 (An issue was discovered in the server in Veritas Backup Exec through 1 ...)
	NOT-FOR-US: Veritas
CVE-2020-36166 (An issue was discovered in Veritas InfoScale 7.x through 7.4.2 on Wind ...)
	NOT-FOR-US: Veritas
CVE-2020-36165 (An issue was discovered in Veritas Desktop and Laptop Option (DLO) bef ...)
	NOT-FOR-US: Veritas
CVE-2020-36164 (An issue was discovered in Veritas Enterprise Vault through 14.0. On s ...)
	NOT-FOR-US: Veritas
CVE-2020-36163 (An issue was discovered in Veritas NetBackup and OpsCenter through 8.3 ...)
	NOT-FOR-US: Veritas
CVE-2020-36162 (An issue was discovered in Veritas CloudPoint before 8.3.0.1+hotfix. T ...)
	NOT-FOR-US: Veritas
CVE-2020-36161 (An issue was discovered in Veritas APTARE 10.4 before 10.4P9 and 10.5  ...)
	NOT-FOR-US: Veritas
CVE-2020-36160 (An issue was discovered in Veritas System Recovery before 21.2. On sta ...)
	NOT-FOR-US: Veritas
CVE-2020-36159 (Veritas Desktop and Laptop Option (DLO) before 9.5 disclosed operation ...)
	NOT-FOR-US: Veritas
CVE-2020-36158 (mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifie ...)
	{DSA-4843-1 DLA-2586-1 DLA-2557-1}
	- linux 5.10.5-1
	NOTE: https://git.kernel.org/linus/5c455c5ab332773464d02ba17015acdca198f03d (5.11-rc1)
CVE-2020-36157 (An issue was discovered in the Ultimate Member plugin before 2.1.12 fo ...)
	NOT-FOR-US: Ultimate Member plugin for WordPress
CVE-2020-36156 (An issue was discovered in the Ultimate Member plugin before 2.1.12 fo ...)
	NOT-FOR-US: Ultimate Member plugin for WordPress
CVE-2020-36155 (An issue was discovered in the Ultimate Member plugin before 2.1.12 fo ...)
	NOT-FOR-US: Ultimate Member plugin for WordPress
CVE-2020-36154 (The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full ...)
	NOT-FOR-US: Pearson VUE VTS Installer
CVE-2020-36153
	RESERVED
CVE-2020-36152 (Buffer overflow in readDataVar in hdf/dataobject.c in Symonics libmyso ...)
	- libmysofa 1.2~dfsg0-1
	[buster] - libmysofa <no-dsa> (Minor issue)
	NOTE: https://github.com/hoene/libmysofa/issues/136
	NOTE: https://github.com/hoene/libmysofa/pull/146
CVE-2020-36151 (Incorrect handling of input data in mysofa_resampler_reset_mem functio ...)
	- libmysofa 1.2~dfsg0-1
	[buster] - libmysofa <no-dsa> (Minor issue)
	NOTE: https://github.com/hoene/libmysofa/issues/134
	NOTE: https://github.com/hoene/libmysofa/pull/146
CVE-2020-36150 (Incorrect handling of input data in loudness function in the libmysofa ...)
	- libmysofa 1.2~dfsg0-1
	[buster] - libmysofa <no-dsa> (Minor issue)
	NOTE: https://github.com/hoene/libmysofa/issues/135
	NOTE: https://github.com/hoene/libmysofa/pull/146
CVE-2020-36149 (Incorrect handling of input data in changeAttribute function in the li ...)
	- libmysofa 1.2~dfsg0-1
	[buster] - libmysofa <no-dsa> (Minor issue)
	NOTE: https://github.com/hoene/libmysofa/issues/137
	NOTE: https://github.com/hoene/libmysofa/pull/146
CVE-2020-36148 (Incorrect handling of input data in verifyAttribute function in the li ...)
	- libmysofa 1.2~dfsg0-1
	[buster] - libmysofa <no-dsa> (Minor issue)
	NOTE: https://github.com/hoene/libmysofa/issues/138
	NOTE: https://github.com/hoene/libmysofa/pull/145
CVE-2020-36147
	RESERVED
CVE-2020-36146
	RESERVED
CVE-2020-36145
	RESERVED
CVE-2020-36144 (Redash 8.0.0 is affected by LDAP Injection. There is an information le ...)
	NOT-FOR-US: Redash
CVE-2020-36143
	RESERVED
CVE-2020-36142 (BloofoxCMS 0.5.2.1 allows Directory traversal vulnerability by inserti ...)
	NOT-FOR-US: BloofoxCMS
CVE-2020-36141 (BloofoxCMS 0.5.2.1 allows Unrestricted File Upload vulnerability via b ...)
	NOT-FOR-US: BloofoxCMS
CVE-2020-36140 (BloofoxCMS 0.5.2.1 allows Cross-Site Request Forgery (CSRF) via 'mode= ...)
	NOT-FOR-US: BloofoxCMS
CVE-2020-36139 (BloofoxCMS 0.5.2.1 allows Reflected Cross-Site Scripting (XSS) vulnera ...)
	NOT-FOR-US: BloofoxCMS
CVE-2020-36138
	RESERVED
CVE-2020-36137
	RESERVED
CVE-2020-36136
	RESERVED
CVE-2020-36135 (AOM v2.0.1 was discovered to contain a NULL pointer dereference via th ...)
	- aom 3.2.0-1
	[bullseye] - aom <no-dsa> (Minor issue)
	[buster] - aom <no-dsa> (Minor issue)
	NOTE: https://aomedia.googlesource.com/aom/+/94bcbfe76b0fd5b8ac03645082dc23a88730c949 (v2.1.0-rc1)
	NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2910&q=&can=1
	NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2911
CVE-2020-36134 (AOM v2.0.1 was discovered to contain a segmentation violation via the  ...)
	- aom <not-affected> (Vulnerable code never in a Debian released version)
	NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2914
	NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2940
	NOTE: Introduced by: https://aomedia.googlesource.com/aom/+/4567c355bf55a7430819e9d30df259bcb83cfe0d (v2.1.0-rc1)
	NOTE: Fixed by: https://aomedia.googlesource.com/aom/+/5a1b33b710050b69557d26cf53d4943325481beb (v2.1.0-rc1)
CVE-2020-36133 (AOM v2.0.1 was discovered to contain a global buffer overflow via the  ...)
	- aom 3.2.0-1
	[bullseye] - aom <no-dsa> (Minor issue)
	[buster] - aom <no-dsa> (Minor issue)
	NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2913&q=&can=1
	NOTE: https://aomedia.googlesource.com/aom/+/5c9bc4181071684d157fc47c736acf6c69a85d85 (v3.2.0-rc1)
CVE-2020-36132
	RESERVED
CVE-2020-36131 (AOM v2.0.1 was discovered to contain a stack buffer overflow via the c ...)
	- aom 3.2.0-1
	[bullseye] - aom <no-dsa> (Minor issue)
	[buster] - aom <no-dsa> (Minor issue)
	NOTE: https://aomedia.googlesource.com/aom/+/94bcbfe76b0fd5b8ac03645082dc23a88730c949 (v2.1.0-rc1)
	NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2911&q=&can=1
CVE-2020-36130 (AOM v2.0.1 was discovered to contain a NULL pointer dereference via th ...)
	- aom 3.2.0-1
	[bullseye] - aom <no-dsa> (Minor issue)
	[buster] - aom <no-dsa> (Minor issue)
	NOTE: https://aomedia.googlesource.com/aom/+/be4ee75fd762d361d0679cc892e4c74af8140093%5E%21/#F0 (v2.1.0-rc1)
	NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2905&q=&can=1
CVE-2020-36129 (AOM v2.0.1 was discovered to contain a stack buffer overflow via the c ...)
	- aom 3.2.0-1
	[bullseye] - aom <not-affected> (Vulnerable code introduced later)
	[buster] - aom <not-affected> (Vulnerable code introduced later)
	NOTE: https://aomedia.googlesource.com/aom/+/7a20d10027fd91fbe11e38182a1d45238e102c4a%5E%21/#F0 (v3.2.0-rc1)
	NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2912&q=&can=1
CVE-2020-36128 (Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by ...)
	NOT-FOR-US: Pax Technology PAXSTORE
CVE-2020-36127 (Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by ...)
	NOT-FOR-US: Pax Technology PAXSTORE
CVE-2020-36126 (Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by ...)
	NOT-FOR-US: Pax Technology PAXSTORE
CVE-2020-36125 (Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by ...)
	NOT-FOR-US: Pax Technology PAXSTORE
CVE-2020-36124 (Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by ...)
	NOT-FOR-US: Pax Technology PAXSTORE
CVE-2020-36123
	RESERVED
CVE-2020-36122
	RESERVED
CVE-2020-36121
	RESERVED
CVE-2020-36120 (Buffer Overflow in the "sixel_encoder_encode_bytes" function of Libsix ...)
	- libsixel <unfixed> (bug #988159)
	[bullseye] - libsixel <no-dsa> (Minor issue)
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <postponed> (Minor issue; can be fixed in next update)
	NOTE: https://github.com/saitoha/libsixel/issues/143
CVE-2020-36119
	RESERVED
CVE-2020-36118
	RESERVED
CVE-2020-36117
	RESERVED
CVE-2020-36116
	RESERVED
CVE-2020-36115 (Stored Cross Site Scripting (XSS) vulnerability in EGavilan Media CRUD ...)
	NOT-FOR-US: EGavilan
CVE-2020-36114
	RESERVED
CVE-2020-36113
	RESERVED
CVE-2020-36112 (CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-b ...)
	NOT-FOR-US: CSE Bookstore
CVE-2020-36111
	RESERVED
CVE-2020-36110
	RESERVED
CVE-2020-36109 (ASUS RT-AX86U router firmware below version under 9.0.0.4_386 has a bu ...)
	NOT-FOR-US: ASUS RT-AX86U router firmware
CVE-2020-36108
	RESERVED
CVE-2020-36107
	RESERVED
CVE-2020-36106
	RESERVED
CVE-2020-36105
	RESERVED
CVE-2020-36104
	RESERVED
CVE-2020-36103
	RESERVED
CVE-2020-36102
	RESERVED
CVE-2020-36101
	RESERVED
CVE-2020-36100
	RESERVED
CVE-2020-36099
	RESERVED
CVE-2020-36098
	RESERVED
CVE-2020-36097
	RESERVED
CVE-2020-36096
	RESERVED
CVE-2020-36095
	RESERVED
CVE-2020-36094
	RESERVED
CVE-2020-36093
	RESERVED
CVE-2020-36092
	RESERVED
CVE-2020-36091
	RESERVED
CVE-2020-36090
	RESERVED
CVE-2020-36089
	RESERVED
CVE-2020-36088
	RESERVED
CVE-2020-36087
	RESERVED
CVE-2020-36086
	RESERVED
CVE-2020-36085
	RESERVED
CVE-2020-36084
	RESERVED
CVE-2020-36083
	RESERVED
CVE-2020-36082
	RESERVED
CVE-2020-36081
	RESERVED
CVE-2020-36080
	RESERVED
CVE-2020-36079 (** DISPUTED ** Zenphoto through 1.5.7 is affected by authenticated arb ...)
	NOT-FOR-US: Zenphoto
CVE-2020-36078
	RESERVED
CVE-2020-36077
	RESERVED
CVE-2020-36076
	RESERVED
CVE-2020-36075
	RESERVED
CVE-2020-36074
	RESERVED
CVE-2020-36073
	RESERVED
CVE-2020-36072
	RESERVED
CVE-2020-36071
	RESERVED
CVE-2020-36070
	RESERVED
CVE-2020-36069
	RESERVED
CVE-2020-36068
	RESERVED
CVE-2020-36067 (GJSON &lt;=v1.6.5 allows attackers to cause a denial of service (panic ...)
	- golang-github-tidwall-gjson 1.6.7-1
	[buster] - golang-github-tidwall-gjson <no-dsa> (Minor issue)
	NOTE: https://github.com/tidwall/gjson/issues/196
	NOTE: https://github.com/tidwall/gjson/commit/bf4efcb3c18d1825b2988603dea5909140a5302b
CVE-2020-36066 (GJSON &lt;1.6.5 allows attackers to cause a denial of service (remote) ...)
	- golang-github-tidwall-gjson 1.6.7-1
	[buster] - golang-github-tidwall-gjson <no-dsa> (Minor issue)
	NOTE: https://github.com/tidwall/gjson/issues/195
	NOTE: https://github.com/tidwall/match/commit/c2f534168b739a7ec1821a33839fb2f029f26bbc
	NOTE: fix in golang-github-tidwall-gjson is dependency on golang-github-tidwall-match v1.0.3
CVE-2020-36065
	RESERVED
CVE-2020-36064 (Online Course Registration v1.0 was discovered to contain hardcoded cr ...)
	NOT-FOR-US: Online Course Registration
CVE-2020-36063
	RESERVED
CVE-2020-36062 (Dairy Farm Shop Management System v1.0 was discovered to contain hardc ...)
	NOT-FOR-US: PHPGurukul Dairy Farm Shop Management System
CVE-2020-36061
	RESERVED
CVE-2020-36060
	RESERVED
CVE-2020-36059
	RESERVED
CVE-2020-36058
	RESERVED
CVE-2020-36057
	RESERVED
CVE-2020-36056 (Beetel 777VR1-DI Hardware Version REV.1.01 Firmware Version V01.00.09_ ...)
	NOT-FOR-US: Beetel
CVE-2020-36055
	RESERVED
CVE-2020-36054
	RESERVED
CVE-2020-36053
	RESERVED
CVE-2020-36052 (Directory traversal vulnerability in post-edit.php in MiniCMS V1.10 al ...)
	NOT-FOR-US: MiniCMS
CVE-2020-36051 (Directory traversal vulnerability in page_edit.php in MiniCMS V1.10 al ...)
	NOT-FOR-US: MiniCMS
CVE-2020-36050
	RESERVED
CVE-2020-36049 (socket.io-parser before 3.4.1 allows attackers to cause a denial of se ...)
	- node-socket.io-parser 3.4.1-1
	[buster] - node-socket.io-parser <no-dsa> (Minor issue)
	NOTE: https://blog.caller.xyz/socketio-engineio-dos/
	NOTE: https://github.com/socketio/socket.io-parser/commit/dcb942d24db97162ad16a67c2a0cf30875342d55
CVE-2020-36048 (Engine.IO before 4.0.0 allows attackers to cause a denial of service ( ...)
	NOT-FOR-US: Engine.IO
CVE-2020-36047
	RESERVED
CVE-2020-36046
	RESERVED
CVE-2020-36045
	RESERVED
CVE-2020-36044
	RESERVED
CVE-2020-36043
	RESERVED
CVE-2020-36042
	RESERVED
CVE-2020-36041
	RESERVED
CVE-2020-36040
	RESERVED
CVE-2020-36039
	RESERVED
CVE-2020-36038
	RESERVED
CVE-2020-36037
	RESERVED
CVE-2020-36036
	RESERVED
CVE-2020-36035
	RESERVED
CVE-2020-36034
	RESERVED
CVE-2020-36033 (SQL injection vulnerability in SourceCodester Water Billing System 1.0 ...)
	NOT-FOR-US: SourceCodester
CVE-2020-36032
	RESERVED
CVE-2020-36031
	RESERVED
CVE-2020-36030
	RESERVED
CVE-2020-36029
	RESERVED
CVE-2020-36028
	RESERVED
CVE-2020-36027
	RESERVED
CVE-2020-36026
	RESERVED
CVE-2020-36025
	RESERVED
CVE-2020-36024
	RESERVED
CVE-2020-36023
	RESERVED
CVE-2020-36022
	RESERVED
CVE-2020-36021
	RESERVED
CVE-2020-36020
	RESERVED
CVE-2020-36019
	RESERVED
CVE-2020-36018
	RESERVED
CVE-2020-36017
	RESERVED
CVE-2020-36016
	RESERVED
CVE-2020-36015
	RESERVED
CVE-2020-36014
	RESERVED
CVE-2020-36013
	RESERVED
CVE-2020-36012 (Stored XSS vulnerability in BDTASK Multi-Store Inventory Management Sy ...)
	NOT-FOR-US: BDTASK Multi-Store Inventory Management System
CVE-2020-36011 (A cross-site scripting (XSS) issue in Add Patient Form in QDOCS Smart  ...)
	NOT-FOR-US: QDOCS Smart Hospital Management System
CVE-2020-36010
	RESERVED
CVE-2020-36009 (OBottle 2.0 in \c\g.php contains an arbitrary file download vulnerabil ...)
	NOT-FOR-US: OBottle
CVE-2020-36008 (OBottle 2.0 in \c\t.php contains an arbitrary file write vulnerability ...)
	NOT-FOR-US: OBottle
CVE-2020-36007 (AppCMS 2.0.101 in /admin/template/tpl_app.php has a cross site scripti ...)
	NOT-FOR-US: AppCMS
CVE-2020-36006 (AppCMS 2.0.101 in /admin/info.php has an arbitrary file deletion vulne ...)
	NOT-FOR-US: AppCMS
CVE-2020-36005 (AppCMS 2.0.101 in /admin/app.php has an arbitrary file deletion vulner ...)
	NOT-FOR-US: AppCMS
CVE-2020-36004 (AppCMS 2.0.101 in /admin/download_frame.php has a SQL injection vulner ...)
	NOT-FOR-US: AppCMS
CVE-2020-36003 (The id parameter in detail.php of Online Book Store v1.0 is vulnerable ...)
	NOT-FOR-US: Online Book Store
CVE-2020-36002 (Seat-Reservation-System 1.0 has a SQL injection vulnerability in index ...)
	NOT-FOR-US: Seat-Reservation-System
CVE-2020-36001
	RESERVED
CVE-2020-36000
	RESERVED
CVE-2020-35999
	RESERVED
CVE-2020-35998
	RESERVED
CVE-2020-35997
	RESERVED
CVE-2020-35996
	RESERVED
CVE-2020-35995
	RESERVED
CVE-2020-35994
	RESERVED
CVE-2020-35993
	RESERVED
CVE-2020-35992
	RESERVED
CVE-2020-35991
	RESERVED
CVE-2020-35990
	RESERVED
CVE-2020-35989
	RESERVED
CVE-2020-35988
	RESERVED
CVE-2020-35987 (A stored cross site scripting (XSS) vulnerability in the 'Entities Lis ...)
	NOT-FOR-US: Rukovoditel
CVE-2020-35986 (A stored cross site scripting (XSS) vulnerability in the 'Users Access ...)
	NOT-FOR-US: Rukovoditel
CVE-2020-35985 (A stored cross site scripting (XSS) vulnerability in the 'Global Lists ...)
	NOT-FOR-US: Rukovoditel
CVE-2020-35984 (A stored cross site scripting (XSS) vulnerability in the 'Users Alerts ...)
	NOT-FOR-US: Rukovoditel
CVE-2020-35983
	RESERVED
CVE-2020-35982 (An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an i ...)
	- gpac 1.0.1+dfsg1-4 (bug #987374)
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	NOTE: https://github.com/gpac/gpac/commit/a4eb327049132359cae54b59faec9e2f14c5a619
	NOTE: https://github.com/gpac/gpac/issues/1660
CVE-2020-35981 (An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an i ...)
	- gpac 1.0.1+dfsg1-4 (bug #987374)
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	- ccextractor 0.93+ds2-1 (bug #994746)
	[bullseye] - ccextractor <no-dsa> (Minor issue)
	[buster] - ccextractor <no-dsa> (Minor issue)
	NOTE: https://github.com/gpac/gpac/commit/dae9900580a8888969481cd72035408091edb11b
	NOTE: https://github.com/gpac/gpac/issues/1659
CVE-2020-35980 (An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is a us ...)
	- gpac <unfixed> (bug #987374; bug #990691)
	[bullseye] - gpac <no-dsa> (Minor issue)
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	- ccextractor 0.93+ds2-1 (bug #994746)
	[bullseye] - ccextractor <not-affected> (Vulnerable code introduced later)
	[buster] - ccextractor <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/gpac/gpac/commit/5aba27604d957e960d8069d85ccaf868f8a7b07a
	NOTE: https://github.com/gpac/gpac/issues/1661
CVE-2020-35979 (An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is heap ...)
	- gpac 1.0.1+dfsg1-4 (bug #987374)
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	NOTE: https://github.com/gpac/gpac/commit/b15020f54aff24aaeb64b80771472be8e64a7adc
	NOTE: https://github.com/gpac/gpac/issues/1662
CVE-2020-35978
	RESERVED
CVE-2020-35977
	RESERVED
CVE-2020-35976
	RESERVED
CVE-2020-35975
	RESERVED
CVE-2020-35974
	RESERVED
CVE-2020-35973 (An issue was discovered in zzcms2020. There is a XSS vulnerability tha ...)
	NOT-FOR-US: zzcms
CVE-2020-35972 (An issue was discovered in YzmCMS V5.8. There is a CSRF vulnerability  ...)
	NOT-FOR-US: YzmCMS
CVE-2020-35971 (A storage XSS vulnerability is found in YzmCMS v5.8, which can be used ...)
	NOT-FOR-US: YzmCMS
CVE-2020-35970 (An issue was discovered in YzmCMS 5.8. There is a SSRF vulnerability i ...)
	NOT-FOR-US: YzmCMS
CVE-2020-35969
	RESERVED
CVE-2020-35968
	RESERVED
CVE-2020-35967
	RESERVED
CVE-2020-35966
	RESERVED
CVE-2020-35965 (decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds  ...)
	{DSA-4990-1 DLA-2537-1}
	- ffmpeg 7:4.3.1-6 (bug #979999)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26532
	NOTE: https://github.com/FFmpeg/FFmpeg/commit/3e5959b3457f7f1856d997261e6ac672bba49e8b
	NOTE: https://github.com/FFmpeg/FFmpeg/commit/b0a8b40294ea212c1938348ff112ef1b9bf16bb3
CVE-2020-35964 (track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-bo ...)
	- ffmpeg 7:4.3.1-6 (bug #980000)
	[buster] - ffmpeg <not-affected> (Vulnerable code not present)
	[stretch] - ffmpeg <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/FFmpeg/FFmpeg/commit/27a99e2c7d450fef15594671eef4465c8a166bd7
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26622
CVE-2020-35963 (flb_gzip_compress in flb_gzip.c in Fluent Bit before 1.6.4 has an out- ...)
	NOT-FOR-US: Fluent Bit
CVE-2020-35962 (The sellTokenForLRC function in the vault protocol in the smart contra ...)
	NOT-FOR-US: Loopring (LRC) Ethereum token
CVE-2020-35961
	RESERVED
CVE-2020-35960
	RESERVED
CVE-2020-35959
	RESERVED
CVE-2020-35958
	RESERVED
CVE-2020-35957
	RESERVED
CVE-2020-35956
	RESERVED
CVE-2020-35955
	RESERVED
CVE-2020-35954
	RESERVED
CVE-2020-35953
	RESERVED
CVE-2020-35952 (login.php in PHPFusion (aka PHP-Fusion) Andromeda 9.x before 2020-12-3 ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-35951 (An issue was discovered in the Quiz and Survey Master plugin before 7. ...)
	NOT-FOR-US: Quiz and Survey Master plugin for WordPress
CVE-2020-35950 (An issue was discovered in the XCloner Backup and Restore plugin befor ...)
	NOT-FOR-US: XCloner Backup and Restore plugin for WordPress
CVE-2020-35949 (An issue was discovered in the Quiz and Survey Master plugin before 7. ...)
	NOT-FOR-US: Quiz and Survey Master plugin for WordPress
CVE-2020-35948 (An issue was discovered in the XCloner Backup and Restore plugin befor ...)
	NOT-FOR-US: XCloner Backup and Restore plugin for WordPress
CVE-2020-35947 (An issue was discovered in the PageLayer plugin before 1.1.2 for WordP ...)
	NOT-FOR-US: PageLayer plugin for WordPress
CVE-2020-35946 (An issue was discovered in the All in One SEO Pack plugin before 3.6.2 ...)
	NOT-FOR-US: All in One SEO Pack plugin for WordPress
CVE-2020-35945 (An issue was discovered in the Divi Builder plugin, Divi theme, and Di ...)
	NOT-FOR-US: Divi Builder plugin, Divi theme, and Divi Extra theme for WordPress
CVE-2020-35944 (An issue was discovered in the PageLayer plugin before 1.1.2 for WordP ...)
	NOT-FOR-US: PageLayer plugin for WordPress
CVE-2020-35943 (A Cross-Site Request Forgery (CSRF) issue in the NextGEN Gallery plugi ...)
	NOT-FOR-US: NextGEN Gallery plugin for WordPress
CVE-2020-35942 (A Cross-Site Request Forgery (CSRF) issue in the NextGEN Gallery plugi ...)
	NOT-FOR-US: NextGEN Gallery plugin for WordPress
CVE-2020-35941
	RESERVED
CVE-2020-35940
	RESERVED
CVE-2020-35939 (PHP Object injection vulnerabilities in the Team Showcase plugin befor ...)
	NOT-FOR-US: Team Showcase plugin for WordPress
CVE-2020-35938 (PHP Object injection vulnerabilities in the Post Grid plugin before 2. ...)
	NOT-FOR-US: Post Grid plugin for WordPress
CVE-2020-35937 (Stored Cross-Site Scripting (XSS) vulnerabilities in the Team Showcase ...)
	NOT-FOR-US: Team Showcase plugin for WordPress
CVE-2020-35936 (Stored Cross-Site Scripting (XSS) vulnerabilities in the Post Grid plu ...)
	NOT-FOR-US: Post Grid plugin for WordPress
CVE-2020-35935 (The Advanced Access Manager plugin before 6.6.2 for WordPress allows p ...)
	NOT-FOR-US: Advanced Access Manager plugin for WordPress
CVE-2020-35934 (The Advanced Access Manager plugin before 6.6.2 for WordPress displays ...)
	NOT-FOR-US: Advanced Access Manager plugin for WordPress
CVE-2020-35933 (A Reflected Authenticated Cross-Site Scripting (XSS) vulnerability in  ...)
	NOT-FOR-US: Newsletter plugin for WordPress
CVE-2020-35932 (Insecure Deserialization in the Newsletter plugin before 6.8.2 for Wor ...)
	NOT-FOR-US: Newsletter plugin for WordPress
CVE-2020-35931 (An issue was discovered in Foxit Reader before 10.1.1 (and before 4.1. ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-35930 (Seo Panel 4.8.0 allows stored XSS by an Authenticated User via the url ...)
	NOT-FOR-US: Seo Panel
CVE-2020-35929 (In TinyCheck before commits 9fd360d and ea53de8, the installation scri ...)
	NOT-FOR-US: TinyCheck
CVE-2020-35928 (An issue was discovered in the concread crate before 0.2.6 for Rust. A ...)
	NOT-FOR-US: concread rust crate
CVE-2020-35927 (An issue was discovered in the thex crate through 2020-12-08 for Rust. ...)
	NOT-FOR-US: thex rust crate
CVE-2020-35926 (An issue was discovered in the nanorand crate before 0.5.1 for Rust. I ...)
	NOT-FOR-US: nanorand rust crate
CVE-2020-35925 (An issue was discovered in the magnetic crate before 2.0.1 for Rust. M ...)
	NOT-FOR-US: magnetic rust crate
CVE-2020-35924 (An issue was discovered in the try-mutex crate before 0.3.0 for Rust.  ...)
	NOT-FOR-US: try-mutex rust crate
CVE-2020-35923 (An issue was discovered in the ordered-float crate before 1.1.1 and 2. ...)
	NOT-FOR-US: ordered-float rust crate
CVE-2020-35922 (An issue was discovered in the mio crate before 0.7.6 for Rust. It has ...)
	- rust-mio <not-affected> (Vulnerable code introduced later)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0081.html
	NOTE: https://github.com/tokio-rs/mio/issues/1386
CVE-2020-35920 (An issue was discovered in the socket2 crate before 0.3.16 for Rust. I ...)
	- rust-socket2 0.3.19-1
	[buster] - rust-socket2 <no-dsa> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0079.html
	NOTE: https://github.com/rust-lang/socket2-rs/issues/119
CVE-2020-35918 (An issue was discovered in the branca crate before 0.10.0 for Rust. De ...)
	NOT-FOR-US: branca rust crate
CVE-2020-35917 (An issue was discovered in the pyo3 crate before 0.12.4 for Rust. Ther ...)
	NOT-FOR-US: pyo3 rust crate
CVE-2020-35915 (An issue was discovered in the futures-intrusive crate before 0.4.0 fo ...)
	NOT-FOR-US: futures-intrusive rust crate
CVE-2020-35909 (An issue was discovered in the multihash crate before 0.11.3 for Rust. ...)
	NOT-FOR-US: multihash rust crate
CVE-2020-35908 (An issue was discovered in the futures-util crate before 0.3.2 for Rus ...)
	NOT-FOR-US: futures-util rust crate
CVE-2020-35907 (An issue was discovered in the futures-task crate before 0.3.5 for Rus ...)
	- rust-futures-task <not-affected> (Fixed before the initial upload to Debian)
	NOTE: https://github.com/rust-lang/futures-rs/issues/2091
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0061.html
CVE-2020-35906 (An issue was discovered in the futures-task crate before 0.3.6 for Rus ...)
	- rust-futures-task <not-affected> (Fixed before the initial upload to Debian)
	NOTE: https://github.com/rust-lang/futures-rs/pull/2206
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0060.html
CVE-2020-35905 (An issue was discovered in the futures-util crate before 0.3.7 for Rus ...)
	NOT-FOR-US: futures-util rust crate
CVE-2020-35904 (An issue was discovered in the crossbeam-channel crate before 0.4.4 fo ...)
	- rust-crossbeam-channel 0.4.4-1
	[buster] - rust-crossbeam-channel <no-dsa> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0052.html
	NOTE: https://github.com/crossbeam-rs/crossbeam/pull/533
CVE-2020-35903 (An issue was discovered in the dync crate before 0.5.0 for Rust. VecCo ...)
	NOT-FOR-US: dync rust create
CVE-2020-35902 (An issue was discovered in the actix-codec crate before 0.3.0-beta.1 f ...)
	NOT-FOR-US: actix-codec rust crate
CVE-2020-35901 (An issue was discovered in the actix-http crate before 2.0.0-alpha.1 f ...)
	NOT-FOR-US: actix-http rust crate
CVE-2020-35900 (An issue was discovered in the array-queue crate through 2020-09-26 fo ...)
	NOT-FOR-US: array-queue rust crate
CVE-2020-35899 (An issue was discovered in the actix-service crate before 1.0.6 for Ru ...)
	NOT-FOR-US: actix-service rust crate
CVE-2020-35898 (An issue was discovered in the actix-utils crate before 2.0.0 for Rust ...)
	NOT-FOR-US: actix-utils rust crate
CVE-2020-35897 (An issue was discovered in the atom crate before 0.3.6 for Rust. An un ...)
	NOT-FOR-US: atom rust crate
CVE-2020-35896 (An issue was discovered in the ws crate through 2020-09-25 for Rust. T ...)
	NOT-FOR-US: ws rust crate
CVE-2020-35895 (An issue was discovered in the stack crate before 0.3.1 for Rust. Arra ...)
	NOT-FOR-US: stack rust crate
CVE-2020-35894 (An issue was discovered in the obstack crate before 0.1.4 for Rust. Un ...)
	NOT-FOR-US: obstack rust crate
CVE-2020-35893 (An issue was discovered in the simple-slab crate before 0.3.3 for Rust ...)
	NOT-FOR-US: simple-slab rust crate
CVE-2020-35892 (An issue was discovered in the simple-slab crate before 0.3.3 for Rust ...)
	NOT-FOR-US: simple-slab rust crate
CVE-2020-35891 (An issue was discovered in the ordnung crate through 2020-09-03 for Ru ...)
	NOT-FOR-US: ordnung rust crate
CVE-2020-35890 (An issue was discovered in the ordnung crate through 2020-09-03 for Ru ...)
	NOT-FOR-US: ordnung rust crate
CVE-2020-35889 (An issue was discovered in the crayon crate through 2020-08-31 for Rus ...)
	NOT-FOR-US: crayon rust crate
CVE-2020-35888 (An issue was discovered in the arr crate through 2020-08-25 for Rust.  ...)
	NOT-FOR-US: arr rust crate
CVE-2020-35887 (An issue was discovered in the arr crate through 2020-08-25 for Rust.  ...)
	NOT-FOR-US: arr rust crate
CVE-2020-35886 (An issue was discovered in the arr crate through 2020-08-25 for Rust.  ...)
	NOT-FOR-US: arr rust crate
CVE-2020-35885 (An issue was discovered in the alpm-rs crate through 2020-08-20 for Ru ...)
	NOT-FOR-US: alpm-rs rust crate
CVE-2020-35884 (An issue was discovered in the tiny_http crate through 2020-06-16 for  ...)
	NOT-FOR-US: tiny_http rust crate
CVE-2020-35883 (An issue was discovered in the mozwire crate through 2020-08-18 for Ru ...)
	NOT-FOR-US: mozwire rust crate
CVE-2020-35882 (An issue was discovered in the rocket crate before 0.4.5 for Rust. Loc ...)
	NOT-FOR-US: rocket rust crate
CVE-2020-35881 (An issue was discovered in the traitobject crate through 2020-06-01 fo ...)
	NOT-FOR-US: traitobject rust crate
CVE-2020-35880 (An issue was discovered in the bigint crate through 2020-05-07 for Rus ...)
	NOT-FOR-US: bigint rust create (different from rust-num-bigint)
CVE-2020-35879 (An issue was discovered in the rulinalg crate through 2020-02-11 for R ...)
	NOT-FOR-US: rulinalg rust crate
CVE-2020-35878 (An issue was discovered in the ozone crate through 2020-07-04 for Rust ...)
	NOT-FOR-US: ozone rust crate
CVE-2020-35877 (An issue was discovered in the ozone crate through 2020-07-04 for Rust ...)
	NOT-FOR-US: ozone rust crate
CVE-2020-35876 (An issue was discovered in the rio crate through 2020-05-11 for Rust.  ...)
	NOT-FOR-US: rio rust crate
CVE-2020-35875 (An issue was discovered in the tokio-rustls crate before 0.13.1 for Ru ...)
	NOT-FOR-US: Rust crate tokio-rustls
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0019.html
CVE-2020-35874 (An issue was discovered in the internment crate through 2020-05-28 for ...)
	NOT-FOR-US: internment rust crate
CVE-2020-35873 (An issue was discovered in the rusqlite crate before 0.23.0 for Rust.  ...)
	NOT-FOR-US: rusqlite rust crate
CVE-2020-35872 (An issue was discovered in the rusqlite crate before 0.23.0 for Rust.  ...)
	NOT-FOR-US: rusqlite rust crate
CVE-2020-35871 (An issue was discovered in the rusqlite crate before 0.23.0 for Rust.  ...)
	NOT-FOR-US: rusqlite rust crate
CVE-2020-35870 (An issue was discovered in the rusqlite crate before 0.23.0 for Rust.  ...)
	NOT-FOR-US: rusqlite rust crate
CVE-2020-35869 (An issue was discovered in the rusqlite crate before 0.23.0 for Rust.  ...)
	NOT-FOR-US: rusqlite rust crate
CVE-2020-35868 (An issue was discovered in the rusqlite crate before 0.23.0 for Rust.  ...)
	NOT-FOR-US: rusqlite rust crate
CVE-2020-35867 (An issue was discovered in the rusqlite crate before 0.23.0 for Rust.  ...)
	NOT-FOR-US: rusqlite rust crate
CVE-2020-35866 (An issue was discovered in the rusqlite crate before 0.23.0 for Rust.  ...)
	NOT-FOR-US: rusqlite rust crate
CVE-2020-35865 (An issue was discovered in the os_str_bytes crate before 2.0.0 for Rus ...)
	NOT-FOR-US: Rust os_str_bytes
CVE-2020-35864 (An issue was discovered in the flatbuffers crate through 2020-04-11 fo ...)
	NOT-FOR-US: flatbuffers rust crate
CVE-2020-35863 (An issue was discovered in the hyper crate before 0.12.34 for Rust. HT ...)
	- rust-hyper 0.12.35-1
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0008.html
	NOTE: https://github.com/hyperium/hyper/issues/1925
CVE-2020-35862 (An issue was discovered in the bitvec crate before 0.17.4 for Rust. Bi ...)
	NOT-FOR-US: bitvec rust crate
CVE-2020-35860 (An issue was discovered in the cbox crate through 2020-03-19 for Rust. ...)
	NOT-FOR-US: cbox rust crate
CVE-2020-35859 (An issue was discovered in the lucet-runtime-internals crate before 0. ...)
	NOT-FOR-US: lucet-runtime-internals rust crate
CVE-2020-35858 (An issue was discovered in the prost crate before 0.6.1 for Rust. Ther ...)
	NOT-FOR-US: prost rust crate
CVE-2020-35857 (An issue was discovered in the trust-dns-server crate before 0.18.1 fo ...)
	NOT-FOR-US: Rust trust-dns-server
CVE-2020-35856 (SolarWinds Orion Platform before 2020.2.5 allows stored XSS attacks by ...)
	NOT-FOR-US: SolarWinds
CVE-2020-35855
	RESERVED
CVE-2020-35854 (Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Bod ...)
	NOT-FOR-US: Textpattern CMS
CVE-2020-35853 (4images Image Gallery Management System 1.7.11 is affected by cross-si ...)
	NOT-FOR-US: 4images Image Gallery Management System
CVE-2020-35852 (Chatbox is affected by cross-site scripting (XSS). An attacker has to  ...)
	NOT-FOR-US: Chatbox
CVE-2020-35851 (HGiga MailSherlock does not validate specific parameters properly. Att ...)
	NOT-FOR-US: HGiga MailSherlock
CVE-2020-35850 (** DISPUTED ** An SSRF issue was discovered in cockpit-project.org Coc ...)
	NOTE: Bug disputed by upstream
	NOTE: https://github.com/cockpit-project/cockpit/issues/15077
CVE-2020-35849 (An issue was discovered in MantisBT before 2.24.4. An incorrect access ...)
	- mantis <removed>
CVE-2020-35848 (Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controll ...)
	NOT-FOR-US: Agentejo Cockpit
CVE-2020-35847 (Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controll ...)
	NOT-FOR-US: Agentejo Cockpit
CVE-2020-35846 (Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controll ...)
	NOT-FOR-US: Agentejo Cockpit
CVE-2020-35845 (FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted i ...)
	NOT-FOR-US: FastStone Image Viewer
CVE-2020-35844 (FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted i ...)
	NOT-FOR-US: FastStone Image Viewer
CVE-2020-35843 (FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted i ...)
	NOT-FOR-US: FastStone Image Viewer
CVE-2020-35842 (Certain NETGEAR devices are affected by stored XSS. This affects D6200 ...)
	NOT-FOR-US: Netgear
CVE-2020-35841 (Certain NETGEAR devices are affected by stored XSS. This affects D6200 ...)
	NOT-FOR-US: Netgear
CVE-2020-35840 (Certain NETGEAR devices are affected by stored XSS. This affects D6200 ...)
	NOT-FOR-US: Netgear
CVE-2020-35839 (Certain NETGEAR devices are affected by Stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35838 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35837 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35836 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35835 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35834 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35833 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35832 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35831 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35830 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35829 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35828 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35827 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35826 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35825 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35824 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35823 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35822 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35821 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35820 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35819 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35818 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35817 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35816 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35815 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35814 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35813 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35812 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35811 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35810 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35809 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35808 (Certain NETGEAR devices are affected by stored XSS. This affects D6100 ...)
	NOT-FOR-US: Netgear
CVE-2020-35807 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35806 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35805 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-35804 (Certain NETGEAR devices are affected by disclosure of sensitive inform ...)
	NOT-FOR-US: Netgear
CVE-2020-35803 (Certain NETGEAR devices are affected by disclosure of sensitive inform ...)
	NOT-FOR-US: Netgear
CVE-2020-35802 (Certain NETGEAR devices are affected by disclosure of sensitive inform ...)
	NOT-FOR-US: Netgear
CVE-2020-35801 (Certain NETGEAR devices are affected by incorrect configuration of sec ...)
	NOT-FOR-US: Netgear
CVE-2020-35800 (Certain NETGEAR devices are affected by incorrect configuration of sec ...)
	NOT-FOR-US: Netgear
CVE-2020-35799 (Certain NETGEAR devices are affected by a stack-based buffer overflow  ...)
	NOT-FOR-US: Netgear
CVE-2020-35798 (Certain NETGEAR devices are affected by command injection by an unauth ...)
	NOT-FOR-US: Netgear
CVE-2020-35797 (NETGEAR NMS300 devices before 1.6.0.27 are affected by command injecti ...)
	NOT-FOR-US: Netgear
CVE-2020-35796 (Certain NETGEAR devices are affected by a buffer overflow by an unauth ...)
	NOT-FOR-US: Netgear
CVE-2020-35795 (Certain NETGEAR devices are affected by a buffer overflow by an unauth ...)
	NOT-FOR-US: Netgear
CVE-2020-35794 (Certain NETGEAR devices are affected by command injection by an authen ...)
	NOT-FOR-US: Netgear
CVE-2020-35793 (Certain NETGEAR devices are affected by command injection by an authen ...)
	NOT-FOR-US: Netgear
CVE-2020-35792 (Certain NETGEAR devices are affected by command injection by an authen ...)
	NOT-FOR-US: Netgear
CVE-2020-35791 (Certain NETGEAR devices are affected by command injection by an authen ...)
	NOT-FOR-US: Netgear
CVE-2020-35790 (Certain NETGEAR devices are affected by command injection by an authen ...)
	NOT-FOR-US: Netgear
CVE-2020-35789 (NETGEAR NMS300 devices before 1.6.0.27 are affected by command injecti ...)
	NOT-FOR-US: Netgear
CVE-2020-35788 (NETGEAR WAC104 devices before 1.0.4.13 are affected by a buffer overfl ...)
	NOT-FOR-US: Netgear
CVE-2020-35787 (Certain NETGEAR devices are affected by a buffer overflow by an authen ...)
	NOT-FOR-US: Netgear
CVE-2020-35786 (NETGEAR R7800 devices before 1.0.2.74 are affected by a buffer overflo ...)
	NOT-FOR-US: Netgear
CVE-2020-35785 (NETGEAR DGN2200v1 devices before v1.0.0.60 mishandle HTTPd authenticat ...)
	NOT-FOR-US: Netgear
CVE-2020-35784 (Certain NETGEAR devices are affected by lack of access control at the  ...)
	NOT-FOR-US: Netgear
CVE-2020-35783 (Certain NETGEAR devices are affected by lack of access control at the  ...)
	NOT-FOR-US: Netgear
CVE-2020-35782 (Certain NETGEAR devices are affected by lack of access control at the  ...)
	NOT-FOR-US: Netgear
CVE-2020-35781 (NETGEAR NMS300 devices before 1.6.0.27 are affected by denial of servi ...)
	NOT-FOR-US: Netgear
CVE-2020-35780 (NETGEAR NMS300 devices before 1.6.0.27 are affected by denial of servi ...)
	NOT-FOR-US: Netgear
CVE-2020-35779 (NETGEAR NMS300 devices before 1.6.0.27 are affected by denial of servi ...)
	NOT-FOR-US: Netgear
CVE-2020-35778 (Certain NETGEAR devices are affected by CSRF. This affects GS716Tv3 be ...)
	NOT-FOR-US: Netgear
CVE-2020-35777 (NETGEAR DGN2200v1 devices before v1.0.0.58 are affected by command inj ...)
	NOT-FOR-US: Netgear
CVE-2020-35776 (A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk version ...)
	- asterisk 1:16.16.1~dfsg-1 (bug #983158)
	[buster] - asterisk <postponed> (Minor issue)
	[stretch] - asterisk <no-dsa> (Minor issue)
	NOTE: https://downloads.asterisk.org/pub/security/AST-2021-001.html
	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-29227
CVE-2020-35775 (CITSmart before 9.1.2.23 allows LDAP Injection. ...)
	NOT-FOR-US: CITSmart
CVE-2020-35774 (server/handler/HistogramQueryHandler.scala in Twitter TwitterServer (a ...)
	NOT-FOR-US: Twitter TwitterServer
CVE-2020-35773 (The site-offline plugin before 1.4.4 for WordPress lacks certain wp_cr ...)
	NOT-FOR-US: site-offline plugin for WordPress
CVE-2020-35772
	RESERVED
CVE-2020-35771
	RESERVED
CVE-2020-35770
	RESERVED
CVE-2020-35769 (miniserv.pl in Webmin 1.962 on Windows mishandles special characters i ...)
	- webmin <removed>
CVE-2020-35768
	RESERVED
CVE-2020-35767
	RESERVED
CVE-2020-35766 (The test suite in libopendkim in OpenDKIM through 2.10.3 allows local  ...)
	- opendkim <unfixed> (unimportant)
	NOTE: https://github.com/trusteddomainproject/OpenDKIM/issues/113
CVE-2020-35765 (doFilter in com.adventnet.appmanager.filter.UriCollector in Zoho Manag ...)
	NOT-FOR-US: Zoho ManageEngine Applications Manager
CVE-2020-35764
	RESERVED
CVE-2020-35763
	RESERVED
CVE-2020-35762 (bloofoxCMS 0.5.2.1 is infected with Path traversal in the 'fileurl' pa ...)
	NOT-FOR-US: bloofoxCMS
CVE-2020-35761 (bloofoxCMS 0.5.2.1 is infected with XSS that allows remote attackers t ...)
	NOT-FOR-US: bloofoxCMS
CVE-2020-35760 (bloofoxCMS 0.5.2.1 is infected with Unrestricted File Upload that allo ...)
	NOT-FOR-US: bloofoxCMS
CVE-2020-35759 (bloofoxCMS 0.5.2.1 is infected with a CSRF Attack that leads to an att ...)
	NOT-FOR-US: bloofoxCMS
CVE-2020-35758 (An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. The ...)
	NOT-FOR-US: Libre Wireless LS9 LS1.5/p7040 devices
CVE-2020-35757 (An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. The ...)
	NOT-FOR-US: Libre Wireless LS9 LS1.5/p7040 devices
CVE-2020-35756 (An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. The ...)
	NOT-FOR-US: Libre Wireless LS9 LS1.5/p7040 devices
CVE-2020-35755 (An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. The ...)
	NOT-FOR-US: Libre Wireless LS9 LS1.5/p7040 devices
CVE-2020-35754 (OpenSolution Quick.CMS &lt; 6.7 and Quick.Cart &lt; 6.7 allow an authe ...)
	NOT-FOR-US: OpenSolution Quick.CMS
CVE-2020-35753 (The job posting recommendation form in Persis Human Resource Managemen ...)
	NOT-FOR-US: Persis Human Resource Management Portal
CVE-2020-35752 (Baby Care System 1.0 is affected by a cross-site scripting (XSS) vulne ...)
	NOT-FOR-US: Baby Care System
CVE-2020-35751
	RESERVED
CVE-2020-35750
	RESERVED
CVE-2020-35749 (Directory traversal vulnerability in class-simple_job_board_resume_dow ...)
	NOT-FOR-US: Simple Board Job plugin for WordPress
CVE-2020-35748 (Cross-site scripting (XSS) vulnerability in models/list-table.php in t ...)
	NOT-FOR-US: FV Flowplayer Video Player plugin for WordPress
CVE-2020-35747
	RESERVED
CVE-2020-35746
	RESERVED
CVE-2020-35745 (PHPGURUKUL Hospital Management System V 4.0 does not properly restrict ...)
	NOT-FOR-US: PHPGURUKUL Hospital Management System
CVE-2020-35744
	RESERVED
CVE-2020-35743 (HGiga MailSherlock contains a SQL injection flaw. Attackers can inject ...)
	NOT-FOR-US: HGiga MailSherlock
CVE-2020-35742 (HGiga MailSherlock contains a vulnerability of SQL Injection. Attacker ...)
	NOT-FOR-US: HGiga MailSherlock
CVE-2020-35741 (HGiga MailSherlock does not validate user parameters on multiple login ...)
	NOT-FOR-US: HGiga MailSherlock
CVE-2020-35740 (HGiga MailSherlock does not validate specific URL parameters properly  ...)
	NOT-FOR-US: HGiga MailSherlock
CVE-2020-35739
	RESERVED
CVE-2020-35738 (WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack ...)
	{DLA-2525-1}
	- wavpack 5.3.0-2 (bug #978548)
	[buster] - wavpack <no-dsa> (Minor issue)
	NOTE: https://github.com/dbry/WavPack/issues/91
	NOTE: https://github.com/dbry/WavPack/commit/63f3ec70129843dd64e11aa4c21c4a1cf00c9f1c
	NOTE: https://github.com/dbry/WavPack/commit/89df160596132e3bd666322e1c20b2ebd4b92cd0
CVE-2020-35737 (In Correspondence Management System (corms) in Newgen eGov 12.0, an at ...)
	NOT-FOR-US: Correspondence Management System (corms) in Newgen eGov
CVE-2020-35736 (GateOne 1.1 allows arbitrary file download without authentication via  ...)
	NOT-FOR-US: GateOne
CVE-2020-35735 (Vidyo 02-09-/D allows clickjacking via the portal/ URI. ...)
	NOT-FOR-US: Vidyo
CVE-2020-35734 (** UNSUPPORTED WHEN ASSIGNED ** Sruu.pl in Batflat 1.3.6 allows an aut ...)
	NOT-FOR-US: Batflat
CVE-2020-35733 (An issue was discovered in Erlang/OTP before 23.2.2. The ssl applicati ...)
	- erlang 1:23.2.2+dfsg-1 (bug #980199)
	[buster] - erlang <not-affected> (Vulnerable code introduced later)
	[stretch] - erlang <not-affected> (Vulnerable code introduced later)
	NOTE: https://erlang.org/pipermail/erlang-questions/2021-January/100357.html
	NOTE: Introduced in: https://github.com/erlang/otp/commit/d24a220c3b867caef83026ba31d2656366da4322 (OTP-23.2)
	NOTE: Fixed by: https://github.com/erlang/otp/commit/a59f3c4d2be19343f43c46241d0f4e30dd5563de (OTP-23.2.2)
	NOTE: Fixed by: https://github.com/erlang/otp/commit/c515e8d74fb92430c619eaa2dd00c89d94c6770a (OTP-23.2.2)
	NOTE: Fixed by: https://github.com/erlang/otp/commit/11a098cb0bcc30d7c424f01c60bfefd1deece287 (OTP-23.2.2)
	NOTE: Fixed by: https://github.com/erlang/otp/commit/95222bb877515345d6716f3bc36139ab52211af0 (OTP-23.2.2)
CVE-2020-35732
	RESERVED
CVE-2020-35731
	RESERVED
CVE-2020-35730 (An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x  ...)
	{DSA-4821-1 DLA-2508-1}
	- roundcube 1.4.10+dfsg.1-1 (bug #978491)
	NOTE: https://github.com/roundcube/roundcubemail/commit/0bceba301aa621ecc0263eac17beee2a4cef0c6d (1.4.10)
	NOTE: https://github.com/roundcube/roundcubemail/commit/a06ec1dcf9c972d302b16e1ac6aa079a4f6a1c3e (1.3.16)
	NOTE: https://github.com/roundcube/roundcubemail/commit/47e4d44f62ea16f923761d57f1773a66d51afad4 (1.2.13)
CVE-2020-35729 (KLog Server 2.4.1 allows OS command injection via shell metacharacters ...)
	NOT-FOR-US: KLog Server
CVE-2020-35728 (FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interact ...)
	{DLA-2638-1}
	- jackson-databind 2.12.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u3
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2999
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
	NOTE: https://github.com/FasterXML/jackson-databind/commit/1ca0388c2fb37ac6a06f1c188ae89c41e3e15e84
CVE-2020-35727 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authorit ...)
	NOT-FOR-US: Quest Policy Authority
CVE-2020-35726 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authorit ...)
	NOT-FOR-US: Quest Policy Authority
CVE-2020-35725 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authorit ...)
	NOT-FOR-US: Quest Policy Authority
CVE-2020-35724 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authorit ...)
	NOT-FOR-US: Quest Policy Authority
CVE-2020-35723 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authorit ...)
	NOT-FOR-US: Quest Policy Authority
CVE-2020-35722 (** UNSUPPORTED WHEN ASSIGNED ** CSRF in Web Compliance Manager in Ques ...)
	NOT-FOR-US: Quest Policy Authority
CVE-2020-35721 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authorit ...)
	NOT-FOR-US: Quest Policy Authority
CVE-2020-35720 (** UNSUPPORTED WHEN ASSIGNED ** Stored XSS in Quest Policy Authority 8 ...)
	NOT-FOR-US: Quest Policy Authority
CVE-2020-35719 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authorit ...)
	NOT-FOR-US: Quest Policy Authority
CVE-2020-35718
	RESERVED
CVE-2020-35717 (zonote through 0.4.0 allows XSS via a crafted note, with resultant Rem ...)
	NOT-FOR-US: zonote
CVE-2020-35716 (Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attacker ...)
	NOT-FOR-US: Belkin LINKSYS RE6500 devices
CVE-2020-35715 (Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote authenti ...)
	NOT-FOR-US: Belkin LINKSYS RE6500 devices
CVE-2020-35714 (Belkin LINKSYS RE6500 devices before 1.0.11.001 allow remote authentic ...)
	NOT-FOR-US: Belkin LINKSYS RE6500 devices
CVE-2020-35713 (Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attacker ...)
	NOT-FOR-US: Belkin LINKSYS RE6500 devices
CVE-2020-35712 (Esri ArcGIS Server before 10.8 is vulnerable to SSRF in some configura ...)
	NOT-FOR-US: Esri ArcGIS Server
CVE-2020-35710 (Parallels Remote Application Server (RAS) 18 allows remote attackers t ...)
	NOT-FOR-US: Parallels Remote Application Server (RAS)
CVE-2020-35709 (bloofoxCMS 0.5.2.1 allows admins to upload arbitrary .php files (with  ...)
	NOT-FOR-US: bloofoxCMS
CVE-2020-35711 (An issue has been discovered in the arc-swap crate before 0.4.8 (and 1 ...)
	- rust-arc-swap 0.4.8-1 (bug #985090)
	[buster] - rust-arc-swap <no-dsa> (Minor issue)
	NOTE: https://github.com/vorner/arc-swap/issues/45
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0091.html
CVE-2020-35708 (phpList 3.5.9 allows SQL injection by admins who provide a crafted fou ...)
	- phplist <itp> (bug #612288)
CVE-2020-35707 (Daybyday 2.1.0 allows stored XSS via the Company Name parameter to the ...)
	NOT-FOR-US: Daybyday
CVE-2020-35706 (Daybyday 2.1.0 allows stored XSS via the Title parameter to the New Pr ...)
	NOT-FOR-US: Daybyday
CVE-2020-35705 (Daybyday 2.1.0 allows stored XSS via the Name parameter to the New Use ...)
	NOT-FOR-US: Daybyday
CVE-2020-35704 (Daybyday 2.1.0 allows stored XSS via the Title parameter to the New Le ...)
	NOT-FOR-US: Daybyday
CVE-2020-35703
	RESERVED
CVE-2020-35702 (** DISPUTED ** DCTStream::getChars in DCTStream.cc in Poppler 20.12.1  ...)
	- poppler <not-affected> (Vulnerable code introduced later)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/-/issues/1011
	NOTE: Introduced by: https://gitlab.freedesktop.org/poppler/poppler/-/commit/f1c3ded779582aef5f2cbaf29bc5da7a8eae6f69
	NOTE: Fixed by: https://gitlab.freedesktop.org/poppler/poppler/-/commit/ae614bf8ab42c9d0c7ac57ecdfdcbcfc4ff6c639
CVE-2020-35701 (An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection ...)
	- cacti 1.2.16+ds1-2 (bug #979998)
	[buster] - cacti 1.2.2+ds1-2+deb10u4
	[stretch] - cacti <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/Cacti/cacti/issues/4022
	NOTE: https://asaf.me/2020/12/15/cacti-1-2-0-to-1-2-16-sql-injection/
	NOTE: Introduced in: https://github.com/Cacti/cacti/commit/6e1b8431b77efe55ba5115e35fe045e101dd619b (1.2.0)
	NOTE: Fixed by: https://github.com/Cacti/cacti/commit/565e0604a53f4988dc5b544d01f4a631eaa80d82
CVE-2020-35700 (A second-order SQL injection issue in Widgets/TopDevicesController.php ...)
	NOT-FOR-US: LibreNMS
CVE-2020-35699
	RESERVED
CVE-2020-35698
	RESERVED
CVE-2020-35697
	RESERVED
CVE-2020-35696
	RESERVED
CVE-2020-35695
	RESERVED
CVE-2020-35694
	RESERVED
CVE-2020-35693 (On some Samsung phones and tablets running Android through 7.1.1, it i ...)
	NOT-FOR-US: Samsung
CVE-2020-35692
	RESERVED
CVE-2020-35691
	RESERVED
CVE-2020-35690
	RESERVED
CVE-2020-35689
	RESERVED
CVE-2020-35688
	RESERVED
CVE-2020-35687 (PHPFusion version 9.03.90 is vulnerable to CSRF attack which leads to  ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-35686 (The SECOMN service in Sound Research DCHU model software component mod ...)
	NOT-FOR-US: Sound Research
CVE-2020-35685 (An issue was discovered in HCC Nichestack 3.0. The code that generates ...)
	NOT-FOR-US: HCC Nichestack
CVE-2020-35684 (An issue was discovered in HCC Nichestack 3.0. The code that parses TC ...)
	NOT-FOR-US: HCC Nichestack
CVE-2020-35683 (An issue was discovered in HCC Nichestack 3.0. The code that parses IC ...)
	NOT-FOR-US: HCC Nichestack
CVE-2020-35682 (Zoho ManageEngine ServiceDesk Plus before 11134 allows an Authenticati ...)
	NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
CVE-2020-35681 (Django Channels 3.x before 3.0.3 allows remote attackers to obtain sen ...)
	- python-django-channels 3.0.3-1 (bug #979376)
	[buster] - python-django-channels <no-dsa> (Minor issue)
	NOTE: https://channels.readthedocs.io/en/latest/releases/3.0.3.html
	NOTE: https://github.com/django/channels/commit/e85874d9630474986a6937430eac52db79a2a022 (3.0.3)
CVE-2020-35680 (smtpd/lka_filter.c in OpenSMTPD before 6.8.0p1, in certain configurati ...)
	- opensmtpd 6.8.0p2-1 (bug #978039)
	[buster] - opensmtpd <no-dsa> (Minor issue)
	[stretch] - opensmtpd <not-affected> (new filter grammar support added in ec69ed85b6c)
	NOTE: https://github.com/openbsd/src/commit/6c3220444ed06b5796dedfd53a0f4becd903c0d1
	NOTE: https://www.mail-archive.com/misc@opensmtpd.org/msg05188.html
CVE-2020-35679 (smtpd/table.c in OpenSMTPD before 6.8.0p1 lacks a certain regfree, whi ...)
	- opensmtpd 6.8.0p2-1 (bug #978038)
	[buster] - opensmtpd <no-dsa> (Minor issue)
	[stretch] - opensmtpd <not-affected> (regex table supported added > 6.4.0 according to CHANGES.md)
	NOTE: https://github.com/openbsd/src/commit/79a034b4aed29e965f45a13409268290c9910043
	NOTE: https://www.mail-archive.com/misc@opensmtpd.org/msg05188.html
CVE-2020-35678 (Autobahn|Python before 20.12.3 allows redirect header injection. ...)
	- python-autobahn 17.10.1+dfsg1-7 (bug #978416)
	[buster] - python-autobahn <no-dsa> (Minor issue)
	[stretch] - python-autobahn <ignored> (Need a package which is not in this suite)
	NOTE: https://github.com/crossbario/autobahn-python/pull/1439
	NOTE: https://github.com/crossbario/autobahn-python/commit/f7b7ad5c1066bdcc551775b73da15dca5c111623 (v20.12.3)
CVE-2020-35677 (BigProf Online Invoicing System before 4.0 fails to adequately sanitiz ...)
	NOT-FOR-US: BigProf Online Invoicing System
CVE-2020-35676 (BigProf Online Invoicing System before 3.1 fails to correctly sanitize ...)
	NOT-FOR-US: BigProf Online Invoicing System
CVE-2020-35675 (BigProf Online Invoicing System before 3.0 offers a functionality that ...)
	NOT-FOR-US: BigProf Online Invoicing System
CVE-2020-35674 (BigProf Online Invoicing System before 2.9 suffers from an unauthentic ...)
	NOT-FOR-US: BigProf Online Invoicing System
CVE-2020-35673
	RESERVED
CVE-2020-35672
	RESERVED
CVE-2020-35671
	RESERVED
CVE-2020-35670
	RESERVED
CVE-2020-35669 (An issue was discovered in the http package through 0.12.2 for Dart. I ...)
	NOT-FOR-US: Dart http
CVE-2020-35668 (RedisGraph 2.x through 2.2.11 has a NULL Pointer Dereference that lead ...)
	NOT-FOR-US: RedisGraph
CVE-2020-35667 (JetBrains TeamCity Plugin before 2020.2.85695 SSRF. Vulnerability that ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2020-35666 (Steedos Platform through 1.21.24 allows NoSQL injection because the /a ...)
	NOT-FOR-US: Steedos Platform
CVE-2020-35665 (An unauthenticated command-execution vulnerability exists in TerraMast ...)
	NOT-FOR-US: TerraMaster TOS
CVE-2020-35664 (An issue was discovered in Acronis Cyber Protect before 15 Update 1 bu ...)
	NOT-FOR-US: Acronis
CVE-2020-35663
	RESERVED
CVE-2020-35662 (In SaltStack Salt before 3002.5, when authenticating to services using ...)
	{DLA-2815-1}
	- salt 3002.5+dfsg1-1 (bug #983632)
	[buster] - salt 2018.3.4+dfsg1-6+deb10u3
	NOTE: https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
CVE-2020-35661
	RESERVED
CVE-2020-35660 (Cross Site Scripting (XSS) in Monica before 2.19.1 via the journal pag ...)
	NOT-FOR-US: Monica
CVE-2020-35659 (The DNS query log in Pi-hole before 5.2.2 is vulnerable to stored XSS. ...)
	NOT-FOR-US: Pi-hole
CVE-2020-35658 (SpamTitan before 7.09 allows attackers to tamper with backups, because ...)
	NOT-FOR-US: SpamTitan
CVE-2020-35657 (Jaws through 1.8.0 allows remote authenticated administrators to execu ...)
	NOT-FOR-US: Jaws
CVE-2020-35656 (Jaws through 1.8.0 allows remote authenticated administrators to execu ...)
	NOT-FOR-US: Jaws
CVE-2020-35655 (In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read whe ...)
	- pillow 8.1.0-1
	[buster] - pillow <no-dsa> (Minor issue)
	[stretch] - pillow <not-affected> (Vulnerable code introduced later)
	NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/8.1.0.html#security
	NOTE: https://github.com/python-pillow/Pillow/pull/5173
	NOTE: https://github.com/python-pillow/Pillow/commit/120eea2e4547a7d1826afdf01563035844f0b7d5
	NOTE: Introduced in https://github.com/python-pillow/Pillow/commit/a90dc4910045f5c6c119b582d4fd2e4841cd51f8 (4.3.0)
CVE-2020-35654 (In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow wh ...)
	- pillow 8.1.0-1
	[buster] - pillow <not-affected> (Vulnerable code not present)
	[stretch] - pillow <not-affected> (Vulnerable code introduced later)
	NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/8.1.0.html#security
	NOTE: https://github.com/python-pillow/Pillow/pull/5175
	NOTE: https://github.com/python-pillow/Pillow/commit/eb8c1206d6b170d4e798a00db7432e023853da5c
	NOTE: Introduced in: https://github.com/python-pillow/Pillow/commit/e91b851fdc1c914419543f485bdbaa010790719f (6.0.0)
CVE-2020-35653 (In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding ...)
	{DLA-2716-1}
	- pillow 8.1.0-1
	[buster] - pillow <no-dsa> (Minor issue)
	NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/8.1.0.html#security
	NOTE: https://github.com/python-pillow/Pillow/pull/5174
	NOTE: https://github.com/python-pillow/Pillow/commit/2f409261eb1228e166868f8f0b5da5cda52e55bf
CVE-2020-35652 (An issue was discovered in res_pjsip_diversion.c in Sangoma Asterisk b ...)
	- asterisk 1:16.15.1~dfsg-1 (bug #979372)
	[buster] - asterisk <no-dsa> (Minor issue)
	[stretch] - asterisk <no-dsa> (Minor issue)
	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-29191
	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-29219
	NOTE: https://downloads.asterisk.org/pub/security/AST-2020-003.html
	NOTE: https://downloads.asterisk.org/pub/security/AST-2020-003-13.diff (Asterisk 13.x)
	NOTE: https://downloads.asterisk.org/pub/security/AST-2020-003-16.diff (Asterisk 16.x)
	NOTE: https://downloads.asterisk.org/pub/security/AST-2020-004.html
CVE-2020-35651
	RESERVED
CVE-2020-35650 (Multiple cross-site scripting (XSS) vulnerabilities in Uncanny Groups  ...)
	NOT-FOR-US: Uncanny Groups for LearnDash
CVE-2020-35649
	RESERVED
CVE-2020-35648
	RESERVED
CVE-2020-35647
	RESERVED
CVE-2020-35646
	RESERVED
CVE-2020-35645
	RESERVED
CVE-2020-35644
	RESERVED
CVE-2020-35643
	RESERVED
CVE-2020-35642
	RESERVED
CVE-2020-35641
	RESERVED
CVE-2020-35640
	RESERVED
CVE-2020-35639
	RESERVED
CVE-2020-35638
	RESERVED
CVE-2020-35637
	RESERVED
CVE-2020-35636 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
	{DLA-2649-1}
	- cgal 5.2-3 (bug #985671)
	[buster] - cgal <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
CVE-2020-35635 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
	{DLA-2649-1}
	- cgal 5.2-3 (bug #985671)
	[buster] - cgal <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
CVE-2020-35634 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
	{DLA-2649-1}
	- cgal 5.2-3 (bug #985671)
	[buster] - cgal <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
CVE-2020-35633 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
	{DLA-2649-1}
	- cgal 5.2-3 (bug #985671)
	[buster] - cgal <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
CVE-2020-35632
	RESERVED
CVE-2020-35631
	RESERVED
CVE-2020-35630
	RESERVED
CVE-2020-35629
	RESERVED
CVE-2020-35628 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
	{DLA-2649-1}
	- cgal 5.2-3 (bug #985671)
	[buster] - cgal <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
CVE-2020-35627 (Ultimate WooCommerce Gift Cards 3.0.2 is affected by a file upload vul ...)
	NOT-FOR-US: Ultimate WooCommerce Gift Cards
CVE-2020-35626 (An issue was discovered in the PushToWatch extension for MediaWiki thr ...)
	NOT-FOR-US: PushToWatch MediaWiki extension
CVE-2020-35625 (An issue was discovered in the Widgets extension for MediaWiki through ...)
	NOT-FOR-US: Widgets MediaWiki extension
CVE-2020-35624 (An issue was discovered in the SecurePoll extension for MediaWiki thro ...)
	NOT-FOR-US: SecurePoll MediaWiki extension
CVE-2020-35623 (An issue was discovered in the CasAuth extension for MediaWiki through ...)
	NOT-FOR-US: CasAuth MediaWiki extension
CVE-2020-35622 (An issue was discovered in the GlobalUsage extension for MediaWiki thr ...)
	NOT-FOR-US: GlobalUsage MediaWiki extension
CVE-2020-35621
	REJECTED
CVE-2020-35620
	REJECTED
CVE-2020-35619
	REJECTED
CVE-2020-35618
	REJECTED
CVE-2020-35617
	REJECTED
CVE-2020-35616 (An issue was discovered in Joomla! 1.7.0 through 3.9.22. Lack of input ...)
	NOT-FOR-US: Joomla!
CVE-2020-35615 (An issue was discovered in Joomla! 2.5.0 through 3.9.22. A missing tok ...)
	NOT-FOR-US: Joomla!
CVE-2020-35614 (An issue was discovered in Joomla! 3.9.0 through 3.9.22. Improper hand ...)
	NOT-FOR-US: Joomla!
CVE-2020-35613 (An issue was discovered in Joomla! 3.0.0 through 3.9.22. Improper filt ...)
	NOT-FOR-US: Joomla!
CVE-2020-35612 (An issue was discovered in Joomla! 2.5.0 through 3.9.22. The folder pa ...)
	NOT-FOR-US: Joomla!
CVE-2020-35611 (An issue was discovered in Joomla! 2.5.0 through 3.9.22. The globlal c ...)
	NOT-FOR-US: Joomla!
CVE-2020-35610 (An issue was discovered in Joomla! 2.5.0 through 3.9.22. The autosugge ...)
	NOT-FOR-US: Joomla!
CVE-2020-35609 (A denial-of-service vulnerability exists in the asynchronous ioctl fun ...)
	NOT-FOR-US: Microsoft Azure Sphere
CVE-2020-35608 (A code execution vulnerability exists in the normal world&#8217;s sign ...)
	NOT-FOR-US: Microsoft Azure Sphere
CVE-2020-35607
	RESERVED
CVE-2020-35606 (Arbitrary command execution can occur in Webmin through 1.962. Any use ...)
	- webmin <removed>
CVE-2020-35605 (The Graphics Protocol feature in graphics.c in kitty before 0.19.3 all ...)
	{DSA-4819-1}
	- kitty 0.19.3-1
	NOTE: https://github.com/kovidgoyal/kitty/commit/82c137878c2b99100a3cdc1c0f0efea069313901 (v0.19.3)
	NOTE: https://github.com/kovidgoyal/kitty/issues/3128
CVE-2020-35604 (An XXE attack can occur in Kronos WebTA 5.0.4 when SAML is used. ...)
	NOT-FOR-US: Kronos WebTA
CVE-2020-35603
	RESERVED
CVE-2020-35602
	RESERVED
CVE-2020-35601
	RESERVED
CVE-2020-35600
	RESERVED
CVE-2020-35599
	RESERVED
CVE-2020-35598 (ACS Advanced Comment System 1.0 is affected by Directory Traversal via ...)
	NOT-FOR-US: ACS Advanced Comment System
CVE-2020-35597
	RESERVED
CVE-2020-35596
	RESERVED
CVE-2020-35595
	RESERVED
CVE-2020-35594 (Zoho ManageEngine ADManager Plus before 7066 allows XSS. ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2020-35593
	RESERVED
CVE-2020-35592 (Pi-hole 5.0, 5.1, and 5.1.1 allows XSS via the Options header to the a ...)
	NOT-FOR-US: Pi-hole
CVE-2020-35591 (Pi-hole 5.0, 5.1, and 5.1.1 allows Session Fixation. The application d ...)
	NOT-FOR-US: Pi-hole
CVE-2020-35590 (LimitLoginAttempts.php in the limit-login-attempts-reloaded plugin bef ...)
	NOT-FOR-US: limit-login-attempts-reloaded plugin for WordPress
CVE-2020-35589 (The limit-login-attempts-reloaded plugin before 2.17.4 for WordPress a ...)
	NOT-FOR-US: limit-login-attempts-reloaded plugin for WordPress
CVE-2020-35588
	RESERVED
CVE-2020-35587 (** DISPUTED ** In Solstice Pod before 3.0.3, the firmware can easily b ...)
	NOT-FOR-US: Solstice Pod
CVE-2020-35586 (In Solstice Pod before 3.3.0 (or Open4.3), the Administrator password  ...)
	NOT-FOR-US: Solstice Pod
CVE-2020-35585 (In Solstice Pod before 3.3.0 (or Open4.3), the screen key can be enume ...)
	NOT-FOR-US: Solstice Pod
CVE-2020-35584 (In Solstice Pod before 3.0.3, the web services allow users to connect  ...)
	NOT-FOR-US: Solstice Pod
CVE-2020-35583
	RESERVED
CVE-2020-35582 (A stored cross-site scripting (XSS) issue in Envira Gallery Lite befor ...)
	NOT-FOR-US: Envira Gallery Lite
CVE-2020-35581 (A stored cross-site scripting (XSS) issue in Envira Gallery Lite befor ...)
	NOT-FOR-US: Envira Gallery Lite
CVE-2020-35580 (A local file inclusion vulnerability in the FileServlet in all SearchB ...)
	NOT-FOR-US: searchblox
CVE-2020-35579 (tindy2013 subconverter 0.6.4 has a /sub?target=%TARGET%&amp;url=%URL%& ...)
	NOT-FOR-US: tindy2013
CVE-2020-35578 (An issue was discovered in the Manage Plugins page in Nagios XI before ...)
	NOT-FOR-US: Nagios XI
CVE-2020-35577 (In Endalia Selection Portal before 4.205.0, an Insecure Direct Object  ...)
	NOT-FOR-US: Endalia Selection Portal
CVE-2020-35576 (A Command Injection issue in the traceroute feature on TP-Link TL-WR84 ...)
	NOT-FOR-US: TP-Link
CVE-2020-35575 (A password-disclosure issue in the web interface on certain TP-Link de ...)
	NOT-FOR-US: TP-Link
CVE-2020-35574
	RESERVED
CVE-2020-35572 (Adminer through 4.7.8 allows XSS via the history parameter to the defa ...)
	- adminer 4.7.9-1
	[buster] - adminer <no-dsa> (Minor issue)
	[stretch] - adminer <not-affected> (Vulnerable code introduced in v4.7.0)
	NOTE: https://sourceforge.net/p/adminer/bugs-and-features/775/
	NOTE: https://github.com/vrana/adminer/security/advisories/GHSA-9pgx-gcph-mpqr
	NOTE: https://github.com/vrana/adminer/commit/5c395afc098e501be3417017c6421968aac477bd (v4.7.9)
CVE-2020-35571 (An issue was discovered in MantisBT through 2.24.3. In the helper_ensu ...)
	- mantis <removed>
CVE-2020-35573 (srs2.c in PostSRSd before 1.10 allows remote attackers to cause a deni ...)
	{DLA-2502-1}
	- postsrsd 1.10-1
	[buster] - postsrsd 1.5-2+deb10u1
	NOTE: https://github.com/roehling/postsrsd/commit/4733fb11f6bec6524bb8518c5e1a699288c26bac (1.10)
CVE-2020-35570 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...)
	NOT-FOR-US: MB CONNECT
CVE-2020-35569 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...)
	NOT-FOR-US: MB CONNECT
CVE-2020-35568 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...)
	NOT-FOR-US: MB CONNECT
CVE-2020-35567 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...)
	NOT-FOR-US: MB CONNECT
CVE-2020-35566 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...)
	NOT-FOR-US: MB CONNECT
CVE-2020-35565 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...)
	NOT-FOR-US: MB CONNECT
CVE-2020-35564 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...)
	NOT-FOR-US: MB CONNECT
CVE-2020-35563 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...)
	NOT-FOR-US: MB CONNECT
CVE-2020-35562
	RESERVED
CVE-2020-35561 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...)
	NOT-FOR-US: MB CONNECT
CVE-2020-35560 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...)
	NOT-FOR-US: MB CONNECT
CVE-2020-35559 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...)
	NOT-FOR-US: MB CONNECT
CVE-2020-35558 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...)
	NOT-FOR-US: MB CONNECT
CVE-2020-35557 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...)
	NOT-FOR-US: MB CONNECT
CVE-2020-35556 (An issue was discovered in Acronis Cyber Protect before 15 Update 1 bu ...)
	NOT-FOR-US: Acronis
CVE-2020-35555 (An issue was discovered on LG mobile devices with Android OS 10 softwa ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-35554 (An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-35553 (An issue was discovered on Samsung mobile devices with Q(10.0) and R(1 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-35552 (An issue was discovered in the GPS daemon on Samsung mobile devices wi ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-35551 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-35550 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-35549 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-35548 (An issue was discovered in Finder on Samsung mobile devices with Q(10. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-35547 (A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 ...)
	NOT-FOR-US: Mitel
CVE-2020-35546
	RESERVED
CVE-2020-35545 (Time-based SQL injection exists in Spotweb 1.4.9 via the query string. ...)
	- spotweb <removed> (bug #977719)
	[buster] - spotweb <no-dsa> (Minor issue)
	[stretch] - spotweb <no-dsa> (Minor issue)
	NOTE: https://github.com/spotweb/spotweb/issues/629
	NOTE: https://github.com/spotweb/spotweb/commit/fefb39ad143caad021ad496427617db79c42aff2
	NOTE: https://github.com/spotweb/spotweb/commit/25c1f89f0202af5d5d224b906ff9d9313f017aa6
	NOTE: When fixing the issue make sure to apply the complete fix for CVE-2020-35545
	NOTE: and not open CVE-2021-3286. Cf.
	NOTE: https://github.com/spotweb/spotweb/issues/653
CVE-2020-35544
	RESERVED
CVE-2020-35543
	RESERVED
CVE-2020-35542 (Unisys Data Exchange Management Studio through 5.0.34 doesn't sanitize ...)
	NOT-FOR-US: Unisys
CVE-2020-35541
	REJECTED
CVE-2020-35540
	REJECTED
CVE-2020-35539
	RESERVED
CVE-2020-35538
	RESERVED
CVE-2020-35537
	RESERVED
CVE-2020-35536
	RESERVED
CVE-2020-35535
	RESERVED
CVE-2020-35534
	RESERVED
CVE-2020-35533
	RESERVED
CVE-2020-35532
	RESERVED
CVE-2020-35531
	RESERVED
CVE-2020-35530
	RESERVED
CVE-2020-35529
	RESERVED
CVE-2020-35528
	RESERVED
CVE-2020-35527
	RESERVED
CVE-2020-35526
	RESERVED
CVE-2020-35525
	RESERVED
CVE-2020-35524 (A heap-based buffer overflow flaw was found in libtiff in the handling ...)
	{DSA-4869-1 DLA-2694-1}
	- tiff 4.1.0+git201212-1
	NOTE: https://gitlab.com/libtiff/libtiff/-/commit/7be2e452ddcf6d7abca88f41d3761e6edab72b22
	NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/159
CVE-2020-35523 (An integer overflow flaw was found in libtiff that exists in the tif_g ...)
	{DSA-4869-1 DLA-2694-1}
	- tiff 4.1.0+git201212-1
	NOTE: https://gitlab.com/libtiff/libtiff/-/commit/c8d613ef497058fe653c467fc84c70a62a4a71b2
	NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/160
CVE-2020-35522 (In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A craf ...)
	- tiff 4.1.0+git201212-1 (unimportant)
	NOTE: https://gitlab.com/libtiff/libtiff/-/commit/98a254f5b92cea22f5436555ff7fceb12afee84d
	NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/165
	NOTE: Crash in CLI tool, no security impact
CVE-2020-35521 (A flaw was found in libtiff. Due to a memory allocation failure in tif ...)
	- tiff 4.1.0+git201212-1 (unimportant)
	NOTE: https://gitlab.com/libtiff/libtiff/-/commit/b5a935d96b21cda0f434230cdf8ca958cd8b4eef
	NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/165
	NOTE: Crash in CLI tool, no security impact
CVE-2020-35520
	RESERVED
CVE-2020-35519 (An out-of-bounds (OOB) memory access flaw was found in x25_bind in net ...)
	- linux 5.9.15-1
	[buster] - linux 4.19.171-1
	[stretch] - linux 4.9.258-1
	NOTE: https://www.openwall.com/lists/oss-security/2021/03/17/17
CVE-2020-35518 (When binding against a DN during authentication, the reply from 389-ds ...)
	- 389-ds-base 1.4.4.10-1
	[buster] - 389-ds-base <not-affected> (Vulnerable code introduced later)
	[stretch] - 389-ds-base <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1905565
	NOTE: https://github.com/389ds/389-ds-base/issues/4480
	NOTE: https://github.com/389ds/389-ds-base/commit/cc0f69283abc082488824702dae485b8eae938bc (master)
	NOTE: https://github.com/389ds/389-ds-base/commit/38b97faef8a6421a7a638ecdbf0b341e2b3f9ab3 (1.4.4.10)
	NOTE: Introduced as side-effect of https://github.com/389ds/389-ds-base/issues/2535
CVE-2020-35517 (A flaw was found in qemu. A host privilege escalation issue was found  ...)
	- qemu 1:5.2+dfsg-5 (bug #980814)
	[buster] - qemu <not-affected> (Vulnerable code introduced later)
	[stretch] - qemu <not-affected> (Vulnerable code introduced later)
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg05461.html
	NOTE: https://www.openwall.com/lists/oss-security/2021/01/22/1
CVE-2020-35516
	RESERVED
CVE-2020-35515
	RESERVED
CVE-2020-35514 (An insecure modification flaw in the /etc/kubernetes/kubeconfig file w ...)
	NOT-FOR-US: OpenShift
CVE-2020-35513 (A flaw incorrect umask during file or directory modification in the Li ...)
	- linux 4.16.5-1
	[stretch] - linux <not-affected> (Vulnerable code introduce later)
	NOTE: https://git.kernel.org/linus/880a3a5325489a143269a8e172e7563ebf9897bc
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1911309
CVE-2020-35512 (A use-after-free flaw was found in D-Bus Development branch &lt;= 1.13 ...)
	- dbus 1.12.20-1
	[buster] - dbus 1.12.20-0+deb10u1
	[stretch] - dbus 1.10.32-0+deb9u1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1909101
	NOTE: https://gitlab.freedesktop.org/dbus/dbus/-/issues/305
	NOTE: https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)
	NOTE: https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)
	NOTE: https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)
CVE-2020-35511
	RESERVED
CVE-2020-35510 (A flaw was found in jboss-remoting in versions before 5.0.20.SP1-redha ...)
	- libjboss-remoting-java <removed>
CVE-2020-35509
	RESERVED
	NOT-FOR-US: Keycloak
CVE-2020-35508 (A flaw possibility of race condition and incorrect initialization of t ...)
	- linux 5.9.9-1
	[buster] - linux 4.19.160-1
	[stretch] - linux 4.9.246-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1902724
CVE-2020-35507 (There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutil ...)
	- binutils 2.33.50.20200107-1 (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25308
	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7a0fb7be96e0ce79e1ae429bc1ba913e5244d537
	NOTE: binutils not covered by security support
CVE-2020-35506 (A use-after-free vulnerability was found in the am53c974 SCSI host bus ...)
	[experimental] - qemu 1:6.0+dfsg-1~exp0
	- qemu 1:6.0+dfsg-3 (bug #984454)
	[bullseye] - qemu <postponed> (Minor issue, revisit when fixed upstream)
	[buster] - qemu <not-affected> (Vulnerable code not present, FIFO support added later)
	[stretch] - qemu <postponed> (Fix along in future DLA)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1909996
	NOTE: https://bugs.launchpad.net/qemu/+bug/1909247
CVE-2020-35505 (A NULL pointer dereference flaw was found in the am53c974 SCSI host bu ...)
	[experimental] - qemu 1:6.0+dfsg-1~exp0
	- qemu 1:6.0+dfsg-3 (bug #984455)
	[bullseye] - qemu <postponed> (Minor issue, revisit when fixed upstream)
	[buster] - qemu <postponed> (Fix along in future DSA)
	[stretch] - qemu <postponed> (Fix along in future DLA)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1909769
	NOTE: https://bugs.launchpad.net/qemu/+bug/1910723 (reproducer)
CVE-2020-35504 (A NULL pointer dereference flaw was found in the SCSI emulation suppor ...)
	[experimental] - qemu 1:6.0+dfsg-1~exp0
	- qemu 1:6.0+dfsg-3 (bug #979679)
	[bullseye] - qemu <postponed> (Minor issue, revisit when fixed upstream)
	[buster] - qemu <postponed> (Fix along in future DSA)
	[stretch] - qemu <postponed> (Fix along in future DLA)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1909766
	NOTE: https://bugs.launchpad.net/qemu/+bug/1910723 (reproducer)
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2020-12/msg06065.html
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=0db895361b8a82e1114372ff9f48
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=e392255766071c8cac480da3a9ae
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=e5455b8c1c6170c788f3c0fd577c
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=c5fef9112b15c4b5494791cdf8bb
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=7b320a8e67a534925048cbabfa51
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=99545751734035b76bd372c4e721
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=fa7505c154d4d00ad89a747be2ed
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=fbc6510e3379fa8f8370bf71198f
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=0ebb5fd80589835153a0c2baa1b8
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=324c8809897c8c53ad05c3a7147d
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=607206948cacda4a80be5b976dba
CVE-2020-35503 (A NULL pointer dereference flaw was found in the megasas-gen2 SCSI hos ...)
	- qemu <unfixed> (bug #979678)
	[bullseye] - qemu <postponed> (Minor issue)
	[buster] - qemu <postponed> (Fix along in future DSA)
	[stretch] - qemu <postponed> (Fix along in future DLA)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1910346
	NOTE: No upstream patch as of 2022-01-28
CVE-2020-35502 (A flaw was found in Privoxy in versions before 3.0.29. Memory leaks wh ...)
	{DLA-2548-1}
	- privoxy 3.0.29-1
	[buster] - privoxy 3.0.28-2+deb10u1
	NOTE: https://www.openwall.com/lists/oss-security/2021/02/03/3
	NOTE: https://www.privoxy.org/gitweb/?p=privoxy.git;a=commit;h=bbd53f1010b3d6a7b55d0094b2370c3a49322ddb (3.0.29)
	NOTE: https://www.privoxy.org/gitweb/?p=privoxy.git;a=commit;h=4490d451f9b61baada414233897a83ec8d9908aa (3.0.29)
CVE-2020-35501
	RESERVED
	- linux <unfixed> (unimportant)
	NOTE: https://www.openwall.com/lists/oss-security/2021/02/18/1
	NOTE: https://lore.kernel.org/linux-audit/7230785.EvYhyI6sBW@x2/
	NOTE: Negligible security impact
CVE-2020-35500
	REJECTED
CVE-2020-35499 (A NULL pointer dereference flaw in Linux kernel versions prior to 5.11 ...)
	- linux 5.10.4-1
	[buster] - linux <not-affected> (Vulnerable code introduced later)
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1910048
	NOTE: https://git.kernel.org/linus/f6b8c6b5543983e9de29dc14716bfa4eb3f157c4
CVE-2020-35498 (A vulnerability was found in openvswitch. A limitation in the implemen ...)
	{DSA-4852-1 DLA-2571-1}
	- openvswitch 2.15.0~git20210104.def6eb1ea+dfsg1-5 (bug #982493)
	NOTE: master: https://github.com/openvswitch/ovs/commit/79349cbab0b2a755140eedb91833ad2760520a83
	NOTE: 2.15: https://github.com/openvswitch/ovs/commit/0625dc79aec73b966f206e55655a2816696246d0
	NOTE: 2.10: https://github.com/openvswitch/ovs/commit/79cec1a736b91548ec882d840986a11affda1068
	NOTE: 2.6: https://github.com/openvswitch/ovs/commit/673c08eee8c8d4f2999ddd31524de7ff0f72b559
	NOTE: https://www.openwall.com/lists/oss-security/2021/02/10/4
CVE-2020-35497 (A flaw was found in ovirt-engine 4.4.3 and earlier allowing an authent ...)
	NOT-FOR-US: ovirt-engine
CVE-2020-35496 (There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutil ...)
	- binutils 2.33.50.20200107-1 (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25308
	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7a0fb7be96e0ce79e1ae429bc1ba913e5244d537
	NOTE: binutils not covered by security support
CVE-2020-35495 (There's a flaw in binutils /bfd/pef.c. An attacker who is able to subm ...)
	- binutils 2.33.50.20200107-1 (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25306
	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7a0fb7be96e0ce79e1ae429bc1ba913e5244d537
CVE-2020-35494 (There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is ab ...)
	- binutils 2.33.50.20200107-1 (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25319
	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=2c5b6e1a1c406cbe06e2d6f77861764ebd01b9ce
CVE-2020-35493 (A flaw exists in binutils in bfd/pef.c. An attacker who is able to sub ...)
	- binutils 2.33.50.20200107-1 (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25307
	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f2a3559d54602cecfec6d90f792be4a70ad918ab
	NOTE: NOTE: binutils not covered by security support
CVE-2020-35492 (A flaw was found in cairo's image-compositor.c in all versions prior t ...)
	{DLA-2518-1}
	- cairo 1.16.0-5 (bug #978658)
	[buster] - cairo 1.16.0-4+deb10u1
	NOTE: https://gitlab.freedesktop.org/cairo/cairo/-/issues/437
	NOTE: Introduced by: https://gitlab.freedesktop.org/cairo/cairo/-/commit/c986a7310bb06582b7d8a566d5f007ba4e5e75bf (1.12.12)
	NOTE: Fixed by: https://gitlab.freedesktop.org/cairo/cairo/-/commit/03a820b173ed1fdef6ff14b4468f5dbc02ff59be
	NOTE: Minor cleanup for test: https://gitlab.freedesktop.org/cairo/cairo/-/commit/8bc14a6bba3bc8a64ff0749c74d9b96305bf6429
	NOTE: Additional meson support (test): https://gitlab.freedesktop.org/cairo/cairo/-/commit/0677e0a94968447e132c69f58cb04e5377e0c828
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1898396
CVE-2020-35491 (FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interact ...)
	{DLA-2638-1}
	- jackson-databind 2.12.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u3
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2986
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
	NOTE: https://github.com/FasterXML/jackson-databind/commit/41b8bdb5ccc1d8edb71acf1c8234da235a24249d
CVE-2020-35490 (FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interact ...)
	{DLA-2638-1}
	- jackson-databind 2.12.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u3
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2986
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
	NOTE: https://github.com/FasterXML/jackson-databind/commit/41b8bdb5ccc1d8edb71acf1c8234da235a24249d
CVE-2020-35489 (The contact-form-7 (aka Contact Form 7) plugin before 5.3.2 for WordPr ...)
	NOT-FOR-US: contact-form-7 (aka Contact Form 7) plugin for WordPress
CVE-2020-35488 (The fileop module of the NXLog service in NXLog Community Edition 2.10 ...)
	NOT-FOR-US: NXLog
CVE-2020-35487
	RESERVED
CVE-2020-35486
	RESERVED
CVE-2020-35485
	RESERVED
CVE-2020-35484
	RESERVED
CVE-2020-35483 (AnyDesk before 6.1.0 on Windows, when run in portable mode on a system ...)
	NOT-FOR-US: AnyDesk
CVE-2020-35482 (SolarWinds Serv-U before 15.2.2 allows authenticated reflected XSS. ...)
	NOT-FOR-US: SolarWinds
CVE-2020-35481 (SolarWinds Serv-U before 15.2.2 allows Unauthenticated Macro Injection ...)
	NOT-FOR-US: SolarWinds
CVE-2020-35480 (An issue was discovered in MediaWiki before 1.35.1. Missing users (acc ...)
	{DSA-4816-1 DLA-2504-1}
	- mediawiki 1:1.35.1-1
	NOTE: https://phabricator.wikimedia.org/T120883
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-December/094126.html
CVE-2020-35479 (MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. Language ...)
	{DSA-4816-1 DLA-2504-1}
	- mediawiki 1:1.35.1-1
	NOTE: https://phabricator.wikimedia.org/T268938
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-December/094126.html
CVE-2020-35478 (MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. MediaWik ...)
	- mediawiki 1:1.35.1-1
	[buster] - mediawiki <not-affected> (Introduced in 1.33)
	[stretch] - mediawiki <not-affected> (Introduced in 1.33)
	NOTE: https://phabricator.wikimedia.org/T268938
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-December/094126.html
CVE-2020-35477 (MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries ...)
	{DSA-4816-1 DLA-2504-1}
	- mediawiki 1:1.35.1-1
	NOTE: https://phabricator.wikimedia.org/T205908
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-December/094126.html
CVE-2020-35476 (A remote code execution vulnerability occurs in OpenTSDB through 2.4.0 ...)
	NOT-FOR-US: OpenTSDB
CVE-2020-35475 (In MediaWiki before 1.35.1, the messages userrights-expiry-current and ...)
	{DSA-4816-1}
	- mediawiki 1:1.35.1-1
	[stretch] - mediawiki <not-affected> (Introduced in 1.29)
	NOTE: https://phabricator.wikimedia.org/T268917
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-December/094126.html
CVE-2020-35474 (In MediaWiki before 1.35.1, the combination of Html::rawElement and Me ...)
	- mediawiki 1:1.35.1-1
	[buster] - mediawiki <not-affected> (Introduced in 1.35)
	[stretch] - mediawiki <not-affected> (Introduced in 1.35)
	NOTE: https://phabricator.wikimedia.org/T268894
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-December/094126.html
CVE-2020-35473
	RESERVED
CVE-2020-35472
	RESERVED
CVE-2020-35471 (Envoy before 1.16.1 mishandles dropped and truncated datagrams, as dem ...)
	- envoyproxy <itp> (bug #987544)
CVE-2020-35470 (Envoy before 1.16.1 logs an incorrect downstream address because it co ...)
	- envoyproxy <itp> (bug #987544)
CVE-2020-35469 (The Software AG Terracotta Server OSS Docker image 5.4.1 contains a bl ...)
	NOT-FOR-US: Software AG Terracotta Server OSS Docker image
CVE-2020-35468 (The Appbase streams Docker image 2.1.2 contains a blank password for t ...)
	NOT-FOR-US: Appbase streams Docker image
CVE-2020-35467 (The Docker Docs Docker image through 2020-12-14 contains a blank passw ...)
	NOT-FOR-US: Docker Docs Docker image
CVE-2020-35466 (The Blackfire Docker image through 2020-12-14 contains a blank passwor ...)
	NOT-FOR-US: Blackfire Docker image
CVE-2020-35465 (The FullArmor HAPI File Share Mount Docker image through 2020-12-14 co ...)
	NOT-FOR-US: FullArmor HAPI File Share Mount Docker image
CVE-2020-35464 (Version 1.3.0 of the Weave Cloud Agent Docker image contains a blank p ...)
	NOT-FOR-US: Weave Cloud Agent Docker image
CVE-2020-35463 (Version 1.0.0 of the Instana Dynamic APM Docker image contains a blank ...)
	NOT-FOR-US: Instana Dynamic APM Docker image
CVE-2020-35462 (Version 3.16.0 of the CoScale agent Docker image contains a blank pass ...)
	NOT-FOR-US: CoScale agent Docker image
CVE-2020-35461
	RESERVED
CVE-2020-35460 (common/InputStreamHelper.java in Packwood MPXJ before 8.3.5 allows dir ...)
	NOT-FOR-US: Packwood MPXJ
CVE-2020-35459 (An issue was discovered in ClusterLabs crmsh through 4.2.1. Local atta ...)
	{DLA-2533-1}
	- crmsh 4.2.1-2 (bug #985376)
	[buster] - crmsh 4.0.0~git20190108.3d56538-3+deb10u1
	NOTE: https://www.openwall.com/lists/oss-security/2021/01/12/3
CVE-2020-35458 (An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There ...)
	- hawk <itp> (bug #634344)
CVE-2020-35457 (** DISPUTED ** GNOME GLib before 2.65.3 has an integer overflow, that  ...)
	- glib2.0 2.66.0-1 (unimportant)
	NOTE: https://gitlab.gnome.org/GNOME/glib/-/commit/63c5b62f0a984fac9a9700b12f54fe878e016a5d
	NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2197
	NOTE: Upstream position is that it is not realistically a security issue.
CVE-2020-35456 (The Taidii Diibear Android application 2.4.0 and all its derivatives a ...)
	NOT-FOR-US: Taidii Diibear Android application
CVE-2020-35455 (The Taidii Diibear Android application 2.4.0 and all its derivatives a ...)
	NOT-FOR-US: Taidii Diibear Android application
CVE-2020-35454 (The Taidii Diibear Android application 2.4.0 and all its derivatives a ...)
	NOT-FOR-US: Taidii Diibear Android application
CVE-2020-35453 (HashiCorp Vault Enterprise&#8217;s Sentinel EGP policy feature incorre ...)
	NOT-FOR-US: HashiCorp Vault
CVE-2020-35452 (Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest ...)
	{DSA-4937-1 DLA-2706-1}
	[experimental] - apache2 2.4.48-1
	- apache2 2.4.46-6
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-35452
	NOTE: https://github.com/apache/httpd/commit/3b6431eb9c9dba603385f70a2131ab4a01bf0d3b
CVE-2020-35451 (There is a race condition in OozieSharelibCLI in Apache Oozie before v ...)
	NOT-FOR-US: Apache Oozie
CVE-2020-35450 (Gobby 0.4.11 allows a NULL pointer dereference in the D-Bus handler fo ...)
	- gobby 0.6.0~20201227~b98f4d2-1 (bug #978446)
	[buster] - gobby <no-dsa> (Minor issue)
	[stretch] - gobby <no-dsa> (Minor issue)
	NOTE: https://github.com/gobby/gobby/issues/183
	NOTE: https://github.com/gobby/gobby/pull/184
	NOTE: https://github.com/gobby/gobby/commit/6f34307bff645eb2935d82deee0119ec89866118
CVE-2020-35449
	RESERVED
CVE-2020-35448 (An issue was discovered in the Binary File Descriptor (BFD) library (a ...)
	- binutils <unfixed> (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=26574
	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8642dafaef21aa6747cec01df1977e9c52eb4679
	NOTE: binutils not covered by security support
CVE-2020-35447
	RESERVED
CVE-2020-35446
	RESERVED
CVE-2020-35445
	RESERVED
CVE-2020-35444
	RESERVED
CVE-2020-35443
	RESERVED
CVE-2020-35442 (FDCMS (also known as Fangfa Content Management System) 4.0 allows remo ...)
	NOT-FOR-US: FDCMS (Fangfa Content Management System)
CVE-2020-35441 (FDCMS (aka Fangfa Content Management System) 4.0 contains a front-end  ...)
	NOT-FOR-US: FDCMS (Fangfa Content Management System)
CVE-2020-35440
	RESERVED
CVE-2020-35439
	RESERVED
CVE-2020-35438 (Cross Site Scripting (XSS) vulnerability in the kk Star Ratings plugin ...)
	NOT-FOR-US: kk-star-ratings
CVE-2020-35437 (Subrion CMS 4.2.1 is affected by: Cross Site Scripting (XSS) through t ...)
	NOT-FOR-US: Subrion CMS
CVE-2020-35436
	RESERVED
CVE-2020-35435
	RESERVED
CVE-2020-35434
	RESERVED
CVE-2020-35433
	RESERVED
CVE-2020-35432
	RESERVED
CVE-2020-35431
	RESERVED
CVE-2020-35430 (SQL Injection in com/inxedu/OS/edu/controller/letter/AdminMsgSystemCon ...)
	NOT-FOR-US: Inxedu
CVE-2020-35429
	RESERVED
CVE-2020-35428
	RESERVED
CVE-2020-35427 (SQL injection vulnerability in PHPGurukul Employee Record Management S ...)
	NOT-FOR-US: PHPGurukul Employee Record Management
CVE-2020-35426
	RESERVED
CVE-2020-35425
	RESERVED
CVE-2020-35424
	RESERVED
CVE-2020-35423
	RESERVED
CVE-2020-35422
	RESERVED
CVE-2020-35421
	RESERVED
CVE-2020-35420
	RESERVED
CVE-2020-35419 (Cross Site Scripting (XSS) in Group Office CRM 6.4.196 via the SET_LAN ...)
	NOT-FOR-US: Group Office CRM
CVE-2020-35418 (Cross Site Scripting (XSS) in the contact page of Group Office CRM 6.4 ...)
	NOT-FOR-US: Group Office CRM
CVE-2020-35417
	RESERVED
CVE-2020-35416 (Multiple cross-site scripting (XSS) vulnerabilities exist in PHPJabber ...)
	NOT-FOR-US: PHPJabbers Appointment Scheduler
CVE-2020-35415
	RESERVED
CVE-2020-35414
	RESERVED
CVE-2020-35413
	RESERVED
CVE-2020-35412
	RESERVED
CVE-2020-35411
	RESERVED
CVE-2020-35410
	RESERVED
CVE-2020-35409
	RESERVED
CVE-2020-35408
	RESERVED
CVE-2020-35407
	RESERVED
CVE-2020-35406
	RESERVED
CVE-2020-35405
	RESERVED
CVE-2020-35404
	RESERVED
CVE-2020-35403
	RESERVED
CVE-2020-35402
	RESERVED
CVE-2020-35401
	RESERVED
CVE-2020-35400
	RESERVED
CVE-2020-35399
	RESERVED
CVE-2020-35398 (An issue was discovered in UTI Mutual fund Android application 5.4.18  ...)
	NOT-FOR-US: UTI Mutual fund Android application
CVE-2020-35397
	RESERVED
CVE-2020-35396 (EGavilan Barcodes generator 1.0 is affected by: Cross Site Scripting ( ...)
	NOT-FOR-US: EGavilan Barcodes generator
CVE-2020-35395 (XSS in the Add Expense Component of EGavilan Media Expense Management  ...)
	NOT-FOR-US: EGavilan Media Expense Management System
CVE-2020-35394
	RESERVED
CVE-2020-35393
	RESERVED
CVE-2020-35392
	RESERVED
CVE-2020-35391 (Tenda N300 F3 12.01.01.48 devices allow remote attackers to obtain sen ...)
	NOT-FOR-US: Tenda
CVE-2020-35390
	RESERVED
CVE-2020-35389
	RESERVED
CVE-2020-35388 (rainrocka xinhu 2.1.9 allows remote attackers to obtain sensitive info ...)
	NOT-FOR-US: rainrocka xinhu
CVE-2020-35387
	RESERVED
CVE-2020-35386
	RESERVED
CVE-2020-35385
	RESERVED
CVE-2020-35384
	RESERVED
CVE-2020-35383
	RESERVED
CVE-2020-35382 (SQL Injection in Classbooking before 2.4.1 via the username field of a ...)
	NOT-FOR-US: Classbooking
CVE-2020-35381 (jsonparser 1.0.0 allows attackers to cause a denial of service (panic: ...)
	- golang-github-buger-jsonparser 1.1.1-1 (bug #978445)
	[buster] - golang-github-buger-jsonparser <no-dsa> (Minor issue)
	NOTE: https://github.com/buger/jsonparser/issues/219
CVE-2020-35380 (GJSON before 1.6.4 allows attackers to cause a denial of service via c ...)
	- golang-github-tidwall-gjson 1.6.7-1 (bug #977622)
	NOTE: https://github.com/tidwall/gjson/issues/192
	NOTE: https://github.com/tidwall/gjson/commit/f0ee9ebde4b619767ae4ac03e8e42addb530f6bc (v1.6.4)
CVE-2020-35379
	RESERVED
CVE-2020-35378 (SQL Injection in the login page in Online Bus Ticket Reservation 1.0 a ...)
	NOT-FOR-US: Online Bus Ticket Reservation
CVE-2020-35377
	RESERVED
CVE-2020-35376 (Xpdf 4.02 allows stack consumption because of an incorrect subroutine  ...)
	- xpdf <not-affected> (Debian uses poppler, which is not affected)
	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=42066
CVE-2020-35375
	RESERVED
CVE-2020-35374
	RESERVED
CVE-2020-35373 (In Fiyo CMS 2.0.6.1, the 'tag' parameter results in an unauthenticated ...)
	NOT-FOR-US: Fiyo CMS
CVE-2020-35372
	RESERVED
CVE-2020-35371
	RESERVED
CVE-2020-35370 (A RCE vulnerability exists in Raysync below 3.3.3.8. An unauthenticate ...)
	NOT-FOR-US: Raysync
CVE-2020-35369
	RESERVED
CVE-2020-35368
	RESERVED
CVE-2020-35367
	RESERVED
CVE-2020-35366
	RESERVED
CVE-2020-35365
	RESERVED
CVE-2020-35364 (Beijing Huorong Internet Security 5.0.55.2 allows a non-admin user to  ...)
	NOT-FOR-US: Beijing Huorong Internet Security
CVE-2020-35363
	RESERVED
CVE-2020-35362 (DEXT5Upload 2.7.1262310 and earlier is affected by Directory Traversal ...)
	NOT-FOR-US: DEXT5Upload
CVE-2020-35361
	RESERVED
CVE-2020-35360
	RESERVED
CVE-2020-35359 (Pure-FTPd 1.0.48 allows remote attackers to prevent legitimate server  ...)
	NOTE: Bogus issue, can be configured using MaxClientsPerIP in pure-ftpd.conf configuration file
CVE-2020-35357
	RESERVED
CVE-2020-35356
	RESERVED
CVE-2020-35355
	RESERVED
CVE-2020-35354
	RESERVED
CVE-2020-35353
	RESERVED
CVE-2020-35352
	RESERVED
CVE-2020-35351
	RESERVED
CVE-2020-35350
	RESERVED
CVE-2020-35349 (Savsoft Quiz 5 is affected by: Cross Site Scripting (XSS) via field_ti ...)
	NOT-FOR-US: Savsoft Quiz
CVE-2020-35348
	RESERVED
CVE-2020-35347 (CXUUCMS V3 3.1 has a CSRF vulnerability that can add an administrator  ...)
	NOT-FOR-US: CXUUCMS
CVE-2020-35346 (CXUUCMS V3 3.1 is affected by a reflected XSS vulnerability that allow ...)
	NOT-FOR-US: CXUUCMS
CVE-2020-35345
	RESERVED
CVE-2020-35344
	RESERVED
CVE-2020-35343
	RESERVED
CVE-2020-35342
	RESERVED
CVE-2020-35341
	RESERVED
CVE-2020-35340 (A local file inclusion vulnerability in ExpertPDF 9.5.0 through 14.1.0 ...)
	NOT-FOR-US: ExpertPDF
CVE-2020-35339 (In 74cms version 5.0.1, there is a remote code execution vulnerability ...)
	NOT-FOR-US: 74cms
CVE-2020-35338 (The Web Administrative Interface in Mobile Viewpoint Wireless Multiple ...)
	NOT-FOR-US: Mobile Viewpoint Wireless Multiplex Terminal (WMT) Playout Server
CVE-2020-35337 (ThinkSAAS before 3.38 contains a SQL injection vulnerability through a ...)
	NOT-FOR-US: ThinkSAAS
CVE-2020-35336
	RESERVED
CVE-2020-35335
	RESERVED
CVE-2020-35334
	RESERVED
CVE-2020-35333
	RESERVED
CVE-2020-35332
	RESERVED
CVE-2020-35331
	RESERVED
CVE-2020-35330
	RESERVED
CVE-2020-35329 (Courier Management System 1.0 1.0 is affected by SQL Injection via 'MU ...)
	NOT-FOR-US: Courier Management System
CVE-2020-35328 (Courier Management System 1.0 - 'First Name' Stored XSS ...)
	NOT-FOR-US: Courier Management System
CVE-2020-35327 (SQL injection vulnerability was discovered in Courier Management Syste ...)
	NOT-FOR-US: Courier Management System
CVE-2020-35326
	RESERVED
CVE-2020-35325
	RESERVED
CVE-2020-35324
	RESERVED
CVE-2020-35323
	RESERVED
CVE-2020-35322
	RESERVED
CVE-2020-35321
	RESERVED
CVE-2020-35320
	RESERVED
CVE-2020-35319
	RESERVED
CVE-2020-35318
	RESERVED
CVE-2020-35317
	RESERVED
CVE-2020-35316
	RESERVED
CVE-2020-35315
	RESERVED
CVE-2020-35314 (A remote code execution vulnerability in the installUpdateThemePluginA ...)
	NOT-FOR-US: WonderCMS
CVE-2020-35313 (A server-side request forgery (SSRF) vulnerability in the addCustomThe ...)
	NOT-FOR-US: WonderCMS
CVE-2020-35312
	RESERVED
CVE-2020-35311
	RESERVED
CVE-2020-35310
	REJECTED
CVE-2020-35309 (Bakeshop Online Ordering System in PHP/MySQLi 1.0 is affected by cross ...)
	NOT-FOR-US: Bakeshop Online Ordering System in PHP/MySQLi
CVE-2020-35308 (CONQUEST DICOM SERVER before 1.5.0 has a code execution vulnerability  ...)
	NOT-FOR-US: CONQUEST DICOM SERVER
CVE-2020-35307
	RESERVED
CVE-2020-35306
	RESERVED
CVE-2020-35305
	RESERVED
CVE-2020-35304
	RESERVED
CVE-2020-35303
	RESERVED
CVE-2020-35302
	RESERVED
CVE-2020-35301
	RESERVED
CVE-2020-35300
	RESERVED
CVE-2020-35299
	RESERVED
CVE-2020-35298
	RESERVED
CVE-2020-35297
	RESERVED
CVE-2020-35296 (ThinkAdmin v6 has default administrator credentials, which allows atta ...)
	NOT-FOR-US: ThinkAdmin
CVE-2020-35295
	RESERVED
CVE-2020-35294
	RESERVED
CVE-2020-35293
	RESERVED
CVE-2020-35292
	RESERVED
CVE-2020-35291
	RESERVED
CVE-2020-35290
	RESERVED
CVE-2020-35289
	RESERVED
CVE-2020-35288
	RESERVED
CVE-2020-35287
	RESERVED
CVE-2020-35286
	RESERVED
CVE-2020-35285
	RESERVED
CVE-2020-35284 (Flamingo (aka FlamingoIM) through 2020-09-29 allows ../ directory trav ...)
	NOT-FOR-US: Flamingo (aka FlamingoIM)
CVE-2020-35283
	RESERVED
CVE-2020-35282
	RESERVED
CVE-2020-35281
	RESERVED
CVE-2020-35280
	RESERVED
CVE-2020-35279
	RESERVED
CVE-2020-35278
	RESERVED
CVE-2020-35277
	RESERVED
CVE-2020-35276 (EgavilanMedia ECM Address Book 1.0 is affected by SQL injection. An at ...)
	NOT-FOR-US: EgavilanMedia ECM Address Book
CVE-2020-35275 (Coastercms v5.8.18 is affected by cross-site Scripting (XSS). A user c ...)
	NOT-FOR-US: Coastercms
CVE-2020-35274 (DotCMS Add Template with admin panel 20.11 is affected by cross-site S ...)
	NOT-FOR-US: DotCMS
CVE-2020-35273 (EgavilanMedia User Registration &amp; Login System with Admin Panel 1. ...)
	NOT-FOR-US: EgavilanMedia User Registration & Login System with Admin Panel
CVE-2020-35272 (Employee Performance Evaluation System in PHP/MySQLi with Source Code  ...)
	NOT-FOR-US: Employee Performance Evaluation System in PHP/MySQLi with Source Code
CVE-2020-35271 (Employee Performance Evaluation System in PHP/MySQLi with Source Code  ...)
	NOT-FOR-US: Employee Performance Evaluation System in PHP/MySQLi with Source Code
CVE-2020-35270 (Student Result Management System In PHP With Source Code is affected b ...)
	NOT-FOR-US: Student Result Management System In PHP With Source Code
CVE-2020-35269 (Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross ...)
	- nagios4 <unfixed> (unimportant)
	NOTE: https://gist.github.com/MoSalah20/d1d40b43eafba0bd22ee4cddecad3cbc
	NOTE: https://github.com/NagiosEnterprises/nagioscore/issues/809
	NOTE: Negligible security impact, only affects inherently insecure setups
CVE-2020-35268
	RESERVED
CVE-2020-35267
	RESERVED
CVE-2020-35266
	RESERVED
CVE-2020-35265
	RESERVED
CVE-2020-35264
	RESERVED
CVE-2020-35263 (EgavilanMedia User Registration &amp; Login System 1.0 is affected by  ...)
	NOT-FOR-US: EgavilanMedia User Registration & Login System
CVE-2020-35262 (Cross Site Scripting (XSS) vulnerability in Digisol DG-HR3400 can be e ...)
	NOT-FOR-US: Digisol
CVE-2020-35261
	RESERVED
CVE-2020-35260
	RESERVED
CVE-2020-35259
	RESERVED
CVE-2020-35258
	RESERVED
CVE-2020-35257
	RESERVED
CVE-2020-35256
	RESERVED
CVE-2020-35255
	RESERVED
CVE-2020-35254
	RESERVED
CVE-2020-35253
	RESERVED
CVE-2020-35252 (Cross Site Scripting (XSS) vulnerability via the 'Full Name' parameter ...)
	NOT-FOR-US: User Registration & Login System
CVE-2020-35251
	RESERVED
CVE-2020-35250
	RESERVED
CVE-2020-35249 (Cross Site Scripting (XSS) vulnerability in ElkarBackup 1.3.3, allows  ...)
	NOT-FOR-US: ElkarBackup
CVE-2020-35248
	RESERVED
CVE-2020-35247
	RESERVED
CVE-2020-35246
	RESERVED
CVE-2020-35245 (Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulne ...)
	NOT-FOR-US: Flamingo (aka FlamingoIM)
CVE-2020-35244 (Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulne ...)
	NOT-FOR-US: Flamingo (aka FlamingoIM)
CVE-2020-35243 (Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulne ...)
	NOT-FOR-US: Flamingo (aka FlamingoIM)
CVE-2020-35242 (Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulne ...)
	NOT-FOR-US: Flamingo (aka FlamingoIM)
CVE-2020-35241 (FlatPress 1.0.3 is affected by cross-site scripting (XSS) in the Blog  ...)
	NOT-FOR-US: FlatPress
CVE-2020-35240 (** DISPUTED ** FluxBB 1.5.11 is affected by cross-site scripting (XSS  ...)
	NOT-FOR-US: FluxBB
CVE-2020-35239 (A vulnerability exists in CakePHP versions 4.0.x through 4.1.3. The Cs ...)
	- cakephp <not-affected> (Vulnerable code introduced later)
	NOTE: Fixed by: https://github.com/cakephp/cakephp/commit/d2da5346a6cddab284f8cf94e38f90d897595fe8 (4.0.10)
	NOTE: Introduced after: https://github.com/cakephp/cakephp/commit/45474a4a9ca10e7c16db40180d086e4144006a9b (3.5.0-RC1)
CVE-2020-35238
	RESERVED
CVE-2020-35237
	RESERVED
CVE-2020-35236 (The GitLab Webhook Handler in amazee.io Lagoon before 1.12.3 has incor ...)
	NOT-FOR-US: amazee.io Lagoon
CVE-2020-35235 (** UNSUPPORTED WHEN ASSIGNED ** vendor/elfinder/php/connector.minimal. ...)
	NOT-FOR-US: WordPress plugin secure-file-manager
CVE-2020-35234 (The easy-wp-smtp plugin before 1.4.4 for WordPress allows Administrato ...)
	NOT-FOR-US: WordPress plugin easy-wp-smtp
CVE-2020-35233 (The TFTP server fails to handle multiple connections on NETGEAR JGS516 ...)
	NOT-FOR-US: Netgear
CVE-2020-35232
	REJECTED
CVE-2020-35231 (The NSDP protocol implementation on NETGEAR JGS516PE/GS116Ev2 v2.6.0.4 ...)
	NOT-FOR-US: Netgear
CVE-2020-35230 (Multiple integer overflow parameters were found in the web administrat ...)
	NOT-FOR-US: Netgear
CVE-2020-35229 (The authentication token required to execute NSDP write requests on NE ...)
	NOT-FOR-US: Netgear
CVE-2020-35228 (A cross-site scripting (XSS) vulnerability in the administration web p ...)
	NOT-FOR-US: Netgear
CVE-2020-35227 (A buffer overflow vulnerability in the access control section on NETGE ...)
	NOT-FOR-US: Netgear
CVE-2020-35226 (NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allow unauthenticated user ...)
	NOT-FOR-US: Netgear
CVE-2020-35225 (The NSDP protocol implementation on NETGEAR JGS516PE/GS116Ev2 v2.6.0.4 ...)
	NOT-FOR-US: Netgear
CVE-2020-35224 (A buffer overflow vulnerability in the NSDP protocol authentication me ...)
	NOT-FOR-US: Netgear
CVE-2020-35223 (The CSRF protection mechanism implemented in the web administration pa ...)
	NOT-FOR-US: Netgear
CVE-2020-35222
	REJECTED
CVE-2020-35221 (The hashing algorithm implemented for NSDP password authentication on  ...)
	NOT-FOR-US: Netgear
CVE-2020-35220
	REJECTED
CVE-2020-35219 (The ASUS DSL-N17U modem with firmware 1.1.0.2 allows attackers to acce ...)
	NOT-FOR-US: ASUS
CVE-2020-35218
	RESERVED
CVE-2020-35217 (Vert.x-Web framework v4.0 milestone 1-4 does not perform a correct CSR ...)
	NOT-FOR-US: Vert.x-Web framework
CVE-2020-35216 (An issue in Atomix v3.1.5 allows attackers to cause a denial of servic ...)
	NOT-FOR-US: Atomix
CVE-2020-35215 (An issue in Atomix v3.1.5 allows attackers to access sensitive informa ...)
	NOT-FOR-US: Atomix
CVE-2020-35214 (An issue in Atomix v3.1.5 allows a malicious Atomix node to remove sta ...)
	NOT-FOR-US: Atomix
CVE-2020-35213 (An issue in Atomix v3.1.5 allows attackers to cause a denial of servic ...)
	NOT-FOR-US: Atomix
CVE-2020-35212
	RESERVED
CVE-2020-35211 (An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to become t ...)
	NOT-FOR-US: Atomix
CVE-2020-35210 (A vulnerability in Atomix v3.1.5 allows attackers to cause a denial of ...)
	NOT-FOR-US: Atomix
CVE-2020-35209 (An issue in Atomix v3.1.5 allows unauthorized Atomix nodes to join a t ...)
	NOT-FOR-US: Atomix
CVE-2020-35208 (** DISPUTED ** An issue was discovered in the LogMein LastPass Passwor ...)
	NOT-FOR-US: LogMein LastPass Password Manager (aka com.lastpass.ilastpass) app for iOS
CVE-2020-35207 (** DISPUTED ** An issue was discovered in the LogMein LastPass Passwor ...)
	NOT-FOR-US: LogMein LastPass Password Manager (aka com.lastpass.ilastpass) app for iOS
CVE-2020-35206 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Web Compliance Manage ...)
	NOT-FOR-US: Quest Policy Authority
CVE-2020-35205 (** UNSUPPORTED WHEN ASSIGNED ** Server Side Request Forgery (SSRF) in  ...)
	NOT-FOR-US: Quest Policy Authority
CVE-2020-35204 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authorit ...)
	NOT-FOR-US: Quest Policy Authority
CVE-2020-35203 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Web Compliance Manage ...)
	NOT-FOR-US: Quest Policy Authority
CVE-2020-35202 (Ignite Realtime Openfire 4.6.0 has plugins/dbaccess/db-access.jsp sql  ...)
	NOT-FOR-US: Ignite Realtime Openfire
CVE-2020-35201 (Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp users Stored XS ...)
	NOT-FOR-US: Ignite Realtime Openfire
CVE-2020-35200 (Ignite Realtime Openfire 4.6.0 has plugins/clientcontrol/spark-form.js ...)
	NOT-FOR-US: Ignite Realtime Openfire
CVE-2020-35199 (Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp groupchatJID St ...)
	NOT-FOR-US: Ignite Realtime Openfire
CVE-2020-35198 (An issue was discovered in Wind River VxWorks 7. The memory allocator  ...)
	NOT-FOR-US: Wind River VxWorks 7
CVE-2020-35197 (The official memcached docker images before 1.5.11-alpine (Alpine spec ...)
	NOT-FOR-US: memcached docker images before 1.5.11-alpine (Alpine specific)
CVE-2020-35196 (The official rabbitmq docker images before 3.7.13-beta.1-management-al ...)
	NOT-FOR-US: rabbitmq docker images before 3.7.13-beta.1-management-alpine (Alpine specific)
CVE-2020-35195 (The official haproxy docker images before 1.8.18-alpine (Alpine specif ...)
	NOT-FOR-US: haproxy docker images before 1.8.18-alpine (Alpine specific)
CVE-2020-35194
	REJECTED
CVE-2020-35193 (The official sonarqube docker images before alpine (Alpine specific) c ...)
	NOT-FOR-US: sonarqube docker images before alpine (Alpine specific)
CVE-2020-35192 (The official vault docker images before 0.11.6 contain a blank passwor ...)
	NOT-FOR-US: vault docker images
CVE-2020-35191 (The official drupal docker images before 8.5.10-fpm-alpine (Alpine spe ...)
	NOT-FOR-US: drupal docker images
CVE-2020-35190 (The official plone Docker images before version of 4.3.18-alpine (Alpi ...)
	NOT-FOR-US: plone Docker images
CVE-2020-35189 (The official kong docker images before 1.0.2-alpine (Alpine specific)  ...)
	NOT-FOR-US: kong docker images before 1.0.2-alpine (Alpine specific)
CVE-2020-35188
	REJECTED
CVE-2020-35187 (The official telegraf docker images before 1.9.4-alpine (Alpine specif ...)
	NOT-FOR-US: telegraf docker images before 1.9.4-alpine (Alpine specific)
CVE-2020-35186 (The official adminer docker images before 4.7.0-fastcgi contain a blan ...)
	NOT-FOR-US: adminer docker images
CVE-2020-35185 (The official ghost docker images before 2.16.1-alpine (Alpine specific ...)
	NOT-FOR-US: ghost docker images (Alpine specific)
CVE-2020-35184 (The official composer docker images before 1.8.3 contain a blank passw ...)
	NOT-FOR-US: composer docker images
CVE-2020-35183
	RESERVED
CVE-2020-35182
	RESERVED
CVE-2020-35181
	RESERVED
CVE-2020-35180
	RESERVED
CVE-2020-35179
	RESERVED
CVE-2020-35178
	RESERVED
CVE-2020-35177 (HashiCorp Vault and Vault Enterprise 1.4.1 and newer allowed the enume ...)
	NOT-FOR-US: HashiCorp Vault
CVE-2020-35176 (In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial a ...)
	{DLA-2506-1}
	- awstats 7.8-2 (bug #977190)
	[buster] - awstats 7.6+dfsg-2+deb10u1
	NOTE: https://github.com/eldy/awstats/issues/195
	NOTE: https://github.com/eldy/AWStats/commit/96756d7f40e002cc1e6ba72c633fb66b92e54f49
CVE-2020-35175 (Frappe Framework 12 and 13 does not properly validate the HTTP method  ...)
	NOT-FOR-US: Frappe Framework
CVE-2020-35174
	RESERVED
CVE-2020-35173 (The Amaze File Manager application before 3.4.2 for Android does not p ...)
	NOT-FOR-US: Amaze File Manager application for Android
CVE-2020-35172
	RESERVED
CVE-2020-35171
	RESERVED
CVE-2020-35170 (Dell EMC Unisphere for PowerMax versions prior to 9.1.0.9, Dell EMC Un ...)
	NOT-FOR-US: Dell EMC Unisphere for PowerMax
CVE-2020-35169
	RESERVED
CVE-2020-35168
	RESERVED
CVE-2020-35167
	RESERVED
CVE-2020-35166
	RESERVED
CVE-2020-35165
	RESERVED
CVE-2020-35164
	RESERVED
CVE-2020-35163
	RESERVED
CVE-2020-35162
	RESERVED
CVE-2020-35161
	RESERVED
CVE-2020-35160
	RESERVED
CVE-2020-35159
	RESERVED
CVE-2020-35158
	RESERVED
CVE-2020-35157
	RESERVED
CVE-2020-35156
	RESERVED
CVE-2020-35155
	RESERVED
CVE-2020-35154
	RESERVED
CVE-2020-35153
	RESERVED
CVE-2020-35152 (Cloudflare WARP for Windows allows privilege escalation due to an unqu ...)
	NOT-FOR-US: Cloudflare WARP for Windows
CVE-2020-35151 (The Online Marriage Registration System 1.0 post parameter "searchdata ...)
	NOT-FOR-US: Online Marriage Registration System
CVE-2020-35150
	RESERVED
CVE-2020-35149 (lib/utils.js in mquery before 3.2.3 allows a pollution attack because  ...)
	NOT-FOR-US: Node mquery
CVE-2020-35148
	RESERVED
CVE-2020-35147
	RESERVED
CVE-2020-35146
	RESERVED
CVE-2020-35145 (Acronis True Image for Windows prior to 2021 Update 3 allowed local pr ...)
	NOT-FOR-US: Acronis
CVE-2020-35144
	REJECTED
CVE-2020-35143
	RESERVED
CVE-2020-35142
	RESERVED
CVE-2020-35141
	RESERVED
CVE-2020-35140
	RESERVED
CVE-2020-35139
	RESERVED
CVE-2020-35138 (** DISPUTED ** The MobileIron agents through 2021-03-22 for Android an ...)
	NOT-FOR-US: MobileIron
CVE-2020-35137
	REJECTED
CVE-2020-35136 (Dolibarr 12.0.3 is vulnerable to authenticated Remote Code Execution.  ...)
	- dolibarr <removed>
CVE-2020-35135 (The ultimate-category-excluder plugin before 1.2 for WordPress allows  ...)
	NOT-FOR-US: ultimate-category-excluder plugin for WordPress
CVE-2020-35134
	RESERVED
CVE-2020-35133 (irfanView 4.56 contains an error processing parsing files of type .pcx ...)
	NOT-FOR-US: irfanView
CVE-2020-35132 (An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2 that a ...)
	- phpldapadmin <unfixed> (bug #987355)
	NOTE: https://bugs.launchpad.net/ubuntu/+source/phpldapadmin/+bug/1906474
	NOTE: https://github.com/leenooks/phpLDAPadmin/commit/c87571f6b7be15d5cd8b26381b6eb31ad03d28e2
	NOTE: https://github.com/leenooks/phpLDAPadmin/issues/130
	NOTE: Fix is incomplete: https://github.com/leenooks/phpLDAPadmin/issues/130#issuecomment-745152260
	NOTE: https://github.com/leenooks/phpLDAPadmin/issues/137
CVE-2020-35131 (Cockpit before 0.6.1 allows an attacker to inject custom PHP code and  ...)
	NOT-FOR-US: Agentejo Cockpit
CVE-2020-35130
	RESERVED
CVE-2020-35129 (Mautic before 3.2.4 is affected by stored XSS. An attacker with access ...)
	NOT-FOR-US: Mautic
CVE-2020-35128 (Mautic before 3.2.4 is affected by stored XSS. An attacker with permis ...)
	NOT-FOR-US: Mautic
CVE-2020-35127 (Ignite Realtime Openfire 4.6.0 has plugins/bookmarks/create-bookmark.j ...)
	NOT-FOR-US: Ignite Realtime Openfire
CVE-2020-35126 (** DISPUTED ** Typesetter CMS 5.x through 5.1 allows admins to conduct ...)
	NOT-FOR-US: Typesetter CMS
CVE-2020-35125 (A cross-site scripting (XSS) vulnerability in the forms component of M ...)
	NOT-FOR-US: Mautic
CVE-2020-35124 (A cross-site scripting (XSS) vulnerability in the assets component of  ...)
	NOT-FOR-US: Mautic
CVE-2020-35123 (In Zimbra Collaboration Suite Network Edition versions &lt; 9.0.0 P10  ...)
	NOT-FOR-US: Zimbra Collaboration Suite (ZCS)
CVE-2020-35122 (An issue was discovered in the Keysight Database Connector plugin befo ...)
	NOT-FOR-US: Keysight Database Connector plugin for Confluence
CVE-2020-35121 (An issue was discovered in the Keysight Database Connector plugin befo ...)
	NOT-FOR-US: Keysight Database Connector plugin for Confluence
CVE-2020-35120
	RESERVED
CVE-2020-35119
	RESERVED
CVE-2020-35118
	RESERVED
CVE-2020-35117
	RESERVED
CVE-2020-35116
	RESERVED
CVE-2020-35115
	RESERVED
CVE-2020-35114 (Mozilla developers reported memory safety bugs present in Firefox 83.  ...)
	- firefox 84.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-35114
CVE-2020-35113 (Mozilla developers reported memory safety bugs present in Firefox 83 a ...)
	{DSA-4815-1 DSA-4813-1 DLA-2497-1 DLA-2496-1}
	- firefox 84.0-1
	- firefox-esr 78.6.0esr-1
	- thunderbird 1:78.6.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-35113
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/#CVE-2020-35113
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/#CVE-2020-35113
CVE-2020-35112 (If a user downloaded a file lacking an extension on Windows, and then  ...)
	- firefox <not-affected> (Only affects Windows)
	- firefox-esr <not-affected> (Only affects Windows)
	- thunderbird <not-affected> (only affects Windows)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-35112
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/#CVE-2020-35112
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/#CVE-2020-35112
CVE-2020-35111 (When an extension with the proxy permission registered to receive &lt; ...)
	{DSA-4815-1 DSA-4813-1 DLA-2497-1 DLA-2496-1}
	- firefox 84.0-1
	- firefox-esr 78.6.0esr-1
	- thunderbird 1:78.6.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-35111
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/#CVE-2020-35111
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/#CVE-2020-35111
CVE-2020-35110
	REJECTED
CVE-2020-35109
	RESERVED
CVE-2020-35108
	RESERVED
CVE-2020-35107
	RESERVED
CVE-2020-35106
	RESERVED
CVE-2020-35096
	RESERVED
CVE-2020-35090
	REJECTED
CVE-2020-35076
	REJECTED
CVE-2020-35061
	RESERVED
CVE-2020-35037 (The Events Manager WordPress plugin before 5.9.8 does not sanitise and ...)
	NOT-FOR-US: WordPress plugin events-manager
CVE-2020-35030
	RESERVED
CVE-2020-35017
	RESERVED
CVE-2020-35012 (The Events Manager WordPress plugin before 5.9.8 does not sanitise and ...)
	NOT-FOR-US: WordPress plugin events-manager
CVE-2020-35001
	RESERVED
CVE-2020-29670
	RESERVED
CVE-2020-29669 (In the Macally WIFISD2-2A82 Media and Travel Router 2.000.010, the Gue ...)
	NOT-FOR-US: Macally WIFISD2-2A82 Media and Travel Router
CVE-2020-29668 (Sympa before 6.2.59b.2 allows remote attackers to obtain full SOAP API ...)
	{DSA-4818-1 DLA-2499-1}
	- sympa 6.2.58~dfsg-2 (bug #976020)
	NOTE: https://github.com/sympa-community/sympa/issues/1041
	NOTE: https://github.com/sympa-community/sympa/pull/1044
CVE-2020-29667 (In Lan ATMService M3 ATM Monitoring System 6.1.0, a remote attacker ab ...)
	NOT-FOR-US: Lan ATMService M3 ATM Monitoring System
CVE-2020-29666 (In Lan ATMService M3 ATM Monitoring System 6.1.0, due to a directory-l ...)
	NOT-FOR-US: Lan ATMService M3 ATM Monitoring System
CVE-2020-29665
	RESERVED
CVE-2020-29664 (A command injection issue in dji_sys in DJI Mavic 2 Remote Controller  ...)
	NOT-FOR-US: DJI Mavic 2 Remote Controller firmware
CVE-2020-29663 (Icinga 2 v2.8.0 through v2.11.7 and v2.12.2 has an issue where revoked ...)
	- icinga2 2.12.3-1
	[buster] - icinga2 <no-dsa> (Minor issue)
	[stretch] - icinga2 <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/Icinga/icinga2/security/advisories/GHSA-pcmr-2p2f-r7j6
	NOTE: https://github.com/Icinga/icinga2/commit/abbd7d5494369af8bbf8fc12f5dc1a0f05a1f817
	NOTE: https://github.com/Icinga/icinga2/commit/cae22a89da9e6a381904c3b207e5a3f93f6ed838
CVE-2020-29662 (In Harbor 2.0 before 2.0.5 and 2.1.x before 2.1.2 the catalog&#8217;s  ...)
	NOT-FOR-US: Harbor
CVE-2020-29661 (A locking issue was discovered in the tty subsystem of the Linux kerne ...)
	{DSA-4843-1 DLA-2586-1 DLA-2557-1}
	- linux 5.9.15-1
	NOTE: https://git.kernel.org/linus/54ffccbf053b5b6ca4f6e45094b942fab92a25fc
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=2125
	NOTE: https://googleprojectzero.blogspot.com/2021/10/how-simple-linux-kernel-memory.html
CVE-2020-29660 (A locking inconsistency issue was discovered in the tty subsystem of t ...)
	{DSA-4843-1 DLA-2586-1 DLA-2557-1}
	- linux 5.9.15-1
	NOTE: https://git.kernel.org/linus/c8bcd9c5be24fb9e6132e97da5a35e55a83e36b9
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=2125
	NOTE: https://googleprojectzero.blogspot.com/2021/10/how-simple-linux-kernel-memory.html
CVE-2020-29659 (A buffer overflow in the web server of Flexense DupScout Enterprise 10 ...)
	NOT-FOR-US: Flexense DupScout Enterprise
CVE-2020-29658 (Zoho ManageEngine Application Control Plus before 100523 has an insecu ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2020-29657 (In JerryScript 2.3.0, there is an out-of-bounds read in main_print_unh ...)
	- iotjs <unfixed> (bug #977736; unimportant)
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/4244
	NOTE: Does not affect code built in into the library
CVE-2020-29656 (An information disclosure vulnerability exists in RT-AC88U Download Ma ...)
	NOT-FOR-US: RT-AC88U Download Master
CVE-2020-29655 (An injection vulnerability exists in RT-AC88U Download Master before 3 ...)
	NOT-FOR-US: RT-AC88U Download Master
CVE-2020-29654 (Western Digital Dashboard before 3.2.2.9 allows DLL Hijacking that lea ...)
	NOT-FOR-US: Western Digital Dashboard
CVE-2020-29653
	RESERVED
CVE-2020-29652 (A nil pointer dereference in the golang.org/x/crypto/ssh component thr ...)
	- golang-go.crypto 1:0.0~git20201221.eec23a3-1
	[buster] - golang-go.crypto <not-affected> (Vulnerable code not present)
	[stretch] - golang-go.crypto <not-affected> (Vulnerable code not present)
	NOTE: https://go-review.googlesource.com/c/crypto/+/278852
	NOTE: https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
	NOTE: Introduced in: https://github.com/golang/crypto/commit/cbcb750295291b33242907a04be40e80801d0cfc (2019-05-10)
CVE-2020-29651 (A denial of service via regular expression in the py.path.svnwc compon ...)
	- python-py 1.10.0-1
	[buster] - python-py <no-dsa> (Minor issue)
	[stretch] - python-py <postponed> (Minor issue)
	- pypy <unfixed> (unimportant)
	- pypy3 <unfixed> (unimportant)
	NOTE: https://github.com/pytest-dev/py/issues/256
	NOTE: https://github.com/pytest-dev/py/pull/257
	NOTE: https://github.com/pytest-dev/py/commit/4a9017dc6199d2a564b6e4b0aa39d6d8870e4144
CVE-2020-29650
	RESERVED
CVE-2020-29649
	RESERVED
CVE-2020-29648
	RESERVED
CVE-2020-29647
	RESERVED
CVE-2020-29646
	RESERVED
CVE-2020-29645
	RESERVED
CVE-2020-29644
	RESERVED
CVE-2020-29643
	RESERVED
CVE-2020-29642
	RESERVED
CVE-2020-29641
	RESERVED
CVE-2020-29640
	RESERVED
CVE-2020-29639 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-29638
	RESERVED
CVE-2020-29637
	RESERVED
CVE-2020-29636
	RESERVED
CVE-2020-29635
	RESERVED
CVE-2020-29634
	RESERVED
CVE-2020-29633 (An authentication issue was addressed with improved state management.  ...)
	NOT-FOR-US: Apple
CVE-2020-29632
	RESERVED
CVE-2020-29631
	RESERVED
CVE-2020-29630
	RESERVED
CVE-2020-29629 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-29628
	RESERVED
CVE-2020-29627
	RESERVED
CVE-2020-29626
	RESERVED
CVE-2020-29625 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2020-29624 (A memory corruption issue existed in the processing of font files. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-29623 ("Clear History and Website Data" did not clear the history. The issue  ...)
	{DSA-4877-1}
	- webkit2gtk 2.30.6-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	- wpewebkit 2.30.6-1
	NOTE: https://webkitgtk.org/security/WSA-2021-0002.html
CVE-2020-29622 (A race condition was addressed with additional validation. This issue  ...)
	NOT-FOR-US: Apple
CVE-2020-29621 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2020-29620 (This issue was addressed with improved entitlements. This issue is fix ...)
	NOT-FOR-US: Apple
CVE-2020-29619 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-29618 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-29617 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-29616 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-29615 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-29614 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2020-29613 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-29612 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-29611 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-29610 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-29609
	RESERVED
CVE-2020-29608 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-29607 (A file upload restriction bypass vulnerability in Pluck CMS before 4.7 ...)
	NOT-FOR-US: Pluck CMS
CVE-2020-35921 (An issue was discovered in the miow crate before 0.3.6 for Rust. It ha ...)
	- rust-miow 0.3.6-1 (bug #976871)
	[buster] - rust-miow <ignored> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0080.html
	NOTE: https://github.com/yoshuawuyts/miow/issues/38
CVE-2020-35919 (An issue was discovered in the net2 crate before 0.2.36 for Rust. It h ...)
	- rust-net2 0.2.37-1 (bug #976870)
	[buster] - rust-net2 <no-dsa> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0078.html
	NOTE: https://github.com/deprecrated/net2-rs/issues/105
CVE-2020-35916 (An issue was discovered in the image crate before 0.23.12 for Rust. A  ...)
	- rust-image <unfixed> (bug #976869)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0073.html
	NOTE: https://github.com/image-rs/image/issues/1357
CVE-2020-29606
	REJECTED
CVE-2020-29605 (An issue was discovered in MantisBT before 2.24.4. Due to insufficient ...)
	- mantis <removed>
CVE-2020-29604 (An issue was discovered in MantisBT before 2.24.4. A missing access ch ...)
	- mantis <removed>
CVE-2020-29603 (In manage_proj_edit_page.php in MantisBT before 2.24.4, any unprivileg ...)
	- mantis <removed>
CVE-2020-29602 (The official irssi docker images before 1.1-alpine (Alpine specific) c ...)
	NOT-FOR-US: irssi Docker images
CVE-2020-29601 (The official notary docker images before signer-0.6.1-1 contain a blan ...)
	NOT-FOR-US: notary Docker images
CVE-2020-29600 (In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute ...)
	{DLA-2506-1}
	- awstats 7.8-1 (bug #891469)
	[buster] - awstats 7.6+dfsg-2+deb10u1
	NOTE: https://github.com/eldy/awstats/issues/90
	NOTE: https://github.com/eldy/awstats/commit/d4d815d0caae3dbae83ac70a1ae4581bd57cf376
CVE-2020-29599 (ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the - ...)
	{DLA-2523-1}
	- imagemagick 8:6.9.11.57+dfsg-1 (bug #977205)
	[buster] - imagemagick <no-dsa> (Minor issue, 200-disable-ghostscript-formats.patch addresses this)
	NOTE: https://github.com/ImageMagick/ImageMagick/discussions/2851
	NOTE: https://insert-script.blogspot.com/2020/11/imagemagick-shell-injection-via-pdf.html
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/a9e63436aa04c805fe3f9e2ed242dfa4621df823
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/68154c05cf40a80b6f2e2dd9fdc4428570f875f0
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/89a1c73ee2693ded91a72d00bdf3aba410f349f1
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/a7b2d8328c539da6e79a118a0b8e97462c7daa77
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/2eead004825d31e8f49022f0bc4ca0d3457b0bb1
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/20f520ed5c8541ae6646bc38d9d3b480785be6c3
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/a2b3dd8455da2f17849b55e6b6ddcce587e4a323
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/7b0cce080345e5b7ef26d122f18809c93a19a80e
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/875fdf773d6e822364f876bed14c1785a01b45a7
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/ab2e97d2f7520d1d9ff36ef421caf2a899e14ce4
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/869e38717fa91325da87c2a4cedc148a770a07ec
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/226804980651bb4eb5f3ba3b9d7e992f2eda4710
	NOTE: ImageMagick6 (bugfix): https://github.com/ImageMagick/ImageMagick6/commit/83ec5b5b8ee7cae891fff59340be207b513a030d (6.9.11-41)
	NOTE: Issue mitigated by disabling ghostscript handled formats based on -SAFER insecurity,
	NOTE: cf 200-disable-ghostscript-formats.patch in 8:6.9.10.23+dfsg-2.1+deb10u1, but opens
	NOTE: #964090.
	NOTE: 2 vectors for IM6:
	NOTE: - stealth (ps:* delegates, hard-coded options)
	NOTE: broken between 78c7532f3ff5424de06e5d807cbb35c041bd2990 (6.9.4-2) and 8787fc6de99078fde055bd400b14e1ce3a2971f9 (6.9.8-1)
	NOTE: '-authenticate' replaced by '-define authenticate=' between 8787fc6de99078fde055bd400b14e1ce3a2971f9 (6.9.8-1) and 83ec5b above
	NOTE: - bimodal ('-define delegate:bimodal=true' + pdf->(e)ps delegates, %a expansion) after 78c7532f3ff5424de06e5d807cbb35c041bd2990 (6.9.4-2)
CVE-2020-29598
	REJECTED
CVE-2020-29597 (IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file  ...)
	NOT-FOR-US: IncomCMS
CVE-2020-29596 (MiniWeb HTTP server 0.8.19 allows remote attackers to cause a denial o ...)
	NOT-FOR-US: MiniWeb HTTP server
CVE-2020-29595 (PlugIns\IDE_ACDStd.apl in ACDSee Photo Studio Studio Professional 2021 ...)
	NOT-FOR-US: ACDSee Photo Studio Studio Professional
CVE-2020-29594 (Rocket.Chat before 0.74.4, 1.x before 1.3.4, 2.x before 2.4.13, 3.x be ...)
	NOT-FOR-US: Rocket.Chat
CVE-2020-29593 (An issue was discovered in Orchard before 1.10. The Media Settings All ...)
	NOT-FOR-US: Orchard CMS
CVE-2020-29592 (An issue was discovered in Orchard before 1.10. A broken access contro ...)
	NOT-FOR-US: Orchard CMS
CVE-2020-29591 (Versions of the Official registry Docker images through 2.7.0 contain  ...)
	NOT-FOR-US: registry Docker image
CVE-2020-29590
	REJECTED
CVE-2020-29589
	REJECTED
CVE-2020-29588
	RESERVED
CVE-2020-29587 (SimplCommerce 1.0.0-rc uses the Bootbox.js library, which allows creat ...)
	NOT-FOR-US: SimplCommerce
CVE-2020-29586
	RESERVED
CVE-2020-29585
	RESERVED
CVE-2020-29584
	RESERVED
CVE-2020-29583 (Firmware version 4.60 of Zyxel USG devices contains an undocumented ac ...)
	NOT-FOR-US: Zyxel
CVE-2020-29582 (In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for  ...)
	- kotlin <unfixed> (bug #1001037)
	NOTE: https://youtrack.jetbrains.com/issue/KT-42181 (not public)
CVE-2020-29581 (The official spiped docker images before 1.5-alpine contain a blank pa ...)
	NOT-FOR-US: spiped Docker images
CVE-2020-29580 (The official storm Docker images before 1.2.1 contain a blank password ...)
	NOT-FOR-US: storm Docker images
CVE-2020-29579 (The official Express Gateway Docker images before 1.14.0 contain a bla ...)
	NOT-FOR-US: Express Gateway Docker images
CVE-2020-29578 (The official piwik Docker images before fpm-alpine (Alpine specific) c ...)
	NOT-FOR-US: piwik Docker images
CVE-2020-29577 (The official znc docker images before 1.7.1-slim contain a blank passw ...)
	NOT-FOR-US: znc Docker images
CVE-2020-29576 (The official eggdrop Docker images before 1.8.4rc2 contain a blank pas ...)
	NOT-FOR-US: eggdrop Docker images
CVE-2020-29575 (The official elixir Docker images before 1.8.0-alpine (Alpine specific ...)
	NOT-FOR-US: elixir Docker images
CVE-2020-29574 (An SQL injection vulnerability in the WebAdmin of Cyberoam OS through  ...)
	NOT-FOR-US: WebAdmin of Cyberoam OS
CVE-2020-29573 (sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) befo ...)
	- glibc 2.23-1
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=26649
	NOTE: https://sourceware.org/pipermail/libc-alpha/2020-September/117779.html
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1905213#c5
	NOTE: Fixed by: https://sourceware.org/git/?p=glibc.git;h=d81f90ccd0109de9ed78aeeb8d86e2c6d4600690 (glibc-2.22)
	NOTE: Fixed by: https://sourceware.org/git/?p=glibc.git;h=8df4e219e43a4a257d0759b54fef8c488e2f282e (glibc-2.23)
CVE-2020-29572 (app/View/Elements/genericElements/SingleViews/Fields/genericField.ctp  ...)
	NOT-FOR-US: MISP
CVE-2020-29571 (An issue was discovered in Xen through 4.14.x. A bounds check common t ...)
	{DSA-4812-1}
	- xen 4.14.0+88-g1d1d1f5391-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-359.html
CVE-2020-29570 (An issue was discovered in Xen through 4.14.x. Recording of the per-vC ...)
	{DSA-4812-1}
	- xen 4.14.0+88-g1d1d1f5391-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-358.html
CVE-2020-29569 (An issue was discovered in the Linux kernel through 5.10.1, as used wi ...)
	{DSA-4843-1 DLA-2586-1 DLA-2557-1}
	- linux 5.9.15-1
	NOTE: https://xenbits.xen.org/xsa/advisory-350.html
CVE-2020-29568 (An issue was discovered in Xen through 4.14.x. Some OSes (such as Linu ...)
	{DSA-4843-1 DLA-2586-1 DLA-2557-1}
	- linux 5.9.15-1
	NOTE: https://xenbits.xen.org/xsa/advisory-349.html
CVE-2020-29567 (An issue was discovered in Xen 4.14.x. When moving IRQs between CPUs t ...)
	- xen 4.14.0+88-g1d1d1f5391-1
	[buster] - xen <not-affected> (Only affects 4.14)
	[stretch] - xen <not-affected> (Only affects 4.14)
	NOTE: https://xenbits.xen.org/xsa/advisory-356.html
CVE-2020-29566 (An issue was discovered in Xen through 4.14.x. When they require assis ...)
	{DSA-4812-1}
	- xen 4.14.0+88-g1d1d1f5391-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-348.html
CVE-2020-29565 (An issue was discovered in OpenStack Horizon before 15.3.2, 16.x befor ...)
	{DSA-4820-1}
	- horizon 3:18.6.1-1 (bug #976872)
	[stretch] - horizon <no-dsa> (Minor issue)
	NOTE: https://bugs.launchpad.net/horizon/+bug/1865026
	NOTE: https://review.opendev.org/c/openstack/horizon/+/758841/
	NOTE: https://review.opendev.org/c/openstack/horizon/+/758843/
	NOTE: https://opendev.org/openstack/horizon/commit/252467100f75587e18df9c43ed5802ee8f0017fa
CVE-2020-29564 (The official Consul Docker images 0.7.1 through 1.4.2 contain a blank  ...)
	NOT-FOR-US: Consul Docker images
CVE-2020-29563 (An issue was discovered on Western Digital My Cloud OS 5 devices befor ...)
	NOT-FOR-US: Western Digital My Cloud OS
CVE-2020-29562 (The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2 ...)
	- glibc 2.31-7 (bug #976391)
	[buster] - glibc <not-affected> (Vulnerability introduced later in 2.30)
	[stretch] - glibc <not-affected> (Vulnerability introduced later in 2.30)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=26923
	NOTE: https://sourceware.org/pipermail/libc-alpha/2020-November/119822.html
	NOTE: https://sourceware.org/git/?p=glibc.git;a=commit;h=228edd356f03bf62dcf2b1335f25d43c602ee68d
CVE-2020-29561 (An issue was discovered in SonicBOOM riscv-boom 3.0.0. For LR, it does ...)
	NOT-FOR-US: SonicBOOM riscv-boom
CVE-2020-29560
	RESERVED
CVE-2020-29559
	RESERVED
CVE-2020-29558
	RESERVED
CVE-2020-29557 (An issue was discovered on D-Link DIR-825 R1 devices through 3.0.1 bef ...)
	NOT-FOR-US: D-Link
CVE-2020-29556 (The Backup functionality in Grav CMS through 1.7.0-rc.17 allows an aut ...)
	NOT-FOR-US: Grav CMS
CVE-2020-29555 (The BackupDelete functionality in Grav CMS through 1.7.0-rc.17 allows  ...)
	NOT-FOR-US: Grav CMS
CVE-2020-29554
	RESERVED
CVE-2020-29553 (The Scheduler in Grav CMS through 1.7.0-rc.17 allows an attacker to ex ...)
	NOT-FOR-US: Grav CMS
CVE-2020-29552 (An issue was discovered in URVE Build 24.03.2020. By using the _intern ...)
	NOT-FOR-US: URVE
CVE-2020-29551 (An issue was discovered in URVE Build 24.03.2020. Using the _internal/ ...)
	NOT-FOR-US: URVE
CVE-2020-29550 (An issue was discovered in URVE Build 24.03.2020. The password of an i ...)
	NOT-FOR-US: URVE
CVE-2020-29549
	RESERVED
CVE-2020-29548 (An issue was discovered in SmarterTools SmarterMail through 100.0.7537 ...)
	NOT-FOR-US: SmarterTools
CVE-2020-29547
	RESERVED
	- citadel <removed>
	[buster] - citadel <ignored> (Minor issue)
	[stretch] - citadel <postponed> (Minor issue, revisit when fixed upstream)
	NOTE: https://uncensored.citadel.org/readfwd?go=Citadel Security?view=0?start_reading_at=2099264259#2099264259
	NOTE: https://nostarttls.secvuln.info/
	NOTE: CVE-2020-29547 and CVE-2021-37845 seem like dupes
CVE-2020-29546
	RESERVED
CVE-2020-29545
	RESERVED
CVE-2020-29544
	RESERVED
CVE-2020-29543
	RESERVED
CVE-2020-29542
	RESERVED
CVE-2020-29541
	RESERVED
CVE-2020-29540 (API calls in the Translation API feature in Systran Pure Neural Server ...)
	NOT-FOR-US: Systran Pure Neural Server
CVE-2020-29539 (A Cross-Site Scripting (XSS) issue in WebUI Translation in Systran Pur ...)
	NOT-FOR-US: Systran Pure Neural Server
CVE-2020-29538 (Archer before 6.9 P1 (6.9.0.1) contains an improper access control vul ...)
	NOT-FOR-US: Archer
CVE-2020-29537 (Archer before 6.8 P2 (6.8.0.2) is affected by an open redirect vulnera ...)
	NOT-FOR-US: Archer
CVE-2020-29536 (Archer before 6.8 P2 (6.8.0.2) is affected by a path exposure vulnerab ...)
	NOT-FOR-US: Archer
CVE-2020-29535 (Archer before 6.8 P4 (6.8.0.4) contains a stored XSS vulnerability. A  ...)
	NOT-FOR-US: Archer
CVE-2020-29533
	RESERVED
CVE-2020-29532
	RESERVED
CVE-2020-29531
	RESERVED
CVE-2020-29530
	RESERVED
CVE-2020-29534 (An issue was discovered in the Linux kernel before 5.9.3. io_uring tak ...)
	- linux 5.9.6-1
	[buster] - linux <not-affected> (Vulnerable code not present)
	[stretch] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=2089
	NOTE: https://git.kernel.org/linus/0f2122045b946241a9e549c2a76cea54fa58a7ff
CVE-2020-29529 (HashiCorp go-slug up to 0.4.3 did not fully protect against directory  ...)
	- golang-github-hashicorp-go-slug 0.5.0-1 (bug #976873)
	NOTE: https://github.com/hashicorp/go-slug/pull/12
CVE-2020-29528
	RESERVED
CVE-2020-29527
	RESERVED
CVE-2020-29526
	RESERVED
CVE-2020-29525
	RESERVED
CVE-2020-29524
	RESERVED
CVE-2020-29523
	RESERVED
CVE-2020-29522
	RESERVED
CVE-2020-29521
	RESERVED
CVE-2020-29520
	RESERVED
CVE-2020-29519
	RESERVED
CVE-2020-29518
	RESERVED
CVE-2020-29517
	RESERVED
CVE-2020-29516
	RESERVED
CVE-2020-29515
	RESERVED
CVE-2020-29514
	RESERVED
CVE-2020-29513
	RESERVED
CVE-2020-29512
	RESERVED
CVE-2020-29511 (The encoding/xml package in Go (all versions) does not correctly prese ...)
	- golang-1.15 <unfixed> (unimportant)
	- golang-1.11 <removed> (unimportant)
	- golang-1.8 <removed> (unimportant)
	[stretch] - golang-1.8 <ignored> (deemed unfixable by upstream who shifts responsibility to saml packages we don't ship)
	- golang-1.7 <removed> (unimportant)
	[stretch] - golang-1.7 <ignored> (deemed unfixable by upstream who shifts responsibility to saml packages we don't ship)
	NOTE: https://github.com/golang/go/issues/43168
	NOTE: https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/
	NOTE: Upstream considers this WONTFIX and requires validation/updates in potentially affected SAML libs
CVE-2020-29510 (The encoding/xml package in Go versions 1.15 and earlier does not corr ...)
	- golang-1.15 <unfixed> (unimportant)
	- golang-1.11 <removed> (unimportant)
	- golang-1.8 <removed> (unimportant)
	[stretch] - golang-1.8 <ignored> (deemed unfixable by upstream who shifts responsibility to saml packages we don't ship)
	- golang-1.7 <removed> (unimportant)
	[stretch] - golang-1.7 <ignored> (deemed unfixable by upstream who shifts responsibility to saml packages we don't ship)
	NOTE: https://github.com/golang/go/issues/43168
	NOTE: https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/
	NOTE: Upstream considers this WONTFIX and requires validation/updates in potentially affected SAML libs
CVE-2020-29509 (The encoding/xml package in Go (all versions) does not correctly prese ...)
	- golang-github-russellhaering-gosaml2 <itp> (bug #948190)
	- golang-1.15 <unfixed> (unimportant)
	- golang-1.11 <removed> (unimportant)
	- golang-1.8 <removed> (unimportant)
	- golang-1.7 <removed> (unimportant)
	NOTE: Golang upstream does not consider the issue to be fixable in Go, instead
	NOTE: shifts responsibility to saml packages.
	NOTE: https://github.com/golang/go/issues/43168
	NOTE: https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/
	NOTE: https://github.com/russellhaering/gosaml2/security/advisories/GHSA-xhqq-x44f-9fgg
CVE-2020-29508
	RESERVED
CVE-2020-29507
	RESERVED
CVE-2020-29506
	RESERVED
CVE-2020-29505
	RESERVED
CVE-2020-29504
	RESERVED
CVE-2020-29503 (Dell EMC PowerStore versions prior to 1.0.3.0.5.xxx contain a file per ...)
	NOT-FOR-US: EMC PowerStore
CVE-2020-29502 (Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Te ...)
	NOT-FOR-US: EMC PowerStore
CVE-2020-29501 (Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Te ...)
	NOT-FOR-US: EMC PowerStore
CVE-2020-29500 (Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Te ...)
	NOT-FOR-US: EMC PowerStore
CVE-2020-29499 (Dell EMC PowerStore versions prior to 1.0.3.0.5.006 contain an OS Comm ...)
	NOT-FOR-US: EMC PowerStore
CVE-2020-29498 (Dell Wyse Management Suite versions prior to 3.1 contain an open redir ...)
	NOT-FOR-US: Dell Wyse Management Suite
CVE-2020-29497 (Dell Wyse Management Suite versions prior to 3.1 contain a stored cros ...)
	NOT-FOR-US: Dell Wyse Management Suite
CVE-2020-29496 (Dell Wyse Management Suite versions prior to 3.1 contain a stored cros ...)
	NOT-FOR-US: Dell Wyse Management Suite
CVE-2020-29495 (DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Comma ...)
	NOT-FOR-US: Dell EMC Avamar Server
CVE-2020-29494 (Dell EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a Path Trav ...)
	NOT-FOR-US: Dell EMC Avamar Server
CVE-2020-29493 (DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injec ...)
	NOT-FOR-US: Dell EMC Avamar Server
CVE-2020-29492 (Dell Wyse ThinOS 8.6 and prior versions contain an insecure default co ...)
	NOT-FOR-US: Dell Wyse ThinOS
CVE-2020-29491 (Dell Wyse ThinOS 8.6 and prior versions contain an insecure default co ...)
	NOT-FOR-US: Dell Wyse ThinOS
CVE-2020-29490 (Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 ...)
	NOT-FOR-US: EMC
CVE-2020-29489 (Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 ...)
	NOT-FOR-US: EMC
CVE-2020-29488
	RESERVED
CVE-2020-29487 (An issue was discovered in Xen XAPI before 2020-12-15. Certain xenstor ...)
	NOT-FOR-US: xapi
CVE-2020-29486 (An issue was discovered in Xen through 4.14.x. Nodes in xenstore have  ...)
	{DSA-4812-1}
	- xen 4.14.0+88-g1d1d1f5391-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-352.html
CVE-2020-29485 (An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a  ...)
	{DSA-4812-1}
	- xen 4.14.0+88-g1d1d1f5391-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-330.html
CVE-2020-29484 (An issue was discovered in Xen through 4.14.x. When a Xenstore watch f ...)
	{DSA-4812-1}
	- xen 4.14.0+88-g1d1d1f5391-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-324.html
CVE-2020-29483 (An issue was discovered in Xen through 4.14.x. Xenstored and guests co ...)
	{DSA-4812-1}
	- xen 4.14.0+88-g1d1d1f5391-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-325.html
CVE-2020-29482 (An issue was discovered in Xen through 4.14.x. A guest may access xens ...)
	{DSA-4812-1}
	- xen 4.14.0+88-g1d1d1f5391-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-323.html
CVE-2020-29481 (An issue was discovered in Xen through 4.14.x. Access rights of Xensto ...)
	{DSA-4812-1}
	- xen 4.14.0+88-g1d1d1f5391-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-322.html
CVE-2020-29480 (An issue was discovered in Xen through 4.14.x. Neither xenstore implem ...)
	{DSA-4812-1}
	- xen 4.14.0+88-g1d1d1f5391-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-115.html
CVE-2020-29479 (An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored  ...)
	{DSA-4812-1}
	- xen 4.14.0+88-g1d1d1f5391-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-353.html
CVE-2020-29478 (CA Service Catalog 17.2 and 17.3 contain a vulnerability in the defaul ...)
	NOT-FOR-US: CA Service Catalog
CVE-2020-29477 (Invision Community 4.5.4 is affected by cross-site scripting (XSS) in  ...)
	NOT-FOR-US: Invision Community
CVE-2020-29476
	RESERVED
CVE-2020-29475 (nopCommerce Store 4.30 is affected by cross-site scripting (XSS) in th ...)
	NOT-FOR-US: nopCommerce Store
CVE-2020-29474 (EGavilan Media EGM Address Book 1.0 contains a SQL injection vulnerabi ...)
	NOT-FOR-US: EGavilan Media EGM Address Book
CVE-2020-29473
	RESERVED
CVE-2020-29472 (EGavilan Media Under Construction page with cPanel 1.0 contains a SQL  ...)
	NOT-FOR-US: cPanel
CVE-2020-29471 (OpenCart 3.0.3.6 is affected by cross-site scripting (XSS) in the Prof ...)
	NOT-FOR-US: OpenCart
CVE-2020-29470 (OpenCart 3.0.3.6 is affected by cross-site scripting (XSS) in the Subj ...)
	NOT-FOR-US: OpenCart
CVE-2020-29469 (WonderCMS 3.1.3 is affected by cross-site scripting (XSS) in the Menu  ...)
	NOT-FOR-US: WonderCMS
CVE-2020-29468
	RESERVED
CVE-2020-29467
	RESERVED
CVE-2020-29466
	RESERVED
CVE-2020-29465
	RESERVED
CVE-2020-29464
	RESERVED
CVE-2020-29463
	RESERVED
CVE-2020-29462
	RESERVED
CVE-2020-29461
	RESERVED
CVE-2020-29460
	RESERVED
CVE-2020-29459
	RESERVED
CVE-2020-29458 (Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem. ...)
	NOT-FOR-US: Textpattern CMS
CVE-2020-29457 (A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4. ...)
	NOT-FOR-US: OPC UA .NET
CVE-2020-29456 (Multiple cross-site scripting (XSS) vulnerabilities in Papermerge befo ...)
	NOT-FOR-US: Papermerge
CVE-2020-29455 (A cross-Site Scripting (XSS) vulnerability in this.showInvalid and thi ...)
	NOT-FOR-US: SmartyStreets liveAddressPlugin.js
CVE-2020-29454 (Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user  ...)
	NOT-FOR-US: Umbraco CMS
CVE-2020-29453 (The CachingResourceDownloadRewriteRule class in Jira Server and Jira D ...)
	NOT-FOR-US: Atlassian
CVE-2020-29452
	RESERVED
CVE-2020-29451 (Affected versions of Atlassian Jira Server and Data Center allow remot ...)
	NOT-FOR-US: Atlassian
CVE-2020-29450 (Affected versions of Atlassian Confluence Server and Data Center allow ...)
	NOT-FOR-US: Atlassian
CVE-2020-29449
	RESERVED
CVE-2020-29448 (The ConfluenceResourceDownloadRewriteRule class in Confluence Server a ...)
	NOT-FOR-US: Atlassian
CVE-2020-29447 (Affected versions of Atlassian Crucible allow remote attackers to impa ...)
	NOT-FOR-US: Atlassian
CVE-2020-29446 (Affected versions of Atlassian Fisheye &amp; Crucible allow remote att ...)
	NOT-FOR-US: Atlassian
CVE-2020-29445 (Affected versions of Confluence Server before 7.4.8, and versions from ...)
	NOT-FOR-US: Atlassian
CVE-2020-29444 (Affected versions of Team Calendar in Confluence Server before 7.11.0  ...)
	NOT-FOR-US: Atlassian
CVE-2020-29443 (ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of- ...)
	{DLA-2560-1}
	- qemu 1:5.2+dfsg-11 (bug #983575)
	[buster] - qemu <postponed> (Fix along in future DSA)
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg04255.html
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=813212288970c39b1800f63e83ac6e96588095c6
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=b8d7f1bc59276fec85e4d09f1567613a3e14d31e
	NOTE: https://www.openwall.com/lists/oss-security/2021/01/18/2
CVE-2020-29442
	RESERVED
CVE-2020-29441 (An issue was discovered in the Upload Widget in OutSystems Platform 10 ...)
	NOT-FOR-US: Upload Widget in OutSystems Platform 10
CVE-2020-29440 (Tesla Model X vehicles before 2020-11-23 do not perform certificate va ...)
	NOT-FOR-US: Tesla Model X vehicles
CVE-2020-29439 (Tesla Model X vehicles before 2020-11-23 have key fobs that rely on fi ...)
	NOT-FOR-US: Tesla Model X vehicles
CVE-2020-29438 (Tesla Model X vehicles before 2020-11-23 have key fobs that accept fir ...)
	NOT-FOR-US: Tesla Model X vehicles
CVE-2020-29437 (SQL injection in the Buzz module of OrangeHRM through 4.6 allows remot ...)
	NOT-FOR-US: OrangeHRM
CVE-2020-29436 (Sonatype Nexus Repository Manager 3.x before 3.29.0 allows a user with ...)
	NOT-FOR-US: Sonatype Nexus Repository Manager
CVE-2020-29435
	RESERVED
CVE-2020-29434
	RESERVED
CVE-2020-29433
	RESERVED
CVE-2020-29432
	RESERVED
CVE-2020-29431
	RESERVED
CVE-2020-29430
	RESERVED
CVE-2020-29429
	RESERVED
CVE-2020-29428
	RESERVED
CVE-2020-29427
	RESERVED
CVE-2020-29426
	RESERVED
CVE-2020-29425
	RESERVED
CVE-2020-29424
	RESERVED
CVE-2020-29423
	RESERVED
CVE-2020-29422
	RESERVED
CVE-2020-29421
	RESERVED
CVE-2020-29420
	RESERVED
CVE-2020-29419
	RESERVED
CVE-2020-29418
	RESERVED
CVE-2020-29417
	RESERVED
CVE-2020-29416
	RESERVED
CVE-2020-29415
	RESERVED
CVE-2020-29414
	RESERVED
CVE-2020-29413
	RESERVED
CVE-2020-29412
	RESERVED
CVE-2020-29411
	RESERVED
CVE-2020-29410
	RESERVED
CVE-2020-29409
	RESERVED
CVE-2020-29408
	RESERVED
CVE-2020-29407
	RESERVED
CVE-2020-29406
	RESERVED
CVE-2020-29405
	RESERVED
CVE-2020-29404
	RESERVED
CVE-2020-29403
	RESERVED
CVE-2020-29402
	RESERVED
CVE-2020-29401
	RESERVED
CVE-2020-29400
	RESERVED
CVE-2020-29399
	RESERVED
CVE-2020-29398
	RESERVED
CVE-2020-29397
	RESERVED
CVE-2020-29396 (A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterp ...)
	- odoo <not-affected> (Fixed before initial upload to Debian)
	NOTE: https://github.com/odoo/odoo/issues/63712
CVE-2020-29395 (The EventON plugin through 3.0.5 for WordPress allows addons/?q= XSS v ...)
	NOT-FOR-US: EventON plugin for WordPress
CVE-2020-29394 (A buffer overflow in the dlt_filter_load function in dlt_common.c from ...)
	- dlt-daemon 2.18.5-0.3 (bug #976228)
	[buster] - dlt-daemon <no-dsa> (Minor issue)
	NOTE: https://github.com/GENIVI/dlt-daemon/issues/274
	NOTE: https://github.com/GENIVI/dlt-daemon/pull/275
	NOTE: https://github.com/GENIVI/dlt-daemon/commit/ff4f44c159df6f44b48bd38c9d2f104eb360be11
CVE-2020-29393
	RESERVED
CVE-2020-29392 (The Estil Hill Lock Password Manager Safe app 2.3 for iOS has a *#06#* ...)
	NOT-FOR-US: Estil Hill Lock Password Manager Safe app for iOS
CVE-2020-29391
	RESERVED
CVE-2020-29390 (Zeroshell 3.9.3 contains a command injection vulnerability in the /cgi ...)
	NOT-FOR-US: Zeroshell
CVE-2020-29389 (The official Crux Linux Docker images 3.0 through 3.4 contain a blank  ...)
	NOT-FOR-US: Crux Linux Docker images
CVE-2020-29388
	RESERVED
CVE-2020-29387
	RESERVED
CVE-2020-29386
	RESERVED
CVE-2020-29385 (GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of serv ...)
	- gdk-pixbuf 2.42.2+dfsg-1 (bug #977166)
	[buster] - gdk-pixbuf <not-affected> (Vulnerable code not present)
	[stretch] - gdk-pixbuf <not-affected> (Vulnerable code not present)
	NOTE: https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/bdd3acbd48a575d418ba6bf1b32d7bda2fae1c81
	NOTE: https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/164
CVE-2020-29384 (An issue was discovered in PNGOUT 2020-01-15. When compressing a craft ...)
	NOT-FOR-US: PNGOUT
CVE-2020-29383 (An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1. ...)
	NOT-FOR-US: V-SOL devices
CVE-2020-29382 (An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600G1 ...)
	NOT-FOR-US: V-SOL devices
CVE-2020-29381 (An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4 ...)
	NOT-FOR-US: V-SOL devices
CVE-2020-29380 (An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4 ...)
	NOT-FOR-US: V-SOL devices
CVE-2020-29379 (An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1. ...)
	NOT-FOR-US: V-SOL devices
CVE-2020-29378 (An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4 ...)
	NOT-FOR-US: V-SOL devices
CVE-2020-29377 (An issue was discovered on V-SOL V1600D V2.03.69 OLT devices. The stri ...)
	NOT-FOR-US: V-SOL devices
CVE-2020-29376 (An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4 ...)
	NOT-FOR-US: V-SOL devices
CVE-2020-29375 (An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4 ...)
	NOT-FOR-US: V-SOL devices
CVE-2020-29374 (An issue was discovered in the Linux kernel before 5.7.3, related to m ...)
	{DLA-2690-1 DLA-2689-1}
	- linux 5.7.6-1
	[buster] - linux 4.19.194-1
	NOTE: https://git.kernel.org/linus/17839856fd588f4ab6b789f482ed3ffd7c403e1f
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=2045
CVE-2020-29373 (An issue was discovered in fs/io_uring.c in the Linux kernel before 5. ...)
	- linux 5.6.7-1
	[buster] - linux <not-affected> (Vulnerable code not present)
	[stretch] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/ff002b30181d30cdfbca316dadd099c3ca0d739c
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=2011
CVE-2020-29372 (An issue was discovered in do_madvise in mm/madvise.c in the Linux ker ...)
	- linux 5.6.14-1
	[buster] - linux <not-affected> (Vulnerable code not present)
	[stretch] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/bc0c4d1e176eeb614dc8734fc3ace34292771f11
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=2029
CVE-2020-29371 (An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the ...)
	- linux 5.8.7-1
	[buster] - linux 4.19.146-1
	[stretch] - linux 4.9.240-1
	NOTE: https://git.kernel.org/linus/bcf85fcedfdd17911982a3e3564fcfec7b01eebd
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=2077
CVE-2020-29370 (An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the L ...)
	- linux 5.5.13-1
	[buster] - linux 4.19.118-1
	[stretch] - linux 4.9.228-1
	NOTE: https://git.kernel.org/linus/fd4d9c7d0c71866ec0c2825189ebd2ce35bd95b8
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=2022
CVE-2020-29369 (An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11 ...)
	- linux 5.7.17-1
	[buster] - linux <not-affected> (Vulnerable code introduced later)
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.kernel.org/linus/246c320a8cfe0b11d81a4af38fa9985ef0cc9a4c
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=2056
CVE-2020-29368 (An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the ...)
	- linux 5.7.6-1
	[buster] - linux 4.19.131-1
	[stretch] - linux 4.9.228-1
	NOTE: https://git.kernel.org/linus/c444eb564fb16645c172d550359cb3d75fe8a040
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=2045
CVE-2020-29367 (blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffe ...)
	NOT-FOR-US: C-Blosc2
CVE-2020-29366
	RESERVED
CVE-2020-29365
	RESERVED
CVE-2020-29364 (In NetArt News Lister 1.0.0, the news headlines vulnerable to stored x ...)
	NOT-FOR-US: NetArt News Lister
CVE-2020-29363 (An issue was discovered in p11-kit 0.23.6 through 0.23.21. A heap-base ...)
	{DSA-4822-1}
	- p11-kit 0.23.22-1
	[stretch] - p11-kit <not-affected> (Vulnerable code introduced later)
	NOTE: https://lists.freedesktop.org/archives/p11-glue/2020-December/000712.html
	NOTE: https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5j67-fw89-fp6x
	NOTE: https://github.com/p11-glue/p11-kit/commit/2617f3ef888e103324a28811886b99ed0a56346d (0.23.22)
	NOTE: Introduced in https://github.com/p11-glue/p11-kit/commit/ba49b85ecf280e7fb6eec96c3ef33c50122e75a6 (0.23.6)
CVE-2020-29362 (An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-base ...)
	{DSA-4822-1 DLA-2513-1}
	- p11-kit 0.23.22-1
	NOTE: https://lists.freedesktop.org/archives/p11-glue/2020-December/000712.html
	NOTE: https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5wpq-43j2-6qwc
	NOTE: https://github.com/p11-glue/p11-kit/commit/bda2f543ff8e0195c90e849379ef1585d00677bc (0.23.22)
	NOTE: Introduced in https://github.com/p11-glue/p11-kit/commit/c785ab66890ad7b73c556d6afdf2bb8a32dd50e2 (0.21.1)
CVE-2020-29361 (An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple in ...)
	{DSA-4822-1 DLA-2513-1}
	- p11-kit 0.23.22-1
	NOTE: https://lists.freedesktop.org/archives/p11-glue/2020-December/000712.html
	NOTE: https://github.com/p11-glue/p11-kit/security/advisories/GHSA-q4r3-hm6m-mvc2
	NOTE: https://github.com/p11-glue/p11-kit/commit/5307a1d21a50cacd06f471a873a018d23ba4b963 (0.23.22)
	NOTE: https://github.com/p11-glue/p11-kit/commit/bd670b1d4984b27d6a397b9ddafaf89ab26e4e7f (0.23.22)
CVE-2020-29360
	RESERVED
CVE-2020-29359
	RESERVED
CVE-2020-29358
	RESERVED
CVE-2020-29357
	RESERVED
CVE-2020-29356
	RESERVED
CVE-2020-29355
	RESERVED
CVE-2020-29354
	RESERVED
CVE-2020-29353
	RESERVED
CVE-2020-29352
	RESERVED
CVE-2020-29351
	RESERVED
CVE-2020-29350
	RESERVED
CVE-2020-29349
	RESERVED
CVE-2020-29348
	RESERVED
CVE-2020-29347
	RESERVED
CVE-2020-29346
	RESERVED
CVE-2020-29345
	RESERVED
CVE-2020-29344
	RESERVED
CVE-2020-29343
	RESERVED
CVE-2020-29342
	RESERVED
CVE-2020-29341
	RESERVED
CVE-2020-29340
	RESERVED
CVE-2020-29339
	RESERVED
CVE-2020-29338
	RESERVED
CVE-2020-29337
	RESERVED
CVE-2020-29336
	RESERVED
CVE-2020-29335
	RESERVED
CVE-2020-29334
	RESERVED
CVE-2020-29333
	RESERVED
CVE-2020-29332
	RESERVED
CVE-2020-29331
	RESERVED
CVE-2020-29330
	RESERVED
CVE-2020-29329
	RESERVED
CVE-2020-29328
	RESERVED
CVE-2020-29327
	RESERVED
CVE-2020-29326
	RESERVED
CVE-2020-29325
	RESERVED
CVE-2020-29324 (The DLink Router DIR-895L MFC v1.21b05 is vulnerable to credentials di ...)
	NOT-FOR-US: D-Link
CVE-2020-29323 (The D-link router DIR-885L-MFC 1.15b02, v1.21b05 is vulnerable to cred ...)
	NOT-FOR-US: D-Link
CVE-2020-29322 (The D-Link router DIR-880L 1.07 is vulnerable to credentials disclosur ...)
	NOT-FOR-US: D-Link
CVE-2020-29321 (The D-Link router DIR-868L 3.01 is vulnerable to credentials disclosur ...)
	NOT-FOR-US: D-Link
CVE-2020-29320
	RESERVED
CVE-2020-29319
	RESERVED
CVE-2020-29318
	RESERVED
CVE-2020-29317
	RESERVED
CVE-2020-29316
	RESERVED
CVE-2020-29315 (ThinkAdmin version v1 v6 has a stored XSS vulnerability which allows r ...)
	NOT-FOR-US: ThinkAdmin
CVE-2020-29314
	RESERVED
CVE-2020-29313
	RESERVED
CVE-2020-29312
	RESERVED
CVE-2020-29311 (Ubilling v1.0.9 allows Remote Command Execution as Root user by execut ...)
	NOT-FOR-US: Ubilling
CVE-2020-29310
	RESERVED
CVE-2020-29309
	RESERVED
CVE-2020-29308
	RESERVED
CVE-2020-29307
	RESERVED
CVE-2020-29306
	RESERVED
CVE-2020-29305
	RESERVED
CVE-2020-29304 (A cross-site scripting (XSS) vulnerability exists in the SabaiApps Wor ...)
	NOT-FOR-US: SabaiApps WordPress Directories Pro plugin
CVE-2020-29303 (A cross-site scripting (XSS) vulnerability in the SabaiApp Directories ...)
	NOT-FOR-US: SabaiApp Directories Pro plugin for WordPress
CVE-2020-29302
	RESERVED
CVE-2020-29301
	RESERVED
CVE-2020-29300
	RESERVED
CVE-2020-29299 (Certain Zyxel products allow command injection by an admin via an inpu ...)
	NOT-FOR-US: Zyxel
CVE-2020-29298
	RESERVED
CVE-2020-29297
	RESERVED
CVE-2020-29296
	RESERVED
CVE-2020-29295
	RESERVED
CVE-2020-29294
	RESERVED
CVE-2020-29293
	RESERVED
CVE-2020-29292 (iBall WRD12EN 1.0.0 devices allow cross-site request forgery (CSRF) at ...)
	NOT-FOR-US: iBall WRD12EN
CVE-2020-29291
	RESERVED
CVE-2020-29290
	RESERVED
CVE-2020-29289
	RESERVED
CVE-2020-29288 (An SQL injection vulnerability was discovered in Gym Management System ...)
	NOT-FOR-US: Gym Management System
CVE-2020-29287 (An SQL injection vulnerability was discovered in Car Rental Management ...)
	NOT-FOR-US: Car Rental Management System
CVE-2020-29286
	RESERVED
CVE-2020-29285 (SQL injection vulnerability was discovered in Point of Sales in PHP/PD ...)
	NOT-FOR-US: Point of Sales in PHP/PDO
CVE-2020-29284 (The file view-chair-list.php in Multi Restaurant Table Reservation Sys ...)
	NOT-FOR-US: Multi Restaurant Table Reservation System
CVE-2020-29283 (An SQL injection vulnerability was discovered in Online Doctor Appoint ...)
	NOT-FOR-US: Online Doctor Appointment Booking System
CVE-2020-29282 (SQL injection vulnerability in BloodX 1.0 allows attackers to bypass a ...)
	NOT-FOR-US: BloodX
CVE-2020-29281
	RESERVED
CVE-2020-29280 (The Victor CMS v1.0 application is vulnerable to SQL injection via the ...)
	NOT-FOR-US: Victor CMS
CVE-2020-29279 (PHP remote file inclusion in the assign_resume_tpl method in Applicati ...)
	NOT-FOR-US: 74CMS
CVE-2020-29278
	RESERVED
CVE-2020-29277
	RESERVED
CVE-2020-29276
	RESERVED
CVE-2020-29275
	RESERVED
CVE-2020-29274
	RESERVED
CVE-2020-29273
	RESERVED
CVE-2020-29272
	RESERVED
CVE-2020-29271
	RESERVED
CVE-2020-29270
	RESERVED
CVE-2020-29269
	RESERVED
CVE-2020-29268
	RESERVED
CVE-2020-29267
	RESERVED
CVE-2020-29266
	RESERVED
CVE-2020-29265
	RESERVED
CVE-2020-29264
	RESERVED
CVE-2020-29263
	RESERVED
CVE-2020-29262
	RESERVED
CVE-2020-29261
	RESERVED
CVE-2020-29260
	RESERVED
CVE-2020-29259 (Cross-site scripting (XSS) vulnerability in Online Examination System  ...)
	NOT-FOR-US: Online Examination System
CVE-2020-29258 (Cross-site scripting (XSS) vulnerability in Online Examination System  ...)
	NOT-FOR-US: Online Examination System
CVE-2020-29257 (Cross-site scripting (XSS) vulnerability in Online Examination System  ...)
	NOT-FOR-US: Online Examination System
CVE-2020-29256
	RESERVED
CVE-2020-29255
	RESERVED
CVE-2020-29254 (TikiWiki 21.2 allows templates to be edited without CSRF protection. T ...)
	- tikiwiki <removed>
CVE-2020-29253
	RESERVED
CVE-2020-29252
	RESERVED
CVE-2020-29251
	RESERVED
CVE-2020-29250 (CXUUCMS V3 allows XSS via the first and third input fields to /public/ ...)
	NOT-FOR-US: CXUUCMS
CVE-2020-29249 (CXUUCMS V3 allows class="layui-input" XSS. ...)
	NOT-FOR-US: CXUUCMS
CVE-2020-29248
	RESERVED
CVE-2020-29247 (WonderCMS 3.1.3 is affected by cross-site scripting (XSS) in the Admin ...)
	NOT-FOR-US: WonderCMS
CVE-2020-29246
	RESERVED
CVE-2020-29245 (dhowden tag before 2020-11-19 allows "panic: runtime error: slice boun ...)
	NOT-FOR-US: dhowden tag
CVE-2020-29244 (dhowden tag before 2020-11-19 allows "panic: runtime error: slice boun ...)
	NOT-FOR-US: dhowden tag
CVE-2020-29243 (dhowden tag before 2020-11-19 allows "panic: runtime error: index out  ...)
	NOT-FOR-US: dhowden tag
CVE-2020-29242 (dhowden tag before 2020-11-19 allows "panic: runtime error: index out  ...)
	NOT-FOR-US: dhowden tag
CVE-2020-29241 (Online News Portal using PHP/MySQLi 1.0 is affected by cross-site scri ...)
	NOT-FOR-US: Online News Portal using PHP/MySQLi
CVE-2020-29240 (Lepton-CMS 4.7.0 is affected by cross-site scripting (XSS). An attacke ...)
	NOT-FOR-US: Lepton-CMS
CVE-2020-29239 (Online Birth Certificate System Project V 1.0 is affected by cross-sit ...)
	NOT-FOR-US: Online Birth Certificate System Project
CVE-2020-29238 (An integer buffer overflow in the Nginx webserver of ExpressVPN Router ...)
	NOT-FOR-US: ExpressVPN
CVE-2020-29237
	RESERVED
CVE-2020-29236
	RESERVED
CVE-2020-29235
	RESERVED
CVE-2020-29234
	RESERVED
CVE-2020-29233 (WonderCMS 3.1.3 is affected by cross-site scripting (XSS) in the Page  ...)
	NOT-FOR-US: WonderCMS
CVE-2020-29232
	RESERVED
CVE-2020-29231 (EGavilanMedia User Registration and Login System With Admin Panel 1.0  ...)
	NOT-FOR-US: EGavilanMedia User Registration and Login System With Admin Panel
CVE-2020-29230 (EGavilanMedia User Registration and Login System With Admin Panel 1.0  ...)
	NOT-FOR-US: EGavilanMedia User Registration and Login System With Admin Panel
CVE-2020-29229
	RESERVED
CVE-2020-29228 (EGavilanMedia User Registration and Login System With Admin Panel 1.0  ...)
	NOT-FOR-US: EGavilanMedia User Registration and Login System With Admin Panel
CVE-2020-29227 (An issue was discovered in Car Rental Management System 1.0. An unauth ...)
	NOT-FOR-US: Car Rental Management System
CVE-2020-29226
	RESERVED
CVE-2020-29225
	RESERVED
CVE-2020-29224
	RESERVED
CVE-2020-29223
	RESERVED
CVE-2020-29222
	RESERVED
CVE-2020-29221
	RESERVED
CVE-2020-29220
	RESERVED
CVE-2020-29219
	RESERVED
CVE-2020-29218
	RESERVED
CVE-2020-29217
	RESERVED
CVE-2020-29216
	RESERVED
CVE-2020-29215 (A Cross Site Scripting in SourceCodester Employee Management System 1. ...)
	NOT-FOR-US: SourceCodester
CVE-2020-29214 (SQL injection vulnerability in SourceCodester Alumni Management System ...)
	NOT-FOR-US: SourceCodester
CVE-2020-29213
	RESERVED
CVE-2020-29212
	RESERVED
CVE-2020-29211
	RESERVED
CVE-2020-29210
	RESERVED
CVE-2020-29209
	RESERVED
CVE-2020-29208
	RESERVED
CVE-2020-29207
	RESERVED
CVE-2020-29206
	RESERVED
CVE-2020-29205 (XSS in signup form in Project Worlds Online Examination System 1.0 all ...)
	NOT-FOR-US: Project Worlds Online Examination System
CVE-2020-29204 (XXL-JOB 2.2.0 allows Stored XSS (in Add User) to bypass the 20-charact ...)
	NOT-FOR-US: XXL-JOB
CVE-2020-29203 (struct2json before 2020-11-18 is affected by a Buffer Overflow because ...)
	NOT-FOR-US: struct2json
CVE-2020-29202
	RESERVED
CVE-2020-29201
	RESERVED
CVE-2020-29200
	RESERVED
CVE-2020-29199
	RESERVED
CVE-2020-29198
	RESERVED
CVE-2020-29197
	RESERVED
CVE-2020-29196
	RESERVED
CVE-2020-29195
	RESERVED
CVE-2020-29194 (Panasonic Security System WV-S2231L 4.25 allows a denial of service of ...)
	NOT-FOR-US: Panasonic
CVE-2020-29193 (Panasonic Security System WV-S2231L 4.25 has an insecure hard-coded pa ...)
	NOT-FOR-US: Panasonic
CVE-2020-29192
	RESERVED
CVE-2020-29191
	RESERVED
CVE-2020-29190
	RESERVED
CVE-2020-29189 (Incorrect Access Control vulnerability in TerraMaster TOS &lt;= 4.2.06 ...)
	NOT-FOR-US: TerraMaster TOS
CVE-2020-29188
	RESERVED
CVE-2020-29187
	RESERVED
CVE-2020-29186
	RESERVED
CVE-2020-29185
	RESERVED
CVE-2020-29184
	RESERVED
CVE-2020-29183
	RESERVED
CVE-2020-29182
	RESERVED
CVE-2020-29181
	RESERVED
CVE-2020-29180
	RESERVED
CVE-2020-29179
	RESERVED
CVE-2020-29178
	RESERVED
CVE-2020-29177 (Z-BlogPHP v1.6.1.2100 was discovered to contain an arbitrary file dele ...)
	NOT-FOR-US: Z-BlogPHP
CVE-2020-29176 (An arbitrary file upload vulnerability in Z-BlogPHP v1.6.1.2100 allows ...)
	NOT-FOR-US: Z-BlogPHP
CVE-2020-29175
	RESERVED
CVE-2020-29174
	RESERVED
CVE-2020-29173
	RESERVED
CVE-2020-29172 (A cross-site scripting (XSS) vulnerability in the LiteSpeed Cache plug ...)
	NOT-FOR-US: LiteSpeed Cache plugin for WordPress
CVE-2020-29171 (Cross-site scripting (XSS) vulnerability in admin/wp-security-blacklis ...)
	NOT-FOR-US: Tips and Tricks HQ All In One WP Security & Firewall (all-in-one-wp-security-and-firewall) plugin for WordPress
CVE-2020-29170
	RESERVED
CVE-2020-29169
	RESERVED
CVE-2020-29168
	RESERVED
CVE-2020-29167
	RESERVED
CVE-2020-29166 (PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by fil ...)
	NOT-FOR-US: PacsOne Server (PACS Server In One Box)
CVE-2020-29165 (PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by inc ...)
	NOT-FOR-US: PacsOne Server (PACS Server In One Box)
CVE-2020-29164 (PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by cro ...)
	NOT-FOR-US: PacsOne Server (PACS Server In One Box)
CVE-2020-29163 (PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by SQL ...)
	NOT-FOR-US: PacsOne Server (PACS Server In One Box)
CVE-2020-29162
	RESERVED
CVE-2020-29161
	RESERVED
CVE-2020-29160 (An issue was discovered in Zammad before 3.5.1. A REST API call allows ...)
	- zammad <itp> (bug #841355)
CVE-2020-29159 (An issue was discovered in Zammad before 3.5.1. The default signup Rol ...)
	- zammad <itp> (bug #841355)
CVE-2020-29158 (An issue was discovered in Zammad before 3.5.1. An Agent with Customer ...)
	- zammad <itp> (bug #841355)
CVE-2020-29157 (An issue in RAONWIZ K Editor v2018.0.0.10 allows attackers to perform  ...)
	NOT-FOR-US: RAONWIZ K Editor
CVE-2020-29156 (The WooCommerce plugin before 4.7.0 for WordPress allows remote attack ...)
	NOT-FOR-US: WooCommerce plugin for WordPress
CVE-2020-29155
	RESERVED
CVE-2020-29154
	RESERVED
CVE-2020-29153
	RESERVED
CVE-2020-29152
	RESERVED
CVE-2020-29151
	RESERVED
CVE-2020-29150
	RESERVED
CVE-2020-29149
	RESERVED
CVE-2020-29148
	RESERVED
CVE-2020-29147 (A SQL injection vulnerability in wy_controlls/wy_side_visitor.php of W ...)
	NOT-FOR-US: Wayang-CMS
CVE-2020-29146 (A cross site scripting (XSS) vulnerability in index.php of Wayang-CMS  ...)
	NOT-FOR-US: Wayang-CMS
CVE-2020-29145 (In Ericsson BSCS iX R18 Billing &amp; Rating iX R18, ADMX is a web bas ...)
	NOT-FOR-US: Ericsson
CVE-2020-29144 (In Ericsson BSCS iX R18 Billing &amp; Rating iX R18, MX is a web base  ...)
	NOT-FOR-US: Ericsson
CVE-2020-29143 (A SQL injection vulnerability in interface/reports/non_reported.php in ...)
	NOT-FOR-US: OpenEMR
CVE-2020-29142 (A SQL injection vulnerability in interface/usergroup/usergroup_admin.p ...)
	NOT-FOR-US: OpenEMR
CVE-2020-29141
	RESERVED
CVE-2020-29140 (A SQL injection vulnerability in interface/reports/immunization_report ...)
	NOT-FOR-US: OpenEMR
CVE-2020-29139 (A SQL injection vulnerability in interface/main/finder/patient_select. ...)
	NOT-FOR-US: OpenEMR
CVE-2020-29138 (Incorrect Access Control in the configuration backup path in SAGEMCOM  ...)
	NOT-FOR-US: SAGEMCOM
CVE-2020-29137 (cPanel before 90.0.17 allows self-XSS via the WHM Transfer Tool interf ...)
	NOT-FOR-US: cPanel
CVE-2020-29136 (In cPanel before 90.0.17, 2FA can be bypassed via a brute-force approa ...)
	NOT-FOR-US: cPanel
CVE-2020-29135 (cPanel before 90.0.17 has multiple instances of URL parameter injectio ...)
	NOT-FOR-US: cPanel
CVE-2020-29134 (The TOTVS Fluig platform allows path traversal through the parameter " ...)
	NOT-FOR-US: TOTVS Fluig Luke
CVE-2020-29133 (jsp/upload.jsp in Coremail XT 5.0 allows XSS via an uploaded personal  ...)
	NOT-FOR-US: Coremail XT
CVE-2020-29132
	RESERVED
CVE-2020-29131
	RESERVED
CVE-2020-29130 (slirp.c in libslirp through 4.3.1 has a buffer over-read because it tr ...)
	{DLA-2560-1}
	- libslirp 4.4.0-1
	- qemu 1:4.1-2
	[buster] - qemu <postponed> (Fix along in future DSA)
	NOTE: https://gitlab.freedesktop.org/slirp/libslirp/-/commit/2e1dcbc0c2af64fcb17009eaf2ceedd81be2b27f (v4.4.0)
	NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed.
	NOTE: https://github.com/rootless-containers/slirp4netns/security/advisories/GHSA-2j37-w439-87q3
CVE-2020-29129 (ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tri ...)
	- libslirp 4.4.0-1
	- qemu 1:4.1-2
	[buster] - qemu <postponed> (Fix along in future DSA)
	[stretch] - qemu <not-affected> (Vulnerable code introduced later)
	NOTE: https://gitlab.freedesktop.org/slirp/libslirp/-/commit/2e1dcbc0c2af64fcb17009eaf2ceedd81be2b27f (v4.4.0)
	NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed.
	NOTE: NC-SI introduced in: https://git.qemu.org/?p=qemu.git;a=commit;h=47bb83cad45eb7ce194a8ffd18f73c98edb46aec (QEMU v2.10)
	NOTE: https://github.com/rootless-containers/slirp4netns/security/advisories/GHSA-2j37-w439-87q3
CVE-2020-29128 (petl before 1.68, in some configurations, allows resolution of entitie ...)
	NOT-FOR-US: petl
CVE-2020-29127 (An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices th ...)
	NOT-FOR-US: Fujitsu
CVE-2020-29126
	RESERVED
CVE-2020-29125
	RESERVED
CVE-2020-29124
	RESERVED
CVE-2020-29123
	RESERVED
CVE-2020-29122
	RESERVED
CVE-2020-29121
	RESERVED
CVE-2020-29120
	RESERVED
CVE-2020-29119
	RESERVED
CVE-2020-29118
	RESERVED
CVE-2020-29117
	RESERVED
CVE-2020-29116
	RESERVED
CVE-2020-29115
	RESERVED
CVE-2020-29114
	RESERVED
CVE-2020-29113
	RESERVED
CVE-2020-29112
	RESERVED
CVE-2020-29111
	RESERVED
CVE-2020-29110
	RESERVED
CVE-2020-29109
	RESERVED
CVE-2020-29108
	RESERVED
CVE-2020-29107
	RESERVED
CVE-2020-29106
	RESERVED
CVE-2020-29105
	RESERVED
CVE-2020-29104
	RESERVED
CVE-2020-29103
	RESERVED
CVE-2020-29102
	RESERVED
CVE-2020-29101
	RESERVED
CVE-2020-29100
	RESERVED
CVE-2020-29099
	RESERVED
CVE-2020-29098
	RESERVED
CVE-2020-29097
	RESERVED
CVE-2020-29096
	RESERVED
CVE-2020-29095
	RESERVED
CVE-2020-29094
	RESERVED
CVE-2020-29093
	RESERVED
CVE-2020-29092
	RESERVED
CVE-2020-29091
	RESERVED
CVE-2020-29090
	RESERVED
CVE-2020-29089
	RESERVED
CVE-2020-29088
	RESERVED
CVE-2020-29087
	RESERVED
CVE-2020-29086
	RESERVED
CVE-2020-29085
	RESERVED
CVE-2020-29084
	RESERVED
CVE-2020-29083
	RESERVED
CVE-2020-29082
	RESERVED
CVE-2020-29081
	RESERVED
CVE-2020-29080
	RESERVED
CVE-2020-29079
	RESERVED
CVE-2020-29078
	RESERVED
CVE-2020-29077
	RESERVED
CVE-2020-29076
	RESERVED
CVE-2020-29075 (Acrobat Reader DC versions 2020.013.20066 (and earlier), 2020.001.3001 ...)
	NOT-FOR-US: Adobe
CVE-2020-29074 (scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which all ...)
	{DSA-4799-1 DLA-2490-1}
	- x11vnc 0.9.16-5 (bug #975875)
	NOTE: https://github.com/LibVNC/x11vnc/commit/69eeb9f7baa14ca03b16c9de821f9876def7a36a
CVE-2020-29073
	RESERVED
CVE-2020-29072 (A Cross-Site Script Inclusion vulnerability was found on LiquidFiles b ...)
	NOT-FOR-US: LiquidFiles
CVE-2020-29071 (An XSS issue was found in the Shares feature of LiquidFiles before 3.3 ...)
	NOT-FOR-US: LiquidFiles
CVE-2020-29070 (osCommerce 2.3.4.1 has XSS vulnerability via the authenticated user en ...)
	NOT-FOR-US: osCommerce
CVE-2020-29069 (_get_flag_ip_localdb in server/mhn/ui/utils.py in Modern Honey Network ...)
	NOT-FOR-US: Modern Honey Network
CVE-2020-29068
	RESERVED
CVE-2020-29067
	RESERVED
CVE-2020-29066
	RESERVED
CVE-2020-29065
	REJECTED
CVE-2020-29064
	RESERVED
CVE-2020-29063 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
	NOT-FOR-US: CDATA
CVE-2020-29062 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
	NOT-FOR-US: CDATA
CVE-2020-29061 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
	NOT-FOR-US: CDATA
CVE-2020-29060 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
	NOT-FOR-US: CDATA
CVE-2020-29059 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
	NOT-FOR-US: CDATA
CVE-2020-29058 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
	NOT-FOR-US: CDATA
CVE-2020-29057 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
	NOT-FOR-US: CDATA
CVE-2020-29056 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
	NOT-FOR-US: CDATA
CVE-2020-29055 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
	NOT-FOR-US: CDATA
CVE-2020-29054 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
	NOT-FOR-US: CDATA
CVE-2020-29053 (HRSALE 2.0.0 allows XSS via the admin/project/projects_calendar set_da ...)
	NOT-FOR-US: HRSALE
CVE-2020-29052
	RESERVED
CVE-2020-29051
	RESERVED
CVE-2020-29050 (SphinxSearch in Sphinx Technologies Sphinx through 3.1.1 allows direct ...)
	{DSA-5036-1 DLA-2882-1}
	- sphinxsearch 2.2.11-3
	NOTE: Backported for sphinxsearch from: https://github.com/manticoresoftware/manticoresearch/commit/66b5761ad258c60b1866a8e1333f86e74f48035
	NOTE: and https://github.com/manticoresoftware/manticoresearch/commit/6e597ff61e1e910559f6ed541ff32520085af6aa
	NOTE: Backported patch: https://salsa.debian.org/debian/sphinxsearch/-/blob/4d6fe40644130308604845db43d3588e715ec85d/debian/patches/06-CVE-2020-29050.patch
CVE-2020-29049
	RESERVED
CVE-2020-29048
	RESERVED
CVE-2020-29047 (The wp-hotel-booking plugin through 1.10.2 for WordPress allows remote ...)
	NOT-FOR-US: wp-hotel-booking plugin for WordPress
CVE-2020-29046
	RESERVED
CVE-2020-29045 (The food-and-drink-menu plugin through 2.2.0 for WordPress allows remo ...)
	NOT-FOR-US: Wordpress plugin
CVE-2020-29044
	RESERVED
CVE-2020-29043 (An issue was discovered in BigBlueButton through 2.2.29. When at attac ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-29042 (An issue was discovered in BigBlueButton through 2.2.29. A brute-force ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-29041 (A misconfiguration in Web-Sesame 2020.1.1.3375 allows an unauthenticat ...)
	NOT-FOR-US: Web-Sesame
CVE-2020-29040 (An issue was discovered in Xen through 4.14.x allowing x86 HVM guest O ...)
	- xen 4.14.0+88-g1d1d1f5391-1 (bug #976109)
	[buster] - xen <not-affected> (Patches for XSA-346 not applied)
	[stretch] - xen <not-affected> (Patches for XSA-346 not applied)
	NOTE: https://xenbits.xen.org/xsa/advisory-355.html
	NOTE: Issue introduced by changes for XSA-346.
CVE-2020-29039
	RESERVED
CVE-2020-29038
	RESERVED
CVE-2020-29037
	RESERVED
CVE-2020-29036
	RESERVED
CVE-2020-29035
	RESERVED
CVE-2020-29034
	RESERVED
CVE-2020-29033
	RESERVED
CVE-2020-29032 (Upload of Code Without Integrity Check vulnerability in firmware archi ...)
	NOT-FOR-US: Secomea GateManager
CVE-2020-29031 (An Insecure Direct Object Reference vulnerability exists in the web UI ...)
	NOT-FOR-US: GateManager
CVE-2020-29030 (Cross-Site Request Forgery (CSRF) vulnerability in web GUI of Secomea  ...)
	NOT-FOR-US: Secomea GateManager
CVE-2020-29029 (Improper Input Validation, Cross-site Scripting (XSS) vulnerability in ...)
	NOT-FOR-US: Secomea GateManager
CVE-2020-29028 (Cross-site Scripting (XSS) vulnerability in web GUI of Secomea GateMan ...)
	NOT-FOR-US: Secomea GateManager
CVE-2020-29027 (Cross-site Scripting (XSS) vulnerability in GUI of Secomea SiteManager ...)
	NOT-FOR-US: Secomea
CVE-2020-29026 (A directory traversal vulnerability exists in the file upload function ...)
	NOT-FOR-US: GateManager
CVE-2020-29025 (A vulnerability in SiteManager-Embedded (SM-E) Web server which may al ...)
	NOT-FOR-US: Secomea
CVE-2020-29024 (Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerabi ...)
	NOT-FOR-US: Secomea
CVE-2020-29023 (Improper Encoding or Escaping of Output from CSV Report Generator of S ...)
	NOT-FOR-US: Secomea
CVE-2020-29022 (Failure to Sanitize host header value on output in the GateManager Web ...)
	NOT-FOR-US: Secomea
CVE-2020-29021 (A vulnerability in web UI input field of GateManager allows authentica ...)
	NOT-FOR-US: GateManager
CVE-2020-29020 (Improper Access Control vulnerability in web service of Secomea SiteMa ...)
	NOT-FOR-US: Secomea
CVE-2020-29019 (A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through  ...)
	NOT-FOR-US: Fortiguard
CVE-2020-29018 (A format string vulnerability in FortiWeb 6.3.0 through 6.3.5 may allo ...)
	NOT-FOR-US: Fortiguard
CVE-2020-29017 (An OS command injection vulnerability in FortiDeceptor 3.1.0, 3.0.1, 3 ...)
	NOT-FOR-US: Fortiguard
CVE-2020-29016 (A stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through  ...)
	NOT-FOR-US: Fortiguard
CVE-2020-29015 (A blind SQL injection in the user interface of FortiWeb 6.3.0 through  ...)
	NOT-FOR-US: Fortiguard
CVE-2020-29014 (A concurrent execution using shared resource with improper synchroniza ...)
	NOT-FOR-US: Fortiguard
CVE-2020-29013
	RESERVED
CVE-2020-29012 (An insufficient session expiration vulnerability in FortiSandbox versi ...)
	NOT-FOR-US: FortiGuard
CVE-2020-29011 (Instances of SQL Injection vulnerabilities in the checksum search and  ...)
	NOT-FOR-US: FortiSandbox
CVE-2020-29010
	RESERVED
CVE-2020-29009
	RESERVED
CVE-2020-29008
	RESERVED
CVE-2020-29007
	RESERVED
	NOT-FOR-US: Score MediaWiki extension
	NOTE: https://seqred.pl/en/cve-2020-29007-remote-code-execution-in-mediawiki-score/
	NOTE: https://phabricator.wikimedia.org/T257062
	NOTE: https://www.mediawiki.org/wiki/Extension:Score/2021_security_advisory
CVE-2020-29006 (MISP before 2.4.135 lacks an ACL check, related to app/Controller/Gala ...)
	NOT-FOR-US: MISP
CVE-2020-29005 (The API in the Push extension for MediaWiki through 1.35 used cleartex ...)
	NOT-FOR-US: Push extension for MediaWiki
CVE-2020-29004 (The API in the Push extension for MediaWiki through 1.35 did not requi ...)
	NOT-FOR-US: Push extension for MediaWiki
CVE-2020-29003 (The PollNY extension for MediaWiki through 1.35 allows XSS via an answ ...)
	NOT-FOR-US: PollNY MediaWiki extension
CVE-2020-29002 (includes/CologneBlueTemplate.php in the CologneBlue skin for MediaWiki ...)
	NOT-FOR-US: CologneBlue MediaWiki skin
CVE-2020-29001 (An issue was discovered on Geeni GNC-CW028 Camera 2.7.2, Geeni GNC-CW0 ...)
	NOT-FOR-US: Geeni
CVE-2020-29000 (An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices. A v ...)
	NOT-FOR-US: Geeni
CVE-2020-28999 (An issue was discovered in Apexis Streaming Video Web Application on G ...)
	NOT-FOR-US: Geeni
CVE-2020-28998 (An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices. A v ...)
	NOT-FOR-US: Geeni
CVE-2020-28997
	RESERVED
CVE-2020-28996
	RESERVED
CVE-2020-28995
	RESERVED
CVE-2020-28994 (A SQL injection vulnerability was discovered in Karenderia Multiple Re ...)
	NOT-FOR-US: Karenderia Multiple Restaurant System
CVE-2020-28993 (A Directory Traversal vulnerability exists in ATX miniCMTS200a Broadba ...)
	NOT-FOR-US: ATX miniCMTS200a Broadband Gateway
CVE-2020-28992
	RESERVED
CVE-2020-28991 (Gitea 0.9.99 through 1.12.x before 1.12.6 does not prevent a git proto ...)
	- gitea <removed>
CVE-2020-28990
	RESERVED
CVE-2020-28989
	RESERVED
CVE-2020-28988
	RESERVED
CVE-2020-28987
	RESERVED
CVE-2020-28986
	RESERVED
CVE-2020-28985
	RESERVED
CVE-2020-28983
	RESERVED
CVE-2020-28982
	RESERVED
CVE-2020-28981
	RESERVED
CVE-2020-28980
	RESERVED
CVE-2020-28979
	RESERVED
CVE-2020-28978 (The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability ...)
	NOT-FOR-US: Canto plugin for WordPress
CVE-2020-28977 (The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability ...)
	NOT-FOR-US: Canto plugin for WordPress
CVE-2020-28976 (The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerabili ...)
	NOT-FOR-US: Canto plugin for WordPress
CVE-2020-28984 (prive/formulaires/configurer_preferences.php in SPIP before 3.2.8 does ...)
	{DSA-4798-1 DLA-2505-1}
	- spip 3.2.8-1
	NOTE: https://git.spip.net/spip/spip/commit/ae4267eba1022dabc12831ddb021c5d6e09040f8
CVE-2020-28975 (** DISPUTED ** svm_predict_values in svm.cpp in Libsvm v324, as used i ...)
	NOTE: disputed libsvm non issue
CVE-2020-28973 (The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) fails to p ...)
	NOT-FOR-US: ABUS Secvest wireless alarm system FUAA50000
CVE-2020-28972 (In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsp ...)
	{DLA-2815-1}
	- salt 3002.5+dfsg1-1 (bug #983632)
	[buster] - salt 2018.3.4+dfsg1-6+deb10u3
	NOTE: https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
CVE-2020-26235 (In Rust time crate from version 0.2.7 and before version 0.2.23, unix- ...)
	- rust-time <not-affected> (Vulnerable methods introduced in v0.2.7)
	NOTE: https://github.com/time-rs/time/security/advisories/GHSA-wcg3-cvx6-7396
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0071.html
	NOTE: https://github.com/time-rs/time/issues/293
	NOTE: Introduced by: https://github.com/time-rs/time/commit/5f1c4927124fefbd8d2886f83a574beb381411e9 (v0.2.7)
	NOTE: Deprecated in: https://github.com/time-rs/time/commit/f153a1ca5fdfec979f16c49619e6034cc67e186d (v0.2.23)
CVE-2020-35914 (An issue was discovered in the lock_api crate before 0.4.2 for Rust. A ...)
	- rust-lock-api <unfixed> (bug #975319)
	[bullseye] - rust-lock-api <no-dsa> (Minor issue)
	[buster] - rust-lock-api <no-dsa> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0070.html
	NOTE: https://github.com/Amanieu/parking_lot/pull/262
CVE-2020-35913 (An issue was discovered in the lock_api crate before 0.4.2 for Rust. A ...)
	- rust-lock-api <unfixed> (bug #975319)
	[bullseye] - rust-lock-api <no-dsa> (Minor issue)
	[buster] - rust-lock-api <no-dsa> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0070.html
	NOTE: https://github.com/Amanieu/parking_lot/pull/262
CVE-2020-35912 (An issue was discovered in the lock_api crate before 0.4.2 for Rust. A ...)
	- rust-lock-api <unfixed> (bug #975319)
	[bullseye] - rust-lock-api <no-dsa> (Minor issue)
	[buster] - rust-lock-api <no-dsa> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0070.html
	NOTE: https://github.com/Amanieu/parking_lot/pull/262
CVE-2020-35911 (An issue was discovered in the lock_api crate before 0.4.2 for Rust. A ...)
	- rust-lock-api <unfixed> (bug #975319)
	[bullseye] - rust-lock-api <no-dsa> (Minor issue)
	[buster] - rust-lock-api <no-dsa> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0070.html
	NOTE: https://github.com/Amanieu/parking_lot/pull/262
CVE-2020-35910 (An issue was discovered in the lock_api crate before 0.4.2 for Rust. A ...)
	- rust-lock-api <unfixed> (bug #975319)
	[bullseye] - rust-lock-api <no-dsa> (Minor issue)
	[buster] - rust-lock-api <no-dsa> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0070.html
	NOTE: https://github.com/Amanieu/parking_lot/pull/262
CVE-2020-28971 (An issue was discovered on Western Digital My Cloud OS 5 devices befor ...)
	NOT-FOR-US: Western Digital My Cloud OS 5 devices
CVE-2020-28970 (An issue was discovered on Western Digital My Cloud OS 5 devices befor ...)
	NOT-FOR-US: Western Digital My Cloud OS 5 devices
CVE-2020-28969 (Aplioxio PDF ShapingUp 5.0.0.139 contains a buffer overflow which allo ...)
	NOT-FOR-US: Aplioxio PDF ShapingUp
CVE-2020-28968 (Draytek VigorAP 1000C contains a stored cross-site scripting (XSS) vul ...)
	NOT-FOR-US: Draytek VigorAP 1000C
CVE-2020-28967 (FlashGet v1.9.6 was discovered to contain a buffer overflow in the 'cu ...)
	NOT-FOR-US: FlashGet
CVE-2020-28966
	RESERVED
CVE-2020-28965
	RESERVED
CVE-2020-28964 (Internet Download Manager 6.37.11.1 was discovered to contain a stack  ...)
	NOT-FOR-US: Internet Download Manager
CVE-2020-28963 (Passcovery Co. Ltd ZIP Password Recovery v3.70.69.0 was discovered to  ...)
	NOT-FOR-US: Passcovery Co. Ltd ZIP Password Recovery
CVE-2020-28962
	RESERVED
CVE-2020-28961 (Perfex CRM v2.4.4 was discovered to contain a stored cross-site script ...)
	NOT-FOR-US: Perfex CRM
CVE-2020-28960 (Chichen Tech CMS v1.0 was discovered to contain multiple SQL injection ...)
	NOT-FOR-US: Chichen Tech CMS
CVE-2020-28959
	RESERVED
CVE-2020-28958
	RESERVED
CVE-2020-28957 (Multiple cross-site scripting (XSS) vulnerabilities in the Customer Ad ...)
	NOT-FOR-US: Foxlor
CVE-2020-28956 (Multiple cross-site scripting (XSS) vulnerabilities in the Sales modul ...)
	NOT-FOR-US: SugarCRM
CVE-2020-28955 (SugarCRM v6.5.18 was discovered to contain a cross-site scripting (XSS ...)
	NOT-FOR-US: SugarCRM
CVE-2020-28954 (web/controllers/ApiController.groovy in BigBlueButton before 2.2.29 la ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-28953 (In BigBlueButton before 2.2.29, a user can vote more than once in a si ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-28952 (An issue was discovered on Athom Homey and Homey Pro devices before 5. ...)
	NOT-FOR-US: Athom Homey
CVE-2020-28951 (libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter ...)
	NOT-FOR-US: libuci in OpenWrt
CVE-2020-28950 (The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4 ...)
	NOT-FOR-US: installer of Kaspersky Anti-Ransomware Tool (KART)
CVE-2020-36193 (Tar.php in Archive_Tar through 1.4.11 allows write operations with Dir ...)
	{DSA-4894-1 DLA-2621-1 DLA-2530-1}
	- drupal7 <removed>
	- php-pear 1:1.10.12+submodules+notgz+20210212-1 (bug #980428)
	NOTE: https://github.com/pear/Archive_Tar/commit/cde460582ff389404b5b3ccb59374e9b389de916
	NOTE: https://github.com/pear/Archive_Tar/commit/dc721bd8616e05ea89b7abcff4cf1e3e96963183
	NOTE: https://github.com/pear/Archive_Tar/commit/b6da5c32254162fa0752616479fb3d3c5297c1cf
	NOTE: https://github.com/pear/Archive_Tar/commit/7d8782d95f74b5889bfaaad43e74086f1918ec2b
	NOTE: https://www.drupal.org/sa-core-2021-001
CVE-2020-28949 (Archive_Tar through 1.4.10 has :// filename sanitization only to addre ...)
	{DSA-4817-1 DLA-2466-1 DLA-2465-1}
	- drupal7 <removed>
	- php-pear 1:1.10.9+submodules+notgz-1.1 (bug #976108)
	NOTE: https://github.com/pear/Archive_Tar/issues/33
	NOTE: https://github.com/pear/Archive_Tar/commit/0670a05fdab997036a3fc3ef113b8f5922e574da
	NOTE: https://www.drupal.org/sa-core-2020-013
CVE-2020-28948 (Archive_Tar through 1.4.10 allows an unserialization attack because ph ...)
	{DSA-4817-1 DLA-2466-1 DLA-2465-1}
	- drupal7 <removed>
	- php-pear 1:1.10.9+submodules+notgz-1.1 (bug #976108)
	NOTE: https://github.com/pear/Archive_Tar/issues/33
	NOTE: https://github.com/pear/Archive_Tar/commit/0670a05fdab997036a3fc3ef113b8f5922e574da
	NOTE: https://www.drupal.org/sa-core-2020-013
CVE-2020-28947 (In MISP 2.4.134, XSS exists in the template element index view because ...)
	NOT-FOR-US: MISP
CVE-2020-28946 (An improper webserver configuration on Plum IK-401 devices with firmwa ...)
	NOT-FOR-US: Plum IK-401 devices
CVE-2020-28945 (OX App Suite 7.10.4 and earlier allows XSS via crafted content to reac ...)
	NOT-FOR-US: OX App Suite
CVE-2020-28944 (OX Guard 2.10.4 and earlier allows a Denial of Service via a WKS serve ...)
	NOT-FOR-US: OX Guard
CVE-2020-28943 (OX App Suite 7.10.4 and earlier allows SSRF via a snippet. ...)
	NOT-FOR-US: OX App Suite
CVE-2020-28942 (An issue exists in PrimeKey EJBCA before 7.4.3 when enrolling with EST ...)
	NOT-FOR-US: PrimeKey EJBCA
CVE-2020-28941 (An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c i ...)
	{DLA-2483-1}
	- linux 5.9.11-1
	[buster] - linux 4.19.160-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://www.openwall.com/lists/oss-security/2020/11/19/3
CVE-2020-28940 (On Western Digital My Cloud OS 5 devices before 5.06.115, the NAS Admi ...)
	NOT-FOR-US: Western Digital My Cloud OS 5 devices
CVE-2020-28939 (OpenClinic version 0.8.2 is affected by a medical/test_new.php insecur ...)
	NOT-FOR-US: OpenClinic
CVE-2020-28938 (OpenClinic version 0.8.2 is affected by a stored XSS vulnerability in  ...)
	NOT-FOR-US: OpenClinic
CVE-2020-28937 (OpenClinic version 0.8.2 is affected by a missing authentication vulne ...)
	NOT-FOR-US: OpenClinic
CVE-2020-28936
	RESERVED
CVE-2020-28935 (NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs ...)
	{DLA-2556-1}
	- nsd 4.3.4-1
	[buster] - nsd <no-dsa> (Minor issue)
	[stretch] - nsd <no-dsa> (Minor issue)
	- unbound 1.13.0-1 (bug #977165)
	[buster] - unbound <no-dsa> (Minor issue)
	[stretch] - unbound <end-of-life> (DSA 4694-1)
	NOTE: https://www.nlnetlabs.nl/downloads/nsd/CVE-2020-28935.txt
	NOTE: https://github.com/NLnetLabs/nsd/commit/a4caec3137a1bc9eca05d38d66e2bce572ca9bd3 (NSD_4_3_4_RC1)
	NOTE: https://github.com/NLnetLabs/unbound/issues/303
	NOTE: Fixed by: https://github.com/NLnetLabs/unbound/commit/ad387832979b6ce4c93f64fe706301cd7d034e87 (release-1.13.0rc1)
CVE-2020-28934
	RESERVED
CVE-2020-28933
	RESERVED
CVE-2020-28932
	RESERVED
CVE-2020-28931 (Lack of an anti-CSRF token in the entire administrative interface in E ...)
	NOT-FOR-US: EPSON
CVE-2020-28930 (A Cross-Site Scripting (XSS) issue in the 'update user' and 'delete us ...)
	NOT-FOR-US: Epson
CVE-2020-28929 (Unrestricted access to the log downloader functionality in EPSON EPS T ...)
	NOT-FOR-US: Epson
CVE-2020-28928 (In musl libc through 1.2.1, wcsnrtombs mishandles particular combinati ...)
	{DLA-2474-1}
	- musl 1.2.2-1 (bug #975365)
	[buster] - musl <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2020/11/20/4
CVE-2020-28927 (There is a Stored XSS in Magicpin v2.1 in the User Registration sectio ...)
	NOT-FOR-US: Magicpin
CVE-2020-28926 (ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code exe ...)
	{DSA-4806-1 DLA-2489-1}
	- minidlna 1.2.1+dfsg-3 (bug #976595)
	NOTE: https://www.rootshellsecurity.net/remote-heap-corruption-bug-discovery-minidlna/
	NOTE: https://sourceforge.net/p/minidlna/git/ci/9fba41008adebc1da0f4f6c6e27ae422ace3fe4a (v1_3_0)
CVE-2020-28925 (Bolt before 3.7.2 does not restrict filter options in a Request in the ...)
	NOT-FOR-US: Bolt CMS
CVE-2020-28924 (An issue was discovered in Rclone before 1.53.3. Due to the use of a w ...)
	- rclone 1.53.3-1 (bug #975324)
	[buster] - rclone <not-affected> (Vulnerable code introduced later)
	[stretch] - rclone <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/rclone/rclone/issues/4783
	NOTE: Introduced by: https://github.com/rclone/rclone/commit/193c30d57038017370594d5bc8ee9bc32580ddf2 (v1.49.0)
	NOTE: Fixed by: https://github.com/rclone/rclone/commit/7985df37681f54d013816a4641da4f9b085b3aa5 (master)
	NOTE: Fixed by: https://github.com/rclone/rclone/commit/f0905499e340f9e73e2552cf0c8b79cbf14ecbc4 (master)
	NOTE: Fixed by: https://github.com/rclone/rclone/commit/4c215cc81ec6143ae3c64633700cb341ca28df2d (v1.53.3)
	NOTE: Fixed by: https://github.com/rclone/rclone/commit/c8b11d27e1fe261fdfba6b8910fda69356c9c777 (v1.53.3)
CVE-2020-28923 (An issue was discovered in Play Framework 2.8.0 through 2.8.4. Careful ...)
	NOT-FOR-US: Play Framework
CVE-2020-28922 (An issue was discovered in Devid Espenschied PC Analyser through 4.10. ...)
	NOT-FOR-US: Devid Espenschied PC Analyser
CVE-2020-28921 (An issue was discovered in Devid Espenschied PC Analyser through 4.10. ...)
	NOT-FOR-US: Devid Espenschied PC Analyser
CVE-2020-28920
	RESERVED
CVE-2020-28919 (A stored cross site scripting (XSS) vulnerability in Checkmk 1.6.0x pr ...)
	- check-mk <removed>
CVE-2020-28918 (DualShield 5.9.8.0821 allows username enumeration on its login form. A ...)
	NOT-FOR-US: DualShield
CVE-2020-28917 (An issue was discovered in the view_statistics (aka View frontend stat ...)
	NOT-FOR-US: TYPO3 extension
CVE-2020-28916 (hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX desc ...)
	{DLA-2560-1}
	- qemu 1:5.2+dfsg-1 (bug #976388; bug #974687)
	[buster] - qemu <postponed> (Fix along in future DSA)
	NOTE: https://www.openwall.com/lists/oss-security/2020/12/01/2
	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-11/msg03185.html
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1893895 (duplicate)
	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-11/msg03552.html (duplicate)
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=c2cb511634012344e3d0fe49a037a33b12d8a98a (v5.2.0-rc3)
CVE-2020-28915 (A buffer over-read (at the framebuffer layer) in the fbcon code in the ...)
	- linux 5.9.1-1
	[buster] - linux 4.19.152-1
	[stretch] - linux 4.9.240-1
	NOTE: https://git.kernel.org/linus/5af08640795b2b9a940c9266c0260455377ae262
CVE-2020-28914 (An improper file permissions vulnerability affects Kata Containers pri ...)
	NOT-FOR-US: Kata Containers
CVE-2020-28913
	RESERVED
CVE-2020-28912 (With MariaDB running on Windows, when local clients connect to the ser ...)
	- mariadb-10.5 <not-affected> (Only affects MariaDB on Windows)
	- mariadb-10.3 <not-affected> (Only affects MariaDB on Windows)
	- mariadb-10.1 <not-affected> (Only affects MariaDB on Windows)
	NOTE: https://jira.mariadb.org/browse/MDEV-24040
	NOTE: https://github.com/MariaDB/server/commit/3829b408d6
CVE-2020-28911 (Incorrect Access Control in Nagios Fusion 4.1.8 and earlier allows low ...)
	NOT-FOR-US: Nagios Fusion
CVE-2020-28910 (Creation of a Temporary Directory with Insecure Permissions in Nagios  ...)
	NOT-FOR-US: Nagios XI
CVE-2020-28909 (Incorrect File Permissions in Nagios Fusion 4.1.8 and earlier allows f ...)
	NOT-FOR-US: Nagios Fusion
CVE-2020-28908 (Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privil ...)
	NOT-FOR-US: Nagios Fusion
CVE-2020-28907 (Incorrect SSL certificate validation in Nagios Fusion 4.1.8 and earlie ...)
	NOT-FOR-US: Nagios Fusion
CVE-2020-28906 (Incorrect File Permissions in Nagios XI 5.7.5 and earlier and Nagios F ...)
	NOT-FOR-US: Nagios XI
CVE-2020-28905 (Improper Input Validation in Nagios Fusion 4.1.8 and earlier allows an ...)
	NOT-FOR-US: Nagios Fusion
CVE-2020-28904 (Execution with Unnecessary Privileges in Nagios Fusion 4.1.8 and earli ...)
	NOT-FOR-US: Nagios Fusion
CVE-2020-28903 (Improper input validation in Nagios Fusion 4.1.8 and earlier allows a  ...)
	NOT-FOR-US: Nagios Fusion
CVE-2020-28902 (Command Injection in Nagios Fusion 4.1.8 and earlier allows Privilege  ...)
	NOT-FOR-US: Nagios Fusion
CVE-2020-28901 (Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privil ...)
	NOT-FOR-US: Nagios Fusion
CVE-2020-28900 (Insufficient Verification of Data Authenticity in Nagios Fusion 4.1.8  ...)
	NOT-FOR-US: Nagios Fusion
CVE-2020-28899 (The Web CGI Script on ZyXEL LTE4506-M606 V1.00(ABDO.2)C0 devices does  ...)
	NOT-FOR-US: ZyXEL
CVE-2020-28898 (In QED ResourceXpress through 4.9k, a large numeric or alphanumeric va ...)
	NOT-FOR-US: QED ResourceXpress
CVE-2020-28897
	RESERVED
CVE-2020-28896 (Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $s ...)
	{DLA-2472-1}
	- mutt 2.0.2-1
	[buster] - mutt 1.10.1-2.1+deb10u4
	- neomutt 20201120+dfsg.1-1
	[buster] - neomutt 20180716+dfsg.1-1+deb10u2
	NOTE: https://gitlab.com/muttmua/mutt/-/commit/04b06aaa3e0cc0022b9b01dbca2863756ebbf59a
	NOTE: https://github.com/neomutt/neomutt/commit/9c36717a3e2af1f2c1b7242035455ec8112b4b06
CVE-2020-28895 (In Wind River VxWorks, memory allocator has a possible overflow in cal ...)
	NOT-FOR-US: Wind River VxWorks
CVE-2020-28894
	RESERVED
CVE-2020-28893
	RESERVED
CVE-2020-28892
	RESERVED
CVE-2020-28891
	RESERVED
CVE-2020-28890
	RESERVED
CVE-2020-28889
	RESERVED
CVE-2020-28888
	RESERVED
CVE-2020-28887
	RESERVED
CVE-2020-28886
	RESERVED
CVE-2020-28885 (** DISPUTED ** Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is ...)
	NOT-FOR-US: Liferay
CVE-2020-28884 (Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS ...)
	NOT-FOR-US: Liferay
CVE-2020-28883
	RESERVED
CVE-2020-28882
	RESERVED
CVE-2020-28881
	RESERVED
CVE-2020-28880
	RESERVED
CVE-2020-28879
	RESERVED
CVE-2020-28878
	RESERVED
CVE-2020-28877 (Buffer overflow in in the copy_msg_element function for the devDiscove ...)
	NOT-FOR-US: TP-Link
CVE-2020-28876
	RESERVED
CVE-2020-28875
	RESERVED
CVE-2020-28874 (reset-password.php in ProjectSend before r1295 allows remote attackers ...)
	NOT-FOR-US: ProjectSend
CVE-2020-28873 (Fluxbb 1.5.11 is affected by a denial of service (DoS) vulnerability b ...)
	NOT-FOR-US: Fluxbb
CVE-2020-28872 (An authorization bypass vulnerability in Monitorr v1.7.6m in Monitorr/ ...)
	NOT-FOR-US: Monitorr
CVE-2020-28871 (Remote code execution in Monitorr v1.7.6m in upload.php allows an unau ...)
	NOT-FOR-US: Monitorr
CVE-2020-28870 (In InoERP 0.7.2, an unauthorized attacker can execute arbitrary code o ...)
	NOT-FOR-US: InoERP
CVE-2020-28869
	RESERVED
CVE-2020-28868
	RESERVED
CVE-2020-28867
	RESERVED
CVE-2020-28866
	RESERVED
CVE-2020-28865
	RESERVED
CVE-2020-28864 (Buffer overflow in WinSCP 5.17.8 allows a malicious FTP server to caus ...)
	NOT-FOR-US: WinSCP
CVE-2020-28863
	RESERVED
CVE-2020-28862
	RESERVED
CVE-2020-28861 (OpenAsset Digital Asset Management (DAM) 12.0.19 and earlier failed to ...)
	NOT-FOR-US: OpenAsset Digital Asset Management (DAM)
CVE-2020-28860 (OpenAssetDigital Asset Management (DAM) through 12.0.19 does not corre ...)
	NOT-FOR-US: OpenAsset Digital Asset Management (DAM)
CVE-2020-28859 (OpenAsset Digital Asset Management (DAM) through 12.0.19 does not corr ...)
	NOT-FOR-US: OpenAsset Digital Asset Management (DAM)
CVE-2020-28858 (OpenAsset Digital Asset Management (DAM) through 12.0.19 does not corr ...)
	NOT-FOR-US: OpenAsset Digital Asset Management (DAM)
CVE-2020-28857 (OpenAsset Digital Asset Management (DAM) through 12.0.19, does not cor ...)
	NOT-FOR-US: OpenAsset Digital Asset Management (DAM)
CVE-2020-28856 (OpenAsset Digital Asset Management (DAM) through 12.0.19 does not corr ...)
	NOT-FOR-US: OpenAsset Digital Asset Management (DAM)
CVE-2020-28855
	RESERVED
CVE-2020-28854
	RESERVED
CVE-2020-28853
	RESERVED
CVE-2020-28852 (In x/text in Go before v0.3.5, a "slice bounds out of range" panic occ ...)
	- golang-golang-x-text 0.3.5-1 (bug #980002)
	- golang-x-text <removed>
	[buster] - golang-x-text <no-dsa> (Minor issue)
	[stretch] - golang-x-text <no-dsa> (Minor issue. Golang has limited support in stretch.)
	NOTE: https://github.com/golang/go/issues/42536
	NOTE: https://github.com/golang/text/commit/4482a914f52311356f6f4b7a695d4075ca22c0c6 (v0.3.5)
CVE-2020-28851 (In x/text in Go 1.15.4, an "index out of range" panic occurs in langua ...)
	- golang-golang-x-text 0.3.6-1 (bug #980001)
	- golang-x-text <removed>
	[buster] - golang-x-text <no-dsa> (Minor issue)
	[stretch] - golang-x-text <no-dsa> (Minor issue. Golang has limited support in stretch.)
	NOTE: https://github.com/golang/go/issues/42535
CVE-2020-28850
	RESERVED
CVE-2020-28849
	RESERVED
CVE-2020-28848
	RESERVED
CVE-2020-28847
	RESERVED
CVE-2020-28846 (Cross Site Request Forgery (CSRF) vulnerability exists in SeaCMS 10.7  ...)
	NOT-FOR-US: SeaCMS
CVE-2020-28845 (A CSV injection vulnerability in the Admin portal for Netskope 75.0 al ...)
	NOT-FOR-US: Admin portal for Netskope
CVE-2020-28844
	RESERVED
CVE-2020-28843
	RESERVED
CVE-2020-28842
	RESERVED
CVE-2020-28841 (MyDrivers64.sys in DriverGenius 9.61.3708.3054 allows attackers to cau ...)
	NOT-FOR-US: DriverGenius
CVE-2020-28840
	RESERVED
CVE-2020-28839
	RESERVED
CVE-2020-28838 (Cross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. Open ...)
	NOT-FOR-US: OpenCart
CVE-2020-28837
	RESERVED
CVE-2020-28836
	RESERVED
CVE-2020-28835
	RESERVED
CVE-2020-28834
	RESERVED
CVE-2020-28833
	RESERVED
CVE-2020-28832
	RESERVED
CVE-2020-28831
	RESERVED
CVE-2020-28830
	RESERVED
CVE-2020-28829
	RESERVED
CVE-2020-28828
	RESERVED
CVE-2020-28827
	RESERVED
CVE-2020-28826
	RESERVED
CVE-2020-28825
	RESERVED
CVE-2020-28824
	RESERVED
CVE-2020-28823
	RESERVED
CVE-2020-28822
	RESERVED
CVE-2020-28821
	RESERVED
CVE-2020-28820
	RESERVED
CVE-2020-28819
	RESERVED
CVE-2020-28818
	RESERVED
CVE-2020-28817
	RESERVED
CVE-2020-28816
	RESERVED
CVE-2020-28815
	RESERVED
CVE-2020-28814
	RESERVED
CVE-2020-28813
	RESERVED
CVE-2020-28812
	RESERVED
CVE-2020-28811
	RESERVED
CVE-2020-28810
	RESERVED
CVE-2020-28809
	RESERVED
CVE-2020-28808
	RESERVED
CVE-2020-28807
	RESERVED
CVE-2020-28806
	RESERVED
CVE-2020-28805
	RESERVED
CVE-2020-28804
	RESERVED
CVE-2020-28803
	RESERVED
CVE-2020-28802
	RESERVED
CVE-2020-28801
	RESERVED
CVE-2020-28800
	RESERVED
CVE-2020-28799
	RESERVED
CVE-2020-28798
	RESERVED
CVE-2020-28797
	RESERVED
CVE-2020-28796
	RESERVED
CVE-2020-28795
	RESERVED
CVE-2020-28794
	RESERVED
CVE-2020-28793
	RESERVED
CVE-2020-28792
	RESERVED
CVE-2020-28791
	RESERVED
CVE-2020-28790
	RESERVED
CVE-2020-28789
	RESERVED
CVE-2020-28788
	RESERVED
CVE-2020-28787
	RESERVED
CVE-2020-28786
	RESERVED
CVE-2020-28785
	RESERVED
CVE-2020-28784
	RESERVED
CVE-2020-28783
	RESERVED
CVE-2020-28782
	RESERVED
CVE-2020-28781
	RESERVED
CVE-2020-28780
	RESERVED
CVE-2020-28779
	RESERVED
CVE-2020-28778
	RESERVED
CVE-2020-28777
	RESERVED
CVE-2020-28776
	RESERVED
CVE-2020-28775
	RESERVED
CVE-2020-28774
	RESERVED
CVE-2020-28773
	RESERVED
CVE-2020-28772
	RESERVED
CVE-2020-28771
	RESERVED
CVE-2020-28770
	RESERVED
CVE-2020-28769
	RESERVED
CVE-2020-28768
	RESERVED
CVE-2020-28767
	RESERVED
CVE-2020-28766
	RESERVED
CVE-2020-28765
	RESERVED
CVE-2020-28764
	RESERVED
CVE-2020-28763
	RESERVED
CVE-2020-28762
	RESERVED
CVE-2020-28761
	RESERVED
CVE-2020-28760
	RESERVED
CVE-2020-28759 (** DISPUTED ** The serializer module in OAID Tengine lite-v1.0 has a B ...)
	NOT-FOR-US: OAID Tengine
CVE-2020-28758
	RESERVED
CVE-2020-28757
	RESERVED
CVE-2020-28756
	RESERVED
CVE-2020-28755
	RESERVED
CVE-2020-28754
	RESERVED
CVE-2020-28753
	RESERVED
CVE-2020-28752
	RESERVED
CVE-2020-28751
	RESERVED
CVE-2020-28750
	RESERVED
CVE-2020-28749
	RESERVED
CVE-2020-28748
	RESERVED
CVE-2020-28747
	RESERVED
CVE-2020-28746
	RESERVED
CVE-2020-28745
	RESERVED
CVE-2020-28744
	RESERVED
CVE-2020-28743
	RESERVED
CVE-2020-28742
	RESERVED
CVE-2020-28741
	RESERVED
CVE-2020-28740
	RESERVED
CVE-2020-28739
	RESERVED
CVE-2020-28738
	RESERVED
CVE-2020-28737
	RESERVED
CVE-2020-28736 (Plone before 5.2.3 allows XXE attacks via a feature that is protected  ...)
	NOT-FOR-US: Plone
CVE-2020-28735 (Plone before 5.2.3 allows SSRF attacks via the tracebacks feature (onl ...)
	NOT-FOR-US: Plone
CVE-2020-28734 (Plone before 5.2.3 allows XXE attacks via a feature that is explicitly ...)
	NOT-FOR-US: Plone
CVE-2020-28733
	RESERVED
CVE-2020-28732
	RESERVED
CVE-2020-28731
	RESERVED
CVE-2020-28730
	RESERVED
CVE-2020-28729
	RESERVED
CVE-2020-28728
	RESERVED
CVE-2020-28727 (Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the folderid p ...)
	NOT-FOR-US: SeedDMS
CVE-2020-28726 (Open redirect in SeedDMS 6.0.13 via the dropfolderfileform1 parameter  ...)
	NOT-FOR-US: SeedDMS
CVE-2020-28725
	RESERVED
CVE-2020-28724 (Open redirect vulnerability in werkzeug before 0.11.6 via a double sla ...)
	- python-werkzeug 0.11.9+dfsg1-1
	NOTE: https://github.com/pallets/werkzeug/issues/822
	NOTE: https://github.com/pallets/werkzeug/pull/890
CVE-2020-28723 (Memory leak in IPv6Param::setAddress in CloudAvid PParam 1.3.1. ...)
	NOT-FOR-US: CloudAvid
CVE-2020-28722 (Deskpro Cloud Platform and on-premise 2020.2.3.48207 from 2020-07-30 c ...)
	NOT-FOR-US: Deskpro Cloud Platform
CVE-2020-28721
	RESERVED
CVE-2020-28720
	RESERVED
CVE-2020-28719
	RESERVED
CVE-2020-28718
	RESERVED
CVE-2020-28717
	RESERVED
CVE-2020-28716
	RESERVED
CVE-2020-28715
	RESERVED
CVE-2020-28714
	RESERVED
CVE-2020-28713 (Incorrect access control in push notification service in Night Owl Sma ...)
	NOT-FOR-US: Night Owl Smart Doorbell
CVE-2020-28712
	RESERVED
CVE-2020-28711
	RESERVED
CVE-2020-28710
	RESERVED
CVE-2020-28709
	RESERVED
CVE-2020-28708
	RESERVED
CVE-2020-28707 (The Stockdio Historical Chart plugin before 2.8.1 for WordPress is aff ...)
	NOT-FOR-US: Stockdio Historical Chart plugin for WordPress
CVE-2020-28706
	RESERVED
CVE-2020-28705 (FUEL CMS 1.4.13 contains a cross-site request forgery (CSRF) vulnerabi ...)
	NOT-FOR-US: FUEL CMS
CVE-2020-28704
	RESERVED
CVE-2020-28703
	RESERVED
CVE-2020-28702 (A SQL injection vulnerability in TopicMapper.xml of PybbsCMS v5.2.1 al ...)
	NOT-FOR-US: PybbsCMS
CVE-2020-28701
	RESERVED
CVE-2020-28700
	RESERVED
CVE-2020-28699
	RESERVED
CVE-2020-28698
	RESERVED
CVE-2020-28697
	RESERVED
CVE-2020-28696
	RESERVED
CVE-2020-28695 (Askey Fiber Router RTF3505VW-N1 BR_SV_g000_R3505VWN1001_s32_7 devices  ...)
	NOT-FOR-US: Askey Fiber Router RTF3505VW-N1 BR_SV_g000_R3505VWN1001_s32_7 devices
CVE-2020-28694
	RESERVED
CVE-2020-28693 (An unrestricted file upload issue in HorizontCMS 1.0.0-beta allows an  ...)
	NOT-FOR-US: HorizontCMS
CVE-2020-28692 (In Gila CMS 1.16.0, an attacker can upload a shell to tmp directy and  ...)
	NOT-FOR-US: Gila CMS
CVE-2020-28691
	RESERVED
CVE-2020-28690
	RESERVED
CVE-2020-28689
	RESERVED
CVE-2020-28688 (The add artwork functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCR ...)
	NOT-FOR-US: Artworks Gallery
CVE-2020-28687 (The edit profile functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASC ...)
	NOT-FOR-US: Artworks Gallery
CVE-2020-28686
	RESERVED
CVE-2020-28685
	RESERVED
CVE-2020-28684
	RESERVED
CVE-2020-28683
	RESERVED
CVE-2020-28682
	RESERVED
CVE-2020-28681
	RESERVED
CVE-2020-28680
	RESERVED
CVE-2020-28679 (A vulnerability in the showReports module of Zoho ManageEngine Applica ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2020-28678
	RESERVED
CVE-2020-28677
	RESERVED
CVE-2020-28676
	RESERVED
CVE-2020-28675
	RESERVED
CVE-2020-28674
	RESERVED
CVE-2020-28673
	RESERVED
CVE-2020-28672 (MonoCMS Blog 1.0 is affected by incorrect access control that can lead ...)
	NOT-FOR-US: MonoCMS Blog
CVE-2020-28671
	RESERVED
CVE-2020-28670
	RESERVED
CVE-2020-28669
	RESERVED
CVE-2020-28668
	RESERVED
CVE-2020-28667
	RESERVED
CVE-2020-28666
	RESERVED
CVE-2020-28665
	RESERVED
CVE-2020-28664
	RESERVED
CVE-2020-28663
	RESERVED
CVE-2020-28662
	RESERVED
CVE-2020-28661
	RESERVED
CVE-2020-28660
	RESERVED
CVE-2020-28659
	RESERVED
CVE-2020-28658
	RESERVED
CVE-2020-28657 (In bPanel 2.0, the administrative ajax endpoints (aka ajax/aj_*.php) a ...)
	NOT-FOR-US: bPanel
CVE-2020-28656 (The update functionality of the Discover Media infotainment system in  ...)
	NOT-FOR-US: 3Discover Media infotainment system in Volkswagen Polo 2019 vehicles
CVE-2020-28655
	RESERVED
CVE-2020-28654
	RESERVED
CVE-2020-28653 (Zoho ManageEngine OpManager Stable build before 125203 (and Released b ...)
	NOT-FOR-US: Zoho ManageEngine OpManager Stable
CVE-2020-28652
	RESERVED
CVE-2020-28651
	RESERVED
CVE-2020-28650 (The WPBakery plugin before 6.4.1 for WordPress allows XSS because it c ...)
	NOT-FOR-US: WPBakery plugin for WordPress
CVE-2020-28649 (The orbisius-child-theme-creator plugin before 1.5.2 for WordPress all ...)
	NOT-FOR-US: orbisius-child-theme-creator plugin for WordPress
CVE-2020-28648 (Improper input validation in the Auto-Discovery component of Nagios XI ...)
	NOT-FOR-US: Nagios XI
CVE-2020-28647 (In Progress MOVEit Transfer before 2020.1, a malicious user could craf ...)
	NOT-FOR-US: Progress MOVEit Transfer
CVE-2020-28646 (ownCloud owncloud/client before 2.7 allows DLL Injection. The desktop  ...)
	- owncloud <removed>
CVE-2020-28645 (Deleting users with certain names caused system files to be deleted. R ...)
	- owncloud <removed>
CVE-2020-28644 (The CSRF (Cross Site Request Forgery) token check was improperly imple ...)
	- owncloud <removed>
CVE-2020-28643
	RESERVED
CVE-2020-28642 (In InfiniteWP Admin Panel before 3.1.12.3, resetPasswordSendMail gener ...)
	NOT-FOR-US: InfiniteWP Admin Panel
CVE-2020-28641 (In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an a ...)
	NOT-FOR-US: Malwarebytes Free
CVE-2020-28640
	RESERVED
CVE-2020-28639
	RESERVED
CVE-2020-28638 (ask_password in Tomb 2.0 through 2.7 returns a warning when pinentry-c ...)
	- tomb 2.8+dfsg1-1 (bug #974719; bug #975084)
	[buster] - tomb <not-affected> (Vulnerability introduced later)
	NOTE: https://github.com/dyne/Tomb/issues/385
	NOTE: Introduced by: https://github.com/dyne/Tomb/commit/477ab204439ddb88d7293d3c35a29e29751feda9 (v2.6)
	NOTE: https://github.com/dyne/Tomb/pull/386
	NOTE: Attempted to be fixed via: https://github.com/dyne/Tomb/commit/15c894dfb41db3ea3290bdf8f958fd9e3503c4bb
	NOTE: which only hides the problem.
	NOTE: https://github.com/dyne/Tomb/issues/392
CVE-2020-28637
	RESERVED
CVE-2020-28636 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
	{DLA-2649-1}
	- cgal 5.2-3 (bug #985671)
	[buster] - cgal <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
CVE-2020-28635
	RESERVED
CVE-2020-28634
	RESERVED
CVE-2020-28633
	RESERVED
CVE-2020-28632
	RESERVED
CVE-2020-28631
	RESERVED
CVE-2020-28630
	RESERVED
CVE-2020-28629
	RESERVED
CVE-2020-28628
	RESERVED
CVE-2020-28627
	RESERVED
CVE-2020-28626
	RESERVED
CVE-2020-28625
	RESERVED
CVE-2020-28624
	RESERVED
CVE-2020-28623
	RESERVED
CVE-2020-28622
	RESERVED
CVE-2020-28621
	RESERVED
CVE-2020-28620
	RESERVED
CVE-2020-28619
	RESERVED
CVE-2020-28618
	RESERVED
CVE-2020-28617
	RESERVED
CVE-2020-28616
	RESERVED
CVE-2020-28615
	RESERVED
CVE-2020-28614
	RESERVED
CVE-2020-28613
	RESERVED
CVE-2020-28612
	RESERVED
CVE-2020-28611
	RESERVED
CVE-2020-28610
	RESERVED
CVE-2020-28609
	RESERVED
CVE-2020-28608
	RESERVED
CVE-2020-28607
	RESERVED
CVE-2020-28606
	RESERVED
CVE-2020-28605
	RESERVED
CVE-2020-28604
	RESERVED
CVE-2020-28603
	RESERVED
CVE-2020-28602
	RESERVED
CVE-2020-28601 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
	{DLA-2649-1}
	- cgal 5.2-3 (bug #985671)
	[buster] - cgal <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
CVE-2020-28600 (An out-of-bounds write vulnerability exists in the import_stl.cc:impor ...)
	- openscad 2021.01-1 (bug #996020)
	[buster] - openscad <no-dsa> (Minor issue)
	[stretch] - openscad <not-affected> (Vulnerable code introduced later)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1224
	NOTE: introduced at https://github.com/openscad/openscad/commit/25ec72ce0770115ad62c17fe10ee7464ac256391
	NOTE: vulnerable code removed at https://github.com/openscad/openscad/commit/07ea60f82e94a155f4926f17fad8e8366bc74874
CVE-2020-28599 (A stack-based buffer overflow vulnerability exists in the import_stl.c ...)
	- openscad 2021.01-1 (bug #996020)
	[buster] - openscad <no-dsa> (Minor issue)
	[stretch] - openscad <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1223
	NOTE: https://github.com/openscad/openscad/commit/07ea60f82e94a155f4926f17fad8e8366bc74874
CVE-2020-28598 (An out-of-bounds write vulnerability exists in the Admesh stl_fix_norm ...)
	NOT-FOR-US: Prusa Research PrusaSlicer
CVE-2020-28597 (A predictable seed vulnerability exists in the password reset function ...)
	NOT-FOR-US: Epignosis EfrontPro
CVE-2020-28596 (A stack-based buffer overflow vulnerability exists in the Objparser::o ...)
	NOT-FOR-US: PrusaSlicer
CVE-2020-28595 (An out-of-bounds write vulnerability exists in the Obj.cpp load_obj()  ...)
	NOT-FOR-US: PrusaSlicer
CVE-2020-28594 (A use-after-free vulnerability exists in the _3MF_Importer::_handle_en ...)
	NOT-FOR-US: PrusaSlicer
CVE-2020-28593 (A unauthenticated backdoor exists in the configuration server function ...)
	NOT-FOR-US: Cosori Smart 5.8-Quart Air Fryer CS158-AF
CVE-2020-28592 (A heap-based buffer overflow vulnerability exists in the configuration ...)
	NOT-FOR-US: Cosori Smart 5.8-Quart Air Fryer CS158-AF
CVE-2020-28591 (An out-of-bounds read vulnerability exists in the AMF File AMFParserCo ...)
	- slic3r 1.3.0+dfsg1-4 (unimportant; bug #985620)
	[stretch] - slic3r <not-affected> (Vulnerable code not present)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1215
	NOTE: https://github.com/slic3r/Slic3r/issues/5061
	NOTE: https://github.com/slic3r/Slic3r/pull/5063
	NOTE: Crash in enduser application, no security impact
CVE-2020-28590 (An out-of-bounds read vulnerability exists in the Obj File TriangleMes ...)
	- slic3r <unfixed> (unimportant)
	[stretch] - slic3r <not-affected> (Vulnerable code not present)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1213
	NOTE: https://github.com/slic3r/Slic3r/issues/5074
	NOTE: Crash in enduser application, no security impact
CVE-2020-28589 (An improper array index validation vulnerability exists in the LoadObj ...)
	- tinyobjloader <undetermined>
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1212
CVE-2020-28588 (An information disclosure vulnerability exists in the /proc/pid/syscal ...)
	- linux 5.9.15-1
	[buster] - linux <not-affected> (Vulnerable code not present)
	[stretch] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/4f134b89a24b965991e7c345b9a4591821f7c2a6
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1211
CVE-2020-28587 (A specially crafted document can cause the document parser to copy dat ...)
	NOT-FOR-US: SoftMaker
CVE-2020-28586
	RESERVED
CVE-2020-28585
	RESERVED
CVE-2020-28584
	RESERVED
CVE-2020-28583 (An improper access control information disclosure vulnerability in Tre ...)
	NOT-FOR-US: Trend Micro
CVE-2020-28582 (An improper access control information disclosure vulnerability in Tre ...)
	NOT-FOR-US: Trend Micro
CVE-2020-28581 (A command injection vulnerability in ModifyVLANItem of Trend Micro Int ...)
	NOT-FOR-US: Trend Micro
CVE-2020-28580 (A command injection vulnerability in AddVLANItem of Trend Micro InterS ...)
	NOT-FOR-US: Trend Micro
CVE-2020-28579 (A vulnerability in Trend Micro InterScan Web Security Virtual Applianc ...)
	NOT-FOR-US: Trend Micro
CVE-2020-28578 (A vulnerability in Trend Micro InterScan Web Security Virtual Applianc ...)
	NOT-FOR-US: Trend Micro
CVE-2020-28577 (An improper access control information disclosure vulnerability in Tre ...)
	NOT-FOR-US: Trend Micro
CVE-2020-28576 (An improper access control information disclosure vulnerability in Tre ...)
	NOT-FOR-US: Trend Micro
CVE-2020-28575 (A heap-based buffer overflow privilege escalation vulnerability in Tre ...)
	NOT-FOR-US: Trend Micro
CVE-2020-28574 (A unauthenticated path traversal arbitrary remote file deletion vulner ...)
	NOT-FOR-US: Trend Micro
CVE-2020-28573 (An improper access control information disclosure vulnerability in Tre ...)
	NOT-FOR-US: Trend Micro
CVE-2020-28572 (A vulnerability in Trend Micro Apex One could allow an unprivileged us ...)
	NOT-FOR-US: Trend Micro
CVE-2020-28571
	RESERVED
CVE-2020-28570
	RESERVED
CVE-2020-28569
	RESERVED
CVE-2020-28568
	RESERVED
CVE-2020-28567
	RESERVED
CVE-2020-28566
	RESERVED
CVE-2020-28565
	RESERVED
CVE-2020-28564
	RESERVED
CVE-2020-28563
	RESERVED
CVE-2020-28562
	RESERVED
CVE-2020-28561
	RESERVED
CVE-2020-28560
	RESERVED
CVE-2020-28559
	RESERVED
CVE-2020-28558
	RESERVED
CVE-2020-28557
	RESERVED
CVE-2020-28556
	RESERVED
CVE-2020-28555
	RESERVED
CVE-2020-28554
	RESERVED
CVE-2020-28553
	RESERVED
CVE-2020-28552
	RESERVED
CVE-2020-28551
	RESERVED
CVE-2020-28550
	RESERVED
CVE-2020-28549
	RESERVED
CVE-2020-28548
	RESERVED
CVE-2020-28547
	RESERVED
CVE-2020-28546
	RESERVED
CVE-2020-28545
	RESERVED
CVE-2020-28544
	RESERVED
CVE-2020-28543
	RESERVED
CVE-2020-28542
	RESERVED
CVE-2020-28541
	RESERVED
CVE-2020-28540
	RESERVED
CVE-2020-28539
	RESERVED
CVE-2020-28538
	RESERVED
CVE-2020-28537
	RESERVED
CVE-2020-28536
	RESERVED
CVE-2020-28535
	RESERVED
CVE-2020-28534
	RESERVED
CVE-2020-28533
	RESERVED
CVE-2020-28532
	RESERVED
CVE-2020-28531
	RESERVED
CVE-2020-28530
	RESERVED
CVE-2020-28529
	RESERVED
CVE-2020-28528
	RESERVED
CVE-2020-28527
	RESERVED
CVE-2020-28526
	RESERVED
CVE-2020-28525
	RESERVED
CVE-2020-28524
	RESERVED
CVE-2020-28523
	RESERVED
CVE-2020-28522
	RESERVED
CVE-2020-28521
	RESERVED
CVE-2020-28520
	RESERVED
CVE-2020-28519
	RESERVED
CVE-2020-28518
	RESERVED
CVE-2020-28517
	RESERVED
CVE-2020-28516
	RESERVED
CVE-2020-28515
	RESERVED
CVE-2020-28514
	RESERVED
CVE-2020-28513
	RESERVED
CVE-2020-28512
	RESERVED
CVE-2020-28511
	RESERVED
CVE-2020-28510
	RESERVED
CVE-2020-28509
	RESERVED
CVE-2020-28508
	RESERVED
CVE-2020-28507
	RESERVED
CVE-2020-28506
	RESERVED
CVE-2020-28505
	RESERVED
CVE-2020-28504
	RESERVED
CVE-2020-28503 (The package copy-props before 2.0.5 are vulnerable to Prototype Pollut ...)
	NOT-FOR-US: Node copy-props
CVE-2020-28502 (This affects the package xmlhttprequest before 1.7.0; all versions of  ...)
	- node-xmlhttprequest 1.8.0-1
	[stretch] - node-xmlhttprequest <end-of-life> (Nodejs in stretch not covered by security support)
	- node-xmlhttprequest-ssl <unfixed>
	[buster] - node-xmlhttprequest-ssl <ignored> (Minor issue, should possibly be removed from stable as well)
	[stretch] - node-xmlhttprequest-ssl <end-of-life> (Nodejs in stretch not covered by security support)
	NOTE: https://snyk.io/vuln/SNYK-JS-XMLHTTPREQUEST-1082935
	NOTE: https://snyk.io/vuln/SNYK-JS-XMLHTTPREQUESTSSL-1082936
CVE-2020-28501 (This affects the package es6-crawler-detect before 3.1.3. No limitatio ...)
	NOT-FOR-US: Node es6-crawler-detect
CVE-2020-28500 (Lodash versions prior to 4.17.21 are vulnerable to Regular Expression  ...)
	- node-lodash 4.17.21+dfsg+~cs8.31.173-1 (bug #985086)
	[buster] - node-lodash <no-dsa> (Minor issue)
	[stretch] - node-lodash <end-of-life> (Nodejs in stretch not covered by security support)
	NOTE: https://snyk.io/vuln/SNYK-JS-LODASH-1018905
CVE-2020-28499 (All versions of package merge are vulnerable to Prototype Pollution vi ...)
	NOTE: Only bogus references listed, unclear what this is about
CVE-2020-28498 (The package elliptic before 6.5.4 are vulnerable to Cryptographic Issu ...)
	- node-elliptic 6.5.4~dfsg-1
	[buster] - node-elliptic <no-dsa> (Minor issue)
	NOTE: https://github.com/indutny/elliptic/commit/441b7428b0e8f6636c42118ad2aaa186d3c34c3f
	NOTE: https://github.com/christianlundkvist/blog/blob/master/2020_05_26_secp256k1_twist_attacks/secp256k1_twist_attacks.md
CVE-2020-28497
	RESERVED
CVE-2020-28496 (This affects the package three before 0.125.0. This can happen when ha ...)
	- three.js <not-affected> (Vulnerable code introduced later, #988726)
	NOTE: https://github.com/mrdoob/three.js/pull/21143/commits/4a582355216b620176a291ff319d740e619d583e
	NOTE: https://github.com/mrdoob/three.js/issues/21132
CVE-2020-28495 (This affects the package total.js before 3.4.7. The set function can b ...)
	NOT-FOR-US: Node total.js
CVE-2020-28494 (This affects the package total.js before 3.4.7. The issue occurs in th ...)
	NOT-FOR-US: Node total.js
CVE-2020-28493 (This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDo ...)
	- jinja2 2.11.3-1 (bug #982736)
	[buster] - jinja2 <no-dsa> (Minor issue)
	[stretch] - jinja2 <no-dsa> (Minor issue)
	NOTE: https://github.com/pallets/jinja/pull/1343
	NOTE: https://snyk.io/vuln/SNYK-PYTHON-JINJA2-1012994
CVE-2020-28492
	REJECTED
CVE-2020-28491 (This affects the package com.fasterxml.jackson.dataformat:jackson-data ...)
	- jackson-dataformat-cbor <unfixed> (bug #983664)
	[bullseye] - jackson-dataformat-cbor <no-dsa> (Minor issue)
	[buster] - jackson-dataformat-cbor <no-dsa> (Minor issue)
	[stretch] - jackson-dataformat-cbor <no-dsa> (Minor issue; https://people.debian.org/~abhijith/CVE-2020-28491.txt)
	NOTE: https://github.com/FasterXML/jackson-dataformats-binary/commit/de072d314af8f5f269c8abec6930652af67bc8e6
	NOTE: https://github.com/FasterXML/jackson-dataformats-binary/issues/186
CVE-2020-28490 (The package async-git before 1.13.2 are vulnerable to Command Injectio ...)
	NOT-FOR-US: Node async-git
CVE-2020-28489
	RESERVED
CVE-2020-28488
	REJECTED
CVE-2020-28487 (This affects the package vis-timeline before 7.4.4. An attacker with t ...)
	NOT-FOR-US: vis-timeline
CVE-2020-28486
	RESERVED
CVE-2020-28485
	RESERVED
CVE-2020-28484
	RESERVED
CVE-2020-28483 (This affects all versions of package github.com/gin-gonic/gin. When gi ...)
	- golang-github-gin-gonic-gin <unfixed> (bug #988943)
	[bullseye] - golang-github-gin-gonic-gin <no-dsa> (Minor issue)
	[buster] - golang-github-gin-gonic-gin <no-dsa> (Minor issue)
	NOTE: https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGINGONICGIN-1041736
	NOTE: https://github.com/gin-gonic/gin/pull/2474
	NOTE: https://github.com/gin-gonic/gin/commit/c9ea8ece4a3881028f7f715f008414346a7f4b88
CVE-2020-28482 (This affects the package fastify-csrf before 3.0.0. 1. The generated c ...)
	NOT-FOR-US: Node fastify-csrf
CVE-2020-28481 (The package socket.io before 2.4.0 are vulnerable to Insecure Defaults ...)
	NOT-FOR-US: Node socket.io
CVE-2020-28480 (The package jointjs before 3.3.0 are vulnerable to Prototype Pollution ...)
	NOT-FOR-US: Node jointjs
CVE-2020-28479 (The package jointjs before 3.3.0 are vulnerable to Denial of Service ( ...)
	NOT-FOR-US: Node jointjs
CVE-2020-28478 (This affects the package gsap before 3.6.0. ...)
	NOT-FOR-US: Node gsap
CVE-2020-28477 (This affects all versions of package immer. ...)
	NOT-FOR-US: Node immer
CVE-2020-28476
	REJECTED
CVE-2020-28475
	RESERVED
CVE-2020-28474
	RESERVED
CVE-2020-28473 (The package bottle from 0 and before 0.12.19 are vulnerable to Web Cac ...)
	{DLA-2531-1}
	- python-bottle 0.12.19-1
	[buster] - python-bottle 0.12.15-2+deb10u1
	NOTE: https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108
	NOTE: Fixed by: https://github.com/bottlepy/bottle/commit/57a2f22e0c1d2b328c4f54bf75741d74f47f1a6b (0.12.19)
CVE-2020-28472 (This affects the package @aws-sdk/shared-ini-file-loader before 1.0.0- ...)
	NOT-FOR-US: aws-sdk-js
CVE-2020-28471
	RESERVED
CVE-2020-28470 (This affects the package @scullyio/scully before 1.0.9. The transfer s ...)
	NOT-FOR-US: scully
CVE-2020-28469 (This affects the package glob-parent before 5.1.2. The enclosure regex ...)
	- node-glob-parent 5.1.1+~5.1.0-2
	[buster] - node-glob-parent 3.1.0-1+deb10u1
	[stretch] - node-glob-parent <postponed> (Minor issue; can be fixed in next update)
	NOTE: https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905
	NOTE: https://github.com/gulpjs/glob-parent/commit/f9231168b0041fea3f8f954b3cceb56269fc6366
CVE-2020-28468 (This affects the package pwntools before 4.3.1. The shellcraft generat ...)
	NOT-FOR-US: pwntools
CVE-2020-28467
	RESERVED
CVE-2020-28466 (This affects all versions of package github.com/nats-io/nats-server/se ...)
	NOT-FOR-US: nats-server
CVE-2020-28465
	RESERVED
CVE-2020-28464 (This affects the package djv before 2.1.4. By controlling the schema f ...)
	NOT-FOR-US: Node djv
CVE-2020-28463 (All versions of package reportlab are vulnerable to Server-side Reques ...)
	- python-reportlab <unfixed>
	[bullseye] - python-reportlab <no-dsa> (Minor issue)
	[buster] - python-reportlab <no-dsa> (Minor issue)
	[stretch] - python-reportlab <postponed> (Can be fixed in next DLA)
	NOTE: https://snyk.io/vuln/SNYK-PYTHON-REPORTLAB-1022145
CVE-2020-28462
	RESERVED
CVE-2020-28461
	RESERVED
CVE-2020-28460 (This affects the package multi-ini before 2.1.2. It is possible to pol ...)
	NOT-FOR-US: Node multi-ini
CVE-2020-28459
	RESERVED
CVE-2020-28458 (All versions of package datatables.net are vulnerable to Prototype Pol ...)
	NOT-FOR-US: Node datatables.net
CVE-2020-28457 (This affects the package s-cart/core before 4.4. The search functional ...)
	NOT-FOR-US: s-cart/core
CVE-2020-28456 (The package s-cart/core before 4.4 are vulnerable to Cross-site Script ...)
	NOT-FOR-US: s-cart/core
CVE-2020-28455
	RESERVED
CVE-2020-28454
	RESERVED
CVE-2020-28453
	RESERVED
CVE-2020-28452 (This affects the package com.softwaremill.akka-http-session:core_2.12  ...)
	NOT-FOR-US: akka-http-session
CVE-2020-28451
	RESERVED
CVE-2020-28450 (This affects all versions of package decal. The vulnerability is in th ...)
	NOT-FOR-US: Node decal
CVE-2020-28449 (This affects all versions of package decal. The vulnerability is in th ...)
	NOT-FOR-US: Node decal
CVE-2020-28448 (This affects the package multi-ini before 2.1.1. It is possible to pol ...)
	NOT-FOR-US: Node multi-ini
CVE-2020-28447
	RESERVED
CVE-2020-28446
	RESERVED
CVE-2020-28445
	RESERVED
CVE-2020-28444
	RESERVED
CVE-2020-28443
	RESERVED
CVE-2020-28442 (All versions of package js-data are vulnerable to Prototype Pollution  ...)
	NOT-FOR-US: Node js-data
CVE-2020-28441
	RESERVED
CVE-2020-28440 (All versions of package corenlp-js-interface are vulnerable to Command ...)
	NOT-FOR-US: corenlp-js-interface
CVE-2020-28439 (This affects all versions of package corenlp-js-prefab. The injection  ...)
	NOT-FOR-US: corenlp-js-prefab
CVE-2020-28438
	RESERVED
CVE-2020-28437
	RESERVED
CVE-2020-28436
	RESERVED
CVE-2020-28435
	RESERVED
CVE-2020-28434
	RESERVED
CVE-2020-28433
	RESERVED
CVE-2020-28432
	REJECTED
CVE-2020-28431
	REJECTED
CVE-2020-28430
	REJECTED
CVE-2020-28429 (All versions of package geojson2kml are vulnerable to Command Injectio ...)
	NOT-FOR-US: Node geojson2kml
CVE-2020-28428
	RESERVED
CVE-2020-28427
	RESERVED
CVE-2020-28426 (All versions of package kill-process-on-port are vulnerable to Command ...)
	NOT-FOR-US: Node kill-process-on-port
CVE-2020-28425
	RESERVED
CVE-2020-28424
	RESERVED
CVE-2020-28423
	RESERVED
CVE-2020-28422
	RESERVED
CVE-2020-28421 (CA Unified Infrastructure Management 20.1 and earlier contains a vulne ...)
	NOT-FOR-US: CA Unified Infrastructure Management
CVE-2020-28420
	RESERVED
CVE-2020-28419 (During installation with certain driver software or application packag ...)
	NOT-FOR-US: HP
CVE-2020-28418
	RESERVED
CVE-2020-28417
	RESERVED
CVE-2020-28416 (HP has identified a security vulnerability with the I.R.I.S. OCR (Opti ...)
	NOT-FOR-US: HP
CVE-2020-25710 (A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allo ...)
	{DSA-4792-1 DLA-2481-1}
	- openldap 2.4.56+dfsg-1
	NOTE: https://bugs.openldap.org/show_bug.cgi?id=9384
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/bdb0d459187522a6063df13871b82ba8dcc6efe2 (OPENLDAP_REL_ENG_2_4_56)
CVE-2020-25709 (A flaw was found in OpenLDAP. This flaw allows an attacker who can sen ...)
	{DSA-4792-1 DLA-2481-1}
	- openldap 2.4.56+dfsg-1
	NOTE: https://bugs.openldap.org/show_bug.cgi?id=9383
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/67670f4544e28fb09eb7319c39f404e1d3229e65 (OPENLDAP_REL_ENG_2_4_56)
CVE-2020-28415 (A reflected cross-site scripting (XSS) vulnerability exists in the Tra ...)
	NOT-FOR-US: TranzWare Payment Gateway
CVE-2020-28414 (A reflected cross-site scripting (XSS) vulnerability exists in the Tra ...)
	NOT-FOR-US: TranzWare Payment Gateway
CVE-2020-28413 (In MantisBT 2.24.3, SQL Injection can occur in the parameter "access"  ...)
	- mantis <removed>
CVE-2020-28412
	RESERVED
CVE-2020-28411
	RESERVED
CVE-2020-28410
	RESERVED
CVE-2020-28409 (The server in Dundas BI through 8.0.0.1001 allows XSS via addition of  ...)
	NOT-FOR-US: Dundas BI
CVE-2020-28408 (The server in Dundas BI through 8.0.0.1001 allows XSS via an HTML labe ...)
	NOT-FOR-US: Dundas BI
CVE-2020-28407
	RESERVED
	- swtpm <not-affected> (Fixed before initial upload to the archive)
CVE-2020-28406 (An improper authorization vulnerability exists in Star Practice Manage ...)
	NOT-FOR-US: Star Practice Management Web
CVE-2020-28405 (An improper authorization vulnerability exists in Star Practice Manage ...)
	NOT-FOR-US: Star Practice Management Web
CVE-2020-28404 (An improper authorization vulnerability exists in Star Practice Manage ...)
	NOT-FOR-US: Star Practice Management Web
CVE-2020-28403 (A Cross-Site Request Forgery (CSRF) vulnerability exists in Star Pract ...)
	NOT-FOR-US: Star Practice Management Web
CVE-2020-28402 (An improper authorization vulnerability exists in Star Practice Manage ...)
	NOT-FOR-US: Star Practice Management Web
CVE-2020-28401 (An improper authorization vulnerability exists in Star Practice Manage ...)
	NOT-FOR-US: Star Practice Management Web
CVE-2020-28400 (A vulnerability has been identified in Development/Evaluation Kits for ...)
	NOT-FOR-US: Siemens
CVE-2020-28399
	RESERVED
CVE-2020-28398
	RESERVED
CVE-2020-28397 (A vulnerability has been identified in SIMATIC Drive Controller family ...)
	NOT-FOR-US: Siemens
CVE-2020-28396 (A vulnerability has been identified in SICAM A8000 CP-8000 (All versio ...)
	NOT-FOR-US: Siemens
CVE-2020-28395 (A vulnerability has been identified in SCALANCE X-300 switch family (i ...)
	NOT-FOR-US: Siemens
CVE-2020-28394 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: Siemens
CVE-2020-28393 (An unauthenticated remote attacker could create a permanent denial-of- ...)
	NOT-FOR-US: Siemens
CVE-2020-28392 (A vulnerability has been identified in SIMARIS configuration (All vers ...)
	NOT-FOR-US: Siemens
CVE-2020-28391 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...)
	NOT-FOR-US: Siemens
CVE-2020-28390 (A vulnerability has been identified in Opcenter Execution Core (V8.2), ...)
	NOT-FOR-US: Siemens
CVE-2020-28389
	RESERVED
CVE-2020-28388 (A vulnerability has been identified in Capital VSTAR (All versions), N ...)
	NOT-FOR-US: Siemens
CVE-2020-28387 (A vulnerability has been identified in Solid Edge SE2020 (All Versions ...)
	NOT-FOR-US: Siemens
CVE-2020-28386 (A vulnerability has been identified in Solid Edge SE2020 (All Versions ...)
	NOT-FOR-US: Siemens
CVE-2020-28385 (A vulnerability has been identified in Solid Edge SE2020 (All versions ...)
	NOT-FOR-US: Siemens
CVE-2020-28384 (A vulnerability has been identified in Solid Edge SE2020 (All Versions ...)
	NOT-FOR-US: Siemens
CVE-2020-28383 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: Siemens
CVE-2020-28382 (A vulnerability has been identified in Solid Edge SE2020 (All Versions ...)
	NOT-FOR-US: Siemens
CVE-2020-28381 (A vulnerability has been identified in Solid Edge SE2020 (All Versions ...)
	NOT-FOR-US: Siemens
CVE-2020-28380
	RESERVED
CVE-2020-28379
	RESERVED
CVE-2020-28378
	RESERVED
CVE-2020-28377
	RESERVED
CVE-2020-28376
	RESERVED
CVE-2020-28375
	RESERVED
CVE-2020-28374 (In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10. ...)
	{DSA-4843-1 DLA-2586-1 DLA-2557-1}
	- linux 5.10.9-1
	NOTE: https://git.kernel.org/linus/2896c93811e39d63a4d9b63ccf12a8fbc226e5e4
	NOTE: https://www.openwall.com/lists/oss-security/2021/01/12/12
CVE-2020-28373 (upnpd on certain NETGEAR devices allows remote (LAN) attackers to exec ...)
	NOT-FOR-US: Netgear
CVE-2020-28372
	RESERVED
CVE-2020-28371 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in ReadyTalk A ...)
	NOT-FOR-US: ReadyTalk Avian
CVE-2020-28370
	RESERVED
CVE-2020-28369
	RESERVED
CVE-2020-28368 (Xen through 4.14.x allows guest OS administrators to obtain sensitive  ...)
	{DSA-4804-1}
	- xen 4.14.0+80-gd101b417b7-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-351.html
CVE-2020-28367 (Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection. ...)
	{DLA-2460-1}
	- golang-1.15 1.15.5-1
	- golang-1.11 <removed>
	- golang-1.8 <removed>
	- golang-1.7 <removed>
	[stretch] - golang-1.7 <ignored> (validation of cgo flags first introduced in golang-1.8 / CVE-2018-6574)
	NOTE: https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM/m/fLguyiM2CAAJ
	NOTE: https://github.com/golang/go/issues/42556
CVE-2020-28366 (Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection. ...)
	- golang-1.15 1.15.5-1
	- golang-1.11 <removed>
	- golang-1.8 <removed>
	[stretch] - golang-1.8 <ignored> (Minor issue, too intrusive to backport)
	- golang-1.7 <removed>
	[stretch] - golang-1.7 <ignored> (Minor issue, too intrusive to backport)
	NOTE: https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM/m/fLguyiM2CAAJ
	NOTE: https://github.com/golang/go/issues/42559
CVE-2020-28365 (** UNSUPPORTED WHEN ASSIGNED ** Sentrifugo 3.2 allows Stored Cross-Sit ...)
	NOT-FOR-US: Sentrifugo
CVE-2020-28364 (A stored cross-site scripting (XSS) vulnerability affects the Web UI i ...)
	NOT-FOR-US: Locust
CVE-2020-28363
	RESERVED
CVE-2020-28362 (Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service. ...)
	- golang-1.15 1.15.5-1
	- golang-1.11 <not-affected> (Vulnerable code introduced later)
	- golang-1.8 <not-affected> (Vulnerable code introduced later)
	- golang-1.7 <not-affected> (Vulnerable code introduced later)
	NOTE: https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM/m/fLguyiM2CAAJ
	NOTE: https://github.com/golang/go/issues/42552
	NOTE: Introduced in: https://github.com/golang/go/commit/194ae3236d81cf16dc39b955efc1b9202b59d067 (go1.14beta1)
	NOTE: Fixed by: https://github.com/golang/go/commit/1e1fa5903b760c6714ba17e50bf850b01f49135c
CVE-2020-28974 (A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 co ...)
	{DLA-2494-1 DLA-2483-1}
	- linux 5.9.9-1
	[buster] - linux 4.19.160-1
	NOTE: https://git.kernel.org/linus/3c4e0dff2095c579b142d5a0693257f1c58b4804
	NOTE: https://www.openwall.com/lists/oss-security/2020/11/09/2
CVE-2020-28361 (Kamailio before 5.4.0, as used in Sip Express Router (SER) in Sippy So ...)
	- kamailio 5.4.0-1
	[buster] - kamailio <no-dsa> (Minor issue)
	[stretch] - kamailio <no-dsa> (Minor issue)
	NOTE: https://packetstormsecurity.com/files/159030/Kamailio-5.4.0-Header-Smuggling.html
CVE-2020-28360 (Insufficient RegEx in private-ip npm package v1.0.5 and below insuffic ...)
	NOT-FOR-US: Node private-ip
CVE-2020-28359
	RESERVED
CVE-2020-28358
	RESERVED
CVE-2020-28357
	RESERVED
CVE-2020-28356
	RESERVED
CVE-2020-28355
	RESERVED
CVE-2020-28354
	RESERVED
CVE-2020-28353
	RESERVED
CVE-2020-28352
	RESERVED
CVE-2020-28351 (The conferencing component on Mitel ShoreTel 19.46.1802.0 devices coul ...)
	NOT-FOR-US: Mitel
CVE-2020-28350 (A Cross Site Scripting (XSS) vulnerability exists in OPAC in Sokrates  ...)
	NOT-FOR-US: SOWA SowaSQL
CVE-2020-28349 (** DISPUTED ** An inaccurate frame deduplication process in ChirpStack ...)
	NOT-FOR-US: ChirpStack Network Server
CVE-2020-28348 (HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker  ...)
	- nomad 0.10.9+dfsg1-1 (bug #976593)
	NOTE: https://github.com/hashicorp/nomad/issues/9303
CVE-2020-28347 (tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows rem ...)
	NOT-FOR-US: TP-Link
CVE-2020-28346 (ACRN through 2.2 has a devicemodel/hw/pci/virtio/virtio.c NULL Pointer ...)
	NOT-FOR-US: ACRN
CVE-2020-28345 (An issue was discovered on LG mobile devices with Android OS 10 softwa ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-28344 (An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-28343 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-28342 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-28341 (An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-28340 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-28339 (The usc-e-shop (aka Collne Welcart e-Commerce) plugin before 1.9.36 fo ...)
	NOT-FOR-US: usc-e-shop (aka Collne Welcart e-Commerce) plugin for WordPress
CVE-2020-28338
	RESERVED
CVE-2020-28337 (A directory traversal issue in the Utils/Unzip module in Microweber th ...)
	NOT-FOR-US: Microweber
CVE-2020-28336
	RESERVED
CVE-2020-28335
	RESERVED
CVE-2020-28334 (Barco wePresent WiPG-1600W devices use Hard-coded Credentials (issue 2 ...)
	NOT-FOR-US: Barco wePresent WiPG-1600W devices
CVE-2020-28333 (Barco wePresent WiPG-1600W devices allow Authentication Bypass. Affect ...)
	NOT-FOR-US: Barco wePresent WiPG-1600W devices
CVE-2020-28332 (Barco wePresent WiPG-1600W devices download code without an Integrity  ...)
	NOT-FOR-US: Barco wePresent WiPG-1600W devices
CVE-2020-28331 (Barco wePresent WiPG-1600W devices have Improper Access Control. Affec ...)
	NOT-FOR-US: Barco wePresent WiPG-1600W devices
CVE-2020-28330 (Barco wePresent WiPG-1600W devices have Unprotected Transport of Crede ...)
	NOT-FOR-US: Barco wePresent WiPG-1600W devices
CVE-2020-28329 (Barco wePresent WiPG-1600W firmware includes a hardcoded API account a ...)
	NOT-FOR-US: Barco wePresent WiPG-1600W devices
CVE-2020-28328 (SuiteCRM before 7.11.17 is vulnerable to remote code execution via the ...)
	NOT-FOR-US: SuiteCRM
CVE-2020-28327 (A res_pjsip_session crash was discovered in Asterisk Open Source 13.x  ...)
	- asterisk 1:16.15.0~dfsg-1 (bug #974712)
	[buster] - asterisk <no-dsa> (Minor issue)
	[stretch] - asterisk <no-dsa> (Minor issue)
	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-29057
	NOTE: http://downloads.asterisk.org/pub/security/AST-2020-001.html
	NOTE: https://www.openwall.com/lists/oss-security/2020/11/06/1
CVE-2020-28326
	REJECTED
CVE-2020-28325
	REJECTED
CVE-2020-28324
	REJECTED
CVE-2020-28323
	REJECTED
CVE-2020-28322
	REJECTED
CVE-2020-28321
	REJECTED
CVE-2020-28320
	REJECTED
CVE-2020-28319
	REJECTED
CVE-2020-28318
	REJECTED
CVE-2020-28317
	REJECTED
CVE-2020-28316
	REJECTED
CVE-2020-28315
	REJECTED
CVE-2020-28314
	REJECTED
CVE-2020-28313
	REJECTED
CVE-2020-28312
	REJECTED
CVE-2020-28311
	REJECTED
CVE-2020-28310
	REJECTED
CVE-2020-28309
	REJECTED
CVE-2020-28308
	REJECTED
CVE-2020-28307
	REJECTED
CVE-2020-28306
	REJECTED
CVE-2020-28305
	REJECTED
CVE-2020-28304
	REJECTED
CVE-2020-28303
	REJECTED
CVE-2020-28302
	REJECTED
CVE-2020-28301
	REJECTED
CVE-2020-28300
	REJECTED
CVE-2020-28299
	REJECTED
CVE-2020-28298
	REJECTED
CVE-2020-28297
	REJECTED
CVE-2020-28296
	REJECTED
CVE-2020-28295
	REJECTED
CVE-2020-28294
	REJECTED
CVE-2020-28293
	REJECTED
CVE-2020-28292
	REJECTED
CVE-2020-28291
	REJECTED
CVE-2020-28290
	REJECTED
CVE-2020-28289
	REJECTED
CVE-2020-28288
	REJECTED
CVE-2020-28287
	REJECTED
CVE-2020-28286
	REJECTED
CVE-2020-28285
	REJECTED
CVE-2020-28284
	REJECTED
CVE-2020-28283 (Prototype pollution vulnerability in 'libnested' versions 0.0.0 throug ...)
	NOT-FOR-US: libnested
CVE-2020-28282 (Prototype pollution vulnerability in 'getobject' version 0.1.0 allows  ...)
	- node-getobject 1.0.2-1
	[bullseye] - node-getobject 0.1.0-2+deb11u1
	[buster] - node-getobject <no-dsa> (Minor issue)
	[stretch] - node-getobject <no-dsa> (Minor issue)
	NOTE: https://github.com/cowboy/node-getobject/commit/84071748fa407caa8f824e0d0b9c1cde9ec56633 (v1.0.0)
CVE-2020-28281 (Prototype pollution vulnerability in 'set-object-value' versions 0.0.0 ...)
	NOT-FOR-US: react-atomic-organism
CVE-2020-28280 (Prototype pollution vulnerability in 'predefine' versions 0.0.0 throug ...)
	NOT-FOR-US: Node predefine
CVE-2020-28279 (Prototype pollution vulnerability in 'flattenizer' versions 0.0.5 thro ...)
	NOT-FOR-US: flattenizer
CVE-2020-28278 (Prototype pollution vulnerability in 'shvl' versions 1.0.0 through 2.0 ...)
	NOT-FOR-US: Node shvl
CVE-2020-28277 (Prototype pollution vulnerability in 'dset' versions 1.0.0 through 2.0 ...)
	NOT-FOR-US: Node dset
CVE-2020-28276 (Prototype pollution vulnerability in 'deep-set' versions 1.0.0 through ...)
	NOT-FOR-US: Node deep-set
CVE-2020-28275
	REJECTED
CVE-2020-28274 (Prototype pollution vulnerability in 'deepref' versions 1.1.1 through  ...)
	NOT-FOR-US: Node deepref
CVE-2020-28273 (Prototype pollution vulnerability in 'set-in' versions 1.0.0 through 2 ...)
	NOT-FOR-US: Node set-in
CVE-2020-28272 (Prototype pollution vulnerability in 'keyget' versions 1.0.0 through 2 ...)
	NOT-FOR-US: Node keyget
CVE-2020-28271 (Prototype pollution vulnerability in 'deephas' versions 1.0.0 through  ...)
	NOT-FOR-US: Node deephas
CVE-2020-28270 (Prototype pollution vulnerability in 'object-hierarchy-access' version ...)
	NOT-FOR-US: Node object-hierarchy-access
CVE-2020-28269 (Prototype pollution vulnerability in 'field' versions 0.0.1 through 1. ...)
	NOT-FOR-US: Node field
CVE-2020-28268 (Prototype pollution vulnerability in 'controlled-merge' versions 1.0.0 ...)
	NOT-FOR-US: Node controlled-merge
CVE-2020-28267 (Prototype pollution vulnerability in '@strikeentco/set' version 1.0.0  ...)
	NOT-FOR-US: Node strikeentco/set
CVE-2020-28266
	RESERVED
CVE-2020-28265
	RESERVED
CVE-2020-28264
	RESERVED
CVE-2020-28263
	RESERVED
CVE-2020-28262
	RESERVED
CVE-2020-28261
	RESERVED
CVE-2020-28260
	RESERVED
CVE-2020-28259
	RESERVED
CVE-2020-28258
	RESERVED
CVE-2020-28257
	RESERVED
CVE-2020-28256
	RESERVED
CVE-2020-28255
	RESERVED
CVE-2020-28254
	RESERVED
CVE-2020-28253
	RESERVED
CVE-2020-28252
	RESERVED
CVE-2020-28251 (NETSCOUT AirMagnet Enterprise 11.1.4 build 37257 and earlier has a sen ...)
	NOT-FOR-US: NETSCOUT AirMagnet Enterprise
CVE-2020-28250 (Cellinx NVT Web Server 5.0.0.014b.test 2019-09-05 allows a remote user ...)
	NOT-FOR-US: Cellinx NVT Web Server
CVE-2020-28249 (Joplin 1.2.6 for Desktop allows XSS via a LINK element in a note. ...)
	NOT-FOR-US: Joplin
CVE-2020-28248 (An integer overflow in the PngImg::InitStorage_() function of png-img  ...)
	NOT-FOR-US: png-img
CVE-2020-28247 (The lettre library through 0.10.0-alpha for Rust allows arbitrary send ...)
	NOT-FOR-US: Node lettre
CVE-2020-28246
	RESERVED
CVE-2020-28245
	RESERVED
CVE-2020-28244
	RESERVED
CVE-2020-28243 (An issue was discovered in SaltStack Salt before 3002.5. The minion's  ...)
	{DLA-2815-1}
	- salt 3002.5+dfsg1-1 (bug #983632)
	[buster] - salt 2018.3.4+dfsg1-6+deb10u3
	NOTE: https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
	NOTE: Introduced by: https://github.com/saltstack/salt/commit/e02df6fd3ceb605a58e4ac75c06077f52963187a (v2016.3)
	NOTE: Fixed by: https://github.com/saltstack/salt/commit/61dd6d178b1dae0a1bf884bcd1149003281f8194 (v3002.3)
	NOTE: Follow-up: https://github.com/saltstack/salt/commit/777ffe612e612fb443018c1d7983d4abe4632bb2 (v3002.6)
	NOTE: Follow-up doc: https://github.com/saltstack/salt/commit/903cfdcf6863b288fa41549bd991da6049962f54 (next commit)
CVE-2020-28242 (An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 1 ...)
	- asterisk 1:16.15.0~dfsg-1 (bug #974713)
	[buster] - asterisk <no-dsa> (Minor issue)
	[stretch] - asterisk <no-dsa> (Minor issue)
	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-29013
	NOTE: http://downloads.asterisk.org/pub/security/AST-2020-002.html
CVE-2020-28241 (libmaxminddb before 1.4.3 has a heap-based buffer over-read in dump_en ...)
	{DLA-2445-1}
	- libmaxminddb 1.4.3-1 (bug #973878)
	[buster] - libmaxminddb 1.3.2-1+deb10u1
	NOTE: https://github.com/maxmind/libmaxminddb/issues/236
	NOTE: https://github.com/maxmind/libmaxminddb/pull/237
CVE-2020-28240
	RESERVED
CVE-2020-28239
	RESERVED
CVE-2020-28238
	RESERVED
CVE-2020-28237
	RESERVED
CVE-2020-28236
	RESERVED
CVE-2020-28235
	RESERVED
CVE-2020-28234
	RESERVED
CVE-2020-28233
	RESERVED
CVE-2020-28232
	RESERVED
CVE-2020-28231
	RESERVED
CVE-2020-28230
	RESERVED
CVE-2020-28229
	RESERVED
CVE-2020-28228
	RESERVED
CVE-2020-28227
	RESERVED
CVE-2020-28226
	RESERVED
CVE-2020-28225
	RESERVED
CVE-2020-28224
	RESERVED
CVE-2020-28223
	RESERVED
CVE-2020-28222
	RESERVED
CVE-2020-28221 (A CWE-20: Improper Input Validation vulnerability exists in EcoStruxur ...)
	NOT-FOR-US: EcoStruxure Operator Terminal Expert and Pro-face BLUE
CVE-2020-28220 (A CWE-119: Improper Restriction of Operations within the Bounds of a M ...)
	NOT-FOR-US: Modicon
CVE-2020-28219 (A CWE-522: Insufficiently Protected Credentials vulnerability exists i ...)
	NOT-FOR-US: EcoStruxure Geo SCADA Expert
CVE-2020-28218 (A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulne ...)
	NOT-FOR-US: Easergy T300
CVE-2020-28217 (A CWE-311: Missing Encryption of Sensitive Data vulnerability exists i ...)
	NOT-FOR-US: Easergy T300
CVE-2020-28216 (A CWE-311: Missing Encryption of Sensitive Data vulnerability exists i ...)
	NOT-FOR-US: Easergy T300
CVE-2020-28215 (A CWE-862: Missing Authorization vulnerability exists in Easergy T300  ...)
	NOT-FOR-US: Easergy T300
CVE-2020-28214 (A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability ...)
	NOT-FOR-US: Modicon
CVE-2020-28213 (A CWE-494: Download of Code Without Integrity Check vulnerability exis ...)
	NOT-FOR-US: EcoStruxure Control Expert
CVE-2020-28212 (A CWE-307: Improper Restriction of Excessive Authentication Attempts v ...)
	NOT-FOR-US: EcoStruxure Control Expert
CVE-2020-28211 (A CWE-863: Incorrect Authorization vulnerability exists in PLC Simulat ...)
	NOT-FOR-US: EcoStruxure Control Expert
CVE-2020-28210 (A CWE-79 Improper Neutralization of Input During Web Page Generation ( ...)
	NOT-FOR-US: EcoStruxure Building Operation WebStation
CVE-2020-28209 (A CWE-428 Windows Unquoted Search Path vulnerability exists in EcoStru ...)
	NOT-FOR-US: EcoStruxure Building Operation Enterprise Server installer
CVE-2020-28208 (An email address enumeration vulnerability exists in the password rese ...)
	NOT-FOR-US: Rocket.Chat
CVE-2020-28207
	RESERVED
CVE-2020-28206 (An issue was discovered in Bitrix24 Bitrix Framework (1c site manageme ...)
	NOT-FOR-US: Bitrix24 Bitrix Framework
CVE-2020-28205
	RESERVED
CVE-2020-28204
	RESERVED
CVE-2020-28203 (An issue was discovered in Foxit Reader and PhantomPDF 10.1.0.37527 an ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-28202
	RESERVED
CVE-2020-28201
	RESERVED
CVE-2020-28200 (The Sieve engine in Dovecot before 2.3.15 allows Uncontrolled Resource ...)
	- dovecot 1:2.3.16+dfsg1-1 (bug #990566; bug #991323)
	[bullseye] - dovecot <postponed> (Minor issue, fix along with next update)
	[buster] - dovecot <postponed> (Minor issue, fix along with next update)
	[stretch] - dovecot <no-dsa> (Minor issue)
	NOTE: https://dovecot.org/pipermail/dovecot-news/2021-June/000460.html
	NOTE: https://www.openwall.com/lists/oss-security/2021/06/28/3
CVE-2020-28199 (best it Amazon Pay Plugin before 9.4.2 for Shopware exposes Sensitive  ...)
	NOT-FOR-US: Amazon Pay Plugin for Shopware
CVE-2020-28198 (** UNSUPPORTED WHEN ASSIGNED ** The 'id' parameter of IBM Tivoli Stora ...)
	NOT-FOR-US: IBM
CVE-2020-28197
	RESERVED
CVE-2020-28196 (MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allow ...)
	{DSA-4795-1 DLA-2437-1}
	[experimental] - krb5 1.18.2-1
	- krb5 1.18.3-1 (bug #973880)
	NOTE: https://github.com/krb5/krb5/commit/57415dda6cf04e73ffc3723be518eddfae599bfd
CVE-2020-28195
	RESERVED
CVE-2020-28194 (Variable underflow exists in accel-ppp radius/packet.c when receiving  ...)
	NOT-FOR-US: ACCEL-PPP
CVE-2020-28193
	RESERVED
CVE-2020-28192
	RESERVED
CVE-2020-28191
	RESERVED
CVE-2020-28190 (TerraMaster TOS &lt;= 4.2.06 was found to check for updates (of both s ...)
	NOT-FOR-US: TerraMaster TOS
CVE-2020-28189
	REJECTED
CVE-2020-28188 (Remote Command Execution (RCE) vulnerability in TerraMaster TOS &lt;=  ...)
	NOT-FOR-US: TerraMaster TOS
CVE-2020-28187 (Multiple directory traversal vulnerabilities in TerraMaster TOS &lt;=  ...)
	NOT-FOR-US: TerraMaster TOS
CVE-2020-28186 (Email Injection in TerraMaster TOS &lt;= 4.2.06 allows remote unauthen ...)
	NOT-FOR-US: TerraMaster TOS
CVE-2020-28185 (User Enumeration vulnerability in TerraMaster TOS &lt;= 4.2.06 allows  ...)
	NOT-FOR-US: TerraMaster TOS
CVE-2020-28184 (Cross-site scripting (XSS) vulnerability in TerraMaster TOS &lt;= 4.2. ...)
	NOT-FOR-US: TerraMaster TOS
CVE-2020-28183 (SQL injection vulnerability in SourceCodester Water Billing System 1.0 ...)
	NOT-FOR-US: SourceCodester Water Billing System
CVE-2020-28182
	RESERVED
CVE-2020-28181
	RESERVED
CVE-2020-28180
	RESERVED
CVE-2020-28179
	RESERVED
CVE-2020-28178
	RESERVED
CVE-2020-28177
	RESERVED
CVE-2020-28176
	RESERVED
CVE-2020-28175 (There is a local privilege escalation vulnerability in Alfredo Milani  ...)
	NOT-FOR-US: Alfredo Milani Comparetti SpeedFan
CVE-2020-28174
	RESERVED
CVE-2020-28173 (Simple College Website 1.0 allows a user to conduct remote code execut ...)
	NOT-FOR-US: Simple College Website
CVE-2020-28172 (A SQL injection vulnerability in Simple College Website 1.0 allows rem ...)
	NOT-FOR-US: Simple College Website
CVE-2020-28171
	RESERVED
CVE-2020-28170
	RESERVED
CVE-2020-28169 (The td-agent-builder plugin before 2020-12-18 for Fluentd allows attac ...)
	NOT-FOR-US: Fluentd plugin
CVE-2020-28168 (Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) ...)
	- node-axios 0.21.1+dfsg-1 (bug #975305)
	[buster] - node-axios <no-dsa> (Minor issue)
	NOTE: https://github.com/axios/axios/issues/3369
CVE-2020-28167
	RESERVED
CVE-2020-28166
	RESERVED
CVE-2020-28165 (The EasyCorp ZenTao PMS 12.4.2 application suffers from an arbitrary f ...)
	NOT-FOR-US: EasyCorp ZenTao PMS
CVE-2020-28164
	RESERVED
CVE-2020-28163
	RESERVED
	- dwarfutils 20201201-1
	[buster] - dwarfutils <ignored> (Minor issue)
	[stretch] - dwarfutils <ignored> (Minor issue)
	NOTE: https://github.com/davea42/libdwarf-code/commit/faf99408e3f9f706fc3809dd400e831f989778d3
	NOTE: https://www.prevanders.net/dwarfbug.html#DW202010-003
CVE-2020-28162
	RESERVED
CVE-2020-28161
	RESERVED
CVE-2020-28160
	RESERVED
CVE-2020-28159
	RESERVED
CVE-2020-28158
	RESERVED
CVE-2020-28157
	RESERVED
CVE-2020-28156
	RESERVED
CVE-2020-28155
	RESERVED
CVE-2020-28154
	RESERVED
CVE-2020-28153
	RESERVED
CVE-2020-28152
	RESERVED
CVE-2020-28151
	RESERVED
CVE-2020-28150 (I-Net Software Clear Reports 20.10.136 web application accepts a user- ...)
	NOT-FOR-US: I-Net Software Clear Reports
CVE-2020-28149 (myDBR 5.8.3/4262 is affected by: Cross Site Scripting (XSS). The impac ...)
	NOT-FOR-US: myDBR
CVE-2020-28148
	RESERVED
CVE-2020-28147
	RESERVED
CVE-2020-28146 (Cross Site Scripting (XSS) vulnerability exists in Eyoucms v1.4.7 and  ...)
	NOT-FOR-US: Eyoucms
CVE-2020-28145 (Arbitrary file deletion vulnerability was discovered in wuzhicms v 4.0 ...)
	NOT-FOR-US: wuzhicms
CVE-2020-28144 (Certain Moxa Inc products are affected by an improper restriction of o ...)
	NOT-FOR-US: Moxa
CVE-2020-28143
	RESERVED
CVE-2020-28142
	RESERVED
CVE-2020-28141 (The messaging subsystem in the Online Discussion Forum 1.0 is vulnerab ...)
	NOT-FOR-US: Online Discussion Forum
CVE-2020-28140 (SourceCodester Online Clothing Store 1.0 is affected by an arbitrary f ...)
	NOT-FOR-US: SourceCodester Online Clothing Store
CVE-2020-28139 (SourceCodester Online Clothing Store 1.0 is affected by a cross-site s ...)
	NOT-FOR-US: SourceCodester Online Clothing Store
CVE-2020-28138 (SourceCodester Online Clothing Store 1.0 is affected by a SQL Injectio ...)
	NOT-FOR-US: SourceCodester Online Clothing Store
CVE-2020-28137 (Cross site request forgery (CSRF) in Genexis Platinum 4410 V2-1.28, al ...)
	NOT-FOR-US: Genexis Platinum
CVE-2020-28136 (An Arbitrary File Upload is discovered in SourceCodester Tourism Manag ...)
	NOT-FOR-US: SourceCodester Tourism Management System
CVE-2020-28135
	RESERVED
CVE-2020-28134
	RESERVED
CVE-2020-28133 (An issue was discovered in SourceCodester Simple Grocery Store Sales A ...)
	NOT-FOR-US: SourceCodester Simple Grocery Store Sales And Inventory System
CVE-2020-28132
	RESERVED
CVE-2020-28131
	RESERVED
CVE-2020-28130 (An Arbitrary File Upload in the Upload Image component in SourceCodest ...)
	NOT-FOR-US: SourceCodester Online Library Management System
CVE-2020-28129 (Stored Cross-site scripting (XSS) vulnerability in SourceCodester Gym  ...)
	NOT-FOR-US: SourceCodester Gym Management System
CVE-2020-28128
	RESERVED
CVE-2020-28127
	RESERVED
CVE-2020-28126
	RESERVED
CVE-2020-28125
	RESERVED
CVE-2020-28124 (Cross Site Scripting (XSS) in LavaLite 5.8.0 via the Address field. ...)
	NOT-FOR-US: LavaLite
CVE-2020-28123
	RESERVED
CVE-2020-28122
	RESERVED
CVE-2020-28121
	RESERVED
CVE-2020-28120
	RESERVED
CVE-2020-28119 (Cross site scripting vulnerability in 53KF &lt; 2.0.0.2 that allows fo ...)
	NOT-FOR-US: 53KF
CVE-2020-28118
	RESERVED
CVE-2020-28117
	RESERVED
CVE-2020-28116
	RESERVED
CVE-2020-28115 (SQL Injection vulnerability in "Documents component" found in AudimexE ...)
	NOT-FOR-US: AudimexEE
CVE-2020-28114
	RESERVED
CVE-2020-28113
	RESERVED
CVE-2020-28112
	RESERVED
CVE-2020-28111
	RESERVED
CVE-2020-28110
	RESERVED
CVE-2020-28109
	RESERVED
CVE-2020-28108
	RESERVED
CVE-2020-28107
	RESERVED
CVE-2020-28106
	RESERVED
CVE-2020-28105
	RESERVED
CVE-2020-28104
	RESERVED
CVE-2020-28103 (cscms v4.1 allows for SQL injection via the "page_del" function. ...)
	NOT-FOR-US: cscms
CVE-2020-28102 (cscms v4.1 allows for SQL injection via the "js_del" function. ...)
	NOT-FOR-US: cscms
CVE-2020-28101
	RESERVED
CVE-2020-28100
	RESERVED
CVE-2020-28099
	RESERVED
CVE-2020-28098
	RESERVED
CVE-2020-28097 (The vgacon subsystem in the Linux kernel before 5.8.10 mishandles soft ...)
	- linux 5.8.10-1
	[buster] - linux 4.19.146-1
	[stretch] - linux 4.9.240-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/09/16/1
CVE-2020-28096 (FOSCAM FHD X1 1.14.2.4 devices allow attackers (with physical UART acc ...)
	NOT-FOR-US: FOSCAM FHD
CVE-2020-28095 (On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, a large HTTP PO ...)
	NOT-FOR-US: Tenda
CVE-2020-28094 (On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, the default set ...)
	NOT-FOR-US: Tenda
CVE-2020-28093 (On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, admin, support, ...)
	NOT-FOR-US: Tenda
CVE-2020-28092 (PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?g=T ...)
	NOT-FOR-US: PESCMS Team
CVE-2020-28091 (cxuucms v3 has a SQL injection vulnerability, which can lead to the le ...)
	NOT-FOR-US: cxuucms
CVE-2020-28090
	RESERVED
CVE-2020-28089
	RESERVED
CVE-2020-28088 (An arbitrary file upload vulnerability in /jeecg-boot/sys/common/uploa ...)
	NOT-FOR-US: jeecg-boot CMS
CVE-2020-28087 (A SQL injection vulnerability in /jeecg boot/sys/dict/loadtreedata of  ...)
	NOT-FOR-US: jeecg-boot CMS
CVE-2020-28086 (pass through 1.7.3 has a possibility of using a password for an uninte ...)
	- password-store <unfixed> (unimportant)
	NOTE: https://lists.zx2c4.com/pipermail/password-store/2014-March/000498.html
	NOTE: Negligible security impact, where needed signing commits can be a solution, and
	NOTE: possible since https://git.zx2c4.com/password-store/commit/?id=9ef311d868248682a11c8cb8c0177bc9949be7b9
CVE-2020-28085
	RESERVED
CVE-2020-28084
	RESERVED
CVE-2020-28083
	RESERVED
CVE-2020-28082
	RESERVED
CVE-2020-28081
	RESERVED
CVE-2020-28080
	RESERVED
CVE-2020-28079
	RESERVED
CVE-2020-28078
	RESERVED
CVE-2020-28077
	RESERVED
CVE-2020-28076
	RESERVED
CVE-2020-28075
	RESERVED
CVE-2020-28074 (SourceCodester Online Health Care System 1.0 is affected by SQL Inject ...)
	NOT-FOR-US: SourceCodester Online Health Care System
CVE-2020-28073 (SourceCodester Library Management System 1.0 is affected by SQL Inject ...)
	NOT-FOR-US: SourceCodester Library Management System
CVE-2020-28072 (A Remote Code Execution vulnerability exists in DourceCodester Alumni  ...)
	NOT-FOR-US: DourceCodester Alumni Management System
CVE-2020-28071 (SourceCodester Alumni Management System 1.0 is affected by cross-site  ...)
	NOT-FOR-US: SourceCodester Alumni Management System
CVE-2020-28070 (SourceCodester Alumni Management System 1.0 is affected by SQL injecti ...)
	NOT-FOR-US: SourceCodester Alumni Management System
CVE-2020-28069
	RESERVED
CVE-2020-28068
	RESERVED
CVE-2020-28067
	RESERVED
CVE-2020-28066
	RESERVED
CVE-2020-28065
	RESERVED
CVE-2020-28064
	RESERVED
CVE-2020-28063 (A file upload issue exists in all versions of ArticleCMS which allows  ...)
	NOT-FOR-US: ArticleCMS
CVE-2020-28062
	RESERVED
CVE-2020-28061
	RESERVED
CVE-2020-28060
	RESERVED
CVE-2020-28059
	RESERVED
CVE-2020-28058
	RESERVED
CVE-2020-28057
	RESERVED
CVE-2020-28056
	RESERVED
CVE-2020-28055 (A vulnerability in the TCL Android Smart TV series V8-R851T02-LF1 V295 ...)
	NOT-FOR-US: TCL Android Smart TV series
CVE-2020-28054 (JamoDat TSMManager Collector version up to 6.5.0.21 is vulnerable to a ...)
	NOT-FOR-US: JamoDat TSMManager Collector
CVE-2020-28053 (HashiCorp Consul and Consul Enterprise 1.2.0 up to 1.8.5 allowed opera ...)
	- consul 1.8.6+dfsg1-1 (bug #975584)
	[buster] - consul <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/hashicorp/consul/issues/9240
	NOTE: https://github.com/hashicorp/consul/blob/master/CHANGELOG.md#186-november-19-2020
CVE-2020-28052 (An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 an ...)
	- bouncycastle 1.65-2 (bug #977683)
	[buster] - bouncycastle <not-affected> (Vulnerability introduced later)
	[stretch] - bouncycastle <not-affected> (Vulnerability introduced later)
	NOTE: https://github.com/bcgit/bc-java/wiki/CVE-2020-28052
	NOTE: https://www.synopsys.com/blogs/software-security/cve-2020-28052-bouncy-castle/
	NOTE: Introduced in: https://github.com/bcgit/bc-java/commit/00dfe74aeb4f6300dd56b34b5e6986ce6658617e (r1rv65)
	NOTE: Fixed by: https://github.com/bcgit/bc-java/commit/97578f9b7ed277e6ecb58834e85e3d18385a4219 (r1rv67)
CVE-2020-28051
	RESERVED
CVE-2020-28050 (Zoho ManageEngine Desktop Central before build 10.0.647 allows a singl ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2020-28049 (An issue was discovered in SDDM before 0.19.0. It incorrectly starts t ...)
	{DSA-4783-1 DLA-2436-1}
	- sddm 0.19.0-1 (bug #973748)
	NOTE: https://www.openwall.com/lists/oss-security/2020/11/04/2
	NOTE: https://github.com/sddm/sddm/commit/be202f533ab98a684c6a007e8d5b4357846bc222
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1177201
CVE-2020-28048
	RESERVED
CVE-2020-28047 (AudimexEE before 14.1.1 is vulnerable to Reflected XSS (Cross-Site-Scr ...)
	NOT-FOR-US: AudimexEE
CVE-2020-27347 (In tmux before version 3.1c the function input_csi_dispatch_sgr_colon( ...)
	- tmux 3.1c-1
	[buster] - tmux <not-affected> (Vulnerable code introduced later)
	[stretch] - tmux <not-affected> (Vulnerable code introduced later)
	NOTE: https://www.openbsd.org/errata68.html (003: SECURITY FIX: October 29, 2020)
	NOTE: Introduced by: https://github.com/tmux/tmux/commit/4e3d6612845e190a490f40cce79c858dadaee74b (2.9)
	NOTE: Fixed by: https://github.com/tmux/tmux/commit/a868bacb46e3c900530bed47a1c6f85b0fbe701c
	NOTE: https://www.openwall.com/lists/oss-security/2020/11/05/3
CVE-2020-28046 (An issue was discovered in ProlinOS through 2.4.161.8859R. An attacker ...)
	NOT-FOR-US: ProlinOS
CVE-2020-28045 (An unsigned-library issue was discovered in ProlinOS through 2.4.161.8 ...)
	NOT-FOR-US: ProlinOS
CVE-2020-28044 (An attacker with physical access to a PAX Point Of Sale device with Pr ...)
	NOT-FOR-US: ProlinOS
CVE-2020-28043 (MISP through 2.4.133 allows SSRF in the REST client via the use_full_p ...)
	NOT-FOR-US: MISP
CVE-2020-28042 (ServiceStack before 5.9.2 mishandles JWT signature verification unless ...)
	NOT-FOR-US: ServiceStack
CVE-2020-28041 (The SIP ALG implementation on NETGEAR Nighthawk R7000 1.0.9.64_10.2.64 ...)
	NOT-FOR-US: Netgear
CVE-2020-28040 (WordPress before 5.5.2 allows CSRF attacks that change a theme's backg ...)
	{DSA-4784-1 DLA-2429-1}
	- wordpress 5.5.3+dfsg1-1 (bug #973562)
	NOTE: https://blog.wpscan.com/2020/10/30/wordpress-5.5.2-security-release.html
	NOTE: https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
CVE-2020-28039 (is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 al ...)
	{DSA-4784-1 DLA-2429-1}
	- wordpress 5.5.3+dfsg1-1 (bug #973562)
	NOTE: https://github.com/WordPress/wordpress-develop/commit/d5ddd6d4be1bc9fd16b7796842e6fb26315705ad
	NOTE: https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
	NOTE: https://wpscan.com/vulnerability/10452
CVE-2020-28038 (WordPress before 5.5.2 allows stored XSS via post slugs. ...)
	{DSA-4784-1 DLA-2429-1}
	- wordpress 5.5.3+dfsg1-1 (bug #973562)
	NOTE: https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
CVE-2020-28037 (is_blog_installed in wp-includes/functions.php in WordPress before 5.5 ...)
	{DSA-4784-1 DLA-2429-1}
	- wordpress 5.5.3+dfsg1-1 (bug #973562)
	NOTE: https://github.com/WordPress/wordpress-develop/commit/2ca15d1e5ce70493c5c0c096ca0c76503d6da07c
	NOTE: https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
	NOTE: https://wpscan.com/vulnerability/10450
CVE-2020-28036 (wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allow ...)
	{DSA-4784-1 DLA-2429-1}
	- wordpress 5.5.3+dfsg1-1 (bug #973562)
	NOTE: https://github.com/WordPress/wordpress-develop/commit/c9e6b98968025b1629015998d12c3102165a7d32
	NOTE: https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
	NOTE: https://wpscan.com/vulnerability/10449
CVE-2020-28035 (WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC ...)
	{DSA-4784-1 DLA-2429-1}
	- wordpress 5.5.3+dfsg1-1 (bug #973562)
	NOTE: https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
CVE-2020-28034 (WordPress before 5.5.2 allows XSS associated with global variables. ...)
	{DSA-4784-1 DLA-2429-1}
	- wordpress 5.5.3+dfsg1-1 (bug #973562)
	NOTE: https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
CVE-2020-28033 (WordPress before 5.5.2 mishandles embeds from disabled sites on a mult ...)
	{DSA-4784-1 DLA-2429-1}
	- wordpress 5.5.3+dfsg1-1 (bug #973562)
	NOTE: https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
CVE-2020-28032 (WordPress before 5.5.2 mishandles deserialization requests in wp-inclu ...)
	{DSA-4784-1 DLA-2429-1}
	- wordpress 5.5.3+dfsg1-1 (bug #973562)
	NOTE: https://github.com/WordPress/wordpress-develop/commit/add6bedf3a53b647d0ebda2970057912d3cd79d3
	NOTE: https://wordpress.org/news/2020/10/wordpress-5-5-2-security-and-maintenance-release/
	NOTE: https://wpscan.com/vulnerability/10446
CVE-2020-28031 (eramba through c2.8.1 allows HTTP Host header injection with (for exam ...)
	NOT-FOR-US: eramba
CVE-2020-28030 (In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was ...)
	{DLA-2547-1}
	- wireshark 3.2.8-0.1 (bug #974689)
	[buster] - wireshark 2.6.20-0+deb10u1
	NOTE: https://gitlab.com/wireshark/wireshark/-/commit/b287e7165e8aa89cde6ae37e7c257c5d87d16b9b
	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/16887
	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-15.html
CVE-2020-28029
	RESERVED
CVE-2020-28028
	RESERVED
CVE-2020-28027
	RESERVED
CVE-2020-28026 (Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, r ...)
	{DSA-4912-1 DLA-2650-1}
	- exim4 4.94.2-1
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/7
CVE-2020-28025 (Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkim_finish_bo ...)
	{DSA-4912-1 DLA-2650-1}
	- exim4 4.94.2-1
	NOTE: Introduced by: https://git.exim.org/exim.git/commit/80a47a2c9633437d4ceebd214cd44abfbd4f4543 (exim-4_70_RC3)
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/7
CVE-2020-28024 (Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unaut ...)
	{DSA-4912-1 DLA-2650-1}
	- exim4 4.94.2-1
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/7
CVE-2020-28023 (Exim 4 before 4.94.2 allows Out-of-bounds Read. smtp_setup_msg may dis ...)
	{DSA-4912-1 DLA-2650-1}
	- exim4 4.94.2-1
	NOTE: Introduced by: https://git.exim.org/exim.git/commit/18481de384caecff421f23f715be916403f5d0ee (exim-4_88_RC1)
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/7
CVE-2020-28022 (Exim 4 before 4.94.2 has Improper Restriction of Write Operations with ...)
	{DSA-4912-1 DLA-2650-1}
	- exim4 4.94.2-1
	NOTE: Introduced by: https://git.exim.org/exim.git/commit/d7a2c8337f7b615763d4429ab27653862756b6fb (exim-4_89_RC1)
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/7
CVE-2020-28021 (Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. A ...)
	{DSA-4912-1 DLA-2650-1}
	- exim4 4.94.2-1
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/7
CVE-2020-28020 (Exim 4 before 4.92 allows Integer Overflow to Buffer Overflow, in whic ...)
	{DLA-2650-1}
	- exim4 4.92~RC5-1
	NOTE: Fixed by: https://git.exim.org/exim.git/commit/56ac062a3ff94fc4e1bbfc2293119c079a4e980b (exim-4.92-RC5)
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/7
CVE-2020-28019 (Exim 4 before 4.94.2 has Improper Initialization that can lead to recu ...)
	{DSA-4912-1 DLA-2650-1}
	- exim4 4.94.2-1
	NOTE: Introduced by: https://git.exim.org/exim.git/commit/7e3ce68e68ab9b8906a637d352993abf361554e2 (exim-4_88_RC1)
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/7
CVE-2020-28018 (Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain si ...)
	- exim4 4.94.2-1 (unimportant)
	[buster] - exim4 4.92-8+deb10u6
	[stretch] - exim4 <not-affected> (Vulnerable code introduced later)
	NOTE: Introduced by: https://git.exim.org/exim.git/commit/a5ffa9b475a426bc73366db01f7cc92a3811bc3a (exim-4_90_RC1)
	NOTE: Debian Exim is built with GnuTLS, not OpenSSL.
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/7
CVE-2020-28017 (Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in rec ...)
	{DSA-4912-1 DLA-2650-1}
	- exim4 4.94.2-1
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/7
CVE-2020-28016 (Exim 4 before 4.94.2 allows an off-by-two Out-of-bounds Write because  ...)
	- exim4 4.94.2-1
	[buster] - exim4 <not-affected> (Vulnerable code introduced later)
	[stretch] - exim4 <not-affected> (Vulnerable code introduced later)
	NOTE: Introduced by: https://git.exim.org/exim.git/commit/3c90bbcdc7cf73298156f7bcd5f5e750e7814e72
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/7
CVE-2020-28015 (Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. L ...)
	{DSA-4912-1 DLA-2650-1}
	- exim4 4.94.2-1
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/7
CVE-2020-28014 (Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. The ...)
	{DSA-4912-1 DLA-2650-1}
	- exim4 4.94.2-1
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/7
CVE-2020-28013 (Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mish ...)
	{DSA-4912-1 DLA-2650-1}
	- exim4 4.94.2-1
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/7
CVE-2020-28012 (Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended  ...)
	{DSA-4912-1 DLA-2650-1}
	- exim4 4.94.2-1
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/7
CVE-2020-28011 (Exim 4 before 4.94.2 allows Heap-based Buffer Overflow in queue_run vi ...)
	{DSA-4912-1 DLA-2650-1}
	- exim4 4.94.2-1
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/7
CVE-2020-28010 (Exim 4 before 4.94.2 allows Out-of-bounds Write because the main funct ...)
	{DSA-4912-1}
	- exim4 4.94.2-1
	[stretch] - exim4 <not-affected> (Vulnerable code introduced later)
	NOTE: Introduced by: https://git.exim.org/exim.git/commit/805fd869d551c36d1d77ab2b292a7008d643ca79 (exim-4.92-RC1)
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/7
CVE-2020-28009 (Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow becaus ...)
	{DSA-4912-1 DLA-2650-1}
	- exim4 4.94.2-1
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/7
CVE-2020-28008 (Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Bec ...)
	{DSA-4912-1 DLA-2650-1}
	- exim4 4.94.2-1
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/7
CVE-2020-28007 (Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Bec ...)
	{DSA-4912-1 DLA-2650-1}
	- exim4 4.94.2-1
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/7
CVE-2020-25692 (A NULL pointer dereference was found in OpenLDAP server and was fixed  ...)
	{DSA-4782-1 DLA-2425-1}
	- openldap 2.4.55+dfsg-1
	NOTE: https://bugs.openldap.org/show_bug.cgi?id=9370
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/4c774220a752bf8e3284984890dc0931fe73165d
CVE-2020-28006
	RESERVED
CVE-2020-28005 (httpd on TP-Link TL-WPA4220 devices (hardware versions 2 through 4) al ...)
	NOT-FOR-US: TP-Link
CVE-2020-28004
	RESERVED
CVE-2020-28003
	RESERVED
CVE-2020-28002 (In SonarQube 8.4.2.36762, an external attacker can achieve authenticat ...)
	NOT-FOR-US: SonarQube
CVE-2020-28001 (SolarWinds Serv-U before 15.2.2 allows Authenticated Stored XSS. ...)
	NOT-FOR-US: SolarWinds
CVE-2020-28000
	RESERVED
CVE-2020-27999
	RESERVED
CVE-2020-27998 (An issue was discovered in FastReport before 2020.4.0. It lacks a Scri ...)
	NOT-FOR-US: FastReport
CVE-2020-27997 (An issue was discovered in SmartStoreNET before 4.1.0. Lack of Cross S ...)
	NOT-FOR-US: SmartStoreNET
CVE-2020-27996 (An issue was discovered in SmartStoreNET before 4.0.1. It does not pro ...)
	NOT-FOR-US: SmartStoreNET
CVE-2020-27995 (SQL Injection in Zoho ManageEngine Applications Manager 14 before 1456 ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2020-27994 (SolarWinds Serv-U before 15.2.2 allows Authenticated Directory Travers ...)
	NOT-FOR-US: SolarWinds
CVE-2020-27993 (Hrsale 2.0.0 allows download?type=files&amp;filename=../ directory tra ...)
	NOT-FOR-US: Hrsale
CVE-2020-27992 (Dr.Fone 3.0.0 allows local users to gain privileges via a Trojan horse ...)
	NOT-FOR-US: Dr.Fone
CVE-2020-27991 (Nagios XI before 5.7.5 is vulnerable to XSS in Account Information (Em ...)
	NOT-FOR-US: Nagios XI
CVE-2020-27990 (Nagios XI before 5.7.5 is vulnerable to XSS in the Deployment tool (ad ...)
	NOT-FOR-US: Nagios XI
CVE-2020-27989 (Nagios XI before 5.7.5 is vulnerable to XSS in Dashboard Tools (Edit D ...)
	NOT-FOR-US: Nagios XI
CVE-2020-27988 (Nagios XI before 5.7.5 is vulnerable to XSS in Manage Users (Username  ...)
	NOT-FOR-US: Nagios XI
CVE-2020-27987
	RESERVED
CVE-2020-27986 (** DISPUTED ** SonarQube 8.4.2.36762 allows remote attackers to discov ...)
	NOT-FOR-US: SonarQube
CVE-2020-27985 (Security Onion v2 prior to 2.3.10 has an incorrect sudo configuration, ...)
	NOT-FOR-US: Security Onion
CVE-2020-27984
	RESERVED
CVE-2020-27983
	RESERVED
CVE-2020-27982 (IceWarp 11.4.5.0 allows XSS via the language parameter. ...)
	NOT-FOR-US: IceWarp Webmail Server
CVE-2020-27981
	REJECTED
CVE-2020-27980 (Genexis Platinum-4410 P4410-V2-1.28 devices allow stored XSS in the WL ...)
	NOT-FOR-US: Genexis Platinum-4410 P4410-V2-1.28 devices
CVE-2020-27979
	RESERVED
CVE-2020-27978 (Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service  ...)
	NOT-FOR-US: Shibboleth Identify Provider (Debian only packages the SP)
CVE-2020-27977 (CapaSystems CapaInstaller before 6.0.101 does not properly assign, mod ...)
	NOT-FOR-US: CapaSystems CapaInstaller
CVE-2020-27976 (osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remot ...)
	NOT-FOR-US: osCommerce Phoenix CE
CVE-2020-27975 (osCommerce Phoenix CE before 1.0.5.4 allows admin/define_language.php  ...)
	NOT-FOR-US: osCommerce Phoenix CE
CVE-2020-27974 (NeoPost Mail Accounting Software Pro 5.0.6 allows php/Commun/FUS_SCM_B ...)
	NOT-FOR-US: NeoPost Mail Accounting Software Pro
CVE-2020-27973
	RESERVED
CVE-2020-27972
	RESERVED
CVE-2020-27971
	RESERVED
CVE-2020-27970 (Yandex Browser before 20.10.0 allows remote attackers to spoof the add ...)
	NOT-FOR-US: Yandex Browser
CVE-2020-27969 (Yandex Browser for Android 20.8.4 allows remote attackers to perform S ...)
	NOT-FOR-US: Yandex Browser
CVE-2020-27968
	RESERVED
CVE-2020-27967
	RESERVED
CVE-2020-27966
	RESERVED
CVE-2020-27965
	RESERVED
CVE-2020-27964
	RESERVED
CVE-2020-27963
	RESERVED
CVE-2020-27962
	RESERVED
CVE-2020-27961
	RESERVED
CVE-2020-27960
	RESERVED
CVE-2020-27959
	RESERVED
CVE-2020-27958
	RESERVED
CVE-2020-27957 (The RandomGameUnit extension for MediaWiki through 1.35 was not proper ...)
	NOT-FOR-US: MediaWiki extension
CVE-2020-27956 (An Arbitrary File Upload in the Upload Image component in SourceCodest ...)
	NOT-FOR-US: SourceCodester Car Rental Management System
CVE-2020-27955 (Git LFS 2.12.0 allows Remote Code Execution. ...)
	- git-lfs <not-affected> (Windows-specific)
	NOTE: https://legalhackers.com/advisories/Git-LFS-RCE-Exploit-CVE-2020-27955.html
CVE-2020-27954
	RESERVED
CVE-2020-27953
	RESERVED
CVE-2020-27952 (An out-of-bounds write was addressed with improved input validation. T ...)
	NOT-FOR-US: Apple
CVE-2020-27951 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2020-27950 (A memory initialization issue was addressed. This issue is fixed in ma ...)
	NOT-FOR-US: Apple
CVE-2020-27949 (This issue was addressed with improved checks to prevent unauthorized  ...)
	NOT-FOR-US: Apple
CVE-2020-27948 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-27947 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-27946 (An information disclosure issue was addressed with improved state mana ...)
	NOT-FOR-US: Apple
CVE-2020-27945 (An integer overflow was addressed with improved input validation. This ...)
	NOT-FOR-US: Apple
CVE-2020-27944 (A memory corruption issue existed in the processing of font files. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-27943 (A memory corruption issue existed in the processing of font files. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-27942 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-27941 (A validation issue was addressed with improved logic. This issue is fi ...)
	NOT-FOR-US: Apple
CVE-2020-27940 (This issue was addressed with improved file handling. This issue is fi ...)
	NOT-FOR-US: Apple
CVE-2020-27939 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2020-27938 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-27937 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-27936 (An out-of-bounds read issue existed that led to the disclosure of kern ...)
	NOT-FOR-US: Apple
CVE-2020-27935 (Multiple issues were addressed with improved logic. This issue is fixe ...)
	NOT-FOR-US: Apple
CVE-2020-27934
	RESERVED
CVE-2020-27933 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-27932 (A type confusion issue was addressed with improved state handling. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-27931 (A memory corruption issue existed in the processing of font files. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-27930 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-27929 (A logic issue existed in the handling of Group FaceTime calls. The iss ...)
	NOT-FOR-US: Apple
CVE-2020-27928
	RESERVED
CVE-2020-27927 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-27926 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2020-27925 (An issue existed in the handling of incoming calls. The issue was addr ...)
	NOT-FOR-US: Apple
CVE-2020-27924 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-27923 (An out-of-bounds write was addressed with improved input validation. T ...)
	NOT-FOR-US: Apple
CVE-2020-27922 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-27921 (A race condition was addressed with improved state handling. This issu ...)
	NOT-FOR-US: Apple
CVE-2020-27920 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2020-27919 (An out-of-bounds write was addressed with improved input validation. T ...)
	NOT-FOR-US: Apple
CVE-2020-27918 (A use after free issue was addressed with improved memory management.  ...)
	{DSA-4877-1}
	- webkit2gtk 2.30.6-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	- wpewebkit 2.30.6-1
	NOTE: https://webkitgtk.org/security/WSA-2021-0002.html
CVE-2020-27917 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2020-27916 (An out-of-bounds write was addressed with improved input validation. T ...)
	NOT-FOR-US: Apple
CVE-2020-27915 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-27914 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-27913
	RESERVED
CVE-2020-27912 (An out-of-bounds write was addressed with improved input validation. T ...)
	NOT-FOR-US: Apple
CVE-2020-27911 (An integer overflow was addressed through improved input validation. T ...)
	NOT-FOR-US: Apple
CVE-2020-27910 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-27909 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-27908 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-27907 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2020-27906 (Multiple integer overflows were addressed with improved input validati ...)
	NOT-FOR-US: Apple
CVE-2020-27905 (A memory corruption issue was addressed with improved state management ...)
	NOT-FOR-US: Apple
CVE-2020-27904 (A logic issue existed resulting in memory corruption. This was address ...)
	NOT-FOR-US: Apple
CVE-2020-27903 (This issue was addressed by removing the vulnerable code. This issue i ...)
	NOT-FOR-US: Apple
CVE-2020-27902 (An authentication issue was addressed with improved state management.  ...)
	NOT-FOR-US: Apple
CVE-2020-27901 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Apple
CVE-2020-27900 (An issue existed in the handling of snapshots. The issue was resolved  ...)
	NOT-FOR-US: Apple
CVE-2020-27899 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2020-27898 (A denial of service issue was addressed with improved state handling.  ...)
	NOT-FOR-US: Apple
CVE-2020-27897 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-27896 (A path handling issue was addressed with improved validation. This iss ...)
	NOT-FOR-US: Apple
CVE-2020-27895 (An information disclosure issue existed in the transition of program s ...)
	NOT-FOR-US: Apple
CVE-2020-27894 (The issue was addressed with additional user controls. This issue is f ...)
	NOT-FOR-US: Apple
CVE-2020-27893 (An issue existed in screen sharing. This issue was addressed with impr ...)
	NOT-FOR-US: Apple
CVE-2020-27892 (The Zigbee protocol implementation on Texas Instruments CC2538 devices ...)
	NOT-FOR-US: Texas Instruments CC2538 devices
CVE-2020-27891 (The Zigbee protocol implementation on Texas Instruments CC2538 devices ...)
	NOT-FOR-US: Texas Instruments CC2538 devices
CVE-2020-27890 (The Zigbee protocol implementation on Texas Instruments CC2538 devices ...)
	NOT-FOR-US: Texas Instruments CC2538 devices
CVE-2020-27889
	RESERVED
CVE-2020-27888 (An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC- ...)
	NOT-FOR-US: Ubiquiti
CVE-2020-27887 (An issue was discovered in EyesOfNetwork 5.3 through 5.3-8. An authent ...)
	NOT-FOR-US: EyesOfNetwork (EON)
CVE-2020-27886 (An issue was discovered in EyesOfNetwork eonweb 5.3-7 through 5.3-8. T ...)
	NOT-FOR-US: EyesOfNetwork (EON)
CVE-2020-27885 (Cross-Site Scripting (XSS) vulnerability on WSO2 API Manager 3.1.0. By ...)
	NOT-FOR-US: WSO2 API Manager
CVE-2020-27884
	RESERVED
CVE-2020-27883
	RESERVED
CVE-2020-27882
	RESERVED
CVE-2020-27881
	RESERVED
CVE-2020-27880
	RESERVED
CVE-2020-27879
	RESERVED
CVE-2020-27878
	RESERVED
CVE-2020-27877
	RESERVED
CVE-2020-27876
	RESERVED
CVE-2020-27875
	RESERVED
CVE-2020-27874 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: WeChat
CVE-2020-27873 (This vulnerability allows network-adjacent attackers to disclose sensi ...)
	NOT-FOR-US: Netgear
CVE-2020-27872 (This vulnerability allows network-adjacent attackers to bypass authent ...)
	NOT-FOR-US: Netgear
CVE-2020-27871 (This vulnerability allows remote attackers to create arbitrary files o ...)
	NOT-FOR-US: SolarWinds
CVE-2020-27870 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: SolarWinds
CVE-2020-27869 (This vulnerability allows remote attackers to escalate privileges on a ...)
	NOT-FOR-US: SolarWinds
CVE-2020-27868 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Qognify
CVE-2020-27867 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
	NOT-FOR-US: Netgear
CVE-2020-27866 (This vulnerability allows network-adjacent attackers to bypass authent ...)
	NOT-FOR-US: Netgear
CVE-2020-27865 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
	NOT-FOR-US: D-Link
CVE-2020-27864 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
	NOT-FOR-US: D-Link
CVE-2020-27863 (This vulnerability allows network-adjacent attackers to disclose sensi ...)
	NOT-FOR-US: D-Link
CVE-2020-27862 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
	NOT-FOR-US: D-Link
CVE-2020-27861 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
	NOT-FOR-US: Netgear
CVE-2020-27860 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-27859 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: NEC ESMPRO Manager
CVE-2020-27858 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: CA Arcserve
CVE-2020-27857 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2020-27856 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit
CVE-2020-27855 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit
CVE-2020-27854
	RESERVED
CVE-2020-27853 (Wire before 2020-10-16 allows remote attackers to cause a denial of se ...)
	NOT-FOR-US: Wire app
CVE-2020-27852 (A stored Cross-Site Scripting (XSS) vulnerability in the survey featur ...)
	NOT-FOR-US: Rocketgenius Gravity Forms
CVE-2020-27851 (Multiple stored HTML injection vulnerabilities in the "poll" and "quiz ...)
	NOT-FOR-US: Rocketgenius Gravity Forms
CVE-2020-27850 (A stored Cross-Site Scripting (XSS) vulnerability in forms import feat ...)
	NOT-FOR-US: Rocketgenius Gravity Forms
CVE-2020-27849
	RESERVED
CVE-2020-27848 (dotCMS before 20.10.1 allows SQL injection, as demonstrated by the /ap ...)
	NOT-FOR-US: dotCMS
CVE-2020-27847 (A vulnerability exists in the SAML connector of the github.com/dexidp/ ...)
	NOT-FOR-US: github.com/dexidp/dex
CVE-2020-27846 (A signature verification vulnerability exists in crewjam/saml. This fl ...)
	NOT-FOR-US: github.com/crewjam/saml
CVE-2020-27845 (There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior t ...)
	{DSA-4882-1 DLA-2550-1}
	- openjpeg2 2.4.0-1
	NOTE: https://github.com/uclouvain/openjpeg/issues/1302
	NOTE: https://github.com/uclouvain/openjpeg/commit/8f5aff1dff510a964d3901d0fba281abec98ab63 (v2.4.0)
CVE-2020-27844 (A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior  ...)
	- openjpeg2 <not-affected> (Vulnerable code introduced and fixed in 2.4.0)
	NOTE: https://github.com/uclouvain/openjpeg/issues/1299
	NOTE: Fixed by: https://github.com/uclouvain/openjpeg/commit/73fdf28342e4594019af26eb6a347a34eceb6296 (v2.4.0)
	NOTE: Introduced by: https://github.com/uclouvain/openjpeg/commit/4edb8c83374f52cd6a8f2c7c875e8ffacccb5fa5
CVE-2020-27843 (A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw all ...)
	{DSA-4882-1}
	- openjpeg2 2.4.0-1 (bug #983663)
	[stretch] - openjpeg2 <no-dsa> (Minor issue)
	NOTE: https://github.com/uclouvain/openjpeg/issues/1297
	NOTE: Partial fix (preventing the out of bounds access): https://github.com/uclouvain/openjpeg/commit/38d661a3897052c7ff0b39b30c29cb067e130121 (2.4.0)
CVE-2020-27842 (There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An ...)
	{DSA-4882-1}
	- openjpeg2 2.4.0-1
	[stretch] - openjpeg2 <no-dsa> (Minor issue)
	NOTE: https://github.com/uclouvain/openjpeg/issues/1294
CVE-2020-27841 (There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openj ...)
	{DSA-4882-1 DLA-2550-1}
	- openjpeg2 2.4.0-1
	NOTE: https://github.com/uclouvain/openjpeg/issues/1293
	NOTE: https://github.com/rouault/openjpeg/commit/00383e162ae2f8fc951f5745bf1011771acb8dce (v2.4.0)
CVE-2020-27840 (A flaw was found in samba. Spaces used in a string around a domain nam ...)
	{DSA-4884-1 DLA-2611-1}
	- ldb 2:2.2.0-3.1 (bug #985936)
	- samba <unfixed> (unimportant)
	NOTE: https://www.samba.org/samba/security/CVE-2020-27840.html
	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14595
	NOTE: https://git.samba.org/?p=samba.git;a=commitdiff;h=1996b79f376b459bb964a6344ca5f264e7d6e2ec
	NOTE: https://git.samba.org/?p=samba.git;a=commitdiff;h=dbb3e65f7e382adf5fa6a6afb3d8684aca3f201a
	NOTE: https://git.samba.org/?p=samba.git;a=commitdiff;h=9532c44baea130db74f866e1472cb871936cd3dd
	NOTE: Samba uses the System ldb library
CVE-2020-27839 (A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for  ...)
	- ceph 14.2.18-1 (bug #985670)
	[buster] - ceph <no-dsa> (Minor issue)
	[stretch] - ceph <not-affected> (dashboard introduced in 12.1.0)
	NOTE: https://tracker.ceph.com/issues/44591
	NOTE: https://github.com/ceph/ceph/pull/38259
	NOTE: https://github.com/ceph/ceph/commit/23f2604d6f9ac16779b4ac43aab6e4e434f2e8ec
	NOTE: https://github.com/ceph/ceph/commit/843b2e9cd4cb996165d1818ebff125f1414f90c5 (nautilus)
CVE-2020-27838 (A flaw was found in keycloak in versions prior to 13.0.0. The client r ...)
	NOT-FOR-US: Keycloak
CVE-2020-27837 (A flaw was found in GDM in versions prior to 3.38.2.1. A race conditio ...)
	- gdm3 3.38.2.1-1
	[buster] - gdm3 <no-dsa> (Minor issue)
	[stretch] - gdm3 <no-dsa> (Minor issue)
	NOTE: https://gitlab.gnome.org/GNOME/gdm/-/issues/660
	NOTE: https://gitlab.gnome.org/GNOME/gdm/-/commit/dcdbaaa04012541ad2813cf83559d91d52f208b9 (master)
	NOTE: https://gitlab.gnome.org/GNOME/gdm/-/commit/9b6d9b24a5f69674447c7bc9aacfab0988b914bd (3.38.2.1)
CVE-2020-27836
	RESERVED
	NOT-FOR-US: OpenShift
CVE-2020-27835 (A use after free in the Linux kernel infiniband hfi1 driver in version ...)
	- linux 5.9.15-1
	NOTE: https://git.kernel.org/linus/3d2a9d642512c21a12d19b9250e7a835dcb41a79
CVE-2020-27834 [attacker can send the same request over and over again without changing the CSRF token]
	RESERVED
	NOTE: Bogus report for Zabbix, no actionable information:
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1907497
	NOTE: http://almorabea.net/cves/zabbix.txt
CVE-2020-27833 (A Zip Slip vulnerability was found in the oc binary in openshift-clien ...)
	NOT-FOR-US: OpenShift
CVE-2020-27832 (A flaw was found in Red Hat Quay, where it has a persistent Cross-site ...)
	NOT-FOR-US: Quay
CVE-2020-27831 (A flaw was found in Red Hat Quay, where it does not properly protect t ...)
	NOT-FOR-US: Quay
CVE-2020-27830 (A vulnerability was found in Linux Kernel where in the spk_ttyio_recei ...)
	{DSA-4843-1 DLA-2557-1}
	- linux 5.9.15-1
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://www.openwall.com/lists/oss-security/2020/12/07/1
	NOTE: https://git.kernel.org/linus/f0992098cadb4c9c6a00703b66cafe604e178fea
CVE-2020-27829 (A heap based buffer overflow in coders/tiff.c may result in program cr ...)
	- imagemagick 8:6.9.11.57+dfsg-1
	[buster] - imagemagick <not-affected> (Vulnerable code not present)
	[stretch] - imagemagick <not-affected> (vulnerable code was introduced later)
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/6ee5059cd3ac8d82714a1ab1321399b88539abf0
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/e30be60bd97313b80e2701239728a3f47c570817
	NOTE: Introduced in https://github.com/ImageMagick/ImageMagick6/commit/b874d50070557eb98bdc6a3095ef4769af583dd2
CVE-2020-27828 (There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Cr ...)
	- jasper <removed>
	NOTE: https://github.com/jasper-software/jasper/issues/252
	NOTE: https://github.com/jasper-software/jasper/pull/253
CVE-2020-27827 (A flaw was found in multiple versions of OpenvSwitch. Specially crafte ...)
	{DSA-4836-1 DLA-2571-1}
	- lldpd 1.0.8-1
	[buster] - lldpd <no-dsa> (Minor issue)
	[stretch] - lldpd <no-dsa> (Minor issue)
	- openvswitch 2.15.0~git20210104.def6eb1ea+dfsg1-4 (bug #980132)
	NOTE: https://github.com/openvswitch/ovs/pull/337
	NOTE: https://github.com/lldpd/lldpd/commit/a8d3c90feca548fc0656d95b5d278713db86ff61
	NOTE: https://mail.openvswitch.org/pipermail/ovs-announce/2021-January/000269.html
	NOTE: https://github.com/openvswitch/ovs/commit/78e712c0b1dacc2f12d2a03d98f083d8672867f0
CVE-2020-27826 (A flaw was found in Keycloak before version 12.0.0 where it is possibl ...)
	NOT-FOR-US: Keycloak
CVE-2020-27825 (A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux ...)
	{DSA-4843-1 DLA-2586-1 DLA-2557-1}
	- linux 5.9.6-1
	NOTE: https://git.kernel.org/linus/bbeb97464eefc65f506084fd9f18f21653e01137
CVE-2020-27824 (A flaw was found in OpenJPEG&#8217;s encoder in the opj_dwt_calc_expli ...)
	{DSA-4882-1 DLA-2550-1}
	- openjpeg2 2.4.0-1
	NOTE: https://github.com/uclouvain/openjpeg/issues/1286
	NOTE: https://github.com/uclouvain/openjpeg/commit/6daf5f3e1ec6eff03b7982889874a3de6617db8d (v2.4.0)
CVE-2020-27823 (A flaw was found in OpenJPEG&#8217;s encoder. This flaw allows an atta ...)
	{DSA-4882-1 DLA-2550-1}
	- openjpeg2 2.4.0-1
	NOTE: https://github.com/uclouvain/openjpeg/issues/1284
	NOTE: https://github.com/uclouvain/openjpeg/commit/b2072402b7e14d22bba6fb8cde2a1e9996e9a919 (v2.4.0)
CVE-2020-27822 (A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.1.0.Fi ...)
	- wildfly <itp> (bug #752018)
CVE-2020-27821 (A flaw was found in the memory management API of QEMU during the initi ...)
	- qemu 1:5.2+dfsg-3 (bug #977616)
	[buster] - qemu <postponed> (Fix along in future update)
	[stretch] - qemu <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1902651
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=4bfb024bc76973d40a359476dc0291f46e435442
	NOTE: Introduced by: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=48564041a73adbbff52834f9edbe3806fceefab7 (v3.0)
CVE-2020-27820 (A vulnerability was found in Linux kernel, where a use-after-frees in  ...)
	- linux 5.15.5-1 (unimportant)
	[bullseye] - linux 5.10.84-1
	NOTE: No security impact, requires physical access to the computer
CVE-2020-27819 (An issue was discovered in libxls before and including 1.6.1 when read ...)
	- r-cran-readxl <not-affected> (Embeds libxls, but not affected)
	NOTE: https://github.com/libxls/libxls/issues/84
CVE-2020-27818 (A flaw was found in the check_chunk_name() function of pngcheck-2.4.0. ...)
	- pngcheck 2.3.0-13 (bug #976350)
	[buster] - pngcheck 2.3.0-7+deb10u1
	[stretch] - pngcheck <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1902011
	NOTE: Patch applied in Fedora: https://src.fedoraproject.org/rpms/pngcheck/blob/cc48791e34201caf7b686084b735d06cef66c974/f/pngcheck-2.4.0-overflow-bz1897485.patch
CVE-2020-27817
	REJECTED
CVE-2020-27816 (The elasticsearch-operator does not validate the namespace where kiban ...)
	NOT-FOR-US: OpenShift Elasticsearch operator
CVE-2020-27815 (A flaw was found in the JFS filesystem code in the Linux Kernel which  ...)
	{DSA-4843-1 DLA-2586-1 DLA-2557-1}
	- linux 5.10.4-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/11/30/5
CVE-2020-27814 (A heap-buffer overflow was found in the way openjpeg2 handled certain  ...)
	{DSA-4882-1 DLA-2550-1}
	- openjpeg2 2.4.0-1
	NOTE: https://github.com/uclouvain/openjpeg/issues/1283
	NOTE: https://github.com/uclouvain/openjpeg/commit/eaa098b59b346cb88e4d10d505061f669d7134fc (v2.4.0)
	NOTE: https://github.com/uclouvain/openjpeg/commit/15cf3d95814dc931ca0ecb132f81cb152e051bae (v2.4.0)
	NOTE: https://github.com/uclouvain/openjpeg/commit/649298dcf84b2f20cfe458d887c1591db47372a6
	NOTE: https://github.com/uclouvain/openjpeg/commit/4ce7d285a55d29b79880d0566d4b010fe1907aa9
CVE-2020-27813 (An integer overflow vulnerability exists with the length of websocket  ...)
	{DLA-2520-1}
	- golang-github-gorilla-websocket <not-affected> (Fixed with first upload to Debian with renamed source package)
	- golang-websocket <removed>
	NOTE: https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh
	NOTE: https://github.com/gorilla/websocket/commit/5b740c29263eb386f33f265561c8262522f19d37 (v1.4.1)
CVE-2020-27812
	RESERVED
CVE-2020-27811
	RESERVED
CVE-2020-27810
	RESERVED
CVE-2020-27809
	RESERVED
CVE-2020-27808
	RESERVED
CVE-2020-27807
	RESERVED
CVE-2020-27806
	RESERVED
CVE-2020-27805
	RESERVED
CVE-2020-27804
	RESERVED
CVE-2020-27803
	RESERVED
CVE-2020-27802
	RESERVED
CVE-2020-27801
	RESERVED
CVE-2020-27800
	RESERVED
CVE-2020-27799
	RESERVED
CVE-2020-27798
	RESERVED
CVE-2020-27797
	RESERVED
CVE-2020-27796
	RESERVED
CVE-2020-27795
	RESERVED
CVE-2020-27794
	RESERVED
CVE-2020-27793
	RESERVED
CVE-2020-27792
	RESERVED
CVE-2020-27791
	RESERVED
CVE-2020-27790
	RESERVED
CVE-2020-27789
	RESERVED
CVE-2020-27788
	RESERVED
CVE-2020-27787
	RESERVED
CVE-2020-27786 (A flaw was found in the Linux kernel&#8217;s implementation of MIDI, w ...)
	- linux 5.6.14-1
	[buster] - linux 4.19.131-1
	[stretch] - linux 4.9.228-1
	NOTE: https://git.kernel.org/linus/c1f6e3c818dd734c30f6a7eeebf232ba2cf3181d
CVE-2020-27785
	REJECTED
CVE-2020-27784
	RESERVED
CVE-2020-27783 (A XSS vulnerability was discovered in python-lxml's clean module. The  ...)
	{DSA-4810-1 DLA-2467-1}
	- lxml 4.6.2-1
	NOTE: https://github.com/lxml/lxml/commit/89e7aad6e7ff9ecd88678ff25f885988b184b26e (lxml-4.6.1)
	NOTE: https://github.com/lxml/lxml/commit/a105ab8dc262ec6735977c25c13f0bdfcdec72a7 (lxml-4.6.2)
CVE-2020-27782 (A flaw was found in the Undertow AJP connector. Malicious requests and ...)
	- undertow 2.2.4-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1901304
	NOTE: https://issues.redhat.com/browse/UNDERTOW-1824
	NOTE: https://github.com/undertow-io/undertow/commit/fdac349cbcd1da41fe8b9d4e7ebbab6879990c2a (2.2.4.Final)
CVE-2020-27781 (User credentials can be manipulated and stolen by Native CephFS consum ...)
	- ceph 14.2.16-1 (bug #985670)
	[buster] - ceph <no-dsa> (Minor issue)
	[stretch] - ceph <postponed> (Minor issue)
	NOTE: https://bugs.launchpad.net/manila/+bug/1904015
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1900109
	NOTE: https://github.com/ceph/ceph/commit/1b8a634fdcd94dfb3ba650793fb1b6d09af65e05 (octopus)
	NOTE: https://github.com/ceph/ceph/commit/7e3e4e73783a98bb07ab399438eb3aab41a6fc8b (nautilus)
	NOTE: https://github.com/ceph/ceph/commit/956ceb853a58f6b6847b31fac34f2f0228a70579 (luminous)
CVE-2020-27780 (A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it ...)
	- pam <not-affected> (Only affects 1.5.0)
	NOTE: https://github.com/linux-pam/linux-pam/issues/284
	NOTE: Introduced by: https://github.com/linux-pam/linux-pam/commit/af0faf666c5008e54dfe43684f210e3581ff1bca (v1.5.0)
	NOTE: Fixed by: https://github.com/linux-pam/linux-pam/commit/30fdfb90d9864bcc254a62760aaa149d373fd4eb
CVE-2020-27779 (A flaw was found in grub2 in versions prior to 2.06. The cutmem comman ...)
	{DSA-4867-1}
	- grub2 2.04-16
	[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
CVE-2020-27778 (A flaw was found in Poppler in the way certain PDF files were converte ...)
	- poppler 0.85.0-2
	[buster] - poppler <postponed> (Minor issue)
	[stretch] - poppler <postponed> (Minor issue; maybe worth fixing later)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/-/issues/742
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/-/commit/30c731b487190c02afff3f036736a392eb60cd9a (poppler-0.76.0)
CVE-2020-27777 (A flaw was found in the way RTAS handled memory accesses in userspace  ...)
	{DLA-2483-1}
	- linux 5.9.6-1
	[buster] - linux 4.19.160-1
	[stretch] - linux <ignored> (Only an issue when Secure Boot is implemented)
	NOTE: https://git.kernel.org/linus/bd59380c5ba4147dcbaad3e582b55ccfd120b764
CVE-2020-27776 (A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker ...)
	{DLA-2602-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1736
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/0c92913ec5705300943703f1795f34c0cc25164e
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/3e21bc8a58b4ae38d24c7e283837cc279f35b6a5
CVE-2020-27775 (A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker w ...)
	{DLA-2602-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1737
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/a2166bfb1049bac4c0f7b8b5d3ef86a1f48470b2
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/78d9987ae80a95865c9f139afde0dcf3fd832ddc
CVE-2020-27774 (A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker ...)
	{DLA-2602-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1743
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/29cee9152d1b5487cfd19443ca48935eea0cabe2
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/052175e4b190598141fbcc64641cd5ee4db3602d
CVE-2020-27773 (A flaw was found in ImageMagick in MagickCore/gem-private.h. An attack ...)
	{DLA-2523-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1739
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/3d71aa8265ffaaf686021a6fbd54c037f71ee3a2
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/be6ffd9f283c2681d74469db8b000701665cf034
CVE-2020-27772 (A flaw was found in ImageMagick in coders/bmp.c. An attacker who submi ...)
	{DLA-2602-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1749
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/a1142af44f61c038ad3eccc099c5b9548b507846
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/7f819ef8855608d9cb1ded5e4f30cdfff1da7c11
CVE-2020-27771 (In RestoreMSCWarning() of /coders/pdf.c there are several areas where  ...)
	{DLA-2602-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1753
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/872ffe6d0131beec8b47568a4874ffaca91a872e
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/9dd1c7e1f8f6c137bfd3293be2554f59456c7b62
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/a07ecde4c1c3a3efaa628434adc903295f6bb2b3
CVE-2020-27770 (Due to a missing check for 0 value of `replace_extent`, it is possible ...)
	{DLA-2602-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1721
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/be90a5395695f0d19479a5d46b06c678be7f7927
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/c01495f91ac71c5205f52713430b68e80d851149
CVE-2020-27769 (In ImageMagick versions before 7.0.9-0, there are outside the range of ...)
	{DLA-2602-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1740
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/7b058696133c6d36e0b48a454e357482db71982e
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/7661113a654c9c822c23a8fb8aa1b021fc7fbe9d
CVE-2020-27768 (In ImageMagick, there is an outside the range of representable values  ...)
	{DLA-2602-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1751
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/95d4e94e0353e503b71a53f5e6fad173c7c70c90
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/8c6e86f81968fab1710317d87b00c608108e6a2a
CVE-2020-27767 (A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker w ...)
	{DLA-2602-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1741
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/564f2a35e523e2b6cce9485018157f03ec05a947
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/c2f66e7fc9189a652f77a021bd047c4146d634d1
CVE-2020-27766 (A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker ...)
	{DLA-2602-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1734
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/29cee9152d1b5487cfd19443ca48935eea0cabe2
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/052175e4b190598141fbcc64641cd5ee4db3602d
	NOTE: Same fix as CVE-2020-27774
CVE-2020-27765 (A flaw was found in ImageMagick in MagickCore/segment.c. An attacker w ...)
	{DLA-2523-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1730
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/a4c89f2a61069ad7637bc7749cc1a839de442526
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/4321934be544bc2888c6799fd6b50d8188a3d832
CVE-2020-27764 (In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOp ...)
	{DLA-2602-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1735
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/3e21bc8a58b4ae38d24c7e283837cc279f35b6a5
CVE-2020-27763 (A flaw was found in ImageMagick in MagickCore/resize.c. An attacker wh ...)
	{DLA-2523-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1718
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/43539e67a47d2f8de832d33a5b26dc2a7a12294f
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/cc0944d57f846c839905d573503ab055b34090e4
CVE-2020-27762 (A flaw was found in ImageMagick in coders/hdr.c. An attacker who submi ...)
	{DLA-2602-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1713
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/7db3fa20893d557259da6e99e111954de83d2495
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/3e10f7c3c9f0394dfd6ebd372bc34a172dabc8ff
CVE-2020-27761 (WritePALMImage() in /coders/palm.c used size_t casts in several areas  ...)
	{DLA-2602-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1726
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/db5e12e24f1378ce8c93a5c35991dcdd23a67bb0
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/14c90fb315eb3666a4cf6d784cbde74c69c934ec
CVE-2020-27760 (In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` v ...)
	{DLA-2523-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1717
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/c5fcdea6a6ae27cf3db20c28b176e87b1a584e06
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/83cd04f580ccf4cc194813777c1fcfba78e602aa
CVE-2020-27759 (In IntensityCompare() of /MagickCore/quantize.c, a double value was be ...)
	{DLA-2602-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1720
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/d44f8a35558951a21367d306a42e5a097f3a43fe
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/460dea07066e2001bc4671fcd8d53233f0fc29b3
CVE-2020-27758 (A flaw was found in ImageMagick in coders/txt.c. An attacker who submi ...)
	{DLA-2602-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1719
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/f0a8d407b2801174fd8923941a9e7822f7f9a506
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/e5e15b4456c825f78554e2ef1cc6344fa1218448
CVE-2020-27757 (A floating point math calculation in ScaleAnyToQuantum() of /MagickCor ...)
	{DLA-2602-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1712
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/e88532bd4418e95b70cbc415fe911d22ab27a5fd
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/ded073520c133421f842160d3a9e207788f55a90
CVE-2020-27756 (In ParseMetaGeometry() of MagickCore/geometry.c, image height and widt ...)
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	[stretch] - imagemagick <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1725
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/f35eca82b0c294ff9d0ccad104a881c3ae2ba913
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/d3d96f05950275b916207bf9df03640ef3e9fd6e
	NOTE: Introduced in https://github.com/ImageMagick/ImageMagick6/commit/7dd318e6f7f86eb41e474e3131c59ea26af6c1b2 (6.9.9-34)
CVE-2020-27755 (in SetImageExtent() of /MagickCore/image.c, an incorrect image depth s ...)
	- imagemagick 8:6.9.11.24+dfsg-1 (unimportant)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1756
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/f28e9e56e1b56d4e1f09d2a56d70892ae295d6a4
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/f9191f9e388330c8e22661b42092cc78a29a5d6f
CVE-2020-27754 (In IntensityCompare() of /magick/quantize.c, there are calls to PixelP ...)
	{DLA-2602-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1754
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick6/commit/d5df600d43c8706df513a3273d09aee6f54a9233
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/d5df600d43c8706df513a3273d09aee6f54a9233
CVE-2020-27753 (There are several memory leaks in the MIFF coder in /coders/miff.c due ...)
	- imagemagick 8:6.9.11.24+dfsg-1 (unimportant)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1757
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/bb3acad195de95db86c7509d8072db01890470e0
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/6f5d3d2cd94eb8361e07546c4bf72cb60681b984
CVE-2020-27752 (A flaw was found in ImageMagick in MagickCore/quantum-private.h. An at ...)
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	[stretch] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1752
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/a9d563d3d73874312080d30dc4ba07cecad56192
	NOTE: CVE-2020-27752 and CVE-2020-25664 were not reproducible by upstream.
	NOTE: Previous patch was reverted. Original POC no longer available. It is
	NOTE: impossible to determine whether there was a possible security vulnerability
	NOTE: in the first place.
CVE-2020-27751 (A flaw was found in ImageMagick in MagickCore/quantum-export.c. An att ...)
	{DLA-2672-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1727
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/f60d59cc3a7e3402d403361e0985ffa56f746a82
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/879bb6a13ece5508cd983bc3d64ced23900b60ee
CVE-2020-27750 (A flaw was found in ImageMagick in MagickCore/colorspace-private.h and ...)
	{DLA-2523-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1711
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/a81ca9a1b46a96be83682af3389f0a6f3d0d389d
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/c7038e710ad0204d6cb37a0229fc55f6f8a8662f
CVE-2020-27749 (A flaw was found in grub2 in versions prior to 2.06. Variable names pr ...)
	{DSA-4867-1}
	- grub2 2.04-16
	[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
CVE-2020-27748 (A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1 and ...)
	- xdg-utils <unfixed> (bug #975370)
	[bullseye] - xdg-utils <postponed> (Minor issue; regression potential; revisit when fixed upstream)
	[buster] - xdg-utils <postponed> (Minor issue; regression potential; revisit when fixed upstream)
	[stretch] - xdg-utils <postponed> (Minor issue; regression potential; revisit when fixed upstream)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1899769
	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1613425
	NOTE: https://gitlab.freedesktop.org/xdg/xdg-utils/-/issues/177
	NOTE: Introduced by: https://gitlab.freedesktop.org/xdg/xdg-utils/-/commit/53bd27e8d0ab37f64638d27a8ddd328a297351fe
	NOTE: Proposed change: https://gitlab.freedesktop.org/xdg/xdg-utils/-/merge_requests/28
CVE-2020-27747 (An issue was discovered in Click Studios Passwordstate 8.9 (Build 8973 ...)
	NOT-FOR-US: Click Studios Passwordstate
CVE-2020-27746 (Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Informa ...)
	{DSA-4841-1}
	- slurm-wlm <not-affected> (Fixed with first upload to Debian with renamed source package)
	- slurm-llnl <removed> (bug #974722)
	[stretch] - slurm-llnl <not-affected> (Vulnerable code introduced later)
	NOTE: https://www.schedmd.com/news.php?id=240
	NOTE: https://lists.schedmd.com/pipermail/slurm-announce/2020/000045.html
	NOTE: https://github.com/SchedMD/slurm/commit/07309deb45c33e735e191faf9dd31cca1054a15c
	NOTE: slurm-wlm/20.02.6-1 changed the source package name and included the fix
	NOTE: Introduced by: https://github.com/SchedMD/slurm/commit/e3140b7f8d96ced9dc85089caa65dd7c6be396fd (slurm-17-11-0-0rc1)
CVE-2020-27745 (Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflo ...)
	{DSA-4841-1 DLA-2886-1}
	- slurm-wlm <not-affected> (Fixed with first upload to Debian with renamed source package)
	- slurm-llnl <removed> (bug #974721)
	NOTE: https://www.schedmd.com/news.php?id=240
	NOTE: https://lists.schedmd.com/pipermail/slurm-announce/2020/000045.html
	NOTE: https://github.com/SchedMD/slurm/commit/c3142dd87e06621ff148791c3d2f298b5c0b3a81
	NOTE: slurm-wlm/20.02.6-1 changed the source package name and included the fix
CVE-2020-27744 (An issue was discovered on Western Digital My Cloud NAS devices before ...)
	NOT-FOR-US: Western Digital My Cloud NAS devices
CVE-2020-27743 (libtac in pam_tacplus through 1.5.1 lacks a check for a failure of RAN ...)
	- libpam-tacplus <not-affected> (Vulnerable code added later)
	NOTE: https://github.com/kravietz/pam_tacplus/pull/163
	NOTE: https://github.com/kravietz/pam_tacplus/security/advisories/GHSA-rp3p-jm35-jv76
	NOTE: Introduced with: https://github.com/kravietz/pam_tacplus/commit/6fac2504657b8d98fcd627d60ebdbffcf0253b81 (v1.5.0-beta.1)
	NOTE: Fixed by: https://github.com/kravietz/pam_tacplus/commit/c9bed7496e81e550ee22746f23bbb11be2e046ed (v1.6.1)
	NOTE: Fixed by: https://github.com/kravietz/pam_tacplus/commit/bceaab0cd51a09b88f40f19da799ac7390264bf8 (v1.6.1)
CVE-2020-27742 (An Insecure Direct Object Reference vulnerability in Citadel WebCit th ...)
	- webcit <removed> (bug #973385)
	[buster] - webcit <ignored> (Minor issue)
	[stretch] - webcit <ignored> (Minor issue)
CVE-2020-27741 (Multiple cross-site scripting (XSS) vulnerabilities in Citadel WebCit  ...)
	- webcit <removed> (bug #973385)
	[buster] - webcit <ignored> (Minor issue)
	[stretch] - webcit <ignored> (Minor issue)
CVE-2020-27740 (Citadel WebCit through 926 allows unauthenticated remote attackers to  ...)
	- webcit <removed> (bug #973385)
	[buster] - webcit <ignored> (Minor issue)
	[stretch] - webcit <ignored> (Minor issue)
CVE-2020-27739 (A Weak Session Management vulnerability in Citadel WebCit through 926  ...)
	- webcit <removed> (bug #973385)
	[buster] - webcit <ignored> (Minor issue)
	[stretch] - webcit <ignored> (Minor issue)
CVE-2020-27738 (A vulnerability has been identified in Nucleus NET (All versions), Nuc ...)
	NOT-FOR-US: Nucleus (Siemens)
CVE-2020-27737 (A vulnerability has been identified in Nucleus NET (All versions), Nuc ...)
	NOT-FOR-US: Nucleus (Siemens)
CVE-2020-27736 (A vulnerability has been identified in Nucleus NET (All versions), Nuc ...)
	NOT-FOR-US: Nucleus (Siemens)
CVE-2020-27735 (An XSS issue was discovered in Wing FTP 6.4.4. An arbitrary IFRAME ele ...)
	NOT-FOR-US: Wing FTP
CVE-2020-27734
	RESERVED
CVE-2020-27733 (Zoho ManageEngine Applications Manager before 14 build 14880 allows an ...)
	NOT-FOR-US: Zoho ManageEngine Applications Manager
CVE-2020-27732
	RESERVED
CVE-2020-27731
	RESERVED
CVE-2020-27730 (In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller  ...)
	NOT-FOR-US: NGINX Controller
CVE-2020-27729 (In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-27728 (On BIG-IP ASM &amp; Advanced WAF versions 16.0.0-16.0.0.1, 15.1.0-15.1 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-27727 (On BIG-IP version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, and ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-27726 (In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-27725 (In version 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12. ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-27724 (In BIG-IP APM versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.4, 15.0.0-15.0.1 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-27723 (In versions 14.1.0-14.1.3 and 13.1.0-13.1.3.4, a BIG-IP APM virtual se ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-27722 (In BIG-IP APM versions 15.0.0-15.0.1.3, 14.1.0-14.1.3, and 13.1.0-13.1 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-27721 (In versions 16.0.0-16.0.0.1, 15.1.0-15.1.1, 14.1.0-14.1.3, 13.1.0-13.1 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-27720 (On BIG-IP LTM/CGNAT version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-1 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-27719 (On BIG-IP 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.3, a cross ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-27718 (When a BIG-IP ASM or Advanced WAF system running version 16.0.0-16.0.0 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-27717 (On BIG-IP DNS 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0- ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-27716 (On versions 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.5, 12.1.0-12 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-27715 (On BIG-IP 15.1.0-15.1.0.5 and 14.1.0-14.1.3, crafted TLS request to th ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-27714 (On the BIG-IP AFM version 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-1 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-27713 (In certain configurations on version 13.1.3.4, when a BIG-IP AFM HTTP  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-27712
	RESERVED
CVE-2020-27711
	RESERVED
CVE-2020-27710
	RESERVED
CVE-2020-27709
	RESERVED
CVE-2020-27708 (A vulnerability exists in the Origin Client that could allow a non-Adm ...)
	NOT-FOR-US: Electronic Arts
CVE-2020-27707
	RESERVED
CVE-2020-27706
	RESERVED
CVE-2020-27705
	RESERVED
CVE-2020-27704
	RESERVED
CVE-2020-27703
	RESERVED
CVE-2020-27702
	RESERVED
CVE-2020-27701
	RESERVED
CVE-2020-27700
	RESERVED
CVE-2020-27699
	RESERVED
CVE-2020-27698
	RESERVED
CVE-2020-27697 (Trend Micro Security 2020 (Consumer) contains a vulnerability in the i ...)
	NOT-FOR-US: Trend Micro
CVE-2020-27696 (Trend Micro Security 2020 (Consumer) contains a vulnerability in the i ...)
	NOT-FOR-US: Trend Micro
CVE-2020-27695 (Trend Micro Security 2020 (Consumer) contains a vulnerability in the i ...)
	NOT-FOR-US: Trend Micro
CVE-2020-27694 (Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 ...)
	NOT-FOR-US: Trend Micro
CVE-2020-27693 (Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 ...)
	NOT-FOR-US: Trend Micro
CVE-2020-27692 (The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0 ...)
	NOT-FOR-US: Relish (Verve Connect) VH510 device
CVE-2020-27691 (The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0 ...)
	NOT-FOR-US: Relish (Verve Connect) VH510 device
CVE-2020-27690 (The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0 ...)
	NOT-FOR-US: Relish (Verve Connect) VH510 device
CVE-2020-27689 (The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0 ...)
	NOT-FOR-US: Relish (Verve Connect) VH510 device
CVE-2020-27688 (RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt ...)
	NOT-FOR-US: RVTools
CVE-2020-27687 (ThingsBoard before v3.2 is vulnerable to Host header injection in pass ...)
	NOT-FOR-US: ThingsBoard
CVE-2020-27686
	RESERVED
CVE-2020-27685
	RESERVED
CVE-2020-27684
	RESERVED
CVE-2020-27683
	RESERVED
CVE-2020-27682
	RESERVED
CVE-2020-27681
	RESERVED
CVE-2020-27680
	RESERVED
CVE-2020-27679
	RESERVED
CVE-2020-27678 (An issue was discovered in illumos before 2020-10-22, as used in OmniO ...)
	NOT-FOR-US: illumos
CVE-2020-27677
	RESERVED
CVE-2020-27676
	RESERVED
CVE-2020-27669
	RESERVED
CVE-2020-27668
	RESERVED
CVE-2020-27667
	RESERVED
CVE-2020-27666 (Strapi before 3.2.5 has stored XSS in the wysiwyg editor's preview fea ...)
	NOT-FOR-US: Strapi
CVE-2020-27665 (In Strapi before 3.2.5, there is no admin::hasPermissions restriction  ...)
	NOT-FOR-US: Strapi
CVE-2020-27664 (admin/src/containers/InputModalStepperProvider/index.js in Strapi befo ...)
	NOT-FOR-US: Strapi
CVE-2020-27663 (In GLPI before 9.5.3, ajax/getDropdownValue.php has an Insecure Direct ...)
	- glpi <removed>
CVE-2020-27662 (In GLPI before 9.5.3, ajax/comments.php has an Insecure Direct Object  ...)
	- glpi <removed>
CVE-2020-27661 (A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-d ...)
	- qemu 1:5.2+dfsg-1 (bug #972864)
	[buster] - qemu <not-affected> (Vulnerable code not present)
	[stretch] - qemu <not-affected> (Vulnerable code introduced later)
	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg04263.html
	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=bea2a9e3e00b275dc40cfa09c760c715b8753e03 (v5.2.0-rc0)
	NOTE: Introduced in v5.1.0-rc0
CVE-2020-27660 (SQL injection vulnerability in request.cgi in Synology SafeAccess befo ...)
	NOT-FOR-US: Synology
CVE-2020-27659 (Multiple cross-site scripting (XSS) vulnerabilities in Synology SafeAc ...)
	NOT-FOR-US: Synology
CVE-2020-27658 (Synology Router Manager (SRM) before 1.2.4-8081 does not include the H ...)
	NOT-FOR-US: Synology Router Manager (SRM)
CVE-2020-27657 (Cleartext transmission of sensitive information vulnerability in DDNS  ...)
	NOT-FOR-US: Synology Router Manager (SRM)
CVE-2020-27656 (Cleartext transmission of sensitive information vulnerability in DDNS  ...)
	NOT-FOR-US: Synology
CVE-2020-27655 (Improper access control vulnerability in Synology Router Manager (SRM) ...)
	NOT-FOR-US: Synology
CVE-2020-27654 (Improper access control vulnerability in lbd in Synology Router Manage ...)
	NOT-FOR-US: Synology
CVE-2020-27653 (Algorithm downgrade vulnerability in QuickConnect in Synology Router M ...)
	NOT-FOR-US: Synology
CVE-2020-27652 (Algorithm downgrade vulnerability in QuickConnect in Synology DiskStat ...)
	NOT-FOR-US: Synology
CVE-2020-27651 (Synology Router Manager (SRM) before 1.2.4-8081 does not set the Secur ...)
	NOT-FOR-US: Synology
CVE-2020-27650 (Synology DiskStation Manager (DSM) before 6.2.3-25426-2 does not set t ...)
	NOT-FOR-US: Synology
CVE-2020-27649 (Improper certificate validation vulnerability in OpenVPN client in Syn ...)
	NOT-FOR-US: Synology
CVE-2020-27648 (Improper certificate validation vulnerability in OpenVPN client in Syn ...)
	NOT-FOR-US: Synology
CVE-2020-27647
	RESERVED
CVE-2020-27646 (Biscom Secure File Transfer (SFT) before 5.1.1082 and 6.x before 6.0.1 ...)
	NOT-FOR-US: Biscom Secure File Transfer (SFT)
CVE-2020-27645 (The Inventory module of the 1E Client 5.0.0.745 doesn't handle an unqu ...)
	NOT-FOR-US: 1E Client
CVE-2020-27644 (The Inventory module of the 1E Client 5.0.0.745 doesn't handle an unqu ...)
	NOT-FOR-US: 1E Client
CVE-2020-27643 (The %PROGRAMDATA%\1E\Client directory in 1E Client 5.0.0.745 and 4.1.0 ...)
	NOT-FOR-US: 1E Client
CVE-2020-27642 (A cross-site scripting (XSS) vulnerability exists in the 'merge accoun ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-27641
	REJECTED
CVE-2020-27640 (The Bluetooth handset of Mitel MiVoice 6940 and 6930 MiNet phones with ...)
	NOT-FOR-US: Mitel
CVE-2020-27639 (The Bluetooth handset of Mitel MiVoice 6873i, 6930, and 6940 SIP phone ...)
	NOT-FOR-US: Mitel
CVE-2020-27637 (The R programming language&#8217;s default package manager CRAN is aff ...)
	- r-base 4.0.3-1
	[buster] - r-base <no-dsa> (Minor issue)
	[stretch] - r-base <no-dsa> (Minor issue)
	NOTE: https://labs.bishopfox.com/advisories/cran-version-4.0.2
CVE-2020-27636
	RESERVED
CVE-2020-27635
	RESERVED
CVE-2020-27634
	RESERVED
CVE-2020-27633
	RESERVED
CVE-2020-27632 (In SIMATIC MV400 family versions prior to v7.0.6, the ISN generator is ...)
	NOT-FOR-US: Siemens SIMATIC MV400
CVE-2020-27631
	RESERVED
CVE-2020-27630
	RESERVED
CVE-2020-27629 (In JetBrains TeamCity before 2020.1.5, secure dependency parameters co ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2020-27628 (In JetBrains TeamCity before 2020.1.5, the Guest user had access to au ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2020-27627 (JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection. ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2020-27626 (JetBrains YouTrack before 2020.3.5333 was vulnerable to SSRF. ...)
	NOT-FOR-US: JetBrains
CVE-2020-27625 (In JetBrains YouTrack before 2020.3.888, notifications might have ment ...)
	NOT-FOR-US: JetBrains
CVE-2020-27624 (JetBrains YouTrack before 2020.3.888 was vulnerable to SSRF. ...)
	NOT-FOR-US: JetBrains
CVE-2020-27623 (JetBrains IdeaVim before version 0.58 might have caused an information ...)
	NOT-FOR-US: JetBrains
CVE-2020-27622 (In JetBrains IntelliJ IDEA before 2020.2, the built-in web server coul ...)
	- intellij-idea <itp> (bug #747616)
CVE-2020-27621 (The FileImporter extension in MediaWiki through 1.35.0 was not properl ...)
	NOT-FOR-US: MediaWiki extension
CVE-2020-27620 (The Cosmos Skin for MediaWiki through 1.35.0 has stored XSS because Me ...)
	NOT-FOR-US: MediaWiki extension
CVE-2020-27619 (In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK  ...)
	- python3.9 <unfixed> (unimportant)
	- python3.8 <removed> (unimportant)
	- python3.7 <removed> (unimportant)
	NOTE: https://python-security.readthedocs.io/vuln/cjk-codec-download-eval.html
	NOTE: https://github.com/python/cpython/commit/2ef5caa58febc8968e670e39e3d37cf8eef3cab8 (master)
	NOTE: https://github.com/python/cpython/commit/a8bf44d04915f7366d9f8dfbf84822ac37a4bab3 (master)
	NOTE: https://github.com/python/cpython/commit/b664a1df4ee71d3760ab937653b10997081b1794 (3.9)
	NOTE: https://github.com/python/cpython/commit/6c6c256df3636ff6f6136820afaefa5a10a3ac33 (3.8)
	NOTE: https://github.com/python/cpython/commit/43e523103886af66d6c27cd72431b5d9d14cd2a9 (3.7)
	NOTE: https://bugs.python.org/issue41944
	NOTE: Only affects the testsuite
CVE-2020-27618 (The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and  ...)
	- glibc 2.31-5 (bug #973914)
	[buster] - glibc <no-dsa> (Minor issue)
	[stretch] - glibc <no-dsa> (Minor issue)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=26224
	NOTE: https://sourceware.org/git/?p=glibc.git;a=commit;h=9a99c682144bdbd40792ebf822fe9264e0376fb5
CVE-2020-27617 (eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to t ...)
	{DLA-2469-1}
	- qemu 1:5.2+dfsg-1 (bug #973324)
	[buster] - qemu <postponed> (Fix along in future DSA)
	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg06023.html
	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=7564bf7701f00214cdc8a678a9f7df765244def1 (v5.2.0-rc2)
CVE-2020-27616 (ati_2d_blt in hw/display/ati_2d.c in QEMU 4.2.1 can encounter an outsi ...)
	- qemu 1:5.2+dfsg-1 (bug #975265)
	[buster] - qemu <not-affected> (Vulnerable code introduced in ATI VGA device emulation added later)
	[stretch] - qemu <not-affected> (Vulnerable code introduced in ATI VGA device emulation added later)
	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg06080.html
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=ca1f9cbfdce4d63b10d57de80fef89a89d92a540 (v5.2.0-rc1)
CVE-2020-27615 (The Loginizer plugin before 1.6.4 for WordPress allows SQL injection ( ...)
	NOT-FOR-US: Loginizer plugin for WordPress
CVE-2020-27614 (AnyDesk for macOS versions 6.0.2 and older have a vulnerability in the ...)
	NOT-FOR-US: AnyDesk for macOS
CVE-2020-27638 (receive.c in fastd before v21 allows denial of service (assertion fail ...)
	{DLA-2414-1}
	- fastd 21-1 (bug #972521)
	[buster] - fastd 18-3+deb10u1
	NOTE: https://github.com/NeoRaider/fastd/commit/737925113363b6130879729cdff9ccc46c33eaea
CVE-2020-27613 (The installation procedure in BigBlueButton before 2.2.17 uses ClueCon ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-27612 (Greenlight in BigBlueButton through 2.2.28 places usernames in room UR ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-27611 (BigBlueButton through 2.2.28 uses STUN/TURN resources from a third par ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-27610 (The installation procedure in BigBlueButton before 2.2.28 (or earlier) ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-27609 (BigBlueButton through 2.2.28 records a video meeting despite the deact ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-27608 (In BigBlueButton before 2.2.6, uploaded presentations are sent to clie ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-27607 (In BigBlueButton before 2.2.28 (or earlier), the client-side Mute butt ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-27606 (BigBlueButton before 2.2.28 (or earlier) does not set the secure flag  ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-27605 (BigBlueButton through 2.2.28 uses Ghostscript for processing of upload ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-27604 (BigBlueButton before 2.3 does not implement LibreOffice sandboxing. Th ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-27603 (BigBlueButton before 2.2.27 has an unsafe JODConverter setting in whic ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-27602 (BigBlueButton before 2.2.7 does not have a protection mechanism for se ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-27601 (In BigBlueButton before 2.2.7, lockSettingsProps.disablePrivateChat do ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-27673 (An issue was discovered in the Linux kernel through 5.9.1, as used wit ...)
	{DLA-2494-1 DLA-2483-1}
	- linux 5.9.6-1
	[buster] - linux 4.19.160-1
	NOTE: https://xenbits.xen.org/xsa/advisory-332.html
CVE-2020-27675 (An issue was discovered in the Linux kernel through 5.9.1, as used wit ...)
	{DLA-2494-1 DLA-2483-1}
	- linux 5.9.6-1
	[buster] - linux 4.19.160-1
	NOTE: https://xenbits.xen.org/xsa/advisory-331.html
CVE-2020-27674 (An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS ...)
	{DSA-4804-1}
	- xen 4.14.0+80-gd101b417b7-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-286.html
CVE-2020-27672 (An issue was discovered in Xen through 4.14.x allowing x86 guest OS us ...)
	{DSA-4804-1}
	- xen 4.14.0+80-gd101b417b7-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-345.html
CVE-2020-27671 (An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH ...)
	{DSA-4804-1}
	- xen 4.14.0+80-gd101b417b7-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-346.html
CVE-2020-27670 (An issue was discovered in Xen through 4.14.x allowing x86 guest OS us ...)
	{DSA-4804-1}
	- xen 4.14.0+80-gd101b417b7-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-347.html
CVE-2020-27600 (HNAP1/control/SetMasterWLanSettings.php in D-Link D-Link Router DIR-84 ...)
	NOT-FOR-US: D-Link
CVE-2020-27599
	RESERVED
CVE-2020-27598
	RESERVED
CVE-2020-27597
	RESERVED
CVE-2020-27596
	RESERVED
CVE-2020-27595
	RESERVED
CVE-2020-27594
	RESERVED
CVE-2020-27593
	RESERVED
CVE-2020-27592
	RESERVED
CVE-2020-27591
	RESERVED
CVE-2020-27590
	RESERVED
CVE-2020-27589 (Synopsys hub-rest-api-python (aka blackduck on PyPI) version 0.0.25 -  ...)
	NOT-FOR-US: hub-rest-api-python
CVE-2020-27588
	RESERVED
CVE-2020-27587 (Quick Heal Total Security before 19.0 allows attackers with local admi ...)
	NOT-FOR-US: Quick Heal Total Security
CVE-2020-27586 (Quick Heal Total Security before version 19.0 transmits quarantine and ...)
	NOT-FOR-US: Quick Heal Total Security
CVE-2020-27585 (Quick Heal Total Security before 19.0 allows attackers with local admi ...)
	NOT-FOR-US: Quick Heal Total Security
CVE-2020-27584
	RESERVED
CVE-2020-27583 (** UNSUPPORTED WHEN ASSIGNED ** IBM InfoSphere Information Server 8.5. ...)
	NOT-FOR-US: IBM
CVE-2020-27582
	RESERVED
CVE-2020-27581
	RESERVED
CVE-2020-27580
	RESERVED
CVE-2020-27579
	RESERVED
CVE-2020-27578
	RESERVED
CVE-2020-27577
	RESERVED
CVE-2020-27576 (Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting (XS ...)
	NOT-FOR-US: Maxum Rumpus
CVE-2020-27575 (Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vuln ...)
	NOT-FOR-US: Maxum Rumpus
CVE-2020-27574 (Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site request forge ...)
	NOT-FOR-US: Maxum Rumpus
CVE-2020-27573
	RESERVED
CVE-2020-27572
	RESERVED
CVE-2020-27571
	RESERVED
CVE-2020-27570
	RESERVED
CVE-2020-27569 (Arbitrary File Write exists in Aviatrix VPN Client 2.8.2 and earlier.  ...)
	NOT-FOR-US: Aviatrix VPN Client
CVE-2020-27568 (Insecure File Permissions exist in Aviatrix Controller 5.3.1516. Sever ...)
	NOT-FOR-US: Aviatrix Controller
CVE-2020-27567
	RESERVED
CVE-2020-27566
	RESERVED
CVE-2020-27565
	RESERVED
CVE-2020-27564
	RESERVED
CVE-2020-27563
	RESERVED
CVE-2020-27562
	RESERVED
CVE-2020-27561
	RESERVED
CVE-2020-27560 (ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames i ...)
	{DLA-2523-1}
	- imagemagick 8:6.9.11.57+dfsg-1 (bug #972797)
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/ef59bd764f88d893f1219fee8ba696a5d3f8c1c4
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/6e3b13c7ef94d72b40fba91987897c4326717a46
CVE-2020-27559
	RESERVED
CVE-2020-27558 (Use of an undocumented user in BASETech GE-131 BT-1837836 firmware 201 ...)
	NOT-FOR-US: BASETech
CVE-2020-27557 (Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT ...)
	NOT-FOR-US: BASETech
CVE-2020-27556 (A predictable device ID in BASETech GE-131 BT-1837836 firmware 2018092 ...)
	NOT-FOR-US: BASETech
CVE-2020-27555 (Use of default credentials for the telnet server in BASETech GE-131 BT ...)
	NOT-FOR-US: BASETech
CVE-2020-27554 (Cleartext Transmission of Sensitive Information vulnerability in BASET ...)
	NOT-FOR-US: BASETech
CVE-2020-27553 (In BASETech GE-131 BT-1837836 firmware 20180921, the web-server on the ...)
	NOT-FOR-US: BASETech
CVE-2020-27552
	RESERVED
CVE-2020-27551
	RESERVED
CVE-2020-27550
	RESERVED
CVE-2020-27549
	RESERVED
CVE-2020-27548
	RESERVED
CVE-2020-27547
	RESERVED
CVE-2020-27546
	RESERVED
CVE-2020-27545
	RESERVED
	- dwarfutils 20201201-1
	[buster] - dwarfutils <ignored> (Minor issue)
	[stretch] - dwarfutils <ignored> (Minor issue)
	NOTE: https://www.prevanders.net/dwarfbug.html#DW202010-001
	NOTE: https://github.com/davea42/libdwarf-code/commit/95f634808c01f1c61bbec56ed2395af997f397ea
CVE-2020-27544
	RESERVED
CVE-2020-27543 (The restify-paginate package 0.0.5 for Node.js allows remote attackers ...)
	NOT-FOR-US: Node restify-paginate
CVE-2020-27542 (Rostelecom CS-C2SHW 5.0.082.1 is affected by: Bash command injection.  ...)
	NOT-FOR-US: Rostelecom CS-C2SHW
CVE-2020-27541 (Denial of Service vulnerability in Rostelecom CS-C2SHW 5.0.082.1. Agen ...)
	NOT-FOR-US: Rostelecom CS-C2SHW
CVE-2020-27540 (Bash injection vulnerability and bypass of signature verification in R ...)
	NOT-FOR-US: Rostelecom CS-C2SHW
CVE-2020-27539 (Heap overflow with full parsing of HTTP respose in Rostelecom CS-C2SHW ...)
	NOT-FOR-US: Rostelecom CS-C2SHW
CVE-2020-27538
	RESERVED
CVE-2020-27537
	RESERVED
CVE-2020-27536
	RESERVED
CVE-2020-27535
	RESERVED
CVE-2020-27534 (util/binfmt_misc/check.go in Builder in Docker Engine before 19.03.9 c ...)
	- docker.io <not-affected> (Windows-specific)
CVE-2020-27533 (A Cross Site Scripting (XSS) issue was discovered in the search featur ...)
	NOT-FOR-US: DedeCMS
CVE-2020-27532
	RESERVED
CVE-2020-27531
	RESERVED
CVE-2020-27530
	RESERVED
CVE-2020-27529
	RESERVED
CVE-2020-27528
	RESERVED
CVE-2020-27527
	RESERVED
CVE-2020-27526
	RESERVED
CVE-2020-27525
	RESERVED
CVE-2020-27524 (On Audi A7 MMI 2014 vehicles, the Bluetooth stack in Audi A7 MMI Multi ...)
	NOT-FOR-US: Audi
CVE-2020-27523 (Solstice-Pod up to 5.0.2 WEBRTC server mishandles the format-string sp ...)
	NOT-FOR-US: Solstice-Pod
CVE-2020-27522
	RESERVED
CVE-2020-27521
	RESERVED
CVE-2020-27520
	RESERVED
CVE-2020-27519 (Pritunl Client v1.2.2550.20 contains a local privilege escalation vuln ...)
	NOT-FOR-US: Pritunl Client
CVE-2020-27518 (All versions of Windscribe VPN for Mac and Windows &lt;= v2.02.10 cont ...)
	NOT-FOR-US: Windscribe VPN
CVE-2020-27517
	RESERVED
CVE-2020-27516
	RESERVED
CVE-2020-27515 (A Cross Site Scripting (XSS) vulnerability in Savsoft Quiz v5.0 allows ...)
	NOT-FOR-US: Savsoft Quiz
CVE-2020-27514
	RESERVED
CVE-2020-27513
	RESERVED
CVE-2020-27512
	RESERVED
CVE-2020-27511 (An issue was discovered in the stripTags and unescapeHTML components i ...)
	- prototypejs <unfixed> (bug #991898)
	[bullseye] - prototypejs <no-dsa> (Minor issue)
	[buster] - prototypejs <no-dsa> (Minor issue)
	[stretch] - prototypejs <no-dsa> (Minor issue)
	NOTE: https://github.com/prototypejs/prototype/blame/dee2f7d8611248abce81287e1be4156011953c90/src/prototype/lang/string.js#L283
	NOTE: https://github.com/yetingli/PoCs/blob/main/CVE-2020-27511/Prototype.md
	NOTE: CVE mentions newer version but vulnerable code exists in older versions too
	NOTE: https://sources.debian.org/src/prototypejs/1.7.1-3/prototype-1.7.1.js/#L617
CVE-2020-27510
	RESERVED
CVE-2020-27509
	RESERVED
CVE-2020-27508 (In two-factor authentication, the system also sending 2fa secret key i ...)
	NOT-FOR-US: Frappe Framework
CVE-2020-27507
	RESERVED
CVE-2020-27506
	RESERVED
CVE-2020-27505
	RESERVED
CVE-2020-27504
	RESERVED
CVE-2020-27503
	RESERVED
CVE-2020-27502
	RESERVED
CVE-2020-27501
	RESERVED
CVE-2020-27500
	RESERVED
CVE-2020-27499
	RESERVED
CVE-2020-27498
	RESERVED
CVE-2020-27497
	RESERVED
CVE-2020-27496
	RESERVED
CVE-2020-27495
	RESERVED
CVE-2020-27494
	RESERVED
CVE-2020-27493
	RESERVED
CVE-2020-27492
	RESERVED
CVE-2020-27491
	RESERVED
CVE-2020-27490
	RESERVED
CVE-2020-27489
	RESERVED
CVE-2020-27488 (Loxone Miniserver devices with firmware before 11.1 (aka 11.1.9.3) are ...)
	NOT-FOR-US: Loxone Miniserver devices
CVE-2020-27487
	RESERVED
CVE-2020-27486 (Garmin Forerunner 235 before 8.20 is affected by: Buffer Overflow. The ...)
	NOT-FOR-US: Garmin
CVE-2020-27485 (Garmin Forerunner 235 before 8.20 is affected by: Array index error. T ...)
	NOT-FOR-US: Garmin
CVE-2020-27484 (Garmin Forerunner 235 before 8.20 is affected by: Integer Overflow. Th ...)
	NOT-FOR-US: Garmin
CVE-2020-27483 (Garmin Forerunner 235 before 8.20 is affected by: Array index error. T ...)
	NOT-FOR-US: Garmin
CVE-2020-27482
	RESERVED
CVE-2020-27481 (An unauthenticated SQL Injection vulnerability in Good Layers LMS Plug ...)
	NOT-FOR-US: Good Layers LMS Plugin for WordPress
CVE-2020-27480
	RESERVED
CVE-2020-27479
	RESERVED
CVE-2020-27478
	RESERVED
CVE-2020-27477
	RESERVED
CVE-2020-27476
	RESERVED
CVE-2020-27475
	RESERVED
CVE-2020-27474
	RESERVED
CVE-2020-27473
	RESERVED
CVE-2020-27472
	RESERVED
CVE-2020-27471
	RESERVED
CVE-2020-27470
	RESERVED
CVE-2020-27469
	RESERVED
CVE-2020-27468
	RESERVED
CVE-2020-27467
	RESERVED
CVE-2020-27466 (An arbitrary file write vulnerability in lib/AjaxHandlers/ajaxEditTemp ...)
	NOT-FOR-US: rConfig
CVE-2020-27465
	RESERVED
CVE-2020-27464 (An insecure update feature in the /updater.php component of rConfig 3. ...)
	NOT-FOR-US: rConfig
CVE-2020-27463
	RESERVED
CVE-2020-27462
	RESERVED
CVE-2020-27461 (A remote code execution vulnerability in SEOPanel 4.6.0 has been fixed ...)
	NOT-FOR-US: SEOPanel
CVE-2020-27460
	RESERVED
CVE-2020-27459 (Chronoforeum 2.0.11 allows Stored XSS vulnerabilities when inserting a ...)
	NOT-FOR-US: Chronoforeum
CVE-2020-27458
	RESERVED
CVE-2020-27457
	RESERVED
CVE-2020-27456
	RESERVED
CVE-2020-27455
	RESERVED
CVE-2020-27454
	RESERVED
CVE-2020-27453
	RESERVED
CVE-2020-27452
	RESERVED
CVE-2020-27451
	RESERVED
CVE-2020-27450
	RESERVED
CVE-2020-27449
	RESERVED
CVE-2020-27448
	RESERVED
CVE-2020-27447
	RESERVED
CVE-2020-27446
	RESERVED
CVE-2020-27445
	RESERVED
CVE-2020-27444
	RESERVED
CVE-2020-27443
	RESERVED
CVE-2020-27442
	RESERVED
CVE-2020-27441
	RESERVED
CVE-2020-27440
	RESERVED
CVE-2020-27439
	RESERVED
CVE-2020-27438
	RESERVED
CVE-2020-27437
	RESERVED
CVE-2020-27436
	RESERVED
CVE-2020-27435
	RESERVED
CVE-2020-27434
	RESERVED
CVE-2020-27433
	RESERVED
CVE-2020-27432
	RESERVED
CVE-2020-27431
	RESERVED
CVE-2020-27430
	RESERVED
CVE-2020-27429
	RESERVED
CVE-2020-27428 (A DOM-based cross-site scripting (XSS) vulnerability in Scratch-Svg-Re ...)
	NOT-FOR-US: Scratch-Svg-Renderer
CVE-2020-27427
	RESERVED
CVE-2020-27426
	RESERVED
CVE-2020-27425
	RESERVED
CVE-2020-27424
	RESERVED
CVE-2020-27423 (Anuko Time Tracker v1.19.23.5311 lacks rate limit on the password rese ...)
	NOT-FOR-US: Anuko Time Tracker
CVE-2020-27422 (In Anuko Time Tracker v1.19.23.5311, the password reset link emailed t ...)
	NOT-FOR-US: Anuko Time Tracker
CVE-2020-27421
	RESERVED
CVE-2020-27420
	RESERVED
CVE-2020-27419
	RESERVED
CVE-2020-27418
	RESERVED
CVE-2020-27417
	RESERVED
CVE-2020-27416 (Mahavitaran android application 7.50 and prior are affected by account ...)
	NOT-FOR-US: Mahavitaran android application
CVE-2020-27415
	RESERVED
CVE-2020-27414 (Mahavitaran android application 7.50 and prior transmit sensitive info ...)
	NOT-FOR-US: Mahavitaran android application
CVE-2020-27413 (An issue was discovered in Mahavitaran android application 7.50 and be ...)
	NOT-FOR-US: Mahavitaran android application
CVE-2020-27412
	RESERVED
CVE-2020-27411
	RESERVED
CVE-2020-27410
	RESERVED
CVE-2020-27409 (OpenSIS Community Edition before 7.5 is affected by a cross-site scrip ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-27408 (OpenSIS Community Edition through 7.6 is affected by incorrect access  ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-27407
	RESERVED
CVE-2020-27406 (Cross Site Scripting (XSS) vulnerability in DynPG 4.9.1, allows authen ...)
	NOT-FOR-US: DynPG
CVE-2020-27405
	RESERVED
CVE-2020-27404
	RESERVED
CVE-2020-27403 (A vulnerability in the TCL Android Smart TV series V8-R851T02-LF1 V295 ...)
	NOT-FOR-US: TCL Android Smart TV series
CVE-2020-27402 (The HK1 Box S905X3 TV Box contains a vulnerability that allows a local ...)
	NOT-FOR-US: HK1 Box S905X3 TV Box
CVE-2020-27401
	RESERVED
CVE-2020-27400
	RESERVED
CVE-2020-27399
	RESERVED
CVE-2020-27398
	RESERVED
CVE-2020-27397 (Marital - Online Matrimonial Project In PHP version 1.0 suffers from a ...)
	NOT-FOR-US: Marital - Online Matrimonial Project
CVE-2020-27396
	RESERVED
CVE-2020-27395
	RESERVED
CVE-2020-27394
	RESERVED
CVE-2020-27393
	RESERVED
CVE-2020-27392
	RESERVED
CVE-2020-27391
	RESERVED
CVE-2020-27390
	RESERVED
CVE-2020-27389
	RESERVED
CVE-2020-27388 (Multiple Stored Cross Site Scripting (XSS) vulnerabilities exist in th ...)
	NOT-FOR-US: YOURLS Admin Panel
CVE-2020-27387 (An unrestricted file upload issue in HorizontCMS through 1.0.0-beta al ...)
	NOT-FOR-US: HorizontCMS
CVE-2020-27386 (An unrestricted file upload issue in FlexDotnetCMS before v1.5.9 allow ...)
	NOT-FOR-US: FlexDotnetCMS
CVE-2020-27385 (Incorrect Access Control in the FileEditor (/Admin/Views/FileEditor/)  ...)
	NOT-FOR-US: FlexDotnetCMS
CVE-2020-27384 (The Gw2-64.exe in Guild Wars 2 launcher version 106916 suffers from an ...)
	NOT-FOR-US: Guild Wars 2 launcher
CVE-2020-27383 (Battle.net.exe in Battle.Net 1.27.1.12428 suffers from an elevation of ...)
	NOT-FOR-US: Battle.Net
CVE-2020-27382
	RESERVED
CVE-2020-27381
	RESERVED
CVE-2020-27380
	RESERVED
CVE-2020-27379 (Cross Site Request Forgery (CSRF) vulnerability in Booking Core - Ulti ...)
	NOT-FOR-US: Booking Core - Ultimate Booking System Booking Core
CVE-2020-27378
	RESERVED
CVE-2020-27377 (A cross-site scripting (XSS) vulnerability was discovered in the Admin ...)
	NOT-FOR-US: CMS Made Simple
CVE-2020-27376
	RESERVED
CVE-2020-27375
	RESERVED
CVE-2020-27374
	RESERVED
CVE-2020-27373
	RESERVED
CVE-2020-27372 (A buffer overflow vulnerability exists in Brandy Basic V Interpreter 1 ...)
	- brandy <unfixed> (unimportant)
	NOTE: https://sourceforge.net/p/brandy/bugs/10/
	NOTE: Negligible security impact
CVE-2020-27371
	RESERVED
CVE-2020-27370
	RESERVED
CVE-2020-27369
	RESERVED
CVE-2020-27368 (Directory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V ...)
	NOT-FOR-US: TOTOLINK
CVE-2020-27367
	RESERVED
CVE-2020-27366
	RESERVED
CVE-2020-27365
	RESERVED
CVE-2020-27364
	RESERVED
CVE-2020-27363
	RESERVED
CVE-2020-27362 (An issue exists within the SSH console of Akkadian Provisioning Manage ...)
	NOT-FOR-US: Akkadian
CVE-2020-27361 (An issue exists within Akkadian Provisioning Manager 4.50.02 which all ...)
	NOT-FOR-US: Akkadian
CVE-2020-27360
	RESERVED
CVE-2020-27359 (A cross-site scripting (XSS) issue in REDCap 8.11.6 through 9.x before ...)
	NOT-FOR-US: REDCap
CVE-2020-27358 (An issue was discovered in REDCap 8.11.6 through 9.x before 10. The me ...)
	NOT-FOR-US: REDCap
CVE-2020-27357
	RESERVED
CVE-2020-27356 (The debug-meta-data plugin 1.1.2 for WordPress allows XSS. ...)
	NOT-FOR-US: debug-meta-data plugin for WordPress
CVE-2020-27355
	RESERVED
CVE-2020-27354
	RESERVED
CVE-2020-27353
	RESERVED
CVE-2020-27352
	RESERVED
	- snapd 2.49-1
	[buster] - snapd <no-dsa> (Minor issue)
	[stretch] - snapd <no-dsa> (Minor issue)
	NOTE: https://ubuntu.com/security/notices/USN-4728-1
	NOTE: https://github.com/docker-snap/docker-snap/security/advisories/GHSA-798c-v3jq-h646
	NOTE: https://bugs.launchpad.net/snapd/+bug/1910456
CVE-2020-27351 (Various memory and file descriptor leaks were found in apt-python file ...)
	{DSA-4809-1 DLA-2488-1}
	- python-apt 2.1.7
	NOTE: https://bugs.launchpad.net/bugs/1899193
CVE-2020-27350 (APT had several integer overflows and underflows while parsing .deb pa ...)
	{DSA-4808-1 DLA-2487-1}
	- apt 2.1.13
	NOTE: https://bugs.launchpad.net/bugs/1899193
CVE-2020-27349 (Aptdaemon performed policykit checks after interacting with potentiall ...)
	- aptdaemon <removed>
	NOTE: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1899193
CVE-2020-27348 (In some conditions, a snap package built by snapcraft includes the cur ...)
	NOT-FOR-US: snapcraft
CVE-2020-27346
	REJECTED
CVE-2020-27345
	RESERVED
CVE-2020-27344 (The cm-download-manager plugin before 2.8.0 for WordPress allows XSS. ...)
	NOT-FOR-US: cm-download-manager plugin for WordPress
CVE-2020-27343
	RESERVED
CVE-2020-27342
	RESERVED
CVE-2020-27341
	RESERVED
CVE-2020-27340 (The online help portal of Mitel MiCollab before 9.2 could allow an att ...)
	NOT-FOR-US: Mitel
CVE-2020-27339 (In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not cor ...)
	NOT-FOR-US: Insyde
CVE-2020-27338 (An issue was discovered in Treck IPv6 before 6.0.1.68. Improper Input  ...)
	NOT-FOR-US: Treck
CVE-2020-27337 (An issue was discovered in Treck IPv6 before 6.0.1.68. Improper Input  ...)
	NOT-FOR-US: Treck
CVE-2020-27336 (An issue was discovered in Treck IPv6 before 6.0.1.68. Improper input  ...)
	NOT-FOR-US: Treck
CVE-2020-27335
	RESERVED
CVE-2020-27334
	RESERVED
CVE-2020-27333
	RESERVED
CVE-2020-27332
	RESERVED
CVE-2020-27331
	RESERVED
CVE-2020-27330
	RESERVED
CVE-2020-27329
	RESERVED
CVE-2020-27328
	RESERVED
CVE-2020-27327
	RESERVED
CVE-2020-27326
	RESERVED
CVE-2020-27325
	RESERVED
CVE-2020-27324
	RESERVED
CVE-2020-27323
	RESERVED
CVE-2020-27322
	RESERVED
CVE-2020-27321
	RESERVED
CVE-2020-27320
	RESERVED
CVE-2020-27319
	RESERVED
CVE-2020-27318
	RESERVED
CVE-2020-27317
	RESERVED
CVE-2020-27316
	RESERVED
CVE-2020-27315
	RESERVED
CVE-2020-27314
	RESERVED
CVE-2020-27313
	RESERVED
CVE-2020-27312
	RESERVED
CVE-2020-27311
	RESERVED
CVE-2020-27310
	RESERVED
CVE-2020-27309
	RESERVED
CVE-2020-27308
	RESERVED
CVE-2020-27307
	RESERVED
CVE-2020-27306
	RESERVED
CVE-2020-27305
	RESERVED
CVE-2020-27304 (The CivetWeb web library does not validate uploaded filepaths when run ...)
	- civetweb 1.15+dfsg-1 (unimportant)
	NOTE: vulnerable code is an example, not packaged by Debian but present in source package
	NOTE: https://groups.google.com/g/civetweb/c/yPBxNXdGgJQ
	NOTE: https://github.com/civetweb/civetweb/commit/b2ed60c589172b37f3d705c69d84313eeb8348b1
	NOTE: https://github.com/civetweb/civetweb/commit/e489ff4f05647126ffa62d3a54f50bf7b7380776#diff-da20af5c7c76edbce3228777f142173af544c0202af876e8d5618f839f9ab2ac
CVE-2020-27303
	RESERVED
CVE-2020-27302 (A stack buffer overflow in Realtek RTL8710 (and other Ameba-based devi ...)
	NOT-FOR-US: Realtek
CVE-2020-27301 (A stack buffer overflow in Realtek RTL8710 (and other Ameba-based devi ...)
	NOT-FOR-US: Realtek
CVE-2020-27300
	RESERVED
CVE-2020-27299 (The affected product is vulnerable to an out-of-bounds read, which may ...)
	NOT-FOR-US: OPC UA Tunneller
CVE-2020-27298 (Philips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1 ...)
	NOT-FOR-US: Philips
CVE-2020-27297 (The affected product is vulnerable to a heap-based buffer overflow, wh ...)
	NOT-FOR-US: OPC UA Tunneller
CVE-2020-27296
	RESERVED
CVE-2020-27295 (The affected product has uncontrolled resource consumption issues, whi ...)
	NOT-FOR-US: OPC UA Tunneller
CVE-2020-27294
	RESERVED
CVE-2020-27293 (Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior has a type conf ...)
	NOT-FOR-US: Delta Electronics CNCSoft-B
CVE-2020-27292
	RESERVED
CVE-2020-27291 (Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior is vulnerable t ...)
	NOT-FOR-US: Delta Electronics CNCSoft-B
CVE-2020-27290 (In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, an inf ...)
	NOT-FOR-US: Hamilton Medical
CVE-2020-27289 (Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior has a null poin ...)
	NOT-FOR-US: Delta Electronics CNCSoft-B
CVE-2020-27288 (An untrusted pointer dereference has been identified in the way TPEdit ...)
	NOT-FOR-US: Delta Electronics (Delta)
CVE-2020-27287 (Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior is vulnerable t ...)
	NOT-FOR-US: Delta Electronics CNCSoft-B
CVE-2020-27286
	RESERVED
CVE-2020-27285 (The default configuration of Crimson 3.1 (Build versions prior to 3119 ...)
	NOT-FOR-US: Crimson
CVE-2020-27284 (TPEditor (v1.98 and prior) is vulnerable to two out-of-bounds write in ...)
	NOT-FOR-US: Delta Electronics (Delta)
CVE-2020-27283 (An attacker could send a specially crafted message to Crimson 3.1 (Bui ...)
	NOT-FOR-US: Crimson
CVE-2020-27282 (In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, an XML ...)
	NOT-FOR-US: Hamilton Medical
CVE-2020-27281 (A stack-based buffer overflow may exist in Delta Electronics CNCSoft S ...)
	NOT-FOR-US: Delta Electronics CNCSoft ScreenEditor
CVE-2020-27280 (A use after free issue has been identified in the way ISPSoft(v3.12 an ...)
	NOT-FOR-US: Delta Electronics (Delta)
CVE-2020-27279 (A NULL pointer deference vulnerability has been identified in the prot ...)
	NOT-FOR-US: Crimson
CVE-2020-27278 (In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, hard-c ...)
	NOT-FOR-US: Hamilton Medical
CVE-2020-27277 (Delta Electronics DOPSoft Version 4.0.8.21 and prior has a null pointe ...)
	NOT-FOR-US: Delta Electronics DOPSoft
CVE-2020-27276 (SOOIL Developments Co Ltd DiabecareRS,AnyDana-i &amp; AnyDana-A, the c ...)
	NOT-FOR-US: SOOIL Developments Co., Ltd.
CVE-2020-27275 (Delta Electronics DOPSoft Version 4.0.8.21 and prior is vulnerable to  ...)
	NOT-FOR-US: Delta Electronics DOPSoft
CVE-2020-27274 (Some parsing functions in the affected product do not check the return ...)
	NOT-FOR-US: OPC UA Tunneller
CVE-2020-27273
	RESERVED
CVE-2020-27272 (SOOIL Developments CoLtd DiabecareRS, AnyDana-i, AnyDana-A, The commun ...)
	NOT-FOR-US: SOOIL Developments Co., Ltd.
CVE-2020-27271
	RESERVED
CVE-2020-27270 (SOOIL Developments CoLtd DiabecareRS, AnyDana-i ,AnyDana-A, communicat ...)
	NOT-FOR-US: SOOIL Developments Co., Ltd.
CVE-2020-27269 (In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A,  ...)
	NOT-FOR-US: SOOIL Developments Co., Ltd.
CVE-2020-27268 (In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A,  ...)
	NOT-FOR-US: SOOIL Developments Co., Ltd.
CVE-2020-27267 (KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, Thin ...)
	NOT-FOR-US: KEPServerEX
CVE-2020-27266 (In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A,  ...)
	NOT-FOR-US: SOOIL Developments Co., Ltd.
CVE-2020-27265 (KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, Th ...)
	NOT-FOR-US: KEPServerEX
CVE-2020-27264 (In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A,  ...)
	NOT-FOR-US: SOOIL Developments Co., Ltd.
CVE-2020-27263 (KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, Th ...)
	NOT-FOR-US: KEPServerEX
CVE-2020-27262 (Innokas Yhtym&#228; Oy Vital Signs Monitor VC150 prior to Version 1.7. ...)
	NOT-FOR-US: Innokas Yhtyma Oy
CVE-2020-27261 (The Omron CX-One Version 4.60 and prior is vulnerable to a stack-based ...)
	NOT-FOR-US: Omron CX-One
CVE-2020-27260 (Innokas Yhtym&#228; Oy Vital Signs Monitor VC150 prior to Version 1.7. ...)
	NOT-FOR-US: Innokas Yhtyma Oy
CVE-2020-27259 (The Omron CX-One Version 4.60 and prior may allow an attacker to suppl ...)
	NOT-FOR-US: Omron CX-One
CVE-2020-27258 (In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A,  ...)
	NOT-FOR-US: SOOIL Developments Co., Ltd.
CVE-2020-27257 (This vulnerability allows local attackers to execute arbitrary code du ...)
	NOT-FOR-US: Omron CX-One
CVE-2020-27256 (In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A,  ...)
	NOT-FOR-US: SOOIL Developments Co., Ltd.
CVE-2020-27255 (A heap overflow vulnerability exists within FactoryTalk Linx Version 6 ...)
	NOT-FOR-US: FactoryTalk
CVE-2020-27254 (Emerson Rosemount X-STREAM Gas AnalyzerX-STREAM enhanced XEGP, XEGK, X ...)
	NOT-FOR-US: Emerson
CVE-2020-27253 (A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx ...)
	NOT-FOR-US: FactoryTalk
CVE-2020-27252 (Medtronic MyCareLink Smart 25000 all versions are vulnerable to a race ...)
	NOT-FOR-US: Medtronic MyCareLink Smart 25000
CVE-2020-27251 (A heap overflow vulnerability exists within FactoryTalk Linx Version 6 ...)
	NOT-FOR-US: FactoryTalk
CVE-2020-27250 (In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1 ...)
	NOT-FOR-US: SoftMaker
CVE-2020-27249 (A specially crafted document can cause the document parser to copy dat ...)
	NOT-FOR-US: SoftMaker
CVE-2020-27248 (A specially crafted document can cause the document parser to copy dat ...)
	NOT-FOR-US: SoftMaker
CVE-2020-27247 (A specially crafted document can cause the document parser to copy dat ...)
	NOT-FOR-US: SoftMaker
CVE-2020-27246 (An exploitable SQL injection vulnerability exists in &#8216;listImmoLa ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27245 (An exploitable SQL injection vulnerability exists in &#8216;listImmoLa ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27244 (An exploitable SQL injection vulnerability exists in &#8216;listImmoLa ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27243 (An exploitable SQL injection vulnerability exists in &#8216;listImmoLa ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27242 (An exploitable SQL injection vulnerability exists in &#8216;listImmoLa ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27241 (An exploitable SQL injection vulnerability exists in &#8216;getAssets. ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27240 (An exploitable SQL injection vulnerability exists in &#8216;getAssets. ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27239 (An exploitable SQL injection vulnerability exists in &#8216;getAssets. ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27238 (An exploitable SQL injection vulnerability exists in &#8216;getAssets. ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27237 (An exploitable SQL injection vulnerability exists in &#8216;getAssets. ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27236 (An exploitable SQL injection vulnerability exists in &#8216;getAssets. ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27235 (An exploitable SQL injection vulnerability exists in &#8216;getAssets. ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27234 (An exploitable SQL injection vulnerability exists in &#8216;getAssets. ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27233 (An exploitable SQL injection vulnerability exists in &#8216;getAssets. ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27232 (An exploitable SQL injection vulnerability exists in &#8216;manageServ ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27231 (A number of exploitable SQL injection vulnerabilities exists in &#8216 ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27230 (A number of exploitable SQL injection vulnerabilities exists in &#8216 ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27229 (A number of exploitable SQL injection vulnerabilities exists in &#8216 ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27228 (An incorrect default permissions vulnerability exists in the installat ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27227 (An exploitable unatuhenticated command injection exists in the OpenCli ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27226 (An exploitable SQL injection vulnerability exists in &#8216;quickFile. ...)
	NOT-FOR-US: OpenClinic
CVE-2020-27225 (In versions 4.18 and earlier of the Eclipse Platform, the Help Subsyst ...)
	- eclipse <removed>
	[stretch] - eclipse <no-dsa> (Minor issue)
CVE-2020-27224 (In Eclipse Theia versions up to and including 1.2.0, the Markdown Prev ...)
	NOT-FOR-US: Eclipse Theia
CVE-2020-27223 (In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0 ...)
	{DSA-4949-1}
	- jetty9 9.4.38-1
	[stretch] - jetty9 <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128
	NOTE: https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7
	NOTE: https://github.com/eclipse/jetty.project/issues/5963
	NOTE: https://github.com/eclipse/jetty.project/commit/10e531756b972162eed402c44d0244f7f6b85131
	NOTE: Introduced by https://github.com/eclipse/jetty.project/commit/cb84946467dc55826a8021ea2592ba58252863c9 (jetty-9.4.6.v20170531)
CVE-2020-27222 (In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based ( ...)
	NOT-FOR-US: Eclipse Californium
CVE-2020-27221 (In Eclipse OpenJ9 up to and including version 0.23, there is potential ...)
	NOT-FOR-US: Eclipse OpenJ9
CVE-2020-27220 (The Eclipse Hono AMQP and MQTT protocol adapters do not check whether  ...)
	NOT-FOR-US: Eclipse Hono
CVE-2020-27219 (In all version of Eclipse Hawkbit prior to 0.3.0M7, the HTTP 404 (Not  ...)
	NOT-FOR-US: Eclipse Hawkbit
CVE-2020-27218 (In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0  ...)
	- jetty9 9.4.35-1 (bug #976211)
	[buster] - jetty9 <ignored> (Minor issue, too intrusive to backport, patch introduces regressions, workarounds exist)
	[stretch] - jetty9 <ignored> (Minor issue, request smuggling in specific conditions, invasive, patch introduces regressions, workarounds exist)
	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=568892
	NOTE: https://github.com/eclipse/jetty.project/security/advisories/GHSA-86wm-rrjm-8wh8
	NOTE: https://github.com/eclipse/jetty.project/issues/5605
CVE-2020-27217 (In Eclipse Hono version 1.3.0 and 1.4.0 the AMQP protocol adapter does ...)
	NOT-FOR-US: Eclipse Hono
CVE-2020-27216 (In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thr ...)
	{DSA-4949-1 DLA-2661-1}
	- jetty9 9.4.33-1
	- jetty8 <removed>
	- jetty <removed>
	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=567921
	NOTE: https://github.com/eclipse/jetty.project/commit/53e0e0e9b25a6309bf24ee3b10984f4145701edb
	NOTE: https://github.com/eclipse/jetty.project/commit/9ad6beb80543b392c91653f6bfce233fc75b9d5f
	NOTE: https://github.com/eclipse/jetty.project/security/advisories/GHSA-g3wg-6mcf-8jj6
CVE-2020-27215
	RESERVED
CVE-2020-27214
	RESERVED
CVE-2020-27213
	RESERVED
CVE-2020-27212 (STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect a ...)
	NOT-FOR-US: STMicroelectronics STM32L4 devices
CVE-2020-27211 (Nordic Semiconductor nRF52840 devices through 2020-10-19 have improper ...)
	NOT-FOR-US: Nordic Semiconductor nRF52840 devices
CVE-2020-27210
	RESERVED
CVE-2020-27209 (The ECDSA operation of the micro-ecc library 1.0 is vulnerable to simp ...)
	NOT-FOR-US: micro-ecc
CVE-2020-27208 (The flash read-out protection (RDP) level is not enforced during the d ...)
	NOT-FOR-US: SoloKeys Solo
CVE-2020-27207 (Zetetic SQLCipher 4.x before 4.4.1 has a use-after-free, related to sq ...)
	NOT-FOR-US: Zetetic SQLCipher
CVE-2020-27206
	RESERVED
CVE-2020-27205
	RESERVED
CVE-2020-27204
	RESERVED
CVE-2020-27203
	RESERVED
CVE-2020-27202
	RESERVED
CVE-2020-27201
	RESERVED
CVE-2020-27200
	RESERVED
CVE-2020-27199 (The Magic Home Pro application 1.5.1 for Android allows Authentication ...)
	NOT-FOR-US: Magic Home Pro application for Android
CVE-2020-27198
	RESERVED
CVE-2020-27197 (** DISPUTED ** TAXII libtaxii through 1.1.117, as used in EclecticIQ O ...)
	NOT-FOR-US: TAXII libtaxii
CVE-2020-27196 (An issue was discovered in PlayJava in Play Framework 2.6.0 through 2. ...)
	NOT-FOR-US: Play Framework
CVE-2020-27195 (HashiCorp Nomad and Nomad Enterprise version 0.9.0 up to 0.12.5 client ...)
	- nomad 0.10.9+dfsg1-1 (bug #972795)
	NOTE: https://github.com/hashicorp/nomad/issues/9129
	NOTE: https://github.com/hashicorp/nomad/commit/a8ea7c5f421297db434b45046fca7a9deef6df85 (0.12.6)
CVE-2020-27193 (A cross-site scripting (XSS) vulnerability in the Color Dialog plugin  ...)
	NOT-FOR-US: CKEditor plugin
CVE-2020-27192 (BinaryNights ForkLift 3.4 was compiled with the com.apple.security.cs. ...)
	NOT-FOR-US: BinaryNights ForkLift
CVE-2020-27191 (LionWiki before 3.2.12 allows an unauthenticated user to read files as ...)
	NOT-FOR-US: LionWiki
CVE-2020-27194 (An issue was discovered in the Linux kernel before 5.8.15. scalar32_mi ...)
	- linux 5.9.1-1
	[buster] - linux <not-affected> (Vulnerable code not present)
	[stretch] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/5b9fbeb75b6a98955f628e205ac26689bcb1383e
CVE-2020-27190
	RESERVED
CVE-2020-27189
	RESERVED
CVE-2020-27188
	RESERVED
CVE-2020-27187 (An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. T ...)
	- kpmcore 4.2.0-1
	[buster] - kpmcore <not-affected> (kpmcore_externalcommand not yet present)
	[stretch] - kpmcore <not-affected> (kpmcore_externalcommand not yet present)
	NOTE: https://kde.org/info/security/advisory-20201017-1.txt
	NOTE: https://invent.kde.org/system/kpmcore/-/commit/c466c5db11b5cee546d1ec0594c2f1105a354fed (fix)
	NOTE: https://invent.kde.org/system/kpmcore/-/commit/7ec4b611dcf822439b081613cca4184689266454 (removes KF5 5.73 dependency)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1890199
CVE-2020-27186
	RESERVED
CVE-2020-27185 (Cleartext transmission of sensitive information via Moxa Service in NP ...)
	NOT-FOR-US: Moxa Service in NPort IA5000A series serial devices
CVE-2020-27184 (The NPort IA5000A Series devices use Telnet as one of the network devi ...)
	NOT-FOR-US: NPort IA5000A Series devices
CVE-2020-27183 (A RemoteFunctions endpoint with missing access control in konzept-ix p ...)
	NOT-FOR-US: konzept-ix publiXone
CVE-2020-27182 (Multiple cross-site scripting (XSS) vulnerabilities in konzept-ix publ ...)
	NOT-FOR-US: konzept-ix publiXone
CVE-2020-27181 (A hardcoded AES key in CipherUtils.java in the Java applet of konzept- ...)
	NOT-FOR-US: konzept-ix publiXone
CVE-2020-27180 (konzept-ix publiXone before 2020.015 allows attackers to download file ...)
	NOT-FOR-US: konzept-ix publiXone
CVE-2020-27179 (konzept-ix publiXone before 2020.015 allows attackers to take over arb ...)
	NOT-FOR-US: konzept-ix publiXone
CVE-2020-27178 (Apereo CAS 5.3.x before 5.3.16, 6.x before 6.1.7.2, 6.2.x before 6.2.4 ...)
	NOT-FOR-US: Apereo CAS
CVE-2020-27177
	RESERVED
CVE-2020-27176 (Mutation XSS exists in Mark Text through 0.16.2 that leads to Remote C ...)
	NOT-FOR-US: Mark Text
CVE-2020-27175
	RESERVED
CVE-2020-27174 (In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the ...)
	NOT-FOR-US: Firecracker
CVE-2020-27173 (In vm-superio before 0.1.1, the serial console FIFO can grow to unlimi ...)
	NOT-FOR-US: vm-superio
CVE-2020-27172 (An issue was discovered in G-Data before 25.5.9.25 using Symbolic link ...)
	NOT-FOR-US: G-Data
CVE-2020-27171 (An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/ ...)
	{DLA-2610-1}
	- linux 5.10.24-1
	[buster] - linux 4.19.181-1
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://www.openwall.com/lists/oss-security/2021/03/19/3
CVE-2020-27170 (An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/ ...)
	{DLA-2610-1}
	- linux 5.10.24-1
	[buster] - linux 4.19.181-1
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://www.openwall.com/lists/oss-security/2021/03/19/2
CVE-2020-27169
	RESERVED
CVE-2020-27168
	RESERVED
CVE-2020-27167
	RESERVED
CVE-2020-27166
	RESERVED
CVE-2020-27165
	REJECTED
CVE-2020-27164
	RESERVED
CVE-2020-27163 (phpRedisAdmin before 1.13.2 allows XSS via the login.php username para ...)
	NOT-FOR-US: phpRedisAdmin
CVE-2020-27162
	RESERVED
CVE-2020-27161
	RESERVED
CVE-2020-27160 (Addressed remote code execution vulnerability in AvailableApps.php tha ...)
	NOT-FOR-US: Western Digital My Cloud NAS devices
CVE-2020-27159 (Addressed remote code execution vulnerability in DsdkProxy.php due to  ...)
	NOT-FOR-US: Western Digital My Cloud NAS devices
CVE-2020-27158 (Addressed remote code execution vulnerability in cgi_api.php that allo ...)
	NOT-FOR-US: Western Digital My Cloud NAS devices
CVE-2020-27157 (Veritas APTARE versions prior to 10.5 included code that bypassed the  ...)
	NOT-FOR-US: Veritas
CVE-2020-27156 (Veritas APTARE versions prior to 10.5 did not perform adequate authori ...)
	NOT-FOR-US: Veritas
CVE-2020-27155 (An issue was discovered in Octopus Deploy through 2020.4.4. If enabled ...)
	NOT-FOR-US: Octopus Deploy
CVE-2020-27154 (The chat window of Mitel BusinessCTI Enterprise (MBC-E) Client for Win ...)
	NOT-FOR-US: Mitel
CVE-2020-27152 (An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioap ...)
	- linux 5.9.6-1
	[buster] - linux <not-affected> (Vulnerable code not present)
	[stretch] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1888886
	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=208767
	NOTE: https://git.kernel.org/linus/77377064c3a94911339f13ce113b3abf265e06da
CVE-2020-27151 (An issue was discovered in Kata Containers through 1.11.3 and 2.x thro ...)
	NOT-FOR-US: Kata Containers
CVE-2020-27153 (In BlueZ before 5.55, a double free was found in the gatttool disconne ...)
	{DSA-4951-1 DLA-2410-1}
	- bluez 5.55-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1884817
	NOTE: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=1cd644db8c23a2f530ddb93cebed7dacc5f5721a
CVE-2020-27150 (In multiple versions of NPort IA5000A Series, the result of exporting  ...)
	NOT-FOR-US: NPort IA5000A Series devices
CVE-2020-27149 (By exploiting a vulnerability in NPort IA5150A/IA5250A Series before v ...)
	NOT-FOR-US: NPort IA5150A/IA5250A Series devices
CVE-2020-27148 (The TIBCO EBX Add-on for Oracle Hyperion EPM, TIBCO EBX Data Exchange  ...)
	NOT-FOR-US: TIBCO
CVE-2020-27147 (The REST API component of TIBCO Software Inc.'s TIBCO PartnerExpress c ...)
	NOT-FOR-US: TIBCO
CVE-2020-27146 (The Core component of TIBCO Software Inc.'s TIBCO iProcess Workspace ( ...)
	NOT-FOR-US: TIBCO
CVE-2020-27145
	RESERVED
CVE-2020-27144
	RESERVED
CVE-2020-27143
	RESERVED
CVE-2020-27142
	RESERVED
CVE-2020-27141
	RESERVED
CVE-2020-27140
	RESERVED
CVE-2020-27139
	RESERVED
CVE-2020-27138
	RESERVED
CVE-2020-27137
	RESERVED
CVE-2020-27136
	RESERVED
CVE-2020-27135
	RESERVED
CVE-2020-27134 (Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS ...)
	NOT-FOR-US: Cisco
CVE-2020-27133 (Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS ...)
	NOT-FOR-US: Cisco
CVE-2020-27132 (Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS ...)
	NOT-FOR-US: Cisco
CVE-2020-27131 (Multiple vulnerabilities in the Java deserialization function that is  ...)
	NOT-FOR-US: Cisco
CVE-2020-27130 (A vulnerability in Cisco Security Manager could allow an unauthenticat ...)
	NOT-FOR-US: Cisco
CVE-2020-27129 (A vulnerability in the remote management feature of Cisco SD-WAN vMana ...)
	NOT-FOR-US: Cisco
CVE-2020-27128 (A vulnerability in the application data endpoints of Cisco SD-WAN vMan ...)
	NOT-FOR-US: Cisco
CVE-2020-27127 (Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS ...)
	NOT-FOR-US: Cisco
CVE-2020-27126 (A vulnerability in an API of Cisco Webex Meetings could allow an unaut ...)
	NOT-FOR-US: Cisco
CVE-2020-27125 (A vulnerability in Cisco Security Manager could allow an unauthenticat ...)
	NOT-FOR-US: Cisco
CVE-2020-27124
	RESERVED
CVE-2020-27123 (A vulnerability in the interprocess communication (IPC) channel of Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-27122 (A vulnerability in the Microsoft Active Directory integration of Cisco ...)
	NOT-FOR-US: Cisco
CVE-2020-27121 (A vulnerability in Cisco Unified Communications Manager IM &amp;amp; P ...)
	NOT-FOR-US: Cisco
CVE-2020-27120
	RESERVED
CVE-2020-27119
	RESERVED
CVE-2020-27118
	RESERVED
CVE-2020-27117
	RESERVED
CVE-2020-27116
	RESERVED
CVE-2020-27115
	RESERVED
CVE-2020-27114
	RESERVED
CVE-2020-27113
	RESERVED
CVE-2020-27112
	RESERVED
CVE-2020-27111
	RESERVED
CVE-2020-27110
	RESERVED
CVE-2020-27109
	RESERVED
CVE-2020-27108
	RESERVED
CVE-2020-27107
	RESERVED
CVE-2020-27106
	RESERVED
CVE-2020-27105
	RESERVED
CVE-2020-27104
	RESERVED
CVE-2020-27103
	RESERVED
CVE-2020-27102
	RESERVED
CVE-2020-27101
	RESERVED
CVE-2020-27100
	RESERVED
CVE-2020-27099
	RESERVED
CVE-2020-27098 (In checkGrantUriPermission of UriGrantsManagerService.java, there is a ...)
	NOT-FOR-US: Android
CVE-2020-27097 (In checkGrantUriPermission of UriGrantsManagerService.java, there is a ...)
	NOT-FOR-US: Android
CVE-2020-27096
	RESERVED
CVE-2020-27095
	RESERVED
CVE-2020-27094
	RESERVED
CVE-2020-27093
	RESERVED
CVE-2020-27092
	RESERVED
CVE-2020-27091
	RESERVED
CVE-2020-27090
	RESERVED
CVE-2020-27089
	RESERVED
CVE-2020-27088
	RESERVED
CVE-2020-27087
	RESERVED
CVE-2020-27086
	RESERVED
CVE-2020-27085
	RESERVED
CVE-2020-27084
	RESERVED
CVE-2020-27083
	RESERVED
CVE-2020-27082
	RESERVED
CVE-2020-27081
	RESERVED
CVE-2020-27080
	RESERVED
CVE-2020-27079
	RESERVED
CVE-2020-27078
	RESERVED
CVE-2020-27077
	RESERVED
CVE-2020-27076
	RESERVED
CVE-2020-27075
	RESERVED
CVE-2020-27074
	RESERVED
CVE-2020-27073
	RESERVED
CVE-2020-27072
	RESERVED
CVE-2020-27071
	RESERVED
CVE-2020-27070
	RESERVED
CVE-2020-27069
	RESERVED
CVE-2020-27068 (In the nl80211_policy policy of nl80211.c, there is a possible out of  ...)
	- linux 5.5.13-1
	[buster] - linux 4.19.118-1
	[stretch] - linux 4.9.228-1
	NOTE: https://git.kernel.org/linus/ea75080110a4c1fa011b0a73cb8f42227143ee3e
CVE-2020-27067 (In the l2tp subsystem, there is a possible use after free due to a rac ...)
	- linux 4.15.4-1
	[stretch] - linux 4.9.228-1
CVE-2020-27066 (In xfrm6_tunnel_free_spi of net/ipv6/xfrm6_tunnel.c, there is a possib ...)
	- linux 5.5.17-1
	[buster] - linux 4.19.118-1
	[stretch] - linux 4.9.228-1
	NOTE: https://source.android.com/security/bulletin/pixel/2020-12-01
CVE-2020-27065
	RESERVED
CVE-2020-27064
	RESERVED
CVE-2020-27063
	RESERVED
CVE-2020-27062
	RESERVED
CVE-2020-27061
	RESERVED
CVE-2020-27060
	RESERVED
CVE-2020-27059 (In onAuthenticated of AuthenticationClient.java, there is a possible t ...)
	NOT-FOR-US: Android
CVE-2020-27058
	RESERVED
CVE-2020-27057 (In getGpuStatsGlobalInfo and getGpuStatsAppInfo of GpuService.cpp, the ...)
	NOT-FOR-US: Android media framework
CVE-2020-27056 (In SELinux policies of mls, there is a missing permission check. This  ...)
	NOT-FOR-US: Android
CVE-2020-27055 (In isSubmittable and showWarningMessagesIfAppropriate of WifiConfigCon ...)
	NOT-FOR-US: Android
CVE-2020-27054 (In onFactoryReset of BluetoothManagerService.java, there is a missing  ...)
	NOT-FOR-US: Android
CVE-2020-27053 (In broadcastWifiCredentialChanged of ClientModeImpl.java, there is a p ...)
	NOT-FOR-US: Android
CVE-2020-27052 (In getLockTaskLaunchMode of ActivityRecord.java, there is a possible w ...)
	NOT-FOR-US: Android
CVE-2020-27051 (In NFA_RwI93WriteMultipleBlocks of nfa_rw_api.cc, there is a possible  ...)
	NOT-FOR-US: Android
CVE-2020-27050 (In rw_i93_send_cmd_write_multi_blocks of rw_i93.cc, there is a possibl ...)
	NOT-FOR-US: Android
CVE-2020-27049 (In rw_t3t_send_raw_frame of rw_t3t.cc, there is a possible out of boun ...)
	NOT-FOR-US: Android
CVE-2020-27048 (In RW_SendRawFrame of rw_main.cc, there is a possible out of bounds wr ...)
	NOT-FOR-US: Android
CVE-2020-27047 (In ce_t4t_update_binary of ce_t4t.cc, there is a possible out of bound ...)
	NOT-FOR-US: Android
CVE-2020-27046 (In nfc_ncif_proc_ee_action of nfc_ncif.cc, there is a possible out of  ...)
	NOT-FOR-US: Android
CVE-2020-27045 (In CE_SendRawFrame of ce_main.cc, there is a possible out of bounds wr ...)
	NOT-FOR-US: Android
CVE-2020-27044 (In restartWrite of Parcel.cpp, there is a possible memory corruption d ...)
	NOT-FOR-US: Android
CVE-2020-27043 (In nfc_enabled of nfc_main.cc, there is a possible out of bounds read  ...)
	NOT-FOR-US: Android
CVE-2020-27042
	RESERVED
CVE-2020-27041 (In showProvisioningNotification of ConnectivityService.java, there is  ...)
	NOT-FOR-US: Android
CVE-2020-27040 (In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible ...)
	NOT-FOR-US: Android
CVE-2020-27039 (In postNotification of ServiceRecord.java, there is a possible permiss ...)
	NOT-FOR-US: Android
CVE-2020-27038 (In process of C2SoftVorbisDec.cpp, there is a possible resource exhaus ...)
	NOT-FOR-US: Android media framework
CVE-2020-27037 (In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible ...)
	NOT-FOR-US: Android
CVE-2020-27036 (In phNxpNciHal_send_ext_cmd of phNxpNciHal_ext.cc, there is a possible ...)
	NOT-FOR-US: Android
CVE-2020-27035 (In priorLinearAllocation of C2AllocatorIon.cpp, there is a possible us ...)
	NOT-FOR-US: Android media framework
CVE-2020-27034 (In createSimSelectNotification of SimSelectNotification.java, there is ...)
	NOT-FOR-US: Android
CVE-2020-27033 (In nfc_ncif_proc_get_routing of nfc_ncif.cc, there is a possible out o ...)
	NOT-FOR-US: Android
CVE-2020-27032 (In getRadioAccessFamily of PhoneInterfaceManager.java, there is a poss ...)
	NOT-FOR-US: Android
CVE-2020-27031 (In nfc_data_event of nfc_ncif.cc, there is a possible out of bounds re ...)
	NOT-FOR-US: Android
CVE-2020-27030 (In onCreate of HandleApiCalls.java, there is a possible permission byp ...)
	NOT-FOR-US: Android
CVE-2020-27029 (In TextView of TextView.java, there is a possible app hang due to impr ...)
	NOT-FOR-US: Android
CVE-2020-27028 (In filter_incoming_event of hci_layer.cc, there is a possible out of b ...)
	NOT-FOR-US: Android
CVE-2020-27027 (In nfc_ncif_proc_get_routing of nfc_ncif.cc, there is a possible out o ...)
	NOT-FOR-US: Android
CVE-2020-27026 (During boot, the device unlock interface behaves differently depending ...)
	NOT-FOR-US: Android
CVE-2020-27025 (In EapFailureNotifier.java and SimRequiredNotifier.java, there is a po ...)
	NOT-FOR-US: Android
CVE-2020-27024 (In smp_br_state_machine_event of smp_br_main.cc, there is a possible o ...)
	NOT-FOR-US: Android
CVE-2020-27023 (In setErrorPlaybackState of BluetoothMediaBrowserService.java, there i ...)
	NOT-FOR-US: Android
CVE-2020-27022
	RESERVED
CVE-2020-27021 (In avrc_ctrl_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible o ...)
	NOT-FOR-US: Android
CVE-2020-27020 (Password generator feature in Kaspersky Password Manager was not compl ...)
	NOT-FOR-US: Kaspersky Password Manager
CVE-2020-27019 (Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 ...)
	NOT-FOR-US: Trend Micro
CVE-2020-27018 (Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 ...)
	NOT-FOR-US: Trend Micro
CVE-2020-27017 (Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 ...)
	NOT-FOR-US: Trend Micro
CVE-2020-27016 (Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 ...)
	NOT-FOR-US: Trend Micro
CVE-2020-27015 (Trend Micro Antivirus for Mac 2020 (Consumer) contains an Error Messag ...)
	NOT-FOR-US: Trend Micro
CVE-2020-27014 (Trend Micro Antivirus for Mac 2020 (Consumer) contains a race conditio ...)
	NOT-FOR-US: Trend Micro
CVE-2020-27013 (Trend Micro Antivirus for Mac 2020 (Consumer) contains a vulnerability ...)
	NOT-FOR-US: Trend Micro
CVE-2020-27012
	RESERVED
CVE-2020-27011
	RESERVED
CVE-2020-27010 (A cross-site scripting (XSS) vulnerability in Trend Micro InterScan We ...)
	NOT-FOR-US: Trend Micro
CVE-2020-27009 (A vulnerability has been identified in Nucleus NET (All versions &lt;  ...)
	NOT-FOR-US: Nucleus (Siemens)
CVE-2020-27008 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-27007 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-27006 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-27005 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-27004 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-27003 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-27002 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-27001 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-27000 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-26999 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-26998 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-26997 (A vulnerability has been identified in Solid Edge SE2020 (All versions ...)
	NOT-FOR-US: Solid Edge (Siemens)
CVE-2020-26996 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-26995 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-26994 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-26993 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-26992 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-26991 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-26990 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-26989 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-26988 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-26987 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-26986 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-26985 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-26984 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-26983 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-26982 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-26981 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-26980 (A vulnerability has been identified in JT2Go (All versions &lt; V13.1. ...)
	NOT-FOR-US: JT2Go
CVE-2020-26979 (When a user typed a URL in the address bar or the search bar and quick ...)
	- firefox 84.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-26979
CVE-2020-26978 (Using techniques that built on the slipstream research, a malicious we ...)
	{DSA-4815-1 DSA-4813-1 DLA-2497-1 DLA-2496-1}
	- firefox 84.0-1
	- firefox-esr 78.6.0esr-1
	- thunderbird 1:78.6.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-26978
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/#CVE-2020-26978
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/#CVE-2020-26978
CVE-2020-26977 (By attempting to connect a website using an unresponsive port, an atta ...)
	- firefox <not-affected> (Android specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-26977
CVE-2020-26976 (When a HTTPS pages was embedded in a HTTP page, and there was a servic ...)
	{DSA-4842-1 DSA-4840-1 DLA-2541-1 DLA-2539-1}
	- firefox 84.0-1
	- firefox-esr 78.7.0esr-1
	- thunderbird 1:78.7.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/#CVE-2020-26976
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-26976
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-05/#CVE-2020-26976
CVE-2020-26975 (When a malicious application installed on the user's device broadcast  ...)
	- firefox <not-affected> (Android specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-26975
CVE-2020-26974 (When flex-basis was used on a table wrapper, a StyleGenericFlexBasis o ...)
	{DSA-4815-1 DSA-4813-1 DLA-2497-1 DLA-2496-1}
	- firefox 84.0-1
	- firefox-esr 78.6.0esr-1
	- thunderbird 1:78.6.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-26974
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/#CVE-2020-26974
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/#CVE-2020-26974
CVE-2020-26973 (Certain input to the CSS Sanitizer confused it, resulting in incorrect ...)
	{DSA-4815-1 DSA-4813-1 DLA-2497-1 DLA-2496-1}
	- firefox 84.0-1
	- firefox-esr 78.6.0esr-1
	- thunderbird 1:78.6.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-26973
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/#CVE-2020-26973
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/#CVE-2020-26973
CVE-2020-26972 (The lifecycle of IPC Actors allows managed actors to outlive their man ...)
	- firefox 84.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-26972
CVE-2020-26971 (Certain blit values provided by the user were not properly constrained ...)
	{DSA-4815-1 DSA-4813-1 DLA-2497-1 DLA-2496-1}
	- firefox 84.0-1
	- firefox-esr 78.6.0esr-1
	- thunderbird 1:78.6.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-26971
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/#CVE-2020-26971
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/#CVE-2020-26971
CVE-2020-26970 (When reading SMTP server status codes, Thunderbird writes an integer v ...)
	{DSA-4802-1 DLA-2479-1}
	- thunderbird 1:78.5.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-53/#CVE-2020-26970
CVE-2020-26969 (Mozilla developers reported memory safety bugs present in Firefox 82.  ...)
	- firefox 83.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26969
CVE-2020-26968 (Mozilla developers reported memory safety bugs present in Firefox 82 a ...)
	{DSA-4796-1 DSA-4793-1 DLA-2464-1 DLA-2457-1}
	- firefox 83.0-1
	- firefox-esr 78.5.0esr-1
	- thunderbird 1:78.5.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26968
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/#CVE-2020-26968
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-52/#CVE-2020-26968
CVE-2020-26967 (When listening for page changes with a Mutation Observer, a malicious  ...)
	- firefox 83.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26967
CVE-2020-26966 (Searching for a single word from the address bar caused an mDNS reques ...)
	- firefox <not-affected> (Only affects Windows)
	- firefox-esr <not-affected> (Only affects Windows)
	- thunderbird <not-affected> (Only affects Windows)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26966
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/#CVE-2020-26966
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-52/#CVE-2020-26966
CVE-2020-26965 (Some websites have a feature "Show Password" where clicking a button w ...)
	{DSA-4796-1 DSA-4793-1 DLA-2464-1 DLA-2457-1}
	- firefox 83.0-1
	- firefox-esr 78.5.0esr-1
	- thunderbird 1:78.5.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26965
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/#CVE-2020-26965
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-52/#CVE-2020-26965
CVE-2020-26964 (If the Remote Debugging via USB feature was enabled in Firefox for And ...)
	- firefox <not-affected> (Android specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26964
CVE-2020-26963 (Repeated calls to the history and location interfaces could have been  ...)
	- firefox 83.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26963
CVE-2020-26962 (Cross-origin iframes that contained a login form could have been recog ...)
	- firefox 83.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26962
CVE-2020-26961 (When DNS over HTTPS is in use, it intentionally filters RFC1918 and re ...)
	{DSA-4796-1 DSA-4793-1 DLA-2464-1 DLA-2457-1}
	- firefox 83.0-1
	- firefox-esr 78.5.0esr-1
	- thunderbird 1:78.5.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26961
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/#CVE-2020-26961
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-52/#CVE-2020-26961
CVE-2020-26960 (If the Compact() method was called on an nsTArray, the array could hav ...)
	{DSA-4796-1 DSA-4793-1 DLA-2464-1 DLA-2457-1}
	- firefox 83.0-1
	- firefox-esr 78.5.0esr-1
	- thunderbird 1:78.5.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26960
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/#CVE-2020-26960
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-52/#CVE-2020-26960
CVE-2020-26959 (During browser shutdown, reference decrementing could have occured on  ...)
	{DSA-4796-1 DSA-4793-1 DLA-2464-1 DLA-2457-1}
	- firefox 83.0-1
	- firefox-esr 78.5.0esr-1
	- thunderbird 1:78.5.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26959
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/#CVE-2020-26959
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-52/#CVE-2020-26959
CVE-2020-26958 (Firefox did not block execution of scripts with incorrect MIME types w ...)
	{DSA-4796-1 DSA-4793-1 DLA-2464-1 DLA-2457-1}
	- firefox 83.0-1
	- firefox-esr 78.5.0esr-1
	- thunderbird 1:78.5.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26958
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/#CVE-2020-26958
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-52/#CVE-2020-26958
CVE-2020-26957 (OneCRL was non-functional in the new Firefox for Android due to a miss ...)
	- firefox <not-affected> (Android specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26957
CVE-2020-26956 (In some cases, removing HTML elements during sanitization would keep e ...)
	{DSA-4796-1 DSA-4793-1 DLA-2464-1 DLA-2457-1}
	- firefox 83.0-1
	- firefox-esr 78.5.0esr-1
	- thunderbird 1:78.5.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26956
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/#CVE-2020-26956
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-52/#CVE-2020-26956
CVE-2020-26955 (When a user downloaded a file in Firefox for Android, if a cookie is s ...)
	- firefox <not-affected> (Android specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26955
CVE-2020-26954 (When accepting a malicious intent from other installed apps, Firefox f ...)
	- firefox <not-affected> (Android specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26954
CVE-2020-26953 (It was possible to cause the browser to enter fullscreen mode without  ...)
	{DSA-4796-1 DSA-4793-1 DLA-2464-1 DLA-2457-1}
	- firefox 83.0-1
	- firefox-esr 78.5.0esr-1
	- thunderbird 1:78.5.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26953
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/#CVE-2020-26953
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-52/#CVE-2020-26953
CVE-2020-26952 (Incorrect bookkeeping of functions inlined during JIT compilation coul ...)
	- firefox 83.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26952
CVE-2020-26951 (A parsing and event loading mismatch in Firefox's SVG code could have  ...)
	{DSA-4796-1 DSA-4793-1 DLA-2464-1 DLA-2457-1}
	- firefox 83.0-1
	- firefox-esr 78.5.0esr-1
	- thunderbird 1:78.5.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-26951
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/#CVE-2020-26951
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-52/#CVE-2020-26951
CVE-2020-26950 (In certain circumstances, the MCallGetProperty opcode can be emitted w ...)
	{DSA-4790-1 DSA-4788-1 DLA-2449-1 DLA-2448-1}
	- firefox 82.0.3-1
	- firefox-esr 78.4.1esr-1
	- thunderbird 1:78.4.2-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-49/#CVE-2020-26950
CVE-2020-26949
	RESERVED
CVE-2020-26948 (Emby Server before 4.5.0 allows SSRF via the Items/RemoteSearch/Image  ...)
	NOT-FOR-US: Emby Server
CVE-2020-26947 (monero-wallet-gui in Monero GUI before 0.17.1.0 includes the . directo ...)
	NOT-FOR-US: monero-wallet-gui
CVE-2020-26946
	RESERVED
CVE-2020-26945 (MyBatis before 3.5.6 mishandles deserialization of object streams. ...)
	NOT-FOR-US: MyBatis
CVE-2020-26944 (An issue was discovered in Aptean Product Configurator 4.61.0000 on Wi ...)
	NOT-FOR-US: Aptean
CVE-2020-26943 (An issue was discovered in OpenStack blazar-dashboard before 1.3.1, 2. ...)
	NOT-FOR-US: blazar-dashboard
CVE-2020-26942
	RESERVED
CVE-2020-26941 (A local (authenticated) low-privileged user can exploit a behavior in  ...)
	NOT-FOR-US: IBM
CVE-2020-26940
	RESERVED
CVE-2020-26939 (In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1. ...)
	{DLA-2433-1}
	- bouncycastle 1.61-1
	[buster] - bouncycastle <no-dsa> (Minor issue)
	NOTE: https://github.com/bcgit/bc-java/wiki/CVE-2020-26939
	NOTE: https://github.com/bcgit/bc-java/commit/930f8b274c4f1f3a46e68b5441f1e7fadb57e8c1 (r1rv61)
CVE-2020-26938
	RESERVED
CVE-2020-26937
	RESERVED
CVE-2020-26936 (Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF at ...)
	NOT-FOR-US: Cloudera Data Engineering (CDE)
CVE-2020-26935 (An issue was discovered in SearchController in phpMyAdmin before 4.9.6 ...)
	{DLA-2413-1}
	- phpmyadmin 4:4.9.7+dfsg1-1 (bug #972000)
	NOTE: https://www.phpmyadmin.net/security/PMASA-2020-6/
	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/d09ab9bc9d634ad08b866d42bb8c4109869d38d2
CVE-2020-26934 (phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the tr ...)
	{DLA-2413-1}
	- phpmyadmin 4:4.9.7+dfsg1-1 (bug #971999)
	NOTE: https://www.phpmyadmin.net/security/PMASA-2020-5/
	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/19df63b0365621427697edc185ff7c9c5707c523
CVE-2020-26933 (Trusted Computing Group (TCG) Trusted Platform Module Library Family 2 ...)
	NOT-FOR-US: Trusted Computing Group (TCG) Trusted Platform Module Library Family 2.0 Library Specification
CVE-2020-26931 (Certain NETGEAR devices are affected by disclosure of sensitive inform ...)
	NOT-FOR-US: Netgear
CVE-2020-26930 (NETGEAR EX7700 devices before 1.0.0.210 are affected by incorrect conf ...)
	NOT-FOR-US: Netgear
CVE-2020-26929 (Certain NETGEAR devices are affected by command injection by an authen ...)
	NOT-FOR-US: Netgear
CVE-2020-26928 (Certain NETGEAR devices are affected by authentication bypass. This af ...)
	NOT-FOR-US: Netgear
CVE-2020-26927 (Certain NETGEAR devices are affected by authentication bypass. This af ...)
	NOT-FOR-US: Netgear
CVE-2020-26926 (Certain NETGEAR devices are affected by authentication bypass. This af ...)
	NOT-FOR-US: Netgear
CVE-2020-26925 (NETGEAR GS808E devices before 1.7.1.0 are affected by denial of servic ...)
	NOT-FOR-US: Netgear
CVE-2020-26924 (Certain NETGEAR devices are affected by disclosure of sensitive inform ...)
	NOT-FOR-US: Netgear
CVE-2020-26923 (Certain NETGEAR devices are affected by stored XSS. This affects WC750 ...)
	NOT-FOR-US: Netgear
CVE-2020-26922 (Certain NETGEAR devices are affected by command injection by an authen ...)
	NOT-FOR-US: Netgear
CVE-2020-26921 (Certain NETGEAR devices are affected by authentication bypass. This af ...)
	NOT-FOR-US: Netgear
CVE-2020-26920 (Certain NETGEAR devices are affected by command injection by an unauth ...)
	NOT-FOR-US: Netgear
CVE-2020-26919 (NETGEAR JGS516PE devices before 2.6.0.43 are affected by lack of acces ...)
	NOT-FOR-US: Netgear
CVE-2020-26918 (Certain NETGEAR devices are affected by stored XSS. This affects EX700 ...)
	NOT-FOR-US: Netgear
CVE-2020-26917 (Certain NETGEAR devices are affected by stored XSS. This affects EX700 ...)
	NOT-FOR-US: Netgear
CVE-2020-26916 (Certain NETGEAR devices are affected by incorrect configuration of sec ...)
	NOT-FOR-US: Netgear
CVE-2020-26915 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-26914 (Certain NETGEAR devices are affected by command injection by an authen ...)
	NOT-FOR-US: Netgear
CVE-2020-26913 (Certain NETGEAR devices are affected by a stack-based buffer overflow  ...)
	NOT-FOR-US: Netgear
CVE-2020-26912 (Certain NETGEAR devices are affected by CSRF. This affects D6200 befor ...)
	NOT-FOR-US: Netgear
CVE-2020-26911 (Certain NETGEAR devices are affected by lack of access control at the  ...)
	NOT-FOR-US: Netgear
CVE-2020-26910 (Certain NETGEAR devices are affected by command injection by an authen ...)
	NOT-FOR-US: Netgear
CVE-2020-26909 (Certain NETGEAR devices are affected by command injection by an unauth ...)
	NOT-FOR-US: Netgear
CVE-2020-26908 (Certain NETGEAR devices are affected by authentication bypass. This af ...)
	NOT-FOR-US: Netgear
CVE-2020-26907 (Certain NETGEAR devices are affected by command injection by an unauth ...)
	NOT-FOR-US: Netgear
CVE-2020-26906 (Certain NETGEAR devices are affected by disclosure of administrative c ...)
	NOT-FOR-US: Netgear
CVE-2020-26905 (Certain NETGEAR devices are affected by disclosure of administrative c ...)
	NOT-FOR-US: Netgear
CVE-2020-26904 (Certain NETGEAR devices are affected by disclosure of administrative c ...)
	NOT-FOR-US: Netgear
CVE-2020-26903 (Certain NETGEAR devices are affected by disclosure of administrative c ...)
	NOT-FOR-US: Netgear
CVE-2020-26902 (Certain NETGEAR devices are affected by command injection by an unauth ...)
	NOT-FOR-US: Netgear
CVE-2020-26901 (Certain NETGEAR devices are affected by disclosure of sensitive inform ...)
	NOT-FOR-US: Netgear
CVE-2020-26900 (Certain NETGEAR devices are affected by disclosure of administrative c ...)
	NOT-FOR-US: Netgear
CVE-2020-26899 (Certain NETGEAR devices are affected by disclosure of sensitive inform ...)
	NOT-FOR-US: Netgear
CVE-2020-26898 (NETGEAR RAX40 devices before 1.0.3.80 are affected by incorrect config ...)
	NOT-FOR-US: Netgear
CVE-2020-26897 (Certain NETGEAR devices are affected by disclosure of administrative c ...)
	NOT-FOR-US: Netgear
CVE-2020-26896 (Prior to 0.11.0-beta, LND (Lightning Network Daemon) had a vulnerabili ...)
	- lnd <itp> (bug #886577)
CVE-2020-26895 (Prior to 0.10.0-beta, LND (Lightning Network Daemon) would have accept ...)
	- lnd <itp> (bug #886577)
CVE-2020-26894 (LiveCode v9.6.1 on Windows allows local, low-privileged users to gain  ...)
	NOT-FOR-US: New Millennium
CVE-2020-26893 (An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor c ...)
	NOT-FOR-US: ClamXAV
CVE-2020-26892 (The JWT library in NATS nats-server before 2.1.9 has Incorrect Access  ...)
	- golang-github-nats-io-jwt <unfixed> (bug #988950)
	[buster] - golang-github-nats-io-jwt <no-dsa> (Minor issue)
	NOTE: https://advisories.nats.io/CVE/CVE-2020-26892.txt
CVE-2020-26891 (AuthRestServlet in Matrix Synapse before 1.21.0 is vulnerable to XSS d ...)
	- matrix-synapse 1.21.1-1
	NOTE: https://github.com/matrix-org/synapse/pull/8444
CVE-2020-26890 (Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Inf ...)
	- matrix-synapse 1.20.0-1
	NOTE: https://github.com/matrix-org/synapse/security/advisories/GHSA-4mp3-385r-v63f
CVE-2020-26889
	RESERVED
CVE-2020-26888
	RESERVED
CVE-2020-26887 (FRITZ!OS before 7.21 on FRITZ!Box devices allows a bypass of a DNS Reb ...)
	NOT-FOR-US: Fritz OS
CVE-2020-26886 (Softaculous before 5.5.7 is affected by a code execution vulnerability ...)
	NOT-FOR-US: Softaculous
CVE-2020-26885 (An issue was discovered in 2sic 2sxc before 11.22. A XSS vulnerability ...)
	NOT-FOR-US: 2sxc
CVE-2020-26884 (RSA Archer 6.8 through 6.8.0.3 and 6.9 contains a URL injection vulner ...)
	NOT-FOR-US: RSA Archer
CVE-2020-26883 (In Play Framework 2.6.0 through 2.8.2, stack consumption can occur bec ...)
	NOT-FOR-US: Play Framework
CVE-2020-26882 (In Play Framework 2.6.0 through 2.8.2, data amplification can occur wh ...)
	NOT-FOR-US: Play Framework
CVE-2020-26881
	RESERVED
CVE-2020-26880 (Sympa through 6.2.57b.2 allows a local privilege escalation from the s ...)
	- sympa <unfixed> (bug #972114)
	[bullseye] - sympa <postponed> (Revisit when fixed upstream; most setups mitigated)
	[buster] - sympa <postponed> (Revisit when fixed upstream; most setups mitigated)
	[stretch] - sympa <postponed> (Mitigated, revisit when fixed upstream)
	NOTE: https://github.com/sympa-community/sympa/issues/1009
	NOTE: https://github.com/sympa-community/sympa/issues/943#issuecomment-704779420
	NOTE: https://github.com/sympa-community/sympa/issues/943#issuecomment-704842235
	NOTE: Mitigation: https://salsa.debian.org/sympa-team/sympa/-/commit/b904d5257beb135127f663ad8f6865c1b59efd50
	NOTE: Mitigation present in 6.2.58~dfsg-2, 6.2.40~dfsg-1+deb10u1 and 6.2.16~dfsg-3+deb9u4
	NOTE: uploads.
CVE-2020-26879 (Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded  ...)
	NOT-FOR-US: Ruckus
CVE-2020-26878 (Ruckus through 1.5.1.0.21 is affected by remote command injection. An  ...)
	NOT-FOR-US: Ruckus
CVE-2020-26877
	RESERVED
CVE-2020-26876 (The wp-courses plugin through 2.0.27 for WordPress allows remote attac ...)
	NOT-FOR-US: Wordpress plugin
CVE-2020-26875
	RESERVED
CVE-2020-26874
	RESERVED
CVE-2020-26873
	RESERVED
CVE-2020-26872
	RESERVED
CVE-2020-26871
	RESERVED
CVE-2020-26870 (Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs becaus ...)
	{DLA-2419-1}
	- dompurify.js <removed>
	NOTE: https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/
	NOTE: https://github.com/cure53/DOMPurify/commit/02724b8eb048dd219d6725b05c3000936f11d62d
CVE-2020-26869 (ARC Informatique PcVue prior to version 12.0.17 is vulnerable to infor ...)
	NOT-FOR-US: PcVue
CVE-2020-26868 (ARC Informatique PcVue prior to version 12.0.17 is vulnerable to a den ...)
	NOT-FOR-US: PcVue
CVE-2020-26867 (ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to t ...)
	NOT-FOR-US: PcVue
CVE-2020-26866
	RESERVED
CVE-2020-26865
	RESERVED
CVE-2020-26864
	RESERVED
CVE-2020-26863
	RESERVED
CVE-2020-26862
	RESERVED
CVE-2020-26861
	RESERVED
CVE-2020-26860
	RESERVED
CVE-2020-26859
	RESERVED
CVE-2020-26858
	RESERVED
CVE-2020-26857
	RESERVED
CVE-2020-26856
	RESERVED
CVE-2020-26855
	RESERVED
CVE-2020-26854
	RESERVED
CVE-2020-26853
	RESERVED
CVE-2020-26852
	RESERVED
CVE-2020-26851
	RESERVED
CVE-2020-26850
	RESERVED
CVE-2020-26849
	RESERVED
CVE-2020-26848
	RESERVED
CVE-2020-26847
	RESERVED
CVE-2020-26846
	RESERVED
CVE-2020-26845
	RESERVED
CVE-2020-26844
	RESERVED
CVE-2020-26843
	RESERVED
CVE-2020-26842
	RESERVED
CVE-2020-26841
	RESERVED
CVE-2020-26840
	RESERVED
CVE-2020-26839
	RESERVED
CVE-2020-26838 (SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751,  ...)
	NOT-FOR-US: SAP
CVE-2020-26837 (SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2,  ...)
	NOT-FOR-US: SAP
CVE-2020-26836 (SAP Solution Manager (Trace Analysis), version - 720, allows for misus ...)
	NOT-FOR-US: SAP
CVE-2020-26835 (SAP NetWeaver AS ABAP, versions - 740, 750, 751, 752, 753, 754 , does  ...)
	NOT-FOR-US: SAP
CVE-2020-26834 (SAP HANA Database, version - 2.0, does not correctly validate the user ...)
	NOT-FOR-US: SAP
CVE-2020-26833
	RESERVED
CVE-2020-26832 (SAP AS ABAP (SAP Landscape Transformation), versions - 2011_1_620, 201 ...)
	NOT-FOR-US: SAP
CVE-2020-26831 (SAP BusinessObjects BI Platform (Crystal Report), versions - 4.1, 4.2, ...)
	NOT-FOR-US: SAP
CVE-2020-26830 (SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2,  ...)
	NOT-FOR-US: SAP
CVE-2020-26829 (SAP NetWeaver AS JAVA (P2P Cluster Communication), versions - 7.11, 7. ...)
	NOT-FOR-US: SAP
CVE-2020-26828 (SAP Disclosure Management, version - 10.1, provides capabilities for a ...)
	NOT-FOR-US: SAP
CVE-2020-26827
	RESERVED
CVE-2020-26826 (Process Integration Monitoring of SAP NetWeaver AS JAVA, versions - 7. ...)
	NOT-FOR-US: SAP
CVE-2020-26825 (SAP Fiori Launchpad (News tile Application), versions - 750,751,752,75 ...)
	NOT-FOR-US: SAP
CVE-2020-26824 (SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthent ...)
	NOT-FOR-US: SAP
CVE-2020-26823 (SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthent ...)
	NOT-FOR-US: SAP
CVE-2020-26822 (SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthent ...)
	NOT-FOR-US: SAP
CVE-2020-26821 (SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthent ...)
	NOT-FOR-US: SAP
CVE-2020-26820 (SAP NetWeaver AS JAVA, versions - 7.20, 7.30, 7.31, 7.40, 7.50, allows ...)
	NOT-FOR-US: SAP
CVE-2020-26819 (SAP NetWeaver AS ABAP (Web Dynpro), versions - 731, 740, 750, 751, 752 ...)
	NOT-FOR-US: SAP
CVE-2020-26818 (SAP NetWeaver AS ABAP (Web Dynpro), versions - 731, 740, 750, 751, 752 ...)
	NOT-FOR-US: SAP
CVE-2020-26817 (SAP 3D Visual Enterprise Viewer, version - 9, allows an user to open m ...)
	NOT-FOR-US: SAP
CVE-2020-26816 (SAP AS JAVA (Key Storage Service), versions - 7.10, 7.11, 7.20 ,7.30,  ...)
	NOT-FOR-US: SAP
CVE-2020-26815 (SAP Fiori Launchpad (News tile Application), versions - 750,751,752,75 ...)
	NOT-FOR-US: SAP
CVE-2020-26814 (SAP Process Integration (PGP Module - Business-to-Business Add On), ve ...)
	NOT-FOR-US: SAP
CVE-2020-26813
	RESERVED
CVE-2020-26812
	RESERVED
CVE-2020-26811 (SAP Commerce Cloud (Accelerator Payment Mock), versions - 1808, 1811,  ...)
	NOT-FOR-US: SAP
CVE-2020-26810 (SAP Commerce Cloud (Accelerator Payment Mock), versions - 1808, 1811,  ...)
	NOT-FOR-US: SAP
CVE-2020-26809 (SAP Commerce Cloud, versions- 1808,1811,1905,2005, allows an attacker  ...)
	NOT-FOR-US: SAP
CVE-2020-26808 (SAP AS ABAP(DMIS), versions - 2011_1_620, 2011_1_640, 2011_1_700, 2011 ...)
	NOT-FOR-US: SAP
CVE-2020-26807 (SAP ERP Client for E-Bilanz, version - 1.0, installation sets Incorrec ...)
	NOT-FOR-US: SAP
CVE-2020-26806 (admin/file.do in ObjectPlanet Opinio before 7.15 allows Unrestricted F ...)
	NOT-FOR-US: ObjectPlanet Opinio
CVE-2020-26805 (In Sentrifugo 3.2, admin can edit employee's informations via this end ...)
	NOT-FOR-US: Sentrifugo
CVE-2020-26804 (In Sentrifugo 3.2, users can share an announcement under "Organization ...)
	NOT-FOR-US: Sentrifugo
CVE-2020-26803 (In Sentrifugo 3.2, users can upload an image under "Assets -&gt; Add"  ...)
	NOT-FOR-US: Sentrifugo
CVE-2020-26802 (forma.lms 2.3.0.2 is affected by Cross Site Request Forgery (CSRF) in  ...)
	NOT-FOR-US: forma.lms
CVE-2020-26801 (A stored cross-site scripting (XSS) vulnerability was discovered in /F ...)
	NOT-FOR-US: TrippLite
CVE-2020-26800 (A stack overflow vulnerability in Aleth Ethereum C++ client version &l ...)
	NOT-FOR-US: Aleth Ethereum
CVE-2020-26799
	RESERVED
CVE-2020-26798
	RESERVED
CVE-2020-26797 (Mediainfo before version 20.08 has a heap buffer overflow vulnerabilit ...)
	{DLA-2603-1}
	- libmediainfo 20.09+dfsg-2 (bug #985554)
	[buster] - libmediainfo <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/mediainfo/bugs/1154/
	NOTE: https://github.com/MediaArea/MediaInfoLib/commit/7bab1c3a043784be2c90f2e54a0e5a8d7263eead
CVE-2020-26796
	RESERVED
CVE-2020-26795
	RESERVED
CVE-2020-26794
	RESERVED
CVE-2020-26793
	RESERVED
CVE-2020-26792
	RESERVED
CVE-2020-26791
	RESERVED
CVE-2020-26790
	RESERVED
CVE-2020-26789
	RESERVED
CVE-2020-26788
	RESERVED
CVE-2020-26787
	RESERVED
CVE-2020-26786
	RESERVED
CVE-2020-26785
	RESERVED
CVE-2020-26784
	RESERVED
CVE-2020-26783
	RESERVED
CVE-2020-26782
	RESERVED
CVE-2020-26781
	RESERVED
CVE-2020-26780
	RESERVED
CVE-2020-26779
	RESERVED
CVE-2020-26778
	RESERVED
CVE-2020-26777
	RESERVED
CVE-2020-26776
	RESERVED
CVE-2020-26775
	RESERVED
CVE-2020-26774
	RESERVED
CVE-2020-26773 (Restaurant Reservation System 1.0 suffers from an authenticated SQL in ...)
	NOT-FOR-US: Restaurant Reservation System
CVE-2020-26772 (Command Injection in PPGo_Jobs v2.8.0 allows remote attackers to execu ...)
	NOT-FOR-US: PPGo_Jobs
CVE-2020-26771
	RESERVED
CVE-2020-26770
	RESERVED
CVE-2020-26769
	RESERVED
CVE-2020-26768 (Formstone &lt;=1.4.16 is vulnerable to a Reflected Cross-Site Scriptin ...)
	NOT-FOR-US: Formstone
CVE-2020-26767
	RESERVED
CVE-2020-26766 (A Cross Site Request Forgery (CSRF) vulnerability exists in the logins ...)
	NOT-FOR-US: PHPGurukul User Registration & Login and User Management System
CVE-2020-26765
	RESERVED
CVE-2020-26764
	RESERVED
CVE-2020-26763 (The Rocket.Chat desktop application 2.17.11 opens external links witho ...)
	NOT-FOR-US: Rocket.Chat desktop application
CVE-2020-26762 (A stack-based buffer-overflow exists in Edimax IP-Camera IC-3116W (v3. ...)
	NOT-FOR-US: Edimax IP-Camera
CVE-2020-26761
	RESERVED
CVE-2020-26760
	RESERVED
CVE-2020-26759 (clickhouse-driver before 0.1.5 allows a malicious clickhouse server to ...)
	- python-clickhouse-driver 0.2.0-1
	NOTE: https://github.com/mymarilyn/clickhouse-driver/commit/3e990547e064b8fca916b23a0f7d6fe8c63c7f6b
	NOTE: https://github.com/mymarilyn/clickhouse-driver/commit/d708ed548e1d6f254ba81a21de8ba543a53b5598
CVE-2020-26758
	RESERVED
CVE-2020-26757
	RESERVED
CVE-2020-26756
	RESERVED
CVE-2020-26755
	RESERVED
CVE-2020-26754
	RESERVED
CVE-2020-26753
	RESERVED
CVE-2020-26752
	RESERVED
CVE-2020-26751
	RESERVED
CVE-2020-26750
	RESERVED
CVE-2020-26749
	RESERVED
CVE-2020-26748
	RESERVED
CVE-2020-26747
	RESERVED
CVE-2020-26746
	RESERVED
CVE-2020-26745
	RESERVED
CVE-2020-26744
	RESERVED
CVE-2020-26743
	RESERVED
CVE-2020-26742
	RESERVED
CVE-2020-26741
	RESERVED
CVE-2020-26740
	RESERVED
CVE-2020-26739
	RESERVED
CVE-2020-26738
	RESERVED
CVE-2020-26737
	RESERVED
CVE-2020-26736
	RESERVED
CVE-2020-26735
	RESERVED
CVE-2020-26734
	RESERVED
CVE-2020-26733 (Cross Site Scripting (XSS) in Configuration page in SKYWORTH GN542VF H ...)
	NOT-FOR-US: SKYWORTH GN542VF Hardware
CVE-2020-26732 (Skyworth GN542VF Boa version 0.94.13 does not set the Secure flag for  ...)
	NOT-FOR-US: Skyworth GN542VF Boa
CVE-2020-26731
	RESERVED
CVE-2020-26730
	RESERVED
CVE-2020-26729
	RESERVED
CVE-2020-26728 (A vulnerability was discovered in Tenda AC9 v3.0 V15.03.06.42_multi an ...)
	NOT-FOR-US: Tenda AC9 Router
CVE-2020-26727
	RESERVED
CVE-2020-26726
	RESERVED
CVE-2020-26725
	RESERVED
CVE-2020-26724
	RESERVED
CVE-2020-26723
	RESERVED
CVE-2020-26722
	RESERVED
CVE-2020-26721
	RESERVED
CVE-2020-26720
	RESERVED
CVE-2020-26719
	RESERVED
CVE-2020-26718
	RESERVED
CVE-2020-26717
	RESERVED
CVE-2020-26716
	RESERVED
CVE-2020-26715
	RESERVED
CVE-2020-26714
	RESERVED
CVE-2020-26713 (REDCap 10.3.4 contains a XSS vulnerability in the ToDoList function wi ...)
	NOT-FOR-US: REDCap
CVE-2020-26712 (REDCap 10.3.4 contains a SQL injection vulnerability in the ToDoList f ...)
	NOT-FOR-US: REDCap
CVE-2020-26711
	RESERVED
CVE-2020-26710
	RESERVED
CVE-2020-26709
	RESERVED
CVE-2020-26708
	RESERVED
CVE-2020-26707 (An issue was discovered in the add function in Shenzhim AAPTJS 1.3.1 w ...)
	NOT-FOR-US: aaptjs
CVE-2020-26706
	RESERVED
CVE-2020-26705 (The parseXML function in Easy-XML 0.5.0 was discovered to have a XML E ...)
	NOT-FOR-US: python-easy_xml
CVE-2020-26704
	RESERVED
CVE-2020-26703
	RESERVED
CVE-2020-26702
	RESERVED
CVE-2020-26701 (Cross-site scripting (XSS) vulnerability in Dashboards section in Kaa  ...)
	NOT-FOR-US: Kaa IoT Platform
CVE-2020-26700
	RESERVED
CVE-2020-26699
	RESERVED
CVE-2020-26698
	RESERVED
CVE-2020-26697
	RESERVED
CVE-2020-26696
	RESERVED
CVE-2020-26695
	RESERVED
CVE-2020-26694
	RESERVED
CVE-2020-26693 (A stored cross-site scripting (XSS) vulnerability was discovered in pf ...)
	NOT-FOR-US: pfSense
CVE-2020-26692
	RESERVED
CVE-2020-26691
	RESERVED
CVE-2020-26690
	RESERVED
CVE-2020-26689
	RESERVED
CVE-2020-26688
	RESERVED
CVE-2020-26687
	RESERVED
CVE-2020-26686
	RESERVED
CVE-2020-26685
	RESERVED
CVE-2020-26684
	RESERVED
CVE-2020-26683
	RESERVED
CVE-2020-26682 (In libass 0.14.0, the `ass_outline_construct`'s call to `outline_strok ...)
	- libass 1:0.15.0-1 (bug #975108)
	[buster] - libass <no-dsa> (Minor issue)
	[stretch] - libass <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/libass/libass/issues/431
	NOTE: https://github.com/libass/libass/pull/432
CVE-2020-26681
	RESERVED
CVE-2020-26680 (In vFairs 3.3, any user logged in to a vFairs virtual conference or ev ...)
	NOT-FOR-US: vFairs
CVE-2020-26679 (vFairs 3.3 is affected by Insecure Permissions. Any user logged in to  ...)
	NOT-FOR-US: vFairs
CVE-2020-26678 (vFairs 3.3 is affected by Remote Code Execution. Any user logged in to ...)
	NOT-FOR-US: vFairs
CVE-2020-26677 (Any user logged in to a vFairs 3.3 virtual conference or event can per ...)
	NOT-FOR-US: vFairs
CVE-2020-26676
	RESERVED
CVE-2020-26675
	RESERVED
CVE-2020-26674
	RESERVED
CVE-2020-26673
	RESERVED
CVE-2020-26672 (Testimonial Rotator Wordpress Plugin 3.0.2 is affected by Cross Site S ...)
	NOT-FOR-US: Testimonial Rotator Wordpress Plugin
CVE-2020-26671
	RESERVED
CVE-2020-26670 (A vulnerability has been discovered in BigTree CMS 4.4.10 and earlier  ...)
	NOT-FOR-US: BigTree CMS
CVE-2020-26669 (A stored cross-site scripting (XSS) vulnerability was discovered in Bi ...)
	NOT-FOR-US: BigTree CMS
CVE-2020-26668 (A SQL injection vulnerability was discovered in /core/feeds/custom.php ...)
	NOT-FOR-US: BigTree CMS
CVE-2020-26667
	RESERVED
CVE-2020-26666
	RESERVED
CVE-2020-26665
	RESERVED
CVE-2020-26664 (A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media play ...)
	{DSA-4834-1}
	- vlc 3.0.12-1 (low; bug #979676)
	[stretch] - vlc <postponed> (Minor issue, wait for next LTS release)
	NOTE: https://code.videolan.org/videolan/vlc-3.0/-/commit/ec1f55ee9ace5cc675395a1bc9700d99679e7e8c (3.0.12)
	NOTE: https://gist.githubusercontent.com/henices/db11664dd45b9f322f8514d182aef5ea/raw/d56940c8bf211992bf4f3309a85bb2b69383e511/CVE-2020-26664.txt
CVE-2020-26663
	RESERVED
CVE-2020-26662
	RESERVED
CVE-2020-26661
	RESERVED
CVE-2020-26660
	RESERVED
CVE-2020-26659
	RESERVED
CVE-2020-26658
	RESERVED
CVE-2020-26657
	RESERVED
CVE-2020-26656
	RESERVED
CVE-2020-26655
	RESERVED
CVE-2020-26654
	RESERVED
CVE-2020-26653
	RESERVED
CVE-2020-26652
	RESERVED
CVE-2020-26651
	RESERVED
CVE-2020-26650 (AtomXCMS 2.0 is affected by Arbitrary File Read via admin/dump.php ...)
	NOT-FOR-US: AtomXCMS
CVE-2020-26649 (AtomXCMS 2.0 is affected by Incorrect Access Control via admin/dump.ph ...)
	NOT-FOR-US: AtomXCMS
CVE-2020-26648
	RESERVED
CVE-2020-26647
	RESERVED
CVE-2020-26646
	RESERVED
CVE-2020-26645
	RESERVED
CVE-2020-26644
	RESERVED
CVE-2020-26643
	RESERVED
CVE-2020-26642 (A cross-site scripting (XSS) vulnerability has been discovered in the  ...)
	NOT-FOR-US: SeaCMS
CVE-2020-26641 (A Cross Site Request Forgery (CSRF) vulnerability was discovered in iC ...)
	NOT-FOR-US: iCMS
CVE-2020-26640
	RESERVED
CVE-2020-26639
	RESERVED
CVE-2020-26638
	RESERVED
CVE-2020-26637
	RESERVED
CVE-2020-26636
	RESERVED
CVE-2020-26635
	RESERVED
CVE-2020-26634
	RESERVED
CVE-2020-26633
	RESERVED
CVE-2020-26632
	RESERVED
CVE-2020-26631
	RESERVED
CVE-2020-26630
	RESERVED
CVE-2020-26629
	RESERVED
CVE-2020-26628
	RESERVED
CVE-2020-26627
	RESERVED
CVE-2020-26626
	RESERVED
CVE-2020-26625
	RESERVED
CVE-2020-26624
	RESERVED
CVE-2020-26623
	RESERVED
CVE-2020-26622
	RESERVED
CVE-2020-26621
	RESERVED
CVE-2020-26620
	RESERVED
CVE-2020-26619
	RESERVED
CVE-2020-26618
	RESERVED
CVE-2020-26617
	RESERVED
CVE-2020-26616
	RESERVED
CVE-2020-26615
	RESERVED
CVE-2020-26614
	RESERVED
CVE-2020-26613
	RESERVED
CVE-2020-26612
	RESERVED
CVE-2020-26611
	RESERVED
CVE-2020-26610
	RESERVED
CVE-2020-26609 (fastadmin V1.0.0.20200506_beta contains a cross-site scripting (XSS) v ...)
	NOT-FOR-US: fastadmin
CVE-2020-26608
	RESERVED
CVE-2020-26607 (An issue was discovered in TimaService on Samsung mobile devices with  ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-26606 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-26605 (An issue was discovered on Samsung mobile devices with Q(10.0) and R(1 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-26604 (An issue was discovered in SystemUI on Samsung mobile devices with O(8 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-26603 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-26602 (An issue was discovered in EthernetNetwork on Samsung mobile devices w ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-26601 (An issue was discovered in DirEncryptService on Samsung mobile devices ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-26600 (An issue was discovered on Samsung mobile devices with Q(10.0) softwar ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-26599 (An issue was discovered on Samsung mobile devices with Q(10.0) softwar ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-26598 (An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-26597 (An issue was discovered on LG mobile devices with Android OS 9.0 and 1 ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-26596 (The Dynamic OOO widget for the Elementor Pro plugin through 3.0.5 for  ...)
	NOT-FOR-US: Wordpress plugin
CVE-2020-26595
	RESERVED
CVE-2020-26594
	RESERVED
CVE-2020-26593
	RESERVED
CVE-2020-26592
	RESERVED
CVE-2020-26591
	RESERVED
CVE-2020-26590
	RESERVED
CVE-2020-26589
	RESERVED
CVE-2020-26588
	RESERVED
CVE-2020-26587
	RESERVED
CVE-2020-26586
	RESERVED
CVE-2020-26585
	RESERVED
CVE-2020-26584 (An issue was discovered in Sage DPW 2020_06_x before 2020_06_002. The  ...)
	NOT-FOR-US: Sage
CVE-2020-26583 (An issue was discovered in Sage DPW 2020_06_x before 2020_06_002. It a ...)
	NOT-FOR-US: Sage
CVE-2020-26582 (D-Link DAP-1360U before 3.0.1 devices allow remote authenticated users ...)
	NOT-FOR-US: D-Link
CVE-2020-26581
	RESERVED
CVE-2020-26580
	RESERVED
CVE-2020-26579
	RESERVED
CVE-2020-26578
	RESERVED
CVE-2020-26577
	RESERVED
CVE-2020-26576
	RESERVED
CVE-2020-26575 (In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) di ...)
	{DLA-2547-1}
	- wireshark 3.2.8-0.1 (bug #974688)
	[buster] - wireshark 2.6.20-0+deb10u1
	NOTE: https://gitlab.com/wireshark/wireshark/-/commit/3ff940652962c099b73ae3233322b8697b0d10ab
	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/16887
	NOTE: https://gitlab.com/wireshark/wireshark/-/merge_requests/467
	NOTE: https://gitlab.com/wireshark/wireshark/-/merge_requests/471
	NOTE: https://gitlab.com/wireshark/wireshark/-/merge_requests/472
	NOTE: https://gitlab.com/wireshark/wireshark/-/merge_requests/473
	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-14
CVE-2020-26574 (** UNSUPPORTED WHEN ASSIGNED ** Leostream Connection Broker 8.2.x is a ...)
	NOT-FOR-US: Leostream
CVE-2020-26573
	RESERVED
CVE-2020-26572 (The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a  ...)
	{DLA-2832-1}
	- opensc 0.21.0-1 (bug #972035)
	[buster] - opensc <no-dsa> (Minor issue)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22967
	NOTE: https://github.com/OpenSC/OpenSC/commit/9d294de90d1cc66956389856e60b6944b27b4817 (0.21.0-rc1)
CVE-2020-26571 (The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 ...)
	{DLA-2832-1}
	- opensc 0.21.0-1 (bug #972036)
	[buster] - opensc <no-dsa> (Minor issue)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20612
	NOTE: https://github.com/OpenSC/OpenSC/commit/ed55fcd2996930bf58b9bb57e9ba7b1f3a753c43 (0.21.0-rc1)
CVE-2020-26570 (The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 ha ...)
	{DLA-2832-1}
	- opensc 0.21.0-1 (bug #972037)
	[buster] - opensc <no-dsa> (Minor issue)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24316
	NOTE: https://github.com/OpenSC/OpenSC/commit/6903aebfddc466d966c7b865fae34572bf3ed23e (0.21.0-rc1)
CVE-2020-26569 (In EVPN VxLAN setups in Arista EOS, specific malformed packets can lea ...)
	NOT-FOR-US: Arista
CVE-2020-26568
	RESERVED
CVE-2020-26567 (An issue was discovered on D-Link DSR-250N before 3.17B devices. The C ...)
	NOT-FOR-US: D-Link
CVE-2020-26566 (A Denial of Service condition in Motion-Project Motion 3.2 through 4.3 ...)
	- motion 4.3.2-1 (bug #972986)
	[buster] - motion <not-affected> (Vulnerable code introduced in 4.2)
	[stretch] - motion <not-affected> (Vulnerable code introduced in 4.2)
	NOTE: https://github.com/Motion-Project/motion/security/advisories/GHSA-6f7x-grw7-fw24
	NOTE: https://github.com/Motion-Project/motion/issues/1227#issuecomment-715927776
	NOTE: https://github.com/Motion-Project/motion/pull/1232
CVE-2020-26565 (ObjectPlanet Opinio before 7.14 allows Expression Language Injection v ...)
	NOT-FOR-US: ObjectPlanet Opinio
CVE-2020-26564 (ObjectPlanet Opinio before 7.15 allows XXE attacks via three steps: mo ...)
	NOT-FOR-US: ObjectPlanet Opinio
CVE-2020-26563 (ObjectPlanet Opinio before 7.14 allows reflected XSS via the survey/ad ...)
	NOT-FOR-US: ObjectPlanet Opinio
CVE-2020-26562
	RESERVED
CVE-2020-26561 (** UNSUPPORTED WHEN ASSIGNED ** Belkin LINKSYS WRT160NL 1.0.04.002_US_ ...)
	NOT-FOR-US: Belkin
CVE-2020-26560 (Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0. ...)
	- linux <unfixed>
	NOTE: https://kb.cert.org/vuls/id/799380
	NOTE: https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/impersonation-mesh/
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1959994
CVE-2020-26559 (Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0. ...)
	- linux <unfixed>
	NOTE: https://kb.cert.org/vuls/id/799380
	NOTE: https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/authvalue-leak/
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1960011
CVE-2020-26558 (Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification ...)
	{DSA-4951-1 DLA-2692-1 DLA-2690-1 DLA-2689-1}
	- bluez 5.55-3.1 (bug #989614)
	- linux 5.10.40-1
	[buster] - linux 4.19.194-1
	NOTE: https://kb.cert.org/vuls/id/799380
	NOTE: https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/passkey-entry/
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1918602
	NOTE: https://git.kernel.org/linus/6d19628f539fccf899298ff02ee4c73e4bf6df3f
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html
	NOTE: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=00da0fb4972cf59e1c075f313da81ea549cb8738
CVE-2020-26557 (Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may perm ...)
	- linux <unfixed>
	NOTE: https://kb.cert.org/vuls/id/799380
	NOTE: https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/predicatable-authvalue/
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1960009
CVE-2020-26556 (Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may perm ...)
	- linux <unfixed>
	NOTE: https://kb.cert.org/vuls/id/799380
	NOTE: https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/malleable/
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1960012
CVE-2020-26555 (Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specificati ...)
	- linux <unfixed>
	NOTE: https://kb.cert.org/vuls/id/799380
	NOTE: https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/impersonation-pin-pairing/
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1918601
CVE-2020-26554 (REDDOXX MailDepot 2033 (aka 2.3.3022) allows XSS via an incoming HTML  ...)
	NOT-FOR-US: REDDOXX MailDepot
CVE-2020-26553 (An issue was discovered in Aviatrix Controller before R6.0.2483. Sever ...)
	NOT-FOR-US: Aviatrix
CVE-2020-26552 (An issue was discovered in Aviatrix Controller before R6.0.2483. Multi ...)
	NOT-FOR-US: Aviatrix
CVE-2020-26551 (An issue was discovered in Aviatrix Controller before R5.3.1151. Encry ...)
	NOT-FOR-US: Aviatrix
CVE-2020-26550 (An issue was discovered in Aviatrix Controller before R5.3.1151. An en ...)
	NOT-FOR-US: Aviatrix
CVE-2020-26549 (An issue was discovered in Aviatrix Controller before R5.4.1290. The h ...)
	NOT-FOR-US: Aviatrix
CVE-2020-26548 (An issue was discovered in Aviatrix Controller before R5.4.1290. There ...)
	NOT-FOR-US: Aviatrix
CVE-2020-26547 (Monal before 4.9 does not implement proper sender verification on MAM  ...)
	NOT-FOR-US: Monal
CVE-2020-26546 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in HelpDeskZ 1 ...)
	NOT-FOR-US: HelpDeskZ
CVE-2020-26545
	RESERVED
CVE-2020-26544
	RESERVED
CVE-2020-26543
	RESERVED
CVE-2020-26542 (An issue was discovered in the MongoDB Simple LDAP plugin through 2020 ...)
	NOT-FOR-US: MongoDB plugin
CVE-2020-26541 (The Linux kernel through 5.8.13 does not properly enforce the Secure B ...)
	- linux 5.14.6-1
	[bullseye] - linux 5.10.70-1
	[stretch] - linux <not-affected> (Secure Boot key import not supported)
	NOTE: https://lkml.org/lkml/2020/9/15/1871
CVE-2020-26540 (An issue was discovered in Foxit Reader and PhantomPDF before 4.1 on m ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-26539 (An issue was discovered in Foxit Reader and PhantomPDF before 10.1. Wh ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-26538 (An issue was discovered in Foxit Reader and PhantomPDF before 10.1. It ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-26537 (An issue was discovered in Foxit Reader and PhantomPDF before 10.1. In ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-26536 (An issue was discovered in Foxit Reader and PhantomPDF before 10.1. Th ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-26535 (An issue was discovered in Foxit Reader and PhantomPDF before 10.1. If ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-26534 (An issue was discovered in Foxit Reader and PhantomPDF before 10.1. Th ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-26533
	RESERVED
CVE-2020-26532
	RESERVED
CVE-2020-26531
	RESERVED
CVE-2020-26530
	RESERVED
CVE-2020-26529
	RESERVED
CVE-2020-26528
	RESERVED
CVE-2020-26527 (An issue was discovered in API/api/Version in Damstra Smart Asset 2020 ...)
	NOT-FOR-US: Damstra Smart Asset
CVE-2020-26526 (An issue was discovered in Damstra Smart Asset 2020.7. It is possible  ...)
	NOT-FOR-US: Damstra Smart Asset
CVE-2020-26525 (Damstra Smart Asset 2020.7 has SQL injection via the API/api/Asset ori ...)
	NOT-FOR-US: Damstra Smart Asset
CVE-2020-26524 (CodeLathe FileCloud before 20.2.0.11915 allows username enumeration. ...)
	NOT-FOR-US: CodeLathe FileCloud
CVE-2020-26523 (Froala Editor before 3.2.2 allows XSS via pasted content. ...)
	NOT-FOR-US: Froala Editor
CVE-2020-26522 (A cross-site request forgery (CSRF) vulnerability in mod/user/act_user ...)
	NOT-FOR-US: Garfield Petshop
CVE-2020-26521 (The JWT library in NATS nats-server before 2.1.9 allows a denial of se ...)
	- golang-github-nats-io-jwt <unfixed> (bug #988950)
	[buster] - golang-github-nats-io-jwt <no-dsa> (Minor issue)
	NOTE: https://advisories.nats.io/CVE/CVE-2020-26521.txt
CVE-2020-26520
	RESERVED
CVE-2020-26519 (Artifex MuPDF before 1.18.0 has a heap based buffer over-write when pa ...)
	{DSA-4794-1 DLA-2589-1}
	- mupdf 1.17.0+ds1-1.1 (bug #971595)
	NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commit;h=af1e390a2c7abceb32676ec684cd1dbb92907ce8
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=702937
CVE-2020-26518 (Artica Pandora FMS before 743 allows unauthenticated attackers to cond ...)
	NOT-FOR-US: Artica Pandora FMS
CVE-2020-26517 (A cross-site scripting (XSS) issue was discovered in Intland codeBeame ...)
	NOT-FOR-US: intland codeBeamer
CVE-2020-26516 (A CSRF issue was discovered in Intland codeBeamer ALM 10.x through 10. ...)
	NOT-FOR-US: intland codeBeamer
CVE-2020-26515 (An insufficiently protected credentials issue was discovered in Intlan ...)
	NOT-FOR-US: intland codeBeamer
CVE-2020-26514
	RESERVED
CVE-2020-26513 (An issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP ...)
	NOT-FOR-US: Intland codeBeamer ALM
CVE-2020-26512
	RESERVED
CVE-2020-26511 (The wpo365-login plugin before v11.7 for WordPress allows use of a sym ...)
	NOT-FOR-US: wpo365-login plugin for WordPress
CVE-2020-26510 (Airleader Master &lt;= 6.21 devices have default credentials that can  ...)
	NOT-FOR-US: Airleader Master
CVE-2020-26509 (Airleader Master and Easy &lt;= 6.21 devices have default credentials  ...)
	NOT-FOR-US: Airleader Master and Easy
CVE-2020-26508 (The WebTools component on Canon Oce ColorWave 3500 5.1.1.0 devices all ...)
	NOT-FOR-US: Canon devices
CVE-2020-26507 (A CSV Injection (also known as Formula Injection) vulnerability in the ...)
	NOT-FOR-US: Marmind web application
CVE-2020-26506 (An Authorization Bypass vulnerability in the Marmind web application w ...)
	NOT-FOR-US: Marmind web application
CVE-2020-26505 (A Stored Cross-Site Scripting (XSS) vulnerability in the &#8220;Marmin ...)
	NOT-FOR-US: Marmind web application
CVE-2020-26504
	RESERVED
CVE-2020-26503
	RESERVED
CVE-2020-26502
	RESERVED
CVE-2020-26501
	RESERVED
CVE-2020-26500
	RESERVED
CVE-2020-26499
	RESERVED
CVE-2020-26498
	RESERVED
CVE-2020-26497
	RESERVED
CVE-2020-26496
	RESERVED
CVE-2020-26495
	RESERVED
CVE-2020-26494
	RESERVED
CVE-2020-26493
	RESERVED
CVE-2020-26492
	RESERVED
CVE-2020-26491
	RESERVED
CVE-2020-26490
	RESERVED
CVE-2020-26489
	RESERVED
CVE-2020-26488
	RESERVED
CVE-2020-26487
	RESERVED
CVE-2020-26486
	RESERVED
CVE-2020-26485
	RESERVED
CVE-2020-26484
	RESERVED
CVE-2020-26483
	RESERVED
CVE-2020-26482
	RESERVED
CVE-2020-26481
	RESERVED
CVE-2020-26480
	RESERVED
CVE-2020-26479
	RESERVED
CVE-2020-26478
	RESERVED
CVE-2020-26477
	RESERVED
CVE-2020-26476
	RESERVED
CVE-2020-26475
	RESERVED
CVE-2020-26474
	RESERVED
CVE-2020-26473
	RESERVED
CVE-2020-26472
	RESERVED
CVE-2020-26471
	RESERVED
CVE-2020-26470
	RESERVED
CVE-2020-26469
	RESERVED
CVE-2020-26468
	RESERVED
CVE-2020-26467
	RESERVED
CVE-2020-26466
	RESERVED
CVE-2020-26465
	RESERVED
CVE-2020-26464
	RESERVED
CVE-2020-26463
	RESERVED
CVE-2020-26462
	RESERVED
CVE-2020-26461
	RESERVED
CVE-2020-26460
	RESERVED
CVE-2020-26459
	RESERVED
CVE-2020-26458
	RESERVED
CVE-2020-26457
	RESERVED
CVE-2020-26456
	RESERVED
CVE-2020-26455
	RESERVED
CVE-2020-26454
	RESERVED
CVE-2020-26453
	RESERVED
CVE-2020-26452
	RESERVED
CVE-2020-26451
	RESERVED
CVE-2020-26450
	RESERVED
CVE-2020-26449
	RESERVED
CVE-2020-26448
	RESERVED
CVE-2020-26447
	RESERVED
CVE-2020-26446
	RESERVED
CVE-2020-26445
	RESERVED
CVE-2020-26444
	RESERVED
CVE-2020-26443
	RESERVED
CVE-2020-26442
	RESERVED
CVE-2020-26441
	RESERVED
CVE-2020-26440
	RESERVED
CVE-2020-26439
	RESERVED
CVE-2020-26438
	RESERVED
CVE-2020-26437
	RESERVED
CVE-2020-26436
	RESERVED
CVE-2020-26435
	RESERVED
CVE-2020-26434
	RESERVED
CVE-2020-26433
	RESERVED
CVE-2020-26432
	RESERVED
CVE-2020-26431
	RESERVED
CVE-2020-26430
	RESERVED
CVE-2020-26429
	RESERVED
CVE-2020-26428
	RESERVED
CVE-2020-26427
	RESERVED
CVE-2020-26426
	RESERVED
CVE-2020-26425
	RESERVED
CVE-2020-26424
	RESERVED
CVE-2020-26423
	RESERVED
CVE-2020-26422 (Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows d ...)
	- wireshark <not-affected> (Vulnerable code never present in a released version)
	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17073
	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-20.html
CVE-2020-26421 (Crash in USB HID protocol dissector and possibly other dissectors in W ...)
	{DLA-2547-1}
	- wireshark 3.4.1-1
	[buster] - wireshark 2.6.20-0+deb10u1
	NOTE: https://gitlab.com/wireshark/wireshark/-/commit/d5f2657825e63e4126ebd7d13a59f3c6e8a9e4e1
	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/16958
	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-17.html
CVE-2020-26420 (Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to ...)
	- wireshark 3.4.1-1
	[buster] - wireshark <not-affected> (Vulnerable code was introduced in 3.2.0)
	[stretch] - wireshark <not-affected> (Vulnerable code was introduced in 3.2.0)
	NOTE: https://gitlab.com/wireshark/wireshark/-/commit/33e63d19e5496c151bad69f65cdbc7cba2b4c211
	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/16994
	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-18.html
CVE-2020-26419 (Memory leak in the dissection engine in Wireshark 3.4.0 allows denial  ...)
	- wireshark 3.4.1-1
	[buster] - wireshark <not-affected> (Vulnerable code was introduced in 3.4.0)
	[stretch] - wireshark <not-affected> (Vulnerable code was introduced in 3.4.0)
	NOTE: https://gitlab.com/wireshark/wireshark/-/commit/a9fc769d7bb4b491efb61c699d57c9f35269d871
	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17032
	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-19.html
CVE-2020-26418 (Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 t ...)
	{DLA-2547-1}
	- wireshark 3.4.1-1
	[buster] - wireshark 2.6.20-0+deb10u1
	NOTE: https://gitlab.com/wireshark/wireshark/-/commit/f4374967bbf9c12746b8ec3cd54dddada9dd353e
	NOTE: https://gitlab.com/wireshark/wireshark/-/commit/c7e6b798255e9d78d88abb84b951ca7815e0f880
	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/16739
	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-16.html
CVE-2020-26417 (Information disclosure via GraphQL in GitLab CE/EE 13.1 and later expo ...)
	- gitlab 13.4.7-1
CVE-2020-26416 (Information disclosure in Advanced Search component of GitLab EE start ...)
	- gitlab <not-affected> (Specific to EE)
CVE-2020-26415 (Information about the starred projects for private user profiles was e ...)
	- gitlab 13.4.7-1
CVE-2020-26414 (An issue has been discovered in GitLab affecting all versions starting ...)
	[experimental] - gitlab 13.5.6-1
	- gitlab <unfixed>
	NOTE: https://about.gitlab.com/releases/2021/01/07/security-release-gitlab-13-7-2-released/
CVE-2020-26413 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
	- gitlab 13.4.7-1
CVE-2020-26412 (Removed group members were able to use the To-Do functionality to retr ...)
	- gitlab <not-affected> (Specific to EE)
CVE-2020-26411 (A potential DOS vulnerability was discovered in all versions of Gitlab ...)
	- gitlab 13.4.7-1
	NOTE: https://about.gitlab.com/releases/2020/12/07/security-release-gitlab-13-6-2-released/
CVE-2020-26410
	RESERVED
CVE-2020-26409 (A DOS vulnerability exists in Gitlab CE/EE &gt;=10.3, &lt;13.4.7,&gt;= ...)
	- gitlab 13.4.7-1
	NOTE: https://about.gitlab.com/releases/2020/12/07/security-release-gitlab-13-6-2-released/
CVE-2020-26408 (A limited information disclosure vulnerability exists in Gitlab CE/EE  ...)
	- gitlab 13.4.7-1
	NOTE: https://about.gitlab.com/releases/2020/12/07/security-release-gitlab-13-6-2-released/
CVE-2020-26407 (A XSS vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13 ...)
	- gitlab 13.4.7-1
	NOTE: https://about.gitlab.com/releases/2020/12/07/security-release-gitlab-13-6-2-released/
CVE-2020-26406 (Certain SAST CiConfiguration information could be viewed by unauthoriz ...)
	- gitlab <not-affected> (Specific to EE)
CVE-2020-26405 (Path traversal vulnerability in package upload functionality in GitLab ...)
	- gitlab 13.3.9-1
	NOTE: https://about.gitlab.com/releases/2020/11/02/security-release-gitlab-13-5-2-released/
CVE-2020-26404
	RESERVED
CVE-2020-26403
	RESERVED
CVE-2020-26402
	RESERVED
CVE-2020-26401
	RESERVED
CVE-2020-26400
	RESERVED
CVE-2020-26399
	RESERVED
CVE-2020-26398
	RESERVED
CVE-2020-26397
	RESERVED
CVE-2020-26396
	RESERVED
CVE-2020-26395
	RESERVED
CVE-2020-26394
	RESERVED
CVE-2020-26393
	RESERVED
CVE-2020-26392
	RESERVED
CVE-2020-26391
	RESERVED
CVE-2020-26390
	RESERVED
CVE-2020-26389
	RESERVED
CVE-2020-26388
	RESERVED
CVE-2020-26387
	RESERVED
CVE-2020-26386
	RESERVED
CVE-2020-26385
	RESERVED
CVE-2020-26384
	RESERVED
CVE-2020-26383
	RESERVED
CVE-2020-26382
	RESERVED
CVE-2020-26381
	RESERVED
CVE-2020-26380
	RESERVED
CVE-2020-26379
	RESERVED
CVE-2020-26378
	RESERVED
CVE-2020-26377
	RESERVED
CVE-2020-26376
	RESERVED
CVE-2020-26375
	RESERVED
CVE-2020-26374
	RESERVED
CVE-2020-26373
	RESERVED
CVE-2020-26372
	RESERVED
CVE-2020-26371
	RESERVED
CVE-2020-26370
	RESERVED
CVE-2020-26369
	RESERVED
CVE-2020-26368
	RESERVED
CVE-2020-26367
	RESERVED
CVE-2020-26366
	RESERVED
CVE-2020-26365
	RESERVED
CVE-2020-26364
	RESERVED
CVE-2020-26363
	RESERVED
CVE-2020-26362
	RESERVED
CVE-2020-26361
	RESERVED
CVE-2020-26360
	RESERVED
CVE-2020-26359
	RESERVED
CVE-2020-26358
	RESERVED
CVE-2020-26357
	RESERVED
CVE-2020-26356
	RESERVED
CVE-2020-26355
	RESERVED
CVE-2020-26354
	RESERVED
CVE-2020-26353
	RESERVED
CVE-2020-26352
	RESERVED
CVE-2020-26351
	RESERVED
CVE-2020-26350
	RESERVED
CVE-2020-26349
	RESERVED
CVE-2020-26348
	RESERVED
CVE-2020-26347
	RESERVED
CVE-2020-26346
	RESERVED
CVE-2020-26345
	RESERVED
CVE-2020-26344
	RESERVED
CVE-2020-26343
	RESERVED
CVE-2020-26342
	RESERVED
CVE-2020-26341
	RESERVED
CVE-2020-26340
	RESERVED
CVE-2020-26339
	RESERVED
CVE-2020-26338
	RESERVED
CVE-2020-26337
	RESERVED
CVE-2020-26336
	RESERVED
CVE-2020-26335
	RESERVED
CVE-2020-26334
	RESERVED
CVE-2020-26333
	RESERVED
CVE-2020-26332
	RESERVED
CVE-2020-26331
	RESERVED
CVE-2020-26330
	RESERVED
CVE-2020-26329
	RESERVED
CVE-2020-26328
	RESERVED
CVE-2020-26327
	RESERVED
CVE-2020-26326
	RESERVED
CVE-2020-26325
	RESERVED
CVE-2020-26324
	RESERVED
CVE-2020-26323
	RESERVED
CVE-2020-26322
	RESERVED
CVE-2020-26321
	RESERVED
CVE-2020-26320
	RESERVED
CVE-2020-26319
	RESERVED
CVE-2020-26318
	RESERVED
CVE-2020-26317
	RESERVED
CVE-2020-26316
	RESERVED
CVE-2020-26315
	RESERVED
CVE-2020-26314
	RESERVED
CVE-2020-26313
	RESERVED
CVE-2020-26312
	RESERVED
CVE-2020-26311
	RESERVED
CVE-2020-26310
	RESERVED
CVE-2020-26309
	RESERVED
CVE-2020-26308
	RESERVED
CVE-2020-26307
	RESERVED
CVE-2020-26306
	RESERVED
CVE-2020-26305
	RESERVED
CVE-2020-26304
	RESERVED
CVE-2020-26303
	RESERVED
CVE-2020-26302
	RESERVED
CVE-2020-26301 (ssh2 is client and server modules written in pure JavaScript for node. ...)
	NOT-FOR-US: Node ssh2
CVE-2020-26300 (systeminformation is an npm package that provides system and OS inform ...)
	NOT-FOR-US: Node systeminformation
CVE-2020-26299 (ftp-srv is an open-source FTP server designed to be simple yet configu ...)
	NOT-FOR-US: Node ftp-srv
CVE-2020-26298 (Redcarpet is a Ruby library for Markdown processing. In Redcarpet befo ...)
	{DSA-4831-1 DLA-2526-1}
	- ruby-redcarpet 3.5.1-1 (bug #980057)
	NOTE: https://github.com/advisories/GHSA-q3wr-qw3g-3p4h
	NOTE: https://github.com/vmg/redcarpet/commit/a699c82292b17c8e6a62e1914d5eccc252272793
CVE-2020-26297 (mdBook is a utility to create modern online books from Markdown files  ...)
	NOT-FOR-US: mdBook
CVE-2020-26296 (Vega is a visualization grammar, a declarative format for creating, sa ...)
	- kibana <itp> (bug #700337)
	NOTE: https://discuss.elastic.co/t/elastic-stack-7-11-0-and-6-8-14-security-update/263915
CVE-2020-26295 (OpenMage is a community-driven alternative to Magento CE. In OpenMage  ...)
	NOT-FOR-US: OpenMage
CVE-2020-26294 (Vela is a Pipeline Automation (CI/CD) framework built on Linux contain ...)
	NOT-FOR-US: Vela
CVE-2020-26293 (HtmlSanitizer is a .NET library for cleaning HTML fragments and docume ...)
	NOT-FOR-US: HtmlSanitizer
CVE-2020-26292 (Creeper is an experimental dynamic, interpreted language. The binary r ...)
	NOT-FOR-US: Creeper
CVE-2020-26291 (URI.js is a javascript URL mutation library (npm package urijs). In UR ...)
	NOT-FOR-US: Node urijs
CVE-2020-26290 (Dex is a federated OpenID Connect provider written in Go. In Dex befor ...)
	NOT-FOR-US: Dex OIDC provider (differnet from src:dex)
CVE-2020-26289 (date-and-time is an npm package for manipulating date and time. In dat ...)
	NOT-FOR-US: Node date-and-time (different from src:node-date-time)
CVE-2020-26288 (Parse Server is an open source backend that can be deployed to any inf ...)
	NOT-FOR-US: Node parse-server
CVE-2020-26287 (HedgeDoc is a collaborative platform for writing and sharing markdown. ...)
	NOT-FOR-US: HedgeDoc
CVE-2020-26286 (HedgeDoc is a collaborative platform for writing and sharing markdown. ...)
	NOT-FOR-US: HedgeDoc
CVE-2020-26285 (OpenMage is a community-driven alternative to Magento CE. In OpenMage  ...)
	NOT-FOR-US: OpenMage
CVE-2020-26284 (Hugo is a fast and Flexible Static Site Generator built in Go. Hugo de ...)
	- hugo 0.79.1-1 (unimportant)
	NOTE: https://github.com/gohugoio/hugo/security/advisories/GHSA-8j34-9876-pvfq
CVE-2020-26283 (go-ipfs is an open-source golang implementation of IPFS which is a glo ...)
	- ipfs <itp> (bug #779893)
CVE-2020-26282 (BrowserUp Proxy allows you to manipulate HTTP requests and responses,  ...)
	NOT-FOR-US: BrowserUp Proxy
CVE-2020-26281 (async-h1 is an asynchronous HTTP/1.1 parser for Rust (crates.io). Ther ...)
	NOT-FOR-US: Rust async-h1
CVE-2020-26280 (OpenSlides is a free, Web-based presentation and assembly system for m ...)
	NOT-FOR-US: OpenSlides
CVE-2020-26279 (go-ipfs is an open-source golang implementation of IPFS which is a glo ...)
	- ipfs <itp> (bug #779893)
CVE-2020-26278 (Weave Net is open source software which creates a virtual network that ...)
	NOT-FOR-US: Weave Net
CVE-2020-26277 (DBdeployer is a tool that deploys MySQL database servers easily. In DB ...)
	NOT-FOR-US: DBdeployer
CVE-2020-26276 (Fleet is an open source osquery manager. In Fleet before version 3.5.1 ...)
	NOT-FOR-US: Fleet (osquery frontend)
CVE-2020-26275 (The Jupyter Server provides the backend (i.e. the core services, APIs, ...)
	- jupyter-server 1.1.1-1
	NOTE: https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-9f66-54xg-pc2c
CVE-2020-26274 (In systeminformation (npm package) before version 4.31.1 there is a co ...)
	NOT-FOR-US: Node systeminformation
CVE-2020-26273 (osquery is a SQL powered operating system instrumentation, monitoring, ...)
	- osquery <itp> (bug #803502)
CVE-2020-26272 (The Electron framework lets you write cross-platform desktop applicati ...)
	- electron <itp> (bug #842420)
CVE-2020-26271 (In affected versions of TensorFlow under certain cases, loading a save ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-26270 (In affected versions of TensorFlow running an LSTM/GRU model where the ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-26269 (In TensorFlow release candidate versions 2.4.0rc*, the general impleme ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-26268 (In affected versions of TensorFlow the tf.raw_ops.ImmutableConst opera ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-26267 (In affected versions of TensorFlow the tf.raw_ops.DataFormatVecPermute ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-26266 (In affected versions of TensorFlow under certain cases a saved model c ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-26265 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...)
	- golang-github-go-ethereum <itp> (bug #890541)
CVE-2020-26264 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...)
	- golang-github-go-ethereum <itp> (bug #890541)
CVE-2020-26263 (tlslite-ng is an open source python library that implements SSL and TL ...)
	- tlslite-ng <removed>
	[buster] - tlslite-ng <ignored> (Minor issue)
	[stretch] - tlslite-ng <postponed> (Timing attack issue; can be fixed in next DLA)
	NOTE: https://github.com/tlsfuzzer/tlslite-ng/security/advisories/GHSA-wvcv-832q-fjg7
	NOTE: https://github.com/tlsfuzzer/tlslite-ng/commit/c28d6d387bba59d8bd5cb3ba15edc42edf54b368
	NOTE: https://github.com/tlsfuzzer/tlslite-ng/pull/438
	NOTE: https://github.com/tlsfuzzer/tlslite-ng/pull/439
CVE-2020-26262 (Coturn is free open source implementation of TURN and STUN Server. Cot ...)
	{DSA-4829-1 DLA-2522-1}
	- coturn 4.5.2-1
	NOTE: https://github.com/coturn/coturn/security/advisories/GHSA-6g6j-r9rf-cm7p
	NOTE: https://github.com/coturn/coturn/commit/ff5e5478a3e1b426bad053828099403cfc5c1f5f
	NOTE: https://github.com/coturn/coturn/commit/af50d63a152cd9505d38f02bc552848748805e7b
	NOTE: https://github.com/coturn/coturn/commit/6c774b9fb8d9d76576ece10a6429172ed3800466
	NOTE: https://github.com/coturn/coturn/commit/560684c894498285f9e4271f3c924ebf01f36307
	NOTE: https://github.com/coturn/coturn/commit/649cbf966181846ecdd7847e4543dd287a78d295
	NOTE: https://github.com/coturn/coturn/commit/9c7deff4b8ed8c323c87b9ede75481bd6bc3154d
	NOTE: https://github.com/coturn/coturn/commit/dd0ffdb51a4cddaf1d6662079fa91f6f32bd26a8
	NOTE: https://github.com/coturn/coturn/commit/d84028b6dbc9eb7d3f8828ec37ae02a0963257b6
CVE-2020-26261 (jupyterhub-systemdspawner enables JupyterHub to spawn single-user note ...)
	NOT-FOR-US: jupyterhub-systemdspawner for JupyterHub
CVE-2020-26260 (BookStack is a platform for storing and organising information and doc ...)
	NOT-FOR-US: BookStack
CVE-2020-26259 (XStream is a Java library to serialize objects to XML and back again.  ...)
	{DSA-4828-1 DLA-2507-1}
	- libxstream-java 1.4.15-1 (bug #977624)
	NOTE: https://github.com/x-stream/xstream/security/advisories/GHSA-jfvx-7wrx-43fh
	NOTE: https://x-stream.github.io/CVE-2020-26259.html
CVE-2020-26258 (XStream is a Java library to serialize objects to XML and back again.  ...)
	{DSA-4828-1 DLA-2507-1}
	- libxstream-java 1.4.15-1 (bug #977625)
	NOTE: https://github.com/x-stream/xstream/security/advisories/GHSA-4cch-wxpw-8p28
	NOTE: https://x-stream.github.io/CVE-2020-26258.html
CVE-2020-26257 (Matrix is an ecosystem for open federated Instant Messaging and VoIP.  ...)
	- matrix-synapse 1.24.0-1
	NOTE: https://github.com/matrix-org/synapse/security/advisories/GHSA-hxmp-pqch-c8mm
	NOTE: https://github.com/matrix-org/synapse/pull/8776
	NOTE: https://github.com/matrix-org/synapse/commit/3ce2f303f15f6ac3dc352298972dc6e04d9b7a8b
CVE-2020-26256 (Fast-csv is an npm package for parsing and formatting CSVs or any othe ...)
	NOT-FOR-US: Node fast-csv
CVE-2020-26255 (Kirby is a CMS. In Kirby CMS (getkirby/cms) before version 3.4.5, and  ...)
	NOT-FOR-US: Kirby CMS
CVE-2020-26254 (omniauth-apple is the OmniAuth strategy for "Sign In with Apple" (Ruby ...)
	NOT-FOR-US: omniauth-apple
CVE-2020-26253 (Kirby is a CMS. In Kirby CMS (getkirby/cms) before version 3.3.6, and  ...)
	NOT-FOR-US: Kirby CMS
CVE-2020-26252 (OpenMage is a community-driven alternative to Magento CE. In OpenMage  ...)
	NOT-FOR-US: OpenMage
CVE-2020-26251 (Open Zaak is a modern, open-source data- and services-layer to enable  ...)
	NOT-FOR-US: Open Zaak
CVE-2020-26250 (OAuthenticator is an OAuth login mechanism for JupyterHub. In oauthent ...)
	NOT-FOR-US: JupyterHub login mechanism
CVE-2020-26249 (Red Discord Bot Dashboard is an easy-to-use interactive web dashboard  ...)
	NOT-FOR-US: Red Discord Bot Dashboard
CVE-2020-26248 (In the PrestaShop module "productcomments" before version 4.2.1, an at ...)
	NOT-FOR-US: PrestaShop module
CVE-2020-26247 (Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers wit ...)
	{DLA-2678-1}
	- ruby-nokogiri 1.11.1+dfsg-1 (low; bug #978967)
	[buster] - ruby-nokogiri <no-dsa> (Minor issue)
	NOTE: https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-vr8q-g5c7-m54m
	NOTE: https://github.com/sparklemotion/nokogiri/commit/9c87439d9afa14a365ff13e73adc809cb2c3d97b (v1.11.0.rc4)
CVE-2020-26246 (Pimcore is an open source digital experience platform. In Pimcore befo ...)
	NOT-FOR-US: Pimcore
CVE-2020-26245 (npm package systeminformation before version 4.30.5 is vulnerable to P ...)
	NOT-FOR-US: Node systeminformation
CVE-2020-26244 (Python oic is a Python OpenID Connect implementation. In Python oic be ...)
	NOT-FOR-US: Python oic
CVE-2020-26243 (Nanopb is a small code-size Protocol Buffers implementation. In Nanopb ...)
	- nanopb 0.4.4-1 (bug #975838)
	NOTE: https://github.com/nanopb/nanopb/security/advisories/GHSA-85rr-4rh9-hhwh
	NOTE: https://github.com/nanopb/nanopb/commit/edf6dcbffee4d614ac0c2c1b258ab95185bdb6e9 (0.4.4)
	NOTE: https://github.com/nanopb/nanopb/issues/615
CVE-2020-26242 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...)
	- golang-github-go-ethereum <itp> (bug #890541)
CVE-2020-26241 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...)
	- golang-github-go-ethereum <itp> (bug #890541)
CVE-2020-26240 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...)
	- golang-github-go-ethereum <itp> (bug #890541)
CVE-2020-26239 (Scratch Addons is a WebExtension that supports both Chrome and Firefox ...)
	NOT-FOR-US: Scratch Addons
CVE-2020-26238 (Cron-utils is a Java library to parse, validate, migrate crons as well ...)
	NOT-FOR-US: cron-utils Java library
CVE-2020-26237 (Highlight.js is a syntax highlighter written in JavaScript. Highlight. ...)
	{DLA-2511-1}
	- highlight.js 9.18.1+dfsg1-3 (bug #976446)
	[buster] - highlight.js 9.12.0+dfsg1-4+deb10u1
	NOTE: https://github.com/highlightjs/highlight.js/security/advisories/GHSA-vfrc-7r7c-w9mx
	NOTE: https://github.com/highlightjs/highlight.js/pull/2636
	NOTE: https://github.com/highlightjs/highlight.js/commit/7241013ae011a585983e176ddc0489a7a52f6bb0
CVE-2020-26236 (In ScratchVerifier before commit a603769, an attacker can hijack the v ...)
	NOT-FOR-US: ScratchVerifier
CVE-2020-26234 (Opencast before versions 8.9 and 7.9 disables HTTPS hostname verificat ...)
	NOT-FOR-US: Opencast
CVE-2020-26233 (Git Credential Manager Core (GCM Core) is a secure Git credential help ...)
	NOT-FOR-US: Git Credential Manager
CVE-2020-26232 (Jupyter Server before version 1.0.6 has an Open redirect vulnerability ...)
	- jupyter-server 1.0.7-1
	NOTE: https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-grfj-wjv9-4f9v
	NOTE: https://github.com/jupyter-server/jupyter_server/commit/61ab548bf9186ab7323d8fa7bd0e12ae23555a28 (1.0.6)
CVE-2020-26231 (October is a free, open-source, self-hosted CMS platform based on the  ...)
	NOT-FOR-US: October CMS
CVE-2020-26230 (Radar COVID is the official COVID-19 exposure notification app for Spa ...)
	NOT-FOR-US: Radar COVID
CVE-2020-26229 (TYPO3 is an open source PHP based web content management system. In TY ...)
	NOT-FOR-US: TYPO3
CVE-2020-26228 (TYPO3 is an open source PHP based web content management system. In TY ...)
	NOT-FOR-US: TYPO3
CVE-2020-26227 (TYPO3 is an open source PHP based web content management system. In TY ...)
	NOT-FOR-US: TYPO3
CVE-2020-26226 (In the npm package semantic-release before version 17.2.3, secrets tha ...)
	NOT-FOR-US: semantic-release nodejs module
CVE-2020-26225 (In PrestaShop Product Comments before version 4.2.0, an attacker could ...)
	NOT-FOR-US: PrestaShop
CVE-2020-26224 (In PrestaShop before version 1.7.6.9 an attacker is able to list all t ...)
	NOT-FOR-US: PrestaShop
CVE-2020-26223 (Spree is a complete open source e-commerce solution built with Ruby on ...)
	NOT-FOR-US: Spree
CVE-2020-26222 (Dependabot is a set of packages for automated dependency management fo ...)
	NOT-FOR-US: Dependabot
CVE-2020-26221 (touchbase.ai before version 2.0 is vulnerable to Cross-Site Scripting  ...)
	NOT-FOR-US: touchbase.ai
CVE-2020-26220 (toucbase.ai before version 2.0 leaks information by not stripping exif ...)
	NOT-FOR-US: touchbase.ai
CVE-2020-26219 (touchbase.ai before version 2.0 is vulnerable to Open Redirect. Impact ...)
	NOT-FOR-US: touchbase.ai
CVE-2020-26218 (touchbase.ai before version 2.0 is vulnerable to Cross-Site Scripting. ...)
	NOT-FOR-US: touchbase.ai
CVE-2020-26217 (XStream before version 1.4.14 is vulnerable to Remote Code Execution.T ...)
	{DSA-4811-1 DLA-2471-1}
	- libxstream-java 1.4.14-1
	NOTE: https://x-stream.github.io/CVE-2020-26217.html
	NOTE: https://github.com/x-stream/xstream/security/advisories/GHSA-mw36-7c6c-q4q2
	NOTE: https://github.com/x-stream/xstream/commit/0fec095d534126931c99fd38e9c6d41f5c685c1a
CVE-2020-26216 (TYPO3 Fluid before versions 2.0.8, 2.1.7, 2.2.4, 2.3.7, 2.4.4, 2.5.11  ...)
	NOT-FOR-US: TYPO3 Fluid
CVE-2020-26215 (Jupyter Notebook before version 6.1.5 has an Open redirect vulnerabili ...)
	{DLA-2477-1}
	- jupyter-notebook 6.1.5-1
	[buster] - jupyter-notebook <no-dsa> (Minor issue)
	NOTE: https://github.com/jupyter/notebook/security/advisories/GHSA-c7vm-f5p4-8fqh
	NOTE: https://github.com/jupyter/notebook/commit/2e1c56b0c4a903606d4a2eb13e32409296b9799d
CVE-2020-26214 (In Alerta before version 8.1.0, users may be able to bypass LDAP authe ...)
	NOT-FOR-US: Alerta
CVE-2020-26213 (In teler before version 0.0.1, if you run teler inside a Docker contai ...)
	NOT-FOR-US: Alerta
CVE-2020-26212 (GLPI stands for Gestionnaire Libre de Parc Informatique and it is a Fr ...)
	- glpi <removed>
CVE-2020-26211 (In BookStack before version 0.30.4, a user with permissions to edit a  ...)
	NOT-FOR-US: BookStack app
CVE-2020-26210 (In BookStack before version 0.30.4, a user with permissions to edit a  ...)
	NOT-FOR-US: BookStack app
CVE-2020-26209
	RESERVED
CVE-2020-26208 (JHEAD is a simple command line tool for displaying and some manipulati ...)
	- jhead 1:3.04-6 (bug #972617; unimportant)
	NOTE: https://github.com/Matthias-Wandel/jhead/commit/5186ddcf9e35a7aa0ff0539489a930434a1325f4
	NOTE: https://github.com/Matthias-Wandel/jhead/issues/7
	NOTE: https://sources.debian.org/src/jhead/1%3A3.04-6/debian/patches/allocate-extra.patch/
	NOTE: Crash in CLI tool, no security impact
CVE-2020-26207 (DatabaseSchemaViewer before version 2.7.4.3 is vulnerable to arbitrary ...)
	NOT-FOR-US: DatabaseSchemaViewer
CVE-2020-26206
	RESERVED
CVE-2020-26205 (Sal is a multi-tenanted reporting dashboard for Munki with the ability ...)
	NOT-FOR-US: Sal
CVE-2020-26204
	RESERVED
CVE-2020-26203
	RESERVED
CVE-2020-26202
	RESERVED
CVE-2020-26201 (Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak pass ...)
	NOT-FOR-US: Askey
CVE-2020-26200 (A component of Kaspersky custom boot loader allowed loading of untrust ...)
	NOT-FOR-US: Kaspersky products
CVE-2020-26199 (Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 ...)
	NOT-FOR-US: EMC
CVE-2020-26198 (Dell EMC iDRAC9 versions prior to 4.32.10.00 and 4.40.00.00 contain a  ...)
	NOT-FOR-US: EMC
CVE-2020-26197 (Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inabilit ...)
	NOT-FOR-US: Dell PowerScale OneFS
CVE-2020-26196 (Dell EMC PowerScale OneFS versions 8.1.0-9.1.0 contain a Backup/Restor ...)
	NOT-FOR-US: EMC
CVE-2020-26195 (Dell EMC PowerScale OneFS versions 8.1.2 &#8211; 9.1.0 contain an issu ...)
	NOT-FOR-US: EMC
CVE-2020-26194 (Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2 contain an Incorrec ...)
	NOT-FOR-US: EMC
CVE-2020-26193 (Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper i ...)
	NOT-FOR-US: EMC
CVE-2020-26192 (Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege e ...)
	NOT-FOR-US: EMC
CVE-2020-26191 (Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain a privilege e ...)
	NOT-FOR-US: EMC
CVE-2020-26190
	RESERVED
CVE-2020-26189
	RESERVED
CVE-2020-26188
	RESERVED
CVE-2020-26187
	RESERVED
CVE-2020-26186 (Dell Inspiron 5675 BIOS versions prior to 1.4.1 contain a UEFI BIOS Ru ...)
	NOT-FOR-US: Dell Inspiron 5675 BIOS
CVE-2020-26185
	RESERVED
CVE-2020-26184
	RESERVED
CVE-2020-26183 (Dell EMC NetWorker versions prior to 19.3.0.2 contain an improper auth ...)
	NOT-FOR-US: EMC
CVE-2020-26182 (Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect pri ...)
	NOT-FOR-US: EMC
CVE-2020-26181 (Dell EMC Isilon OneFS versions 8.1 and later and Dell EMC PowerScale O ...)
	NOT-FOR-US: EMC
CVE-2020-26180 (Dell EMC Isilon OneFS supported versions 8.1 and later and Dell EMC Po ...)
	NOT-FOR-US: EMC
CVE-2020-26179
	RESERVED
CVE-2020-26178 (In tangro Business Workflow before 1.18.1, knowing an attachment ID, i ...)
	NOT-FOR-US: tangro Business Workflow
CVE-2020-26177 (In tangro Business Workflow before 1.18.1, a user's profile contains s ...)
	NOT-FOR-US: tangro Business Workflow
CVE-2020-26176 (An issue was discovered in tangro Business Workflow before 1.18.1. No  ...)
	NOT-FOR-US: tangro Business Workflow
CVE-2020-26175 (In tangro Business Workflow before 1.18.1, an attacker can manipulate  ...)
	NOT-FOR-US: tangro Business Workflow
CVE-2020-26174 (tangro Business Workflow before 1.18.1 requests a list of allowed file ...)
	NOT-FOR-US: tangro Business Workflow
CVE-2020-26173 (An incorrect access control implementation in Tangro Business Workflow ...)
	NOT-FOR-US: tangro Business Workflow
CVE-2020-26172 (Every login in tangro Business Workflow before 1.18.1 generates the sa ...)
	NOT-FOR-US: tangro Business Workflow
CVE-2020-26171 (In tangro Business Workflow before 1.18.1, the documentId of attachmen ...)
	NOT-FOR-US: tangro Business Workflow
CVE-2020-26170
	RESERVED
CVE-2020-26169
	RESERVED
CVE-2020-26168 (The LDAP authentication method in LdapLoginModule in Hazelcast IMDG En ...)
	NOT-FOR-US: Hazelcast
CVE-2020-26167 (In FUEL CMS 11.4.12 and before, the page preview feature allows an ano ...)
	NOT-FOR-US: FUEL CMS
CVE-2020-26166 (The file upload functionality in qdPM 9.1 doesn't check the file descr ...)
	NOT-FOR-US: qdPM
CVE-2020-26165 (qdPM through 9.1 allows PHP Object Injection via timeReportActions::ex ...)
	NOT-FOR-US: qdPM
CVE-2020-26164 (In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the ...)
	- kdeconnect 20.08.2-1 (bug #971736)
	[buster] - kdeconnect <no-dsa> (Minor issue)
	[stretch] - kdeconnect <no-dsa> (Minor issue)
	NOTE: https://kde.org/info/security/advisory-20201002-1.txt
	NOTE: https://invent.kde.org/network/kdeconnect-kde/-/commit/f183b5447bad47655c21af87214579f03bf3a163
	NOTE: https://invent.kde.org/network/kdeconnect-kde/-/commit/b279c52101d3f7cc30a26086d58de0b5f1c547fa
	NOTE: https://invent.kde.org/network/kdeconnect-kde/-/commit/d35b88c1b25fe13715f9170f18674d476ca9acdc
	NOTE: https://invent.kde.org/network/kdeconnect-kde/-/commit/b496e66899e5bc9547b6537a7f44ab44dd0aaf38
	NOTE: https://invent.kde.org/network/kdeconnect-kde/-/commit/5310eae85dbdf92fba30375238a2481f2e34943e
	NOTE: https://invent.kde.org/network/kdeconnect-kde/-/commit/721ba9faafb79aac73973410ee1dd3624ded97a5
	NOTE: https://invent.kde.org/network/kdeconnect-kde/-/commit/ae58b9dec49c809b85b5404cee17946116f8a706
	NOTE: https://invent.kde.org/network/kdeconnect-kde/-/commit/66c768aa9e7fba30b119c8b801efd49ed1270b0a
	NOTE: https://invent.kde.org/network/kdeconnect-kde/-/commit/85b691e40f525e22ca5cc4ebe79c361d71d7dc05
	NOTE: https://invent.kde.org/network/kdeconnect-kde/-/commit/48180b46552d40729a36b7431e97bbe2b5379306
	NOTE: https://www.openwall.com/lists/oss-security/2020/10/13/4
CVE-2020-26163 (BigBlueButton Greenlight before 2.5.6 allows HTTP header (Host and Ori ...)
	NOT-FOR-US: BigBlueButton Greenlight
CVE-2020-26162 (Xerox WorkCentre EC7836 before 073.050.059.25300 and EC7856 before 073 ...)
	NOT-FOR-US: Xerox
CVE-2020-26161 (In Octopus Deploy through 2020.4.2, an attacker could redirect users t ...)
	NOT-FOR-US: Octopus Deploy
CVE-2020-26160 (jwt-go before 4.0.0-preview1 allows attackers to bypass intended acces ...)
	- golang-github-dgrijalva-jwt-go 3.2.0-3 (bug #971556)
	[buster] - golang-github-dgrijalva-jwt-go <not-affected> (vulnerable code not present until version 3.0.0)
	[stretch] - golang-github-dgrijalva-jwt-go <not-affected> (vulnerable code not present until version 3.0.0)
	NOTE: https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515
	NOTE: https://github.com/dgrijalva/jwt-go/issues/422
	NOTE: https://github.com/dgrijalva/jwt-go/pull/286
CVE-2020-26159
	REJECTED
CVE-2020-26158 (Leanote Desktop through 2.6.2 allows XSS because a note's title is mis ...)
	NOT-FOR-US: Leanote Desktop
CVE-2020-26157 (Leanote Desktop through 2.6.2 allows XSS because a note's title is mis ...)
	NOT-FOR-US: Leanote Desktop
CVE-2020-26156
	REJECTED
CVE-2020-26155 (Multiple files and folders in Utimaco SecurityServer 4.20.0.4 and 4.31 ...)
	NOT-FOR-US: Utimaco SecurityServer
CVE-2020-26153 (A cross-site scripting (XSS) vulnerability in wp-content/plugins/event ...)
	NOT-FOR-US: Event Espresso Core plugin for WordPress
CVE-2020-26152
	RESERVED
CVE-2020-26151
	RESERVED
CVE-2020-26150 (info.php in Logaritmo Aware CallManager 2012 allows remote attackers t ...)
	NOT-FOR-US: Logaritmo Aware CallManager 2012
CVE-2020-26149 (NATS nats.js before 2.0.0-209, nats.ws before 1.0.0-111, and nats.deno ...)
	NOT-FOR-US: nats.js
CVE-2020-26154 (url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when  ...)
	{DSA-4800-1 DLA-2450-1}
	- libproxy 0.4.15-15 (bug #968366)
	NOTE: https://github.com/libproxy/libproxy/pull/126
	NOTE: https://github.com/libproxy/libproxy/commit/4411b523545b22022b4be7d0cac25aa170ae1d3e
CVE-2020-26148 (md_push_block_bytes in md4c.c in md4c 0.4.5 allows attackers to trigge ...)
	- md4c 0.4.5-2 (bug #971396)
	NOTE: https://github.com/mity/md4c/issues/130
	NOTE: https://github.com/mity/md4c/commit/22ca89a3008966c4316d6b0a158b1a49f9038df0
CVE-2020-26147 (An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, ...)
	{DLA-2690-1 DLA-2689-1}
	- linux 5.10.46-1
	[buster] - linux 4.19.194-1
	NOTE: https://papers.mathyvanhoef.com/usenix2021.pdf
	NOTE: https://www.fragattacks.com/
	NOTE: https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/
	NOTE: https://lore.kernel.org/linux-wireless/20210511200110.30c4394bb835.I5acfdb552cc1d20c339c262315950b3eac491397@changeid/
CVE-2020-26146 (An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The  ...)
	NOT-FOR-US: Samsung
CVE-2020-26145 (An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The  ...)
	- linux 5.10.46-1
	NOTE: https://papers.mathyvanhoef.com/usenix2021.pdf
	NOTE: https://www.fragattacks.com/
	NOTE: https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/
	NOTE: https://lore.kernel.org/linux-wireless/20210511200110.5a0bd289bda8.Idd6ebea20038fb1cfee6de924aa595e5647c9eae@changeid/
	NOTE: https://lore.kernel.org/linux-wireless/20210511200110.9ca6ca7945a9.I1e18b514590af17c155bda86699bc3a971a8dcf4@changeid/
CVE-2020-26144 (An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The  ...)
	NOT-FOR-US: Samsung
CVE-2020-26143 (An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for  ...)
	- linux <undetermined>
	NOTE: https://papers.mathyvanhoef.com/usenix2021.pdf
	NOTE: https://www.fragattacks.com/
	NOTE: https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/
CVE-2020-26142 (An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WP ...)
	- linux <undetermined>
	NOTE: https://papers.mathyvanhoef.com/usenix2021.pdf
	NOTE: https://www.fragattacks.com/
	NOTE: https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/
CVE-2020-26141 (An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for  ...)
	- linux 5.10.46-1
	NOTE: https://papers.mathyvanhoef.com/usenix2021.pdf
	NOTE: https://www.fragattacks.com/
	NOTE: https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/
	NOTE: https://lore.kernel.org/linux-wireless/20210511200110.c3f1d42c6746.I795593fcaae941c471425b8c7d5f7bb185d29142@changeid/
CVE-2020-26140 (An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for  ...)
	- linux <undetermined>
	NOTE: https://papers.mathyvanhoef.com/usenix2021.pdf
	NOTE: https://www.fragattacks.com/
	NOTE: https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/
CVE-2020-26139 (An issue was discovered in the kernel in NetBSD 7.1. An Access Point ( ...)
	{DLA-2690-1 DLA-2689-1}
	- linux 5.10.46-1
	[buster] - linux 4.19.194-1
	NOTE: https://papers.mathyvanhoef.com/usenix2021.pdf
	NOTE: https://www.fragattacks.com/
	NOTE: https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/
	NOTE: https://lore.kernel.org/linux-wireless/20210511200110.cb327ed0cabe.Ib7dcffa2a31f0913d660de65ba3c8aca75b1d10f@changeid/
CVE-2020-26138 (In SilverStripe through 4.6.0-rc1, a FormField with square brackets in ...)
	NOT-FOR-US: SilverStripe
CVE-2020-26137 (urllib3 before 1.25.9 allows CRLF injection if the attacker controls t ...)
	{DLA-2686-1}
	- python-urllib3 1.25.9-1
	[buster] - python-urllib3 <no-dsa> (Minor issue)
	NOTE: https://bugs.python.org/issue39603
	NOTE: https://github.com/urllib3/urllib3/commit/1dd69c5c5982fae7c87a620d487c2ebf7a6b436b (1.25.9)
	NOTE: https://github.com/urllib3/urllib3/pull/1800
CVE-2020-26136 (In SilverStripe through 4.6.0-rc1, GraphQL doesn't honour MFA (multi-f ...)
	NOT-FOR-US: Silverstripe CMS
CVE-2020-26135 (Live Helper Chat before 3.44v allows reflected XSS via the setsettinga ...)
	NOT-FOR-US: Live Helper Chat
CVE-2020-26134 (Live Helper Chat before 3.44v allows stored XSS in chat messages with  ...)
	NOT-FOR-US: Live Helper Chat
CVE-2020-26133 (An issue was discovered in Dual DHCP DNS Server 7.40. Due to insuffici ...)
	NOT-FOR-US: Dual DHCP DNS Server
CVE-2020-26132 (An issue was discovered in Home DNS Server 0.10. Due to insufficient a ...)
	NOT-FOR-US: Home DNS Server
CVE-2020-26131 (Issues were discovered in Open DHCP Server (Regular) 1.75 and Open DHC ...)
	NOT-FOR-US: Open DHCP Server
CVE-2020-26130 (Issues were discovered in Open TFTP Server multithreaded 1.66 and Open ...)
	NOT-FOR-US: Open TFTP Server
CVE-2020-26129 (In JetBrains Ktor before 1.4.1, HTTP request smuggling was possible. ...)
	NOT-FOR-US: JetBrains
CVE-2020-26128
	RESERVED
CVE-2020-26127
	RESERVED
CVE-2020-26126
	RESERVED
CVE-2020-26125
	RESERVED
CVE-2020-26124 (openmediavault before 4.1.36 and 5.x before 5.5.12 allows authenticate ...)
	NOT-FOR-US: openmediavault
CVE-2020-26123
	RESERVED
CVE-2020-26122 (Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remot ...)
	NOT-FOR-US: Inspur NF5266M5
CVE-2020-26121 (An issue was discovered in the FileImporter extension for MediaWiki be ...)
	NOT-FOR-US: FileImporter MediaWiki extension
CVE-2020-26120 (XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 ...)
	NOT-FOR-US: MobileFrontend MediaWiki extension
CVE-2020-26119
	RESERVED
CVE-2020-26118 (In SmartBear Collaborator Server through 13.3.13302, use of the Google ...)
	NOT-FOR-US: SmartBear Collaborator Server
CVE-2020-26117 (In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1 ...)
	{DLA-2396-1}
	- tigervnc 1.10.1+dfsg-9 (bug #971272)
	[buster] - tigervnc 1.9.0+dfsg-3+deb10u3
	NOTE: https://bugzilla.opensuse.org/show_bug.cgi?id=1176733
	NOTE: https://github.com/TigerVNC/tigervnc/commit/20dea801e747318525a5859fe4f37c52b05310cb (v1.11.0)
	NOTE: https://github.com/TigerVNC/tigervnc/commit/7399eab79a4365434d26494fa1628ce1eb91562b (v1.11.0)
	NOTE: https://github.com/TigerVNC/tigervnc/commit/b30f10c681ec87720cff85d490f67098568a9cba (master)
	NOTE: https://github.com/TigerVNC/tigervnc/commit/f029745f63ac7d22fb91639b2cb5b3ab56134d6e (master)
CVE-2020-26116 (http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x be ...)
	{DLA-2456-1}
	- python3.9 3.9.0~b5-1
	- python3.8 3.8.5-1
	- python3.7 <removed>
	[buster] - python3.7 3.7.3-2+deb10u3
	- python3.5 <removed>
	NOTE: https://bugs.python.org/issue39603
	NOTE: https://python-security.readthedocs.io/vuln/http-header-injection-method.html
	NOTE: https://github.com/python/cpython/commit/8ca8a2e8fb068863c1138f07e3098478ef8be12e (master)
	NOTE: https://github.com/python/cpython/commit/27b811057ff5e93b68798e278c88358123efdc71 (v3.9.0b5)
	NOTE: https://github.com/python/cpython/commit/668d321476d974c4f51476b33aaca870272523bf (v3.8.5)
	NOTE: https://github.com/python/cpython/commit/ca75fec1ed358f7324272608ca952b2d8226d11a (v3.7.9)
	NOTE: https://github.com/python/cpython/commit/f02de961b9f19a5db0ead56305fe0057a78787ae (v3.6.12)
	NOTE: https://github.com/python/cpython/commit/524b8de630036a29ca340bc2ae6fd6dc7dda8f40 (v3.5.10)
CVE-2020-26115 (cPanel before 90.0.10 allows self XSS via the Cron Editor interface (S ...)
	NOT-FOR-US: cPanel
CVE-2020-26114 (cPanel before 90.0.10 allows self XSS via the Cron Jobs interface (SEC ...)
	NOT-FOR-US: cPanel
CVE-2020-26113 (cPanel before 90.0.10 allows self XSS via WHM Manage API Tokens interf ...)
	NOT-FOR-US: cPanel
CVE-2020-26112 (The email quota cache in cPanel before 90.0.10 allows overwriting of f ...)
	NOT-FOR-US: cPanel
CVE-2020-26111 (cPanel before 90.0.10 allows self XSS via the WHM Edit DNS Zone interf ...)
	NOT-FOR-US: cPanel
CVE-2020-26110 (cPanel before 88.0.13 allows self XSS via DNS Zone Manager DNSSEC inte ...)
	NOT-FOR-US: cPanel
CVE-2020-26109 (cPanel before 88.0.13 allows bypass of a protection mechanism that att ...)
	NOT-FOR-US: cPanel
CVE-2020-26108 (cPanel before 88.0.13 mishandles file-extension dispatching, leading t ...)
	NOT-FOR-US: cPanel
CVE-2020-26107 (cPanel before 88.0.3, upon an upgrade, establishes predictable PowerDN ...)
	NOT-FOR-US: cPanel
CVE-2020-26106 (cPanel before 88.0.3 has weak permissions (world readable) for the pro ...)
	NOT-FOR-US: cPanel
CVE-2020-26105 (In cPanel before 88.0.3, insecure chkservd test credentials are used o ...)
	NOT-FOR-US: cPanel
CVE-2020-26104 (In cPanel before 88.0.3, an insecure SRS secret is used on a templated ...)
	NOT-FOR-US: cPanel
CVE-2020-26103 (In cPanel before 88.0.3, an insecure site password is used for Mailman ...)
	NOT-FOR-US: cPanel
CVE-2020-26102 (In cPanel before 88.0.3, an insecure auth policy API key is used by Do ...)
	NOT-FOR-US: cPanel
CVE-2020-26101 (In cPanel before 88.0.3, insecure RNDC credentials are used for BIND o ...)
	NOT-FOR-US: cPanel
CVE-2020-26100 (chsh in cPanel before 88.0.3 allows a Jailshell escape (SEC-497). ...)
	NOT-FOR-US: cPanel
CVE-2020-26099 (cPanel before 88.0.3 allows attackers to bypass the SMTP greylisting p ...)
	NOT-FOR-US: cPanel
CVE-2020-26098 (cPanel before 88.0.3 mishandles the Exim filter path, leading to remot ...)
	NOT-FOR-US: cPanel
CVE-2020-26097 (** UNSUPPORTED WHEN ASSIGNED ** The firmware of the PLANET Technology  ...)
	NOT-FOR-US: PLANET Technology Corp NVR-915 and NVR-1615
CVE-2020-26096
	RESERVED
CVE-2020-26095
	RESERVED
CVE-2020-26094
	RESERVED
CVE-2020-26093
	RESERVED
CVE-2020-26092
	RESERVED
CVE-2020-26091
	RESERVED
CVE-2020-26090
	RESERVED
CVE-2020-26089
	RESERVED
CVE-2020-26087
	RESERVED
CVE-2020-26086 (A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence ...)
	NOT-FOR-US: Cisco
CVE-2020-26085 (Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS ...)
	NOT-FOR-US: Cisco
CVE-2020-26084 (A vulnerability in the REST API of Cisco Edge Fog Fabric could allow a ...)
	NOT-FOR-US: Cisco
CVE-2020-26083 (A vulnerability in the web-based management interface of Cisco Identit ...)
	NOT-FOR-US: Cisco
CVE-2020-26082
	RESERVED
CVE-2020-26081 (Multiple vulnerabilities in the web UI of Cisco IoT Field Network Dire ...)
	NOT-FOR-US: Cisco
CVE-2020-26080 (A vulnerability in the user management functionality of Cisco IoT Fiel ...)
	NOT-FOR-US: Cisco
CVE-2020-26079 (A vulnerability in the web UI of Cisco IoT Field Network Director (FND ...)
	NOT-FOR-US: Cisco
CVE-2020-26078 (A vulnerability in the file system of Cisco IoT Field Network Director ...)
	NOT-FOR-US: Cisco
CVE-2020-26077 (A vulnerability in the access control functionality of Cisco IoT Field ...)
	NOT-FOR-US: Cisco
CVE-2020-26076 (A vulnerability in Cisco IoT Field Network Director (FND) could allow  ...)
	NOT-FOR-US: Cisco
CVE-2020-26075 (A vulnerability in the REST API of Cisco IoT Field Network Director (F ...)
	NOT-FOR-US: Cisco
CVE-2020-26074
	RESERVED
CVE-2020-26073
	RESERVED
CVE-2020-26072 (A vulnerability in the SOAP API of Cisco IoT Field Network Director (F ...)
	NOT-FOR-US: Cisco
CVE-2020-26071
	RESERVED
CVE-2020-26070 (A vulnerability in the ingress packet processing function of Cisco IOS ...)
	NOT-FOR-US: Cisco
CVE-2020-26069
	RESERVED
CVE-2020-26068 (A vulnerability in the xAPI service of Cisco Telepresence CE Software  ...)
	NOT-FOR-US: Cisco
CVE-2020-26067
	RESERVED
CVE-2020-26066
	RESERVED
CVE-2020-26065
	RESERVED
CVE-2020-26064
	RESERVED
CVE-2020-26063
	RESERVED
CVE-2020-26062
	RESERVED
CVE-2020-26088 (A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock. ...)
	{DLA-2420-1 DLA-2385-1}
	- linux 5.7.17-1
	[buster] - linux 4.19.146-1
	NOTE: https://git.kernel.org/linus/26896f01467a28651f7a536143fe5ac8449d4041
CVE-2020-26061 (ClickStudios Passwordstate Password Reset Portal prior to build 8501 i ...)
	NOT-FOR-US: ClickStudios Passwordstate Password Reset Portal
CVE-2020-26060
	RESERVED
CVE-2020-26059
	RESERVED
CVE-2020-26058
	RESERVED
CVE-2020-26057
	RESERVED
CVE-2020-26056
	RESERVED
CVE-2020-26055
	RESERVED
CVE-2020-26054
	RESERVED
CVE-2020-26053
	REJECTED
CVE-2020-26052 (Online Marriage Registration System 1.0 is affected by stored cross-si ...)
	NOT-FOR-US: Online Marriage Registration System
CVE-2020-26051 (College Management System Php 1.0 suffers from SQL injection vulnerabi ...)
	NOT-FOR-US: College Management System Php
CVE-2020-26050 (SaferVPN for Windows Ver 5.0.3.3 through 5.0.4.15 could allow local pr ...)
	NOT-FOR-US: SaferVPN for Windows
CVE-2020-26049 (Nifty-PM CPE 2.3 is affected by stored HTML injection. The impact is r ...)
	NOT-FOR-US: Nifty-PM CPE
CVE-2020-26048 (The file manager option in CuppaCMS before 2019-11-12 allows an authen ...)
	NOT-FOR-US: CuppaCMS
CVE-2020-26047
	RESERVED
CVE-2020-26046 (FUEL CMS 1.4.11 has stored XSS in Blocks/Navigation/Site variables. Th ...)
	NOT-FOR-US: FUEL CMS
CVE-2020-26045 (FUEL CMS 1.4.11 allows SQL Injection via parameter 'name' in /fuel/per ...)
	NOT-FOR-US: FUEL CMS
CVE-2020-26044
	RESERVED
CVE-2020-26043 (An issue was discovered in Hoosk CMS v1.8.0. There is a XSS vulnerabil ...)
	NOT-FOR-US: Hoosk CMS
CVE-2020-26042 (An issue was discovered in Hoosk CMS v1.8.0. There is a SQL injection  ...)
	NOT-FOR-US: Hoosk CMS
CVE-2020-26041 (An issue was discovered in Hoosk CmS v1.8.0. There is an Remote Code E ...)
	NOT-FOR-US: Hoosk CMS
CVE-2020-26040
	RESERVED
CVE-2020-26039
	RESERVED
CVE-2020-26038
	RESERVED
CVE-2020-26037
	RESERVED
CVE-2020-26036
	RESERVED
CVE-2020-26035 (An issue was discovered in Zammad before 3.4.1. There is Stored XSS vi ...)
	- zammad <itp> (bug #841355)
CVE-2020-26034 (An account-enumeration issue was discovered in Zammad before 3.4.1. Th ...)
	- zammad <itp> (bug #841355)
CVE-2020-26033 (An issue was discovered in Zammad before 3.4.1. The Tag and Link REST  ...)
	- zammad <itp> (bug #841355)
CVE-2020-26032 (An SSRF issue was discovered in Zammad before 3.4.1. The SMS configura ...)
	- zammad <itp> (bug #841355)
CVE-2020-26031 (An issue was discovered in Zammad before 3.4.1. The global-search feat ...)
	- zammad <itp> (bug #841355)
CVE-2020-26030 (An issue was discovered in Zammad before 3.4.1. There is an authentica ...)
	- zammad <itp> (bug #841355)
CVE-2020-26029 (An issue was discovered in Zammad before 3.4.1. There are wrong author ...)
	- zammad <itp> (bug #841355)
CVE-2020-26028 (An issue was discovered in Zammad before 3.4.1. Admin Users without a  ...)
	- zammad <itp> (bug #841355)
CVE-2020-26027
	RESERVED
CVE-2020-26026
	RESERVED
CVE-2020-26025
	RESERVED
CVE-2020-26024
	RESERVED
CVE-2020-26023
	RESERVED
CVE-2020-26022
	RESERVED
CVE-2020-26021
	RESERVED
CVE-2020-26020
	RESERVED
CVE-2020-26019
	RESERVED
CVE-2020-26018
	RESERVED
CVE-2020-26017
	RESERVED
CVE-2020-26016
	RESERVED
CVE-2020-26015
	RESERVED
CVE-2020-26014
	RESERVED
CVE-2020-26013
	RESERVED
CVE-2020-26012
	RESERVED
CVE-2020-26011
	RESERVED
CVE-2020-26010
	RESERVED
CVE-2020-26009
	RESERVED
CVE-2020-26008
	RESERVED
CVE-2020-26007
	RESERVED
CVE-2020-26006 (Project Worlds Online Examination System 1.0 is affected by Cross Site ...)
	NOT-FOR-US: Project Worlds Online Examination System
CVE-2020-26005
	RESERVED
CVE-2020-26004
	RESERVED
CVE-2020-26003
	RESERVED
CVE-2020-26002
	RESERVED
CVE-2020-26001
	RESERVED
CVE-2020-26000
	RESERVED
CVE-2020-25999
	RESERVED
CVE-2020-25998
	RESERVED
CVE-2020-25997
	RESERVED
CVE-2020-25996
	RESERVED
CVE-2020-25995
	RESERVED
CVE-2020-25994
	RESERVED
CVE-2020-25993
	RESERVED
CVE-2020-25992
	RESERVED
CVE-2020-25991
	RESERVED
CVE-2020-25990 (WebsiteBaker 2.12.2 allows SQL Injection via parameter 'display_name'  ...)
	NOT-FOR-US: WebsiteBaker
CVE-2020-25989 (Privilege escalation via arbitrary file write in pritunl electron clie ...)
	NOT-FOR-US: pritunl-client
CVE-2020-25988 (UPNP Service listening on port 5555 in Genexis Platinum 4410 Router V2 ...)
	NOT-FOR-US: Genexis Platinum 4410 Router
CVE-2020-25987 (MonoCMS Blog 1.0 stores hard-coded admin hashes in the log.xml file in ...)
	NOT-FOR-US: MonoCMS Blog
CVE-2020-25986 (A Cross Site Request Forgery (CSRF) vulnerability in MonoCMS Blog 1.0  ...)
	NOT-FOR-US: MonoCMS Blog
CVE-2020-25985 (MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenti ...)
	NOT-FOR-US: MonoCMS Blog
CVE-2020-25984
	RESERVED
CVE-2020-25983
	RESERVED
CVE-2020-25982
	RESERVED
CVE-2020-25981
	RESERVED
CVE-2020-25980
	RESERVED
CVE-2020-25979
	RESERVED
CVE-2020-25978
	RESERVED
CVE-2020-25977
	RESERVED
CVE-2020-25976
	RESERVED
CVE-2020-25975
	RESERVED
CVE-2020-25974
	RESERVED
CVE-2020-25973
	RESERVED
CVE-2020-25972
	RESERVED
CVE-2020-25971
	RESERVED
CVE-2020-25970
	RESERVED
CVE-2020-25969
	RESERVED
CVE-2020-25968
	RESERVED
CVE-2020-25967 (The member center function in fastadmin V1.0.0.20200506_beta is vulner ...)
	NOT-FOR-US: fastadmin
CVE-2020-25966 (** DISPUTED ** Sectona Spectra before 3.4.0 has a vulnerable SOAP API  ...)
	NOT-FOR-US: Sectona Spectra
CVE-2020-25965
	RESERVED
CVE-2020-25964
	RESERVED
CVE-2020-25963
	RESERVED
CVE-2020-25962
	RESERVED
CVE-2020-25961
	RESERVED
CVE-2020-25960
	RESERVED
CVE-2020-25959
	RESERVED
CVE-2020-25958
	RESERVED
CVE-2020-25957
	RESERVED
CVE-2020-25956
	RESERVED
CVE-2020-25955 (SourceCodester Student Management System Project in PHP version 1.0 is ...)
	NOT-FOR-US: SourceCodester Student Management System Project
CVE-2020-25954
	RESERVED
CVE-2020-25953
	RESERVED
CVE-2020-25952 (SQL injection vulnerability in PHPGurukul User Registration &amp; Logi ...)
	NOT-FOR-US: PHPGurukul
CVE-2020-25951
	RESERVED
CVE-2020-25950 (Advanced Webhost Billing System 3.7.0 is affected by Cross Site Reques ...)
	NOT-FOR-US: Advanced Webhost Billing System
CVE-2020-25949
	RESERVED
CVE-2020-25948
	RESERVED
CVE-2020-25947
	RESERVED
CVE-2020-25946
	RESERVED
CVE-2020-25945
	RESERVED
CVE-2020-25944
	RESERVED
CVE-2020-25943
	RESERVED
CVE-2020-25942
	RESERVED
CVE-2020-25941
	RESERVED
CVE-2020-25940
	RESERVED
CVE-2020-25939
	RESERVED
CVE-2020-25938
	RESERVED
CVE-2020-25937
	RESERVED
CVE-2020-25936
	RESERVED
CVE-2020-25935
	RESERVED
CVE-2020-25934
	RESERVED
CVE-2020-25933
	RESERVED
CVE-2020-25932
	RESERVED
CVE-2020-25931
	RESERVED
CVE-2020-25930
	RESERVED
CVE-2020-25929
	RESERVED
CVE-2020-25928 (The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by:  ...)
	NOT-FOR-US: InterNiche NicheStack TCP/IP
CVE-2020-25927 (The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by:  ...)
	NOT-FOR-US: InterNiche NicheStack TCP/IP
CVE-2020-25926 (The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: I ...)
	NOT-FOR-US: InterNiche NicheStack TCP/IP
CVE-2020-25925 (Cross Site Scripting (XSS) in Webmail Calender in IceWarp WebClient 10 ...)
	NOT-FOR-US: IceWarp
CVE-2020-25924
	RESERVED
CVE-2020-25923
	RESERVED
CVE-2020-25922
	RESERVED
CVE-2020-25921
	RESERVED
CVE-2020-25920
	RESERVED
CVE-2020-25919
	RESERVED
CVE-2020-25918
	RESERVED
CVE-2020-25917 (Stratodesk NoTouch Center before 4.4.68 is affected by: Incorrect Acce ...)
	NOT-FOR-US: Stratodesk NoTouch Center
CVE-2020-25916
	RESERVED
CVE-2020-25915
	RESERVED
CVE-2020-25914
	RESERVED
CVE-2020-25913
	RESERVED
CVE-2020-25912 (A XML External Entity (XXE) vulnerability was discovered in symphony\l ...)
	NOT-FOR-US: Symphony CMS
CVE-2020-25911 (A XML External Entity (XXE) vulnerability was discovered in the modRes ...)
	NOT-FOR-US: MODX CMS
CVE-2020-25910
	RESERVED
CVE-2020-25909
	RESERVED
CVE-2020-25908
	RESERVED
CVE-2020-25907
	RESERVED
CVE-2020-25906
	RESERVED
CVE-2020-25905 (An SQL Injection vulnerabilty exists in Sourcecodester Mobile Shop Sys ...)
	NOT-FOR-US: Sourcecodester
CVE-2020-25904
	RESERVED
CVE-2020-25903
	RESERVED
CVE-2020-25902 (** DISPUTED ** Blackboard Collaborate Ultra 20.02 is affected by a cro ...)
	NOT-FOR-US: Blackboard Collaborate Ultra
CVE-2020-25901 (Host Header Injection in Spiceworks 7.5.7.0 allowing the attacker to r ...)
	NOT-FOR-US: Spiceworks
CVE-2020-25900
	RESERVED
CVE-2020-25899
	RESERVED
CVE-2020-25898
	RESERVED
CVE-2020-25897
	RESERVED
CVE-2020-25896
	RESERVED
CVE-2020-25895
	RESERVED
CVE-2020-25894
	RESERVED
CVE-2020-25893
	RESERVED
CVE-2020-25892
	RESERVED
CVE-2020-25891
	RESERVED
CVE-2020-25890 (The web application of Kyocera printer (ECOSYS M2640IDW) is affected b ...)
	NOT-FOR-US: Kyocera printer
CVE-2020-25889 (Online Bus Booking System Project Using PHP/MySQL version 1.0 has SQL  ...)
	NOT-FOR-US: Online Bus Booking System Project Using PHP/MySQL
CVE-2020-25888
	RESERVED
CVE-2020-25887
	RESERVED
CVE-2020-25886
	RESERVED
CVE-2020-25885
	RESERVED
CVE-2020-25884
	RESERVED
CVE-2020-25883
	RESERVED
CVE-2020-25882
	RESERVED
CVE-2020-25881 (A vulnerability was discovered in the filename parameter in pathindex. ...)
	NOT-FOR-US: RKCMS
CVE-2020-25880
	RESERVED
CVE-2020-25879 (A stored cross site scripting (XSS) vulnerability in the 'Manage Users ...)
	NOT-FOR-US: Codoforum
CVE-2020-25878 (A stored cross site scripting (XSS) vulnerability in the 'Admin-Tools' ...)
	NOT-FOR-US: BlackCat CMS
CVE-2020-25877 (A stored cross site scripting (XSS) vulnerability in the 'Add Page' fe ...)
	NOT-FOR-US: BlackCat CMS
CVE-2020-25876 (A stored cross site scripting (XSS) vulnerability in the 'Pages' featu ...)
	NOT-FOR-US: Codoforum
CVE-2020-25875 (A stored cross site scripting (XSS) vulnerability in the 'Smileys' fea ...)
	NOT-FOR-US: Codoforum
CVE-2020-25874
	RESERVED
CVE-2020-25873 (A directory traversal vulnerability in the component system/manager/cl ...)
	NOT-FOR-US: Baijiacms
CVE-2020-25872 (A vulnerability exists within the FileManagerController.php function i ...)
	NOT-FOR-US: FrogCMS
CVE-2020-25871
	RESERVED
CVE-2020-25870
	RESERVED
CVE-2020-25869 (An information leak was discovered in MediaWiki before 1.31.10 and 1.3 ...)
	NOT-FOR-US: CentralAuth MediaWiki extension
	NOTE: The extension requires some new infrastructure code which was added to the
	NOTE: MediaWiki 1.31.9 / 1.34.3 security releases announced at
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-September/093888.html
	NOTE: https://phabricator.wikimedia.org/T260485
CVE-2020-25868 (Pexip Infinity 22.x through 24.x before 24.2 has Improper Input Valida ...)
	NOT-FOR-US: Pexip
CVE-2020-25867 (SoPlanning before 1.47 doesn't correctly check the security key used t ...)
	NOT-FOR-US: SoPlanning
CVE-2020-25866 (In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dis ...)
	- wireshark 3.2.7-1
	[buster] - wireshark <not-affected> (Vulnerable code not present)
	[stretch] - wireshark <not-affected> (Vulnerable code not present)
	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-13.html
	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/16866
CVE-2020-25865
	RESERVED
CVE-2020-25864 (HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value ( ...)
	- consul 1.8.7+dfsg1-2 (bug #987351)
	[buster] - consul <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1950275
	NOTE: https://github.com/hashicorp/consul/pull/10023
CVE-2020-25863 (In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the ...)
	{DLA-2547-1}
	- wireshark 3.2.7-1
	[buster] - wireshark 2.6.20-0+deb10u1
	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-11.html
	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/16741
CVE-2020-25862 (In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the ...)
	{DLA-2547-1}
	- wireshark 3.2.7-1
	[buster] - wireshark 2.6.20-0+deb10u1
	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-12.html
	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/16816
CVE-2020-25861
	RESERVED
CVE-2020-25860 (The install.c module in the Pengutronix RAUC update client prior to ve ...)
	- rauc 1.5-1
	NOTE: https://github.com/rauc/rauc/security/advisories/GHSA-cgf3-h62j-w9vv
CVE-2020-25859 (The QCMAP_CLI utility in the Qualcomm QCMAP software suite prior to ve ...)
	NOT-FOR-US: Qualcomm QCMAP
CVE-2020-25858 (The QCMAP_Web_CLIENT binary in the Qualcomm QCMAP software suite prior ...)
	NOT-FOR-US: Qualcomm QCMAP
CVE-2020-25857 (The function ClientEAPOLKeyRecvd() in the Realtek RTL8195A Wi-Fi Modul ...)
	NOT-FOR-US: Realtek
CVE-2020-25856 (The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module pri ...)
	NOT-FOR-US: Realtek
CVE-2020-25855 (The function AES_UnWRAP() in the Realtek RTL8195A Wi-Fi Module prior t ...)
	NOT-FOR-US: Realtek
CVE-2020-25854 (The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module pri ...)
	NOT-FOR-US: Realtek
CVE-2020-25853 (The function CheckMic() in the Realtek RTL8195A Wi-Fi Module prior to  ...)
	NOT-FOR-US: Realtek
CVE-2020-25852
	RESERVED
CVE-2020-25851
	RESERVED
CVE-2020-25850 (The function, view the source code, of HGiga MailSherlock does not val ...)
	NOT-FOR-US: HGiga MailSherlock
CVE-2020-25849 (MailGates and MailAudit products contain Command Injection flaw, which ...)
	NOT-FOR-US: MailGates and MailAudit
CVE-2020-25848 (HGiga MailSherlock contains weak authentication flaw that attackers gr ...)
	NOT-FOR-US: HGiga MailSherlock
CVE-2020-25847 (This command injection vulnerability allows attackers to execute arbit ...)
	NOT-FOR-US: QNAP
CVE-2020-25846 (The digest generation function of NHIServiSignAdapter has not been ver ...)
	NOT-FOR-US: NHIServiSignAdapter
CVE-2020-25845 (Multiple functions of NHIServiSignAdapter failed to verify the users&# ...)
	NOT-FOR-US: NHIServiSignAdapter
CVE-2020-25844 (The digest generation function of NHIServiSignAdapter has not been ver ...)
	NOT-FOR-US: NHIServiSignAdapter
CVE-2020-25843 (NHIServiSignAdapter fails to verify the length of digital credential f ...)
	NOT-FOR-US: NHIServiSignAdapter
CVE-2020-25842 (The encryption function of NHIServiSignAdapter fail to verify the file ...)
	NOT-FOR-US: NHIServiSignAdapter
CVE-2020-25841
	RESERVED
CVE-2020-25840 (Cross-Site scripting vulnerability in Micro Focus Access Manager produ ...)
	NOT-FOR-US: Micro Focus
CVE-2020-25839 (NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected b ...)
	NOT-FOR-US: NetIQ Identity Manager
CVE-2020-25838 (Unauthorized disclosure of sensitive information vulnerability in Micr ...)
	NOT-FOR-US: Micro Focus
CVE-2020-25837 (Sensitive information disclosure vulnerability in Micro Focus Self Ser ...)
	NOT-FOR-US: Micro Focus
CVE-2020-25836
	RESERVED
CVE-2020-25835
	RESERVED
CVE-2020-25834 (Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger prod ...)
	NOT-FOR-US: Micro Focus
CVE-2020-25833 (Persistent cross-Site Scripting vulnerability on Micro Focus IDOL prod ...)
	NOT-FOR-US: Micro Focus
CVE-2020-25832 (Reflected Cross Site scripting vulnerability on Micro Focus Filr produ ...)
	NOT-FOR-US: Micro Focus
CVE-2020-25831
	RESERVED
CVE-2020-25830 (An issue was discovered in MantisBT before 2.24.3. Improper escaping o ...)
	- mantis <removed>
CVE-2020-25829 (An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x befo ...)
	- pdns-recursor 4.3.5-1 (bug #972159)
	[buster] - pdns-recursor <no-dsa> (Minor issue)
	NOTE: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-07.html
CVE-2020-25828 (An issue was discovered in MediaWiki before 1.31.10 and 1.32.x through ...)
	{DSA-4767-1 DLA-2379-1}
	- mediawiki 1:1.35.0-1
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-September/093888.html
	NOTE: https://phabricator.wikimedia.org/T115888
CVE-2020-25827 (An issue was discovered in the OATHAuth extension in MediaWiki before  ...)
	{DSA-4767-1 DLA-2379-1}
	- mediawiki 1:1.35.0-1
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-September/093888.html
	NOTE: https://phabricator.wikimedia.org/T251661
CVE-2020-25826 (PingID Integration for Windows Login before 2.4.2 allows local users t ...)
	NOT-FOR-US: PingID Integration for Windows Login
CVE-2020-25825 (In Octopus Deploy 3.1.0 to 2020.4.0, certain scripts can reveal sensit ...)
	NOT-FOR-US: Octopus Deploy
CVE-2020-25824 (Telegram Desktop through 2.4.3 does not require passcode entry upon pu ...)
	NOTE: Nonsense CVE allocation for Telegram desktop client, with an desktop not protected
	NOTE: by a screen lock anything can happen anyway
CVE-2020-25823
	RESERVED
CVE-2020-25822
	RESERVED
CVE-2020-25821 (** UNSUPPORTED WHEN ASSIGNED ** peg-markdown 0.4.14 has a NULL pointer ...)
	NOT-FOR-US: peg-markdown
CVE-2020-25820 (BigBlueButton before 2.2.27 allows remote authenticated users to read  ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-25819
	RESERVED
CVE-2020-25818
	RESERVED
CVE-2020-25817 (SilverStripe through 4.6.0-rc1 has an XXE Vulnerability in CSSContentP ...)
	NOT-FOR-US: Silverstripe CMS
CVE-2020-25816 (HashiCorp Vault and Vault Enterprise versions 1.0 and newer allowed le ...)
	NOT-FOR-US: HashiCorp Vault
CVE-2020-25815 (An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34 ...)
	- mediawiki 1:1.35.0-1
	[buster] - mediawiki <not-affected> (Vulnerable code introduced in 1.32)
	[stretch] - mediawiki <not-affected> (Vulnerable code introduced later)
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-September/093888.html
	NOTE: https://phabricator.wikimedia.org/T256171
CVE-2020-25814 (In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, X ...)
	{DSA-4767-1 DLA-2379-1}
	- mediawiki 1:1.35.0-1
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-September/093888.html
	NOTE: https://phabricator.wikimedia.org/T86738
CVE-2020-25813 (In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, S ...)
	{DSA-4767-1 DLA-2379-1}
	- mediawiki 1:1.35.0-1
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-September/093888.html
	NOTE: https://phabricator.wikimedia.org/T232568
CVE-2020-25812 (An issue was discovered in MediaWiki 1.34.x before 1.34.4. On Special: ...)
	{DSA-4767-1}
	- mediawiki 1:1.35.0-1
	[stretch] - mediawiki <not-affected> (Vulnerable code introduced later)
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-September/093888.html
	NOTE: https://phabricator.wikimedia.org/T255918
CVE-2020-25811
	RESERVED
CVE-2020-25810
	RESERVED
CVE-2020-25809
	RESERVED
CVE-2020-25808
	RESERVED
CVE-2020-25807
	RESERVED
CVE-2020-25806
	RESERVED
CVE-2020-25805
	RESERVED
CVE-2020-25804
	RESERVED
CVE-2020-25803 (Improper Control of Dynamically-Managed Code Resources vulnerability i ...)
	NOT-FOR-US: Crafter Studio of Crafter CMS
CVE-2020-25802 (Improper Control of Dynamically-Managed Code Resources vulnerability i ...)
	NOT-FOR-US: Crafter Studio of Crafter CMS
CVE-2020-25801
	RESERVED
CVE-2020-25800
	RESERVED
CVE-2020-25799 (LimeSurvey 3.21.1 is affected by cross-site scripting (XSS) in the Quo ...)
	- limesurvey <itp> (bug #472802)
CVE-2020-25798 (A stored cross-site scripting (XSS) vulnerability in LimeSurvey before ...)
	- limesurvey <itp> (bug #472802)
CVE-2020-25797 (LimeSurvey 3.21.1 is affected by cross-site scripting (XSS) in the Add ...)
	- limesurvey <itp> (bug #472802)
CVE-2020-25790 (** DISPUTED ** Typesetter CMS 5.x through 5.1 allows admins to upload  ...)
	NOT-FOR-US: Typesetter CMS
CVE-2020-25789 (An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-1 ...)
	- tt-rss 21~git20210204.b4cbc79+dfsg-1 (bug #970633)
	[buster] - tt-rss <no-dsa> (Minor issue)
	NOTE: https://community.tt-rss.org/t/heads-up-several-vulnerabilities-fixed/3799
	NOTE: https://git.tt-rss.org/fox/tt-rss/commit/da5af2fae091041cca27b24b6f0e69e4a6d0dc60
CVE-2020-25788 (An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-1 ...)
	- tt-rss 21~git20210204.b4cbc79+dfsg-1 (bug #970633)
	[buster] - tt-rss <no-dsa> (Minor issue)
	NOTE: https://community.tt-rss.org/t/heads-up-several-vulnerabilities-fixed/3799
	NOTE: https://git.tt-rss.org/fox/tt-rss/commit/c3d14e1fa54c7dade7b1b7955575e2991396d7ef
CVE-2020-25787 (An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-1 ...)
	- tt-rss 21~git20210204.b4cbc79+dfsg-1 (bug #970633)
	[buster] - tt-rss <no-dsa> (Minor issue)
	NOTE: https://community.tt-rss.org/t/heads-up-several-vulnerabilities-fixed/3799
	NOTE: https://git.tt-rss.org/fox/tt-rss/commit/c3d14e1fa54c7dade7b1b7955575e2991396d7ef
CVE-2020-25786 (** UNSUPPORTED WHEN ASSIGNED ** webinc/js/info.php on D-Link DIR-816L  ...)
	NOT-FOR-US: D-Link
CVE-2020-25785 (An issue was discovered on Accfly Wireless Security IR Camera System 7 ...)
	NOT-FOR-US: Accfly Wireless Security IR Camera System 720P
CVE-2020-25784 (An issue was discovered on Accfly Wireless Security IR Camera System 7 ...)
	NOT-FOR-US: Accfly Wireless Security IR Camera System 720P
CVE-2020-25783 (An issue was discovered on Accfly Wireless Security IR Camera System 7 ...)
	NOT-FOR-US: Accfly Wireless Security IR Camera System 720P
CVE-2020-25782 (An issue was discovered on Accfly Wireless Security IR Camera 720P Sys ...)
	NOT-FOR-US: Accfly Wireless Security IR Camera System 720P
CVE-2020-25781 (An issue was discovered in file_download.php in MantisBT before 2.24.3 ...)
	- mantis <removed>
CVE-2020-25796 (An issue was discovered in the sized-chunks crate through 0.6.2 for Ru ...)
	- rust-sized-chunks 0.6.5-1 (bug #970586)
	[bullseye] - rust-sized-chunks <no-dsa> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0041.html
	NOTE: https://github.com/bodil/sized-chunks/issues/11
CVE-2020-25795 (An issue was discovered in the sized-chunks crate through 0.6.2 for Ru ...)
	- rust-sized-chunks 0.6.5-1 (bug #970586)
	[bullseye] - rust-sized-chunks <no-dsa> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0041.html
	NOTE: https://github.com/bodil/sized-chunks/issues/11
CVE-2020-25794 (An issue was discovered in the sized-chunks crate through 0.6.2 for Ru ...)
	- rust-sized-chunks 0.6.5-1 (bug #970586)
	[bullseye] - rust-sized-chunks <no-dsa> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0041.html
	NOTE: https://github.com/bodil/sized-chunks/issues/11
CVE-2020-25793 (An issue was discovered in the sized-chunks crate through 0.6.2 for Ru ...)
	- rust-sized-chunks 0.6.5-1 (bug #970586)
	[bullseye] - rust-sized-chunks <no-dsa> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0041.html
	NOTE: https://github.com/bodil/sized-chunks/issues/11
CVE-2020-25792 (An issue was discovered in the sized-chunks crate through 0.6.2 for Ru ...)
	- rust-sized-chunks 0.6.5-1 (bug #970586)
	[bullseye] - rust-sized-chunks <no-dsa> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0041.html
	NOTE: https://github.com/bodil/sized-chunks/issues/11
CVE-2020-25791 (An issue was discovered in the sized-chunks crate through 0.6.2 for Ru ...)
	- rust-sized-chunks 0.6.5-1 (bug #970586)
	[bullseye] - rust-sized-chunks <no-dsa> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0041.html
	NOTE: https://github.com/bodil/sized-chunks/issues/11
CVE-2020-25780 (In CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before  ...)
	NOT-FOR-US: Commvault
CVE-2020-25779 (Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in w ...)
	NOT-FOR-US: Trend Micro
CVE-2020-25778 (Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in a ...)
	NOT-FOR-US: Trend Micro
CVE-2020-25777 (Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a speci ...)
	NOT-FOR-US: Trend Micro
CVE-2020-25776 (Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a symbo ...)
	NOT-FOR-US: Trend Micro
CVE-2020-25775 (The Trend Micro Security 2020 (v16) consumer family of products is vul ...)
	NOT-FOR-US: Trend Micro
CVE-2020-25774 (A vulnerability in the Trend Micro Apex One ServerMigrationTool compon ...)
	NOT-FOR-US: Trend Micro
CVE-2020-25773 (A vulnerability in the Trend Micro Apex One ServerMigrationTool compon ...)
	NOT-FOR-US: Trend Micro
CVE-2020-25772 (An out-of-bounds read information disclosure vulnerabilities in Trend  ...)
	NOT-FOR-US: Trend Micro
CVE-2020-25771 (An out-of-bounds read information disclosure vulnerabilities in Trend  ...)
	NOT-FOR-US: Trend Micro
CVE-2020-25770 (An out-of-bounds read information disclosure vulnerabilities in Trend  ...)
	NOT-FOR-US: Trend Micro
CVE-2020-25769
	RESERVED
CVE-2020-25768 (Contao before 4.4.52, 4.9.x before 4.9.6, and 4.10.x before 4.10.1 hav ...)
	NOT-FOR-US: Contao CMS
CVE-2020-25767 (An issue was discovered in HCC Embedded NicheStack IPv4 4.1. The dnc_c ...)
	NOT-FOR-US: HCC Embedded NicheStack
CVE-2020-25766 (An issue was discovered in MISP before 2.4.132. It can perform an unwa ...)
	NOT-FOR-US: MISP
CVE-2020-25765 (Addressed remote code execution vulnerability in reg_device.php due to ...)
	NOT-FOR-US: Western Digital My Cloud Devices
CVE-2020-25764
	RESERVED
CVE-2020-25763 (Seat Reservation System version 1.0 suffers from an Unauthenticated Fi ...)
	NOT-FOR-US: Seat Reservation System
CVE-2020-25762 (An issue was discovered in SourceCodester Seat Reservation System 1.0. ...)
	NOT-FOR-US: SourceCodester Seat Reservation System
CVE-2020-25761 (Projectworlds Visitor Management System in PHP 1.0 allows XSS. The fil ...)
	NOT-FOR-US: Projectworlds Visitor Management System in PHP
CVE-2020-25760 (Projectworlds Visitor Management System in PHP 1.0 allows SQL Injectio ...)
	NOT-FOR-US: Projectworlds Visitor Management System in PHP
CVE-2020-25759 (An issue was discovered on D-Link DSR-250 3.17 devices. Certain functi ...)
	NOT-FOR-US: D-Link
CVE-2020-25758 (An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient v ...)
	NOT-FOR-US: D-Link
CVE-2020-25757 (A lack of input validation and access controls in Lua CGIs on D-Link D ...)
	NOT-FOR-US: D-Link
CVE-2020-25756 (** DISPUTED ** A buffer overflow vulnerability exists in the mg_get_ht ...)
	NOT-FOR-US: Cesanta Mongoose
	NOTE: smplayer embeds a copy, which is unused in any released version and disabled since 18.5.0~ds1-1
CVE-2020-25755 (An issue was discovered on Enphase Envoy R3.x and D4.x (and other curr ...)
	NOT-FOR-US: Enphase Envoy
CVE-2020-25754 (An issue was discovered on Enphase Envoy R3.x and D4.x devices. There  ...)
	NOT-FOR-US: Enphase Envoy
CVE-2020-25753 (An issue was discovered on Enphase Envoy R3.x and D4.x devices with v3 ...)
	NOT-FOR-US: Enphase Envoy
CVE-2020-25752 (An issue was discovered on Enphase Envoy R3.x and D4.x devices. There  ...)
	NOT-FOR-US: Enphase Envoy
CVE-2020-25751 (The paGO Commerce plugin 2.5.9.0 for Joomla! allows SQL Injection via  ...)
	NOT-FOR-US: paGO Commerce plugin for Joomla!
CVE-2020-25750 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in DotPlant2 b ...)
	NOT-FOR-US: DotPlant2
CVE-2020-25749 (The Telnet service of Rubetek cameras RV-3406, RV-3409, and RV-3411 ca ...)
	NOT-FOR-US: Rubetek
CVE-2020-25748 (A Cleartext Transmission issue was discovered on Rubetek RV-3406, RV-3 ...)
	NOT-FOR-US: Rubetek
CVE-2020-25747 (The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (f ...)
	NOT-FOR-US: Rubetek
CVE-2020-25746 (QED ResourceXpress Qubi3 devices before 1.40.9 could allow a local att ...)
	NOT-FOR-US: QED ResourceXpress Qubi3 devices
CVE-2020-25745
	RESERVED
CVE-2020-25744 (SaferVPN before 5.0.3.3 on Windows could allow low-privileged users to ...)
	NOT-FOR-US: SaferVPN
CVE-2020-25743 (hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereferen ...)
	- qemu <unfixed> (bug #970940)
	[bullseye] - qemu <postponed> (Minor issue, revisit when fixed upstream)
	[buster] - qemu <postponed> (Fix along in next qemu DSA)
	[stretch] - qemu <postponed> (Fix along in future DLA)
	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg01568.html
	NOTE: https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Fide_nullptr1
	NOTE: No upstream patch as of 2022-01-28
CVE-2020-25742 (pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL p ...)
	- qemu <unfixed> (bug #971390)
	[bullseye] - qemu <postponed> (Minor issue, revisit when fixed upstream)
	[buster] - qemu <postponed> (Fix along in next qemu DSA)
	[stretch] - qemu <postponed> (Fix along in future DLA)
	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05294.html
	NOTE: https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Flsi_nullptr1
	NOTE: No upstream patch as of 2022-01-28
CVE-2020-25741 (fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer d ...)
	- qemu <unfixed> (bug #970939)
	[bullseye] - qemu <postponed> (Minor issue, revisit when fixed upstream)
	[buster] - qemu <postponed> (Fix along in next qemu DSA)
	[stretch] - qemu <postponed> (Fix along in future DLA)
	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg07779.html
	NOTE: https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Ffdc_nullptr1
	NOTE: No upstream patch as of 2022-01-28
CVE-2020-25740
	RESERVED
CVE-2020-25739 (An issue was discovered in the gon gem before gon-6.4.0 for Ruby. Mult ...)
	{DLA-2380-1}
	- ruby-gon 6.4.0-1 (bug #970938)
	[buster] - ruby-gon <no-dsa> (Minor issue)
	NOTE: https://github.com/gazay/gon/commit/fe3c7b2191a992386dc9edd37de5447a4e809bc7
CVE-2020-25738 (CyberArk Endpoint Privilege Manager (EPM) 11.1.0.173 allows attackers  ...)
	NOT-FOR-US: CyberArk Endpoint Privilege Manager (EPM)
CVE-2020-25737 (An elevation of privilege vulnerability exists in Hackolade versions p ...)
	NOT-FOR-US: Hackolade
CVE-2020-25736 (Acronis True Image 2019 update 1 through 2021 update 1 on macOS allows ...)
	NOT-FOR-US: Acronis
CVE-2020-25735 (webTareas through 2.1 allows XSS in clients/editclient.php, extensions ...)
	NOT-FOR-US: webTareas
CVE-2020-25734 (webTareas through 2.1 allows files/Default/ Directory Listing. ...)
	NOT-FOR-US: webTareas
CVE-2020-25733 (webTareas through 2.1 allows upload of the dangerous .exe and .shtml f ...)
	NOT-FOR-US: webTareas
CVE-2020-25732
	RESERVED
CVE-2020-25731
	RESERVED
CVE-2020-25730
	RESERVED
CVE-2020-25729 (ZoneMinder before 1.34.21 has XSS via the connkey parameter to downloa ...)
	- zoneminder 1.34.21-1 (unimportant)
	NOTE: https://github.com/ZoneMinder/zoneminder/commit/9268db14a79c4ccd444c2bf8d24e62b13207b413
	NOTE: Only supported for trusted users/behind auth, see README.debian.security
CVE-2020-25728 (The Reset Password add-on before 1.2.0 for Alfresco has a broken algor ...)
	NOT-FOR-US: Reset Password add-on for Alfresco
CVE-2020-25727 (The Reset Password add-on before 1.2.0 for Alfresco suffers from CMIS- ...)
	NOT-FOR-US: Reset Password add-on for Alfresco
CVE-2020-25726
	REJECTED
CVE-2020-25725 (In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOut ...)
	- xpdf <not-affected> (Debian uses poppler, which is not affected)
	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=41915
CVE-2020-25724 (A flaw was found in RESTEasy, where an incorrect response to an HTTP r ...)
	- resteasy <unfixed>
	- resteasy3.0 <unfixed>
	[bullseye] - resteasy3.0 <no-dsa> (Minor issue)
	[buster] - resteasy3.0 <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1899354 (lacks details ATM)
CVE-2020-25723 (A reachable assertion issue was found in the USB EHCI emulation code o ...)
	{DLA-2469-1}
	- qemu 1:5.2+dfsg-1 (bug #975276)
	[buster] - qemu <postponed> (Fix along in future DSA)
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=2fdb42d840400d58f2e706ecca82c142b97bcbd6 (v5.2.0-rc0)
CVE-2020-25722 (Multiple flaws were found in the way samba AD DC implemented access an ...)
	{DSA-5003-1}
	- samba 2:4.13.14+dfsg-1
	[buster] - samba <ignored> (Intrusive backport; affects Samba as AD DC)
	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14564
	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
	NOTE: https://www.samba.org/samba/security/CVE-2020-25722.html
CVE-2020-25721 [[Kerberos acceptors need easy access to stable AD identifiers (eg objectSid)]
	RESERVED
	{DSA-5003-1}
	- samba 2:4.13.14+dfsg-1
	[buster] - samba <ignored> (Intrusive backport; affects Samba as AD DC)
	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14557
	NOTE: https://www.samba.org/samba/security/CVE-2020-25721.html
CVE-2020-25720
	RESERVED
CVE-2020-25719 (A flaw was found in the way Samba, as an Active Directory Domain Contr ...)
	{DSA-5003-1}
	- samba 2:4.13.14+dfsg-1
	[buster] - samba <ignored> (Intrusive backport; affects Samba as AD DC)
	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14561
	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
	NOTE: https://www.samba.org/samba/security/CVE-2020-25719.html
CVE-2020-25718 (A flaw was found in the way samba, as an Active Directory Domain Contr ...)
	{DSA-5003-1}
	- samba 2:4.13.14+dfsg-1
	[buster] - samba <ignored> (Intrusive backport; affects Samba as AD DC)
	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14558
	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
	NOTE: https://www.samba.org/samba/security/CVE-2020-25718.html
CVE-2020-25717 (A flaw was found in the way Samba maps domain users to local users. An ...)
	{DSA-5015-1 DSA-5003-1}
	- samba 2:4.13.14+dfsg-1
	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14556
	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14725
	NOTE: https://www.samba.org/samba/security/CVE-2020-25717.html
	NOTE: A new parameter "min domain uid" (defaults to 1000) has been added,
	NOTE: which enforces that no UNIX uid below this value will be accepted.
CVE-2020-25716 (A flaw was found in Cloudforms. A role-based privileges escalation fla ...)
	NOT-FOR-US: Red Hat CloudForm
CVE-2020-25715 (A flaw was found in pki-core 10.9.0. A specially crafted POST request  ...)
	- dogtag-pki 11.0.0-1 (bug #988153)
	[bullseye] - dogtag-pki <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1891016
	NOTE: https://github.com/dogtagpki/pki/commit/13f4c7fe7d71d42b46b25f3e8472ef7f35da5dd6
CVE-2020-25714
	RESERVED
CVE-2020-25713 (A malformed input file can lead to a segfault due to an out of bounds  ...)
	{DLA-2846-1}
	- raptor <removed>
	- raptor2 2.0.14-1.2 (bug #974664)
	[buster] - raptor2 <no-dsa> (Minor issue)
	NOTE: https://bugs.librdf.org/mantis/view.php?id=650
CVE-2020-25712 (A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer over ...)
	{DSA-4803-1 DLA-2486-1}
	- xorg-server 2:1.20.10-1 (bug #976216)
	NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/87c64fc5b0db9f62f4e361444f4b60501ebf67b9
CVE-2020-25711 (A flaw was found in infinispan 10 REST API, where authorization permis ...)
	NOT-FOR-US: Infinispan
CVE-2020-25708 (A divide by zero issue was found to occur in libvncserver-0.9.12. A ma ...)
	{DLA-2451-1}
	- libvncserver 0.9.13+dfsg-1
	[buster] - libvncserver <no-dsa> (Minor issue)
	NOTE: https://github.com/LibVNC/libvncserver/issues/409
	NOTE: https://github.com/LibVNC/libvncserver/commit/673c07a75ed844d74676f3ccdcfdc706a7052dba
CVE-2020-25707
	REJECTED
CVE-2020-25706 (A cross-site scripting (XSS) vulnerability exists in templates_import. ...)
	- cacti 1.2.14+ds1-1
	[buster] - cacti <no-dsa> (Minor issue)
	[stretch] - cacti <not-affected> (Vulnerable code introduced in 1.0.0)
	NOTE: https://github.com/Cacti/cacti/issues/3723
	NOTE: https://github.com/Cacti/cacti/commit/39458efcd5286d50e6b7f905fedcdc1059354e6e
	NOTE: introduced by https://github.com/Cacti/cacti/commit/0ba5711f09338a7019ed5622701a7effd83ba701
CVE-2020-25705 (A flaw in ICMP packets in the Linux kernel may allow an attacker to qu ...)
	{DLA-2494-1 DLA-2483-1}
	- linux 5.9.6-1
	[buster] - linux 4.19.160-1
	NOTE: https://git.kernel.org/linus/b38e7819cae946e2edf869e604af1e65a5d241c5
	NOTE: https://www.saddns.net/
CVE-2020-25704 (A flaw memory leak in the Linux kernel performance monitoring subsyste ...)
	{DLA-2494-1 DLA-2483-1}
	- linux 5.9.6-1
	[buster] - linux 4.19.160-1
	NOTE: https://git.kernel.org/linus/7bdb157cdebbf95a1cd94ed2e01b338714075d00
CVE-2020-25703 (The participants table download in Moodle always included user emails, ...)
	- moodle <removed>
CVE-2020-25702 (In Moodle, it was possible to include JavaScript when re-naming conten ...)
	- moodle <removed>
CVE-2020-25701 (If the upload course tool in Moodle was used to delete an enrollment m ...)
	- moodle <removed>
CVE-2020-25700 (In moodle, some database module web services allowed students to add e ...)
	- moodle <removed>
CVE-2020-25699 (In moodle, insufficient capability checks could lead to users with the ...)
	- moodle <removed>
CVE-2020-25698 (Users' enrollment capabilities were not being sufficiently checked in  ...)
	- moodle <removed>
CVE-2020-25697 (A privilege escalation flaw was found in the Xorg-x11-server due to a  ...)
	NOTE: Long-standing design limitation in X11, unlikely to get fixed until the world moves to Wayland
	NOTE: https://www.openwall.com/lists/oss-security/2020/11/09/3
CVE-2020-25696 (A flaw was found in the psql interactive terminal of PostgreSQL in ver ...)
	{DLA-2478-1}
	- postgresql-13 13.1-1
	- postgresql-12 <removed>
	- postgresql-11 <removed>
	[buster] - postgresql-11 11.10-0+deb10u1
	- postgresql-9.6 <removed>
	NOTE: https://www.postgresql.org/about/news/postgresql-131-125-1110-1015-9620-and-9524-released-2111/
	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=a54dfbee1f1bad431793968918bbb8541dc860a0 (REL9_5_STABLE)
CVE-2020-25695 (A flaw was found in PostgreSQL versions before 13.1, before 12.5, befo ...)
	{DLA-2478-1}
	- postgresql-13 13.1-1
	- postgresql-12 <removed>
	- postgresql-11 <removed>
	[buster] - postgresql-11 11.10-0+deb10u1
	- postgresql-9.6 <removed>
	NOTE: https://www.postgresql.org/about/news/postgresql-131-125-1110-1015-9620-and-9524-released-2111/
	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=aefc625dedae52073e7d279feb43f6255f992ea7 (REL9_5_STABLE)
CVE-2020-25694 (A flaw was found in PostgreSQL versions before 13.1, before 12.5, befo ...)
	{DLA-2478-1}
	- postgresql-13 13.1-1
	- postgresql-12 <removed>
	- postgresql-11 <removed>
	[buster] - postgresql-11 11.10-0+deb10u1
	- postgresql-9.6 <removed>
	NOTE: https://www.postgresql.org/about/news/postgresql-131-125-1110-1015-9620-and-9524-released-2111/
	NOTE: https://www.postgresql.org/message-id/flat/16604-933f4b8791227b15%40postgresql.org
	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=56b46d3a1a620548b4728b48bd28cdf11d88e101 (REL9_5_STABLE)
	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=da129a04a6dea8c30eec2477c08d17736c92d431 (REL9_5_STABLE)
	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=6997da09a41f613695575fbfcb213f14784c92bb (REL9_5_STABLE)
CVE-2020-25693 (A flaw was found in CImg in versions prior to 2.9.3. Integer overflows ...)
	{DLA-2462-1}
	- cimg 2.9.4+dfsg-2 (bug #973770)
	[buster] - cimg <no-dsa> (Minor issue)
	NOTE: https://github.com/dtschump/CImg/pull/295
	NOTE: https://bugs.launchpad.net/ubuntu/+source/cimg/+bug/1900983
	NOTE: Fixed by: https://github.com/dtschump/CImg/commit/4f184f89f9ab6785a6c90fd238dbaa6d901d3505
CVE-2020-25691
	RESERVED
	- darkhttpd <itp> (bug #775096)
CVE-2020-25690 (An out-of-bounds write flaw was found in FontForge in versions before  ...)
	- fontforge <not-affected> (Insufficient patch for CVE-2020-5395 not applied)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1893188
CVE-2020-25689 (A memory leak flaw was found in WildFly in all versions up to 21.0.0.F ...)
	- wildfly <itp> (bug #752018)
CVE-2020-25688 (A flaw was found in rhacm versions before 2.0.5 and before 2.1.0. Two  ...)
	NOT-FOR-US: Red Hat Advanced Cluster Management for Kubernetes (RHACM)
CVE-2020-25687 (A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...)
	{DSA-4844-1 DLA-2604-1}
	- dnsmasq 2.83-1
	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
CVE-2020-25686 (A flaw was found in dnsmasq before version 2.83. When receiving a quer ...)
	{DSA-4844-1}
	- dnsmasq 2.83-1
	[stretch] - dnsmasq <ignored> (Minor issue, off-path DNS-non-sec cache poisoning, mitigated by CVE-2020-25684 fix, invasive, regressions)
	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=15b60ddf935a531269bb8c68198de012a4967156
	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=6a6e06fbb0d4690507ceaf2bb6f0d8910f3d4914
	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=04490bf622ac84891aad6f2dd2edf83725decdee (regression)
	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=12af2b171de0d678d98583e2190789e544440e02 (regression)
	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=3f535da79e7a42104543ef5c7b5fa2bed819a78b (regression)
	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=25e63f1e56f5acdcf91893a1b92ad1e0f2f552d8 (regression)
	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=141a26f979b4bc959d8e866a295e24f8cf456920 (regression)
	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=305cb79c5754d5554729b18a2c06fe7ce699687a (regression)
CVE-2020-25685 (A flaw was found in dnsmasq before version 2.83. When getting a reply  ...)
	{DSA-4844-1}
	- dnsmasq 2.83-1
	[stretch] - dnsmasq <ignored> (Minor issue, off-path DNS-non-sec cache poisoning, mitigated by CVE-2020-25684 fix, stretch uses SHA-1 and not CRC32)
	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=2d765867c597db18be9d876c9c17e2c0fe1953cd
	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=2024f9729713fd657d65e64c2e4e471baa0a3e5b
CVE-2020-25684 (A flaw was found in dnsmasq before version 2.83. When getting a reply  ...)
	{DSA-4844-1 DLA-2604-1}
	- dnsmasq 2.83-1
	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=257ac0c5f7732cbc6aa96fdd3b06602234593aca
CVE-2020-25683 (A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...)
	{DSA-4844-1 DLA-2604-1}
	- dnsmasq 2.83-1
	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
CVE-2020-25682 (A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerabili ...)
	{DSA-4844-1 DLA-2604-1}
	- dnsmasq 2.83-1
	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
CVE-2020-25681 (A flaw was found in dnsmasq before version 2.83. A heap-based buffer o ...)
	{DSA-4844-1 DLA-2604-1}
	- dnsmasq 2.83-1
	NOTE: https://www.openwall.com/lists/oss-security/2021/01/19/1
	NOTE: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=4e96a4be685c9e4445f6ee79ad0b36b9119b502a
CVE-2020-25680 (A flaw was found in JBCS httpd in version 2.4.37 SP3, where it uses a  ...)
	NOT-FOR-US: JBCS httpd
CVE-2020-25679
	RESERVED
CVE-2020-25678 (A flaw was found in ceph in versions prior to 16.y.z where ceph stores ...)
	- ceph 14.2.18-1
	[buster] - ceph <no-dsa> (Minor issue)
	[stretch] - ceph <no-dsa> (Minor issue)
	NOTE: https://tracker.ceph.com/issues/37503
	NOTE: https://github.com/ceph/ceph/pull/38614 (v14.2.17)
CVE-2020-25677 (A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph ...)
	NOT-FOR-US: ceph Ansible module
CVE-2020-25676 (In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), Inte ...)
	{DLA-2602-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1732
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/406da3af9e09649cda152663c179902edf5ab3ac
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/94aeb3c40d25aee1051ba8eb3a31601558ef2506
CVE-2020-25675 (In the CropImage() and CropImageToTiles() routines of MagickCore/trans ...)
	{DLA-2602-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1731
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/64dc80b2e1907f7f20bf34d4df9483f938b0de71
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/6b169173585127299f4724f7880b575879c7f033
CVE-2020-25674 (WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop wi ...)
	{DLA-2523-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <no-dsa> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1715
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/67b871032183a29d3ca0553db6ce1ae80fddb9aa
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/2fdff8e040cd4401498d89f3c3d1f89cffd118b0
CVE-2020-25673 (A vulnerability was found in Linux kernel where non-blocking socket in ...)
	- linux 5.10.38-1
	[buster] - linux 4.19.194-1
	[stretch] - linux 4.9.272-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/11/01/1
CVE-2020-25672 (A memory leak vulnerability was found in Linux kernel in llcp_sock_con ...)
	{DLA-2690-1 DLA-2689-1}
	- linux 5.10.38-1
	[bullseye] - linux <postponed> (Minor issue, revisit once fixed upstream)
	[buster] - linux 4.19.194-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/11/01/1
CVE-2020-25671 (A vulnerability was found in Linux Kernel, where a refcount leak in ll ...)
	{DLA-2690-1 DLA-2689-1}
	- linux 5.10.38-1
	[bullseye] - linux <postponed> (Minor issue, revisit once fixed upstream)
	[buster] - linux 4.19.194-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/11/01/1
CVE-2020-25670 (A vulnerability was found in Linux Kernel where refcount leak in llcp_ ...)
	{DLA-2690-1 DLA-2689-1}
	- linux 5.10.38-1
	[bullseye] - linux <postponed> (Minor issue, revisit once fixed upstream)
	[buster] - linux 4.19.194-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/11/01/1
CVE-2020-25669 (A vulnerability was found in the Linux Kernel where the function sunkb ...)
	{DLA-2494-1 DLA-2483-1}
	- linux 5.9.11-1
	[buster] - linux 4.19.160-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/11/05/2
CVE-2020-25668 (A flaw was found in Linux Kernel because access to the global variable ...)
	{DLA-2494-1 DLA-2483-1}
	- linux 5.9.6-1
	[buster] - linux 4.19.160-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/10/30/1
	NOTE: https://git.kernel.org/linus/90bfdeef83f1d6c696039b6a917190dcbbad3220
CVE-2020-25667 (TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a larg ...)
	- imagemagick <not-affected> (Introduced in v6.9.10-63 and fixed in 6.9.10-69, no vulnerable version in archive)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1748
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/986b5dff173413fa712db27eb677cdef15f0bab6
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/14ba3e46a66c4799d643c7b959792e185c6599c7
CVE-2020-25666 (There are 4 places in HistogramCompare() in MagickCore/histogram.c whe ...)
	{DLA-2602-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1750
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/94691f00839dbdf43edb1508af945ab19b388573
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/91ae12c57f3b9b23f2072462c27a8378b59f395e
CVE-2020-25665 (The PALM image coder at coders/palm.c makes an improper call to Acquir ...)
	{DLA-2523-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1714
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/cfd829bd3581b092e0a267b3deba46fa90b9bc88
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/ca80e93cc887fb8971ceba2eead2c74e2b927df4
CVE-2020-25664 (In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper ca ...)
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	[stretch] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1716
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/1f450bb5ba53d275de6d1cd086c98a0b549ad393
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/27d3ddedb73f63fa984ff5b4d66e07eef654070f
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/e16a98540228f707a718dd09ac0b8cacd2a25d49 (revert)
	NOTE: possible incomplete/invalid fix, cf. CVE-2020-27752 that occurs after the fix
CVE-2020-25663 (A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of  ...)
	- imagemagick <not-affected> (Vulnerable code introduced in 7.x)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1723
	NOTE: Introduced by: https://github.com/ImageMagick/ImageMagick/commit/0c69c477e65d2a2695278ca614ffb9a3385137bc (7.0.8-56)
	NOTE: Introduced by: https://github.com/ImageMagick/ImageMagick/commit/8ed707a93fc4c7b3193dd562f07c4a1cc63cc19d (7.0.8-57)
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/a47e7a994766b92b10d4a87df8c1c890c8b170f3 (7.0.9-0)
CVE-2020-25662 (A Red Hat only CVE-2020-12352 regression issue was found in the way th ...)
	- linux <not-affected> (Red Hat-specific regression)
CVE-2020-25661 (A Red Hat only CVE-2020-12351 regression issue was found in the way th ...)
	- linux <not-affected> (Red Hat-specific regression)
CVE-2020-25660 (A flaw was found in the Cephx authentication protocol in versions befo ...)
	- ceph 14.2.15-1 (bug #975275)
	[buster] - ceph <not-affected> (Vulnerable code introduced later)
	[stretch] - ceph <not-affected> (Vulnerable code introduced later)
	NOTE: https://www.openwall.com/lists/oss-security/2020/11/17/4
	NOTE: Proposed patches: https://www.openwall.com/lists/oss-security/2020/11/17/3
	NOTE: Introduced by: https://github.com/ceph/ceph/commit/321548010578d6ff7bbf2e5ce8a550008b131423 (v15.1.0, backported to v14.2.5)
	NOTE: Fixed by: https://github.com/ceph/ceph/commit/6c14c2fb5650426285428dfe6ca1597e5ea1d07d (15.2.6)
	NOTE: Fixed by: https://github.com/ceph/ceph/commit/1316c82aae8c51b3fe10d8a8f0a87b60db54ee16 (15.2.6)
	NOTE: Fixed by: https://github.com/ceph/ceph/commit/bafdfec8f974f1a3f7d404bcfd0a4cfad784937d (15.2.6)
	NOTE: Fixed by: https://github.com/ceph/ceph/commit/2927fd91d41e505237cc73f9700e5c6a63e5cb4f (14.2.14)
	NOTE: Fixed by: https://github.com/ceph/ceph/commit/4c11203122d729c832a645c9e3f5092db4963840 (14.2.14)
	NOTE: Fixed by: https://github.com/ceph/ceph/commit/bb5d3d58bfcae96d2e5f796eaa74fc0987f79e77 (14.2.14)
CVE-2020-25659 (python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks ...)
	- python-cryptography 3.2.1-1 (bug #973247)
	[buster] - python-cryptography <no-dsa> (Minor issue)
	[stretch] - python-cryptography <no-dsa> (Minor issue; risk of regression & marginal benefit)
	NOTE: https://github.com/pyca/cryptography/security/advisories/GHSA-hggm-jpg3-v476
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1889988
	NOTE: https://github.com/pyca/cryptography/commit/58494b41d6ecb0f56b7c5f05d5f5e3ca0320d494 (3.2)
CVE-2020-25658 (It was found that python-rsa is vulnerable to Bleichenbacher timing at ...)
	- python-rsa <unfixed> (bug #974685)
	[bullseye] - python-rsa <no-dsa> (Minor issue)
	[buster] - python-rsa <no-dsa> (Minor issue)
	[stretch] - python-rsa <no-dsa> (Minor issue)
	NOTE: https://github.com/sybrenstuvel/python-rsa/issues/165
	NOTE: Presumed fix upstream in 4.7 does not address the issue:
	NOTE: https://github.com/sybrenstuvel/python-rsa/issues/165#issuecomment-727580521
CVE-2020-25657 (A flaw was found in all released versions of m2crypto, where they are  ...)
	- m2crypto <unfixed> (bug #975002)
	[bullseye] - m2crypto <no-dsa> (Minor issue)
	[buster] - m2crypto <no-dsa> (Minor issue)
	[stretch] - m2crypto <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1889823
	NOTE: https://gitlab.com/m2crypto/m2crypto/-/issues/285
	NOTE: https://gitlab.com/m2crypto/m2crypto/-/issues/282 (restricted)
CVE-2020-25656 (A flaw was found in the Linux kernel. A use-after-free was found in th ...)
	{DLA-2494-1 DLA-2483-1}
	- linux 5.9.6-1
	[buster] - linux 4.19.160-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/10/16/1
CVE-2020-25655 (An issue was discovered in ManagedClusterView API, that could allow se ...)
	NOT-FOR-US: Red Hat open-cluster-management
CVE-2020-25654 (An ACL bypass flaw was found in pacemaker. An attacker having a local  ...)
	{DSA-4791-1 DLA-2519-1}
	- pacemaker 2.0.5~rc2-1 (bug #973254)
	NOTE: https://www.openwall.com/lists/oss-security/2020/10/27/1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1888191
CVE-2020-25653 (A race condition vulnerability was found in the way the spice-vdagentd ...)
	{DLA-2524-1}
	- spice-vdagent 0.20.0-2 (bug #973769)
	[buster] - spice-vdagent <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2020/11/04/1
	NOTE: https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/51c415df82a52e9ec033225783c77df95f387891
	NOTE: https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/5c50131797e985d0a5654c1fd7000ae945ed29a7
CVE-2020-25652 (A flaw was found in the spice-vdagentd daemon, where it did not proper ...)
	{DLA-2524-1}
	- spice-vdagent 0.20.0-2 (bug #973769)
	[buster] - spice-vdagent <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2020/11/04/1
	NOTE: https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/91caa9223857708475d29df1768208fed1675340
	NOTE: https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/812ca777469a377c84b9861d7d326bfc72563304
CVE-2020-25651 (A flaw was found in the SPICE file transfer protocol. File data from t ...)
	{DLA-2524-1}
	- spice-vdagent 0.20.0-2 (bug #973769)
	[buster] - spice-vdagent <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2020/11/04/1
	NOTE: https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/1a8b93ca6ac0b690339ab7f0afc6fc45d198d332
	NOTE: https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/9d35d8a86fb310fc1f29d428c0a96995948d2357
	NOTE: https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/e4bfd1b632b6c14e8411dbe3565115a78cd3d256
	NOTE: https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/b7db1c20c9f80154fb54392eb44add3486d3e427
CVE-2020-25650 (A flaw was found in the way the spice-vdagentd daemon handled file tra ...)
	{DLA-2524-1}
	- spice-vdagent 0.20.0-2 (bug #973769)
	[buster] - spice-vdagent <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2020/11/04/1
	NOTE: https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/1a8b93ca6ac0b690339ab7f0afc6fc45d198d332
	NOTE: https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/9d35d8a86fb310fc1f29d428c0a96995948d2357
CVE-2020-25649 (A flaw was found in FasterXML Jackson Databind, where it did not have  ...)
	{DLA-2406-1}
	- jackson-databind 2.11.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u3
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2589
	NOTE: https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59 (jackson-databind-2.11.0.rc1)
CVE-2020-25648 (A flaw was found in the way NSS handled CCS (ChangeCipherSpec) message ...)
	- nss 2:3.58-1
	[buster] - nss <no-dsa> (Minor issue)
	[stretch] - nss <no-dsa> (Minor issue)
	NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes
	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1641480 (private)
	NOTE: Fixed by: https://hg.mozilla.org/projects/nss/rev/57bbefa793232586d27cee83e74411171e128361
CVE-2020-25647 (A flaw was found in grub2 in versions prior to 2.06. During USB device ...)
	{DSA-4867-1}
	- grub2 2.04-16
	[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
CVE-2020-25646 (A flaw was found in Ansible Collection community.crypto. openssl_priva ...)
	TODO: check
CVE-2020-25645 (A flaw was found in the Linux kernel in versions before 5.9-rc7. Traff ...)
	{DSA-4774-1 DLA-2494-1 DLA-2417-1}
	- linux 5.8.14-1
	NOTE: https://git.kernel.org/linus/34beb21594519ce64a55a498c2fe7d567bc1ca20
CVE-2020-25644 (A memory leak flaw was found in WildFly OpenSSL in versions prior to 1 ...)
	- wildfly <itp> (bug #752018)
CVE-2020-25643 (A flaw was found in the HDLC_PPP module of the Linux kernel in version ...)
	{DSA-4774-1 DLA-2420-1 DLA-2417-1}
	- linux 5.8.14-1
	NOTE: https://git.kernel.org/linus/66d42ed8b25b64eb63111a2b8582c5afc8bf1105
CVE-2020-25642
	RESERVED
CVE-2020-25641 (A flaw was found in the Linux kernel's implementation of biovecs in ve ...)
	{DLA-2420-1 DLA-2385-1}
	- linux 5.8.10-1
	[buster] - linux 4.19.146-1
	NOTE: https://git.kernel.org/linus/7e24969022cbd61ddc586f14824fc205661bb124
CVE-2020-25640 (A flaw was discovered in WildFly before 21.0.0.Final where, Resource a ...)
	- wildfly <itp> (bug #752018)
CVE-2020-25639 (A NULL pointer dereference flaw was found in the Linux kernel's GPU No ...)
	- linux 5.10.19-1
	[buster] - linux <not-affected> (Vulnerable code introduced later)
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://lists.freedesktop.org/archives/nouveau/2020-August/036682.html
CVE-2020-25638 (A flaw was found in hibernate-core in versions prior to and including  ...)
	{DSA-4908-1 DLA-2512-1}
	- libhibernate3-java 3.6.10.Final-11
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1881353
	NOTE: Fixed by https://github.com/hibernate/hibernate-orm/commit/59fede7acaaa1579b561407aefa582311f7ebe78
CVE-2020-25637 (A double free memory issue was found to occur in the libvirt API, in v ...)
	{DLA-2395-1}
	- libvirt 6.8.0-1 (bug #971555)
	[buster] - libvirt <no-dsa> (Minor issue)
	NOTE: Introduced by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=0977b8aa071de550e1a013d35e2c72615e65d520 (v1.2.14-rc1)
	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=955029bd0ad7ef96000f529ac38204a8f4a96401 (v6.8.0)
	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=50864dcda191eb35732dbd80fb6ca251a6bba923 (v6.8.0)
	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=e4116eaa44cb366b59f7fe98f4b88d04c04970ad (v6.8.0)
	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=a63b48c5ecef077bf0f909a85f453a605600cf05 (v6.8.0)
CVE-2020-25636 (A flaw was found in Ansible Base when using the aws_ssm connection plu ...)
	- ansible <not-affected> (Vulnerable connection/aws_ssm plugin not included)
	NOTE: https://github.com/ansible-collections/community.aws/issues/221
CVE-2020-25635 (A flaw was found in Ansible Base when using the aws_ssm connection plu ...)
	- ansible <not-affected> (Vulnerable connection/aws_ssm plugin not included)
	NOTE: https://github.com/ansible-collections/community.aws/issues/222
CVE-2020-25634 (A flaw was found in Red Hat 3scale&#8217;s API docs URL, where it is a ...)
	NOT-FOR-US: 3scale
CVE-2020-25633 (A flaw was found in RESTEasy client in all versions of RESTEasy up to  ...)
	- resteasy <unfixed> (bug #970585)
	- resteasy3.0 <unfixed>
	[bullseye] - resteasy3.0 <ignored> (Minor issue)
	[buster] - resteasy3.0 <ignored> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1879042
CVE-2020-25632 (A flaw was found in grub2 in versions prior to 2.06. The rmmod impleme ...)
	{DSA-4867-1}
	- grub2 2.04-16
	[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
CVE-2020-25631 (A vulnerability was found in Moodle 3.9 to 3.9.1, 3.8 to 3.8.4 and 3.7 ...)
	- moodle <removed>
CVE-2020-25630 (A vulnerability was found in Moodle where the decompressed size of zip ...)
	- moodle <removed>
CVE-2020-25629 (A vulnerability was found in Moodle where users with "Log in as" capab ...)
	- moodle <removed>
CVE-2020-25628 (The filter in the tag manager required extra sanitizing to prevent a r ...)
	- moodle <removed>
CVE-2020-25627 (The moodlenetprofile user profile field required extra sanitizing to p ...)
	- moodle <removed>
CVE-2020-25626 (A flaw was found in Django REST Framework versions before 3.12.0 and b ...)
	- djangorestframework 3.12.1-1 (bug #971554)
	[buster] - djangorestframework <no-dsa> (Minor issue)
	[stretch] - djangorestframework <no-dsa> (Minor issue)
	NOTE: https://github.com/encode/django-rest-framework/commit/4121b01b912668c049b26194a9a107c27a332429
	NOTE: Fixed upstream in 3.12.0 and 3.11.2
CVE-2020-25625 (hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list ha ...)
	{DLA-2469-1}
	- qemu 1:5.2+dfsg-1 (bug #970542)
	[buster] - qemu <postponed> (Can be fixed along in next qemu DSA)
	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05905.html
	NOTE: https://www.openwall.com/lists/oss-security/2020/09/17/1
	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=1be90ebecc95b09a2ee5af3f60c412b45a766c4f (v5.2.0-rc0)
CVE-2020-25624 (hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via ...)
	{DLA-2469-1}
	- qemu 1:5.2+dfsg-1 (bug #970541)
	[buster] - qemu <postponed> (Can be fixed along in next qemu DSA)
	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05492.html
	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=1328fe0c32d5474604105b8105310e944976b058 (v5.2.0-rc0)
CVE-2020-25623 (Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Director ...)
	- erlang 1:23.1+dfsg-1
	[buster] - erlang <not-affected> (Vulnerable code introduced later)
	[stretch] - erlang <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/erlang/otp/releases/tag/OTP-23.1
CVE-2020-25622 (An issue was discovered in SolarWinds N-Central 12.3.0.670. The Advanc ...)
	NOT-FOR-US: SolarWinds
CVE-2020-25621 (An issue was discovered in SolarWinds N-Central 12.3.0.670. The local  ...)
	NOT-FOR-US: SolarWinds
CVE-2020-25620 (An issue was discovered in SolarWinds N-Central 12.3.0.670. Hard-coded ...)
	NOT-FOR-US: SolarWinds
CVE-2020-25619 (An issue was discovered in SolarWinds N-Central 12.3.0.670. The SSH co ...)
	NOT-FOR-US: SolarWinds
CVE-2020-25618 (An issue was discovered in SolarWinds N-Central 12.3.0.670. The sudo c ...)
	NOT-FOR-US: SolarWinds
CVE-2020-25617 (An issue was discovered in SolarWinds N-Central 12.3.0.670. The Advanc ...)
	NOT-FOR-US: SolarWinds
CVE-2020-25616
	RESERVED
CVE-2020-25615
	RESERVED
CVE-2020-25614 (xmlquery before 1.3.1 lacks a check for whether a LoadURL response is  ...)
	- golang-github-antchfx-xmlquery 1.3.3-1
	NOTE: https://github.com/antchfx/xmlquery/issues/39
CVE-2020-25613 (An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, an ...)
	{DLA-2392-1 DLA-2391-1}
	- ruby2.7 2.7.1-4
	- ruby2.5 <removed>
	[buster] - ruby2.5 2.5.5-3+deb10u3
	- ruby2.3 <removed>
	- jruby <unfixed> (bug #972230)
	[buster] - jruby <no-dsa> (Minor issue)
	NOTE: https://www.ruby-lang.org/en/news/2020/09/29/http-request-smuggling-cve-2020-25613/
	NOTE: Fix in webrick: https://github.com/ruby/webrick/commit/8946bb38b4d87549f0d99ed73c62c41933f97cc7
CVE-2020-25612 (The NuPoint Messenger of Mitel MiCollab before 9.2 could allow an atta ...)
	NOT-FOR-US: Mitel
CVE-2020-25611 (The AWV portal of Mitel MiCollab before 9.2 could allow an attacker to ...)
	NOT-FOR-US: Mitel
CVE-2020-25610 (The AWV component of Mitel MiCollab before 9.2 could allow an attacker ...)
	NOT-FOR-US: Mitel
CVE-2020-25609 (The NuPoint Messenger Portal of Mitel MiCollab before 9.2 could allow  ...)
	NOT-FOR-US: Mitel
CVE-2020-25608 (The SAS portal of Mitel MiCollab before 9.2 could allow an attacker to ...)
	NOT-FOR-US: Mitel
CVE-2020-25607
	RESERVED
CVE-2020-25606 (The AWV component of Mitel MiCollab before 9.2 could allow an attacker ...)
	NOT-FOR-US: Mitel
CVE-2020-25605 (Cleartext transmission of sensitive information in Agora Video SDK pri ...)
	NOT-FOR-US: Agora Video SDK
CVE-2020-25604 (An issue was discovered in Xen through 4.14.x. There is a race conditi ...)
	{DSA-4769-1}
	- xen 4.14.0+80-gd101b417b7-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-336.html
CVE-2020-25603 (An issue was discovered in Xen through 4.14.x. There are missing memor ...)
	{DSA-4769-1}
	- xen 4.14.0+80-gd101b417b7-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-340.html
CVE-2020-25602 (An issue was discovered in Xen through 4.14.x. An x86 PV guest can tri ...)
	{DSA-4769-1}
	- xen 4.14.0+80-gd101b417b7-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-333.html
CVE-2020-25601 (An issue was discovered in Xen through 4.14.x. There is a lack of pree ...)
	{DSA-4769-1}
	- xen 4.14.0+80-gd101b417b7-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-344.html
CVE-2020-25600 (An issue was discovered in Xen through 4.14.x. Out of bounds event cha ...)
	{DSA-4769-1}
	- xen 4.14.0+80-gd101b417b7-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-342.html
CVE-2020-25599 (An issue was discovered in Xen through 4.14.x. There are evtchn_reset( ...)
	{DSA-4769-1}
	- xen 4.14.0+80-gd101b417b7-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-343.html
CVE-2020-25598 (An issue was discovered in Xen 4.14.x. There is a missing unlock in th ...)
	- xen <not-affected> (No affected version (only > 4.12) ever uploaded to unstable)
	NOTE: https://xenbits.xen.org/xsa/advisory-334.html
CVE-2020-25597 (An issue was discovered in Xen through 4.14.x. There is mishandling of ...)
	{DSA-4769-1}
	- xen 4.14.0+80-gd101b417b7-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-338.html
CVE-2020-25596 (An issue was discovered in Xen through 4.14.x. x86 PV guest kernels ca ...)
	{DSA-4769-1}
	- xen 4.14.0+80-gd101b417b7-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-339.html
CVE-2020-25595 (An issue was discovered in Xen through 4.14.x. The PCI passthrough cod ...)
	{DSA-4769-1}
	- xen 4.14.0+80-gd101b417b7-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-337.html
CVE-2020-25594 (HashiCorp Vault and Vault Enterprise allowed for enumeration of Secret ...)
	NOT-FOR-US: HashiCorp Vault
CVE-2020-25593 (Acronis True Image through 2021 on macOS allows local privilege escala ...)
	NOT-FOR-US: Acronis
CVE-2020-25592 (In SaltStack Salt through 3002, salt-netapi improperly validates eauth ...)
	{DSA-4837-1 DLA-2480-1}
	- salt 3002.1+dfsg1-1
	NOTE: https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
	NOTE: https://gitlab.com/saltstack/open/salt-patches/-/tree/master/patches/2020/09/25
CVE-2020-25591
	RESERVED
CVE-2020-25590
	RESERVED
CVE-2020-25589
	RESERVED
CVE-2020-25588
	RESERVED
CVE-2020-25587
	RESERVED
CVE-2020-25586
	RESERVED
CVE-2020-25585
	RESERVED
CVE-2020-25584 (In FreeBSD 13.0-STABLE before n245118, 12.2-STABLE before r369552, 11. ...)
	NOT-FOR-US: FreeBSD
CVE-2020-25583 (In FreeBSD 12.2-STABLE before r368250, 11.4-STABLE before r368253, 12. ...)
	NOT-FOR-US: FreeBSD
CVE-2020-25582 (In FreeBSD 12.2-STABLE before r369334, 11.4-STABLE before r369335, 12. ...)
	- kfreebsd-10 <unfixed> (unimportant)
CVE-2020-25581 (In FreeBSD 12.2-STABLE before r369312, 11.4-STABLE before r369313, 12. ...)
	- kfreebsd-10 <unfixed> (unimportant)
CVE-2020-25580 (In FreeBSD 12.2-STABLE before r369346, 11.4-STABLE before r369345, 12. ...)
	NOT-FOR-US: FreeBSD
CVE-2020-25579 (In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12. ...)
	- kfreebsd-10 <unfixed> (unimportant)
CVE-2020-25578 (In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12. ...)
	- kfreebsd-10 <unfixed> (unimportant)
CVE-2020-25577 (In FreeBSD 12.2-STABLE before r368250, 11.4-STABLE before r368253, 12. ...)
	NOT-FOR-US: FreeBSD
CVE-2020-25572
	RESERVED
CVE-2020-25571
	RESERVED
CVE-2020-25570
	RESERVED
CVE-2020-25569
	RESERVED
CVE-2020-25568
	RESERVED
CVE-2020-25567
	RESERVED
CVE-2020-25566 (In SapphireIMS 5.0, it is possible to take over an account by sending  ...)
	NOT-FOR-US: SapphireIMS
CVE-2020-25565 (In SapphireIMS 5.0, it is possible to use the hardcoded credential in  ...)
	NOT-FOR-US: SapphireIMS
CVE-2020-25564 (In SapphireIMS 5.0, it is possible to create local administrator on an ...)
	NOT-FOR-US: SapphireIMS
CVE-2020-25563 (In SapphireIMS 5.0, it is possible to create local administrator on an ...)
	NOT-FOR-US: SapphireIMS
CVE-2020-25562 (In SapphireIMS 5.0, there is no CSRF token present in the entire appli ...)
	NOT-FOR-US: SapphireIMS
CVE-2020-25561 (SapphireIMS 5 utilized default sapphire:ims credentials to connect the ...)
	NOT-FOR-US: SapphireIMS
CVE-2020-25560 (In SapphireIMS 5.0, it is possible to use the hardcoded credential in  ...)
	NOT-FOR-US: SapphireIMS
CVE-2020-25559 (gnuplot 5.5 is affected by double free when executing print_set_output ...)
	- gnuplot <unfixed> (unimportant)
	NOTE: https://sourceforge.net/p/gnuplot/bugs/2312/
	NOTE: No security impact, gnuplot can execute arbitrary commands and need to
	NOTE: come from a trusted source, see README.Debian.security (added in 5.2.6).
CVE-2020-25558
	RESERVED
CVE-2020-25557 (In CMSuno 1.6.2, an attacker can inject malicious PHP code as a "usern ...)
	NOT-FOR-US: CMSuno
CVE-2020-25556
	RESERVED
CVE-2020-25555
	RESERVED
CVE-2020-25554
	RESERVED
CVE-2020-25553
	RESERVED
CVE-2020-25552
	RESERVED
CVE-2020-25551
	RESERVED
CVE-2020-25550
	RESERVED
CVE-2020-25549
	RESERVED
CVE-2020-25548
	RESERVED
CVE-2020-25547
	RESERVED
CVE-2020-25546
	RESERVED
CVE-2020-25545
	RESERVED
CVE-2020-25544
	RESERVED
CVE-2020-25543
	RESERVED
CVE-2020-25542
	RESERVED
CVE-2020-25541
	RESERVED
CVE-2020-25540 (ThinkAdmin v6 is affected by a directory traversal vulnerability. An u ...)
	NOT-FOR-US: ThinkAdmin
CVE-2020-25539
	RESERVED
CVE-2020-25538 (An authenticated attacker can inject malicious code into "lang" parame ...)
	NOT-FOR-US: CMSuno
CVE-2020-25537 (File upload vulnerability exists in UCMS 1.5.0, and the attacker can t ...)
	NOT-FOR-US: UCMS
CVE-2020-25536
	RESERVED
CVE-2020-25535
	RESERVED
CVE-2020-25534
	RESERVED
CVE-2020-25533 (An issue was discovered in Malwarebytes before 4.0 on macOS. A malicio ...)
	NOT-FOR-US: Malwarebytes on macOS
CVE-2020-25532
	RESERVED
CVE-2020-25531
	RESERVED
CVE-2020-25530
	RESERVED
CVE-2020-25529
	RESERVED
CVE-2020-25528
	RESERVED
CVE-2020-25527
	RESERVED
CVE-2020-25526
	RESERVED
CVE-2020-25525
	RESERVED
CVE-2020-25524
	RESERVED
CVE-2020-25523
	RESERVED
CVE-2020-25522
	RESERVED
CVE-2020-25521
	RESERVED
CVE-2020-25520
	RESERVED
CVE-2020-25519
	RESERVED
CVE-2020-25518
	RESERVED
CVE-2020-25517
	RESERVED
CVE-2020-25516 (WSO2 Enterprise Integrator 6.6.0 or earlier contains a stored cross-si ...)
	NOT-FOR-US: WSO2 Enterprise Integrator
CVE-2020-25515 (Sourcecodester Simple Library Management System 1.0 is affected by Ins ...)
	NOT-FOR-US: Sourcecodester Simple Library Management System
CVE-2020-25514 (Sourcecodester Simple Library Management System 1.0 is affected by Inc ...)
	NOT-FOR-US: Sourcecodester Simple Library Management System
CVE-2020-25513
	RESERVED
CVE-2020-25512
	RESERVED
CVE-2020-25511
	RESERVED
CVE-2020-25510
	RESERVED
CVE-2020-25509
	RESERVED
CVE-2020-25508
	RESERVED
CVE-2020-25507 (An incorrect permission assignment during the installation script of T ...)
	NOT-FOR-US: No Magic TeamworkCloud
CVE-2020-25506 (D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injectio ...)
	NOT-FOR-US: D-Link
CVE-2020-25505
	RESERVED
CVE-2020-25504
	RESERVED
CVE-2020-25503
	RESERVED
CVE-2020-25502
	RESERVED
CVE-2020-25501
	RESERVED
CVE-2020-25500
	RESERVED
CVE-2020-25499 (TOTOLINK A3002RU-V2.0.0 B20190814.1034 allows authenticated remote use ...)
	NOT-FOR-US: TOTOLINK
CVE-2020-25498 (Cross Site Scripting (XSS) vulnerability in Beetel router 777VR1 can b ...)
	NOT-FOR-US: Beetel
CVE-2020-25497
	RESERVED
CVE-2020-25496
	RESERVED
CVE-2020-25495 (A reflected Cross-site scripting (XSS) vulnerability in Xinuo (formerl ...)
	NOT-FOR-US: Xinuo SCO Openserver
CVE-2020-25494 (Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute ...)
	NOT-FOR-US: Xinuo SCO Openserver
CVE-2020-25493 (Oclean Mobile Application 2.1.2 communicates with an external website  ...)
	NOT-FOR-US: Oclean Mobile Application
CVE-2020-25492
	RESERVED
CVE-2020-25491
	RESERVED
CVE-2020-25490 (Lack of cryptographic signature verification in the Sqreen PHP agent d ...)
	NOT-FOR-US: Sqreen
CVE-2020-25489 (A heap overflow in Sqreen PyMiniRacer (aka Python Mini Racer) before 0 ...)
	NOT-FOR-US: Sqreen
CVE-2020-25488
	RESERVED
CVE-2020-25487 (PHPGURUKUL Zoo Management System Using PHP and MySQL version 1.0 is af ...)
	NOT-FOR-US: PHPGURUKUL Zoo Management System
CVE-2020-25486
	RESERVED
CVE-2020-25485
	RESERVED
CVE-2020-25484
	RESERVED
CVE-2020-25483 (An arbitrary command execution vulnerability exists in the fopen() fun ...)
	NOT-FOR-US: UCMS
CVE-2020-25482
	RESERVED
CVE-2020-25481
	RESERVED
CVE-2020-25480
	RESERVED
CVE-2020-25479
	RESERVED
CVE-2020-25478
	RESERVED
CVE-2020-25477
	RESERVED
CVE-2020-25476 (Liferay CMS Portal version 7.1.3 and 7.2.1 have a blind persistent cro ...)
	NOT-FOR-US: Liferay CMS Portal
CVE-2020-25475 (SimplePHPscripts News Script PHP Pro 2.3 is affected by a SQL Injectio ...)
	NOT-FOR-US: SimplePHPscripts News Script PHP Pro
CVE-2020-25474 (SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site S ...)
	NOT-FOR-US: SimplePHPscripts News Script PHP Pro
CVE-2020-25473 (SimplePHPscripts News Script PHP Pro 2.3 does not properly set the Htt ...)
	NOT-FOR-US: SimplePHPscripts News Script PHP Pro
CVE-2020-25472 (SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site R ...)
	NOT-FOR-US: SimplePHPscripts News Script PHP Pro
CVE-2020-25471
	RESERVED
CVE-2020-25470 (AntSword 2.1.8.1 contains a cross-site scripting (XSS) vulnerability i ...)
	NOT-FOR-US: AntSword
CVE-2020-25469
	RESERVED
CVE-2020-25468
	RESERVED
CVE-2020-25467 (A null pointer dereference was discovered lzo_decompress_buf in stream ...)
	- lrzip <undetermined>
	NOTE: https://bugs.launchpad.net/ubuntu/+source/lrzip/+bug/1893641
	NOTE: https://github.com/ckolivas/lrzip/issues/163
	TODO: check fixing commit
CVE-2020-25466 (A SSRF vulnerability exists in the downloadimage interface of CRMEB 3. ...)
	NOT-FOR-US: CRMEB
CVE-2020-25465 (Null Pointer Dereference. in xObjectBindingFromExpression at moddable/ ...)
	NOT-FOR-US: Moddable SDK
CVE-2020-25464 (Heap buffer overflow at moddable/xs/sources/xsDebug.c in Moddable SDK  ...)
	NOT-FOR-US: Moddable SDK
CVE-2020-25463 (Invalid Memory Access in fxUTF8Decode at moddable/xs/sources/xsCommon. ...)
	NOT-FOR-US: Moddable SDK
CVE-2020-25462 (Heap buffer overflow in the fxCheckArrowFunction function at moddable/ ...)
	NOT-FOR-US: Moddable SDK
CVE-2020-25461 (Invalid Memory Access in the fxProxyGetter function in moddable/xs/sou ...)
	NOT-FOR-US: Moddable SDK
CVE-2020-25460
	RESERVED
CVE-2020-25459
	RESERVED
CVE-2020-25458
	RESERVED
CVE-2020-25457
	RESERVED
CVE-2020-25456
	RESERVED
CVE-2020-25455
	RESERVED
CVE-2020-25454 (Cross-site Scripting (XSS) vulnerability in grocy 2.7.1 via the add re ...)
	- grocy <itp> (bug #969056)
CVE-2020-25453 (An issue was discovered in BlackCat CMS before 1.4. There is a CSRF vu ...)
	NOT-FOR-US: BlackCat CMS
CVE-2020-25452
	RESERVED
CVE-2020-25451
	RESERVED
CVE-2020-25450
	RESERVED
CVE-2020-25449 (Cross Site Scripting (XSS) vulnerability in Arachnys Cabot 0.11.12 can ...)
	NOT-FOR-US: Arachnys Cabot
CVE-2020-25448
	RESERVED
CVE-2020-25447
	RESERVED
CVE-2020-25446
	RESERVED
CVE-2020-25445 (The &#8220;Subscribe&#8221; feature in Ultimate Booking System Booking ...)
	NOT-FOR-US: Ultimate Booking System Booking Core
CVE-2020-25444 (Cross Site Scripting (XSS) vulnerability in Booking Core - Ultimate Bo ...)
	NOT-FOR-US: Booking Core - Ultimate Booking System Booking Core
CVE-2020-25443
	RESERVED
CVE-2020-25442
	RESERVED
CVE-2020-25441
	RESERVED
CVE-2020-25440
	RESERVED
CVE-2020-25439
	RESERVED
CVE-2020-25438
	RESERVED
CVE-2020-25437
	RESERVED
CVE-2020-25436
	RESERVED
CVE-2020-25435
	RESERVED
CVE-2020-25434
	RESERVED
CVE-2020-25433
	RESERVED
CVE-2020-25432
	RESERVED
CVE-2020-25431
	RESERVED
CVE-2020-25430
	RESERVED
CVE-2020-25429
	RESERVED
CVE-2020-25428
	RESERVED
CVE-2020-25427 (A Null pointer dereference vulnerability exits in MP4Box - GPAC versio ...)
	- gpac <unfixed>
	NOTE: https://github.com/gpac/gpac/issues/1406
	NOTE: https://github.com/gpac/gpac/commit/8e585e623b1d666b4ef736ed609264639cb27701
CVE-2020-25426
	RESERVED
CVE-2020-25425
	RESERVED
CVE-2020-25424
	RESERVED
CVE-2020-25423
	RESERVED
CVE-2020-25422 (A cross site scripting (XSS) vulnerability in menuedit.php of Mara CMS ...)
	NOT-FOR-US: Mara CMS
CVE-2020-25421
	RESERVED
CVE-2020-25420
	RESERVED
CVE-2020-25419
	RESERVED
CVE-2020-25418
	RESERVED
CVE-2020-25417
	RESERVED
CVE-2020-25416
	RESERVED
CVE-2020-25415
	RESERVED
CVE-2020-25414 (A local file inclusion vulnerability was discovered in the captcha fun ...)
	NOT-FOR-US: Monstra CMS
CVE-2020-25413
	RESERVED
CVE-2020-25412 (com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write ...)
	- gnuplot <unfixed> (unimportant)
	NOTE: https://sourceforge.net/p/gnuplot/bugs/2303/
	NOTE: No security impact, gnuplot can execute arbitrary commands and need to
	NOTE: come from a trusted source, see README.Debian.security (added in 5.2.6).
CVE-2020-25411 (Projectworlds Online Examination System 1.0 is vulnerable to CSRF, whi ...)
	NOT-FOR-US: Projectworlds Online Examination System
CVE-2020-25410
	RESERVED
CVE-2020-25409 (Projectsworlds College Management System Php 1.0 is vulnerable to SQL  ...)
	NOT-FOR-US: Projectsworlds College Management System Php
CVE-2020-25408 (A Cross-Site Request Forgery (CSRF) vulnerability exists in ProjectWor ...)
	NOT-FOR-US: ProjectWorlds College Management System Php
CVE-2020-25407
	RESERVED
CVE-2020-25406 (app\admin\controller\sys\Uploads.php in lemocms 1.8.x allows users to  ...)
	NOT-FOR-US: lemocms
CVE-2020-25405
	RESERVED
CVE-2020-25404
	RESERVED
CVE-2020-25403
	RESERVED
CVE-2020-25402
	RESERVED
CVE-2020-25401
	RESERVED
CVE-2020-25400 (Cross domain policies in Taskcafe Project Management tool before versi ...)
	NOT-FOR-US: Taskcafe Project Management tool
CVE-2020-25399 (Stored XSS in InterMind iMind Server through 3.13.65 allows any user t ...)
	NOT-FOR-US: InterMind iMind Server
CVE-2020-25398 (CSV Injection exists in InterMind iMind Server through 3.13.65 via the ...)
	NOT-FOR-US: InterMind iMind Server
CVE-2020-25397
	RESERVED
CVE-2020-25396
	RESERVED
CVE-2020-25395
	RESERVED
CVE-2020-25394 (A stored cross site scripting (XSS) vulnerability in moziloCMS 2.0 all ...)
	NOT-FOR-US: moziloCMS
CVE-2020-25393
	RESERVED
CVE-2020-25392 (A cross site scripting (XSS) vulnerability in CSZ CMS 1.2.9 allows att ...)
	NOT-FOR-US: CSZ CMS
CVE-2020-25391 (A cross site scripting vulnerability in CSZ CMS 1.2.9 allows attackers ...)
	NOT-FOR-US: CSZ CMS
CVE-2020-25390
	RESERVED
CVE-2020-25389
	RESERVED
CVE-2020-25388
	RESERVED
CVE-2020-25387
	RESERVED
CVE-2020-25386
	RESERVED
CVE-2020-25385 (Nagios Log Server 2.1.7 contains a cross-site scripting (XSS) vulnerab ...)
	NOT-FOR-US: Nagios Log Server
CVE-2020-25384
	RESERVED
CVE-2020-25383
	RESERVED
CVE-2020-25382
	RESERVED
CVE-2020-25381
	RESERVED
CVE-2020-25380 (Wordpress Plugin Store / Mike Rooijackers Recall Products V0.8 is affe ...)
	NOT-FOR-US: Wordpress Plugin Store / Mike Rooijackers Recall Products
CVE-2020-25379 (Wordpress Plugin Store / Mike Rooijackers Recall Products V0.8 fails t ...)
	NOT-FOR-US: Wordpress Plugin Store / Mike Rooijackers Recall Products
CVE-2020-25378 (Wordpress Plugin Store / AccessPress Themes WP Floating Menu V1.3.0 is ...)
	NOT-FOR-US: Wordpress Plugin Store / AccessPress Themes WP Floating Menu
CVE-2020-25377
	RESERVED
CVE-2020-25376
	RESERVED
CVE-2020-25375 (Wordpress Plugin Store / SoftradeWeb SNC WP SMART CRM V1.8.7 is affect ...)
	NOT-FOR-US: Wordpress Plugin Store / SoftradeWeb SNC WP SMART CRM
CVE-2020-25374 (CyberArk Privileged Session Manager (PSM) 10.9.0.15 allows attackers t ...)
	NOT-FOR-US: CyberArk Privileged Session Manager (PSM)
CVE-2020-25373
	RESERVED
CVE-2020-25372
	RESERVED
CVE-2020-25371
	RESERVED
CVE-2020-25370
	RESERVED
CVE-2020-25369
	RESERVED
CVE-2020-25368 (A command injection vulnerability was discovered in the HNAP1 protocol ...)
	NOT-FOR-US: D-Link
CVE-2020-25367 (A command injection vulnerability was discovered in the HNAP1 protocol ...)
	NOT-FOR-US: D-Link
CVE-2020-25366 (An issue in the component /cgi-bin/upload_firmware.cgi of D-Link DIR-8 ...)
	NOT-FOR-US: D-Link
CVE-2020-25365
	RESERVED
CVE-2020-25364
	RESERVED
CVE-2020-25363
	RESERVED
CVE-2020-25362 (The id paramater in Online Shopping Alphaware 1.0 has been discovered  ...)
	NOT-FOR-US: Online Shopping Alphaware
CVE-2020-25361
	RESERVED
CVE-2020-25360
	RESERVED
CVE-2020-25359 (An arbitrary file deletion vulnerability in rConfig 3.9.5 has been fix ...)
	NOT-FOR-US: rConfig
CVE-2020-25358
	RESERVED
CVE-2020-25357
	RESERVED
CVE-2020-25356
	RESERVED
CVE-2020-25355
	RESERVED
CVE-2020-25354
	RESERVED
CVE-2020-25353 (A server-side request forgery (SSRF) vulnerability in rConfig 3.9.5 ha ...)
	NOT-FOR-US: rConfig
CVE-2020-25352 (A stored cross-site scripting (XSS) vulnerability in the /devices.php  ...)
	NOT-FOR-US: rConfig
CVE-2020-25351 (An information disclosure vulnerability in rConfig 3.9.5 has been fixe ...)
	NOT-FOR-US: rConfig
CVE-2020-25350
	RESERVED
CVE-2020-25349
	RESERVED
CVE-2020-25348
	RESERVED
CVE-2020-25347
	RESERVED
CVE-2020-25346
	RESERVED
CVE-2020-25345
	RESERVED
CVE-2020-25344
	RESERVED
CVE-2020-25343 (Cross-site scripting (XSS) vulnerabilities in Symphony CMS 3.0.0 allow ...)
	NOT-FOR-US: Symphony CMS
CVE-2020-25342
	RESERVED
CVE-2020-25341
	RESERVED
CVE-2020-25340 (An issue was discovered in NFStream 5.2.0. Because some allocated modu ...)
	NOT-FOR-US: NFStream (not src:ndpi)
CVE-2020-25339
	RESERVED
CVE-2020-25338
	RESERVED
CVE-2020-25337
	RESERVED
CVE-2020-25336
	RESERVED
CVE-2020-25335
	RESERVED
CVE-2020-25334
	RESERVED
CVE-2020-25333
	RESERVED
CVE-2020-25332
	RESERVED
CVE-2020-25331
	RESERVED
CVE-2020-25330
	RESERVED
CVE-2020-25329
	RESERVED
CVE-2020-25328
	RESERVED
CVE-2020-25327
	RESERVED
CVE-2020-25326
	RESERVED
CVE-2020-25325
	RESERVED
CVE-2020-25324
	RESERVED
CVE-2020-25323
	RESERVED
CVE-2020-25322
	RESERVED
CVE-2020-25321
	RESERVED
CVE-2020-25320
	RESERVED
CVE-2020-25319
	RESERVED
CVE-2020-25318
	RESERVED
CVE-2020-25317
	RESERVED
CVE-2020-25316
	RESERVED
CVE-2020-25315
	RESERVED
CVE-2020-25314
	RESERVED
CVE-2020-25313
	RESERVED
CVE-2020-25312
	RESERVED
CVE-2020-25311
	RESERVED
CVE-2020-25310
	RESERVED
CVE-2020-25309
	RESERVED
CVE-2020-25308
	RESERVED
CVE-2020-25307
	RESERVED
CVE-2020-25306
	RESERVED
CVE-2020-25305
	RESERVED
CVE-2020-25304
	RESERVED
CVE-2020-25303
	RESERVED
CVE-2020-25302
	RESERVED
CVE-2020-25301
	RESERVED
CVE-2020-25300
	RESERVED
CVE-2020-25299
	RESERVED
CVE-2020-25298
	RESERVED
CVE-2020-25297
	RESERVED
CVE-2020-25296
	RESERVED
CVE-2020-25295
	RESERVED
CVE-2020-25294
	RESERVED
CVE-2020-25293
	RESERVED
CVE-2020-25292
	RESERVED
CVE-2020-25291 (GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows r ...)
	NOT-FOR-US: Kingsoft WPS Office
CVE-2020-25290
	RESERVED
CVE-2020-25289 (The VPN service in AVAST SecureLine before 5.6.4982.470 allows local u ...)
	NOT-FOR-US: VPN service in AVAST SecureLine
CVE-2020-25288 (An issue was discovered in MantisBT before 2.24.3. When editing an Iss ...)
	- mantis <removed>
CVE-2020-25287 (Pligg 2.0.3 allows remote authenticated users to execute arbitrary com ...)
	NOT-FOR-US: Pligg CMS
CVE-2020-25285 (A race condition between hugetlb sysctl handlers in mm/hugetlb.c in th ...)
	{DLA-2420-1 DLA-2385-1}
	- linux 5.8.10-1
	[buster] - linux 4.19.146-1
	NOTE: https://git.kernel.org/linus/17743798d81238ab13050e8e2833699b54e15467
CVE-2020-25284 (The rbd block device driver in drivers/block/rbd.c in the Linux kernel ...)
	{DLA-2420-1 DLA-2385-1}
	- linux 5.8.10-1
	[buster] - linux 4.19.146-1
	NOTE: https://git.kernel.org/linus/f44d04e696feaf13d192d942c4f14ad2e117065a
CVE-2020-25283 (An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-25282 (An issue was discovered on LG mobile devices with Android OS 10 softwa ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-25281 (An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-25280 (An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-25279 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-25278 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-25277
	RESERVED
CVE-2020-25276 (An issue was discovered in PrimeKey EJBCA 6.x and 7.x before 7.4.1. Wh ...)
	NOT-FOR-US: PrimeKey
CVE-2020-25275 (Dovecot before 2.3.13 has Improper Input Validation in lda, lmtp, and  ...)
	{DSA-4825-1 DLA-2517-1}
	- dovecot 1:2.3.13+dfsg1-1 (bug #979363)
	NOTE: https://dovecot.org/pipermail/dovecot-news/2021-January/000451.html
	NOTE: https://github.com/dovecot/core/commit/67f792cb98267ee74c425772e766e7a2525c0d8f
	NOTE: https://github.com/dovecot/core/commit/6ae93c3936fc870c313a6fdf44a0999d4129d9b8
CVE-2020-25274
	RESERVED
CVE-2020-25273 (In SourceCodester Online Bus Booking System 1.0, there is Authenticati ...)
	NOT-FOR-US: SourceCodester Online Bus Booking System
CVE-2020-25272 (In SourceCodester Online Bus Booking System 1.0, there is XSS through  ...)
	NOT-FOR-US: SourceCodester Online Bus Booking System
CVE-2020-25271 (PHPGurukul hospital-management-system-in-php 4.0 allows XSS via admin/ ...)
	NOT-FOR-US: PHPGurukul hospital-management-system-in-php
CVE-2020-25270 (PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name,  ...)
	NOT-FOR-US: PHPGurukul hostel-management-system
CVE-2020-25269 (An issue was discovered in InspIRCd 2 before 2.0.29 and 3 before 3.6.0 ...)
	{DSA-4764-1 DLA-2375-1}
	- inspircd 3.8.0-1 (bug #960650)
	NOTE: https://docs.inspircd.org/security/2020-01/
	NOTE: https://github.com/inspircd/inspircd/commit/07d7dea334fc56642793aa5ae1e05ae3185c474b (v2)
	NOTE: https://github.com/inspircd/inspircd/commit/a9e107c646ac6d7310b55d0c2e0b06a9cec0a874 (v2)
	NOTE: https://github.com/inspircd/inspircd/commit/6f6fa13042f319bcd56ceed112c0a969337e4161 (v2)
	NOTE: https://github.com/inspircd/inspircd/commit/b3f1db9d162455af4b31edf231ba749140d37219 (v3)
	NOTE: https://github.com/inspircd/inspircd/commit/fbdd08043e97c2749ce2f03382559bba89abf47a (v3)
	NOTE: https://github.com/inspircd/inspircd/commit/b24a91181f58c7f7141de8995ff212993bcc333b (v3)
CVE-2020-25268 (Remote Code Execution can occur via the external news feed in ILIAS 6. ...)
	NOT-FOR-US: ILIAS
CVE-2020-25267 (An XSS issue exists in the question-pool file-upload preview feature i ...)
	NOT-FOR-US: ILIAS
CVE-2020-25266 (AppImage appimaged before 1.0.3 does not properly check whether a down ...)
	NOT-FOR-US: AppImage appimaged
CVE-2020-25265 (AppImage libappimage before 1.0.3 allows attackers to trigger an overw ...)
	- libappimage <unfixed> (bug #977192)
	[buster] - libappimage <no-dsa> (Minor issue)
	NOTE: https://github.com/AppImage/libappimage/pull/146
	NOTE: https://github.com/refi64/CVE-2020-25265-25266
CVE-2020-25264
	RESERVED
CVE-2020-25263 (PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) via the ...)
	NOT-FOR-US: PyroCMS
CVE-2020-25262 (PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) via the ...)
	NOT-FOR-US: PyroCMS
CVE-2020-25261
	RESERVED
CVE-2020-25260 (An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.1 ...)
	NOT-FOR-US: Hyland OnBase
CVE-2020-25259 (An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.1 ...)
	NOT-FOR-US: Hyland OnBase
CVE-2020-25258 (An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.1 ...)
	NOT-FOR-US: Hyland OnBase
CVE-2020-25257 (An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.1 ...)
	NOT-FOR-US: Hyland OnBase
CVE-2020-25256 (An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.1 ...)
	NOT-FOR-US: Hyland OnBase
CVE-2020-25255 (An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.1 ...)
	NOT-FOR-US: Hyland OnBase
CVE-2020-25254 (An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.1 ...)
	NOT-FOR-US: Hyland OnBase
CVE-2020-25253 (An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.1 ...)
	NOT-FOR-US: Hyland OnBase
CVE-2020-25252 (An issue was discovered in Hyland OnBase through 16.0.2.83 and below,  ...)
	NOT-FOR-US: Hyland OnBase
CVE-2020-25251 (An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.1 ...)
	NOT-FOR-US: Hyland OnBase
CVE-2020-25250 (An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.1 ...)
	NOT-FOR-US: Hyland OnBase
CVE-2020-25249 (An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.1 ...)
	NOT-FOR-US: Hyland OnBase
CVE-2020-25248 (An issue was discovered in Hyland OnBase through 16.0.2.83 and below,  ...)
	NOT-FOR-US: Hyland OnBase
CVE-2020-25247 (An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x th ...)
	NOT-FOR-US: Hyland OnBase
CVE-2020-25246
	RESERVED
CVE-2020-25245 (A vulnerability has been identified in DIGSI 4 (All versions &lt; V4.9 ...)
	NOT-FOR-US: Siemens
CVE-2020-25244 (A vulnerability has been identified in LOGO! Soft Comfort (All version ...)
	NOT-FOR-US: Siemens
CVE-2020-25243 (A vulnerability has been identified in LOGO! Soft Comfort (All version ...)
	NOT-FOR-US: Siemens
CVE-2020-25242 (A vulnerability has been identified in SIMATIC NET CP 343-1 Advanced ( ...)
	NOT-FOR-US: Siemens
CVE-2020-25241 (A vulnerability has been identified in SIMATIC MV400 family (All Versi ...)
	NOT-FOR-US: Siemens
CVE-2020-25240 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
	NOT-FOR-US: Siemens
CVE-2020-25239 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
	NOT-FOR-US: Siemens
CVE-2020-25238 (A vulnerability has been identified in PCS neo (Administration Console ...)
	NOT-FOR-US: Siemens
CVE-2020-25237 (A vulnerability has been identified in SINEC NMS (All versions &lt; V1 ...)
	NOT-FOR-US: Siemens
CVE-2020-25236 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
	NOT-FOR-US: Siemens
CVE-2020-25235 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
	NOT-FOR-US: Siemens
CVE-2020-25234 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
	NOT-FOR-US: Siemens
CVE-2020-25233 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
	NOT-FOR-US: Siemens
CVE-2020-25232 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
	NOT-FOR-US: Siemens
CVE-2020-25231 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
	NOT-FOR-US: Siemens
CVE-2020-25230 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
	NOT-FOR-US: Siemens
CVE-2020-25229 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
	NOT-FOR-US: Siemens
CVE-2020-25228 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
	NOT-FOR-US: Siemens
CVE-2020-25227
	RESERVED
CVE-2020-25226 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...)
	NOT-FOR-US: Siemens
CVE-2020-25225
	RESERVED
CVE-2020-25224
	RESERVED
CVE-2020-25223 (A remote code execution vulnerability exists in the WebAdmin of Sophos ...)
	NOT-FOR-US: Sophos
CVE-2020-25222
	RESERVED
CVE-2020-25221 (get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5 ...)
	- linux 5.8.7-1
	[buster] - linux <not-affected> (Vulnerable code introduced later)
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.kernel.org/linus/9fa2dd946743ae6f30dc4830da19147bf100a7f2
CVE-2020-25220 (The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.1 ...)
	{DLA-2420-1}
	- linux <not-affected> (Vulnerable code not present and no partial CVE-2020-14356 fix backported)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1868453
	NOTE: https://www.spinics.net/lists/stable/msg405099.html
CVE-2020-25219 (url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a rem ...)
	{DSA-4800-1 DLA-2372-1}
	- libproxy 0.4.15-15 (bug #971394)
	NOTE: https://github.com/libproxy/libproxy/issues/134
	NOTE: https://github.com/libproxy/libproxy/commit/a83dae404feac517695c23ff43ce1e116e2bfbe0
CVE-2020-25218 (Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) ...)
	NOT-FOR-US: Grandstream GRP261x VoIP phone
CVE-2020-25217 (Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) ...)
	NOT-FOR-US: Grandstream GRP261x VoIP phone
CVE-2020-25216 (yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Tran ...)
	NOT-FOR-US: yWorks yEd Desktop
CVE-2020-25215 (yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or Grap ...)
	NOT-FOR-US: yWorks yEd Desktop
CVE-2020-25214 (In the client in Overwolf 0.149.2.30, a channel can be accessed or inf ...)
	NOT-FOR-US: Overwolf
CVE-2020-25213 (The File Manager (wp-file-manager) plugin before 6.9 for WordPress all ...)
	NOT-FOR-US: File Manager (wp-file-manager) plugin for WordPress
CVE-2020-25212 (A TOCTOU mismatch in the NFS client code in the Linux kernel before 5. ...)
	{DLA-2420-1 DLA-2385-1}
	- linux 5.7.17-1
	[buster] - linux 4.19.146-1
	NOTE: https://git.kernel.org/linus/b4487b93545214a9db8cbf32e86411677b0cca21
CVE-2020-25211 (In the Linux kernel through 5.8.7, local attackers able to inject conn ...)
	{DSA-4774-1 DLA-2420-1 DLA-2417-1}
	- linux 5.8.14-1
	NOTE: https://git.kernel.org/linus/1cc5ef91d2ff94d2bf2de3b3585423e8a1051cb6
CVE-2020-25210 (In JetBrains YouTrack before 2020.3.7955, an attacker could access wor ...)
	NOT-FOR-US: JetBrains
CVE-2020-25209 (In JetBrains YouTrack before 2020.3.6638, improper access control for  ...)
	NOT-FOR-US: JetBrains
CVE-2020-25208 (In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate  ...)
	NOT-FOR-US: JetBrains
CVE-2020-25207 (JetBrains ToolBox before version 1.18 is vulnerable to Remote Code Exe ...)
	NOT-FOR-US: JetBrains
CVE-2020-25206 (The web console for Mimosa B5, B5c, and C5x firmware through 2.8.0.2 a ...)
	NOT-FOR-US: F-Secure
CVE-2020-25205 (The web console for Mimosa B5, B5c, and C5x firmware through 2.8.0.2 i ...)
	NOT-FOR-US: F-Secure
CVE-2020-25204 (The God Kings application 0.60.1 for Android exposes a broadcast recei ...)
	NOT-FOR-US: God Kings application for Android
CVE-2020-25203 (The Framer Preview application 12 for Android exposes com.framer.viewe ...)
	NOT-FOR-US: Framer Preview application
CVE-2020-25576 (An issue was discovered in the rand_core crate before 0.4.2 for Rust.  ...)
	- rust-rand-core 0.5.0-1 (bug #969911; low)
	[buster] - rust-rand-core <ignored> (Minor issue)
	- rust-rand-core-0.3 <removed> (bug #970186; low)
	- rust-rand-core-0.2 <removed> (bug #970185; low)
	[buster] - rust-rand-core-0.2 <ignored> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2019-0035.html
	NOTE: https://github.com/rust-random/rand/blob/master/rand_core/CHANGELOG.md#050---2019-06-06
CVE-2020-25574 (An issue was discovered in the http crate before 0.1.20 for Rust. An i ...)
	- rust-http 0.1.19-2 (bug #969896; low)
	[buster] - rust-http <no-dsa> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2019-0033.html
	NOTE: https://github.com/hyperium/http/issues/352
CVE-2020-25575 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in the failure ...)
	- rust-failure <unfixed> (bug #969839; low)
	[bullseye] - rust-failure <ignored> (Minor issue; unmaintained upstream)
	[buster] - rust-failure <ignored> (Minor issue; unmaintained upstream)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0036.html
	NOTE: https://github.com/rust-lang-nursery/failure/issues/336
CVE-2020-25202
	RESERVED
CVE-2020-25201 (HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a names ...)
	- consul 1.8.6+dfsg1-1 (bug #973892)
	[buster] - consul <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/hashicorp/consul/pull/9024
	NOTE: https://github.com/hashicorp/consul/blob/master/CHANGELOG.md#185-october-23-2020
CVE-2020-25200 (** DISPUTED ** Pritunl 1.29.2145.25 allows attackers to enumerate vali ...)
	NOT-FOR-US: Pritunl
CVE-2020-25199 (A heap-based buffer overflow vulnerability exists within the WECON Lev ...)
	NOT-FOR-US: WECON LeviStudioU
CVE-2020-25198 (The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2 ...)
	NOT-FOR-US: MOXA NPort IAW5000A-I/O firmware
CVE-2020-25197
	RESERVED
CVE-2020-25196 (The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2 ...)
	NOT-FOR-US: MOXA NPort IAW5000A-I/O firmware
CVE-2020-25195 (The length of the input fields of Host Engineering H0-ECOM100, H2-ECOM ...)
	NOT-FOR-US: Host Engineering
CVE-2020-25194 (The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2 ...)
	NOT-FOR-US: MOXA NPort IAW5000A-I/O firmware
CVE-2020-25193
	RESERVED
CVE-2020-25192 (The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2 ...)
	NOT-FOR-US: MOXA NPort IAW5000A-I/O firmware
CVE-2020-25191 (Incorrect permissions are set by default for an API entry-point of a s ...)
	NOT-FOR-US: National Instruments Corp. (NI)
CVE-2020-25190 (The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2 ...)
	NOT-FOR-US: MOXA NPort IAW5000A-I/O firmware
CVE-2020-25189 (The affected product is vulnerable to three stack-based buffer overflo ...)
	NOT-FOR-US: Paradox IP150
CVE-2020-25188 (An attacker who convinces a valid user to open a specially crafted pro ...)
	NOT-FOR-US: LAquis SCADA
CVE-2020-25187 (Medtronic MyCareLink Smart 25000 all versions are vulnerable when an a ...)
	NOT-FOR-US: Medtronic MyCareLink Smart 25000
CVE-2020-25186 (An XXE vulnerability exists within LeviStudioU Release Build 2019-09-2 ...)
	NOT-FOR-US: LeviStudioU Release
CVE-2020-25185 (The affected product is vulnerable to five post-authentication buffer  ...)
	NOT-FOR-US: Paradox IP150
CVE-2020-25184
	RESERVED
CVE-2020-25183 (Medtronic MyCareLink Smart 25000 all versions contain an authenticatio ...)
	NOT-FOR-US: Medtronic MyCareLink Smart 25000
CVE-2020-25182
	RESERVED
CVE-2020-25181 (WECON PLC Editor Versions 1.3.8 and prior has a heap-based buffer over ...)
	NOT-FOR-US: WECON PLC Editor
CVE-2020-25180
	RESERVED
CVE-2020-25179 (GE Healthcare Imaging and Ultrasound Products may allow specific crede ...)
	NOT-FOR-US: GE Healthcare Imaging and Ultrasound Products
CVE-2020-25178
	RESERVED
CVE-2020-25177 (WECON PLC Editor Versions 1.3.8 and prior has a stack-based buffer ove ...)
	NOT-FOR-US: WECON PLC Editor
CVE-2020-25176
	RESERVED
CVE-2020-25175 (GE Healthcare Imaging and Ultrasound Products may allow specific crede ...)
	NOT-FOR-US: GE Healthcare Imaging and Ultrasound Products
CVE-2020-25174 (A DLL hijacking vulnerability in the B. Braun OnlineSuite Version AP 3 ...)
	NOT-FOR-US: B. Braun OnlineSuite Version AP
CVE-2020-25173 (An attacker with local network access can obtain a fixed cryptography  ...)
	NOT-FOR-US: Reolink P2P cameras
CVE-2020-25172 (A relative path traversal attack in the B. Braun OnlineSuite Version A ...)
	NOT-FOR-US: B. Braun OnlineSuite Version AP
CVE-2020-25171 (The affected Fuji Electric V-Server Lite versions prior to 3.3.24.0 ar ...)
	NOT-FOR-US: Fuji Electric
CVE-2020-25170 (An Excel Macro Injection vulnerability exists in the export feature in ...)
	NOT-FOR-US: B. Braun OnlineSuite Version AP
CVE-2020-25169 (The affected Reolink P2P products do not sufficiently protect data tra ...)
	NOT-FOR-US: Reolink P2P products
CVE-2020-25168
	RESERVED
CVE-2020-25167
	RESERVED
CVE-2020-25166
	RESERVED
CVE-2020-25165 (BD Alaris PC Unit, Model 8015, Versions 9.33.1 and earlier and BD Alar ...)
	NOT-FOR-US: BD Alaris PC Unit
CVE-2020-25164
	RESERVED
CVE-2020-25163
	RESERVED
CVE-2020-25162
	RESERVED
CVE-2020-25161 (The WADashboard component of WebAccess/SCADA Versions 9.0 and prior ma ...)
	NOT-FOR-US: WebAccess/SCADA
CVE-2020-25160
	RESERVED
CVE-2020-25159 (499ES EtherNet/IP (ENIP) Adaptor Source Code is vulnerable to a stack- ...)
	NOT-FOR-US: 499ES
CVE-2020-25158
	RESERVED
CVE-2020-25157 (The R-SeeNet webpage (1.5.1 through 2.4.10) suffers from SQL injection ...)
	NOT-FOR-US: R-SeeNet
CVE-2020-25156
	RESERVED
CVE-2020-25155 (The affected product transmits unencrypted sensitive information, whic ...)
	NOT-FOR-US: NEXCOM
CVE-2020-25154
	RESERVED
CVE-2020-25153 (The built-in web service for MOXA NPort IAW5000A-I/O firmware version  ...)
	NOT-FOR-US: MOXA NPort IAW5000A-I/O firmware
CVE-2020-25152
	RESERVED
CVE-2020-25151 (The affected product does not properly validate input, which may allow ...)
	NOT-FOR-US: NEXCOM
CVE-2020-25150
	RESERVED
CVE-2020-25149 (An issue was discovered in Observium Professional, Enterprise &amp; Co ...)
	NOT-FOR-US: Observium
CVE-2020-25148 (An issue was discovered in Observium Professional, Enterprise &amp; Co ...)
	NOT-FOR-US: Observium
CVE-2020-25147 (An issue was discovered in Observium Professional, Enterprise &amp; Co ...)
	NOT-FOR-US: Observium
CVE-2020-25146 (An issue was discovered in Observium Professional, Enterprise &amp; Co ...)
	NOT-FOR-US: Observium
CVE-2020-25145 (An issue was discovered in Observium Professional, Enterprise &amp; Co ...)
	NOT-FOR-US: Observium
CVE-2020-25144 (An issue was discovered in Observium Professional, Enterprise &amp; Co ...)
	NOT-FOR-US: Observium
CVE-2020-25143 (An issue was discovered in Observium Professional, Enterprise &amp; Co ...)
	NOT-FOR-US: Observium
CVE-2020-25142 (An issue was discovered in Observium Professional, Enterprise &amp; Co ...)
	NOT-FOR-US: Observium
CVE-2020-25141 (An issue was discovered in Observium Professional, Enterprise &amp; Co ...)
	NOT-FOR-US: Observium
CVE-2020-25140 (An issue was discovered in Observium Professional, Enterprise &amp; Co ...)
	NOT-FOR-US: Observium
CVE-2020-25139 (An issue was discovered in Observium Professional, Enterprise &amp; Co ...)
	NOT-FOR-US: Observium
CVE-2020-25138 (An issue was discovered in Observium Professional, Enterprise &amp; Co ...)
	NOT-FOR-US: Observium
CVE-2020-25137 (An issue was discovered in Observium Professional, Enterprise &amp; Co ...)
	NOT-FOR-US: Observium
CVE-2020-25136 (An issue was discovered in Observium Professional, Enterprise &amp; Co ...)
	NOT-FOR-US: Observium
CVE-2020-25135 (An issue was discovered in Observium Professional, Enterprise &amp; Co ...)
	NOT-FOR-US: Observium
CVE-2020-25134 (An issue was discovered in Observium Professional, Enterprise &amp; Co ...)
	NOT-FOR-US: Observium
CVE-2020-25133 (An issue was discovered in Observium Professional, Enterprise &amp; Co ...)
	NOT-FOR-US: Observium
CVE-2020-25132 (An issue was discovered in Observium Professional, Enterprise &amp; Co ...)
	NOT-FOR-US: Observium
CVE-2020-25131 (An issue was discovered in Observium Professional, Enterprise &amp; Co ...)
	NOT-FOR-US: Observium
CVE-2020-25130 (An issue was discovered in Observium Professional, Enterprise &amp; Co ...)
	NOT-FOR-US: Observium
CVE-2020-25129
	RESERVED
CVE-2020-25128
	RESERVED
CVE-2020-25127
	RESERVED
CVE-2020-25126
	RESERVED
CVE-2020-25124 (The Admin CP in vBulletin 5.6.3 allows XSS via an admincp/attachment.p ...)
	NOT-FOR-US: vBulletin
CVE-2020-25123 (The Admin CP in vBulletin 5.6.3 allows XSS via a Smilie Title to Smili ...)
	NOT-FOR-US: vBulletin
CVE-2020-25122 (The Admin CP in vBulletin 5.6.3 allows XSS via a Rank Type to User Ran ...)
	NOT-FOR-US: vBulletin
CVE-2020-25121 (The Admin CP in vBulletin 5.6.3 allows XSS via the Paid Subscription E ...)
	NOT-FOR-US: vBulletin
CVE-2020-25120 (The Admin CP in vBulletin 5.6.3 allows XSS via the admincp/search.php? ...)
	NOT-FOR-US: vBulletin
CVE-2020-25119 (The Admin CP in vBulletin 5.6.3 allows XSS via a Title of a Child Help ...)
	NOT-FOR-US: vBulletin
CVE-2020-25118 (The Admin CP in vBulletin 5.6.3 allows XSS via a Style Options Setting ...)
	NOT-FOR-US: vBulletin
CVE-2020-25117 (The Admin CP in vBulletin 5.6.3 allows XSS via a Junior Member Title t ...)
	NOT-FOR-US: vBulletin
CVE-2020-25116 (The Admin CP in vBulletin 5.6.3 allows XSS via an Announcement Title t ...)
	NOT-FOR-US: vBulletin
CVE-2020-25115 (The Admin CP in vBulletin 5.6.3 allows XSS via an Occupation Title or  ...)
	NOT-FOR-US: vBulletin
CVE-2020-25114
	RESERVED
CVE-2020-25113
	RESERVED
CVE-2020-25112 (An issue was discovered in the IPv6 stack in Contiki through 3.0. Ther ...)
	NOT-FOR-US: Contiki
CVE-2020-25111 (An issue was discovered in the IPv6 stack in Contiki through 3.0. Ther ...)
	NOT-FOR-US: Contiki
CVE-2020-25110 (An issue was discovered in the DNS implementation in Ethernut in Nut/O ...)
	NOT-FOR-US: Nut/OS
CVE-2020-25109 (An issue was discovered in the DNS implementation in Ethernut in Nut/O ...)
	NOT-FOR-US: Nut/OS
CVE-2020-25108 (An issue was discovered in the DNS implementation in Ethernut in Nut/O ...)
	NOT-FOR-US: Nut/OS
CVE-2020-25107 (An issue was discovered in the DNS implementation in Ethernut in Nut/O ...)
	NOT-FOR-US: Nut/OS
CVE-2020-25106 (Nanosystems SupRemo 4.1.3.2348 allows attackers to obtain LocalSystem  ...)
	NOT-FOR-US: Nanosystems SupRemo
CVE-2020-25105 (eramba c2.8.1 and Enterprise before e2.19.3 has a weak password recove ...)
	NOT-FOR-US: eramba
CVE-2020-25104 (eramba c2.8.1 and Enterprise before e2.19.3 allows XSS via a crafted f ...)
	NOT-FOR-US: eramba
CVE-2020-25103
	RESERVED
CVE-2020-25102 (silverstripe-advancedreports (aka the Advanced Reports module for Silv ...)
	NOT-FOR-US: silverstripe-advancedreports
CVE-2020-25101
	RESERVED
CVE-2020-25125 (GnuPG 2.2.21 and 2.2.22 (and Gpg4win 3.1.12) has an array overflow, le ...)
	- gnupg2 <not-affected> (Only affects versions 2.2.21 and 2.2.22)
	NOTE: https://dev.gnupg.org/T5050
	NOTE: https://lists.gnupg.org/pipermail/gnupg-announce/2020q3/000448.html
CVE-2020-25100
	RESERVED
CVE-2020-25099
	RESERVED
CVE-2020-25098
	RESERVED
CVE-2020-25097 (An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. D ...)
	{DSA-4873-1 DLA-2598-1}
	- squid 4.13-8 (bug #985068)
	- squid3 <removed>
	NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-jvf6-h9gj-pmj6
	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_11.patch
CVE-2020-25096 (LogRhythm Platform Manager (PM) 7.4.9 has Incorrect Access Control. Us ...)
	NOT-FOR-US: LogRhythm Platform Manager (PM)
CVE-2020-25095 (LogRhythm Platform Manager (PM) 7.4.9 allows CSRF. The Web interface i ...)
	NOT-FOR-US: LogRhythm Platform Manager (PM)
CVE-2020-25094 (LogRhythm Platform Manager 7.4.9 allows Command Injection. To exploit  ...)
	NOT-FOR-US: LogRhythm Platform Manager (PM)
CVE-2020-25093 (Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in blog.p ...)
	NOT-FOR-US: Ecommerce-CodeIgniter-Bootstrap
CVE-2020-25092 (Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in _parts ...)
	NOT-FOR-US: Ecommerce-CodeIgniter-Bootstrap
CVE-2020-25091 (Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in applic ...)
	NOT-FOR-US: Ecommerce-CodeIgniter-Bootstrap
CVE-2020-25090 (Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in applic ...)
	NOT-FOR-US: Ecommerce-CodeIgniter-Bootstrap
CVE-2020-25089 (Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in applic ...)
	NOT-FOR-US: Ecommerce-CodeIgniter-Bootstrap
CVE-2020-25088 (Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in applic ...)
	NOT-FOR-US: Ecommerce-CodeIgniter-Bootstrap
CVE-2020-25087 (Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in applic ...)
	NOT-FOR-US: Ecommerce-CodeIgniter-Bootstrap
CVE-2020-25086 (Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in applic ...)
	NOT-FOR-US: Ecommerce-CodeIgniter-Bootstrap
CVE-2020-25085 (QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue  ...)
	{DLA-2469-1}
	- qemu 1:5.2+dfsg-1 (bug #970540)
	[buster] - qemu <postponed> (Can be fixed along in next qemu DSA)
	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg00733.html
	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg01439.html
	NOTE: https://www.openwall.com/lists/oss-security/2020/09/16/6
	NOTE: https://bugs.launchpad.net/qemu/+bug/1892960
	NOTE: https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Fsdhci_oob_write1
	NOTE: The second patch referenced appears not to be needed with the commited
	NOTE: fix and relates to the CVE-2020-17380 assignment.
	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=dfba99f17feb6d4a129da19d38df1bcd8579d1c3 (v5.2.0-rc0)
CVE-2020-25084 (QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_p ...)
	{DLA-2560-1}
	- qemu 1:5.2+dfsg-1 (bug #970539)
	[buster] - qemu <postponed> (Can be fixed along in next qemu DSA)
	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-08/msg08050.html
	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-08/msg08043.html
	NOTE: https://www.openwall.com/lists/oss-security/2020/09/16/5
	NOTE: https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Fxhci_uaf_2
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=21bc31524e8ca487e976f713b878d7338ee00df2
CVE-2020-25083
	RESERVED
CVE-2020-25082 (An attacker with physical access to Nuvoton Trusted Platform Module (N ...)
	NOT-FOR-US: Nuvoton
CVE-2020-25081
	RESERVED
CVE-2020-25080
	RESERVED
CVE-2020-25079 (An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and  ...)
	NOT-FOR-US: D-Link
CVE-2020-25078 (An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and  ...)
	NOT-FOR-US: D-Link
CVE-2020-25077
	RESERVED
CVE-2020-25076
	RESERVED
CVE-2020-25075
	RESERVED
CVE-2020-25074 (The cache action in action/cache.py in MoinMoin through 1.9.10 allows  ...)
	{DSA-4787-1 DLA-2446-1}
	- moin <removed>
	NOTE: https://github.com/moinwiki/moin-1.9/security/advisories/GHSA-52q8-877j-gghq
	NOTE: https://github.com/moinwiki/moin-1.9/commit/d1e5fc7d3708d877353ca64dd4aa7cfd1cde4cb4 (1.9.11)
CVE-2020-25072
	RESERVED
CVE-2020-25071 (** DISPUTED ** Nifty Project Management Web Application 2020-08-26 all ...)
	NOT-FOR-US: Nifty Project Management Web Application
CVE-2020-25070 (USVN (aka User-friendly SVN) before 1.0.10 allows CSRF, related to the ...)
	NOT-FOR-US: User-friendly SVN
CVE-2020-25069 (USVN (aka User-friendly SVN) before 1.0.10 allows attackers to execute ...)
	NOT-FOR-US: User-friendly SVN
CVE-2020-25073 (FreedomBox through 20.13 allows remote attackers to obtain sensitive i ...)
	- plinth 20.14
	[buster] - plinth 19.1+deb10u1
	[stretch] - plinth <no-dsa> (Minor issue)
	NOTE: https://salsa.debian.org/freedombox-team/freedombox/-/issues/1935
	NOTE: https://salsa.debian.org/freedombox-team/freedombox/-/commit/822c322d20d12f81c6cfca47b66f900542a5aac2
CVE-2020-25068 (Setelsa Conacwin v3.7.1.2 is vulnerable to a local file inclusion vuln ...)
	NOT-FOR-US: Setelsa Conacwin
CVE-2020-25067 (NETGEAR R8300 devices before 1.0.2.134 are affected by command injecti ...)
	NOT-FOR-US: Netgear
CVE-2020-25066 (A heap-based buffer overflow in the Treck HTTP Server component before ...)
	NOT-FOR-US: Treck
CVE-2020-25065 (An issue was discovered on LG mobile devices with Android OS 4.4, 5.0, ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-25064 (An issue was discovered on LG mobile devices with Android OS 4.4, 5.0, ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-25063 (An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-25062 (An issue was discovered on LG mobile devices with Android OS 9 and 10  ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-25061 (An issue was discovered on LG mobile devices with Android OS 9 and 10  ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-25060 (An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-25059 (An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-25058 (An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-25057 (An issue was discovered on LG mobile devices with Android OS 10 softwa ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-25056 (An issue was discovered on Samsung mobile devices with Q(10.0) (Galaxy ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-25055 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-25054 (An issue was discovered on Samsung mobile devices with software throug ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-25053 (An issue was discovered on Samsung mobile devices with Q(10.0) (exynos ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-25052 (An issue was discovered on Samsung mobile devices with Q(10.0) (exynos ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-25051 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-25050 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-25049 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-25048 (An issue was discovered on Samsung mobile devices with Q(10.0) (with O ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-25047 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-25046 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-25045 (Installers of Kaspersky Security Center and Kaspersky Security Center  ...)
	NOT-FOR-US: Kaspersky
CVE-2020-25044 (Kaspersky Virus Removal Tool (KVRT) prior to 15.0.23.0 was vulnerable  ...)
	NOT-FOR-US: Kaspersky
CVE-2020-25043 (The installer of Kaspersky VPN Secure Connection prior to 5.0 was vuln ...)
	NOT-FOR-US: Kaspersky
CVE-2020-25042 (An arbitrary file upload issue exists in Mara CMS 7.5. In order to exp ...)
	NOT-FOR-US: Mara CMS
CVE-2020-25041
	RESERVED
CVE-2020-25040 (Sylabs Singularity through 3.6.2 has Insecure Permissions on temporary ...)
	[experimental] - singularity-container 3.9.4+ds2-1
	- singularity-container <unfixed> (bug #970465)
	NOTE: https://github.com/hpcng/singularity/security/advisories/GHSA-jv9c-w74q-6762
CVE-2020-25039 (Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on tem ...)
	[experimental] - singularity-container 3.9.4+ds2-1
	- singularity-container <unfixed> (bug #970465)
	NOTE: https://github.com/hpcng/singularity/security/advisories/GHSA-w6v2-qchm-grj7
CVE-2020-25038
	RESERVED
CVE-2020-25037 (UCOPIA Wi-Fi appliances 6.0.5 allow arbitrary code execution with admi ...)
	NOT-FOR-US: UCOPIA Wi-Fi appliances
CVE-2020-25036 (UCOPIA Wi-Fi appliances 6.0.5 allow authenticated remote attackers to  ...)
	NOT-FOR-US: UCOPIA Wi-Fi appliances
CVE-2020-25035 (UCOPIA Wi-Fi appliances 6.0.5 allow arbitrary code execution with root ...)
	NOT-FOR-US: UCOPIA Wi-Fi appliances
CVE-2020-25034 (eMPS prior to eMPS 9.0 FireEye EX 3500 devices allows remote authentic ...)
	NOT-FOR-US: eMPS
CVE-2020-25033 (The Blubrry subscribe-sidebar (aka Subscribe Sidebar) plugin 1.3.1 for ...)
	NOT-FOR-US: Blubrry subscribe-sidebar (aka Subscribe Sidebar) plugin for WordPress
CVE-2020-25032 (An issue was discovered in Flask-CORS (aka CORS Middleware for Flask)  ...)
	{DSA-4775-1}
	- python-flask-cors 3.0.9-1 (bug #969362)
	NOTE: https://github.com/corydolphin/flask-cors/commit/67c4b2cc98ae87cf1fa7df4f97fd81b40c79b895
CVE-2020-25031 (checkinstall 1.6.2, when used to create a package that contains a syml ...)
	- checkinstall <unfixed> (unimportant)
	NOTE: https://bugs.launchpad.net/ubuntu/+source/checkinstall/+bug/1861281
	NOTE: Does not cross any reasonable trust boundary, the packages to be installed need to be
	NOTE: trusted to begin with, a rogue package can cause more harm than a 777 binary
CVE-2020-25030
	RESERVED
CVE-2020-25029
	RESERVED
CVE-2020-25028
	RESERVED
CVE-2020-25027
	RESERVED
CVE-2020-25026 (The sf_event_mgt (aka Event management and registration) extension bef ...)
	NOT-FOR-US: Typo extension
CVE-2020-25025 (The l10nmgr (aka Localization Manager) extension before 7.4.0, 8.x bef ...)
	NOT-FOR-US: Typo extension
CVE-2020-25024
	RESERVED
CVE-2020-25023 (An issue was discovered in Noise-Java through 2020-08-27. AESGCMOnCtrC ...)
	NOT-FOR-US: Noise-Java
CVE-2020-25022 (An issue was discovered in Noise-Java through 2020-08-27. AESGCMFallba ...)
	NOT-FOR-US: Noise-Java
CVE-2020-25021 (An issue was discovered in Noise-Java through 2020-08-27. ChaChaPolyCi ...)
	NOT-FOR-US: Noise-Java
CVE-2020-25020 (MPXJ through 8.1.3 allows XXE attacks. This affects the GanttProjectRe ...)
	NOT-FOR-US: MPXJ
CVE-2020-25019 (jitsi-meet-electron (aka Jitsi Meet Electron) before 2.3.0 calls the E ...)
	NOT-FOR-US: jitsi-meet-electron
CVE-2020-25018 (Envoy master between 2d69e30 and 3b5acb2 may fail to parse request URL ...)
	- envoyproxy <itp> (bug #987544)
CVE-2020-25017 (Envoy through 1.15.0 only considers the first value when multiple head ...)
	- envoyproxy <itp> (bug #987544)
CVE-2020-25015 (A specific router allows changing the Wi-Fi password remotely. Genexis ...)
	NOT-FOR-US: Genexis Platinum 4410 V2-1.28
CVE-2020-25014 (A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and  ...)
	NOT-FOR-US: Zyxel
CVE-2020-25013 (JetBrains ToolBox before version 1.18 is vulnerable to a Denial of Ser ...)
	NOT-FOR-US: JetBrains
CVE-2020-25012
	RESERVED
CVE-2020-25011 (A sensitive information disclosure vulnerability in Kyland KPS2204 6 P ...)
	NOT-FOR-US: Kyland
CVE-2020-25010 (An arbitrary code execution vulnerability in Kyland KPS2204 6 Port Man ...)
	NOT-FOR-US: Kyland
CVE-2020-25009
	RESERVED
CVE-2020-25008
	RESERVED
CVE-2020-25007
	RESERVED
CVE-2020-25006 (Heybbs v1.2 has a SQL injection vulnerability in login.php file via th ...)
	NOT-FOR-US: Heybbs
CVE-2020-25005 (Heybbs v1.2 has a SQL injection vulnerability in msg.php file via the  ...)
	NOT-FOR-US: Heybbs
CVE-2020-25004 (Heybbs v1.2 has a SQL injection vulnerability in user.php file via the ...)
	NOT-FOR-US: Heybbs
CVE-2020-25003
	RESERVED
CVE-2020-25002
	RESERVED
CVE-2020-25001
	RESERVED
CVE-2020-25000
	RESERVED
CVE-2020-24999 (There is an invalid memory access in the function fprintf located in E ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=42029
CVE-2020-24998
	RESERVED
CVE-2020-24997
	RESERVED
CVE-2020-24996 (There is an invalid memory access in the function TextString::~TextStr ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=42028
CVE-2020-24995 (Buffer overflow vulnerability in sniff_channel_order function in aacde ...)
	- ffmpeg <not-affected> (Only affects 4.4 development branches)
	NOTE: https://trac.ffmpeg.org/ticket/8845
	NOTE: https://trac.ffmpeg.org/ticket/8859
	NOTE: https://trac.ffmpeg.org/ticket/8860
	NOTE: Support for 22.2 / channel_config 13 introduced in:
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9c0beaf0d3bb72f6e83b3b155a598a9ec28c8468
	NOTE: Fixed by: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d6f293353c94c7ce200f6e0975ae3de49787f91f
	NOTE: Introduced in https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9c0beaf0d3bb72f6e83b3b155a598a9ec28c8468
CVE-2020-24994 (Stack overflow in the parse_tag function in libass/ass_parse.c in liba ...)
	- libass 1:0.15.0-1
	[buster] - libass <no-dsa> (Minor issue)
	[stretch] - libass <no-dsa> (Minor issue)
	NOTE: https://github.com/libass/libass/issues/422
	NOTE: https://github.com/libass/libass/issues/423
	NOTE: https://github.com/libass/libass/commit/6835731c2fe4164a0c50bc91d12c43b2a2b4e799 (0.15.0)
CVE-2020-24993 (There is a cross site scripting vulnerability on CmsWing 1.3.7. This v ...)
	NOT-FOR-US: CmsWing
CVE-2020-24992 (There is a cross site scripting vulnerability on CmsWing 1.3.7. This v ...)
	NOT-FOR-US: CmsWing
CVE-2020-24991
	RESERVED
CVE-2020-24990 (An issue was discovered in QSC Q-SYS Core Manager 8.2.1. By utilizing  ...)
	NOT-FOR-US: QSC Q-SYS Core Manager
CVE-2020-24989
	RESERVED
CVE-2020-24988
	RESERVED
CVE-2020-24987 (Tenda AC18 Router through V15.03.05.05_EN and through V15.03.05.19(631 ...)
	NOT-FOR-US: Tenda AC18 Router
CVE-2020-24986 (Concrete5 up to and including 8.5.2 allows Unrestricted Upload of File ...)
	NOT-FOR-US: Concrete5
CVE-2020-24985 (An issue was discovered in Quadbase EspressReports ES 7 Update 9. An a ...)
	NOT-FOR-US: Quadbase EspressReports
CVE-2020-24984 (An issue was discovered in Quadbase EspressReports ES 7 Update 9. It a ...)
	NOT-FOR-US: Quadbase EspressReports
CVE-2020-24983 (An issue was discovered in Quadbase EspressReports ES 7 Update 9. An u ...)
	NOT-FOR-US: Quadbase EspressReports
CVE-2020-24982 (An issue was discovered in Quadbase ExpressDashboard (EDAB) 7 Update 9 ...)
	NOT-FOR-US: Quadbase EspressDashboard
CVE-2020-24981 (An Incorrect Access Control vulnerability exists in /ucms/chk.php in U ...)
	NOT-FOR-US: UCMS
CVE-2020-24980
	REJECTED
CVE-2020-24979
	REJECTED
CVE-2020-24978 (In NASM 2.15.04rc3, there is a double-free vulnerability in pp_tokline ...)
	- nasm 2.15.04-1
	[buster] - nasm <no-dsa> (Minor issue)
	[stretch] - nasm <no-dsa> (Minor issue)
	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392712
	NOTE: https://github.com/netwide-assembler/nasm/commit/8806c3ca007b84accac21dd88b900fb03614ceb7
CVE-2020-24977 (GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerabil ...)
	{DLA-2369-1}
	- libxml2 2.9.10+dfsg-6.2 (unimportant; bug #969529)
	[buster] - libxml2 2.9.4+dfsg1-7+deb10u2
	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/178
	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/50f06b3efb638efb0abd95dc62dca05ae67882c2
	NOTE: The issue is specific and restricted to xmllint:
	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/178#note_892545
	NOTE: and present before the 0b19f236a263 ("Fixed ICU to set flush correctly and
	NOTE: provide pivot buffer.") commit itself.
	NOTE: Crash in CLI tool, no security impact
CVE-2020-24976
	RESERVED
CVE-2020-24975
	RESERVED
CVE-2020-24974
	RESERVED
CVE-2020-24973
	RESERVED
CVE-2020-24972 (The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG  ...)
	- kleopatra 4:20.08.2-2
	[buster] - kleopatra <no-dsa> (Minor issue)
	[stretch] - kleopatra <not-affected> (Vulnerable code added to Debian in version 4:18.07.90-1)
	NOTE: Introduced via: https://dev.gnupg.org/rKLEOPATRAd1cd40bae47eb349e14750601223b6b5d9f71940 (v18.07.80+)
	NOTE: Fixed by: https://dev.gnupg.org/rKLEOPATRAb4bd63c1739900d94c04da03045e9445a5a5f54b
	NOTE: https://security.gentoo.org/glsa/202008-21
CVE-2020-24971
	RESERVED
CVE-2020-24970
	RESERVED
CVE-2020-24969
	RESERVED
CVE-2020-24968
	RESERVED
CVE-2020-24967
	RESERVED
CVE-2020-24966
	RESERVED
CVE-2020-24965
	RESERVED
CVE-2020-24964
	RESERVED
CVE-2020-24963 (An Authenticated Persistent XSS vulnerability was discovered in the Be ...)
	NOT-FOR-US: Best Support System
CVE-2020-24962
	RESERVED
CVE-2020-24961
	RESERVED
CVE-2020-24960
	RESERVED
CVE-2020-24959
	RESERVED
CVE-2020-24958
	RESERVED
CVE-2020-24957
	RESERVED
CVE-2020-24956
	RESERVED
CVE-2020-24955 (SUPERAntiSyware Professional X Trial 10.0.1206 is vulnerable to local  ...)
	NOT-FOR-US: SUPERAntiSyware Professional
CVE-2020-24954
	RESERVED
CVE-2020-24953
	RESERVED
CVE-2020-24952
	RESERVED
CVE-2020-24951
	RESERVED
CVE-2020-24950
	RESERVED
CVE-2020-24949 (Privilege escalation in PHP-Fusion 9.03.50 downloads/downloads.php all ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-24948 (The ao_ccss_import AJAX call in Autoptimize Wordpress Plugin 2.7.6 doe ...)
	NOT-FOR-US: Autoptimize Wordpress Plugin
CVE-2020-24947
	RESERVED
CVE-2020-24946
	RESERVED
CVE-2020-24945
	RESERVED
CVE-2020-24944 (picoquic (before 3rd of July 2020) allows attackers to cause a denial  ...)
	NOT-FOR-US: picoquic
CVE-2020-24943
	RESERVED
CVE-2020-24942
	RESERVED
CVE-2020-24941 (An issue was discovered in Laravel before 6.18.35 and 7.x before 7.24. ...)
	- php-laravel-framework <not-affected> (Fixed before initial upload to Debian)
	NOTE: https://blog.laravel.com/security-release-laravel-61835-7240
CVE-2020-24940 (An issue was discovered in Laravel before 6.18.34 and 7.x before 7.23. ...)
	- php-laravel-framework <not-affected> (Fixed before initial upload to Debian)
	NOTE: https://blog.laravel.com/security-release-laravel-61834-7232
CVE-2020-24939 (Prototype pollution in Stampit supermixer 1.0.3 allows an attacker to  ...)
	NOT-FOR-US: Stampit supermixer
CVE-2020-24938
	RESERVED
CVE-2020-24937
	RESERVED
CVE-2020-24936
	RESERVED
CVE-2020-24935
	RESERVED
CVE-2020-24934
	RESERVED
CVE-2020-24933
	RESERVED
CVE-2020-24932 (An SQL Injection vulnerability exists in Sourcecodester Complaint Mana ...)
	NOT-FOR-US: Sourcecodester
CVE-2020-24931
	RESERVED
CVE-2020-24930 (Beijing Wuzhi Internet Technology Co., Ltd. Wuzhi CMS 4.0.1 is an open ...)
	NOT-FOR-US: Wuzhi CMS
CVE-2020-24929
	RESERVED
CVE-2020-24928 (managers/socketManager.ts in PreMiD through 2.1.3 has a locally hosted ...)
	NOT-FOR-US: PreMiD
CVE-2020-24927
	RESERVED
CVE-2020-24926
	RESERVED
CVE-2020-24925 (A Sensitive Source Code Path Disclosure vulnerability is found in Elka ...)
	- elkarbackup <itp> (bug #865046)
CVE-2020-24924 (A Persistent Cross-site Scripting vulnerability is found in ElkarBacku ...)
	- elkarbackup <itp> (bug #865046)
CVE-2020-24923
	RESERVED
CVE-2020-24922
	RESERVED
CVE-2020-24921
	RESERVED
CVE-2020-24920
	RESERVED
CVE-2020-24919
	RESERVED
CVE-2020-24918 (A buffer overflow in the RTSP service of the Ambarella Oryx RTSP Serve ...)
	NOT-FOR-US: Ambarella
CVE-2020-24917 (osTicket before 1.14.3 allows XSS via a crafted filename to DraftAjaxA ...)
	NOT-FOR-US: osTicket
CVE-2020-24916 (CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulner ...)
	{DSA-4773-1 DLA-2384-1}
	- yaws 2.0.8+dfsg-1
	NOTE: https://github.com/erlyaws/yaws/commit/799b3b526d15b7a9bc43ae97165aeb085f18fac1
	NOTE: https://github.com/vulnbe/poc-yaws-cgi-shell-injection
CVE-2020-24915
	RESERVED
CVE-2020-24914 (A PHP object injection bug in profile.php in qcubed (all versions incl ...)
	NOT-FOR-US: qcubed
CVE-2020-24913 (A SQL injection vulnerability in qcubed (all versions including 3.1.1) ...)
	NOT-FOR-US: qcubed
CVE-2020-24912 (A reflected cross-site scripting (XSS) vulnerability in qcubed (all ve ...)
	NOT-FOR-US: qcubed
CVE-2020-24911
	RESERVED
CVE-2020-24910
	RESERVED
CVE-2020-24909
	RESERVED
CVE-2020-24908 (Checkmk before 1.6.0p17 allows local users to obtain SYSTEM privileges ...)
	- check-mk <removed>
CVE-2020-24907
	RESERVED
CVE-2020-24906
	RESERVED
CVE-2020-24905
	RESERVED
CVE-2020-24904
	RESERVED
CVE-2020-24903 (Cute Editor for ASP.NET 6.4 is vulnerable to reflected cross-site scri ...)
	NOT-FOR-US: Cute Editor for ASP.NET
CVE-2020-24902 (Quixplorer &lt;=2.4.1 is vulnerable to reflected cross-site scripting  ...)
	NOT-FOR-US: Quixplorer
CVE-2020-24901 (The default installation of Krpano Panorama Viewer version &lt;=1.20.8 ...)
	NOT-FOR-US: Krpano Panorama Viewer
CVE-2020-24900 (The default installation of Krpano Panorama Viewer version &lt;=1.20.8 ...)
	NOT-FOR-US: Krpano Panorama Viewer
CVE-2020-24899 (Nagios XI 5.7.2 is affected by a remote code execution (RCE) vulnerabi ...)
	NOT-FOR-US: Nagios XI
CVE-2020-24898 (The Table Filter and Charts for Confluence Server app before 5.3.26 (f ...)
	NOT-FOR-US: Confluence Server app for Atlassian Confluence
CVE-2020-24897 (The Table Filter and Charts for Confluence Server app before 5.3.25 (f ...)
	NOT-FOR-US: Confluence Server app for Atlassian Confluence
CVE-2020-24896
	RESERVED
CVE-2020-24895
	RESERVED
CVE-2020-24894
	RESERVED
CVE-2020-24893
	RESERVED
CVE-2020-24892
	RESERVED
CVE-2020-24891
	REJECTED
CVE-2020-24890 (** DISPUTED ** libraw 20.0 has a null pointer dereference vulnerabilit ...)
	- libraw <unfixed> (unimportant)
	NOTE: https://github.com/LibRaw/LibRaw/issues/335
	NOTE: https://github.com/LibRaw/LibRaw/issues/335#issuecomment-677637276
CVE-2020-24889 (A buffer overflow vulnerability in LibRaw version &lt; 20.0 LibRaw::Ge ...)
	- libraw 0.20.2-1
	[buster] - libraw <no-dsa> (Minor issue)
	[stretch] - libraw <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/LibRaw/LibRaw/issues/334
	NOTE: https://github.com/LibRaw/LibRaw/commit/78d323ecbe6a9752aee6e97118a76d40704d73ee
CVE-2020-24888
	RESERVED
CVE-2020-24887
	RESERVED
CVE-2020-24886
	RESERVED
CVE-2020-24885
	RESERVED
CVE-2020-24884
	RESERVED
CVE-2020-24883
	RESERVED
CVE-2020-24882
	RESERVED
CVE-2020-24881 (SSRF exists in osTicket before 1.14.3, where an attacker can add malic ...)
	NOT-FOR-US: osTicket
CVE-2020-24880
	RESERVED
CVE-2020-24879
	RESERVED
CVE-2020-24878
	RESERVED
CVE-2020-24877 (A SQL injection vulnerability in zzzphp v1.8.0 through /form/index.php ...)
	NOT-FOR-US: zzzphp
CVE-2020-24876 (Use of a hard-coded cryptographic key in Pancake versions &lt; 4.13.29 ...)
	NOT-FOR-US: Pancake
CVE-2020-24875
	RESERVED
CVE-2020-24874
	RESERVED
CVE-2020-24873
	RESERVED
CVE-2020-24872
	RESERVED
CVE-2020-24871
	RESERVED
CVE-2020-24870 (Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_ ...)
	- libraw 0.20.2-1
	[buster] - libraw <not-affected> (Vulnerable code not present)
	[stretch] - libraw <not-affected> (vulnerable code not present)
	NOTE: https://github.com/LibRaw/LibRaw/commit/4feaed4dea636cee4fee010f615881ccf76a096d
	NOTE: https://github.com/LibRaw/LibRaw/issues/330
CVE-2020-24869
	RESERVED
CVE-2020-24868
	RESERVED
CVE-2020-24867
	RESERVED
CVE-2020-24866
	RESERVED
CVE-2020-24865
	RESERVED
CVE-2020-24864
	RESERVED
CVE-2020-24863 (A memory corruption vulnerability was found in the kernel function ker ...)
	NOT-FOR-US: FreeBSD and MidnightBSD
CVE-2020-24862 (The catID parameter in Pharmacy Medical Store and Sale Point v1.0 has  ...)
	NOT-FOR-US: Pharmacy Medical Store and Sale Point
CVE-2020-25016 (A safety violation was discovered in the rgb crate before 0.8.20 for R ...)
	- rust-rgb <unfixed> (bug #969213)
	[bullseye] - rust-rgb <no-dsa> (Minor issue)
	[buster] - rust-rgb <no-dsa> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0029.html
	NOTE: https://github.com/kornelski/rust-rgb/issues/35
CVE-2020-24861 (GetSimple CMS 3.3.16 allows in parameter 'permalink' on the Settings p ...)
	NOT-FOR-US: GetSimple CMS
CVE-2020-24860 (CMS Made Simple 2.2.14 allows an authenticated user with access to the ...)
	NOT-FOR-US: CMS Made Simple
CVE-2020-24859
	RESERVED
CVE-2020-24858
	RESERVED
CVE-2020-24857
	RESERVED
CVE-2020-24856
	RESERVED
CVE-2020-24855
	RESERVED
CVE-2020-24854
	RESERVED
CVE-2020-24853
	RESERVED
CVE-2020-24852
	RESERVED
CVE-2020-24851
	RESERVED
CVE-2020-24850
	RESERVED
CVE-2020-24849 (A remote code execution vulnerability is identified in FruityWifi thro ...)
	NOT-FOR-US: FruityWifi
CVE-2020-24848 (FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) N ...)
	NOT-FOR-US: FruityWifi
CVE-2020-24847 (A Cross-Site Request Forgery (CSRF) vulnerability is identified in Fru ...)
	NOT-FOR-US: FruityWifi
CVE-2020-24846
	RESERVED
CVE-2020-24845
	RESERVED
CVE-2020-24844
	RESERVED
CVE-2020-24843
	RESERVED
CVE-2020-24842 (PNPSCADA 2.200816204020 allows cross-site scripting (XSS), which can e ...)
	NOT-FOR-US: PNPSCADA
CVE-2020-24841 (PNPSCADA 2.200816204020 allows SQL injection via parameter 'interf' in ...)
	NOT-FOR-US: PNPSCADA
CVE-2020-24840
	RESERVED
CVE-2020-24839
	RESERVED
CVE-2020-24838 (An integer overflow has been found in the the latest version of Issuer ...)
	NOT-FOR-US: Issuer
CVE-2020-24837 (An integer underflow has been found in the latest version of ZCFees. T ...)
	NOT-FOR-US: ZCFees
CVE-2020-24836
	RESERVED
CVE-2020-24835
	RESERVED
CVE-2020-24834
	RESERVED
CVE-2020-24833
	RESERVED
CVE-2020-24832
	RESERVED
CVE-2020-24831
	RESERVED
CVE-2020-24830
	RESERVED
CVE-2020-24829 (An issue was discovered in GPAC v0.8.0, as demonstrated by MP4Box. It  ...)
	- gpac 1.0.1+dfsg1-2
	NOTE: https://github.com/gpac/gpac/issues/1422
	NOTE: https://github.com/gpac/gpac/commit/8c5e847185d74462d674ee7d28fb46c29dae6dd2
	- ccextractor 0.93+ds2-1 (bug #994746)
	[bullseye] - ccextractor <no-dsa> (Minor issue)
	[buster] - ccextractor <no-dsa> (Minor issue)
CVE-2020-24828
	RESERVED
CVE-2020-24827 (A vulnerability in the dwarf::cursor::skip_form function of Libelfin v ...)
	- libelfin <unfixed>
	[bullseye] - libelfin <no-dsa> (Minor issue)
	[buster] - libelfin <no-dsa> (Minor issue)
	[stretch] - libelfin <no-dsa> (Minor issue)
	NOTE: https://github.com/aclements/libelfin/issues/47
	NOTE: https://github.com/xiaoxiongwang/function_bugs/tree/master/libelfin#segv-in-function-dwarfcursorskip_form-at-dwarfcursorcc181
CVE-2020-24826 (A vulnerability in the elf::section::as_strtab function of Libelfin v0 ...)
	- libelfin <unfixed>
	[bullseye] - libelfin <no-dsa> (Minor issue)
	[buster] - libelfin <no-dsa> (Minor issue)
	[stretch] - libelfin <no-dsa> (Minor issue)
	NOTE: https://github.com/aclements/libelfin/issues/49
	NOTE: https://github.com/xiaoxiongwang/function_bugs/tree/master/libelfin#segv-in-function-elfsectionas_strtab-at-elfelfcc284
CVE-2020-24825 (A vulnerability in the line_table::line_table function of Libelfin v0. ...)
	- libelfin <unfixed>
	[bullseye] - libelfin <no-dsa> (Minor issue)
	[buster] - libelfin <no-dsa> (Minor issue)
	[stretch] - libelfin <no-dsa> (Minor issue)
	NOTE: https://github.com/aclements/libelfin/issues/46
	NOTE: https://github.com/xiaoxiongwang/function_bugs/tree/master/libelfin#segv-in-function-line_tableline_table-at-dwarflinecc104
CVE-2020-24824 (A global buffer overflow issue in the dwarf::line_table::line_table fu ...)
	- libelfin <unfixed>
	[bullseye] - libelfin <no-dsa> (Minor issue)
	[buster] - libelfin <no-dsa> (Minor issue)
	[stretch] - libelfin <no-dsa> (Minor issue)
	NOTE: https://github.com/aclements/libelfin/issues/48
	NOTE: https://github.com/xiaoxiongwang/function_bugs/tree/master/libelfin#global-buffer-overflow-in-function-dwarfline_tableline_table-at-dwarflinecc107
CVE-2020-24823 (A vulnerability in the dwarf::to_string function of Libelfin v0.3 allo ...)
	- libelfin <unfixed>
	[bullseye] - libelfin <no-dsa> (Minor issue)
	[buster] - libelfin <no-dsa> (Minor issue)
	[stretch] - libelfin <no-dsa> (Minor issue)
	NOTE: https://github.com/aclements/libelfin/issues/51
	NOTE: https://github.com/xiaoxiongwang/function_bugs/tree/master/libelfin#segv-in-function-dwarfto_string-at-dwarfvaluecc300
CVE-2020-24822 (A vulnerability in the dwarf::cursor::uleb function of Libelfin v0.3 a ...)
	- libelfin <unfixed>
	[bullseye] - libelfin <no-dsa> (Minor issue)
	[buster] - libelfin <no-dsa> (Minor issue)
	[stretch] - libelfin <no-dsa> (Minor issue)
	NOTE: https://github.com/aclements/libelfin/issues/50
	NOTE: https://github.com/xiaoxiongwang/function_bugs/tree/master/libelfin#segv-in-function-dwarfcursoruleb128-at-dwarfinternalhh154
CVE-2020-24821 (A vulnerability in the dwarf::cursor::skip_form function of Libelfin v ...)
	- libelfin <unfixed>
	[bullseye] - libelfin <no-dsa> (Minor issue)
	[buster] - libelfin <no-dsa> (Minor issue)
	[stretch] - libelfin <no-dsa> (Minor issue)
	NOTE: https://github.com/aclements/libelfin/issues/52
	NOTE: https://github.com/xiaoxiongwang/function_bugs/tree/master/libelfin#segv-in-function-dwarfcursorskip_form-at-dwarfcursorcc191
CVE-2020-24820
	RESERVED
CVE-2020-24819
	RESERVED
CVE-2020-24818
	RESERVED
CVE-2020-24817
	RESERVED
CVE-2020-24816
	RESERVED
CVE-2020-24815 (A Server-Side Request Forgery (SSRF) affecting the PDF generation in M ...)
	NOT-FOR-US: MicroStrategy
CVE-2020-24814
	RESERVED
CVE-2020-24813
	RESERVED
CVE-2020-24812
	RESERVED
CVE-2020-24811
	RESERVED
CVE-2020-24810
	RESERVED
CVE-2020-24809
	RESERVED
CVE-2020-24808
	RESERVED
CVE-2020-24807 (** UNSUPPORTED WHEN ASSIGNED ** The socket.io-file package through 2.0 ...)
	NOT-FOR-US: Node socket.io-file
CVE-2020-24806
	RESERVED
CVE-2020-24805
	RESERVED
CVE-2020-24804
	RESERVED
CVE-2020-24803
	RESERVED
CVE-2020-24802
	RESERVED
CVE-2020-24801
	RESERVED
CVE-2020-24800
	RESERVED
CVE-2020-24799
	RESERVED
CVE-2020-24798
	RESERVED
CVE-2020-24797
	RESERVED
CVE-2020-24796
	RESERVED
CVE-2020-24795
	RESERVED
CVE-2020-24794 (Cross Site Scripting (XSS) vulnerability in Kentico before 12.0.75. ...)
	NOT-FOR-US: Kentico
CVE-2020-24793
	RESERVED
CVE-2020-24792
	RESERVED
CVE-2020-24791 (FUEL CMS 1.4.8 allows SQL injection via the 'fuel_replace_id' paramete ...)
	NOT-FOR-US: FUEL CMS
CVE-2020-24790
	RESERVED
CVE-2020-24789
	RESERVED
CVE-2020-24788
	RESERVED
CVE-2020-24787
	RESERVED
CVE-2020-24786 (An issue was discovered in Zoho ManageEngine Exchange Reporter Plus be ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2020-24785
	RESERVED
CVE-2020-24784
	RESERVED
CVE-2020-24783
	RESERVED
CVE-2020-24782
	RESERVED
CVE-2020-24781
	RESERVED
CVE-2020-24780
	RESERVED
CVE-2020-24779
	RESERVED
CVE-2020-24778
	RESERVED
CVE-2020-24777
	RESERVED
CVE-2020-24776
	RESERVED
CVE-2020-24775
	RESERVED
CVE-2020-24774
	RESERVED
CVE-2020-24773
	RESERVED
CVE-2020-24772
	RESERVED
CVE-2020-24771
	RESERVED
CVE-2020-24770
	RESERVED
CVE-2020-24769
	RESERVED
CVE-2020-24768
	RESERVED
CVE-2020-24767
	RESERVED
CVE-2020-24766
	RESERVED
CVE-2020-24765 (InterMind iMind Server through 3.13.65 allows remote unauthenticated a ...)
	NOT-FOR-US: InterMind iMind Server
CVE-2020-24764
	RESERVED
CVE-2020-24763
	RESERVED
CVE-2020-24762
	RESERVED
CVE-2020-24761
	RESERVED
CVE-2020-24760
	RESERVED
CVE-2020-24759
	RESERVED
CVE-2020-24758
	RESERVED
CVE-2020-24757
	RESERVED
CVE-2020-24756
	RESERVED
CVE-2020-24755 (In Ubiquiti UniFi Video v3.10.13, when the executable starts, its firs ...)
	NOT-FOR-US: Ubiquiti UniFi Video
CVE-2020-24754
	RESERVED
CVE-2020-24753 (A memory corruption vulnerability in Objective Open CBOR Run-time (ooc ...)
	NOT-FOR-US: Objective Open CBOR Run-time
CVE-2020-24752
	RESERVED
CVE-2020-24751
	RESERVED
CVE-2020-24750 (FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interact ...)
	{DLA-2638-1}
	- jackson-databind 2.12.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u3
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2798
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
	NOTE: https://github.com/FasterXML/jackson-databind/commit/6cc9f1a1af323cd156f5668a47e43bab324ae16f
CVE-2020-24749
	RESERVED
CVE-2020-24748
	RESERVED
CVE-2020-24747
	RESERVED
CVE-2020-24746
	RESERVED
CVE-2020-24745
	RESERVED
CVE-2020-24744
	RESERVED
CVE-2020-24743 (An issue was found in /showReports.do Zoho ManageEngine Applications M ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2020-24742 (An issue has been fixed in Qt versions 5.14.0 where QPluginLoader atte ...)
	{DSA-4617-1}
	- qtbase-opensource-src 5.12.5+dfsg-8
	- qtbase-opensource-src-gles 5.14.2+dfsg-3
	- qt4-x11 <not-affected> (Vulnerable code introduced later)
	NOTE: https://codereview.qt-project.org/c/qt/qtbase/+/280730
	NOTE: Introduced in https://codereview.qt-project.org/gitweb?p=qt/qtbase.git;a=commitdiff;h=3146dadb42cb36aff83a62e831b8b4f4dc1562a7 (v5.6.0-alpha1)
	NOTE: Fixed by: https://codereview.qt-project.org/gitweb?p=qt/qtbase.git;a=commitdiff;h=bf131e8d2181b3404f5293546ed390999f760404 (v5.14.0-rc1)
	NOTE: Same fix as CVE-2020-0569
CVE-2020-24741
	REJECTED
CVE-2020-24740 (An issue was discovered in Pluck 4.7.10-dev2. There is a CSRF vulnerab ...)
	NOT-FOR-US: Pluck CMS
CVE-2020-24739 (A CSRF vulnerability was found in iCMS v7.0.0 in the background deleti ...)
	NOT-FOR-US: idreamsoft iCMS
CVE-2020-24738
	RESERVED
CVE-2020-24737
	RESERVED
CVE-2020-24736
	RESERVED
CVE-2020-24735
	RESERVED
CVE-2020-24734
	RESERVED
CVE-2020-24733
	RESERVED
CVE-2020-24732
	RESERVED
CVE-2020-24731
	RESERVED
CVE-2020-24730
	RESERVED
CVE-2020-24729
	RESERVED
CVE-2020-24728
	RESERVED
CVE-2020-24727
	RESERVED
CVE-2020-24726
	RESERVED
CVE-2020-24725
	RESERVED
CVE-2020-24724
	RESERVED
CVE-2020-24723 (Cross Site Scripting (XSS) vulnerability in the Registration page of t ...)
	NOT-FOR-US: PHPGurukul
CVE-2020-24722 (** DISPUTED ** An issue was discovered in the GAEN (aka Google/Apple E ...)
	NOT-FOR-US: GAEN (Google Apple Encounter Notification) protocol
CVE-2020-24721 (An issue was discovered in the GAEN (aka Google/Apple Exposure Notific ...)
	NOT-FOR-US: GAEN (Google Apple Encounter Notification) protocol
CVE-2020-24720
	RESERVED
CVE-2020-24719 (Exposed Erlang Cookie could lead to Remote Command Execution (RCE) att ...)
	NOT-FOR-US: Couchbase
CVE-2020-24718 (bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE th ...)
	NOT-FOR-US: bhyve
CVE-2020-24717 (OpenZFS before 2.0.0-rc1, when used on FreeBSD, misinterprets group pe ...)
	NOT-FOR-US: OpenZFS
CVE-2020-24716 (OpenZFS before 2.0.0-rc1, when used on FreeBSD, allows execute permiss ...)
	NOT-FOR-US: OpenZFS
CVE-2020-24715 (The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation  ...)
	NOT-FOR-US: Scalyr
CVE-2020-24714 (The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation  ...)
	NOT-FOR-US: Scalyr
CVE-2020-24713 (Gophish through 0.10.1 does not invalidate the gophish cookie upon log ...)
	NOT-FOR-US: Gophish
CVE-2020-24712 (Cross Site Scripting (XSS) vulnerability in Gophish before 0.11.0 via  ...)
	NOT-FOR-US: Gophish
CVE-2020-24711 (The Reset button on the Account Settings page in Gophish before 0.11.0 ...)
	NOT-FOR-US: Gophish
CVE-2020-24710 (Gophish before 0.11.0 allows SSRF attacks. ...)
	NOT-FOR-US: Gophish
CVE-2020-24709 (Cross Site Scripting (XSS) vulnerability in Gophish through 0.10.1 via ...)
	NOT-FOR-US: Gophish
CVE-2020-24708 (Cross Site Scripting (XSS) vulnerability in Gophish before 0.11.0 via  ...)
	NOT-FOR-US: Gophish
CVE-2020-24707 (Gophish before 0.11.0 allows the creation of CSV sheets that contain m ...)
	NOT-FOR-US: Gophish
CVE-2020-24706 (An issue was discovered in certain WSO2 products. The Try It tool allo ...)
	NOT-FOR-US: WSO2
CVE-2020-24705 (An issue was discovered in certain WSO2 products. A valid Carbon Manag ...)
	NOT-FOR-US: WSO2
CVE-2020-24704 (An issue was discovered in certain WSO2 products. The Try It tool allo ...)
	NOT-FOR-US: WSO2
CVE-2020-24703 (An issue was discovered in certain WSO2 products. A valid Carbon Manag ...)
	NOT-FOR-US: WSO2
CVE-2020-24702
	RESERVED
CVE-2020-24701 (OX App Suite through 7.10.4 allows XSS via the app loading mechanism ( ...)
	NOT-FOR-US: OX App Suite
CVE-2020-24700 (OX App Suite through 7.10.3 allows SSRF because GET requests are sent  ...)
	NOT-FOR-US: OX App Suite
CVE-2020-24699 (The Chamber Dashboard Business Directory plugin 3.2.8 for WordPress al ...)
	NOT-FOR-US: Chamber Dashboard Business Directory plugin for WordPress
CVE-2020-24698 (An issue was discovered in PowerDNS Authoritative through 4.3.0 when - ...)
	- pdns <unfixed> (unimportant)
	NOTE: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-06.html
	NOTE: Debian packages not built with experimental GSS-TSIG support
CVE-2020-24697 (An issue was discovered in PowerDNS Authoritative through 4.3.0 when - ...)
	- pdns <unfixed> (unimportant)
	NOTE: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-06.html
	NOTE: Debian packages not built with experimental GSS-TSIG support
CVE-2020-24696 (An issue was discovered in PowerDNS Authoritative through 4.3.0 when - ...)
	- pdns <unfixed> (unimportant)
	NOTE: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-06.html
	NOTE: Debian packages not built with experimental GSS-TSIG support
CVE-2020-24695
	RESERVED
CVE-2020-24694
	RESERVED
CVE-2020-24693 (The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 co ...)
	NOT-FOR-US: Mitel
CVE-2020-24692 (The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 co ...)
	NOT-FOR-US: Mitel
CVE-2020-24691
	RESERVED
CVE-2020-24690
	RESERVED
CVE-2020-24689
	RESERVED
CVE-2020-24688
	RESERVED
CVE-2020-24687
	RESERVED
CVE-2020-24686 (The vulnerabilities can be exploited to cause the web visualization co ...)
	NOT-FOR-US: ABB AC500 V2 products
CVE-2020-24685 (An unauthenticated specially crafted packet sent by an attacker over t ...)
	NOT-FOR-US: ABB
CVE-2020-24684
	RESERVED
CVE-2020-24683 (The affected versions of S+ Operations (version 2.1 SP1 and earlier) u ...)
	NOT-FOR-US: ABB
CVE-2020-24682
	RESERVED
CVE-2020-24681
	RESERVED
CVE-2020-24680 (In S+ Operations and S+ Historian, the passwords of internal users (no ...)
	NOT-FOR-US: ABB
CVE-2020-24679 (A S+ Operations and S+ Historian service is subject to a DoS by specia ...)
	NOT-FOR-US: ABB
CVE-2020-24678 (An authenticated user might execute malicious code under the user cont ...)
	NOT-FOR-US: ABB
CVE-2020-24677 (Vulnerabilities in the S+ Operations and S+ Historian web applications ...)
	NOT-FOR-US: ABB
CVE-2020-24676 (In Symphony Plus Operations and Symphony Plus Historian, some services ...)
	NOT-FOR-US: ABB
CVE-2020-24675 (In S+ Operations and S+ History, it is possible that an unauthenticate ...)
	NOT-FOR-US: ABB
CVE-2020-24674 (In S+ Operations and S+ Historian, not all client commands correctly c ...)
	NOT-FOR-US: ABB
CVE-2020-24673 (In S+ Operations and S+ Historian, a successful SQL injection exploit  ...)
	NOT-FOR-US: ABB
CVE-2020-24672 (A vulnerability in Base Software for SoftControl allows an attacker to ...)
	NOT-FOR-US: ABB
CVE-2020-24671 (Trace Financial CRESTBridge &lt;6.3.0.02 contains an authenticated SQL ...)
	NOT-FOR-US: Trace Financial CRESTBridge
CVE-2020-24670 (The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x cont ...)
	NOT-FOR-US: Hitachi
CVE-2020-24669 (The New Analysis Report in Hitachi Vantara Pentaho through 7.x - 8.x c ...)
	NOT-FOR-US: Hitachi
CVE-2020-24668 (Trace Financial Crest Bridge &lt;6.3.0.02 contains a stored XSS vulner ...)
	NOT-FOR-US: Trace Financial CRESTBridge
CVE-2020-24667 (Trace Financial CRESTBridge &lt;6.3.0.02 contains an authenticated SQL ...)
	NOT-FOR-US: Trace Financial CRESTBridge
CVE-2020-24666 (The Analysis Report in Hitachi Vantara Pentaho through 7.x - 8.x conta ...)
	NOT-FOR-US: Hitachi
CVE-2020-24665 (The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x cont ...)
	NOT-FOR-US: Hitachi
CVE-2020-24664 (The dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x cont ...)
	NOT-FOR-US: Hitachi
CVE-2020-24663 (Trace Financial CRESTBridge &lt;6.3.0.02 contains a stored XSS vulnera ...)
	NOT-FOR-US: Trace Financial CRESTBridge
CVE-2020-24662 (SmartStream Transaction Lifecycle Management (TLM) Reconciliation Prem ...)
	NOT-FOR-US: SmartStream Transaction Lifecycle Management
CVE-2020-24661 (GNOME Geary before 3.36.3 mishandles pinned TLS certificate verificati ...)
	- geary 3.38.0.1-1
	[buster] - geary <no-dsa> (Minor issue)
	[stretch] - geary <no-dsa> (Minor issue)
	NOTE: https://gitlab.gnome.org/GNOME/geary/-/issues/866
	NOTE: https://gitlab.gnome.org/GNOME/geary/commit/0d957559bbb4be81870c9fafba1c74f0926f59a3
CVE-2020-24660 (An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is  ...)
	{DSA-4762-1 DLA-2367-1}
	- lemonldap-ng 2.0.9+ds-1
	NOTE: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2290
CVE-2020-24659 (An issue was discovered in GnuTLS before 3.6.15. A server can trigger  ...)
	- gnutls28 3.6.15-1 (bug #969547)
	[buster] - gnutls28 3.6.7-4+deb10u7
	[stretch] - gnutls28 <not-affected> (Vulnerable code introduced later)
	NOTE: https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-09-04
	NOTE: https://gitlab.com/gnutls/gnutls/-/issues/1071
	NOTE: https://gitlab.com/gnutls/gnutls/-/commit/29ee67c205855e848a0a26e6d0e4f65b6b943e0a
CVE-2020-24658 (Arm Compiler 5 through 5.06u6 has an error in a stack protection featu ...)
	NOT-FOR-US: Arm Compiler
CVE-2020-24657
	RESERVED
CVE-2020-24656 (Maltego before 4.2.12 allows XXE attacks. ...)
	NOT-FOR-US: Maltego
CVE-2020-24655 (A race condition in the Twilio Authy 2-Factor Authentication applicati ...)
	NOT-FOR-US: Twilio Authy 2-Factor Authentication app
CVE-2020-24654 (In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can ins ...)
	{DSA-4759-1}
	- ark 4:20.08.1-1 (bug #969437)
	[stretch] - ark <no-dsa> (Vulnerable even after upstream patch)
	NOTE: https://github.com/KDE/ark/commit/8bf8c5ef07b0ac5e914d752681e470dea403a5bd
	NOTE: https://kde.org/info/security/advisory-20200827-1.txt
CVE-2020-24653 (secure-store in Expo through 2.16.1 on iOS provides the insecure kSecA ...)
	NOT-FOR-US: secure-store in Expo on iOS
CVE-2020-24652 (A addvsiinterfaceinfo expression language injection remote code execut ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-24651 (A syslogtempletselectwin expression language injection remote code exe ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-24650 (A legend expression language injection remote code execution vulnerabi ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-24649 (A remote bytemessageresource transformentity" input validation code ex ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-24648 (A accessmgrservlet classname deserialization of untrusted data remote  ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-24647 (A remote accessmgrservlet classname input validation code execution vu ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-24646 (A tftpserver stack-based buffer overflow remote code execution vulnera ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-24645
	RESERVED
CVE-2020-24644
	RESERVED
CVE-2020-24643
	RESERVED
CVE-2020-24642
	RESERVED
CVE-2020-24641 (In Aruba AirWave Glass before 1.3.3, there is a Server-Side Request Fo ...)
	NOT-FOR-US: Aruba
CVE-2020-24640 (There is a vulnerability caused by insufficient input validation that  ...)
	NOT-FOR-US: Aruba
CVE-2020-24639 (There is a vulnerability caused by unsafe Java deserialization that al ...)
	NOT-FOR-US: Aruba
CVE-2020-24638 (Multiple authenticated remote command executions are possible in Airwa ...)
	NOT-FOR-US: Aruba
CVE-2020-24637 (Two vulnerabilities in ArubaOS GRUB2 implementation allows for an atta ...)
	NOT-FOR-US: ArubaOS GRUB2 implementation (CVE specific to ArubaOS)
CVE-2020-24636 (A remote execution of arbitrary commands vulnerability was discovered  ...)
	NOT-FOR-US: Aruba
CVE-2020-24635 (A remote execution of arbitrary commands vulnerability was discovered  ...)
	NOT-FOR-US: Aruba
CVE-2020-24634 (An attacker is able to remotely inject arbitrary commands by sending e ...)
	NOT-FOR-US: Aruba
CVE-2020-24633 (There are multiple buffer overflow vulnerabilities that could lead to  ...)
	NOT-FOR-US: Aruba
CVE-2020-24632 (A remote execution of arbitrary commandss vulnerability was discovered ...)
	NOT-FOR-US: Aruba
CVE-2020-24631 (A remote execution of arbitrary commands vulnerability was discovered  ...)
	NOT-FOR-US: Aruba
CVE-2020-24630 (A remote operatoronlinelist_content privilege escalation vulnerability ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-24629 (A remote urlaccesscontroller authentication bypass vulnerability was d ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-24628 (A remote code injection vulnerability was discovered in HPE KVM IP Con ...)
	NOT-FOR-US: HPE
CVE-2020-24627 (A remote stored xss vulnerability was discovered in HPE KVM IP Console ...)
	NOT-FOR-US: HPE
CVE-2020-24626 (Unathenticated directory traversal in the ReceiverServlet class doPost ...)
	NOT-FOR-US: HPE
CVE-2020-24625 (Unathenticated directory traversal in the ReceiverServlet class doGet( ...)
	NOT-FOR-US: HPE
CVE-2020-24624 (Unathenticated directory traversal in the DownloadServlet class execut ...)
	NOT-FOR-US: HPE
CVE-2020-24623 (A potential security vulnerability has been identified in Hewlett Pack ...)
	NOT-FOR-US: Hewlett Packard Enterprise Universal API Framework
CVE-2020-24622 (In Sonatype Nexus Repository 3.26.1, an S3 secret key can be exposed b ...)
	NOT-FOR-US: Sonatype
CVE-2020-24621 (A remote code execution (RCE) vulnerability was discovered in the html ...)
	NOT-FOR-US: OpenMRS
CVE-2020-24620 (Unisys Stealth(core) before 4.0.134 stores passwords in a recoverable  ...)
	NOT-FOR-US: Unisys
CVE-2020-24619 (In mainwindow.cpp in Shotcut before 20.09.13, the upgrade check misuse ...)
	NOT-FOR-US: Shotcut
CVE-2020-24618 (In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020. ...)
	NOT-FOR-US: JetBrains
CVE-2020-24617 (Mailtrain through 1.24.1 allows SQL Injection in statsClickedSubscribe ...)
	NOT-FOR-US: Mailtrain
CVE-2020-24616 (FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interact ...)
	{DLA-2638-1}
	- jackson-databind 2.12.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u3
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2814
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
	NOTE: https://github.com/FasterXML/jackson-databind/commit/3d97153944f7de9c19c1b3637b33d3cf1fbbe4d7
CVE-2020-24615 (Pexip Infinity before 24.1 has Improper Input Validation, leading to t ...)
	NOT-FOR-US: Pexip Infinity
CVE-2020-24613 (wolfSSL before 4.5.0 mishandles TLS 1.3 server data in the WAIT_CERT_C ...)
	- wolfssl 4.5.0+dfsg-1 (bug #969663)
	NOTE: https://research.nccgroup.com/2020/08/24/technical-advisory-wolfssl-tls-1-3-client-man-in-the-middle-attack/
CVE-2020-24612 (An issue was discovered in the selinux-policy (aka Reference Policy) p ...)
	- refpolicy <not-affected> (Debian package doesn't ship pam-u2f config)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1860888
	NOTE: https://github.com/fedora-selinux/selinux-policy/commit/71e1989028802c7875d3436fd3966c587fa383fb
CVE-2020-24611
	RESERVED
CVE-2020-24610
	RESERVED
CVE-2020-24609 (TechKshetra Info Solutions Pvt. Ltd Savsoft Quiz 5.5 and earlier has X ...)
	NOT-FOR-US: Savsoft Quiz 5
CVE-2020-24608
	RESERVED
CVE-2020-24607
	RESERVED
CVE-2020-24605
	RESERVED
CVE-2020-24604 (A Reflected XSS vulnerability was discovered in Ignite Realtime Openfi ...)
	NOT-FOR-US: Ignite Realtime Openfire
CVE-2020-24603
	RESERVED
CVE-2020-24602 (Ignite Realtime Openfire 4.5.1 has a reflected Cross-site scripting vu ...)
	NOT-FOR-US: Ignite Realtime Openfire
CVE-2020-24601 (In Ignite Realtime Openfire 4.5.1 a Stored Cross-site Vulnerability al ...)
	NOT-FOR-US: Ignite Realtime Openfire
CVE-2020-24600
	RESERVED
CVE-2020-24599 (An issue was discovered in Joomla! before 3.9.21. Lack of escaping in  ...)
	NOT-FOR-US: Joomla!
CVE-2020-24598 (An issue was discovered in Joomla! before 3.9.21. Lack of input valida ...)
	NOT-FOR-US: Joomla!
CVE-2020-24597
	RESERVED
CVE-2020-24596
	RESERVED
CVE-2020-24595 (Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker ...)
	NOT-FOR-US: Mitel
CVE-2020-24594 (Mitel MiCloud Management Portal before 6.1 SP5 could allow an unauthen ...)
	NOT-FOR-US: Mitel
CVE-2020-24593 (Mitel MiCloud Management Portal before 6.1 SP5 could allow a remote at ...)
	NOT-FOR-US: Mitel
CVE-2020-24592 (Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker ...)
	NOT-FOR-US: Mitel
CVE-2020-24591 (The Management Console in certain WSO2 products allows XXE attacks dur ...)
	NOT-FOR-US: WSO2
CVE-2020-24590 (The Management Console in WSO2 API Manager through 3.1.0 and API Micro ...)
	NOT-FOR-US: WSO2
CVE-2020-24589 (The Management Console in WSO2 API Manager through 3.1.0 and API Micro ...)
	NOT-FOR-US: WSO2
CVE-2020-24588 (The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2,  ...)
	{DLA-2690-1 DLA-2689-1}
	- linux 5.10.46-1
	[buster] - linux 4.19.194-1
	[experimental] - firmware-nonfree 20210716-1~exp1
	- firmware-nonfree 20210818-1
	[bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
	[buster] - firmware-nonfree <no-dsa> (Non-free not supported)
	NOTE: https://papers.mathyvanhoef.com/usenix2021.pdf
	NOTE: https://www.fragattacks.com/
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html
	NOTE: https://lore.kernel.org/linux-wireless/c4d8c2f040b368225b72a91e74ee282d9ceab4d5.camel@coelho.fi/
	NOTE: https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/
	NOTE: https://lore.kernel.org/linux-wireless/20210511200110.25d93176ddaf.I9e265b597f2cd23eb44573f35b625947b386a9de@changeid/
	NOTE: https://lore.kernel.org/linux-wireless/20210511200110.11968c725b5c.Idd166365ebea2771c0c0a38c78b5060750f90e17@changeid/
	NOTE: Mitigation for similar attack to CVE-2020-24588:
	NOTE: https://lore.kernel.org/linux-wireless/20210511200110.0b2b886492f0.I23dd5d685fe16d3b0ec8106e8f01b59f499dffed@changeid/
	NOTE: https://lore.kernel.org/linux-wireless/20210511200110.076543300172.I548e6e71f1ee9cad4b9a37bf212ae7db723587aa@changeid/
	NOTE: firmware-nonfree (iwlwifi-fw-2021-05-12) addressed the firmware part of the CVE
	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=55d964905a2b6cd790cbbbb46640bb2fb520b0cb
CVE-2020-24587 (The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2,  ...)
	{DLA-2690-1 DLA-2689-1}
	- linux 5.10.46-1
	[buster] - linux 4.19.194-1
	[experimental] - firmware-nonfree 20210716-1~exp1
	- firmware-nonfree 20210818-1
	[bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
	[buster] - firmware-nonfree <no-dsa> (Non-free not supported)
	NOTE: https://papers.mathyvanhoef.com/usenix2021.pdf
	NOTE: https://www.fragattacks.com/
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html
	NOTE: https://lore.kernel.org/linux-wireless/c4d8c2f040b368225b72a91e74ee282d9ceab4d5.camel@coelho.fi/
	NOTE: https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/
	NOTE: https://lore.kernel.org/linux-wireless/20210511200110.3f8290e59823.I622a67769ed39257327a362cfc09c812320eb979@changeid/
	NOTE: https://lore.kernel.org/linux-wireless/20210511200110.037aa5ca0390.I7bb888e2965a0db02a67075fcb5deb50eb7408aa@changeid/
	NOTE: firmware-nonfree (iwlwifi-fw-2021-05-12) addressed the firmware part of the CVE
	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=55d964905a2b6cd790cbbbb46640bb2fb520b0cb
CVE-2020-24586 (The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2,  ...)
	{DLA-2690-1 DLA-2689-1}
	- linux 5.10.46-1
	[buster] - linux 4.19.194-1
	[experimental] - firmware-nonfree 20210716-1~exp1
	- firmware-nonfree 20210818-1
	[bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
	[buster] - firmware-nonfree <no-dsa> (Non-free not supported)
	NOTE: https://papers.mathyvanhoef.com/usenix2021.pdf
	NOTE: https://www.fragattacks.com/
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html
	NOTE: https://lore.kernel.org/linux-wireless/c4d8c2f040b368225b72a91e74ee282d9ceab4d5.camel@coelho.fi/
	NOTE: https://lore.kernel.org/linux-wireless/20210511180259.159598-1-johannes@sipsolutions.net/
	NOTE: https://lore.kernel.org/linux-wireless/20210511200110.3f8290e59823.I622a67769ed39257327a362cfc09c812320eb979@changeid/
	NOTE: https://lore.kernel.org/linux-wireless/20210511200110.037aa5ca0390.I7bb888e2965a0db02a67075fcb5deb50eb7408aa@changeid/
	NOTE: firmware-nonfree (iwlwifi-fw-2021-05-12) addressed the firmware part of the CVE
	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=55d964905a2b6cd790cbbbb46640bb2fb520b0cb
CVE-2020-24585 (An issue was discovered in the DTLS handshake implementation in wolfSS ...)
	- wolfssl 4.5.0+dfsg-1 (bug #969663)
	NOTE: https://github.com/wolfSSL/wolfssl/pull/3219
	NOTE: https://github.com/wolfSSL/wolfssl/commit/3be7f3ea3a56d178acf0f7f84ee4ae8cbfee8915 (v4.5.0-stable)
CVE-2020-24584 (An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10 ...)
	- python-django 2:2.2.16-1 (bug #969367)
	[buster] - python-django <postponed> (Fix along in future DSA)
	[stretch] - python-django <not-affected> (Requires Python 3.7+)
	NOTE: https://github.com/django/django/commit/1853724acaf17ed7414d54c7d2b5563a25025a71 (master)
	NOTE: https://github.com/django/django/commit/2b099caa5923afa8cfb5f1e8c0d56b6e0e81915b (3.1.1)
	NOTE: https://github.com/django/django/commit/cdb367c92a0ba72ddc0cbd13ff42b0e6df709554 (3.0.10)
	NOTE: https://github.com/django/django/commit/a3aebfdc8153dc230686b6d2454ccd32ed4c9e6f (2.2.16)
CVE-2020-24583 (An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10 ...)
	- python-django 2:2.2.16-1 (bug #969367)
	[buster] - python-django <postponed> (Fix along in future DSA)
	[stretch] - python-django <not-affected> (Requires Python 3.7+)
	NOTE: https://github.com/django/django/commit/8d7271578d7b153435b40fe40236ebec43cbf1b9 (master)
	NOTE: https://github.com/django/django/commit/934430d22aa5d90c2ba33495ff69a6a1d997d584 (3.1.1)
	NOTE: https://github.com/django/django/commit/08892bffd275c79ee1f8f67639eb170aaaf1181e (3.0.10)
	NOTE: https://github.com/django/django/commit/375657a71c889c588f723469bd868bd1d40c369f (2.2.16)
CVE-2020-24582 (Zulip Desktop before 5.4.3 allows XSS because string escaping is misha ...)
	NOT-FOR-US: Zulip Desktop
CVE-2020-24581 (An issue was discovered on D-Link DSL-2888A devices with firmware prio ...)
	NOT-FOR-US: D-Link
CVE-2020-24580 (An issue was discovered on D-Link DSL-2888A devices with firmware prio ...)
	NOT-FOR-US: D-Link
CVE-2020-24579 (An issue was discovered on D-Link DSL-2888A devices with firmware prio ...)
	NOT-FOR-US: D-Link
CVE-2020-24578 (An issue was discovered on D-Link DSL-2888A devices with firmware prio ...)
	NOT-FOR-US: D-Link
CVE-2020-24577 (An issue was discovered on D-Link DSL-2888A devices with firmware prio ...)
	NOT-FOR-US: D-Link
CVE-2020-24576 (Netskope Client through 77 allows low-privileged users to elevate thei ...)
	NOT-FOR-US: Netskope Client
CVE-2020-24575
	RESERVED
CVE-2020-24574 (The client (aka GalaxyClientService.exe) in GOG GALAXY through 2.0.41  ...)
	NOT-FOR-US: GOG Galaxy client
CVE-2020-24573 (BAB TECHNOLOGIE GmbH eibPort V3 prior to 3.8.3 devices allow denial of ...)
	NOT-FOR-US: BAB TECHNOLOGIE GmbH eibPort
CVE-2020-24572 (An issue was discovered in includes/webconsole.php in RaspAP 2.5. With ...)
	NOT-FOR-US: RaspAP
CVE-2020-24571 (NexusQA NexusDB before 4.50.23 allows the reading of files via ../ dir ...)
	NOT-FOR-US: NexusDB
CVE-2020-24570 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...)
	NOT-FOR-US: MB CONNECT LINE
CVE-2020-24569 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...)
	NOT-FOR-US: MB CONNECT LINE
CVE-2020-24568 (An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT ...)
	NOT-FOR-US: MB CONNECT LINE
CVE-2020-24567 (** DISPUTED ** voidtools Everything before 1.4.1 Beta Nightly 2020-08- ...)
	NOT-FOR-US: voidtools
CVE-2020-24566 (In Octopus Deploy 2020.3.x before 2020.3.4 and 2020.4.x before 2020.4. ...)
	NOT-FOR-US: Octopus Deploy
CVE-2020-24565 (An out-of-bounds read information disclosure vulnerabilities in Trend  ...)
	NOT-FOR-US: Trend Micro
CVE-2020-24564 (An out-of-bounds read information disclosure vulnerabilities in Trend  ...)
	NOT-FOR-US: Trend Micro
CVE-2020-24563 (A vulnerability in Trend Micro Apex One may allow a local attacker to  ...)
	NOT-FOR-US: Trend Micro
CVE-2020-24562 (A vulnerability in Trend Micro OfficeScan XG SP1 on Microsoft Windows  ...)
	NOT-FOR-US: Trend Micro
CVE-2020-24561 (A command injection vulnerability in Trend Micro ServerProtect for Lin ...)
	NOT-FOR-US: Trend Micro
CVE-2020-24560 (An incomplete SSL server certification validation vulnerability in the ...)
	NOT-FOR-US: Trend Micro
CVE-2020-24559 (A vulnerability in Trend Micro Apex One, Worry-Free Business Security  ...)
	NOT-FOR-US: Trend Micro
CVE-2020-24558 (A vulnerability in an Trend Micro Apex One, Worry-Free Business Securi ...)
	NOT-FOR-US: Trend Micro
CVE-2020-24557 (A vulnerability in Trend Micro Apex One and Worry-Free Business Securi ...)
	NOT-FOR-US: Trend Micro
CVE-2020-24556 (A vulnerability in Trend Micro Apex One, OfficeScan XG SP1, Worry-Free ...)
	NOT-FOR-US: Trend Micro
CVE-2020-24614 (Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 a ...)
	- fossil 1:2.12.1-1
	[buster] - fossil <no-dsa> (Minor issue)
	[stretch] - fossil <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2020/08/20/1
	NOTE: https://fossil-scm.org/forum/info/a05ae3ce7760daf6
	NOTE: https://fossil-scm.org/fossil/vdiff?branch=sec2020-2.12-patch&diff=1&w
CVE-2020-24555
	RESERVED
CVE-2020-24554 (The redirect module in Liferay Portal before 7.3.3 does not limit the  ...)
	NOT-FOR-US: Liferay
CVE-2020-24553 (Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html ...)
	- golang-1.15 1.15.2-1 (bug #969661)
	- golang-1.14 <removed> (bug #969662)
	- golang-1.11 <removed>
	[buster] - golang-1.11 <no-dsa> (Minor issue)
	- golang-1.8 <removed>
	[stretch] - golang-1.8 <no-dsa> (Minor issue)
	- golang-1.7 <removed>
	[stretch] - golang-1.7 <no-dsa> (Minor issue)
	NOTE: https://groups.google.com/forum/#!topic/golang-announce/8wqlSbkLdPs
	NOTE: https://github.com/golang/go/issues/40928
	NOTE: https://github.com/golang/go/issues/41164 (1.14 backport)
	NOTE: https://github.com/golang/go/issues/41165 (1.15 backport)
	NOTE: https://www.redteam-pentesting.de/en/advisories/rt-sa-2020-004/-inconsistent-behavior-of-gos-cgi-and-fastcgi-transport-may-lead-to-cross-site-scripting
CVE-2020-24552 (Atop Technology industrial 3G/4G gateway contains Command Injection vu ...)
	NOT-FOR-US: Atop Technology industrial 3G/4G gateway
CVE-2020-24551 (IProom MMC+ Server login page does not validate specific parameters pr ...)
	NOT-FOR-US: IProom MMC+ Server
CVE-2020-24550 (An Open Redirect vulnerability in EpiServer Find before 13.2.7 allows  ...)
	NOT-FOR-US: EpiServer Find
CVE-2020-24549 (openMAINT before 1.1-2.4.2 allows remote authenticated users to run ar ...)
	NOT-FOR-US: openMAINT
CVE-2020-24548 (Ericom Access Server 9.2.0 (for AccessNow and Ericom Blaze) allows SSR ...)
	NOT-FOR-US: Ericom
CVE-2020-24547
	RESERVED
CVE-2020-24546
	RESERVED
CVE-2020-24545
	RESERVED
CVE-2020-24544
	RESERVED
CVE-2020-24543
	RESERVED
CVE-2020-24542
	RESERVED
CVE-2020-24541
	RESERVED
CVE-2020-24540
	RESERVED
CVE-2020-24539
	RESERVED
CVE-2020-24538
	RESERVED
CVE-2020-24537
	RESERVED
CVE-2020-24536
	RESERVED
CVE-2020-24535
	RESERVED
CVE-2020-24534
	RESERVED
CVE-2020-24533
	RESERVED
CVE-2020-24532
	RESERVED
CVE-2020-24531
	RESERVED
CVE-2020-24530
	RESERVED
CVE-2020-24529
	RESERVED
CVE-2020-24528
	RESERVED
CVE-2020-24527
	RESERVED
CVE-2020-24526
	RESERVED
CVE-2020-24525 (Insecure inherited permissions in firmware update tool for some Intel( ...)
	NOT-FOR-US: Intel
CVE-2020-24524
	RESERVED
CVE-2020-24523
	RESERVED
CVE-2020-24522
	RESERVED
CVE-2020-24521
	RESERVED
CVE-2020-24520
	RESERVED
CVE-2020-24519
	RESERVED
CVE-2020-24518
	RESERVED
CVE-2020-24517
	RESERVED
CVE-2020-24516 (Modification of assumed-immutable data in subsystem in Intel(R) CSME v ...)
	NOT-FOR-US: Intel
CVE-2020-24515 (Protection mechanism failure in some Intel(R) RealSense(TM) IDs may al ...)
	NOT-FOR-US: Intel
CVE-2020-24514 (Improper authentication in some Intel(R) RealSense(TM) IDs may allow a ...)
	NOT-FOR-US: Intel
CVE-2020-24513 (Domain-bypass transient execution vulnerability in some Intel Atom(R)  ...)
	{DSA-4934-1 DLA-2718-1}
	- intel-microcode 3.20210608.1 (bug #989615)
	NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20210608
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00465.html
CVE-2020-24512 (Observable timing discrepancy in some Intel(R) Processors may allow an ...)
	{DSA-4934-1 DLA-2718-1}
	- intel-microcode 3.20210608.1 (bug #989615)
	NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20210608
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html
CVE-2020-24511 (Improper isolation of shared resources in some Intel(R) Processors may ...)
	{DSA-4934-1 DLA-2718-1}
	- intel-microcode 3.20210608.1 (bug #989615)
	NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20210608
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00464.html
CVE-2020-24510
	RESERVED
CVE-2020-24509 (Insufficient control flow management in subsystem in Intel(R) SPS vers ...)
	NOT-FOR-US: Intel
CVE-2020-24508
	RESERVED
CVE-2020-24507 (Improper initialization in a subsystem in the Intel(R) CSME versions b ...)
	NOT-FOR-US: Intel
CVE-2020-24506 (Out of bound read in a subsystem in the Intel(R) CSME versions before  ...)
	NOT-FOR-US: Intel
CVE-2020-24505 (Insufficient input validation in the firmware for the Intel(R) 700-ser ...)
	NOT-FOR-US: Intel NIC firmware
CVE-2020-24504 (Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapt ...)
	- linux 5.14.6-1
	[bullseye] - linux <ignored> (Minor issue, too intrusive to backport)
	[buster] - linux <not-affected> (Vulnerable code not present)
	[stretch] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html
CVE-2020-24503 (Insufficient access control in some Intel(R) Ethernet E810 Adapter dri ...)
	NOT-FOR-US: Proprietary out-of-tree driver for Intel E810
CVE-2020-24502 (Improper input validation in some Intel(R) Ethernet E810 Adapter drive ...)
	NOT-FOR-US: Proprietary out-of-tree driver for Intel E810
CVE-2020-24501 (Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers ...)
	NOT-FOR-US: Intel NIC firmware
CVE-2020-24500 (Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers ...)
	NOT-FOR-US: Intel NIC firmware
CVE-2020-24499
	RESERVED
CVE-2020-24498 (Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers ...)
	NOT-FOR-US: Intel NIC firmware
CVE-2020-24497 (Insufficient Access Control in the firmware for Intel(R) E810 Ethernet ...)
	NOT-FOR-US: Intel NIC firmware
CVE-2020-24496 (Insufficient input validation in the firmware for Intel(R) 722 Etherne ...)
	NOT-FOR-US: Intel NIC firmware
CVE-2020-24495 (Insufficient access control in the firmware for the Intel(R) 700-serie ...)
	NOT-FOR-US: Intel NIC firmware
CVE-2020-24494 (Insufficient access control in the firmware for the Intel(R) 722 Ether ...)
	NOT-FOR-US: Intel NIC firmware
CVE-2020-24493 (Insufficient access control in the firmware for the Intel(R) 700-serie ...)
	NOT-FOR-US: Intel NIC firmware
CVE-2020-24492 (Insufficient access control in the firmware for the Intel(R) 722 Ether ...)
	NOT-FOR-US: Intel NIC firmware
CVE-2020-24491 (Debug message containing addresses of memory transactions in some Inte ...)
	NOT-FOR-US: Intel
CVE-2020-24490 (Improper buffer restrictions in BlueZ may allow an unauthenticated use ...)
	{DLA-2420-1}
	- linux 5.7.17-1
	[buster] - linux 4.19.146-1
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html
	NOTE: https://github.com/google/security-research/security/advisories/GHSA-ccx2-w2r4-x649
	NOTE: Fixed by: https://git.kernel.org/linus/a2ec905d1e160a33b2e210e45ad30445ef26ce0e (5.8)
CVE-2020-24489 (Incomplete cleanup in some Intel(R) VT-d products may allow an authent ...)
	{DSA-4934-1 DLA-2718-1}
	- intel-microcode 3.20210608.1 (bug #989615)
	NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20210608
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00442.html
CVE-2020-24488
	RESERVED
CVE-2020-24487
	RESERVED
CVE-2020-24486 (Improper input validation in the firmware for some Intel(R) Processors ...)
	NOT-FOR-US: Intel
CVE-2020-24485 (Improper conditions check in the Intel(R) FPGA OPAE Driver for Linux b ...)
	NOT-FOR-US: Intel
CVE-2020-24484
	RESERVED
CVE-2020-24483
	RESERVED
CVE-2020-24482 (Improper buffer restrictions in firmware for Intel(R) 7360 Cell Modem  ...)
	NOT-FOR-US: Intel
CVE-2020-24481 (Insecure inherited permissions for the Intel(R) Quartus Prime Pro and  ...)
	NOT-FOR-US: Intel
CVE-2020-24480 (Out-of-bounds write in the Intel(R) XTU before version 6.5.3.25 may al ...)
	NOT-FOR-US: Intel
CVE-2020-24479
	RESERVED
CVE-2020-24478
	RESERVED
CVE-2020-24477
	RESERVED
CVE-2020-24476
	RESERVED
CVE-2020-24475 (Improper initialization in the BMC firmware for some Intel(R) Server B ...)
	NOT-FOR-US: Intel
CVE-2020-24474 (Buffer overflow in the BMC firmware for some Intel(R) Server Boards, S ...)
	NOT-FOR-US: Intel
CVE-2020-24473 (Out of bounds write in the BMC firmware for some Intel(R) Server Board ...)
	NOT-FOR-US: Intel
CVE-2020-24472
	RESERVED
CVE-2020-24471
	RESERVED
CVE-2020-24470
	RESERVED
CVE-2020-24469
	RESERVED
CVE-2020-24468
	RESERVED
CVE-2020-24467
	RESERVED
CVE-2020-24466
	RESERVED
CVE-2020-24465
	RESERVED
CVE-2020-24464
	RESERVED
CVE-2020-24463
	RESERVED
CVE-2020-24462 (Out of bounds write in the Intel(R) Graphics Driver before version 15. ...)
	NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-24461
	RESERVED
CVE-2020-24460 (Incorrect default permissions in the Intel(R) DSA before version 20.8. ...)
	NOT-FOR-US: Intel
CVE-2020-24459
	RESERVED
CVE-2020-24458 (Incomplete cleanup in some Intel(R) PROSet/Wireless WiFi and Killer (T ...)
	NOT-FOR-US: Intel
CVE-2020-24457 (Logic error in BIOS firmware for 8th, 9th and 10th Generation Intel(R) ...)
	NOT-FOR-US: Intel
CVE-2020-24456 (Incorrect default permissions in the Intel(R) Board ID Tool version v. ...)
	NOT-FOR-US: Intel
CVE-2020-24455 (Missing initialization of a variable in the TPM2 source may allow a pr ...)
	- tpm2-tss 3.0.1-1
	[buster] - tpm2-tss <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/tpm2-software/tpm2-tss/commit/0cc5f0e12694f3780a8512fc37a7dbc542ea4330 (master)
	NOTE: https://github.com/tpm2-software/tpm2-tss/commit/9536b79cd5a13884a7e4de7a571f72530180c20b (3.0.1)
	NOTE: https://github.com/tpm2-software/tpm2-tss/commit/bf24b0ef0fa8de9300a323f70a097a1afd818439 (2.4.5)
CVE-2020-24454 (Improper Restriction of XML External Entity Reference in subsystem for ...)
	NOT-FOR-US: Intel
CVE-2020-24453 (Improper input validation in the Intel(R) EPID SDK before version 8, m ...)
	NOT-FOR-US: Intel
CVE-2020-24452 (Improper input validation in the Intel(R) SGX Platform Software for Wi ...)
	NOT-FOR-US: Intel
CVE-2020-24451 (Uncontrolled search path in the Intel(R) Optane(TM) DC Persistent Memo ...)
	NOT-FOR-US: Intel
CVE-2020-24450 (Improper conditions check in some Intel(R) Graphics Drivers before ver ...)
	NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-24449
	RESERVED
CVE-2020-24448 (Uncaught exception in some Intel(R) Graphics Drivers before version 15 ...)
	NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-24447 (Adobe Lightroom Classic version 10.0 (and earlier) for Windows is affe ...)
	NOT-FOR-US: Adobe
CVE-2020-24446
	RESERVED
CVE-2020-24445 (AEM's Cloud Service offering, as well as version 6.5.6.0 (and below),  ...)
	NOT-FOR-US: Adobe
CVE-2020-24444 (AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM  ...)
	NOT-FOR-US: Adobe
CVE-2020-24443 (Adobe Connect version 11.0 (and earlier) is affected by a reflected Cr ...)
	NOT-FOR-US: Adobe
CVE-2020-24442 (Adobe Connect version 11.0 (and earlier) is affected by a reflected Cr ...)
	NOT-FOR-US: Adobe
CVE-2020-24441 (Adobe Acrobat Reader for Android version 20.6.2 (and earlier) does not ...)
	NOT-FOR-US: Adobe
CVE-2020-24440 (Adobe Prelude version 9.0.1 (and earlier) is affected by an uncontroll ...)
	NOT-FOR-US: Adobe
CVE-2020-24439 (Acrobat Reader DC for macOS versions 2020.012.20048 (and earlier), 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-24438 (Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.3000 ...)
	NOT-FOR-US: Adobe
CVE-2020-24437 (Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.3000 ...)
	NOT-FOR-US: Adobe
CVE-2020-24436 (Acrobat Pro DC versions 2020.012.20048 (and earlier), 2020.001.30005 ( ...)
	NOT-FOR-US: Adobe
CVE-2020-24435 (Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.3000 ...)
	NOT-FOR-US: Adobe
CVE-2020-24434 (Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.3000 ...)
	NOT-FOR-US: Adobe
CVE-2020-24433 (Adobe Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.00 ...)
	NOT-FOR-US: Adobe
CVE-2020-24432 (Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.3000 ...)
	NOT-FOR-US: Adobe
CVE-2020-24431 (Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.3000 ...)
	NOT-FOR-US: Adobe
CVE-2020-24430 (Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.3000 ...)
	NOT-FOR-US: Adobe
CVE-2020-24429 (Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.3000 ...)
	NOT-FOR-US: Adobe
CVE-2020-24428 (Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.3000 ...)
	NOT-FOR-US: Adobe
CVE-2020-24427 (Acrobat Reader versions 2020.012.20048 (and earlier), 2020.001.30005 ( ...)
	NOT-FOR-US: Adobe
CVE-2020-24426 (Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.3000 ...)
	NOT-FOR-US: Adobe
CVE-2020-24425 (Dreamweaver version 20.2 (and earlier) is affected by an uncontrolled  ...)
	NOT-FOR-US: Adobe
CVE-2020-24424 (Adobe Premiere Pro version 14.4 (and earlier) is affected by an uncont ...)
	NOT-FOR-US: Adobe
CVE-2020-24423 (Adobe Media Encoder version 14.4 (and earlier) for Windows is affected ...)
	NOT-FOR-US: Adobe
CVE-2020-24422 (Adobe Creative Cloud Desktop Application version 5.2 (and earlier) and ...)
	NOT-FOR-US: Adobe
CVE-2020-24421 (Adobe InDesign version 15.1.2 (and earlier) is affected by a NULL poin ...)
	NOT-FOR-US: Adobe
CVE-2020-24420 (Adobe Photoshop for Windows version 21.2.1 (and earlier) is affected b ...)
	NOT-FOR-US: Adobe
CVE-2020-24419 (Adobe After Effects version 17.1.1 (and earlier) for Windows is affect ...)
	NOT-FOR-US: Adobe
CVE-2020-24418 (Adobe After Effects version 17.1.1 (and earlier) is affected by an out ...)
	NOT-FOR-US: Adobe
CVE-2020-24417
	RESERVED
CVE-2020-24416 (Marketo Sales Insight plugin version 1.4355 (and earlier) is affected  ...)
	NOT-FOR-US: Marketo Sales Insight plugin
CVE-2020-24415 (Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory ...)
	NOT-FOR-US: Adobe
CVE-2020-24414 (Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory ...)
	NOT-FOR-US: Adobe
CVE-2020-24413 (Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory ...)
	NOT-FOR-US: Adobe
CVE-2020-24412 (Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory ...)
	NOT-FOR-US: Adobe
CVE-2020-24411 (Adobe Illustrator version 24.2 (and earlier) is affected by an out-of- ...)
	NOT-FOR-US: Adobe
CVE-2020-24410 (Adobe Illustrator version 24.2 (and earlier) is affected by an out-of- ...)
	NOT-FOR-US: Adobe
CVE-2020-24409 (Adobe Illustrator version 24.2 (and earlier) is affected by an out-of- ...)
	NOT-FOR-US: Adobe
CVE-2020-24408 (Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by a per ...)
	NOT-FOR-US: Magento
CVE-2020-24407 (Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by an un ...)
	NOT-FOR-US: Magento
CVE-2020-24406 (When in maintenance mode, Magento version 2.4.0 and 2.3.4 (and earlier ...)
	NOT-FOR-US: Magento
CVE-2020-24405 (Magento version 2.4.0 and 2.3.5p1 (and earlier) are affected by an inc ...)
	NOT-FOR-US: Magento
CVE-2020-24404 (Magento version 2.4.0 and 2.3.5p1 (and earlier) are affected by an inc ...)
	NOT-FOR-US: Magento
CVE-2020-24403 (Magento version 2.4.0 and 2.3.5p1 (and earlier) are affected by an inc ...)
	NOT-FOR-US: Magento
CVE-2020-24402 (Magento version 2.4.0 and 2.3.5p1 (and earlier) are affected by an inc ...)
	NOT-FOR-US: Magento
CVE-2020-24401 (Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by an in ...)
	NOT-FOR-US: Magento
CVE-2020-24400 (Magento versions 2.4.0 and 2.3.5 (and earlier) are affected by an SQL  ...)
	NOT-FOR-US: Magento
CVE-2020-24399
	RESERVED
CVE-2020-24398
	RESERVED
CVE-2020-24397 (An issue was discovered in the client side of Zoho ManageEngine Deskto ...)
	NOT-FOR-US: Zoho ManageEngine Desktop Central
CVE-2020-24396 (homee Brain Cube v2 (2.28.2 and 2.28.4) devices have sensitive SSH key ...)
	NOT-FOR-US: homee Brain Cube
CVE-2020-24395 (The USB firmware update script of homee Brain Cube v2 (2.28.2 and 2.28 ...)
	NOT-FOR-US: homee Brain Cube
CVE-2020-24394 (In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) ca ...)
	- linux 5.7.6-1 (bug #962254)
	[buster] - linux 4.19.131-1
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.kernel.org/linus/22cf8419f1319ff87ec759d0ebdff4cbafaee832
CVE-2020-24393 (TweetStream 2.6.1 uses the library eventmachine in an insecure way tha ...)
	NOT-FOR-US: TweetStream
CVE-2020-24392 (In voloko twitter-stream 0.1.10, missing TLS hostname validation allow ...)
	- ruby-twitter-stream <unfixed> (bug #988733)
	[bullseye] - ruby-twitter-stream <no-dsa> (Minor issue)
	[buster] - ruby-twitter-stream <no-dsa> (Minor issue)
	[stretch] - ruby-twitter-stream <no-dsa> (Minor issue)
	NOTE: https://securitylab.github.com/advisories/GHSL-2020-097-voloko-twitter-stream
CVE-2020-24391 (mongo-express before 1.0.0 offers support for certain advanced syntax  ...)
	NOT-FOR-US: mongo-express
CVE-2020-24390 (eonweb in EyesOfNetwork before 5.3-7 does not properly escape the user ...)
	NOT-FOR-US: EyesOfNetwork (EON)
CVE-2020-24389
	RESERVED
CVE-2020-24388 (An issue was discovered in the _send_secure_msg() function of yubihsm- ...)
	NOT-FOR-US: yubihsm-shell
CVE-2020-24387 (An issue was discovered in the yh_create_session() function of yubihsm ...)
	NOT-FOR-US: yubihsm-shell
CVE-2020-24386 (An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE,  ...)
	{DSA-4825-1 DLA-2517-1}
	- dovecot 1:2.3.13+dfsg1-1 (bug #979363)
	NOTE: https://dovecot.org/pipermail/dovecot-news/2021-January/000450.html
	NOTE: https://github.com/dovecot/core/commit/00df2308b0733e810824545183d73276c416cdd3
	NOTE: https://github.com/dovecot/core/commit/b4a9872b833b7985c7d0e7615f1b7fc812dd4c55
CVE-2020-24385 (In MidnightBSD before 1.2.6 and 1.3 before August 2020, and FreeBSD be ...)
	NOT-FOR-US: FreeBSD and MidnightBSD
CVE-2020-24384 (A10 Networks ACOS and aGalaxy management Graphical User Interfaces (GU ...)
	NOT-FOR-US: A10 Networks
CVE-2020-24383 (An issue was discovered in FNET through 4.6.4. The code for processing ...)
	NOT-FOR-US: FNET
CVE-2020-24382
	RESERVED
CVE-2020-24381 (GUnet Open eClass Platform (aka openeclass) before 3.11 might allow re ...)
	NOT-FOR-US: GUnet Open eClass Platform
CVE-2020-24380
	RESERVED
CVE-2020-24379 (WebDAV implementation in Yaws web server versions 1.81 to 2.0.7 is vul ...)
	{DSA-4773-1 DLA-2384-1}
	- yaws 2.0.8+dfsg-1
	NOTE: https://github.com/erlyaws/yaws/commit/05a06345012598f5da55dbb4d041c8dc26e88e6c
	NOTE: https://github.com/vulnbe/poc-yaws-dav-xxe
CVE-2020-24378
	RESERVED
CVE-2020-24377 (A DNS rebinding vulnerability in the Freebox OS web interface in Freeb ...)
	NOT-FOR-US: Freebox
CVE-2020-24376 (A DNS rebinding vulnerability in the UPnP IGD implementations in Freeb ...)
	NOT-FOR-US: Freebox
CVE-2020-24375 (A DNS rebinding vulnerability in the UPnP MediaServer implementation i ...)
	NOT-FOR-US: Freebox
CVE-2020-24374 (A DNS rebinding vulnerability in Freebox v5 before 1.5.29. ...)
	NOT-FOR-US: Freebox
CVE-2020-24373 (A CSRF vulnerability in the UPnP MediaServer implementation in Freebox ...)
	NOT-FOR-US: Freebox
CVE-2020-24372 (LuaJIT through 2.1.0-beta3 has an out-of-bounds read in lj_err_run in  ...)
	- luajit <unfixed> (unimportant)
	NOTE: https://github.com/LuaJIT/LuaJIT/issues/603
	NOTE: No security impact, only "exploitable" with untrusted Lua code
CVE-2020-24371 (lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the ...)
	- lua5.4 5.4.1-1 (bug #971010)
	- lua5.3 <not-affected> (Vulnerable code introduced in 5.4.0)
	NOTE: https://github.com/lua/lua/commit/a6da1472c0c5e05ff249325f979531ad51533110
	NOTE: https://www.lua.org/bugs.html#5.4.0-10
CVE-2020-24370 (ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation faul ...)
	{DLA-2381-1}
	- lua5.4 5.4.1-1 (bug #971613)
	- lua5.3 5.3.6-1 (bug #988734)
	[bullseye] - lua5.3 <no-dsa> (Minor issue)
	[buster] - lua5.3 <no-dsa> (Minor issue)
	NOTE: http://lua-users.org/lists/lua-l/2020-07/msg00324.html
	NOTE: (lua5.4) https://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b
	NOTE: (lua5.3) https://github.com/lua/lua/commit/b5bc89846721375fe30772eb8c5ab2786f362bf9
CVE-2020-24369 (ldebug.c in Lua 5.4.0 attempts to access debug information via the lin ...)
	- lua5.4 5.4.1-1 (bug #971013)
	NOTE: https://github.com/lua/lua/commit/ae5b5ba529753c7a653901ffc29b5ea24c3fdf3a
	NOTE: https://www.lua.org/bugs.html#5.4.0-12
CVE-2020-24368 (Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Director ...)
	{DSA-4747-1 DLA-2343-1}
	- icingaweb2 2.8.2-1 (bug #968833)
	NOTE: https://icinga.com/2020/08/19/icinga-web-security-release-v2-6-4-v2-7-4-and-v2-8-2/
	NOTE: https://github.com/Icinga/icingaweb2/issues/4226
	NOTE: https://github.com/Icinga/icingaweb2/commit/5700caf5f2ebd8a20ce2bd9ca30cb471f8b7487e (support/2.6)
	NOTE: https://github.com/Icinga/icingaweb2/commit/3035efac65ca2f7977916bd117056aa411776dfd (master)
CVE-2020-24367 (Incorrect file permissions in BlueStacks 4 through 4.230 on Windows al ...)
	NOT-FOR-US: BlueStacks
CVE-2020-24366 (Sensitive information could be disclosed in the JetBrains YouTrack app ...)
	NOT-FOR-US: JetBrains
CVE-2020-24365 (An issue was discovered on Gemtek WRTM-127ACN 01.01.02.141 and WRTM-12 ...)
	NOT-FOR-US: Gemtek devices
CVE-2020-24364 (MineTime through 1.8.5 allows arbitrary command execution via the note ...)
	NOT-FOR-US: MineTime
CVE-2020-24363 (TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticat ...)
	NOT-FOR-US: TP-Link
CVE-2020-24362
	RESERVED
CVE-2020-24361 (SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, P ...)
	{DLA-2393-1}
	- snmptt 1.4.2-1
	[buster] - snmptt <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/snmptt/git/ci/f6aef5223bc9ed8126268a273ac9f5c341af835a
CVE-2020-24360 (An issue with ARP packets in Arista&#8217;s EOS affecting the 7800R3,  ...)
	NOT-FOR-US: Arista
CVE-2020-24359 (HashiCorp vault-ssh-helper up to and including version 0.1.6 incorrect ...)
	NOT-FOR-US: vault-ssh-helper
CVE-2020-24358
	RESERVED
CVE-2020-24357
	RESERVED
CVE-2020-24356 (`cloudflared` versions prior to 2020.8.1 contain a local privilege esc ...)
	NOT-FOR-US: cloudflared
CVE-2020-24355 (Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibl ...)
	NOT-FOR-US: Zyxel
CVE-2020-24354 (Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibl ...)
	NOT-FOR-US: Zyxel
CVE-2020-24353 (Pega Platform before 8.4.0 has a XSS issue via stream rule parameters  ...)
	NOT-FOR-US: Pega Platform
CVE-2020-24352 (An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory ...)
	- qemu <unfixed> (unimportant; bug #968820)
	[buster] - qemu <not-affected> (Vulnerable code introduced in ATI VGA device emulation added later)
	[stretch] - qemu <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1847584
	NOTE: Feature isn't production-ready/experimental: https://lists.gnu.org/archive/html/qemu-devel/2020-08/msg05528.html
CVE-2020-24351
	RESERVED
CVE-2020-24350
	RESERVED
CVE-2020-24349 (njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_va ...)
	NOT-FOR-US: njs
CVE-2020-24348 (njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_jso ...)
	NOT-FOR-US: njs
CVE-2020-24347 (njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_lvl ...)
	NOT-FOR-US: njs
CVE-2020-24346 (njs through 0.4.3, used in NGINX, has a use-after-free in njs_json_par ...)
	NOT-FOR-US: njs
CVE-2020-24345 (** DISPUTED ** JerryScript through 2.3.0 allows stack consumption via  ...)
	NOTE: Disputed JerryScript issue
CVE-2020-24344 (JerryScript through 2.3.0 has a (function({a=arguments}){const argumen ...)
	- iotjs <unfixed> (bug #988213)
	[bullseye] - iotjs <no-dsa> (Minor issue)
	[buster] - iotjs <no-dsa> (Minor issue)
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3976
	NOTE: https://github.com/jerryscript-project/jerryscript/commit/841d536fce1ce29267cdf0ea12be4026e1c35d3a
CVE-2020-24343 (Artifex MuJS through 1.0.7 has a use-after-free in jsrun.c because of  ...)
	- mujs <not-affected> (Didn't affect any released version of mujs)
	NOTE: https://github.com/ccxvii/mujs/issues/136
CVE-2020-24342 (Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring be ...)
	- lua5.4 5.4.1-1 (bug #971012)
	NOTE: http://lua-users.org/lists/lua-l/2020-07/msg00052.html
	NOTE: https://github.com/lua/lua/commit/34affe7a63fc5d842580a9f23616d057e17dfe27
CVE-2020-24341 (An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The T ...)
	NOT-FOR-US: picoTCP (and picoTCP-NG)
CVE-2020-24340 (An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The c ...)
	NOT-FOR-US: picoTCP (and picoTCP-NG)
CVE-2020-24339 (An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The D ...)
	NOT-FOR-US: picoTCP (and picoTCP-NG)
CVE-2020-24338 (An issue was discovered in picoTCP through 1.7.0. The DNS domain name  ...)
	NOT-FOR-US: picoTCP
CVE-2020-24337 (An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. When  ...)
	NOT-FOR-US: picoTCP (and picoTCP-NG)
CVE-2020-24336 (An issue was discovered in Contiki through 3.0 and Contiki-NG through  ...)
	NOT-FOR-US: Contiki
CVE-2020-24335 (An issue was discovered in uIP through 1.0, as used in Contiki and Con ...)
	NOT-FOR-US: Contiki
CVE-2020-24334 (The code that processes DNS responses in uIP through 1.0, as used in C ...)
	NOT-FOR-US: uIP
CVE-2020-24333 (A vulnerability in Arista&#8217;s CloudVision Portal (CVP) prior to 20 ...)
	NOT-FOR-US: Arista
CVE-2020-24332 (An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ...)
	- trousers <unfixed> (unimportant)
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1164472
	NOTE: https://sourceforge.net/p/trousers/mailman/message/37015817/
	NOTE: https://www.openwall.com/lists/oss-security/2020/08/14/1
	NOTE: In Debian, tcsd gets started under the tss user
CVE-2020-24331 (An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ...)
	- trousers <unfixed> (unimportant)
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1164472
	NOTE: https://sourceforge.net/p/trousers/mailman/message/37015817/
	NOTE: https://www.openwall.com/lists/oss-security/2020/08/14/1
	NOTE: In Debian, tcsd gets started under the tss user
CVE-2020-24330 (An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ...)
	- trousers <unfixed> (unimportant)
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1164472
	NOTE: https://sourceforge.net/p/trousers/mailman/message/37015817/
	NOTE: https://www.openwall.com/lists/oss-security/2020/08/14/1
	NOTE: In Debian, tcsd gets started under the tss user
CVE-2020-24329
	RESERVED
CVE-2020-24328
	RESERVED
CVE-2020-24327 (Server Side Request Forgery (SSRF) vulnerability exists in Discourse 2 ...)
	NOT-FOR-US: Discourse
CVE-2020-24326
	RESERVED
CVE-2020-24325
	RESERVED
CVE-2020-24324
	RESERVED
CVE-2020-24323
	RESERVED
CVE-2020-24322
	RESERVED
CVE-2020-24321
	RESERVED
CVE-2020-24320
	RESERVED
CVE-2020-24319
	RESERVED
CVE-2020-24318
	RESERVED
CVE-2020-24317
	RESERVED
CVE-2020-24316 (WP Plugin Rednumber Admin Menu v1.1 and lower does not sanitize the va ...)
	NOT-FOR-US: WP Plugin Rednumber Admin Menu
CVE-2020-24315 (Vinoj Cardoza WordPress Poll Plugin v36 and lower executes SQL stateme ...)
	NOT-FOR-US: Vinoj Cardoza WordPress Poll Plugin
CVE-2020-24314 (Fahad Mahmood RSS Feed Widget Plugin v2.7.9 and lower does not sanitiz ...)
	NOT-FOR-US: Fahad Mahmood RSS Feed Widget Plugin
CVE-2020-24313 (Etoile Web Design Ultimate Appointment Booking &amp; Scheduling WordPr ...)
	NOT-FOR-US: Etoile Web Design Ultimate Appointment Booking & Scheduling WordPress Plugin
CVE-2020-24312 (mndpsingh287 WP File Manager v6.4 and lower fails to restrict external ...)
	NOT-FOR-US: mndpsingh287 WP File Manager
CVE-2020-24311
	RESERVED
CVE-2020-24310
	RESERVED
CVE-2020-24309
	RESERVED
CVE-2020-24308
	RESERVED
CVE-2020-24307
	RESERVED
CVE-2020-24306
	RESERVED
CVE-2020-24305
	RESERVED
CVE-2020-24304
	RESERVED
CVE-2020-24303 (Grafana before 7.1.0-beta 1 allows XSS via a query alias for the Elast ...)
	- grafana <removed>
CVE-2020-24302
	RESERVED
CVE-2020-24301 (Users of the HAPI FHIR Testpage Overlay 5.0.0 and below can use a spec ...)
	NOT-FOR-US: HAPI FHIR Testpage Overlay
CVE-2020-24300
	RESERVED
CVE-2020-24299
	RESERVED
CVE-2020-24298
	RESERVED
CVE-2020-24297 (httpd on TP-Link TL-WPA4220 devices (versions 2 through 4) allows remo ...)
	NOT-FOR-US: TP-Link
CVE-2020-24296
	RESERVED
CVE-2020-24295
	RESERVED
CVE-2020-24294
	RESERVED
CVE-2020-24293
	RESERVED
CVE-2020-24292
	RESERVED
CVE-2020-24291
	RESERVED
CVE-2020-24290
	RESERVED
CVE-2020-24289
	RESERVED
CVE-2020-24288
	RESERVED
CVE-2020-24287
	RESERVED
CVE-2020-24286
	RESERVED
CVE-2020-24285 (INTELBRAS TELEFONE IP TIP200 version 60.61.75.22 allows an attacker to ...)
	NOT-FOR-US: intelbras
CVE-2020-24284
	RESERVED
CVE-2020-24283
	RESERVED
CVE-2020-24282
	RESERVED
CVE-2020-24281
	RESERVED
CVE-2020-24280
	RESERVED
CVE-2020-24279
	RESERVED
CVE-2020-24278
	RESERVED
CVE-2020-24277
	RESERVED
CVE-2020-24276
	RESERVED
CVE-2020-24275
	RESERVED
CVE-2020-24274
	RESERVED
CVE-2020-24273
	RESERVED
CVE-2020-24272
	RESERVED
CVE-2020-24271 (A CSRF vulnerability was discovered in EasyCMS v1.6 that can add an ad ...)
	NOT-FOR-US: EasyCMS
CVE-2020-24270
	RESERVED
CVE-2020-24269
	RESERVED
CVE-2020-24268
	RESERVED
CVE-2020-24267
	RESERVED
CVE-2020-24266 (An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap b ...)
	- tcpreplay 4.3.4-1 (bug #972889; unimportant)
	NOTE: https://github.com/appneta/tcpreplay/issues/617
	NOTE: Crash in CLI tool, no security impact
CVE-2020-24265 (An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap b ...)
	- tcpreplay 4.3.4-1 (bug #972890; unimportant)
	NOTE: https://github.com/appneta/tcpreplay/issues/616
	NOTE: Crash in CLI tool, no security impact
CVE-2020-24264 (Portainer 1.24.1 and earlier is affected by incorrect access control t ...)
	NOT-FOR-US: Portainer
CVE-2020-24263 (Portainer 1.24.1 and earlier is affected by an insecure permissions vu ...)
	NOT-FOR-US: Portainer
CVE-2020-24262
	RESERVED
CVE-2020-24261
	RESERVED
CVE-2020-24260
	RESERVED
CVE-2020-24259
	RESERVED
CVE-2020-24258
	RESERVED
CVE-2020-24257
	RESERVED
CVE-2020-24256
	RESERVED
CVE-2020-24255
	RESERVED
CVE-2020-24254
	RESERVED
CVE-2020-24253
	RESERVED
CVE-2020-24252
	RESERVED
CVE-2020-24251
	RESERVED
CVE-2020-24250
	RESERVED
CVE-2020-24249
	RESERVED
CVE-2020-24248
	RESERVED
CVE-2020-24247
	RESERVED
CVE-2020-24246 (Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to  ...)
	NOT-FOR-US: Peplink Balance
CVE-2020-24245
	RESERVED
CVE-2020-24244
	RESERVED
CVE-2020-24243
	RESERVED
CVE-2020-24242 (In Netwide Assembler (NASM) 2.15rc10, SEGV can be triggered in tok_tex ...)
	- nasm 2.15.04-1 (unimportant)
	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392708
	NOTE: https://github.com/netwide-assembler/nasm/commit/6299a3114ce0f3acd55d07de201a8ca2f0a83059
	NOTE: Crash in CLI tool, no security impact
CVE-2020-24241 (In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in  ...)
	- nasm 2.15.04-1 (unimportant)
	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392707
	NOTE: https://github.com/netwide-assembler/nasm/commit/6ac6ac57e3d01ea8ed4ea47706eb724b59176461
	NOTE: https://github.com/netwide-assembler/nasm/commit/78df8828a0a5d8e2d8ff3dced562bf1778ce2e6c
	NOTE: Crash in CLI tool, no security impact
CVE-2020-24240 (GNU Bison before 3.7.1 has a use-after-free in _obstack_free in lib/ob ...)
	- bison 2:3.7.2+dfsg-1 (unimportant)
	[buster] - bison <not-affected> (Vulnerable code introduced later)
	[stretch] - bison <not-affected> (Vulnerable code introduced later)
	NOTE: Introduced by: https://github.com/akimd/bison/commit/7346163840080f289f0adbadfbf5659c620d5fea (v3.5.91)
	NOTE: Fixed by: https://github.com/akimd/bison/commit/be95a4fe2951374676efc9454ffee8638faaf68d (v3.7.1)
	NOTE: https://lists.gnu.org/r/bug-bison/2020-07/msg00051.html
	NOTE: Crash in CLI tool, no security impact
CVE-2020-24239
	RESERVED
CVE-2020-24238
	RESERVED
CVE-2020-24237
	RESERVED
CVE-2020-24236
	RESERVED
CVE-2020-24235
	RESERVED
CVE-2020-24234
	RESERVED
CVE-2020-24233
	RESERVED
CVE-2020-24232
	RESERVED
CVE-2020-24231 (Symmetric DS &lt;3.12.0 uses mx4j to provide access to JMX over HTTP.  ...)
	NOT-FOR-US: Symmetric DS
CVE-2020-24230
	RESERVED
CVE-2020-24229
	RESERVED
CVE-2020-24228
	RESERVED
CVE-2020-24227 (Playground Sessions v2.5.582 (and earlier) for Windows, stores the use ...)
	NOT-FOR-US: Playground Sessions for Windows
CVE-2020-24226
	RESERVED
CVE-2020-24225
	RESERVED
CVE-2020-24224
	RESERVED
CVE-2020-24223 (Mara CMS 7.5 allows cross-site scripting (XSS) in contact.php via the  ...)
	NOT-FOR-US: Mara CMS
CVE-2020-24222
	RESERVED
CVE-2020-24221
	RESERVED
CVE-2020-24220 (ShopXO v1.8.1 has a command execution vulnerability. Attackers can use ...)
	NOT-FOR-US: ShopXO
CVE-2020-24219 (An issue was discovered on URayTech IPTV/H.264/H.265 video encoders th ...)
	NOT-FOR-US: URayTech IPTV/H.264/H.265 video encoders
CVE-2020-24218 (An issue was discovered on URayTech IPTV/H.264/H.265 video encoders th ...)
	NOT-FOR-US: URayTech IPTV/H.264/H.265 video encoders
CVE-2020-24217 (An issue was discovered in the box application on HiSilicon based IPTV ...)
	NOT-FOR-US: HiSilicon based IPTV/H.264/H.265 video encoders
CVE-2020-24216 (An issue was discovered in the box application on HiSilicon based IPTV ...)
	NOT-FOR-US: HiSilicon based IPTV/H.264/H.265 video encoders
CVE-2020-24215 (An issue was discovered in the box application on HiSilicon based IPTV ...)
	NOT-FOR-US: HiSilicon based IPTV/H.264/H.265 video encoders
CVE-2020-24214 (An issue was discovered in the box application on HiSilicon based IPTV ...)
	NOT-FOR-US: HiSilicon based IPTV/H.264/H.265 video encoders
CVE-2020-24213 (An integer overflow was discovered in YGOPro ygocore v13.51. Attackers ...)
	NOT-FOR-US: ygocore
CVE-2020-24212
	REJECTED
CVE-2020-24211
	RESERVED
CVE-2020-24210
	RESERVED
CVE-2020-24209
	RESERVED
CVE-2020-24208 (A SQL injection vulnerability in SourceCodester Online Shopping Alphaw ...)
	NOT-FOR-US: SourceCodester
CVE-2020-24207
	RESERVED
CVE-2020-24206
	RESERVED
CVE-2020-24205
	RESERVED
CVE-2020-24204
	RESERVED
CVE-2020-24203 (Insecure File Permissions and Arbitrary File Upload in the upload pic  ...)
	NOT-FOR-US: Projects World Travel Management System
CVE-2020-24202 (File Upload component in Projects World House Rental v1.0 suffers from ...)
	NOT-FOR-US: Projects World House Rental
CVE-2020-24201
	RESERVED
CVE-2020-24200
	REJECTED
CVE-2020-24199 (Arbitrary File Upload in the Vehicle Image Upload component in Project ...)
	NOT-FOR-US: Vehicle Image Upload component in Project Worlds Car Rental Management System
CVE-2020-24198 (A persistent cross-site scripting vulnerability in Sourcecodester Stoc ...)
	NOT-FOR-US: Sourcecodester Stock Management System
CVE-2020-24197 (A SQL injection vulnerability in the login component in Stock Manageme ...)
	NOT-FOR-US: Stock Management System
CVE-2020-24196 (An Arbitrary File Upload in Vehicle Image Upload in Online Bike Rental ...)
	NOT-FOR-US: Online Bike Rental
CVE-2020-24195 (An Arbitrary File Upload in the Upload Image component in Sourcecodest ...)
	NOT-FOR-US: Sourcecodester Online Bike Rental
CVE-2020-24194 (A Cross-site scripting (XSS) vulnerability in 'user-profile.php' in So ...)
	NOT-FOR-US: SourceCodester Daily Tracker System
CVE-2020-24193 (A SQL injection vulnerability in login in Sourcecodetester Daily Track ...)
	NOT-FOR-US: Sourcecodetester Daily Tracker System
CVE-2020-24192
	RESERVED
CVE-2020-24191
	RESERVED
CVE-2020-24190
	RESERVED
CVE-2020-24189
	RESERVED
CVE-2020-24188 (Cross-site scripting (XSS) vulnerability in the search functionality i ...)
	NOT-FOR-US: United Planet Intrexx Professional
CVE-2020-24187
	RESERVED
CVE-2020-24186 (A Remote Code Execution vulnerability exists in the gVectors wpDiscuz  ...)
	NOT-FOR-US: gVectors wpDiscuz plugin for WordPress
CVE-2020-24185
	RESERVED
CVE-2020-24184
	RESERVED
CVE-2020-24183
	RESERVED
CVE-2020-24182
	RESERVED
CVE-2020-24181
	RESERVED
CVE-2020-24180
	RESERVED
CVE-2020-24179
	RESERVED
CVE-2020-24178
	RESERVED
CVE-2020-24177
	RESERVED
CVE-2020-24176
	RESERVED
CVE-2020-24175 (Buffer overflow in Yz1 0.30 and 0.32, as used in IZArc 4.4, ZipGenius  ...)
	NOT-FOR-US: IZArc
CVE-2020-24174
	RESERVED
CVE-2020-24173
	RESERVED
CVE-2020-24172
	RESERVED
CVE-2020-24171
	RESERVED
CVE-2020-24170
	RESERVED
CVE-2020-24169
	RESERVED
CVE-2020-24168
	RESERVED
CVE-2020-24167
	RESERVED
CVE-2020-24166
	RESERVED
CVE-2020-24165
	RESERVED
CVE-2020-24164 (A deserialization flaw is present in Taoensso Nippy before 2.14.2. In  ...)
	NOT-FOR-US: Taoensso Nippy
CVE-2020-24163
	RESERVED
CVE-2020-24162 (The Shenzhen Tencent app 5.8.2.5300 for PC platforms (from Tencent App ...)
	NOT-FOR-US: Shenzhen Tencent app
CVE-2020-24161 (Guangzhou NetEase Mail Master 4.14.1.1004 on Windows has a DLL hijacki ...)
	NOT-FOR-US: Guangzhou NetEase Mail Master
CVE-2020-24160 (Shenzhen Tencent TIM Windows client 3.0.0.21315 has a DLL hijacking vu ...)
	NOT-FOR-US: Shenzhen Tencent TIM Windows client
CVE-2020-24159 (NetEase Youdao Dictionary has a DLL hijacking vulnerability, which can ...)
	NOT-FOR-US: NetEase Youdao Dictionary
CVE-2020-24158 (360 Speed Browser 12.0.1247.0 has a DLL hijacking vulnerability, which ...)
	NOT-FOR-US: 360 Speed Browser
CVE-2020-24157
	RESERVED
CVE-2020-24156
	RESERVED
CVE-2020-24155
	RESERVED
CVE-2020-24154
	RESERVED
CVE-2020-24153
	RESERVED
CVE-2020-24152
	RESERVED
CVE-2020-24151
	RESERVED
CVE-2020-24150
	RESERVED
CVE-2020-24149 (Server-side request forgery (SSRF) in the Podcast Importer SecondLine  ...)
	NOT-FOR-US: Podcast Importer SecondLine (podcast-importer-secondline) plugin for WordPress
CVE-2020-24148 (Server-side request forgery (SSRF) in the Import XML and RSS Feeds (im ...)
	NOT-FOR-US: Import XML and RSS Feeds (import-xml-feed) plugin for WordPress
CVE-2020-24147 (Server-side request forgery (SSR) vulnerability in the WP Smart Import ...)
	NOT-FOR-US: WP Smart Import (wp-smart-import) plugin for WordPress
CVE-2020-24146 (Directory traversal in the CM Download Manager (aka cm-download-manage ...)
	NOT-FOR-US: CM Download Manager (aka cm-download- manager) plugin for WordPress
CVE-2020-24145 (Cross Site Scripting (XSS) vulnerability in the CM Download Manager (a ...)
	NOT-FOR-US: CM Download Manager (aka cm-download-manager) plugin for WordPress
CVE-2020-24144 (Directory traversal in the Media File Organizer (aka media-file-organi ...)
	NOT-FOR-US: Media File Organizer (aka media-file- organizer) plugin for WordPress
CVE-2020-24143 (Directory traversal in the Video Downloader for TikTok (aka downloader ...)
	NOT-FOR-US: Video Downloader for TikTok (aka downloader-tiktok) plugin for WordPress
CVE-2020-24142 (Server-side request forgery in the Video Downloader for TikTok (aka do ...)
	NOT-FOR-US: Video Downloader for TikTok (aka downloader-tiktok) plugin for WordPress
CVE-2020-24141 (Server-side request forgery in the WP-DownloadManager plugin 1.68.4 fo ...)
	NOT-FOR-US: WP-DownloadManager plugin for WordPress
CVE-2020-24140 (Server-side request forgery in Wcms 0.3.2 let an attacker send crafted ...)
	NOT-FOR-US: wmcs
CVE-2020-24139 (Server-side request forgery in Wcms 0.3.2 lets an attacker send crafte ...)
	NOT-FOR-US: wmcs
CVE-2020-24138 (Cross Site Scripting (XSS) vulnerability in wcms 0.3.2 allows remote a ...)
	NOT-FOR-US: wmcs
CVE-2020-24137 (Directory traversal vulnerability in Wcms 0.3.2 allows an attacker to  ...)
	NOT-FOR-US: wmcs
CVE-2020-24136 (Directory traversal in Wcms 0.3.2 allows an attacker to read arbitrary ...)
	NOT-FOR-US: wmcs
CVE-2020-24135 (A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in ...)
	NOT-FOR-US: wmcs
CVE-2020-24134
	RESERVED
CVE-2020-24133 (A heap buffer overflow vulnerability in the r_asm_swf_disass function  ...)
	NOT-FOR-US: radare2 extras
CVE-2020-24132
	RESERVED
CVE-2020-24131
	RESERVED
CVE-2020-24130 (A cross site request forgery (CSRF) vulnerability in the configure.htm ...)
	NOT-FOR-US: Ponzu CMS
CVE-2020-24129
	RESERVED
CVE-2020-24128
	RESERVED
CVE-2020-24127
	RESERVED
CVE-2020-24126
	RESERVED
CVE-2020-24125
	RESERVED
CVE-2020-24124
	RESERVED
CVE-2020-24123
	RESERVED
CVE-2020-24122
	RESERVED
CVE-2020-24121
	RESERVED
CVE-2020-24120
	RESERVED
CVE-2020-24119 (A heap buffer overflow read was discovered in upx 4.0.0, because the c ...)
	- upx-ucl <unfixed> (unimportant)
	NOTE: https://github.com/upx/upx/issues/388
	NOTE: https://github.com/upx/upx/commit/87b73e5cfdc12da94c251b2cd83bb01c7d9f616c
CVE-2020-24118
	RESERVED
CVE-2020-24117
	RESERVED
CVE-2020-24116
	RESERVED
CVE-2020-24115 (In projectworlds Online Book Store 1.0 Use of Hard-coded Credentials i ...)
	NOT-FOR-US: projectworlds Online Book Store
CVE-2020-24114
	RESERVED
CVE-2020-24113
	RESERVED
CVE-2020-24112
	RESERVED
CVE-2020-24111
	RESERVED
CVE-2020-24110
	RESERVED
CVE-2020-24109
	RESERVED
CVE-2020-24108
	RESERVED
CVE-2020-24107
	RESERVED
CVE-2020-24106
	RESERVED
CVE-2020-24105
	RESERVED
CVE-2020-24104 (XSS on the PIX-Link Repeater/Router LV-WR07 with firmware v28K.Router. ...)
	NOT-FOR-US: PIX-Link Repeater/Router LV-WR07
CVE-2020-24103
	RESERVED
CVE-2020-24102
	RESERVED
CVE-2020-24101
	RESERVED
CVE-2020-24100
	RESERVED
CVE-2020-24099
	RESERVED
CVE-2020-24098
	RESERVED
CVE-2020-24097
	RESERVED
CVE-2020-24096
	RESERVED
CVE-2020-24095
	RESERVED
CVE-2020-24094
	RESERVED
CVE-2020-24093
	RESERVED
CVE-2020-24092
	RESERVED
CVE-2020-24091
	RESERVED
CVE-2020-24090
	RESERVED
CVE-2020-24089
	RESERVED
CVE-2020-24088
	RESERVED
CVE-2020-24087
	RESERVED
CVE-2020-24086
	RESERVED
CVE-2020-24085 (A cross-site scripting (XSS) vulnerability exists in MISP v2.4.128 in  ...)
	NOT-FOR-US: MISP
CVE-2020-24084
	RESERVED
CVE-2020-24083
	RESERVED
CVE-2020-24082
	RESERVED
CVE-2020-24081
	RESERVED
CVE-2020-24080
	RESERVED
CVE-2020-24079
	RESERVED
CVE-2020-24078
	RESERVED
CVE-2020-24077
	RESERVED
CVE-2020-24076
	RESERVED
CVE-2020-24075
	RESERVED
CVE-2020-24074 (The decode program in silk-v3-decoder Version:20160922 Build By kn007  ...)
	NOT-FOR-US: silk-v3-decoder
CVE-2020-24073
	RESERVED
CVE-2020-24072
	RESERVED
CVE-2020-24071
	RESERVED
CVE-2020-24070
	RESERVED
CVE-2020-24069
	RESERVED
CVE-2020-24068
	RESERVED
CVE-2020-24067
	RESERVED
CVE-2020-24066
	RESERVED
CVE-2020-24065
	RESERVED
CVE-2020-24064
	RESERVED
CVE-2020-24063 (The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php? ...)
	NOT-FOR-US: Canto plugin for WordPress
CVE-2020-24062
	RESERVED
CVE-2020-24061
	RESERVED
CVE-2020-24060
	RESERVED
CVE-2020-24059
	RESERVED
CVE-2020-24058
	RESERVED
CVE-2020-24057 (The management website of the Verint S5120FD Verint_FW_0_42 unit featu ...)
	NOT-FOR-US: Verint
CVE-2020-24056 (A hardcoded credentials vulnerability exists in Verint 5620PTZ Verint_ ...)
	NOT-FOR-US: Verint
CVE-2020-24055 (Verint 5620PTZ Verint_FW_0_42 and Verint 4320 V4320_FW_0_23, and V4320 ...)
	NOT-FOR-US: Verint
CVE-2020-24054 (The administration console of the Moog EXO Series EXVF5C-2 and EXVP7C2 ...)
	NOT-FOR-US: Moog
CVE-2020-24053 (Moog EXO Series EXVF5C-2 and EXVP7C2-3 units have a hardcoded credenti ...)
	NOT-FOR-US: Moog
CVE-2020-24052 (Several XML External Entity (XXE) vulnerabilities in the Moog EXO Seri ...)
	NOT-FOR-US: Moog
CVE-2020-24051 (The Moog EXO Series EXVF5C-2 and EXVP7C2-3 units support the ONVIF int ...)
	NOT-FOR-US: Moog
CVE-2020-24050
	RESERVED
CVE-2020-24049
	RESERVED
CVE-2020-24048
	RESERVED
CVE-2020-24047
	RESERVED
CVE-2020-24046 (A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.0 ...)
	NOT-FOR-US: TitanHQ
CVE-2020-24045 (A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.0 ...)
	NOT-FOR-US: TitanHQ
CVE-2020-24044
	RESERVED
CVE-2020-24043
	RESERVED
CVE-2020-24042
	RESERVED
CVE-2020-24041
	RESERVED
CVE-2020-24040
	RESERVED
CVE-2020-24039
	RESERVED
CVE-2020-24038 (myFax version 229 logs sensitive information in the export log module  ...)
	NOT-FOR-US: myFax
CVE-2020-24037
	RESERVED
CVE-2020-24036 (PHP object injection in the Ajax endpoint of the backend in ForkCMS be ...)
	NOT-FOR-US: ForkCMS
CVE-2020-24035
	RESERVED
CVE-2020-24034 (Sagemcom F@ST 5280 routers using firmware version 1.150.61 have insecu ...)
	NOT-FOR-US: Sagemcom F@ST 5280 routers
CVE-2020-24033 (An issue was discovered in fs.com S3900 24T4S 1.7.0 and earlier. The f ...)
	NOT-FOR-US: fs.com S3900
CVE-2020-24032 (tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cm ...)
	NOT-FOR-US: XoruX LPAR2RRD and STOR2RRD
CVE-2020-24031
	RESERVED
CVE-2020-24030 (ForLogic Qualiex v1 and v3 has weak token expiration. This allows remo ...)
	NOT-FOR-US: ForLogic Qualiex
CVE-2020-24029 (Because of unauthenticated password changes in ForLogic Qualiex v1 and ...)
	NOT-FOR-US: ForLogic Qualiex
CVE-2020-24028 (ForLogic Qualiex v1 and v3 allows any authenticated customer to achiev ...)
	NOT-FOR-US: ForLogic Qualiex
CVE-2020-24027 (In Live Networks, Inc., liblivemedia version 20200625, there is a pote ...)
	- liblivemedia <removed>
	[buster] - liblivemedia <no-dsa> (Minor issue)
	[stretch] - liblivemedia <no-dsa> (Minor issue)
	NOTE: http://lists.live555.com/pipermail/live-devel/2020-July/021662.html
	NOTE: Fixed in 2020.07.09 upstream, cf.
	NOTE: http://www.live555.com/liveMedia/public/changelog.txt
CVE-2020-24026 (TinyShop, a free and open source mall based on RageFrame2, has a store ...)
	NOT-FOR-US: TinyShop
CVE-2020-24025 (Certificate validation in node-sass 2.0.0 to 4.14.1 is disabled when r ...)
	- node-node-sass <unfixed>
	[bullseye] - node-node-sass <ignored> (Minor issue)
	NOTE: https://github.com/sass/node-sass/pull/567#issuecomment-656609236
CVE-2020-24024
	RESERVED
CVE-2020-24023
	RESERVED
CVE-2020-24022
	RESERVED
CVE-2020-24021
	RESERVED
CVE-2020-24020 (Buffer Overflow vulnerability in FFMpeg 4.2.3 in dnn_execute_layer_pad ...)
	- ffmpeg 7:4.3.1-1
	[bullseye] - ffmpeg <not-affected> (Vulnerable code not present)
	[buster] - ffmpeg <not-affected> (Vulnerable code not present)
	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
	NOTE: https://trac.ffmpeg.org/ticket/8718
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=584f396132aa19d21bb1e38ad9a5d428869290cb
CVE-2020-24019
	RESERVED
CVE-2020-24018
	RESERVED
CVE-2020-24017
	RESERVED
CVE-2020-24016
	RESERVED
CVE-2020-24015
	RESERVED
CVE-2020-24014
	RESERVED
CVE-2020-24013
	RESERVED
CVE-2020-24012
	RESERVED
CVE-2020-24011
	RESERVED
CVE-2020-24010
	RESERVED
CVE-2020-24009
	RESERVED
CVE-2020-24008 (Umanni RH 1.0 has a user enumeration vulnerability. This issue occurs  ...)
	NOT-FOR-US: Umanni RH
CVE-2020-24007 (Umanni RH 1.0 does not limit the number of authentication attempts. An ...)
	NOT-FOR-US: Umanni RH
CVE-2020-24006
	RESERVED
CVE-2020-24005
	RESERVED
CVE-2020-24004
	RESERVED
CVE-2020-24003 (Microsoft Skype through 8.59.0.77 on macOS has the disable-library-val ...)
	NOT-FOR-US: Microsoft Skype on MacOS
CVE-2020-24002
	RESERVED
CVE-2020-24001
	RESERVED
CVE-2020-24000 (SQL Injection vulnerability in eyoucms cms v1.4.7, allows attackers to ...)
	NOT-FOR-US: eyoucms cms
CVE-2020-23999
	RESERVED
CVE-2020-23998
	RESERVED
CVE-2020-23997
	RESERVED
CVE-2020-23996 (A local file inclusion vulnerability in ILIAS before 5.3.19, 5.4.10 an ...)
	NOT-FOR-US: ILIAS
CVE-2020-23995 (An information disclosure vulnerability in ILIAS before 5.3.19, 5.4.12 ...)
	NOT-FOR-US: ILIAS
CVE-2020-23994
	RESERVED
CVE-2020-23993
	RESERVED
CVE-2020-23992
	RESERVED
CVE-2020-23991
	RESERVED
CVE-2020-23990
	RESERVED
CVE-2020-23989 (NeDi 1.9C allows pwsec.php oid XSS. ...)
	NOT-FOR-US: NeDi
CVE-2020-23988
	RESERVED
CVE-2020-23987
	RESERVED
CVE-2020-23986 (Github Read Me Stats commit 3c7220e4f7144f6cb068fd433c774f6db47ccb95 w ...)
	NOT-FOR-US: Github Read Me Stats
CVE-2020-23985
	RESERVED
CVE-2020-23984 (Online Hotel Booking System Pro PHP Version 1.3 has Persistent Cross-s ...)
	NOT-FOR-US: Online Hotel Booking System Pro PHP
CVE-2020-23983 (Michael-design iChat Realtime PHP Live Support System 1.6 has persiste ...)
	NOT-FOR-US: Michael-design iChat Realtime PHP Live Support System
CVE-2020-23982 (DesignMasterEvents Conference management 1.0.0 has cross site scriptin ...)
	NOT-FOR-US: DesignMasterEvents Conference management
CVE-2020-23981 (13enforme CMS 1.0 has Cross Site Scripting via the "content.php" id pa ...)
	NOT-FOR-US: 13enforme CMS
CVE-2020-23980 (DesignMasterEvents Conference management 1.0.0 allows SQL Injection vi ...)
	NOT-FOR-US: DesignMasterEvents Conference management
CVE-2020-23979 (13enforme CMS 1.0 has SQL Injection via the 'content.php' id parameter ...)
	NOT-FOR-US: 13enforme CMS
CVE-2020-23978 (SQL injection can occur in Soluzione Globale Ecommerce CMS v1 via the  ...)
	NOT-FOR-US: Soluzione Globale Ecommerce CMS
CVE-2020-23977 (KandNconcepts Club CMS 1.1 and 1.2 has cross site scripting via the 't ...)
	NOT-FOR-US: KandNconcepts Club CMS
CVE-2020-23976 (Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has SQL Injection  ...)
	NOT-FOR-US: Webexcels Ecommerce CMS
CVE-2020-23975 (Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has cross site scr ...)
	NOT-FOR-US: Webexcels Ecommerce CMS
CVE-2020-23974 (Create-Project Manager 1.07 has Multi Persistent Cross-site Scripting  ...)
	NOT-FOR-US: Create-Project Manager
CVE-2020-23973 (KandNconcepts Club CMS 1.1 and 1.2 has SQL Injection via the 'team.php ...)
	NOT-FOR-US: KandNconcepts Club CMS
CVE-2020-23972 (In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can  ...)
	NOT-FOR-US: Joomla Component GMapFP
CVE-2020-23971 (gmapfp.org Joomla Component GMapFP J3.30pro is affected by Insecure Pe ...)
	NOT-FOR-US: gmapfp.org Joomla Component GMapFP
CVE-2020-23970
	RESERVED
CVE-2020-23969
	RESERVED
CVE-2020-23968 (Ilex International Sign&amp;go Workstation Security Suite 7.1 allows e ...)
	NOT-FOR-US: Ilex International Sign&go Workstation Security Suite
CVE-2020-23967 (Dr.Web Security Space versions 11 and 12 allow elevation of privilege  ...)
	NOT-FOR-US: Dr.Web Security Space
CVE-2020-23966
	RESERVED
CVE-2020-23965
	RESERVED
CVE-2020-23964
	RESERVED
CVE-2020-23963
	RESERVED
CVE-2020-23962 (A cross site scripting (XSS) vulnerability in Catfish CMS 4.9.90 allow ...)
	NOT-FOR-US: Catfish CMS
CVE-2020-23961
	RESERVED
CVE-2020-23960 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Admi ...)
	NOT-FOR-US: Fork CMS
CVE-2020-23959
	RESERVED
CVE-2020-23958
	RESERVED
CVE-2020-23957 (Pega Platform through 8.4.x is affected by Cross Site Scripting (XSS)  ...)
	NOT-FOR-US: Pega Platform
CVE-2020-23956
	RESERVED
CVE-2020-23955
	RESERVED
CVE-2020-23954
	RESERVED
CVE-2020-23953
	RESERVED
CVE-2020-23952
	RESERVED
CVE-2020-23951
	RESERVED
CVE-2020-23950
	RESERVED
CVE-2020-23949
	RESERVED
CVE-2020-23948
	RESERVED
CVE-2020-23947
	RESERVED
CVE-2020-23946
	RESERVED
CVE-2020-23945 (A SQL injection vulnerability exists in Victor CMS V1.0 in the cat_id  ...)
	NOT-FOR-US: Victor CMS
CVE-2020-23944
	RESERVED
CVE-2020-23943
	RESERVED
CVE-2020-23942
	RESERVED
CVE-2020-23941
	RESERVED
CVE-2020-23940
	RESERVED
CVE-2020-23939
	RESERVED
CVE-2020-23938
	REJECTED
CVE-2020-23937
	RESERVED
CVE-2020-23936 (PHPGurukul Vehicle Parking Management System 1.0 is vulnerable to Auth ...)
	NOT-FOR-US: PHPGurukul Vehicle Parking Management System
CVE-2020-23935 (Kabir Alhasan Student Management System 1.0 is vulnerable to Authentic ...)
	NOT-FOR-US: Kabir Alhasan Student Management System
CVE-2020-23934 (An issue was discovered in RiteCMS 2.2.1. An authenticated user can di ...)
	NOT-FOR-US: RiteCMS
CVE-2020-23933
	REJECTED
CVE-2020-23932 (An issue was discovered in gpac before 1.0.1. A NULL pointer dereferen ...)
	- gpac 1.0.1+dfsg1-2 (bug #987374)
	[buster] - gpac <not-affected> (Vulnerable code not present)
	[stretch] - gpac <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/gpac/gpac/commit/ce01bd15f711d4575b7424b54b3a395ec64c1784
	NOTE: https://github.com/gpac/gpac/issues/1566
CVE-2020-23931 (An issue was discovered in gpac before 1.0.1. The abst_box_read functi ...)
	- gpac 1.0.1+dfsg1-2 (bug #987374)
	[buster] - gpac <not-affected> (Vulnerable code not present)
	[stretch] - gpac <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/gpac/gpac/commit/093283e727f396130651280609e687cd4778e0d1
	NOTE: https://github.com/gpac/gpac/issues/1564
	NOTE: https://github.com/gpac/gpac/issues/1567
CVE-2020-23930 (An issue was discovered in gpac through 20200801. A NULL pointer deref ...)
	- gpac 1.0.1+dfsg1-2 (bug #987374)
	[buster] - gpac <not-affected> (Vulnerable code not present)
	[stretch] - gpac <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/gpac/gpac/commit/9eeac00b38348c664dfeae2525bba0cf1bc32349
	NOTE: https://github.com/gpac/gpac/issues/1565
CVE-2020-23929
	RESERVED
CVE-2020-23928 (An issue was discovered in gpac before 1.0.1. The abst_box_read functi ...)
	- gpac 1.0.1+dfsg1-2 (bug #987374)
	[buster] - gpac <not-affected> (Vulnerable code not present)
	[stretch] - gpac <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/gpac/gpac/commit/8e05648d6b4459facbc783025c5c42d301fef5c3
	NOTE: https://github.com/gpac/gpac/issues/1568
	NOTE: https://github.com/gpac/gpac/issues/1569
CVE-2020-23927
	RESERVED
CVE-2020-23926
	RESERVED
CVE-2020-23925
	RESERVED
CVE-2020-23924
	RESERVED
CVE-2020-23923
	RESERVED
CVE-2020-23922 (An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif ...)
	- giflib <unfixed> (bug #988151)
	[bullseye] - giflib <no-dsa> (Minor issue)
	[buster] - giflib <no-dsa> (Minor issue)
	[stretch] - giflib <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/giflib/bugs/151/
CVE-2020-23921 (An issue was discovered in fast_ber through v0.4. yy::yylex() in asn_c ...)
	NOT-FOR-US: fast_ber
CVE-2020-23920
	RESERVED
CVE-2020-23919
	RESERVED
CVE-2020-23918
	RESERVED
CVE-2020-23917
	RESERVED
CVE-2020-23916
	RESERVED
CVE-2020-23915 (An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_es ...)
	TODO: retroarch and salmon embed peglib, check if it's actually a security issue
	NOTE: https://github.com/yhirose/cpp-peglib/commit/b3b29ce8f3acf3a32733d930105a17d7b0ba347e
	NOTE: https://github.com/yhirose/cpp-peglib/issues/122
CVE-2020-23914 (An issue was discovered in cpp-peglib through v0.1.12. A NULL pointer  ...)
	TODO: retroarch and salmon embed peglib, check if it's actually a security issue
	NOTE: https://github.com/yhirose/cpp-peglib/commit/0061f393de54cf0326621c079dc2988336d1ebb3
	NOTE: https://github.com/yhirose/cpp-peglib/issues/121
CVE-2020-23913
	RESERVED
CVE-2020-23912 (An issue was discovered in Bento4 through v1.6.0-637. A NULL pointer d ...)
	NOT-FOR-US: Bento4
CVE-2020-23911
	RESERVED
CVE-2020-23910
	RESERVED
CVE-2020-23909
	RESERVED
CVE-2020-23908
	RESERVED
CVE-2020-23907 (An issue was discovered in retdec v3.3. In function canSplitFunctionOn ...)
	NOT-FOR-US: retdec
CVE-2020-23906 (FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of servi ...)
	- ffmpeg 7:4.3.1-1
	[buster] - ffmpeg <not-affected> (Vulnerable code introduced later)
	[stretch] - ffmpeg <not-affected> (Vulnerable code introduced later)
	NOTE: Regressed since: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=e045be92cdf5a2851900e8e85b815c29ae6f100a (n4.3)
	NOTE: Fixed by: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=ec59dc73f0cc8930bf5dae389cd76d049d537ca7 (n4.4)
	NOTE: Fixed by: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=be84216c53a4ed81573c82320e9c4a20e9b349d9 (n4.3.1)
CVE-2020-23905
	RESERVED
CVE-2020-23904 (** DISPUTED ** A stack buffer overflow in speexenc.c of Speex v1.2 all ...)
	- speex <unfixed>
	[bullseye] - speex <no-dsa> (Minor issue)
	[buster] - speex <no-dsa> (Minor issue)
	[stretch] - speex <no-dsa> (Minor issue)
	NOTE: https://github.com/xiph/speex/issues/14
CVE-2020-23903 (A Divide by Zero vulnerability in the function static int read_samples ...)
	- speex <unfixed>
	[bullseye] - speex <no-dsa> (Minor issue)
	[buster] - speex <no-dsa> (Minor issue)
	[stretch] - speex <no-dsa> (Minor issue)
	NOTE: https://github.com/xiph/speex/issues/13
CVE-2020-23902 (A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a d ...)
	NOT-FOR-US: WildBit Viewer
CVE-2020-23901 (A User Mode Write AV in Editor+0x5d15 of WildBit Viewer v6.6 allows at ...)
	NOT-FOR-US: WildBit Viewer
CVE-2020-23900 (A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a d ...)
	NOT-FOR-US: WildBit Viewer
CVE-2020-23899 (A User Mode Write AV in Editor+0x5f91 of WildBit Viewer v6.6 allows at ...)
	NOT-FOR-US: WildBit Viewer
CVE-2020-23898 (A User Mode Write AV in Editor+0x5ea2 of WildBit Viewer v6.6 allows at ...)
	NOT-FOR-US: WildBit Viewer
CVE-2020-23897 (A User Mode Write AV in Editor!TMethodImplementationIntercept+0x54dcec ...)
	NOT-FOR-US: WildBit Viewer
CVE-2020-23896 (A User Mode Write AV in Editor+0x576b of WildBit Viewer v6.6 allows at ...)
	NOT-FOR-US: WildBit Viewer
CVE-2020-23895 (A User Mode Write AV in Editor+0x76af of WildBit Viewer v6.6 allows at ...)
	NOT-FOR-US: WildBit Viewer
CVE-2020-23894 (A User Mode Write AV in ntdll!RtlpCoalesceFreeBlocks+0x268 of WildBit  ...)
	NOT-FOR-US: WildBit Viewer
CVE-2020-23893 (A User Mode Write AV in Editor!TMethodImplementationIntercept+0x3c3682 ...)
	NOT-FOR-US: WildBit Viewer
CVE-2020-23892
	RESERVED
CVE-2020-23891 (A User Mode Write AV in Editor+0x5cd7 of WildBit Viewer v6.6 allows at ...)
	NOT-FOR-US: WildBit Viewer
CVE-2020-23890 (A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a d ...)
	NOT-FOR-US: WildBit Viewer
CVE-2020-23889 (A User Mode Write AV starting at Editor!TMethodImplementationIntercept ...)
	NOT-FOR-US: WildBit Viewer
CVE-2020-23888 (A User Mode Write AV in Editor!TMethodImplementationIntercept+0x53f6c3 ...)
	NOT-FOR-US: WildBit Viewer
CVE-2020-23887 (XnView MP v0.96.4 was discovered to contain a heap overflow which allo ...)
	NOT-FOR-US: XnView MP
CVE-2020-23886 (XnView MP v0.96.4 was discovered to contain a heap overflow which allo ...)
	NOT-FOR-US: XnView MP
CVE-2020-23885
	RESERVED
CVE-2020-23884 (A buffer overflow in Nomacs v3.15.0 allows attackers to cause a denial ...)
	- nomacs <unfixed>
	[buster] - nomacs <no-dsa> (Minor issue)
	[stretch] - nomacs <no-dsa> (Minor issue)
	NOTE: https://github.com/nomacs/nomacs/issues/516
CVE-2020-23883
	RESERVED
CVE-2020-23882
	RESERVED
CVE-2020-23881
	RESERVED
CVE-2020-23880
	RESERVED
CVE-2020-23879 (pdf2json v0.71 was discovered to contain a NULL pointer dereference in ...)
	NOT-FOR-US: pdf2json
	NOTE: pdf2json bundles a 14 year old xpdf release (3.0.2), there's no point in
	NOTE: tracking whether this affects src:poppler
CVE-2020-23878 (pdf2json v0.71 was discovered to contain a stack buffer overflow in th ...)
	NOT-FOR-US: pdf2json
	NOTE: pdf2json bundles a 14 year old xpdf release (3.0.2), there's no point in
	NOTE: tracking whether this affects src:poppler
CVE-2020-23877 (pdf2xml v2.0 was discovered to contain a stack buffer overflow in the  ...)
	NOT-FOR-US: pdf2xml
CVE-2020-23876 (pdf2xml v2.0 was discovered to contain a memory leak in the function T ...)
	NOT-FOR-US: pdf2xml
CVE-2020-23875
	RESERVED
CVE-2020-23874 (pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the f ...)
	NOT-FOR-US: pdf2xml
CVE-2020-23873 (pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the f ...)
	NOT-FOR-US: pdf2xml
CVE-2020-23872 (A NULL pointer dereference in the function TextPage::restoreState of p ...)
	NOT-FOR-US: pdf2xml
CVE-2020-23871
	RESERVED
CVE-2020-23870
	RESERVED
CVE-2020-23869
	RESERVED
CVE-2020-23868 (NeDi 1.9C allows inc/rt-popup.php d XSS. ...)
	NOT-FOR-US: NeDi
CVE-2020-23867
	RESERVED
CVE-2020-23866
	RESERVED
CVE-2020-23865
	RESERVED
CVE-2020-23864 (An issue exits in IOBit Malware Fighter version 8.0.2.547. Local escal ...)
	NOT-FOR-US: IOBit Malware Fighter
CVE-2020-23863
	RESERVED
CVE-2020-23862
	RESERVED
CVE-2020-23861 (A heap-based buffer overflow vulnerability exists in LibreDWG 0.10.1 v ...)
	- libredwg <itp> (bug #595191)
CVE-2020-23860
	RESERVED
CVE-2020-23859
	RESERVED
CVE-2020-23858
	RESERVED
CVE-2020-23857
	RESERVED
CVE-2020-23856 (Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, ...)
	- cflow 1:1.6-6 (unimportant; bug #988985)
	NOTE: https://lists.gnu.org/archive/html/bug-cflow/2020-07/msg00000.html
	NOTE: https://git.savannah.gnu.org/cgit/cflow.git/commit/?id=b9a7cd5e9d4efb54141dd0d11c319bb97a4600c6
	NOTE: Crash in CLI tool, no security impact
CVE-2020-23855
	RESERVED
CVE-2020-23854
	RESERVED
CVE-2020-23853
	RESERVED
CVE-2020-23852 (A heap based buffer overflow vulnerability exists in ffjpeg through 20 ...)
	NOT-FOR-US: ffjpeg
CVE-2020-23851 (A stack-based buffer overflow vulnerability exists in ffjpeg through 2 ...)
	NOT-FOR-US: ffjpeg
CVE-2020-23850
	RESERVED
CVE-2020-23849 (Stored XSS was discovered in the tree mode of jsoneditor before 9.0.2  ...)
	NOT-FOR-US: jsoneditor
CVE-2020-23848
	RESERVED
CVE-2020-23847
	RESERVED
CVE-2020-23846
	RESERVED
CVE-2020-23845
	RESERVED
CVE-2020-23844
	RESERVED
CVE-2020-23843
	RESERVED
CVE-2020-23842
	RESERVED
CVE-2020-23841
	RESERVED
CVE-2020-23840
	RESERVED
CVE-2020-23839 (A Reflected Cross-Site Scripting (XSS) vulnerability in GetSimple CMS  ...)
	NOT-FOR-US: GetSimple CMS
CVE-2020-23838
	RESERVED
CVE-2020-23837 (A Cross-Site Request Forgery (CSRF) vulnerability in the Multi User pl ...)
	NOT-FOR-US: GetSimple CMS
CVE-2020-23836 (A Cross-Site Request Forgery (CSRF) vulnerability in edit_user.php in  ...)
	NOT-FOR-US: OSWAPP Warehouse Inventory System
CVE-2020-23835 (A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php  ...)
	NOT-FOR-US: SourceCodester Tailor Management System
CVE-2020-23834 (Insecure Service File Permissions in the bd service in Real Time Logic ...)
	NOT-FOR-US: Real Time Logic BarracudaDrive
CVE-2020-23833 (Projectworlds House Rental v1.0 suffers from an unauthenticated SQL In ...)
	NOT-FOR-US: Projectworlds House Rental
CVE-2020-23832 (A Persistent Cross-Site Scripting (XSS) vulnerability in message_admin ...)
	NOT-FOR-US: Projectworlds Car Rental Management System
CVE-2020-23831 (A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php  ...)
	NOT-FOR-US: SourceCodester Stock Management System
CVE-2020-23830 (A Cross-Site Request Forgery (CSRF) vulnerability in changeUsername.ph ...)
	NOT-FOR-US: SourceCodester Stock Management System
CVE-2020-23829 (interface/new/new_comprehensive_save.php in LibreHealth EHR 2.0.0 suff ...)
	NOT-FOR-US: LibreHealth EHR
CVE-2020-23828 (A File Upload vulnerability in SourceCodester Online Course Registrati ...)
	NOT-FOR-US: SourceCodester Online Course Registration
CVE-2020-23827
	RESERVED
CVE-2020-23826 (** DISPUTED ** The Yale WIPC-303W 2.21 through 2.31 camera is vulnerab ...)
	NOT-FOR-US: Yale WIPC-303W camera
CVE-2020-23825
	RESERVED
CVE-2020-23824 (ArGo Soft Mail Server 1.8.8.9 is affected by Cross Site Request Forger ...)
	NOT-FOR-US: ArGo Soft Mail Server
CVE-2020-23823
	RESERVED
CVE-2020-23822
	RESERVED
CVE-2020-23821
	RESERVED
CVE-2020-23820
	RESERVED
CVE-2020-23819
	RESERVED
CVE-2020-23818
	RESERVED
CVE-2020-23817
	RESERVED
CVE-2020-23816
	RESERVED
CVE-2020-23815
	RESERVED
CVE-2020-23814 (Multiple cross-site scripting (XSS) vulnerabilities in xxl-job v2.2.0  ...)
	NOT-FOR-US: xxl-job
CVE-2020-23813
	RESERVED
CVE-2020-23812
	RESERVED
CVE-2020-23811 (xxl-job 2.2.0 allows Information Disclosure of username, model, and pa ...)
	NOT-FOR-US: xxl-job
CVE-2020-23810
	RESERVED
CVE-2020-23809
	RESERVED
CVE-2020-23808
	RESERVED
CVE-2020-23807
	RESERVED
CVE-2020-23806
	RESERVED
CVE-2020-23805
	RESERVED
CVE-2020-23804
	RESERVED
CVE-2020-23803
	RESERVED
CVE-2020-23802
	RESERVED
CVE-2020-23801
	RESERVED
CVE-2020-23800
	RESERVED
CVE-2020-23799
	RESERVED
CVE-2020-23798
	RESERVED
CVE-2020-23797
	RESERVED
CVE-2020-23796
	RESERVED
CVE-2020-23795
	RESERVED
CVE-2020-23794
	RESERVED
CVE-2020-23793
	RESERVED
CVE-2020-23792
	RESERVED
CVE-2020-23791
	RESERVED
CVE-2020-23790 (An Arbitrary File Upload vulnerability was discovered in the Golo Lara ...)
	NOT-FOR-US: Golo Laravel theme
CVE-2020-23789
	RESERVED
CVE-2020-23788
	RESERVED
CVE-2020-23787
	RESERVED
CVE-2020-23786
	RESERVED
CVE-2020-23785
	RESERVED
CVE-2020-23784
	RESERVED
CVE-2020-23783
	RESERVED
CVE-2020-23782
	RESERVED
CVE-2020-23781
	RESERVED
CVE-2020-23780
	RESERVED
CVE-2020-23779
	RESERVED
CVE-2020-23778
	RESERVED
CVE-2020-23777
	RESERVED
CVE-2020-23776 (A SSRF vulnerability exists in Winmail 6.5 in app.php in the key param ...)
	NOT-FOR-US: Winmail
CVE-2020-23775
	RESERVED
CVE-2020-23774 (A reflected XSS vulnerability exists in tohtml/convert.php of Winmail  ...)
	NOT-FOR-US: Winmail
CVE-2020-23773
	RESERVED
CVE-2020-23772
	RESERVED
CVE-2020-23771
	RESERVED
CVE-2020-23770
	RESERVED
CVE-2020-23769
	RESERVED
CVE-2020-23768 (An information disclosure vulnerability was discovered in alipay_funct ...)
	NOT-FOR-US: Alibaba payment interface on PHPPYUN
CVE-2020-23767
	RESERVED
CVE-2020-23766 (An arbitrary file deletion vulnerability was discovered on htmly v2.7. ...)
	NOT-FOR-US: htmly
CVE-2020-23765 (A file upload vulnerability was discovered in the file path /bl-plugin ...)
	NOT-FOR-US: Bludit
CVE-2020-23764
	RESERVED
CVE-2020-23763 (SQL injection in admin.php in Online Book Store 1.0 allows remote atta ...)
	NOT-FOR-US: Online Book Store
CVE-2020-23762 (Cross Site Scripting (XSS) vulnerability in the Larsens Calender plugi ...)
	NOT-FOR-US: Larsens calendar
CVE-2020-23761 (Cross Site Scripting (XSS) vulnerability in subrion CMS Version &lt;=  ...)
	NOT-FOR-US: subrion CMS
CVE-2020-23760
	RESERVED
CVE-2020-23759
	RESERVED
CVE-2020-23758
	RESERVED
CVE-2020-23757
	RESERVED
CVE-2020-23756
	RESERVED
CVE-2020-23755
	RESERVED
CVE-2020-23754 (Cross Site Scripting (XSS) vulnerability in infusions/member_poll_pane ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-23753
	RESERVED
CVE-2020-23752
	RESERVED
CVE-2020-23751
	RESERVED
CVE-2020-23750
	RESERVED
CVE-2020-23749
	RESERVED
CVE-2020-23748
	RESERVED
CVE-2020-23747
	RESERVED
CVE-2020-23746
	RESERVED
CVE-2020-23745
	RESERVED
CVE-2020-23744
	RESERVED
CVE-2020-23743
	RESERVED
CVE-2020-23742
	RESERVED
CVE-2020-23741 (In AnyView (network police) network monitoring software 4.6.0.1, there ...)
	NOT-FOR-US: AnyView (network police) network monitoring software
CVE-2020-23740 (In DriverGenius 9.61.5480.28 there is a local privilege escalation vul ...)
	NOT-FOR-US: DriverGenius
CVE-2020-23739
	RESERVED
CVE-2020-23738 (There is a local denial of service vulnerability in Advanced SystemCar ...)
	NOT-FOR-US: Advanced SystemCare
CVE-2020-23737
	RESERVED
CVE-2020-23736 (There is a local denial of service vulnerability in DaDa accelerator 5 ...)
	NOT-FOR-US: DaDa accelerator
CVE-2020-23735 (In Saibo Cyber Game Accelerator 3.7.9 there is a local privilege escal ...)
	NOT-FOR-US: Saibo Cyber Game Accelerator
CVE-2020-23734
	RESERVED
CVE-2020-23733
	RESERVED
CVE-2020-23732
	RESERVED
CVE-2020-23731
	RESERVED
CVE-2020-23730
	RESERVED
CVE-2020-23729
	RESERVED
CVE-2020-23728
	RESERVED
CVE-2020-23727 (There is a local denial of service vulnerability in the Antiy Zhijia T ...)
	NOT-FOR-US: Antiy Zhijia Terminal Defense System
CVE-2020-23726 (There is a local denial of service vulnerability in Wise Care 365 5.5. ...)
	NOT-FOR-US: Wise Care 365
CVE-2020-23725
	RESERVED
CVE-2020-23724
	RESERVED
CVE-2020-23723
	RESERVED
CVE-2020-23722 (An issue was discovered in FUEL CMS 1.4.7. There is a escalation of pr ...)
	NOT-FOR-US: FUEL CMS
CVE-2020-23721 (An issue was discovered in FUEL CMS V1.4.7. An attacker can use a XSS  ...)
	NOT-FOR-US: FUEL CMS
CVE-2020-23720
	RESERVED
CVE-2020-23719 (Cross site scripting (XSS) vulnerability in application/controllers/Ad ...)
	NOT-FOR-US: xujinliang zibbs
CVE-2020-23718 (Cross site scripting (XSS) vulnerability in xujinliang zibbs 1.0, allo ...)
	NOT-FOR-US: xujinliang zibbs
CVE-2020-23717
	RESERVED
CVE-2020-23716
	RESERVED
CVE-2020-23715 (Directory Traversal vulnerability in Webport CMS 1.19.10.17121 via the ...)
	NOT-FOR-US: Webport
CVE-2020-23714
	RESERVED
CVE-2020-23713
	RESERVED
CVE-2020-23712
	RESERVED
CVE-2020-23711 (SQL Injection vulnerability in NavigateCMS 2.9 via the URL encoded GET ...)
	NOT-FOR-US: NavigateCMS
CVE-2020-23710 (Cross Site Scripting (XSS) vulneraiblity in LimeSurvey 4.2.5 on textbo ...)
	- limesurvey <itp> (bug #472802)
CVE-2020-23709
	RESERVED
CVE-2020-23708
	RESERVED
CVE-2020-23707 (A heap-based buffer overflow vulnerability in the function ok_jpg_deco ...)
	NOT-FOR-US: ok-file-formats
CVE-2020-23706 (A heap-based buffer overflow vulnerability in the function ok_jpg_deco ...)
	NOT-FOR-US: ok-file-formats
CVE-2020-23705 (A global buffer overflow vulnerability in jfif_encode at jfif.c:701 of ...)
	NOT-FOR-US: ffjpeg
CVE-2020-23704
	RESERVED
CVE-2020-23703
	RESERVED
CVE-2020-23702 (Cross Site Scripting (XSS) vulnerability in PHP-Fusion 9.03.60 via 'Ne ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-23701
	RESERVED
CVE-2020-23700 (Cross Site Scripting (XSS) vulnerability in LavaLite-CMS 5.8.0 via the ...)
	NOT-FOR-US: LavaLite-CMS
CVE-2020-23699
	RESERVED
CVE-2020-23698
	RESERVED
CVE-2020-23697 (Cross Site Scripting vulnerabilty in Monstra CMS 3.0.4 via the page fe ...)
	NOT-FOR-US: Monstra CMS
CVE-2020-23696
	RESERVED
CVE-2020-23695
	RESERVED
CVE-2020-23694
	RESERVED
CVE-2020-23693
	RESERVED
CVE-2020-23692
	RESERVED
CVE-2020-23691 (YFCMF v2.3.1 has a Remote Command Execution (RCE) vulnerability in the ...)
	NOT-FOR-US: YFCMF
CVE-2020-23690
	RESERVED
CVE-2020-23689 (In YFCMF v2.3.1, there is a stored XSS vulnerability in the comments s ...)
	NOT-FOR-US: YFCMF
CVE-2020-23688
	RESERVED
CVE-2020-23687
	RESERVED
CVE-2020-23686 (Cross site request forgery (CSRF) vulnerability in AyaCMS 3.1.2 allows ...)
	NOT-FOR-US: AyaCMS
CVE-2020-23685 (SQL Injection vulnerability in 188Jianzhan v2.1.0, allows attackers to ...)
	NOT-FOR-US: 188Jianzhan
CVE-2020-23684
	RESERVED
CVE-2020-23683
	RESERVED
CVE-2020-23682
	RESERVED
CVE-2020-23681
	RESERVED
CVE-2020-23680 (An issue was discovered in function StartPage in text2pdf.c in pdfcorn ...)
	NOT-FOR-US: pdfcorner text2pdf
CVE-2020-23679 (Buffer overflow vulnerability in Renleilei1992 Linux_Network_Project 1 ...)
	NOT-FOR-US: Renleilei1992 Linux_Network_Project
CVE-2020-23678
	RESERVED
CVE-2020-23677
	RESERVED
CVE-2020-23676
	RESERVED
CVE-2020-23675
	RESERVED
CVE-2020-23674
	RESERVED
CVE-2020-23673
	RESERVED
CVE-2020-23672
	RESERVED
CVE-2020-23671
	RESERVED
CVE-2020-23670
	RESERVED
CVE-2020-23669
	RESERVED
CVE-2020-23668
	RESERVED
CVE-2020-23667
	RESERVED
CVE-2020-23666
	RESERVED
CVE-2020-23665
	RESERVED
CVE-2020-23664
	RESERVED
CVE-2020-23663
	RESERVED
CVE-2020-23662
	RESERVED
CVE-2020-23661
	RESERVED
CVE-2020-23660 (webTareas v2.1 is affected by Cross Site Scripting (XSS) on "Search." ...)
	NOT-FOR-US: webTareas
CVE-2020-23659 (WebPort-v1.19.17121 is affected by Cross Site Scripting (XSS) on the " ...)
	NOT-FOR-US: WebPort
CVE-2020-23658 (PHP-Fusion 9.03.60 is affected by Cross Site Scripting (XSS) via infus ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-23657 (NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "C ...)
	NOT-FOR-US: NavigateCMS
CVE-2020-23656 (NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "C ...)
	NOT-FOR-US: NavigateCMS
CVE-2020-23655 (NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "C ...)
	NOT-FOR-US: NavigateCMS
CVE-2020-23654 (NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) via the modu ...)
	NOT-FOR-US: NavigateCMS
CVE-2020-23653 (An insecure unserialize vulnerability was discovered in ThinkAdmin ver ...)
	NOT-FOR-US: ThinkAdmin
CVE-2020-23652
	RESERVED
CVE-2020-23651
	RESERVED
CVE-2020-23650
	RESERVED
CVE-2020-23649
	RESERVED
CVE-2020-23648
	RESERVED
CVE-2020-23647
	RESERVED
CVE-2020-23646
	RESERVED
CVE-2020-23645
	RESERVED
CVE-2020-23644 (XSS exists in JIZHICMS 1.7.1 via index.php/Error/index?msg={XSS] to Ho ...)
	NOT-FOR-US: JIZHICMS
CVE-2020-23643 (XSS exists in JIZHICMS 1.7.1 via index.php/Wechat/checkWeixin?signatur ...)
	NOT-FOR-US: JIZHICMS
CVE-2020-23642
	RESERVED
CVE-2020-23641
	RESERVED
CVE-2020-23640
	RESERVED
CVE-2020-23639 (A command injection vulnerability exists in Moxa Inc VPort 461 Series  ...)
	NOT-FOR-US: Moxa
CVE-2020-23638
	RESERVED
CVE-2020-23637
	RESERVED
CVE-2020-23636
	RESERVED
CVE-2020-23635
	RESERVED
CVE-2020-23634
	RESERVED
CVE-2020-23633
	RESERVED
CVE-2020-23632
	RESERVED
CVE-2020-23631 (Cross-site request forgery (CSRF) in admin/global/manage.php in WDJA C ...)
	NOT-FOR-US: WDJA CMS
CVE-2020-23630 (A blind SQL injection vulnerability exists in zzcms ver201910 based on ...)
	NOT-FOR-US: zzcms
CVE-2020-23629
	RESERVED
CVE-2020-23628
	RESERVED
CVE-2020-23627
	RESERVED
CVE-2020-23626
	RESERVED
CVE-2020-23625
	RESERVED
CVE-2020-23624
	RESERVED
CVE-2020-23623
	RESERVED
CVE-2020-23622
	RESERVED
CVE-2020-23621
	RESERVED
CVE-2020-23620
	RESERVED
CVE-2020-23619
	RESERVED
CVE-2020-23618
	RESERVED
CVE-2020-23617
	RESERVED
CVE-2020-23616
	RESERVED
CVE-2020-23615
	RESERVED
CVE-2020-23614
	RESERVED
CVE-2020-23613
	RESERVED
CVE-2020-23612
	RESERVED
CVE-2020-23611
	RESERVED
CVE-2020-23610
	RESERVED
CVE-2020-23609
	RESERVED
CVE-2020-23608
	RESERVED
CVE-2020-23607
	RESERVED
CVE-2020-23606
	RESERVED
CVE-2020-23605
	RESERVED
CVE-2020-23604
	RESERVED
CVE-2020-23603
	RESERVED
CVE-2020-23602
	RESERVED
CVE-2020-23601
	RESERVED
CVE-2020-23600
	RESERVED
CVE-2020-23599
	RESERVED
CVE-2020-23598
	RESERVED
CVE-2020-23597
	RESERVED
CVE-2020-23596
	RESERVED
CVE-2020-23595
	RESERVED
CVE-2020-23594
	RESERVED
CVE-2020-23593
	RESERVED
CVE-2020-23592
	RESERVED
CVE-2020-23591
	RESERVED
CVE-2020-23590
	RESERVED
CVE-2020-23589
	RESERVED
CVE-2020-23588
	RESERVED
CVE-2020-23587
	RESERVED
CVE-2020-23586
	RESERVED
CVE-2020-23585
	RESERVED
CVE-2020-23584
	RESERVED
CVE-2020-23583
	RESERVED
CVE-2020-23582
	RESERVED
CVE-2020-23581
	RESERVED
CVE-2020-23580 (Remote Code Execution vulnerability in PbootCMS 2.0.8 in the message b ...)
	NOT-FOR-US: PbootCMS
CVE-2020-23579
	RESERVED
CVE-2020-23578
	RESERVED
CVE-2020-23577
	RESERVED
CVE-2020-23576 (Laborator Neon dashboard v3 is affected by stored Cross Site Scripting ...)
	NOT-FOR-US: Laborator Neon dashboard
CVE-2020-23575 (A directory traversal vulnerability exists in Kyocera Printer d-COPIA2 ...)
	NOT-FOR-US: Kyocera
CVE-2020-23574 (When uploading a file in Sysax Multi Server 6.90, an authenticated use ...)
	NOT-FOR-US: Sysax Multi Server
CVE-2020-23573
	RESERVED
CVE-2020-23572 (BEESCMS v4.0 was discovered to contain an arbitrary file upload vulner ...)
	NOT-FOR-US: BEESCMS
CVE-2020-23571
	RESERVED
CVE-2020-23570
	RESERVED
CVE-2020-23569
	RESERVED
CVE-2020-23568
	RESERVED
CVE-2020-23567 (Irfanview v4.53 allows attackers to to cause a denial of service (DoS) ...)
	NOT-FOR-US: Irfanview
CVE-2020-23566 (Irfanview v4.53 was discovered to contain an infinity loop via JPEG200 ...)
	NOT-FOR-US: Irfanview
CVE-2020-23565 (Irfanview v4.53 allows attackers to execute arbitrary code via a craft ...)
	NOT-FOR-US: Irfanview
CVE-2020-23564
	RESERVED
CVE-2020-23563
	RESERVED
CVE-2020-23562
	RESERVED
CVE-2020-23561
	RESERVED
CVE-2020-23560
	RESERVED
CVE-2020-23559
	RESERVED
CVE-2020-23558
	RESERVED
CVE-2020-23557
	RESERVED
CVE-2020-23556
	RESERVED
CVE-2020-23555
	RESERVED
CVE-2020-23554
	RESERVED
CVE-2020-23553
	RESERVED
CVE-2020-23552
	RESERVED
CVE-2020-23551
	RESERVED
CVE-2020-23550
	RESERVED
CVE-2020-23549 (IrfanView 4.54 allows attackers to cause a denial of service or possib ...)
	NOT-FOR-US: IrfanView
CVE-2020-23548
	RESERVED
CVE-2020-23547
	RESERVED
CVE-2020-23546 (IrfanView 4.54 allows attackers to cause a denial of service or possib ...)
	NOT-FOR-US: IrfanView
CVE-2020-23545 (IrfanView 4.54 allows a user-mode write access violation starting at F ...)
	NOT-FOR-US: IrfanView
CVE-2020-23544
	RESERVED
CVE-2020-23543
	RESERVED
CVE-2020-23542
	RESERVED
CVE-2020-23541
	RESERVED
CVE-2020-23540
	RESERVED
CVE-2020-23539 (An issue was discovered in Realtek rtl8723de BLE Stack &lt;= 4.1 that  ...)
	NOT-FOR-US: Realtek
CVE-2020-23538
	RESERVED
CVE-2020-23537
	RESERVED
CVE-2020-23536
	RESERVED
CVE-2020-23535
	RESERVED
CVE-2020-23534 (A server-side request forgery (SSRF) vulnerability in Upgrade.php of g ...)
	NOT-FOR-US: gopeak masterlab
CVE-2020-23533 (Union Pay up to 1.2.0, for web based versions contains a CWE-347: Impr ...)
	NOT-FOR-US: Union Pay
CVE-2020-23532
	RESERVED
CVE-2020-23531
	RESERVED
CVE-2020-23530
	RESERVED
CVE-2020-23529
	RESERVED
CVE-2020-23528
	RESERVED
CVE-2020-23527
	RESERVED
CVE-2020-23526
	RESERVED
CVE-2020-23525
	RESERVED
CVE-2020-23524
	RESERVED
CVE-2020-23523
	RESERVED
CVE-2020-23522 (Pixelimity 1.0 has cross-site request forgery via the admin/setting.ph ...)
	NOT-FOR-US: Pixelimity
CVE-2020-23521
	RESERVED
CVE-2020-23520 (imcat 5.2 allows an authenticated file upload and consequently remote  ...)
	NOT-FOR-US: imcat
CVE-2020-23519
	RESERVED
CVE-2020-23518 (Cross Site Scripting (XSS) vulnerability in UltimateKode Neo Billing - ...)
	NOT-FOR-US: UltimateKode Neo Billing - Accounting, Invoicing And CRM Software
CVE-2020-23517 (Cross Site Scripting (XSS) vulnerability in Aryanic HighMail (High CMS ...)
	NOT-FOR-US: Aryanic HighMail (High CMS)
CVE-2020-23516
	RESERVED
CVE-2020-23515
	RESERVED
CVE-2020-23514
	RESERVED
CVE-2020-23513
	RESERVED
CVE-2020-23512 (VR CAM P1 Model P1 v1 has an incorrect access control vulnerability wh ...)
	NOT-FOR-US: VR CAM P1 Model P1
CVE-2020-23511
	RESERVED
CVE-2020-23510
	RESERVED
CVE-2020-23509
	RESERVED
CVE-2020-23508
	RESERVED
CVE-2020-23507
	RESERVED
CVE-2020-23506
	RESERVED
CVE-2020-23505
	RESERVED
CVE-2020-23504
	RESERVED
CVE-2020-23503
	RESERVED
CVE-2020-23502
	RESERVED
CVE-2020-23501
	RESERVED
CVE-2020-23500
	RESERVED
CVE-2020-23499
	RESERVED
CVE-2020-23498
	RESERVED
CVE-2020-23497
	RESERVED
CVE-2020-23496
	RESERVED
CVE-2020-23495
	RESERVED
CVE-2020-23494
	RESERVED
CVE-2020-23493
	RESERVED
CVE-2020-23492
	RESERVED
CVE-2020-23491
	RESERVED
CVE-2020-23490 (There was a local file disclosure vulnerability in AVideo &lt; 8.9 via ...)
	NOT-FOR-US: AVideo
CVE-2020-23489 (The import.json.php file before 8.9 for Avideo is vulnerable to a File ...)
	NOT-FOR-US: AVideo
CVE-2020-23488
	RESERVED
CVE-2020-23487
	RESERVED
CVE-2020-23486
	RESERVED
CVE-2020-23485
	RESERVED
CVE-2020-23484
	RESERVED
CVE-2020-23483
	RESERVED
CVE-2020-23482
	RESERVED
CVE-2020-23481 (CMS Made Simple 2.2.14 was discovered to contain a cross-site scriptin ...)
	NOT-FOR-US: CMS Made Simple
CVE-2020-23480
	RESERVED
CVE-2020-23479
	RESERVED
CVE-2020-23478 (Leo Editor v6.2.1 was discovered to contain a regular expression denia ...)
	NOT-FOR-US: Leo Editor
CVE-2020-23477
	RESERVED
CVE-2020-23476
	RESERVED
CVE-2020-23475
	RESERVED
CVE-2020-23474
	RESERVED
CVE-2020-23473
	RESERVED
CVE-2020-23472
	RESERVED
CVE-2020-23471
	RESERVED
CVE-2020-23470
	RESERVED
CVE-2020-23469 (gmate v0.12+bionic contains a regular expression denial of service (Re ...)
	NOT-FOR-US: gmate
CVE-2020-23468
	RESERVED
CVE-2020-23467
	RESERVED
CVE-2020-23466
	RESERVED
CVE-2020-23465
	RESERVED
CVE-2020-23464
	RESERVED
CVE-2020-23463
	RESERVED
CVE-2020-23462
	RESERVED
CVE-2020-23461
	RESERVED
CVE-2020-23460
	RESERVED
CVE-2020-23459
	RESERVED
CVE-2020-23458
	RESERVED
CVE-2020-23457
	RESERVED
CVE-2020-23456
	RESERVED
CVE-2020-23455
	RESERVED
CVE-2020-23454
	RESERVED
CVE-2020-23453
	RESERVED
CVE-2020-23452
	RESERVED
CVE-2020-23451 (Spiceworks Version &lt;= 7.5.00107 is affected by CSRF which can lead  ...)
	NOT-FOR-US: Spiceworks
CVE-2020-23450 (Spiceworks Version &lt;= 7.5.00107 is affected by XSS. Any name typed  ...)
	NOT-FOR-US: Spiceworks
CVE-2020-23449 (newbee-mall all versions are affected by incorrect access control to r ...)
	NOT-FOR-US: newbee-mall
CVE-2020-23448 (newbee-mall all versions are affected by incorrect access control to r ...)
	NOT-FOR-US: newbee-mall
CVE-2020-23447 (newbee-mall 1.0 is affected by cross-site scripting in shop-cart/settl ...)
	NOT-FOR-US: newbee-mall
CVE-2020-23446 (Verint Workforce Optimization suite 15.1 (15.1.0.37634) has Unauthenti ...)
	NOT-FOR-US: Verint Workforce Optimization suite
CVE-2020-23445
	RESERVED
CVE-2020-23444
	RESERVED
CVE-2020-23443
	RESERVED
CVE-2020-23442
	RESERVED
CVE-2020-23441
	RESERVED
CVE-2020-23440
	RESERVED
CVE-2020-23439
	RESERVED
CVE-2020-23438
	RESERVED
CVE-2020-23437
	RESERVED
CVE-2020-23436
	RESERVED
CVE-2020-23435
	RESERVED
CVE-2020-23434
	RESERVED
CVE-2020-23433
	RESERVED
CVE-2020-23432
	RESERVED
CVE-2020-23431
	RESERVED
CVE-2020-23430
	RESERVED
CVE-2020-23429
	RESERVED
CVE-2020-23428
	RESERVED
CVE-2020-23427
	RESERVED
CVE-2020-23426 (zzcms 201910 contains an access control vulnerability through escalati ...)
	NOT-FOR-US: zzcms
CVE-2020-23425
	RESERVED
CVE-2020-23424
	RESERVED
CVE-2020-23423
	RESERVED
CVE-2020-23422
	RESERVED
CVE-2020-23421
	RESERVED
CVE-2020-23420
	RESERVED
CVE-2020-23419
	RESERVED
CVE-2020-23418
	RESERVED
CVE-2020-23417
	RESERVED
CVE-2020-23416
	RESERVED
CVE-2020-23415
	RESERVED
CVE-2020-23414
	RESERVED
CVE-2020-23413
	RESERVED
CVE-2020-23412
	RESERVED
CVE-2020-23411
	RESERVED
CVE-2020-23410
	RESERVED
CVE-2020-23409
	RESERVED
CVE-2020-23408
	RESERVED
CVE-2020-23407
	RESERVED
CVE-2020-23406
	RESERVED
CVE-2020-23405
	RESERVED
CVE-2020-23404
	RESERVED
CVE-2020-23403
	RESERVED
CVE-2020-23402
	RESERVED
CVE-2020-23401
	RESERVED
CVE-2020-23400
	RESERVED
CVE-2020-23399
	RESERVED
CVE-2020-23398
	RESERVED
CVE-2020-23397
	RESERVED
CVE-2020-23396
	RESERVED
CVE-2020-23395
	RESERVED
CVE-2020-23394
	RESERVED
CVE-2020-23393
	RESERVED
CVE-2020-23392
	RESERVED
CVE-2020-23391
	RESERVED
CVE-2020-23390
	RESERVED
CVE-2020-23389
	RESERVED
CVE-2020-23388
	RESERVED
CVE-2020-23387
	RESERVED
CVE-2020-23386
	RESERVED
CVE-2020-23385
	RESERVED
CVE-2020-23384
	RESERVED
CVE-2020-23383
	RESERVED
CVE-2020-23382
	RESERVED
CVE-2020-23381
	RESERVED
CVE-2020-23380
	RESERVED
CVE-2020-23379
	RESERVED
CVE-2020-23378
	RESERVED
CVE-2020-23377
	RESERVED
CVE-2020-23376 (NoneCMS v1.3 has a CSRF vulnerability in public/index.php/admin/nav/ad ...)
	NOT-FOR-US: NoneCMS
CVE-2020-23375
	RESERVED
CVE-2020-23374 (Cross-site scripting (XSS) vulnerability in admin/article/add.html in  ...)
	NOT-FOR-US: NoneCMS
CVE-2020-23373 (Cross-site scripting (XSS) vulnerability in admin/nav/add.html in none ...)
	NOT-FOR-US: NoneCMS
CVE-2020-23372
	RESERVED
CVE-2020-23371 (Cross-site scripting (XSS) vulnerability in static/admin/js/kindeditor ...)
	NOT-FOR-US: NoneCMS
CVE-2020-23370 (In YzmCMS 5.6, stored XSS exists via the common/static/plugin/ueditor/ ...)
	NOT-FOR-US: YzmCMS
CVE-2020-23369 (In YzmCMS 5.6, XSS was discovered in member/member_content/init.html v ...)
	NOT-FOR-US: YzmCMS
CVE-2020-23368
	RESERVED
CVE-2020-23367
	RESERVED
CVE-2020-23366
	RESERVED
CVE-2020-23365
	RESERVED
CVE-2020-23364
	RESERVED
CVE-2020-23363
	RESERVED
CVE-2020-23362
	RESERVED
CVE-2020-23361 (phpList 3.5.3 allows type juggling for login bypass because == is used ...)
	- phplist <itp> (bug #612288)
CVE-2020-23360 (oscommerce v2.3.4.1 has a functional problem in user registration and  ...)
	NOT-FOR-US: oscommerce
CVE-2020-23359 (WeBid 1.2.2 admin/newuser.php has an issue with password rechecking du ...)
	NOT-FOR-US: WeBid
CVE-2020-23358
	RESERVED
CVE-2020-23357
	RESERVED
CVE-2020-23356 (dmin/kernel/api/login.class.phpin in nibbleblog v3.7.1c allows type ju ...)
	NOT-FOR-US: nibbleblog
CVE-2020-23355 (** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Codiad 2.8.4 /componetns/use ...)
	NOT-FOR-US: Codiad
CVE-2020-23354
	RESERVED
CVE-2020-23353
	RESERVED
CVE-2020-23352 (Z-BlogPHP 1.6.0 Valyria is affected by incorrect access control. PHP l ...)
	NOT-FOR-US: Z-BlogPHP
CVE-2020-23351
	RESERVED
CVE-2020-23350
	RESERVED
CVE-2020-23349
	RESERVED
CVE-2020-23348
	RESERVED
CVE-2020-23347
	RESERVED
CVE-2020-23346
	RESERVED
CVE-2020-23345
	RESERVED
CVE-2020-23344
	RESERVED
CVE-2020-23343
	RESERVED
CVE-2020-23342 (A CSRF vulnerability exists in Anchor CMS 0.12.7 anchor/views/users/ed ...)
	NOT-FOR-US: Anchor CMS
CVE-2020-23341 (A reflected cross site scripting (XSS) vulnerability in the /header.tm ...)
	NOT-FOR-US: ATutor
CVE-2020-23340
	RESERVED
CVE-2020-23339
	RESERVED
CVE-2020-23338
	RESERVED
CVE-2020-23337
	RESERVED
CVE-2020-23336
	RESERVED
CVE-2020-23335
	RESERVED
CVE-2020-23334 (A WRITE memory access in the AP4_NullTerminatedStringAtom::AP4_NullTer ...)
	NOT-FOR-US: Bento4
CVE-2020-23333 (A heap-based buffer overflow exists in the AP4_CttsAtom::AP4_CttsAtom  ...)
	NOT-FOR-US: Bento4
CVE-2020-23332 (A heap-based buffer overflow exists in the AP4_StdcFileByteStream::Rea ...)
	NOT-FOR-US: Bento4
CVE-2020-23331 (An issue was discovered in Bento4 version 06c39d9. A NULL pointer dere ...)
	NOT-FOR-US: Bento4
CVE-2020-23330 (An issue was discovered in Bento4 version 06c39d9. A NULL pointer dere ...)
	NOT-FOR-US: Bento4
CVE-2020-23329
	RESERVED
CVE-2020-23328
	RESERVED
CVE-2020-23327
	RESERVED
CVE-2020-23326
	RESERVED
CVE-2020-23325
	RESERVED
CVE-2020-23324
	RESERVED
CVE-2020-23323 (There is a heap-buffer-overflow at re-parser.c in re_parse_char_escape ...)
	- iotjs <unfixed> (bug #989991)
	[bullseye] - iotjs <no-dsa> (Minor issue)
	[buster] - iotjs <no-dsa> (Minor issue)
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3871
CVE-2020-23322 (There is an Assertion in 'context_p-&gt;token.type == LEXER_RIGHT_BRAC ...)
	- iotjs <unfixed> (bug #989991)
	[bullseye] - iotjs <no-dsa> (Minor issue)
	[buster] - iotjs <no-dsa> (Minor issue)
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3869
CVE-2020-23321 (There is a heap-buffer-overflow at lit-strings.c:431 in lit_read_code_ ...)
	- iotjs <unfixed> (bug #989991)
	[bullseye] - iotjs <no-dsa> (Minor issue)
	[buster] - iotjs <no-dsa> (Minor issue)
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3870
CVE-2020-23320 (There is an Assertion in 'context_p-&gt;next_scanner_info_p-&gt;type = ...)
	- iotjs <unfixed> (bug #989991)
	[bullseye] - iotjs <no-dsa> (Minor issue)
	[buster] - iotjs <no-dsa> (Minor issue)
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3835
CVE-2020-23319 (There is an Assertion in '(flags &gt;&gt; CBC_STACK_ADJUST_SHIFT) &gt; ...)
	- iotjs <unfixed> (bug #989991)
	[bullseye] - iotjs <no-dsa> (Minor issue)
	[buster] - iotjs <no-dsa> (Minor issue)
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3834
CVE-2020-23318
	RESERVED
CVE-2020-23317
	RESERVED
CVE-2020-23316
	RESERVED
CVE-2020-23315 (There is an ASSERTION (pFuncBody-&gt;GetYieldRegister() == oldYieldReg ...)
	NOT-FOR-US: Microsoft
CVE-2020-23314 (There is an Assertion 'block_found' failed at js-parser-statm.c:2003 p ...)
	- iotjs <unfixed> (bug #989991)
	[bullseye] - iotjs <no-dsa> (Minor issue)
	[buster] - iotjs <no-dsa> (Minor issue)
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3825
CVE-2020-23313 (There is an Assertion 'scope_stack_p &gt; context_p-&gt;scope_stack_p' ...)
	- iotjs <unfixed> (bug #989991)
	[bullseye] - iotjs <no-dsa> (Minor issue)
	[buster] - iotjs <no-dsa> (Minor issue)
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3823
CVE-2020-23312 (There is an Assertion 'context.status_flags &amp; PARSER_SCANNING_SUCC ...)
	- iotjs <unfixed> (bug #989991)
	[bullseye] - iotjs <no-dsa> (Minor issue)
	[buster] - iotjs <no-dsa> (Minor issue)
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3824
CVE-2020-23311 (There is an Assertion 'context_p-&gt;token.type == LEXER_RIGHT_BRACE | ...)
	- iotjs <unfixed> (bug #989991)
	[bullseye] - iotjs <no-dsa> (Minor issue)
	[buster] - iotjs <no-dsa> (Minor issue)
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3822
CVE-2020-23310 (There is an Assertion 'context_p-&gt;next_scanner_info_p-&gt;type == S ...)
	- iotjs <unfixed> (bug #989991)
	[bullseye] - iotjs <no-dsa> (Minor issue)
	[buster] - iotjs <no-dsa> (Minor issue)
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3821
CVE-2020-23309 (There is an Assertion 'context_p-&gt;stack_depth == context_p-&gt;cont ...)
	- iotjs <unfixed> (bug #989991)
	[bullseye] - iotjs <no-dsa> (Minor issue)
	[buster] - iotjs <no-dsa> (Minor issue)
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3820
CVE-2020-23308 (There is an Assertion 'context_p-&gt;stack_top_uint8 == LEXER_EXPRESSI ...)
	- iotjs <unfixed> (bug #989991)
	[bullseye] - iotjs <no-dsa> (Minor issue)
	[buster] - iotjs <no-dsa> (Minor issue)
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3819
CVE-2020-23307
	RESERVED
CVE-2020-23306 (There is a stack-overflow at ecma-regexp-object.c:535 in ecma_regexp_m ...)
	- iotjs <unfixed> (bug #989991)
	[bullseye] - iotjs <no-dsa> (Minor issue)
	[buster] - iotjs <no-dsa> (Minor issue)
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3753
CVE-2020-23305
	RESERVED
CVE-2020-23304
	RESERVED
CVE-2020-23303 (There is a heap-buffer-overflow at jmem-poolman.c:165 in jmem_pools_co ...)
	- iotjs <unfixed> (bug #989991)
	[bullseye] - iotjs <no-dsa> (Minor issue)
	[buster] - iotjs <no-dsa> (Minor issue)
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3749
CVE-2020-23302 (There is a heap-use-after-free at ecma-helpers-string.c:772 in ecma_re ...)
	- iotjs <unfixed> (bug #989991)
	[bullseye] - iotjs <no-dsa> (Minor issue)
	[buster] - iotjs <no-dsa> (Minor issue)
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3748
CVE-2020-23301
	RESERVED
CVE-2020-23300
	RESERVED
CVE-2020-23299
	RESERVED
CVE-2020-23298
	RESERVED
CVE-2020-23297
	RESERVED
CVE-2020-23296
	RESERVED
CVE-2020-23295
	RESERVED
CVE-2020-23294
	RESERVED
CVE-2020-23293
	RESERVED
CVE-2020-23292
	RESERVED
CVE-2020-23291
	RESERVED
CVE-2020-23290
	RESERVED
CVE-2020-23289
	RESERVED
CVE-2020-23288
	RESERVED
CVE-2020-23287
	RESERVED
CVE-2020-23286
	RESERVED
CVE-2020-23285
	RESERVED
CVE-2020-23284 (Information disclosure in aspx pages in MV's IDCE application v1.0 all ...)
	NOT-FOR-US: IDCE
CVE-2020-23283 (Information disclosure in Logon Page in MV's mConnect application v02. ...)
	NOT-FOR-US: mConnect
CVE-2020-23282 (SQL injection in Logon Page in MV's mConnect application, v02.001.00,  ...)
	NOT-FOR-US: mConnect
CVE-2020-23281
	RESERVED
CVE-2020-23280
	RESERVED
CVE-2020-23279
	RESERVED
CVE-2020-23278
	RESERVED
CVE-2020-23277
	RESERVED
CVE-2020-23276
	RESERVED
CVE-2020-23275
	RESERVED
CVE-2020-23274
	RESERVED
CVE-2020-23273 (Heap-buffer overflow in the randomize_iparp function in edit_packet.c. ...)
	- tcpreplay 4.3.3-1 (unimportant)
	NOTE: https://github.com/appneta/tcpreplay/issues/579
	NOTE: Fixed in: https://github.com/appneta/tcpreplay/pull/588
	NOTE: Fixed by: https://github.com/appneta/tcpreplay/commit/314ae7d70aa7630dc17dfdb06edacb131fa8fa99 (v4.3.3-beta1)
	NOTE: Crash in CLI tool, no security impact
CVE-2020-23272
	RESERVED
CVE-2020-23271
	RESERVED
CVE-2020-23270
	RESERVED
CVE-2020-23269 (An issue was discovered in gpac 0.8.0. The stbl_GetSampleSize function ...)
	- gpac 1.0.1+dfsg1-2
	NOTE: https://github.com/gpac/gpac/issues/1482
	NOTE: fixed by fixes for related bugs, no specific commit identified upstream
	NOTE: poc tested with 1.0.1+dfsg1-4+deb11u1
	NOTE: https://github.com/gpac/gpac/commit/e4ed32bf56fc02fb8a04b9e13f4d7bdae2b3ae12 (v0.9.0-preview)
CVE-2020-23268
	RESERVED
CVE-2020-23267 (An issue was discovered in gpac 0.8.0. The gf_hinter_track_process fun ...)
	- gpac 1.0.1+dfsg1-2
	NOTE: https://github.com/gpac/gpac/issues/1479
	NOTE: fixed by fixes for related bugs, no specific commit identified upstream
	NOTE: poc tested with 1.0.1+dfsg1-4+deb11u1
	NOTE: https://github.com/gpac/gpac/commit/b286aa0cdc0cb781e96430c8777d38f066a2c9f9 (v0.9.0, v0.8.1)
CVE-2020-23266 (An issue was discovered in gpac 0.8.0. The OD_ReadUTF8String function  ...)
	- gpac 1.0.1+dfsg1-2
	NOTE: https://github.com/gpac/gpac/commit/47d8bc5b3ddeed6d775197ebefae7c94a45d9bf2 (v0.9.0, v0.8.1)
	NOTE: https://github.com/gpac/gpac/issues/1481
CVE-2020-23265
	RESERVED
CVE-2020-23264 (Cross-site request forgery (CSRF) in Fork-CMS before 5.8.2 allow remot ...)
	NOT-FOR-US: Fork CMS
CVE-2020-23263 (Persistent Cross-site scripting vulnerability on Fork CMS version 5.8. ...)
	NOT-FOR-US: Fork CMS
CVE-2020-23262 (An issue was discovered in ming-soft MCMS v5.0, where a malicious user ...)
	NOT-FOR-US: ming-soft MCMS
CVE-2020-23261
	RESERVED
CVE-2020-23260
	RESERVED
CVE-2020-23259
	RESERVED
CVE-2020-23258
	RESERVED
CVE-2020-23257
	RESERVED
CVE-2020-23256
	RESERVED
CVE-2020-23255
	RESERVED
CVE-2020-23254
	RESERVED
CVE-2020-23253
	RESERVED
CVE-2020-23252
	RESERVED
CVE-2020-23251
	RESERVED
CVE-2020-23250 (GigaVUE-OS (GVOS) 5.4 - 5.9 uses a weak algorithm for a hash stored in ...)
	NOT-FOR-US: GigaVUE-OS
CVE-2020-23249 (GigaVUE-OS (GVOS) 5.4 - 5.9 stores a Redis database password in plaint ...)
	NOT-FOR-US: GigaVUE-OS
CVE-2020-23248
	RESERVED
CVE-2020-23247
	RESERVED
CVE-2020-23246
	RESERVED
CVE-2020-23245
	RESERVED
CVE-2020-23244
	RESERVED
CVE-2020-23243 (Cross Site Scripting (XSS) vulnerability in NavigateCMS NavigateCMS 2. ...)
	NOT-FOR-US: NavigateCMS
CVE-2020-23242 (Cross Site Scripting (XSS) vulnerability in NavigateCMS 2.9 when perfo ...)
	NOT-FOR-US: NavigateCMS
CVE-2020-23241 (Cross Site Scripting (XSS) vulnerability in CMS Made Simple 2.2.14 in  ...)
	NOT-FOR-US: CMS Made Simple
CVE-2020-23240 (Cross Site Scripting (XSS) vulnerablity in CMS Made Simple 2.2.14 via  ...)
	NOT-FOR-US: CMS Made Simple
CVE-2020-23239 (Cross Site Scripting (XSS) vulnerability in Textpattern CMS 4.8.1 via  ...)
	NOT-FOR-US: Textpattern CMS
CVE-2020-23238 (Cross Site Scripting (XSS) vulnerability in Evolution CMS 2.0.2 via th ...)
	NOT-FOR-US: Evolution CMS
CVE-2020-23237
	RESERVED
CVE-2020-23236
	RESERVED
CVE-2020-23235
	RESERVED
CVE-2020-23234 (Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0 v ...)
	NOT-FOR-US: LavaLite CMS
CVE-2020-23233
	RESERVED
CVE-2020-23232
	RESERVED
CVE-2020-23231
	RESERVED
CVE-2020-23230
	RESERVED
CVE-2020-23229
	RESERVED
CVE-2020-23228
	RESERVED
CVE-2020-23227
	RESERVED
CVE-2020-23226 (Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1. ...)
	- cacti 1.2.13+ds1-1
	[buster] - cacti <no-dsa> (Minor issues)
	[stretch] - cacti <no-dsa> (Minor issues; also requires semi-intrusive change to be backported)
	NOTE: https://github.com/Cacti/cacti/issues/3549
	NOTE: https://github.com/Cacti/cacti/commit/8d5fbc48debddc91a66b5aed877060566c6b6232 (1.2.13)
	NOTE: https://github.com/Cacti/cacti/commit/74c011ba8635902713c530ded90bc0a045ca461d (1.2.13)
	NOTE: https://github.com/Cacti/cacti/commit/5e4c77e908d6ff895a97fb29e1b582160f8d4165 (1.2.13)
	NOTE: https://github.com/Cacti/cacti/commit/798f499eacc6b90e9e0e6a38db15edf564e3729f (1.2.13)
	NOTE: https://github.com/Cacti/cacti/commit/dc35a79b15eeb68a46205c7b06d812953fbbf94d (1.2.13)
	NOTE: https://github.com/Cacti/cacti/commit/72baf7b63bca7b1ee26f37f99be406ea20debf71 (1.2.13)
	NOTE: https://github.com/Cacti/cacti/commit/de5e60c97b55b17d8d9e7d9782426ac6e941500d (1.2.13)
	NOTE: https://github.com/Cacti/cacti/commit/a3233a1b3c3c25a325d334c69b4c94d56473cceb (1.2.13)
	NOTE: https://github.com/Cacti/cacti/commit/80ec47b08a06dddc4f2135562d29f2c619cc264f (1.2.13)
CVE-2020-23225
	RESERVED
CVE-2020-23224
	RESERVED
CVE-2020-23223
	RESERVED
CVE-2020-23222
	RESERVED
CVE-2020-23221
	RESERVED
CVE-2020-23220
	RESERVED
CVE-2020-23219 (Monstra CMS 3.0.4 allows attackers to execute arbitrary code via a cra ...)
	NOT-FOR-US: Monstra CMS
CVE-2020-23218
	RESERVED
CVE-2020-23217 (A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 all ...)
	- phplist <itp> (bug #612288)
CVE-2020-23216
	RESERVED
CVE-2020-23215
	RESERVED
CVE-2020-23214 (A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 all ...)
	- phplist <itp> (bug #612288)
CVE-2020-23213
	RESERVED
CVE-2020-23212
	RESERVED
CVE-2020-23211
	RESERVED
CVE-2020-23210
	RESERVED
CVE-2020-23209 (A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 all ...)
	- phplist <itp> (bug #612288)
CVE-2020-23208 (A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 all ...)
	- phplist <itp> (bug #612288)
CVE-2020-23207 (A stored cross site scripting (XSS) vulnerability in phplist 3.5.3 all ...)
	- phplist <itp> (bug #612288)
CVE-2020-23206
	RESERVED
CVE-2020-23205 (A stored cross site scripting (XSS) vulnerability in Monstra CMS versi ...)
	NOT-FOR-US: Monstra CMS
CVE-2020-23204
	RESERVED
CVE-2020-23203
	RESERVED
CVE-2020-23202
	RESERVED
CVE-2020-23201
	RESERVED
CVE-2020-23200
	RESERVED
CVE-2020-23199
	RESERVED
CVE-2020-23198
	RESERVED
CVE-2020-23197
	RESERVED
CVE-2020-23196
	RESERVED
CVE-2020-23195
	RESERVED
CVE-2020-23194 (A stored cross site scripting (XSS) vulnerability in the "Import Subsc ...)
	- phplist <itp> (bug #612288)
CVE-2020-23193
	RESERVED
CVE-2020-23192 (A stored cross site scripting (XSS) vulnerability in phplist 3.5.4 and ...)
	- phplist <itp> (bug #612288)
CVE-2020-23191
	RESERVED
CVE-2020-23190 (A stored cross site scripting (XSS) vulnerability in the "Import email ...)
	- phplist <itp> (bug #612288)
CVE-2020-23189
	RESERVED
CVE-2020-23188
	RESERVED
CVE-2020-23187
	RESERVED
CVE-2020-23186
	RESERVED
CVE-2020-23185 (A stored cross site scripting (XSS) vulnerability in /administration/s ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-23184 (A stored cross site scripting (XSS) vulnerability in /administration/s ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-23183
	RESERVED
CVE-2020-23182 (The component /php-fusion/infusions/shoutbox_panel/shoutbox_archive.ph ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-23181 (A reflected cross site scripting (XSS) vulnerability in /administratio ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-23180
	RESERVED
CVE-2020-23179 (A stored cross site scripting (XSS) vulnerability in administration/se ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-23178 (An issue exists in PHP-Fusion 9.03.50 where session cookies are not de ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-23177
	RESERVED
CVE-2020-23176
	RESERVED
CVE-2020-23175
	RESERVED
CVE-2020-23174
	RESERVED
CVE-2020-23173
	RESERVED
CVE-2020-23172 (A vulnerability in all versions of Kuba allows attackers to overwrite  ...)
	NOT-FOR-US: Kuba
CVE-2020-23171 (A vulnerability in all versions of Nim-lang allows unauthenticated att ...)
	NOT-FOR-US: nim-lang zip
	NOTE: The Nim compiler exists in Debian, nim-lang/zip is a ZIP wrapper written in Nim.
CVE-2020-23170
	RESERVED
CVE-2020-23169
	RESERVED
CVE-2020-23168
	RESERVED
CVE-2020-23167
	RESERVED
CVE-2020-23166
	RESERVED
CVE-2020-23165
	RESERVED
CVE-2020-23164
	RESERVED
CVE-2020-23163
	RESERVED
CVE-2020-23162 (Sensitive information disclosure and weak encryption in Pyrescom Termo ...)
	NOT-FOR-US: Pyrescom Termod4 time management devices
CVE-2020-23161 (Local file inclusion in Pyrescom Termod4 time management devices befor ...)
	NOT-FOR-US: Pyrescom Termod4 time management devices
CVE-2020-23160 (Remote code execution in Pyrescom Termod4 time management devices befo ...)
	NOT-FOR-US: Pyrescom Termod4 time management devices
CVE-2020-23159
	RESERVED
CVE-2020-23158
	RESERVED
CVE-2020-23157
	RESERVED
CVE-2020-23156
	RESERVED
CVE-2020-23155
	RESERVED
CVE-2020-23154
	RESERVED
CVE-2020-23153
	RESERVED
CVE-2020-23152
	RESERVED
CVE-2020-23151 (rConfig 3.9.5 allows command injection by sending a crafted GET reques ...)
	NOT-FOR-US: rConfig
CVE-2020-23150 (A SQL injection vulnerability in config.inc.php of rConfig 3.9.5 allow ...)
	NOT-FOR-US: rConfig
CVE-2020-23149 (The dbName parameter in ajaxDbInstall.php of rConfig 3.9.5 is unsaniti ...)
	NOT-FOR-US: rConfig
CVE-2020-23148 (The userLogin parameter in ldap/login.php of rConfig 3.9.5 is unsaniti ...)
	NOT-FOR-US: rConfig
CVE-2020-23147
	RESERVED
CVE-2020-23146
	RESERVED
CVE-2020-23145
	RESERVED
CVE-2020-23144
	RESERVED
CVE-2020-23143
	RESERVED
CVE-2020-23142
	RESERVED
CVE-2020-23141
	RESERVED
CVE-2020-23140 (Microweber 1.1.18 is affected by insufficient session expiration. When ...)
	NOT-FOR-US: Microweber
CVE-2020-23139 (Microweber 1.1.18 is affected by broken authentication and session man ...)
	NOT-FOR-US: Microweber
CVE-2020-23138 (An unrestricted file upload vulnerability was discovered in the Microw ...)
	NOT-FOR-US: Microweber
CVE-2020-23137
	RESERVED
CVE-2020-23136 (Microweber v1.1.18 is affected by no session expiry after log-out. ...)
	NOT-FOR-US: Microweber
CVE-2020-23135
	RESERVED
CVE-2020-23134
	RESERVED
CVE-2020-23133
	RESERVED
CVE-2020-23132
	RESERVED
CVE-2020-23131
	RESERVED
CVE-2020-23130
	REJECTED
CVE-2020-23129
	REJECTED
CVE-2020-23128 (Chamilo LMS 1.11.10 does not properly manage privileges which could al ...)
	NOT-FOR-US: Chamilo LMS
CVE-2020-23127 (Chamilo LMS 1.11.10 is affected by Cross Site Request Forgery (CSRF) v ...)
	NOT-FOR-US: Chamilo LMS
CVE-2020-23126 (Chamilo LMS version 1.11.10 contains an XSS vulnerability in the perso ...)
	NOT-FOR-US: Chamilo LMS
CVE-2020-23125
	RESERVED
CVE-2020-23124
	RESERVED
CVE-2020-23123
	RESERVED
CVE-2020-23122
	RESERVED
CVE-2020-23121
	RESERVED
CVE-2020-23120
	RESERVED
CVE-2020-23119
	RESERVED
CVE-2020-23118
	RESERVED
CVE-2020-23117
	RESERVED
CVE-2020-23116
	RESERVED
CVE-2020-23115
	RESERVED
CVE-2020-23114
	RESERVED
CVE-2020-23113
	RESERVED
CVE-2020-23112
	RESERVED
CVE-2020-23111
	RESERVED
CVE-2020-23110
	RESERVED
CVE-2020-23109 (Buffer overflow vulnerability in function convert_colorspace in heif_c ...)
	- libheif <unfixed>
	[bullseye] - libheif <no-dsa> (Minor issue)
	[buster] - libheif <no-dsa> (Minor issue)
	NOTE: https://github.com/strukturag/libheif/issues/207
CVE-2020-23108
	RESERVED
CVE-2020-23107
	RESERVED
CVE-2020-23106
	RESERVED
CVE-2020-23105
	RESERVED
CVE-2020-23104
	RESERVED
CVE-2020-23103
	RESERVED
CVE-2020-23102
	RESERVED
CVE-2020-23101
	RESERVED
CVE-2020-23100
	RESERVED
CVE-2020-23099
	RESERVED
CVE-2020-23098
	RESERVED
CVE-2020-23097
	RESERVED
CVE-2020-23096
	RESERVED
CVE-2020-23095
	RESERVED
CVE-2020-23094
	RESERVED
CVE-2020-23093
	RESERVED
CVE-2020-23092
	RESERVED
CVE-2020-23091
	RESERVED
CVE-2020-23090
	RESERVED
CVE-2020-23089
	RESERVED
CVE-2020-23088
	RESERVED
CVE-2020-23087
	RESERVED
CVE-2020-23086
	RESERVED
CVE-2020-23085
	RESERVED
CVE-2020-23084
	RESERVED
CVE-2020-23083 (Unrestricted File Upload in JEECG v4.0 and earlier allows remote attac ...)
	NOT-FOR-US: JEECG
CVE-2020-23082
	RESERVED
CVE-2020-23081
	RESERVED
CVE-2020-23080
	RESERVED
CVE-2020-23079 (SSRF vulnerability in Halo &lt;=1.3.2 exists in the SMTP configuration ...)
	NOT-FOR-US: Halo
CVE-2020-23078
	RESERVED
CVE-2020-23077
	RESERVED
CVE-2020-23076
	RESERVED
CVE-2020-23075
	RESERVED
CVE-2020-23074
	RESERVED
CVE-2020-23073
	RESERVED
CVE-2020-23072
	RESERVED
CVE-2020-23071
	RESERVED
CVE-2020-23070
	RESERVED
CVE-2020-23069 (Path Traversal vulneraility exists in webTareas 2.0 via the extpath pa ...)
	NOT-FOR-US: webTareas
CVE-2020-23068
	RESERVED
CVE-2020-23067
	RESERVED
CVE-2020-23066
	RESERVED
CVE-2020-23065
	RESERVED
CVE-2020-23064
	RESERVED
CVE-2020-23063
	RESERVED
CVE-2020-23062
	RESERVED
CVE-2020-23061 (Dropouts Technologies LLP Super Backup v2.0.5 was discovered to contai ...)
	NOT-FOR-US: Dropouts Technologies LLP Super Backup
CVE-2020-23060 (Internet Download Manager 6.37.11.1 was discovered to contain a stack  ...)
	NOT-FOR-US: Internet Download Manager
CVE-2020-23059
	RESERVED
CVE-2020-23058 (An issue in the authentication mechanism in Nong Ge File Explorer v1.4 ...)
	NOT-FOR-US: Nong Ge File Explorer
CVE-2020-23057
	RESERVED
CVE-2020-23056
	RESERVED
CVE-2020-23055 (ANCOM WLAN Controller (Wireless Series &amp; Hotspot) WLC-1000 &amp; W ...)
	NOT-FOR-US: ANCOM WLAN Controller (Wireless Series & Hotspot) WLC-1000 & WLC-4006
CVE-2020-23054 (A cross-site scripting (XSS) vulnerability in NSK User Agent String Sw ...)
	NOT-FOR-US: NSK User Agent String Switcher Service
CVE-2020-23053
	RESERVED
CVE-2020-23052 (Catalyst IT Ltd Mahara CMS v19.10.2 was discovered to contain multiple ...)
	- mahara <removed>
CVE-2020-23051 (Phpgurukul User Registration &amp; User Management System v2.0 was dis ...)
	NOT-FOR-US: Phpgurukul User Registration & User Management System
CVE-2020-23050 (TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to cont ...)
	NOT-FOR-US: TAO Open Source Assessment Platform
CVE-2020-23049 (Fork CMS Content Management System v5.8.0 was discovered to contain a  ...)
	NOT-FOR-US: Fork CMS
CVE-2020-23048 (SeedDMS Content Management System v6.0.7 contains a persistent cross-s ...)
	NOT-FOR-US: SeedDMS CMS
CVE-2020-23047 (Macrob7 Macs Framework Content Management System - 1.14f was discovere ...)
	NOT-FOR-US: Macrob7 Macs Framework Content Management System
CVE-2020-23046 (DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripti ...)
	NOT-FOR-US: DedeCMS
CVE-2020-23045 (Macrob7 Macs Framework Content Management System - 1.14f was discovere ...)
	NOT-FOR-US: Macrob7 Macs Framework Content Management System
CVE-2020-23044 (DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripti ...)
	NOT-FOR-US: DedeCMS
CVE-2020-23043 (Tran Tu Air Sender v1.0.2 was discovered to contain an arbitrary file  ...)
	NOT-FOR-US: Tran Tu Air Sender
CVE-2020-23042 (Dropouts Technologies LLP Super Backup v2.0.5 was discovered to contai ...)
	NOT-FOR-US: Dropouts Technologies LLP Super Backup
CVE-2020-23041 (Dropouts Technologies LLP Air Share v1.2 was discovered to contain a c ...)
	NOT-FOR-US: Dropouts Technologies LLP Air Share
CVE-2020-23040 (Sky File v2.1.0 contains a directory traversal vulnerability in the FT ...)
	NOT-FOR-US: Sky File
CVE-2020-23039 (Folder Lock v3.4.5 was discovered to contain a stored cross-site scrip ...)
	NOT-FOR-US: Folder Lock
CVE-2020-23038 (Swift File Transfer Mobile v1.1.2 and below was discovered to contain  ...)
	NOT-FOR-US: Swift File Transfer Mobile
CVE-2020-23037 (Portable Ltd Playable v9.18 contains a code injection vulnerability in ...)
	NOT-FOR-US: Portable Ltd Playable
CVE-2020-23036 (MEDIA NAVI Inc SMACom v1.2 was discovered to contain an insecure sessi ...)
	NOT-FOR-US: MEDIA NAVI Inc SMACom
CVE-2020-23035
	RESERVED
CVE-2020-23034
	RESERVED
CVE-2020-23033
	RESERVED
CVE-2020-23032
	RESERVED
CVE-2020-23031
	RESERVED
CVE-2020-23030
	RESERVED
CVE-2020-23029
	RESERVED
CVE-2020-23028
	RESERVED
CVE-2020-23027
	RESERVED
CVE-2020-23026 (A NULL pointer dereference in the main() function dhry_1.c of dhryston ...)
	- dhrystone <itp> (bug #693342)
	NOTE: https://github.com/sifive/benchmark-dhrystone
CVE-2020-23025
	RESERVED
CVE-2020-23024
	RESERVED
CVE-2020-23023
	RESERVED
CVE-2020-23022
	RESERVED
CVE-2020-23021
	RESERVED
CVE-2020-23020
	RESERVED
CVE-2020-23019
	RESERVED
CVE-2020-23018
	RESERVED
CVE-2020-23017
	RESERVED
CVE-2020-23016
	RESERVED
CVE-2020-23015 (An open redirect issue was discovered in OPNsense through 20.1.5. The  ...)
	NOT-FOR-US: OPNsense
CVE-2020-23014 (APfell 1.4 is vulnerable to authenticated reflected cross-site scripti ...)
	NOT-FOR-US: APfell
CVE-2020-23013
	RESERVED
CVE-2020-23012
	RESERVED
CVE-2020-23011
	RESERVED
CVE-2020-23010
	RESERVED
CVE-2020-23009
	RESERVED
CVE-2020-23008
	RESERVED
CVE-2020-23007
	RESERVED
CVE-2020-23006
	RESERVED
CVE-2020-23005
	RESERVED
CVE-2020-23004
	RESERVED
CVE-2020-23003
	RESERVED
CVE-2020-23002
	RESERVED
CVE-2020-23001
	RESERVED
CVE-2020-23000
	RESERVED
CVE-2020-22999
	RESERVED
CVE-2020-22998
	RESERVED
CVE-2020-22997
	RESERVED
CVE-2020-22996
	RESERVED
CVE-2020-22995
	RESERVED
CVE-2020-22994
	RESERVED
CVE-2020-22993
	RESERVED
CVE-2020-22992
	RESERVED
CVE-2020-22991
	RESERVED
CVE-2020-22990
	RESERVED
CVE-2020-22989
	RESERVED
CVE-2020-22988
	RESERVED
CVE-2020-22987
	RESERVED
CVE-2020-22986
	RESERVED
CVE-2020-22985
	RESERVED
CVE-2020-22984
	RESERVED
CVE-2020-22983
	RESERVED
CVE-2020-22982
	RESERVED
CVE-2020-22981
	RESERVED
CVE-2020-22980
	RESERVED
CVE-2020-22979
	RESERVED
CVE-2020-22978
	RESERVED
CVE-2020-22977
	RESERVED
CVE-2020-22976
	RESERVED
CVE-2020-22975
	RESERVED
CVE-2020-22974
	RESERVED
CVE-2020-22973
	RESERVED
CVE-2020-22972
	RESERVED
CVE-2020-22971
	RESERVED
CVE-2020-22970
	RESERVED
CVE-2020-22969
	RESERVED
CVE-2020-22968
	RESERVED
CVE-2020-22967
	RESERVED
CVE-2020-22966
	RESERVED
CVE-2020-22965
	RESERVED
CVE-2020-22964
	RESERVED
CVE-2020-22963
	RESERVED
CVE-2020-22962
	RESERVED
CVE-2020-22961
	RESERVED
CVE-2020-22960
	RESERVED
CVE-2020-22959
	RESERVED
CVE-2020-22958
	RESERVED
CVE-2020-22957
	RESERVED
CVE-2020-22956
	RESERVED
CVE-2020-22955
	RESERVED
CVE-2020-22954
	RESERVED
CVE-2020-22953
	RESERVED
CVE-2020-22952
	RESERVED
CVE-2020-22951
	RESERVED
CVE-2020-22950
	RESERVED
CVE-2020-22949
	RESERVED
CVE-2020-22948
	RESERVED
CVE-2020-22947
	RESERVED
CVE-2020-22946
	RESERVED
CVE-2020-22945
	RESERVED
CVE-2020-22944
	RESERVED
CVE-2020-22943
	RESERVED
CVE-2020-22942
	RESERVED
CVE-2020-22941
	RESERVED
CVE-2020-22940
	RESERVED
CVE-2020-22939
	RESERVED
CVE-2020-22938
	RESERVED
CVE-2020-22937 (A remote code execution (RCE) in e/install/index.php of EmpireCMS 7.5  ...)
	NOT-FOR-US: EmpireCMS
CVE-2020-22936
	RESERVED
CVE-2020-22935
	RESERVED
CVE-2020-22934
	RESERVED
CVE-2020-22933
	RESERVED
CVE-2020-22932
	RESERVED
CVE-2020-22931
	RESERVED
CVE-2020-22930
	RESERVED
CVE-2020-22929
	RESERVED
CVE-2020-22928
	RESERVED
CVE-2020-22927
	RESERVED
CVE-2020-22926
	RESERVED
CVE-2020-22925
	RESERVED
CVE-2020-22924
	RESERVED
CVE-2020-22923
	RESERVED
CVE-2020-22922
	RESERVED
CVE-2020-22921
	RESERVED
CVE-2020-22920
	RESERVED
CVE-2020-22919
	RESERVED
CVE-2020-22918
	RESERVED
CVE-2020-22917
	RESERVED
CVE-2020-22916
	RESERVED
CVE-2020-22915
	RESERVED
CVE-2020-22914
	RESERVED
CVE-2020-22913
	RESERVED
CVE-2020-22912
	RESERVED
CVE-2020-22911
	RESERVED
CVE-2020-22910
	RESERVED
CVE-2020-22909
	RESERVED
CVE-2020-22908
	RESERVED
CVE-2020-22907 (Stack overflow vulnerability in function jsi_evalcode_sub in jsish bef ...)
	NOT-FOR-US: jsish
CVE-2020-22906
	RESERVED
CVE-2020-22905
	RESERVED
CVE-2020-22904
	RESERVED
CVE-2020-22903
	RESERVED
CVE-2020-22902
	RESERVED
CVE-2020-22901
	RESERVED
CVE-2020-22900
	RESERVED
CVE-2020-22899
	RESERVED
CVE-2020-22898
	RESERVED
CVE-2020-22897
	RESERVED
CVE-2020-22896
	RESERVED
CVE-2020-22895
	RESERVED
CVE-2020-22894
	RESERVED
CVE-2020-22893
	RESERVED
CVE-2020-22892
	RESERVED
CVE-2020-22891
	RESERVED
CVE-2020-22890
	RESERVED
CVE-2020-22889
	RESERVED
CVE-2020-22888
	RESERVED
CVE-2020-22887
	RESERVED
CVE-2020-22886 (Buffer overflow vulnerability in function jsG_markobject in jsgc.c in  ...)
	- mujs 1.0.9-1
	NOTE: https://github.com/ccxvii/mujs/issues/134
CVE-2020-22885 (Buffer overflow vulnerability in mujs before 1.0.8 due to recursion in ...)
	- mujs 1.0.9-1
	NOTE: https://github.com/ccxvii/mujs/issues/133
CVE-2020-22884 (Buffer overflow vulnerability in function jsvGetStringChars in Espruin ...)
	NOT-FOR-US: Espruino
CVE-2020-22883
	RESERVED
CVE-2020-22882 (Issue was discovered in the fxParserTree function in moddable, allows  ...)
	NOT-FOR-US: Moddable
CVE-2020-22881
	RESERVED
CVE-2020-22880
	RESERVED
CVE-2020-22879
	RESERVED
CVE-2020-22878
	RESERVED
CVE-2020-22877
	RESERVED
CVE-2020-22876 (Buffer Overflow vulnerability in quickjs.c in QuickJS, allows remote a ...)
	NOT-FOR-US: QuickJS
CVE-2020-22875 (Integer overflow vulnerability in function Jsi_ObjSetLength in jsish b ...)
	NOT-FOR-US: jsish
CVE-2020-22874 (Integer overflow vulnerability in function Jsi_ObjArraySizer in jsish  ...)
	NOT-FOR-US: jsish
CVE-2020-22873 (Buffer overflow vulnerability in function NumberToPrecisionCmd in jsis ...)
	NOT-FOR-US: jsish
CVE-2020-22872
	RESERVED
CVE-2020-22871
	RESERVED
CVE-2020-22870
	RESERVED
CVE-2020-22869
	RESERVED
CVE-2020-22868
	RESERVED
CVE-2020-22867
	RESERVED
CVE-2020-22866
	RESERVED
CVE-2020-22865
	RESERVED
CVE-2020-22864 (A cross site scripting (XSS) vulnerability in the Insert Video functio ...)
	NOT-FOR-US: Froala WYSIWYG Editor
CVE-2020-22863
	RESERVED
CVE-2020-22862
	RESERVED
CVE-2020-22861
	RESERVED
CVE-2020-22860
	RESERVED
CVE-2020-22859
	RESERVED
CVE-2020-22858
	RESERVED
CVE-2020-22857
	RESERVED
CVE-2020-22856
	RESERVED
CVE-2020-22855
	RESERVED
CVE-2020-22854
	RESERVED
CVE-2020-22853
	RESERVED
CVE-2020-22852
	RESERVED
CVE-2020-22851
	RESERVED
CVE-2020-22850
	RESERVED
CVE-2020-22849
	RESERVED
CVE-2020-22848 (A remote code execution (RCE) vulnerability in the \Playsong.php compo ...)
	NOT-FOR-US: cscms
CVE-2020-22847
	RESERVED
CVE-2020-22846
	RESERVED
CVE-2020-22845
	RESERVED
CVE-2020-22844
	RESERVED
CVE-2020-22843
	RESERVED
CVE-2020-22842 (CMS Made Simple before 2.2.15 allows XSS via the m1_mod parameter in a ...)
	NOT-FOR-US: CMS Made Simple
CVE-2020-22841 (Stored XSS in b2evolution CMS version 6.11.6 and prior allows an attac ...)
	NOT-FOR-US: b2evolution CMS
CVE-2020-22840 (Open redirect vulnerability in b2evolution CMS version prior to 6.11.6 ...)
	NOT-FOR-US: b2evolution CMS
CVE-2020-22839 (Reflected cross-site scripting vulnerability (XSS) in the evoadm.php f ...)
	NOT-FOR-US: b2evolution CMS
CVE-2020-22838
	RESERVED
CVE-2020-22837
	RESERVED
CVE-2020-22836
	RESERVED
CVE-2020-22835
	RESERVED
CVE-2020-22834
	RESERVED
CVE-2020-22833
	RESERVED
CVE-2020-22832
	RESERVED
CVE-2020-22831
	RESERVED
CVE-2020-22830
	RESERVED
CVE-2020-22829
	RESERVED
CVE-2020-22828
	RESERVED
CVE-2020-22827
	RESERVED
CVE-2020-22826
	RESERVED
CVE-2020-22825
	RESERVED
CVE-2020-22824
	RESERVED
CVE-2020-22823
	RESERVED
CVE-2020-22822
	RESERVED
CVE-2020-22821
	RESERVED
CVE-2020-22820
	RESERVED
CVE-2020-22819
	RESERVED
CVE-2020-22818
	RESERVED
CVE-2020-22817
	RESERVED
CVE-2020-22816
	RESERVED
CVE-2020-22815
	RESERVED
CVE-2020-22814
	RESERVED
CVE-2020-22813
	RESERVED
CVE-2020-22812
	RESERVED
CVE-2020-22811
	RESERVED
CVE-2020-22810
	RESERVED
CVE-2020-22809 (In Windscribe v1.83 Build 20, 'WindscribeService' has an Unquoted Serv ...)
	NOT-FOR-US: Windscribe
CVE-2020-22808 (An issue was found in yii2_fecshop 2.x. There is a reflected XSS vulne ...)
	NOT-FOR-US: yii2_fecshop
CVE-2020-22807 (An issue was dicovered in vtiger crm 7.2. Union sql injection in the c ...)
	NOT-FOR-US: VTiger CRM
CVE-2020-22806
	RESERVED
CVE-2020-22805
	RESERVED
CVE-2020-22804
	RESERVED
CVE-2020-22803
	RESERVED
CVE-2020-22802
	RESERVED
CVE-2020-22801
	RESERVED
CVE-2020-22800
	RESERVED
CVE-2020-22799
	RESERVED
CVE-2020-22798
	RESERVED
CVE-2020-22797
	RESERVED
CVE-2020-22796
	RESERVED
CVE-2020-22795
	RESERVED
CVE-2020-22794
	RESERVED
CVE-2020-22793
	RESERVED
CVE-2020-22792
	RESERVED
CVE-2020-22791
	RESERVED
CVE-2020-22790 (Authenticated Stored XSS in FME Server versions 2019.2 and 2020.0 Beta ...)
	NOT-FOR-US: FME Server
CVE-2020-22789 (Unauthenticated Stored XSS in FME Server versions 2019.2 and 2020.0 Be ...)
	NOT-FOR-US: FME Server
CVE-2020-22788
	RESERVED
CVE-2020-22787
	RESERVED
CVE-2020-22786
	RESERVED
CVE-2020-22785 (Etherpad &lt; 1.8.3 is affected by a missing lock check which could ca ...)
	- etherpad-lite <itp> (bug #576998)
CVE-2020-22784 (In Etherpad UeberDB &lt; 0.4.4, due to MySQL omitting trailing spaces  ...)
	NOT-FOR-US: Etherpad UeberDB
CVE-2020-22783 (Etherpad &lt;1.8.3 stored passwords used by users insecurely in the da ...)
	- etherpad-lite <itp> (bug #576998)
CVE-2020-22782 (Etherpad &lt; 1.8.3 is affected by a denial of service in the import f ...)
	- etherpad-lite <itp> (bug #576998)
CVE-2020-22781 (In Etherpad &lt; 1.8.3, a specially crafted URI would raise an unhandl ...)
	- etherpad-lite <itp> (bug #576998)
CVE-2020-22780
	RESERVED
CVE-2020-22779
	RESERVED
CVE-2020-22778
	RESERVED
CVE-2020-22777
	RESERVED
CVE-2020-22776
	RESERVED
CVE-2020-22775
	RESERVED
CVE-2020-22774
	RESERVED
CVE-2020-22773
	RESERVED
CVE-2020-22772
	RESERVED
CVE-2020-22771
	RESERVED
CVE-2020-22770
	RESERVED
CVE-2020-22769
	RESERVED
CVE-2020-22768
	RESERVED
CVE-2020-22767
	RESERVED
CVE-2020-22766
	RESERVED
CVE-2020-22765 (Cross Site Scripting (XSS) vulnerability in NukeViet cms 4.4.0 via the ...)
	NOT-FOR-US: NukeViet cms
CVE-2020-22764
	RESERVED
CVE-2020-22763
	RESERVED
CVE-2020-22762
	RESERVED
CVE-2020-22761 (Cross Site Request Forgery (CSRF) vulnerability in FlatPress 1.1 via t ...)
	NOT-FOR-US: FlatPress
CVE-2020-22760
	RESERVED
CVE-2020-22759
	RESERVED
CVE-2020-22758
	RESERVED
CVE-2020-22757
	RESERVED
CVE-2020-22756
	RESERVED
CVE-2020-22755
	RESERVED
CVE-2020-22754
	RESERVED
CVE-2020-22753
	RESERVED
CVE-2020-22752
	RESERVED
CVE-2020-22751
	RESERVED
CVE-2020-22750
	RESERVED
CVE-2020-22749
	RESERVED
CVE-2020-22748
	RESERVED
CVE-2020-22747
	RESERVED
CVE-2020-22746
	RESERVED
CVE-2020-22745
	RESERVED
CVE-2020-22744
	RESERVED
CVE-2020-22743
	RESERVED
CVE-2020-22742
	RESERVED
CVE-2020-22741 (An issue was discovered in Xuperchain 3.6.0 that allows for attackers  ...)
	NOT-FOR-US: Xuperchain
CVE-2020-22740
	RESERVED
CVE-2020-22739
	RESERVED
CVE-2020-22738
	RESERVED
CVE-2020-22737
	RESERVED
CVE-2020-22736
	RESERVED
CVE-2020-22735
	RESERVED
CVE-2020-22734
	RESERVED
CVE-2020-22733
	RESERVED
CVE-2020-22732 (CMS Made Simple (CMSMS) 2.2.14 allows stored XSS via the Extensions &g ...)
	NOT-FOR-US: CMS Made Simple (CMSMS)
CVE-2020-22731
	RESERVED
CVE-2020-22730
	RESERVED
CVE-2020-22729
	RESERVED
CVE-2020-22728
	RESERVED
CVE-2020-22727
	RESERVED
CVE-2020-22726
	RESERVED
CVE-2020-22725
	RESERVED
CVE-2020-22724 (A remote command execution vulnerability exists in add_server_service  ...)
	NOT-FOR-US: Mercury Router MER1200
CVE-2020-22723 (A cross-site scripting (XSS) vulnerability in Beijing Liangjing Zhiche ...)
	NOT-FOR-US: Beijing Liangjing Zhicheng Technology Co., Ltd ljcmsshop
CVE-2020-22722 (Rapid Software LLC Rapid SCADA 5.8.0 is affected by a local privilege  ...)
	NOT-FOR-US: Rapid Software LLC Rapid SCADA
CVE-2020-22721 (A File Upload Vulnerability in PNotes - Andrey Gruber PNotes.NET v3.8. ...)
	NOT-FOR-US: PNotes - Andrey Gruber PNotes.NET
CVE-2020-22720
	REJECTED
CVE-2020-22719 (Shimo Document v2.0.1 contains a cross-site scripting (XSS) vulnerabil ...)
	NOT-FOR-US: Shimo Document
CVE-2020-22718
	RESERVED
CVE-2020-22717
	RESERVED
CVE-2020-22716
	RESERVED
CVE-2020-22715
	RESERVED
CVE-2020-22714
	RESERVED
CVE-2020-22713
	RESERVED
CVE-2020-22712
	RESERVED
CVE-2020-22711
	RESERVED
CVE-2020-22710
	RESERVED
CVE-2020-22709
	RESERVED
CVE-2020-22708
	RESERVED
CVE-2020-22707
	RESERVED
CVE-2020-22706
	RESERVED
CVE-2020-22705
	RESERVED
CVE-2020-22704
	RESERVED
CVE-2020-22703
	RESERVED
CVE-2020-22702
	RESERVED
CVE-2020-22701
	RESERVED
CVE-2020-22700
	RESERVED
CVE-2020-22699
	RESERVED
CVE-2020-22698
	RESERVED
CVE-2020-22697
	RESERVED
CVE-2020-22696
	RESERVED
CVE-2020-22695
	RESERVED
CVE-2020-22694
	RESERVED
CVE-2020-22693
	RESERVED
CVE-2020-22692
	RESERVED
CVE-2020-22691
	RESERVED
CVE-2020-22690
	RESERVED
CVE-2020-22689
	RESERVED
CVE-2020-22688
	RESERVED
CVE-2020-22687
	RESERVED
CVE-2020-22686
	RESERVED
CVE-2020-22685
	RESERVED
CVE-2020-22684
	RESERVED
CVE-2020-22683
	RESERVED
CVE-2020-22682
	RESERVED
CVE-2020-22681
	RESERVED
CVE-2020-22680
	RESERVED
CVE-2020-22679 (Memory leak in the sgpd_parse_entry function in MP4Box in gpac 0.8.0 a ...)
	- gpac 1.0.1+dfsg1-2 (unimportant)
	NOTE: https://github.com/gpac/gpac/issues/1345
	NOTE: https://github.com/gpac/gpac/commit/6c1e7ddfae2ad4daeda7f7e544da34cb765d36c9
	NOTE: Negligible security impact
CVE-2020-22678 (An issue was discovered in gpac 0.8.0. The gf_media_nalu_remove_emulat ...)
	- gpac 1.0.1+dfsg1-2
	[buster] - gpac <ignored> (Minor issue)
	NOTE: https://github.com/gpac/gpac/issues/1339
	NOTE: https://github.com/gpac/gpac/commit/7644478ecfa25fd9505ee11ef12deb475cd97025
CVE-2020-22677 (An issue was discovered in gpac 0.8.0. The dump_data_hex function in b ...)
	- gpac 1.0.1+dfsg1-2
	[buster] - gpac <ignored> (Minor issue)
	NOTE: https://github.com/gpac/gpac/issues/1341
	NOTE: https://github.com/gpac/gpac/commit/a0e6aa849002863a63e6f9e9daecca47042954c4
CVE-2020-22676
	RESERVED
CVE-2020-22675 (An issue was discovered in gpac 0.8.0. The GetGhostNum function in stb ...)
	- gpac 1.0.1+dfsg1-2
	[buster] - gpac <ignored> (Minor issue)
	NOTE: https://github.com/gpac/gpac/issues/1344
	NOTE: https://github.com/gpac/gpac/commit/5aa8c4bbd970a3a77517b00528a596063efca1a9
CVE-2020-22674 (An issue was discovered in gpac 0.8.0. An invalid memory dereference e ...)
	- gpac 1.0.1+dfsg1-2
	[buster] - gpac <not-affected> (Vulnerable code introduced later, in version 0.7.0)
	[stretch] - gpac <not-affected> (Vulnerable code introduced later, in version 0.7.0)
	NOTE: https://github.com/gpac/gpac/issues/1346
	NOTE: https://github.com/gpac/gpac/commit/6040a5981a9f51410bd18af8820afbd2748c2d76
CVE-2020-22673 (Memory leak in the senc_Parse function in MP4Box in gpac 0.8.0 allows  ...)
	- gpac 1.0.1+dfsg1-2 (unimportant)
	NOTE: https://github.com/gpac/gpac/issues/1342
	NOTE: https://github.com/gpac/gpac/commit/a0e6aa849002863a63e6f9e9daecca47042954c4
	NOTE: Negligible security impact
CVE-2020-22672
	RESERVED
CVE-2020-22671
	RESERVED
CVE-2020-22670
	RESERVED
CVE-2020-22669
	RESERVED
CVE-2020-22668
	RESERVED
CVE-2020-22667
	RESERVED
CVE-2020-22666
	RESERVED
CVE-2020-22665
	RESERVED
CVE-2020-22664
	RESERVED
CVE-2020-22663
	RESERVED
CVE-2020-22662
	RESERVED
CVE-2020-22661
	RESERVED
CVE-2020-22660
	RESERVED
CVE-2020-22659
	RESERVED
CVE-2020-22658
	RESERVED
CVE-2020-22657
	RESERVED
CVE-2020-22656
	RESERVED
CVE-2020-22655
	RESERVED
CVE-2020-22654
	RESERVED
CVE-2020-22653
	RESERVED
CVE-2020-22652
	RESERVED
CVE-2020-22651
	RESERVED
CVE-2020-22650 (A memory leak vulnerability in sim-organizer.c of AlienVault Ossim v5  ...)
	NOT-FOR-US: AlienVault Ossim
CVE-2020-22649
	RESERVED
CVE-2020-22648
	RESERVED
CVE-2020-22647
	RESERVED
CVE-2020-22646
	RESERVED
CVE-2020-22645
	RESERVED
CVE-2020-22644
	RESERVED
CVE-2020-22643 (Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability, ...)
	NOT-FOR-US: Feehi CMS
CVE-2020-22642
	RESERVED
CVE-2020-22641
	RESERVED
CVE-2020-22640
	RESERVED
CVE-2020-22639
	RESERVED
CVE-2020-22638
	RESERVED
CVE-2020-22637
	RESERVED
CVE-2020-22636
	RESERVED
CVE-2020-22635
	RESERVED
CVE-2020-22634
	RESERVED
CVE-2020-22633
	RESERVED
CVE-2020-22632
	RESERVED
CVE-2020-22631
	RESERVED
CVE-2020-22630
	RESERVED
CVE-2020-22629
	RESERVED
CVE-2020-22628
	RESERVED
CVE-2020-22627
	RESERVED
CVE-2020-22626
	RESERVED
CVE-2020-22625
	RESERVED
CVE-2020-22624
	RESERVED
CVE-2020-22623
	RESERVED
CVE-2020-22622
	RESERVED
CVE-2020-22621
	RESERVED
CVE-2020-22620
	RESERVED
CVE-2020-22619
	RESERVED
CVE-2020-22618
	RESERVED
CVE-2020-22617 (Ardour v5.12 contains a use-after-free vulnerability in the component  ...)
	- ardour 1:6.0.0~ds0-1
	[buster] - ardour <no-dsa> (Minor issue)
	[stretch] - ardour <no-dsa> (Minor issue)
	NOTE: https://tracker.ardour.org/view.php?id=7926
	NOTE: https://github.com/Ardour/ardour/commit/96daa4036a425ff3f23a7dfcba57bfb0f942bec6 (6.0-pre1)
CVE-2020-22616
	RESERVED
CVE-2020-22615
	RESERVED
CVE-2020-22614
	RESERVED
CVE-2020-22613
	RESERVED
CVE-2020-22612
	RESERVED
CVE-2020-22611
	RESERVED
CVE-2020-22610
	RESERVED
CVE-2020-22609 (Cross Site Scripting (XSS) vulnerability in Enhancesoft osTicket befor ...)
	NOT-FOR-US: osTicket
CVE-2020-22608 (Cross Site Scripting vulnerability in Enhancesoft osTicket before v1.1 ...)
	NOT-FOR-US: osTicket
CVE-2020-22607 (Cross Site Scripting vulnerabilty in LimeSurvey 4.1.11+200316 via the  ...)
	- limesurvey <itp> (bug #472802)
CVE-2020-22606
	RESERVED
CVE-2020-22605
	RESERVED
CVE-2020-22604
	RESERVED
CVE-2020-22603
	RESERVED
CVE-2020-22602
	RESERVED
CVE-2020-22601
	RESERVED
CVE-2020-22600
	RESERVED
CVE-2020-22599
	RESERVED
CVE-2020-22598
	RESERVED
CVE-2020-22597
	RESERVED
CVE-2020-22596
	RESERVED
CVE-2020-22595
	RESERVED
CVE-2020-22594
	RESERVED
CVE-2020-22593
	RESERVED
CVE-2020-22591
	RESERVED
CVE-2020-22590
	RESERVED
CVE-2020-22589
	RESERVED
CVE-2020-22588
	RESERVED
CVE-2020-22587
	RESERVED
CVE-2020-22586
	RESERVED
CVE-2020-22585
	RESERVED
CVE-2020-22584
	RESERVED
CVE-2020-22583
	RESERVED
CVE-2020-22582
	RESERVED
CVE-2020-22581
	RESERVED
CVE-2020-22580
	RESERVED
CVE-2020-22579
	RESERVED
CVE-2020-22578
	RESERVED
CVE-2020-22577
	RESERVED
CVE-2020-22576
	RESERVED
CVE-2020-22575
	RESERVED
CVE-2020-22574
	RESERVED
CVE-2020-22573
	RESERVED
CVE-2020-22572
	RESERVED
CVE-2020-22571
	RESERVED
CVE-2020-22570
	RESERVED
CVE-2020-22569
	RESERVED
CVE-2020-22568
	RESERVED
CVE-2020-22567
	RESERVED
CVE-2020-22566
	RESERVED
CVE-2020-22565
	RESERVED
CVE-2020-22564
	RESERVED
CVE-2020-22563
	RESERVED
CVE-2020-22562
	RESERVED
CVE-2020-22561
	RESERVED
CVE-2020-22560
	RESERVED
CVE-2020-22559
	RESERVED
CVE-2020-22558
	RESERVED
CVE-2020-22557
	RESERVED
CVE-2020-22556
	RESERVED
CVE-2020-22555
	RESERVED
CVE-2020-22554
	RESERVED
CVE-2020-22553
	RESERVED
CVE-2020-22552 (The Snap7 server component in version 1.4.1, when an attacker sends a  ...)
	NOT-FOR-US: Snap7
CVE-2020-22551
	RESERVED
CVE-2020-22550 (Veno File Manager 3.5.6 is affected by a directory traversal vulnerabi ...)
	NOT-FOR-US: Veno File Manager
CVE-2020-22549
	RESERVED
CVE-2020-22548
	RESERVED
CVE-2020-22547
	RESERVED
CVE-2020-22546
	RESERVED
CVE-2020-22545
	RESERVED
CVE-2020-22544
	RESERVED
CVE-2020-22543
	RESERVED
CVE-2020-22542
	RESERVED
CVE-2020-22541
	RESERVED
CVE-2020-22540
	RESERVED
CVE-2020-22539
	RESERVED
CVE-2020-22538
	RESERVED
CVE-2020-22537
	RESERVED
CVE-2020-22536
	RESERVED
CVE-2020-22535 (Incorrect Access Control vulnerability in PbootCMS 2.0.6 via the list  ...)
	NOT-FOR-US: PbootCMS
CVE-2020-22534
	RESERVED
CVE-2020-22533
	RESERVED
CVE-2020-22532
	RESERVED
CVE-2020-22531
	RESERVED
CVE-2020-22530
	RESERVED
CVE-2020-22529
	RESERVED
CVE-2020-22528
	RESERVED
CVE-2020-22527
	RESERVED
CVE-2020-22526
	RESERVED
CVE-2020-22525
	RESERVED
CVE-2020-22524
	RESERVED
CVE-2020-22523
	RESERVED
CVE-2020-22522
	RESERVED
CVE-2020-22521
	RESERVED
CVE-2020-22520
	RESERVED
CVE-2020-22519
	RESERVED
CVE-2020-22518
	RESERVED
CVE-2020-22517
	RESERVED
CVE-2020-22516
	RESERVED
CVE-2020-22515
	RESERVED
CVE-2020-22514
	RESERVED
CVE-2020-22513
	RESERVED
CVE-2020-22512
	RESERVED
CVE-2020-22511
	RESERVED
CVE-2020-22510
	RESERVED
CVE-2020-22509
	RESERVED
CVE-2020-22508
	RESERVED
CVE-2020-22507
	RESERVED
CVE-2020-22506
	RESERVED
CVE-2020-22505
	RESERVED
CVE-2020-22504
	RESERVED
CVE-2020-22503
	RESERVED
CVE-2020-22502
	RESERVED
CVE-2020-22501
	RESERVED
CVE-2020-22500
	RESERVED
CVE-2020-22499
	RESERVED
CVE-2020-22498
	RESERVED
CVE-2020-22497
	RESERVED
CVE-2020-22496
	RESERVED
CVE-2020-22495
	RESERVED
CVE-2020-22494
	RESERVED
CVE-2020-22493
	RESERVED
CVE-2020-22492
	RESERVED
CVE-2020-22491
	RESERVED
CVE-2020-22490
	RESERVED
CVE-2020-22489
	RESERVED
CVE-2020-22488
	RESERVED
CVE-2020-22487
	RESERVED
CVE-2020-22486
	RESERVED
CVE-2020-22485
	RESERVED
CVE-2020-22484
	RESERVED
CVE-2020-22483
	RESERVED
CVE-2020-22482
	RESERVED
CVE-2020-22481 (An issue was discovered in HFish 0.5.1. When a payload is inserted whe ...)
	NOT-FOR-US: HFish
CVE-2020-22480
	RESERVED
CVE-2020-22479
	RESERVED
CVE-2020-22478
	RESERVED
CVE-2020-22477
	RESERVED
CVE-2020-22476
	RESERVED
CVE-2020-22475 ("Tasks" application version before 9.7.3 is affected by insecure permi ...)
	NOT-FOR-US: Tasks app
CVE-2020-22474 (In webERP 4.15, the ManualContents.php file allows users to specify th ...)
	NOT-FOR-US: webERP
CVE-2020-22473
	RESERVED
CVE-2020-22472
	RESERVED
CVE-2020-22471
	RESERVED
CVE-2020-22470
	RESERVED
CVE-2020-22469
	RESERVED
CVE-2020-22468
	RESERVED
CVE-2020-22467
	RESERVED
CVE-2020-22466
	RESERVED
CVE-2020-22465
	RESERVED
CVE-2020-22464
	RESERVED
CVE-2020-22463
	RESERVED
CVE-2020-22462
	RESERVED
CVE-2020-22461
	RESERVED
CVE-2020-22460
	RESERVED
CVE-2020-22459
	RESERVED
CVE-2020-22458
	RESERVED
CVE-2020-22457
	RESERVED
CVE-2020-22456
	RESERVED
CVE-2020-22455
	RESERVED
CVE-2020-22454
	RESERVED
CVE-2020-22453 (Untis WebUntis before 2020.9.6 allows XSS in multiple functions that s ...)
	NOT-FOR-US: Untis WebUntis
CVE-2020-22452
	RESERVED
CVE-2020-22451
	RESERVED
CVE-2020-22450
	RESERVED
CVE-2020-22449
	RESERVED
CVE-2020-22448
	RESERVED
CVE-2020-22447
	RESERVED
CVE-2020-22446
	RESERVED
CVE-2020-22445
	RESERVED
CVE-2020-22444
	RESERVED
CVE-2020-22443
	RESERVED
CVE-2020-22442
	RESERVED
CVE-2020-22441
	RESERVED
CVE-2020-22440
	RESERVED
CVE-2020-22439
	RESERVED
CVE-2020-22438
	RESERVED
CVE-2020-22437
	RESERVED
CVE-2020-22436
	RESERVED
CVE-2020-22435
	RESERVED
CVE-2020-22434
	RESERVED
CVE-2020-22433
	RESERVED
CVE-2020-22432
	RESERVED
CVE-2020-22431
	RESERVED
CVE-2020-22430
	RESERVED
CVE-2020-22429
	RESERVED
CVE-2020-22428 (SolarWinds Serv-U before 15.1.6 Hotfix 3 is affected by Cross Site Scr ...)
	NOT-FOR-US: SolarWinds
CVE-2020-22427 (** DISPUTED ** NagiosXI 5.6.11 is affected by a remote code execution  ...)
	NOT-FOR-US: Nagios XI
CVE-2020-22426
	RESERVED
CVE-2020-22425 (Centreon 19.10-3.el7 is affected by a SQL injection vulnerability, whe ...)
	- centreon-web <itp> (bug #913903)
CVE-2020-22424
	RESERVED
CVE-2020-22423
	RESERVED
CVE-2020-22422
	RESERVED
CVE-2020-22421 (74CMS v6.0.4 was discovered to contain a cross-site scripting (XSS) vu ...)
	NOT-FOR-US: 74CMS
CVE-2020-22420
	RESERVED
CVE-2020-22419
	RESERVED
CVE-2020-22418
	RESERVED
CVE-2020-22417
	RESERVED
CVE-2020-22416
	RESERVED
CVE-2020-22415
	RESERVED
CVE-2020-22414
	RESERVED
CVE-2020-22413
	RESERVED
CVE-2020-22412
	RESERVED
CVE-2020-22411
	RESERVED
CVE-2020-22410
	RESERVED
CVE-2020-22409
	RESERVED
CVE-2020-22408
	RESERVED
CVE-2020-22407
	RESERVED
CVE-2020-22406
	RESERVED
CVE-2020-22405
	RESERVED
CVE-2020-22404
	RESERVED
CVE-2020-22403 (The express-cart package through 1.1.10 for Node.js allows CSRF. ...)
	NOT-FOR-US: Node express-cart
CVE-2020-22402
	RESERVED
CVE-2020-22401
	RESERVED
CVE-2020-22400
	RESERVED
CVE-2020-22399
	RESERVED
CVE-2020-22398
	RESERVED
CVE-2020-22397
	RESERVED
CVE-2020-22396
	RESERVED
CVE-2020-22395
	RESERVED
CVE-2020-22394 (In YzmCMS v5.5 the member contribution function in the editor contains ...)
	NOT-FOR-US: YzmCMS
CVE-2020-22393
	RESERVED
CVE-2020-22392 (Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.2 w ...)
	NOT-FOR-US: Subrion CMS
CVE-2020-22391
	RESERVED
CVE-2020-22390 (Akaunting &lt;= 2.0.9 is vulnerable to CSV injection in the Item name  ...)
	NOT-FOR-US: Akaunting
CVE-2020-22389
	RESERVED
CVE-2020-22388
	RESERVED
CVE-2020-22387
	RESERVED
CVE-2020-22386
	RESERVED
CVE-2020-22385
	RESERVED
CVE-2020-22384
	RESERVED
CVE-2020-22383
	RESERVED
CVE-2020-22382
	RESERVED
CVE-2020-22381
	RESERVED
CVE-2020-22380
	RESERVED
CVE-2020-22379
	RESERVED
CVE-2020-22378
	RESERVED
CVE-2020-22377
	RESERVED
CVE-2020-22376
	RESERVED
CVE-2020-22375
	RESERVED
CVE-2020-22374
	RESERVED
CVE-2020-22373
	RESERVED
CVE-2020-22372
	RESERVED
CVE-2020-22371
	RESERVED
CVE-2020-22370
	RESERVED
CVE-2020-22369
	RESERVED
CVE-2020-22368
	RESERVED
CVE-2020-22367
	RESERVED
CVE-2020-22366
	RESERVED
CVE-2020-22365
	RESERVED
CVE-2020-22364
	RESERVED
CVE-2020-22363
	RESERVED
CVE-2020-22362
	RESERVED
CVE-2020-22361
	RESERVED
CVE-2020-22360
	RESERVED
CVE-2020-22359
	RESERVED
CVE-2020-22358
	RESERVED
CVE-2020-22357
	RESERVED
CVE-2020-22356
	RESERVED
CVE-2020-22355
	RESERVED
CVE-2020-22354
	RESERVED
CVE-2020-22353
	RESERVED
CVE-2020-22352 (The gf_dash_segmenter_probe_input function in GPAC v0.8 allows attacke ...)
	- gpac 1.0.1+dfsg1-2
	[buster] - gpac <not-affected> (Vulnerable code added later)
	[stretch] - gpac <not-affected> (Vulnerable code added later)
	NOTE: https://github.com/gpac/gpac/issues/1423
	NOTE: https://github.com/gpac/gpac/commit/e90526f3d2ec0dee4cddc5244eb115668f10341f
	NOTE: Vulnerable code was subsequently removed upstream.
CVE-2020-22351
	RESERVED
CVE-2020-22350
	RESERVED
CVE-2020-22349
	RESERVED
CVE-2020-22348
	RESERVED
CVE-2020-22347
	RESERVED
CVE-2020-22346
	RESERVED
CVE-2020-22345 (/graphStatus/displayServiceStatus.php in Centreon 19.10.8 allows remot ...)
	- centreon-web <itp> (bug #913903)
CVE-2020-22344
	RESERVED
CVE-2020-22343
	RESERVED
CVE-2020-22342
	RESERVED
CVE-2020-22341
	RESERVED
CVE-2020-22340
	RESERVED
CVE-2020-22339
	RESERVED
CVE-2020-22338
	RESERVED
CVE-2020-22337
	RESERVED
CVE-2020-22336
	RESERVED
CVE-2020-22335
	RESERVED
CVE-2020-22334
	RESERVED
CVE-2020-22333
	RESERVED
CVE-2020-22332
	RESERVED
CVE-2020-22331
	RESERVED
CVE-2020-22330 (Cross-Site Scripting (XSS) vulnerability in Subrion 4.2.1 via the titl ...)
	NOT-FOR-US: Subrion
CVE-2020-22329
	RESERVED
CVE-2020-22328
	RESERVED
CVE-2020-22327
	RESERVED
CVE-2020-22326
	RESERVED
CVE-2020-22325
	RESERVED
CVE-2020-22324
	RESERVED
CVE-2020-22323
	RESERVED
CVE-2020-22322
	RESERVED
CVE-2020-22321
	RESERVED
CVE-2020-22320
	RESERVED
CVE-2020-22319
	RESERVED
CVE-2020-22318
	RESERVED
CVE-2020-22317
	RESERVED
CVE-2020-22316
	RESERVED
CVE-2020-22315
	RESERVED
CVE-2020-22314
	RESERVED
CVE-2020-22313
	RESERVED
CVE-2020-22312 (A cross-site scripting (XSS) vulnerability was discovered in the OJ/ad ...)
	NOT-FOR-US: HZNUOJ
CVE-2020-22311
	RESERVED
CVE-2020-22310
	RESERVED
CVE-2020-22309
	RESERVED
CVE-2020-22308
	RESERVED
CVE-2020-22307
	RESERVED
CVE-2020-22306
	RESERVED
CVE-2020-22305
	RESERVED
CVE-2020-22304
	RESERVED
CVE-2020-22303
	RESERVED
CVE-2020-22302
	RESERVED
CVE-2020-22301
	RESERVED
CVE-2020-22300
	RESERVED
CVE-2020-22299
	RESERVED
CVE-2020-22298
	RESERVED
CVE-2020-22297
	RESERVED
CVE-2020-22296
	RESERVED
CVE-2020-22295
	RESERVED
CVE-2020-22294
	RESERVED
CVE-2020-22293
	RESERVED
CVE-2020-22292
	RESERVED
CVE-2020-22291
	RESERVED
CVE-2020-22290
	RESERVED
CVE-2020-22289
	RESERVED
CVE-2020-22288
	RESERVED
CVE-2020-22287
	RESERVED
CVE-2020-22286
	RESERVED
CVE-2020-22285
	RESERVED
CVE-2020-22284 (A buffer overflow vulnerability in the zepif_linkoutput() function of  ...)
	- lwip <unfixed> (bug #991646)
	[bullseye] - lwip <no-dsa> (Minor issue)
	[buster] - lwip <no-dsa> (Minor issue)
	NOTE: https://savannah.nongnu.org/bugs/index.php?58554
	NOTE: https://git.savannah.nongnu.org/cgit/lwip.git/commit/?id=8363c24e45a32728e385cfc2c3c36d88a8a9e70b
CVE-2020-22283 (A buffer overflow vulnerability in the icmp6_send_response_with_addrs_ ...)
	- lwip <unfixed> (bug #991645)
	[bullseye] - lwip <no-dsa> (Minor issue)
	[buster] - lwip <no-dsa> (Minor issue)
	NOTE: https://savannah.nongnu.org/bugs/index.php?58553
	NOTE: Pre-requisite: http://git.savannah.nongnu.org/cgit/lwip.git/commit/?id=d843e47a1d65451bd7f7aaa5017b408bd108be88
	NOTE: Fixed by: https://git.savannah.nongnu.org/cgit/lwip.git/commit/?id=489405839ae0fea8b99c4896f632eb688dc8a19a
	NOTE: Fixed by: https://git.savannah.nongnu.org/cgit/lwip.git/commit/?id=488d4ad2460c3b41bef69724cad89c28a905eda9
CVE-2020-22282
	RESERVED
CVE-2020-22281
	RESERVED
CVE-2020-22280
	RESERVED
CVE-2020-22279
	RESERVED
CVE-2020-22278 (** DISPUTED ** phpMyAdmin through 5.0.2 allows CSV injection via Expor ...)
	NOTE: Disputed phpMyAdmin issue
CVE-2020-22277 (Import and export users and customers WordPress Plugin through 1.15.5. ...)
	NOT-FOR-US: Import and export users and customers WordPress Plugin
CVE-2020-22276 (WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry ...)
	NOT-FOR-US: WeForms Wordpress Plugin
CVE-2020-22275 (Easy Registration Forms (ER Forms) Wordpress Plugin 2.0.6 allows an at ...)
	NOT-FOR-US: Easy Registration Forms (ER Forms) Wordpress Plugin
CVE-2020-22274 (JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection ...)
	NOT-FOR-US: JomSocial (Joomla Social Network Extention)
CVE-2020-22273 (Neoflex Video Subscription System Version 2.0 is affected by CSRF whic ...)
	NOT-FOR-US: Neoflex Video Subscription System Version
CVE-2020-22272
	RESERVED
CVE-2020-22271
	RESERVED
CVE-2020-22270
	RESERVED
CVE-2020-22269
	RESERVED
CVE-2020-22268
	RESERVED
CVE-2020-22267
	RESERVED
CVE-2020-22266
	RESERVED
CVE-2020-22265
	RESERVED
CVE-2020-22264
	RESERVED
CVE-2020-22263
	RESERVED
CVE-2020-22262
	RESERVED
CVE-2020-22261
	RESERVED
CVE-2020-22260
	RESERVED
CVE-2020-22259
	RESERVED
CVE-2020-22258
	RESERVED
CVE-2020-22257
	RESERVED
CVE-2020-22256
	RESERVED
CVE-2020-22255
	RESERVED
CVE-2020-22254
	RESERVED
CVE-2020-22253
	RESERVED
CVE-2020-22252
	RESERVED
CVE-2020-22251 (Cross Site Scripting (XSS) vulnerability in phpList 3.5.3 via the logi ...)
	- phplist <itp> (bug #612288)
CVE-2020-22250
	RESERVED
CVE-2020-22249 (Remote Code Execution vulnerability in phplist 3.5.1. The application  ...)
	- phplist <itp> (bug #612288)
CVE-2020-22248
	RESERVED
CVE-2020-22247
	RESERVED
CVE-2020-22246
	RESERVED
CVE-2020-22245
	RESERVED
CVE-2020-22244
	RESERVED
CVE-2020-22243
	RESERVED
CVE-2020-22242
	RESERVED
CVE-2020-22241
	RESERVED
CVE-2020-22240
	RESERVED
CVE-2020-22239
	RESERVED
CVE-2020-22238
	RESERVED
CVE-2020-22237
	RESERVED
CVE-2020-22236
	RESERVED
CVE-2020-22235
	RESERVED
CVE-2020-22234
	RESERVED
CVE-2020-22233
	RESERVED
CVE-2020-22232
	RESERVED
CVE-2020-22231
	RESERVED
CVE-2020-22230
	RESERVED
CVE-2020-22229
	RESERVED
CVE-2020-22228
	RESERVED
CVE-2020-22227
	RESERVED
CVE-2020-22226 (Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to conta ...)
	NOT-FOR-US: Stivasoft (Phpjabbers) Fundraising Script
CVE-2020-22225 (Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to conta ...)
	NOT-FOR-US: Stivasoft (Phpjabbers) Fundraising Script
CVE-2020-22224 (Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to conta ...)
	NOT-FOR-US: Stivasoft (Phpjabbers) Fundraising Script
CVE-2020-22223 (Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to conta ...)
	NOT-FOR-US: Stivasoft (Phpjabbers) Fundraising Script
CVE-2020-22222 (Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to conta ...)
	NOT-FOR-US: Stivasoft (Phpjabbers) Fundraising Script
CVE-2020-22221
	RESERVED
CVE-2020-22220
	RESERVED
CVE-2020-22219
	RESERVED
CVE-2020-22218
	RESERVED
CVE-2020-22217
	RESERVED
CVE-2020-22216
	RESERVED
CVE-2020-22215
	RESERVED
CVE-2020-22214
	RESERVED
CVE-2020-22213
	RESERVED
CVE-2020-22212 (SQL Injection in 74cms 3.2.0 via the id parameter to wap/wap-company-s ...)
	NOT-FOR-US: 74cms
CVE-2020-22211 (SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street ...)
	NOT-FOR-US: 74cms
CVE-2020-22210 (SQL Injection in 74cms 3.2.0 via the x parameter to ajax_officebuildin ...)
	NOT-FOR-US: 74cms
CVE-2020-22209 (SQL Injection in 74cms 3.2.0 via the query parameter to plus/ajax_comm ...)
	NOT-FOR-US: 74cms
CVE-2020-22208 (SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajax_street.p ...)
	NOT-FOR-US: 74cms
CVE-2020-22207
	RESERVED
CVE-2020-22206 (SQL Injection in ECShop 3.0 via the aid parameter to admin/affiliate_c ...)
	NOT-FOR-US: ECShop
CVE-2020-22205 (SQL Injection in ECShop 3.0 via the id parameter to admin/shophelp.php ...)
	NOT-FOR-US: ECShop
CVE-2020-22204 (SQL Injection in ECShop 2.7.6 via the goods_number parameter to flow.p ...)
	NOT-FOR-US: ECShop
CVE-2020-22203 (SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php ...)
	NOT-FOR-US: phpCMS
CVE-2020-22202
	RESERVED
CVE-2020-22201 (phpCMS 2008 sp4 allowas remote malicious users to execute arbitrary ph ...)
	NOT-FOR-US: phpCMS
CVE-2020-22200 (Directory Traversal vulnerability in phpCMS 9.1.13 via the q parameter ...)
	NOT-FOR-US: phpCMS
CVE-2020-22199 (SQL Injection vulnerability in phpCMS 2007 SP6 build 0805 via the digg ...)
	NOT-FOR-US: phpCMS
CVE-2020-22198 (SQL Injection vulnerability in DedeCMS 5.7 via mdescription parameter  ...)
	NOT-FOR-US: DedeCMS
CVE-2020-22197
	RESERVED
CVE-2020-22196
	RESERVED
CVE-2020-22195
	RESERVED
CVE-2020-22194
	RESERVED
CVE-2020-22193
	RESERVED
CVE-2020-22192
	RESERVED
CVE-2020-22191
	RESERVED
CVE-2020-22190
	RESERVED
CVE-2020-22189
	RESERVED
CVE-2020-22188
	RESERVED
CVE-2020-22187
	RESERVED
CVE-2020-22186
	RESERVED
CVE-2020-22185
	RESERVED
CVE-2020-22184
	RESERVED
CVE-2020-22183
	RESERVED
CVE-2020-22182
	RESERVED
CVE-2020-22181
	RESERVED
CVE-2020-22180
	RESERVED
CVE-2020-22179
	RESERVED
CVE-2020-22178
	RESERVED
CVE-2020-22177
	RESERVED
CVE-2020-22176 (PHPGurukul Hospital Management System in PHP v4.0 has a sensitive info ...)
	NOT-FOR-US: PHPGurukul Hospital Management System in PHP
CVE-2020-22175 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection  ...)
	NOT-FOR-US: PHPGurukul Hospital Management System in PHP
CVE-2020-22174 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection  ...)
	NOT-FOR-US: PHPGurukul Hospital Management System in PHP
CVE-2020-22173 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection  ...)
	NOT-FOR-US: PHPGurukul Hospital Management System in PHP
CVE-2020-22172 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection  ...)
	NOT-FOR-US: PHPGurukul Hospital Management System in PHP
CVE-2020-22171 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection  ...)
	NOT-FOR-US: PHPGurukul Hospital Management System in PHP
CVE-2020-22170 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection  ...)
	NOT-FOR-US: PHPGurukul Hospital Management System in PHP
CVE-2020-22169 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection  ...)
	NOT-FOR-US: PHPGurukul Hospital Management System in PHP
CVE-2020-22168 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection  ...)
	NOT-FOR-US: PHPGurukul Hospital Management System in PHP
CVE-2020-22167 (PHPGurukul Hospital Management System in PHP v4.0 has a Persistent Cro ...)
	NOT-FOR-US: PHPGurukul Hospital Management System in PHP
CVE-2020-22166 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection  ...)
	NOT-FOR-US: PHPGurukul Hospital Management System in PHP
CVE-2020-22165 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection  ...)
	NOT-FOR-US: PHPGurukul Hospital Management System in PHP
CVE-2020-22164 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection  ...)
	NOT-FOR-US: PHPGurukul Hospital Management System in PHP
CVE-2020-22163
	RESERVED
CVE-2020-22162
	RESERVED
CVE-2020-22161
	RESERVED
CVE-2020-22160
	RESERVED
CVE-2020-22159
	RESERVED
CVE-2020-22158 (MediaKind (formerly Ericsson) RX8200 5.13.3 devices are vulnerable to  ...)
	NOT-FOR-US: Ericsson RX8200 5.13.3 devices
CVE-2020-22157
	RESERVED
CVE-2020-22156
	RESERVED
CVE-2020-22155
	RESERVED
CVE-2020-22154
	RESERVED
CVE-2020-22153
	RESERVED
CVE-2020-22152
	RESERVED
CVE-2020-22151
	RESERVED
CVE-2020-22150 (A cross site scripting (XSS) vulnerability in /admin.php?page=permalin ...)
	- piwigo <removed>
CVE-2020-22149
	RESERVED
CVE-2020-22148 (A stored cross site scripting (XSS) vulnerability in /admin.php?page=t ...)
	- piwigo <removed>
CVE-2020-22147
	RESERVED
CVE-2020-22146
	RESERVED
CVE-2020-22145
	RESERVED
CVE-2020-22144
	RESERVED
CVE-2020-22143
	RESERVED
CVE-2020-22142
	RESERVED
CVE-2020-22141
	RESERVED
CVE-2020-22140
	RESERVED
CVE-2020-22139
	RESERVED
CVE-2020-22138
	RESERVED
CVE-2020-22137
	RESERVED
CVE-2020-22136
	RESERVED
CVE-2020-22135
	RESERVED
CVE-2020-22134
	RESERVED
CVE-2020-22133
	RESERVED
CVE-2020-22132
	RESERVED
CVE-2020-22131
	RESERVED
CVE-2020-22130
	RESERVED
CVE-2020-22129
	RESERVED
CVE-2020-22128
	RESERVED
CVE-2020-22127
	RESERVED
CVE-2020-22126
	RESERVED
CVE-2020-22125
	RESERVED
CVE-2020-22124 (A vulnerability in the \inc\config.php component of joyplus-cms v1.6 a ...)
	NOT-FOR-US: joyplus-cms
CVE-2020-22123
	RESERVED
CVE-2020-22122 (A SQL injection vulnerability in /oa.php?c=Staff&amp;a=read of Find a  ...)
	NOT-FOR-US: LJCMS
CVE-2020-22121
	RESERVED
CVE-2020-22120 (A remote code execution (RCE) vulnerability in /root/run/adm.php?admin ...)
	NOT-FOR-US: imcat
CVE-2020-22119
	RESERVED
CVE-2020-22118
	RESERVED
CVE-2020-22117
	RESERVED
CVE-2020-22116
	RESERVED
CVE-2020-22115
	RESERVED
CVE-2020-22114
	RESERVED
CVE-2020-22113
	RESERVED
CVE-2020-22112
	RESERVED
CVE-2020-22111
	RESERVED
CVE-2020-22110
	RESERVED
CVE-2020-22109
	RESERVED
CVE-2020-22108
	RESERVED
CVE-2020-22107
	RESERVED
CVE-2020-22106
	RESERVED
CVE-2020-22105
	RESERVED
CVE-2020-22104
	RESERVED
CVE-2020-22103
	RESERVED
CVE-2020-22102
	RESERVED
CVE-2020-22101
	RESERVED
CVE-2020-22100
	RESERVED
CVE-2020-22099
	RESERVED
CVE-2020-22098
	RESERVED
CVE-2020-22097
	RESERVED
CVE-2020-22096
	RESERVED
CVE-2020-22095
	RESERVED
CVE-2020-22094
	RESERVED
CVE-2020-22093
	RESERVED
CVE-2020-22092
	RESERVED
CVE-2020-22091
	RESERVED
CVE-2020-22090
	RESERVED
CVE-2020-22089
	RESERVED
CVE-2020-22088
	RESERVED
CVE-2020-22087
	RESERVED
CVE-2020-22086
	RESERVED
CVE-2020-22085
	RESERVED
CVE-2020-22084
	RESERVED
CVE-2020-22083 (** DISPUTED ** jsonpickle through 1.4.1 allows remote code execution d ...)
	- jsonpickle <unfixed> (unimportant)
	NOTE: CVE assigment seems bogus, jsonpickle clearly states "jsonpickle can execute arbitrary Python code.
	NOTE: Do not load jsonpickles from untrusted unauthenticated sources", so this works as expected
CVE-2020-22082
	RESERVED
CVE-2020-22081
	RESERVED
CVE-2020-22080
	RESERVED
CVE-2020-22079 (Stack-based buffer overflow in Tenda AC-10U AC1200 Router US_AC10UV1.0 ...)
	NOT-FOR-US: Tenda
CVE-2020-22078
	RESERVED
CVE-2020-22077
	RESERVED
CVE-2020-22076
	RESERVED
CVE-2020-22075
	RESERVED
CVE-2020-22074
	RESERVED
CVE-2020-22073
	RESERVED
CVE-2020-22072
	RESERVED
CVE-2020-22071
	RESERVED
CVE-2020-22070
	RESERVED
CVE-2020-22069
	RESERVED
CVE-2020-22068
	RESERVED
CVE-2020-22067
	RESERVED
CVE-2020-22066
	RESERVED
CVE-2020-22065
	RESERVED
CVE-2020-22064
	RESERVED
CVE-2020-22063
	RESERVED
CVE-2020-22062
	RESERVED
CVE-2020-22061 (SUPERAntispyware v8.0.0.1050 was discovered to contain an issue in the ...)
	NOT-FOR-US: SUPERAntispyware
CVE-2020-22060
	RESERVED
CVE-2020-22059
	RESERVED
CVE-2020-22058
	RESERVED
CVE-2020-22057 (The WinRin0x64.sys and WinRing0.sys low-level drivers in EVGA Precisio ...)
	NOT-FOR-US: EVGA Precision XOC
CVE-2020-22056 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
	- ffmpeg 7:4.3-2 (unimportant)
	[stretch] - ffmpeg <not-affected> (vulnerable code is not present)
	NOTE: https://trac.ffmpeg.org/ticket/8304
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=daf2bef98ded7f8431fd04bf3324669329a923c1
	NOTE: Negligible security impact
CVE-2020-22055
	RESERVED
CVE-2020-22054 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
	{DSA-4990-1 DLA-2818-1}
	- ffmpeg 7:4.3-2 (unimportant)
	NOTE: https://trac.ffmpeg.org/ticket/8315
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=6f2a3958cfac135c60b509a61a4fd39432d8f9a9
	NOTE: Negligible security impact
CVE-2020-22053
	RESERVED
CVE-2020-22052
	RESERVED
CVE-2020-22051 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
	- ffmpeg 7:4.3-2 (unimportant)
	[stretch] - ffmpeg <not-affected> (vulnerable code is not present)
	NOTE: https://trac.ffmpeg.org/ticket/8313
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=673fce6d40d9a594fb7a0ea17d296b7d3d9ea856
	NOTE: Negligible security impact
CVE-2020-22050
	RESERVED
CVE-2020-22049 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
	{DSA-4990-1 DLA-2818-1}
	- ffmpeg 7:4.3-2 (unimportant)
	NOTE: https://trac.ffmpeg.org/ticket/8314
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=373c1c9b691fd4c6831b3a114a006b639304c2af
	NOTE: Negligible security impact
CVE-2020-22048 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
	{DLA-2818-1}
	- ffmpeg 7:4.3-2 (unimportant)
	NOTE: https://trac.ffmpeg.org/ticket/8303
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=fddef964e8aa4a2c123e470db1436a082ff6bcf3
	NOTE: Negligible security impact
CVE-2020-22047
	RESERVED
CVE-2020-22046 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
	{DLA-2818-1}
	- ffmpeg 7:4.3-2 (unimportant)
	NOTE: https://trac.ffmpeg.org/ticket/8294
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=097c917c147661f5378dae8fe3f7e46f43236426
	NOTE: Negligible security impact
CVE-2020-22045
	RESERVED
CVE-2020-22044 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
	{DLA-2818-1}
	- ffmpeg 7:4.3-2 (unimportant)
	NOTE: https://trac.ffmpeg.org/ticket/8295
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=1d479300cbe0522c233b7d51148aea2b29bd29ad
	NOTE: Negligible security impact
CVE-2020-22043 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
	- ffmpeg 7:4.3-2 (unimportant)
	[stretch] - ffmpeg <ignored> (Patch is too destructive to implement it; Minor issue)
	NOTE: https://trac.ffmpeg.org/ticket/8284
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=b288a7eb3d963a175e177b6219c8271076ee8590
	NOTE: Negligible security impact
CVE-2020-22042 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
	{DSA-4998-1}
	- ffmpeg 7:4.4-5 (unimportant)
	[stretch] - ffmpeg <ignored> (Patch can not be applied cleanly; Minor issue)
	NOTE: https://trac.ffmpeg.org/ticket/8267
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=426c16d61a9b5056a157a1a2a057a4e4d13eef84
CVE-2020-22041 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
	{DLA-2818-1}
	- ffmpeg 7:4.3-2 (unimportant)
	NOTE: https://trac.ffmpeg.org/ticket/8296
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=3488e0977c671568731afa12b811adce9d4d807f
CVE-2020-22040 (A Denial of Service vulnerability exists in FFmpeg 4.2 idue to a memor ...)
	- ffmpeg 7:4.3-2 (unimportant)
	[stretch] - ffmpeg <ignored> (Patch can not be applied cleanly; Minor issue)
	NOTE: https://trac.ffmpeg.org/ticket/8283
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=1a0c584abc9709b1d11dbafef05d22e0937d7d19
CVE-2020-22039 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
	- ffmpeg 7:4.3-2 (unimportant)
	[stretch] - ffmpeg <ignored> (Patch can not be applied cleanly; Minor issue)
	NOTE: https://trac.ffmpeg.org/ticket/8302
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a581bb66ea5eb981e2e498ca301df7d1ef15a6a3
CVE-2020-22038 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
	- ffmpeg 7:4.4-5 (unimportant)
	[stretch] - ffmpeg <not-affected> (vulnerable code is not present)
	NOTE: https://trac.ffmpeg.org/ticket/8285
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=7c32e9cf93b712f8463573a59ed4e98fd10fa013
CVE-2020-22037 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
	{DSA-4998-1 DSA-4990-1 DLA-2818-1}
	- ffmpeg 7:4.4.1-1 (unimportant)
	NOTE: https://trac.ffmpeg.org/ticket/8281
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=7bba0dd6382e30d646cb406034a66199e071d713
CVE-2020-22036 (A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in fil ...)
	{DSA-4990-1 DLA-2742-1}
	- ffmpeg 7:4.3-2
	NOTE: https://trac.ffmpeg.org/ticket/8261
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=8c3166e1c302c3ba80d9742ae46161c0fa8e2606
	NOTE: CVE-2020-22036 and CVE-2020-20899 are duplicates, reported to MITRE
CVE-2020-22035 (A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in get ...)
	{DSA-4990-1}
	- ffmpeg 7:4.3-2
	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
	NOTE: https://trac.ffmpeg.org/ticket/8262
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0749082eb93ea02fa4b770da86597450cec84054
CVE-2020-22034 (A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavf ...)
	{DSA-4990-1}
	- ffmpeg 7:4.3-2
	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
	NOTE: https://trac.ffmpeg.org/ticket/8236
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=1331e001796c656a4a3c770a16121c15ec1db2ac
CVE-2020-22033 (A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at libavf ...)
	{DSA-4990-1}
	- ffmpeg 7:4.3.2-0+deb11u2 (bug #989439)
	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
	NOTE: https://trac.ffmpeg.org/ticket/8246
	NOTE: https://trac.ffmpeg.org/ticket/8241
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=82ad1b76751bcfad5005440db48c46a4de5d6f02
CVE-2020-22032 (A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavf ...)
	{DSA-4990-1 DLA-2742-1}
	- ffmpeg 7:4.3-2
	NOTE: https://trac.ffmpeg.org/ticket/8275
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=de598f82f8c3f8000e1948548e8088148e2b1f44
CVE-2020-22031 (A Heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at lib ...)
	{DSA-4990-1 DLA-2742-1}
	- ffmpeg 7:4.3-2
	NOTE: https://trac.ffmpeg.org/ticket/8243
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0e68e8c93f9068596484ec8ba725586860e06fc8
CVE-2020-22030 (A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at lib ...)
	{DSA-4990-1}
	- ffmpeg 7:4.3-2
	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
	NOTE: https://trac.ffmpeg.org/ticket/8276
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=e1b89c76f66343d1b495165664647317c66764bb
CVE-2020-22029 (A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at lib ...)
	{DSA-4990-1}
	- ffmpeg 7:4.3-2
	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a7fd1279703683ebb548ef7baa2f1519994496ae
	NOTE: https://trac.ffmpeg.org/ticket/8250
CVE-2020-22028 (Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_verticall ...)
	{DSA-4990-1 DLA-2742-1}
	- ffmpeg 7:4.3-2
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f069a9c2a65bc20c3462127623127df6dfd06c5b
	NOTE: https://trac.ffmpeg.org/ticket/8274
CVE-2020-22027 (A heap-based Buffer Overflow vulnerability exits in FFmpeg 4.2 in defl ...)
	{DSA-4990-1}
	- ffmpeg 7:4.3-2
	[stretch] - ffmpeg <ignored> (Required change too invasive, original patch need to be completely rewritten)
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=e787f8fd7ee99ba0c3e0f086ce2ce59eea7ed86c
	NOTE: https://trac.ffmpeg.org/ticket/8242
CVE-2020-22026 (Buffer Overflow vulnerability exists in FFmpeg 4.2 in the config_input ...)
	{DSA-4990-1 DLA-2742-1}
	- ffmpeg 7:4.3-2
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=58bb9d3a3a6ede1c6cfb82bf671a5f138e6b2144
	NOTE: https://trac.ffmpeg.org/ticket/8317
CVE-2020-22025 (A heap-based Buffer Overflow vulnerability exists in gaussian_blur at  ...)
	{DSA-4990-1 DLA-2742-1}
	- ffmpeg 7:4.3-2
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=ccf4ab8c9aca0aee66bcc2914031a9c97ac0eeb8
	NOTE: https://trac.ffmpeg.org/ticket/8260
CVE-2020-22024 (Buffer Overflow vulnerability in FFmpeg 4.2 at the lagfun_frame16 func ...)
	- ffmpeg 7:4.3-2
	[buster] - ffmpeg <not-affected> (Introduced in 4.2)
	[stretch] - ffmpeg <not-affected> (Introduced in 4.2)
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=723d69f99cd26db9687ed2d24d06afaff624daf3
	NOTE: https://trac.ffmpeg.org/ticket/8310
CVE-2020-22023 (A heap-based Buffer Overflow vulnerabililty exists in FFmpeg 4.2 in fi ...)
	{DSA-4990-1 DLA-2742-1}
	- ffmpeg 7:4.3-2
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0b567238741854b41f84f7457686b044eadfe29c
	NOTE: https://trac.ffmpeg.org/ticket/8244
CVE-2020-22022 (A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in fil ...)
	{DSA-4990-1 DLA-2742-1}
	- ffmpeg 7:4.3-2
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=07050d7bdc32d82e53ee5bb727f5882323d00dba
	NOTE: https://trac.ffmpeg.org/ticket/8264
CVE-2020-22021 (Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function i ...)
	{DSA-4990-1 DLA-2742-1}
	- ffmpeg 7:4.3.2-0+deb11u2 (bug #989439)
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=7971f62120a55c141ec437aa3f0bacc1c1a3526b
	NOTE: https://trac.ffmpeg.org/ticket/8240
CVE-2020-22020 (Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_map func ...)
	{DSA-4990-1 DLA-2742-1}
	- ffmpeg 7:4.3-2
	NOTE: https://trac.ffmpeg.org/ticket/8239
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=ce5274c1385d55892a692998923802023526b765
CVE-2020-22019 (Buffer Overflow vulnerability in FFmpeg 4.2 at convolution_y_10bit in  ...)
	{DSA-4990-1}
	- ffmpeg 7:4.3.2-0+deb11u2 (bug #989439)
	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
	NOTE: https://trac.ffmpeg.org/ticket/8246
	NOTE: https://trac.ffmpeg.org/ticket/8241
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=82ad1b76751bcfad5005440db48c46a4de5d6f02
CVE-2020-22018
	RESERVED
CVE-2020-22017 (A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at ff_ ...)
	{DSA-4990-1}
	- ffmpeg 7:4.3-2
	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
	NOTE: https://trac.ffmpeg.org/ticket/8309
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d4d6b7b0355f3597cad3b8d12911790c73b5f96d
CVE-2020-22016 (A heap-based Buffer Overflow vulnerability in FFmpeg 4.2 at libavcodec ...)
	{DSA-4990-1 DLA-2742-1}
	- ffmpeg 7:4.2.2-1
	NOTE: https://trac.ffmpeg.org/ticket/8183
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=58aa0ed8f10753ee90f4a4a1f4f3da803cf7c145
CVE-2020-22015 (Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due ...)
	{DSA-4990-1 DLA-2742-1}
	- ffmpeg 7:4.3.2-0+deb11u2 (bug #989439)
	NOTE: https://trac.ffmpeg.org/ticket/8190
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=4c1afa292520329eecd1cc7631bc59a8cca95c46
CVE-2020-22014
	RESERVED
CVE-2020-22013
	RESERVED
CVE-2020-22012
	RESERVED
CVE-2020-22011
	RESERVED
CVE-2020-22010
	RESERVED
CVE-2020-22009
	RESERVED
CVE-2020-22008
	RESERVED
CVE-2020-22007
	RESERVED
CVE-2020-22006
	RESERVED
CVE-2020-22005
	RESERVED
CVE-2020-22004
	RESERVED
CVE-2020-22003
	RESERVED
CVE-2020-22002 (An Unauthenticated Server-Side Request Forgery (SSRF) vulnerability ex ...)
	NOT-FOR-US: Inim Electronics Smartliving SmartLAN/G/SI
CVE-2020-22001 (HomeAutomation 3.3.2 suffers from an authentication bypass vulnerabili ...)
	NOT-FOR-US: HomeAutomation
CVE-2020-22000 (HomeAutomation 3.3.2 suffers from an authenticated OS command executio ...)
	NOT-FOR-US: HomeAutomation
CVE-2020-21999 (iWT Ltd FaceSentry Access Control System 6.4.8 suffers from an authent ...)
	NOT-FOR-US: iWT Ltd FaceSentry Access Control System
CVE-2020-21998 (In HomeAutomation 3.3.2 input passed via the 'redirect' GET parameter  ...)
	NOT-FOR-US: HomeAutomation
CVE-2020-21997 (Smartwares HOME easy &lt;=1.0.9 is vulnerable to an unauthenticated da ...)
	NOT-FOR-US: Smartwares HOME easy
CVE-2020-21996 (AVE DOMINAplus &lt;=1.10.x suffers from an unauthenticated reboot comm ...)
	NOT-FOR-US: AVE DOMINAplus
CVE-2020-21995 (Inim Electronics Smartliving SmartLAN/G/SI &lt;=6.x uses default hardc ...)
	NOT-FOR-US: Inim Electronics Smartliving SmartLAN/G/SI
CVE-2020-21994 (AVE DOMINAplus &lt;=1.10.x suffers from clear-text credentials disclos ...)
	NOT-FOR-US: AVE DOMINAplus
CVE-2020-21993 (In WEMS Limited Enterprise Manager 2.58, input passed to the GET param ...)
	NOT-FOR-US: WEMS Limited Enterprise Manager
CVE-2020-21992 (Inim Electronics SmartLiving SmartLAN/G/SI &lt;=6.x suffers from an au ...)
	NOT-FOR-US: Inim Electronics SmartLiving SmartLAN/G/SI
CVE-2020-21991 (AVE DOMINAplus &lt;=1.10.x suffers from an authentication bypass vulne ...)
	NOT-FOR-US: AVE DOMINAplus
CVE-2020-21990 (Emmanuel MyDomoAtHome (MDAH) REST API REST API Domoticz ISS Gateway 0. ...)
	NOT-FOR-US: Emmanuel MyDomoAtHome (MDAH) REST API REST API Domoticz ISS Gateway
CVE-2020-21989 (HomeAutomation 3.3.2 is affected by Cross Site Request Forgery (CSRF). ...)
	NOT-FOR-US: HomeAutomation
CVE-2020-21988
	RESERVED
CVE-2020-21987 (HomeAutomation 3.3.2 is affected by persistent Cross Site Scripting (X ...)
	NOT-FOR-US: HomeAutomation
CVE-2020-21986
	RESERVED
CVE-2020-21985
	RESERVED
CVE-2020-21984
	RESERVED
CVE-2020-21983
	RESERVED
CVE-2020-21982
	RESERVED
CVE-2020-21981
	RESERVED
CVE-2020-21980
	RESERVED
CVE-2020-21979
	RESERVED
CVE-2020-21978
	RESERVED
CVE-2020-21977
	RESERVED
CVE-2020-21976 (An arbitrary file upload in the &lt;input type="file" name="user_image ...)
	NOT-FOR-US: NewsOne CMS
CVE-2020-21975
	RESERVED
CVE-2020-21974
	RESERVED
CVE-2020-21973
	RESERVED
CVE-2020-21972
	RESERVED
CVE-2020-21971
	RESERVED
CVE-2020-21970
	RESERVED
CVE-2020-21969
	RESERVED
CVE-2020-21968
	RESERVED
CVE-2020-21967
	RESERVED
CVE-2020-21966
	RESERVED
CVE-2020-21965
	RESERVED
CVE-2020-21964
	RESERVED
CVE-2020-21963
	RESERVED
CVE-2020-21962
	RESERVED
CVE-2020-21961
	RESERVED
CVE-2020-21960
	RESERVED
CVE-2020-21959
	RESERVED
CVE-2020-21958
	RESERVED
CVE-2020-21957
	RESERVED
CVE-2020-21956
	RESERVED
CVE-2020-21955
	RESERVED
CVE-2020-21954
	RESERVED
CVE-2020-21953
	RESERVED
CVE-2020-21952
	RESERVED
CVE-2020-21951
	RESERVED
CVE-2020-21950
	RESERVED
CVE-2020-21949
	RESERVED
CVE-2020-21948
	RESERVED
CVE-2020-21947
	RESERVED
CVE-2020-21946
	RESERVED
CVE-2020-21945
	RESERVED
CVE-2020-21944
	RESERVED
CVE-2020-21943
	RESERVED
CVE-2020-21942
	RESERVED
CVE-2020-21941
	RESERVED
CVE-2020-21940
	RESERVED
CVE-2020-21939
	RESERVED
CVE-2020-21938
	RESERVED
CVE-2020-21937 (An command injection vulnerability in HNAP1/SetWLanApcliSettings of Mo ...)
	NOT-FOR-US: Motorola
CVE-2020-21936 (An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Bui ...)
	NOT-FOR-US: Motorola
CVE-2020-21935 (A command injection vulnerability in HNAP1/GetNetworkTomographySetting ...)
	NOT-FOR-US: Motorola
CVE-2020-21934 (An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 ...)
	NOT-FOR-US: Motorola
CVE-2020-21933 (An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 ...)
	NOT-FOR-US: Motorola
CVE-2020-21932 (A vulnerability in /Login.html of Motorola CX2 router CX 1.0.2 Build 2 ...)
	NOT-FOR-US: Motorola
CVE-2020-21931
	RESERVED
CVE-2020-21930 (A stored cross site scripting (XSS) vulnerability in the web_attr_2 fi ...)
	NOT-FOR-US: Eyoucms
CVE-2020-21929 (A stored cross site scripting (XSS) vulnerability in the web_copyright ...)
	NOT-FOR-US: Eyoucms
CVE-2020-21928
	RESERVED
CVE-2020-21927
	RESERVED
CVE-2020-21926
	RESERVED
CVE-2020-21925
	RESERVED
CVE-2020-21924
	RESERVED
CVE-2020-21923
	RESERVED
CVE-2020-21922
	RESERVED
CVE-2020-21921
	RESERVED
CVE-2020-21920
	RESERVED
CVE-2020-21919
	RESERVED
CVE-2020-21918
	RESERVED
CVE-2020-21917
	RESERVED
CVE-2020-21916
	RESERVED
CVE-2020-21915
	RESERVED
CVE-2020-21914
	RESERVED
CVE-2020-21913 (International Components for Unicode (ICU-20850) v66.1 was discovered  ...)
	{DSA-5014-1 DLA-2784-1}
	- icu 67.1-2
	NOTE: https://github.com/unicode-org/icu/pull/886
	NOTE: https://unicode-org.atlassian.net/browse/ICU-20850
	NOTE: https://github.com/unicode-org/icu/commit/727505bddab0bfd527f1db6697cb4d4f7febe4a9
CVE-2020-21912
	RESERVED
CVE-2020-21911
	RESERVED
CVE-2020-21910
	RESERVED
CVE-2020-21909
	RESERVED
CVE-2020-21908
	RESERVED
CVE-2020-21907
	RESERVED
CVE-2020-21906
	RESERVED
CVE-2020-21905
	RESERVED
CVE-2020-21904
	RESERVED
CVE-2020-21903
	RESERVED
CVE-2020-21902
	RESERVED
CVE-2020-21901
	RESERVED
CVE-2020-21900
	RESERVED
CVE-2020-21899
	RESERVED
CVE-2020-21898
	RESERVED
CVE-2020-21897
	RESERVED
CVE-2020-21896
	RESERVED
CVE-2020-21895
	RESERVED
CVE-2020-21894
	RESERVED
CVE-2020-21893
	RESERVED
CVE-2020-21892
	RESERVED
CVE-2020-21891
	RESERVED
CVE-2020-21890
	RESERVED
CVE-2020-21889
	RESERVED
CVE-2020-21888
	RESERVED
CVE-2020-21887
	RESERVED
CVE-2020-21886
	RESERVED
CVE-2020-21885
	RESERVED
CVE-2020-21884 (Unibox SMB 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Seri ...)
	NOT-FOR-US: UniBox
CVE-2020-21883 (Unibox U-50 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Ser ...)
	NOT-FOR-US: UniBox
CVE-2020-21882
	RESERVED
CVE-2020-21881
	RESERVED
CVE-2020-21880
	RESERVED
CVE-2020-21879
	RESERVED
CVE-2020-21878
	RESERVED
CVE-2020-21877
	RESERVED
CVE-2020-21876
	RESERVED
CVE-2020-21875
	RESERVED
CVE-2020-21874
	RESERVED
CVE-2020-21873
	RESERVED
CVE-2020-21872
	RESERVED
CVE-2020-21871
	RESERVED
CVE-2020-21870
	RESERVED
CVE-2020-21869
	RESERVED
CVE-2020-21868
	RESERVED
CVE-2020-21867
	RESERVED
CVE-2020-21866
	RESERVED
CVE-2020-21865 (ThinkPHP50-CMS v1.0 contains a remote code execution (RCE) vulnerabili ...)
	NOT-FOR-US: ThinkPHP50-CMS
CVE-2020-21864
	RESERVED
CVE-2020-21863
	RESERVED
CVE-2020-21862
	RESERVED
CVE-2020-21861
	RESERVED
CVE-2020-21860
	RESERVED
CVE-2020-21859
	RESERVED
CVE-2020-21858
	RESERVED
CVE-2020-21857
	RESERVED
CVE-2020-21856
	RESERVED
CVE-2020-21855
	RESERVED
CVE-2020-21854 (Cross Site Scripting vulnerabiity exists in WDScanner 1.1 in the syste ...)
	NOT-FOR-US: WDScanner
CVE-2020-21853
	RESERVED
CVE-2020-21852
	RESERVED
CVE-2020-21851
	RESERVED
CVE-2020-21850
	RESERVED
CVE-2020-21849
	RESERVED
CVE-2020-21848
	RESERVED
CVE-2020-21847
	RESERVED
CVE-2020-21846
	RESERVED
CVE-2020-21845 (Codoforum 4.8.3 allows HTML Injection in the 'admin dashboard Manage u ...)
	NOT-FOR-US: Codoforum
CVE-2020-21844 (GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21843 (A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10  ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21842 (A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21841 (A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10  ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21840 (A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10  ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21839 (An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead  ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21838 (A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10  ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21837
	RESERVED
CVE-2020-21836 (A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21835 (A null pointer deference issue exists in GNU LibreDWG 0.10 via read_20 ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21834 (A null pointer deference issue exists in GNU LibreDWG 0.10 via get_bmp ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21833 (A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10  ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21832 (A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21831 (A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21830 (A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.1 ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21829
	RESERVED
CVE-2020-21828
	RESERVED
CVE-2020-21827 (A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21826
	RESERVED
CVE-2020-21825
	RESERVED
CVE-2020-21824
	RESERVED
CVE-2020-21823
	RESERVED
CVE-2020-21822
	RESERVED
CVE-2020-21821
	RESERVED
CVE-2020-21820
	RESERVED
CVE-2020-21819 (A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21818 (A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21817 (A null pointer dereference issue exists in GNU LibreDWG 0.10.2641 via  ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21816 (A heab based buffer overflow issue exists in GNU LibreDWG 0.10.2641 vi ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21815 (A null pointer deference issue exists in GNU LibreDWG 0.10.2641 via ou ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21814 (A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 vi ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21813 (A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 vi ...)
	- libredwg <itp> (bug #595191)
CVE-2020-21812
	RESERVED
CVE-2020-21811
	RESERVED
CVE-2020-21810
	RESERVED
CVE-2020-21809 (SQL Injection vulnerability in NukeViet CMS module Shops 4.0.29 and 4. ...)
	NOT-FOR-US: NukeViet CMS module Shops
CVE-2020-21808 (SQL Injection vulnerability in NukeViet CMS 4.0.10 - 4.3.07 via:the to ...)
	NOT-FOR-US: NukeViet CMS
CVE-2020-21807
	RESERVED
CVE-2020-21806 (SQL Injection Vulnerability in ECTouch v2 via the shop page in index.p ...)
	NOT-FOR-US: ECTouch
CVE-2020-21805
	RESERVED
CVE-2020-21804
	RESERVED
CVE-2020-21803
	RESERVED
CVE-2020-21802
	RESERVED
CVE-2020-21801
	RESERVED
CVE-2020-21800
	RESERVED
CVE-2020-21799
	RESERVED
CVE-2020-21798
	RESERVED
CVE-2020-21797
	RESERVED
CVE-2020-21796
	RESERVED
CVE-2020-21795
	RESERVED
CVE-2020-21794
	RESERVED
CVE-2020-21793
	RESERVED
CVE-2020-21792
	RESERVED
CVE-2020-21791
	RESERVED
CVE-2020-21790
	RESERVED
CVE-2020-21789
	RESERVED
CVE-2020-21788 (In CRMEB 3.1.0+ strict domain name filtering leads to SSRF(Server-Side ...)
	NOT-FOR-US: CRMEB
CVE-2020-21787 (CRMEB 3.1.0+ is vulnerable to File Upload Getshell via /crmeb/crmeb/se ...)
	NOT-FOR-US: CRMEB
CVE-2020-21786 (In IBOS 4.5.4 Open, Arbitrary File Inclusion causes getshell via /syst ...)
	NOT-FOR-US: IBOS
CVE-2020-21785 (In IBOS 4.5.4 Open, the database backup has Command Injection Vulnerab ...)
	NOT-FOR-US: IBOS
CVE-2020-21784 (phpwcms 1.9.13 is vulnerable to Code Injection via /phpwcms/setup/setu ...)
	NOT-FOR-US: phpwcms
CVE-2020-21783 (In IBOS 4.5.4 the email function has a cross site scripting (XSS) vuln ...)
	NOT-FOR-US: IBOS
CVE-2020-21782
	RESERVED
CVE-2020-21781
	RESERVED
CVE-2020-21780
	RESERVED
CVE-2020-21779
	RESERVED
CVE-2020-21778
	RESERVED
CVE-2020-21777
	RESERVED
CVE-2020-21776
	RESERVED
CVE-2020-21775
	RESERVED
CVE-2020-21774
	RESERVED
CVE-2020-21773
	RESERVED
CVE-2020-21772
	RESERVED
CVE-2020-21771
	RESERVED
CVE-2020-21770
	RESERVED
CVE-2020-21769
	RESERVED
CVE-2020-21768
	RESERVED
CVE-2020-21767
	RESERVED
CVE-2020-21766
	RESERVED
CVE-2020-21765
	RESERVED
CVE-2020-21764
	RESERVED
CVE-2020-21763
	RESERVED
CVE-2020-21762
	RESERVED
CVE-2020-21761
	RESERVED
CVE-2020-21760
	RESERVED
CVE-2020-21759
	RESERVED
CVE-2020-21758
	RESERVED
CVE-2020-21757
	RESERVED
CVE-2020-21756
	RESERVED
CVE-2020-21755
	RESERVED
CVE-2020-21754
	RESERVED
CVE-2020-21753
	RESERVED
CVE-2020-21752
	RESERVED
CVE-2020-21751
	RESERVED
CVE-2020-21750
	RESERVED
CVE-2020-21749
	RESERVED
CVE-2020-21748
	RESERVED
CVE-2020-21747
	RESERVED
CVE-2020-21746
	RESERVED
CVE-2020-21745
	RESERVED
CVE-2020-21744
	RESERVED
CVE-2020-21743
	RESERVED
CVE-2020-21742
	RESERVED
CVE-2020-21741
	RESERVED
CVE-2020-21740
	RESERVED
CVE-2020-21739
	RESERVED
CVE-2020-21738
	RESERVED
CVE-2020-21737
	RESERVED
CVE-2020-21736
	RESERVED
CVE-2020-21735
	RESERVED
CVE-2020-21734
	RESERVED
CVE-2020-21733 (Sagemcom F@ST3686 v1.0 HUN 3.97.0 has XSS via RgDiagnostics.asp, RgDdn ...)
	NOT-FOR-US: Sagemcom F@ST3686
CVE-2020-21732 (Rukovoditel Project Management app 2.6 is affected by: Cross Site Scri ...)
	NOT-FOR-US: Rukovoditel Project Management app
CVE-2020-21731 (Gazie 7.29 is affected by: Cross Site Scripting (XSS) via http://192.1 ...)
	NOT-FOR-US: Gazie
CVE-2020-21730
	RESERVED
CVE-2020-21729 (JEECMS x1.1 contains a stored cross-site scripting (XSS) vulnerability ...)
	NOT-FOR-US: JEECMS
CVE-2020-21728
	RESERVED
CVE-2020-21727
	RESERVED
CVE-2020-21726 (OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Contro ...)
	NOT-FOR-US: OpenSNS
CVE-2020-21725 (OpenSNS v6.1.0 contains a blind SQL injection vulnerability in /Contro ...)
	NOT-FOR-US: OpenSNS
CVE-2020-21724
	RESERVED
CVE-2020-21723
	RESERVED
CVE-2020-21722
	RESERVED
CVE-2020-21721
	RESERVED
CVE-2020-21720
	RESERVED
CVE-2020-21719
	RESERVED
CVE-2020-21718
	RESERVED
CVE-2020-21717
	RESERVED
CVE-2020-21716
	RESERVED
CVE-2020-21715
	RESERVED
CVE-2020-21714
	RESERVED
CVE-2020-21713
	RESERVED
CVE-2020-21712
	RESERVED
CVE-2020-21711
	RESERVED
CVE-2020-21710
	RESERVED
CVE-2020-21709
	RESERVED
CVE-2020-21708
	RESERVED
CVE-2020-21707
	RESERVED
CVE-2020-21706
	RESERVED
CVE-2020-21705
	RESERVED
CVE-2020-21704
	RESERVED
CVE-2020-21703
	RESERVED
CVE-2020-21702
	RESERVED
CVE-2020-21701
	RESERVED
CVE-2020-21700
	RESERVED
CVE-2020-21699
	RESERVED
CVE-2020-21698
	RESERVED
CVE-2020-21697 (A heap-use-after-free in the mpeg_mux_write_packet function in libavfo ...)
	{DSA-4998-1}
	- ffmpeg 7:4.4-5
	[buster] - ffmpeg <postponed> (Wait for 4.1.9)
	[stretch] - ffmpeg <postponed> (Minor issue; can be fixed in next update)
	NOTE: https://trac.ffmpeg.org/ticket/8188
	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=cfce16449cb815132f829d5a07beb138dfb2cba6
CVE-2020-21696
	RESERVED
CVE-2020-21695
	RESERVED
CVE-2020-21694
	RESERVED
CVE-2020-21693
	RESERVED
CVE-2020-21692
	RESERVED
CVE-2020-21691
	RESERVED
CVE-2020-21690
	REJECTED
CVE-2020-21689
	RESERVED
CVE-2020-21688 (A heap-use-after-free in the av_freep function in libavutil/mem.c of F ...)
	{DSA-4998-1}
	- ffmpeg 7:4.4-5
	[buster] - ffmpeg <postponed> (Wait for 4.1.9)
	[stretch] - ffmpeg <postponed> (Minor issue; can be fixed in next update)
	NOTE: https://trac.ffmpeg.org/ticket/8186
	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=22c3cd176079dd104ec7610ead697235b04396f1
CVE-2020-21687
	RESERVED
CVE-2020-21686
	RESERVED
CVE-2020-21685
	RESERVED
CVE-2020-21684 (A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2 ...)
	- fig2dev 1:3.2.8-1 (unimportant)
	- transfig <removed>
	NOTE: https://sourceforge.net/p/mcj/tickets/75/
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/d70e4ba6308046f71cb51f67db8412155af52411/ (3.2.8)
	NOTE: Crash in CLI tool, no security impact
CVE-2020-21683 (A global buffer overflow in the shade_or_tint_name_after_declare_color ...)
	- fig2dev 1:3.2.8-1 (unimportant)
	- transfig <removed>
	NOTE: https://sourceforge.net/p/mcj/tickets/77/
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/639c36010a120e97a6e82e7cd57cbf9dbf4b64f1/ (3.2.8)
	NOTE: Crash in CLI tool, no security impact
CVE-2020-21682 (A global buffer overflow in the set_fill component in genge.c of fig2d ...)
	- fig2dev 1:3.2.8-1 (unimportant)
	- transfig <removed>
	NOTE: https://sourceforge.net/p/mcj/tickets/72/
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/4d4e1fdac467c386cba8706aa0067d5ab8da02d7/ (3.2.8)
	NOTE: Crash in CLI tool, no security impact
CVE-2020-21681 (A global buffer overflow in the set_color component in genge.c of fig2 ...)
	- fig2dev 1:3.2.8-1 (unimportant)
	- transfig <removed>
	NOTE: https://sourceforge.net/p/mcj/tickets/73/
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/d70e4ba6308046f71cb51f67db8412155af52411/ (3.2.8)
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/4d4e1fdac467c386cba8706aa0067d5ab8da02d7/ (3.2.8)
	NOTE: Crash in CLI tool, no security impact
CVE-2020-21680 (A stack-based buffer overflow in the put_arrow() component in genpict2 ...)
	- fig2dev 1:3.2.8-1 (unimportant)
	- transfig <removed>
	NOTE: https://sourceforge.net/p/mcj/tickets/74/
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/3165d86c31c6323913239fdc6460be6ababd3826/ (3.2.8)
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/100e2789f8106f9cc0f7e4319c4ee7bda076c3ac/ (3.2.8)
	NOTE: Crash in CLI tool, no security impact
CVE-2020-21679
	RESERVED
CVE-2020-21678 (A global buffer overflow in the genmp_writefontmacro_latex component i ...)
	- fig2dev 1:3.2.8-1 (unimportant)
	- transfig <removed>
	NOTE: https://sourceforge.net/p/mcj/tickets/71/
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/d70e4ba6308046f71cb51f67db8412155af52411/ (3.2.8)
	NOTE: Crash in CLI tool, no security impact
CVE-2020-21677 (A heap-based buffer overflow in the sixel_encoder_output_without_macro ...)
	- libsixel 1.8.6-1
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/123
	NOTE: https://github.com/saitoha/libsixel/commit/0b1e0b3f7b44233f84e5c9f512f8c90d6bbbe33d
CVE-2020-21676 (A stack-based buffer overflow in the genpstrx_text() component in genp ...)
	{DLA-2778-1}
	- fig2dev 1:3.2.8-1
	[buster] - fig2dev <no-dsa> (Minor issue)
	[stretch] - fig2dev <not-affected> (Vulnerable code introduced later)
	- transfig <removed>
	NOTE: https://sourceforge.net/p/mcj/tickets/76/
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/acccc89c20206a5db1f463438ba444e35bcb400e/ (3.2.8)
	NOTE: Introduced by https://sourceforge.net/p/mcj/fig2dev/ci/102f607eea49785d4a9c9c24af85f046c23674de (3.2.7)
CVE-2020-21675 (A stack-based buffer overflow in the genptk_text component in genptk.c ...)
	{DLA-2778-1}
	- fig2dev 1:3.2.7b-3
	[buster] - fig2dev 1:3.2.7a-5+deb10u3
	- transfig <removed>
	NOTE: https://sourceforge.net/p/mcj/tickets/78/
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/41b9bb838a3d544539f6e68aa4f87d70ef7d45ce/ (3.2.8)
CVE-2020-21674 (Heap-based buffer overflow in archive_string_append_from_wcs() (archiv ...)
	- libarchive <not-affected> (Vulnerable code not present in a released version)
	NOTE: https://github.com/libarchive/libarchive/issues/1298
	NOTE: Introduced (around): https://github.com/libarchive/libarchive/commit/3566a5d6ba2458e68c7e42b23f00a57901c6eafb
	NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/4f085eea879e2be745f4d9bf57e8513ae48157f4 (v3.4.1)
CVE-2020-21673
	RESERVED
CVE-2020-21672
	RESERVED
CVE-2020-21671
	RESERVED
CVE-2020-21670
	RESERVED
CVE-2020-21669
	RESERVED
CVE-2020-21668
	RESERVED
CVE-2020-21667 (In fastadmin-tp6 v1.0, in the file app/admin/controller/Ajax.php the ' ...)
	NOT-FOR-US: fastadmin-tp6
CVE-2020-21666
	RESERVED
CVE-2020-21665 (In fastadmin V1.0.0.20191212_beta, when a user with administrator righ ...)
	NOT-FOR-US: fastadmin
CVE-2020-21664
	RESERVED
CVE-2020-21663
	RESERVED
CVE-2020-21662
	RESERVED
CVE-2020-21661
	RESERVED
CVE-2020-21660
	RESERVED
CVE-2020-21659
	RESERVED
CVE-2020-21658 (A Cross-Site Request Forgery (CSRF) in WDJA CMS v1.5.2 allows attacker ...)
	NOT-FOR-US: WDJA CMS
CVE-2020-21657
	RESERVED
CVE-2020-21656 (XYHCMS v3.6 contains a stored cross-site scripting (XSS) vulnerability ...)
	NOT-FOR-US: XYHCMS
CVE-2020-21655
	RESERVED
CVE-2020-21654 (emlog v6.0 contains a vulnerability in the component admin\template.ph ...)
	NOT-FOR-US: emlog
CVE-2020-21653 (Myucms v2.2.1 contains a server-side request forgery (SSRF) in the com ...)
	NOT-FOR-US: Myucms
CVE-2020-21652 (Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in  ...)
	NOT-FOR-US: Myucms
CVE-2020-21651 (Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in  ...)
	NOT-FOR-US: Myucms
CVE-2020-21650 (Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in  ...)
	NOT-FOR-US: Myucms
CVE-2020-21649 (Myucms v2.2.1 contains a server-side request forgery (SSRF) in the com ...)
	NOT-FOR-US: Myucms
CVE-2020-21648 (WDJA CMS v1.5.2 contains an arbitrary file deletion vulnerability in t ...)
	NOT-FOR-US: WDJA CMS
CVE-2020-21647
	RESERVED
CVE-2020-21646
	RESERVED
CVE-2020-21645
	RESERVED
CVE-2020-21644
	RESERVED
CVE-2020-21643
	RESERVED
CVE-2020-21642
	RESERVED
CVE-2020-21641
	RESERVED
CVE-2020-21640
	RESERVED
CVE-2020-21639 (Ruijie RG-UAC 6000-E50 commit 9071227 was discovered to contain a cros ...)
	NOT-FOR-US: Ruijie
CVE-2020-21638
	RESERVED
CVE-2020-21637
	RESERVED
CVE-2020-21636
	RESERVED
CVE-2020-21635
	RESERVED
CVE-2020-21634
	RESERVED
CVE-2020-21633
	RESERVED
CVE-2020-21632
	RESERVED
CVE-2020-21631
	RESERVED
CVE-2020-21630
	RESERVED
CVE-2020-21629
	RESERVED
CVE-2020-21628
	RESERVED
CVE-2020-21627 (Ruijie RG-UAC commit 9071227 was discovered to contain a vulnerability ...)
	NOT-FOR-US: Ruijie
CVE-2020-21626
	RESERVED
CVE-2020-21625
	RESERVED
CVE-2020-21624
	RESERVED
CVE-2020-21623
	RESERVED
CVE-2020-21622
	RESERVED
CVE-2020-21621
	RESERVED
CVE-2020-21620
	RESERVED
CVE-2020-21619
	RESERVED
CVE-2020-21618
	RESERVED
CVE-2020-21617
	RESERVED
CVE-2020-21616
	RESERVED
CVE-2020-21615
	RESERVED
CVE-2020-21614
	RESERVED
CVE-2020-21613
	RESERVED
CVE-2020-21612
	RESERVED
CVE-2020-21611
	RESERVED
CVE-2020-21610
	RESERVED
CVE-2020-21609
	RESERVED
CVE-2020-21608
	RESERVED
CVE-2020-21607
	RESERVED
CVE-2020-21606 (libde265 v1.0.4 contains a heap buffer overflow fault in the put_epel_ ...)
	- libde265 <unfixed>
	[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[buster] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	NOTE: https://github.com/strukturag/libde265/issues/232
CVE-2020-21605 (libde265 v1.0.4 contains a segmentation fault in the apply_sao_interna ...)
	- libde265 <unfixed>
	[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[buster] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	NOTE: https://github.com/strukturag/libde265/issues/234
CVE-2020-21604 (libde265 v1.0.4 contains a heap buffer overflow fault in the _mm_loadl ...)
	- libde265 <unfixed>
	[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[buster] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	NOTE: https://github.com/strukturag/libde265/issues/231
CVE-2020-21603 (libde265 v1.0.4 contains a heap buffer overflow in the put_qpel_0_0_fa ...)
	- libde265 <unfixed>
	[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[buster] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	NOTE: https://github.com/strukturag/libde265/issues/240
CVE-2020-21602 (libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bi ...)
	- libde265 <unfixed> (bug #1004963)
	[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[buster] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	NOTE: https://github.com/strukturag/libde265/issues/242
CVE-2020-21601 (libde265 v1.0.4 contains a stack buffer overflow in the put_qpel_fallb ...)
	- libde265 <unfixed>
	[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[buster] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	NOTE: https://github.com/strukturag/libde265/issues/241
CVE-2020-21600 (libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pr ...)
	- libde265 <unfixed> (bug #1004963)
	[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[buster] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	NOTE: https://github.com/strukturag/libde265/issues/243
CVE-2020-21599 (libde265 v1.0.4 contains a heap buffer overflow in the de265_image::av ...)
	- libde265 <unfixed>
	[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[buster] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	NOTE: https://github.com/strukturag/libde265/issues/235
CVE-2020-21598 (libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unw ...)
	- libde265 <unfixed> (bug #1004963)
	[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[buster] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	NOTE: https://github.com/strukturag/libde265/issues/237
CVE-2020-21597 (libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma funct ...)
	- libde265 <unfixed>
	[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[buster] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	NOTE: https://github.com/strukturag/libde265/issues/238
CVE-2020-21596 (libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_ ...)
	- libde265 <unfixed>
	[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[buster] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	NOTE: https://github.com/strukturag/libde265/issues/236
CVE-2020-21595 (libde265 v1.0.4 contains a heap buffer overflow in the mc_luma functio ...)
	- libde265 <unfixed>
	[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[buster] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	NOTE: https://github.com/strukturag/libde265/issues/239
CVE-2020-21594 (libde265 v1.0.4 contains a heap buffer overflow in the put_epel_hv_fal ...)
	- libde265 <unfixed>
	[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[buster] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
	NOTE: https://github.com/strukturag/libde265/issues/233
CVE-2020-21593
	RESERVED
CVE-2020-21592
	RESERVED
CVE-2020-21591
	RESERVED
CVE-2020-21590 (Directory traversal in coreframe/app/template/admin/index.php in WUZHI ...)
	NOT-FOR-US: WUZHI CMS
CVE-2020-21589
	RESERVED
CVE-2020-21588 (Buffer overflow in Core FTP LE v2.2 allows local attackers to cause a  ...)
	NOT-FOR-US: Core FTP
CVE-2020-21587
	RESERVED
CVE-2020-21586
	RESERVED
CVE-2020-21585 (Vulnerability in emlog v6.0.0 allows user to upload webshells via zip  ...)
	NOT-FOR-US: emlog
CVE-2020-21584
	RESERVED
CVE-2020-21583
	RESERVED
CVE-2020-21582
	RESERVED
CVE-2020-21581
	RESERVED
CVE-2020-21580
	RESERVED
CVE-2020-21579
	RESERVED
CVE-2020-21578
	RESERVED
CVE-2020-21577
	RESERVED
CVE-2020-21576
	RESERVED
CVE-2020-21575
	RESERVED
CVE-2020-21574 (Buffer overflow vulnerability in YotsuyaNight c-http v0.1.0, allows at ...)
	NOT-FOR-US: YotsuyaNight c-http
CVE-2020-21573 (An issue was discoverered in in abhijitnathwani image-processing v0.1. ...)
	NOT-FOR-US: abhijitnathwani image-processing
CVE-2020-21572 (Buffer overflow vulnerability in function src_parser_trans_stage_1_2_3 ...)
	NOT-FOR-US: trgil gilcc
CVE-2020-21571
	RESERVED
CVE-2020-21570
	RESERVED
CVE-2020-21569
	RESERVED
CVE-2020-21568
	RESERVED
CVE-2020-21567
	RESERVED
CVE-2020-21566
	RESERVED
CVE-2020-21565
	RESERVED
CVE-2020-21564 (An issue was discovered in Pluck CMS 4.7.10-dev2 and 4.7.11. There is  ...)
	NOT-FOR-US: Pluck CMS
CVE-2020-21563
	RESERVED
CVE-2020-21562
	RESERVED
CVE-2020-21561
	RESERVED
CVE-2020-21560
	RESERVED
CVE-2020-21559
	RESERVED
CVE-2020-21558
	RESERVED
CVE-2020-21557
	RESERVED
CVE-2020-21556
	RESERVED
CVE-2020-21555
	RESERVED
CVE-2020-21554
	RESERVED
CVE-2020-21553
	RESERVED
CVE-2020-21552
	RESERVED
CVE-2020-21551
	RESERVED
CVE-2020-21550
	RESERVED
CVE-2020-21549
	RESERVED
CVE-2020-21548 (Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_enco ...)
	- libsixel 1.8.6-1
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/116
	NOTE: https://github.com/saitoha/libsixel/commit/9d0a7ff417b66d80a4bff714de1f27b24742f55a (v1.8.4)
CVE-2020-21547 (Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_fun ...)
	- libsixel 1.8.6-1
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/114
	NOTE: https://github.com/saitoha/libsixel/commit/9d0a7ff417b66d80a4bff714de1f27b24742f55a (v1.8.4)
CVE-2020-21546
	RESERVED
CVE-2020-21545
	RESERVED
CVE-2020-21544
	RESERVED
CVE-2020-21543
	RESERVED
CVE-2020-21542
	RESERVED
CVE-2020-21541
	RESERVED
CVE-2020-21540
	RESERVED
CVE-2020-21539
	RESERVED
CVE-2020-21538
	RESERVED
CVE-2020-21537
	RESERVED
CVE-2020-21536
	RESERVED
CVE-2020-21535 (fig2dev 3.2.7b contains a segmentation fault in the gencgm_start funct ...)
	{DLA-2778-1}
	- fig2dev 1:3.2.7b-3
	[buster] - fig2dev 1:3.2.7a-5+deb10u2
	- transfig <removed>
	NOTE: https://sourceforge.net/p/mcj/tickets/62/
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/41b9bb838a3d544539f6e68aa4f87d70ef7d45ce/ (3.2.8)
CVE-2020-21534 (fig2dev 3.2.7b contains a global buffer overflow in the get_line funct ...)
	{DLA-2778-1}
	- fig2dev 1:3.2.7b-3
	[buster] - fig2dev 1:3.2.7a-5+deb10u2
	- transfig <removed>
	NOTE: https://sourceforge.net/p/mcj/tickets/58/
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/41b9bb838a3d544539f6e68aa4f87d70ef7d45ce/ (3.2.8)
CVE-2020-21533 (fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject ...)
	{DLA-2778-1}
	- fig2dev 1:3.2.7b-3
	[buster] - fig2dev 1:3.2.7a-5+deb10u2
	- transfig <removed>
	NOTE: https://sourceforge.net/p/mcj/tickets/59/
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/41b9bb838a3d544539f6e68aa4f87d70ef7d45ce/ (3.2.8)
CVE-2020-21532 (fig2dev 3.2.7b contains a global buffer overflow in the setfigfont fun ...)
	{DLA-2778-1}
	- fig2dev 1:3.2.8-1
	[buster] - fig2dev <no-dsa> (Minor issue)
	- transfig <removed>
	NOTE: https://sourceforge.net/p/mcj/tickets/64/
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/421afa17d8cb8dafcaf3e6044a70790fa4fe307b/ (3.2.8)
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/00cdedac7a0b029846dee891769a1e77df83a01b/ (3.2.8)
CVE-2020-21531 (fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_i ...)
	{DLA-2778-1}
	- fig2dev 1:3.2.8-1
	[buster] - fig2dev <no-dsa> (Minor issue)
	- transfig <removed>
	NOTE: https://sourceforge.net/p/mcj/tickets/63/
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/2f8d1ae9763dcdc99b88a2b14849fe37174bcd69/ (3.2.8)
CVE-2020-21530 (fig2dev 3.2.7b contains a segmentation fault in the read_objects funct ...)
	{DLA-2778-1}
	- fig2dev 1:3.2.7b-3
	[buster] - fig2dev 1:3.2.7a-5+deb10u2
	- transfig <removed>
	NOTE: https://sourceforge.net/p/mcj/tickets/61/
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/41b9bb838a3d544539f6e68aa4f87d70ef7d45ce/ (3.2.8)
CVE-2020-21529 (fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline f ...)
	{DLA-2778-1}
	- fig2dev 1:3.2.8-1
	[buster] - fig2dev <no-dsa> (Minor issue)
	- transfig <removed>
	NOTE: https://sourceforge.net/p/mcj/tickets/65/
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/d70e4ba6308046f71cb51f67db8412155af52411/ (3.2.8)
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/e3cee2576438f47a3b8678c6960472e625f8f7d7/ (3.2.8)
CVE-2020-21528
	RESERVED
CVE-2020-21527 (There is an Arbitrary file deletion vulnerability in halo v1.1.3. A ba ...)
	NOT-FOR-US: Halo
CVE-2020-21526 (An Arbitrary file writing vulnerability in halo v1.1.3. In an interfac ...)
	NOT-FOR-US: Halo
CVE-2020-21525 (Halo V1.1.3 is affected by: Arbitrary File reading. In an interface th ...)
	NOT-FOR-US: Halo
CVE-2020-21524 (There is a XML external entity (XXE) vulnerability in halo v1.1.3, The ...)
	NOT-FOR-US: Halo
CVE-2020-21523 (A Server-Side Freemarker template injection vulnerability in halo CMS  ...)
	NOT-FOR-US: Halo
CVE-2020-21522 (An issue was discovered in halo V1.1.3. A Zip Slip Directory Traversal ...)
	NOT-FOR-US: Halo
CVE-2020-21521
	RESERVED
CVE-2020-21520
	RESERVED
CVE-2020-21519
	RESERVED
CVE-2020-21518
	RESERVED
CVE-2020-21517 (Cross Site Scripting (XSS) vulnerability in MetInfo 7.0.0 via the gour ...)
	NOT-FOR-US: MetInfo
CVE-2020-21516
	RESERVED
CVE-2020-21515
	RESERVED
CVE-2020-21514
	RESERVED
CVE-2020-21513
	RESERVED
CVE-2020-21512
	RESERVED
CVE-2020-21511
	RESERVED
CVE-2020-21510
	RESERVED
CVE-2020-21509
	RESERVED
CVE-2020-21508
	RESERVED
CVE-2020-21507
	RESERVED
CVE-2020-21506 (waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulner ...)
	NOT-FOR-US: waimai Super Cms
CVE-2020-21505 (waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulner ...)
	NOT-FOR-US: waimai Super Cms
CVE-2020-21504 (waimai Super Cms 20150505 contains a cross-site scripting (XSS) vulner ...)
	NOT-FOR-US: waimai Super Cms
CVE-2020-21503 (waimai Super Cms 20150505 has a logic flaw allowing attackers to modif ...)
	NOT-FOR-US: waimai Super Cms
CVE-2020-21502
	RESERVED
CVE-2020-21501
	RESERVED
CVE-2020-21500
	RESERVED
CVE-2020-21499
	RESERVED
CVE-2020-21498
	RESERVED
CVE-2020-21497
	RESERVED
CVE-2020-21496 (A cross-site scripting (XSS) vulnerability in the component /admin/?se ...)
	NOT-FOR-US: Xiuno BBS
CVE-2020-21495 (A cross-site scripting (XSS) vulnerability in the component /admin/?se ...)
	NOT-FOR-US: Xiuno BBS
CVE-2020-21494 (A cross-site scripting (XSS) vulnerability in the component install\in ...)
	NOT-FOR-US: Xiuno BBS
CVE-2020-21493 (An issue in the component route\user.php of Xiuno BBS v4.0.4 allows at ...)
	NOT-FOR-US: Xiuno BBS
CVE-2020-21492
	RESERVED
CVE-2020-21491
	RESERVED
CVE-2020-21490
	RESERVED
CVE-2020-21489
	RESERVED
CVE-2020-21488
	RESERVED
CVE-2020-21487
	RESERVED
CVE-2020-21486
	RESERVED
CVE-2020-21485
	RESERVED
CVE-2020-21484
	RESERVED
CVE-2020-21483 (An arbitrary file upload vulnerability in Jizhicms v1.5 allows attacke ...)
	NOT-FOR-US: Jizhicms
CVE-2020-21482 (A cross-site scripting (XSS) vulnerability in RGCMS v1.06 allows attac ...)
	NOT-FOR-US: RGCMS
CVE-2020-21481 (An arbitrary file upload vulnerability in RGCMS v1.06 allows attackers ...)
	NOT-FOR-US: RGCMS
CVE-2020-21480 (An arbitrary file write vulnerability in RGCMS v1.06 allows attackers  ...)
	NOT-FOR-US: RGCMS
CVE-2020-21479
	RESERVED
CVE-2020-21478
	RESERVED
CVE-2020-21477
	RESERVED
CVE-2020-21476
	RESERVED
CVE-2020-21475
	RESERVED
CVE-2020-21474
	RESERVED
CVE-2020-21473
	RESERVED
CVE-2020-21472
	RESERVED
CVE-2020-21471
	RESERVED
CVE-2020-21470
	RESERVED
CVE-2020-21469
	RESERVED
CVE-2020-21468 (** DISPUTED ** A segmentation fault in the redis-server component of R ...)
	- redis <unfixed> (unimportant)
	NOTE: https://github.com/redis/redis/issues/6633
	NOTE: Negligible security impact; disputed issue upstream and unreproducible.
CVE-2020-21467
	RESERVED
CVE-2020-21466
	RESERVED
CVE-2020-21465
	RESERVED
CVE-2020-21464
	RESERVED
CVE-2020-21463
	RESERVED
CVE-2020-21462
	RESERVED
CVE-2020-21461
	RESERVED
CVE-2020-21460
	RESERVED
CVE-2020-21459
	RESERVED
CVE-2020-21458
	RESERVED
CVE-2020-21457
	RESERVED
CVE-2020-21456
	RESERVED
CVE-2020-21455
	RESERVED
CVE-2020-21454
	RESERVED
CVE-2020-21453
	RESERVED
CVE-2020-21452 (An issue was discovered in uniview ISC2500-S. This is an upload vulner ...)
	NOT-FOR-US: uniview ISC2500-S
CVE-2020-21451
	RESERVED
CVE-2020-21450
	RESERVED
CVE-2020-21449
	RESERVED
CVE-2020-21448
	RESERVED
CVE-2020-21447
	RESERVED
CVE-2020-21446
	RESERVED
CVE-2020-21445
	RESERVED
CVE-2020-21444
	RESERVED
CVE-2020-21443
	RESERVED
CVE-2020-21442
	RESERVED
CVE-2020-21441
	RESERVED
CVE-2020-21440
	RESERVED
CVE-2020-21439
	RESERVED
CVE-2020-21438
	RESERVED
CVE-2020-21437
	RESERVED
CVE-2020-21436
	RESERVED
CVE-2020-21435
	RESERVED
CVE-2020-21434 (Maccms 10 contains a cross-site scripting (XSS) vulnerability in the E ...)
	NOT-FOR-US: Maccms
CVE-2020-21433
	RESERVED
CVE-2020-21432
	RESERVED
CVE-2020-21431 (HongCMS v3.0 contains an arbitrary file read and write vulnerability i ...)
	NOT-FOR-US: HongCMS
CVE-2020-21430
	RESERVED
CVE-2020-21429
	RESERVED
CVE-2020-21428
	RESERVED
CVE-2020-21427
	RESERVED
CVE-2020-21426
	RESERVED
CVE-2020-21425
	RESERVED
CVE-2020-21424
	RESERVED
CVE-2020-21423
	RESERVED
CVE-2020-21422
	RESERVED
CVE-2020-21421
	RESERVED
CVE-2020-21420
	RESERVED
CVE-2020-21419
	RESERVED
CVE-2020-21418
	RESERVED
CVE-2020-21417
	RESERVED
CVE-2020-21416
	RESERVED
CVE-2020-21415
	RESERVED
CVE-2020-21414
	RESERVED
CVE-2020-21413
	RESERVED
CVE-2020-21412
	RESERVED
CVE-2020-21411
	RESERVED
CVE-2020-21410
	RESERVED
CVE-2020-21409
	RESERVED
CVE-2020-21408
	RESERVED
CVE-2020-21407
	RESERVED
CVE-2020-21406
	RESERVED
CVE-2020-21405
	RESERVED
CVE-2020-21404
	RESERVED
CVE-2020-21403
	RESERVED
CVE-2020-21402
	RESERVED
CVE-2020-21401
	RESERVED
CVE-2020-21400
	RESERVED
CVE-2020-21399
	RESERVED
CVE-2020-21398
	RESERVED
CVE-2020-21397
	RESERVED
CVE-2020-21396
	RESERVED
CVE-2020-21395
	RESERVED
CVE-2020-21394 (SQL Injection vulnerability in Zhong Bang Technology Co., Ltd CRMEB ma ...)
	NOT-FOR-US: CRMEB mall system
CVE-2020-21393
	RESERVED
CVE-2020-21392
	RESERVED
CVE-2020-21391
	RESERVED
CVE-2020-21390
	RESERVED
CVE-2020-21389
	RESERVED
CVE-2020-21388
	RESERVED
CVE-2020-21387 (A cross-site scripting (XSS) vulnerability in the parameter type_en of ...)
	NOT-FOR-US: Maccms
CVE-2020-21386 (A Cross-Site Request Forgery (CSRF) in the component admin.php/admin/t ...)
	NOT-FOR-US: Maccms
CVE-2020-21385
	RESERVED
CVE-2020-21384
	RESERVED
CVE-2020-21383
	RESERVED
CVE-2020-21382
	RESERVED
CVE-2020-21381
	RESERVED
CVE-2020-21380
	RESERVED
CVE-2020-21379
	RESERVED
CVE-2020-21378 (SQL injection vulnerability in SeaCMS 10.1 (2020.02.08) via the id par ...)
	NOT-FOR-US: SeaCMS
CVE-2020-21377 (SQL injection vulnerability in yunyecms V2.0.1 via the selcart paramet ...)
	NOT-FOR-US: yunyecms
CVE-2020-21376
	RESERVED
CVE-2020-21375
	RESERVED
CVE-2020-21374
	RESERVED
CVE-2020-21373
	RESERVED
CVE-2020-21372
	RESERVED
CVE-2020-21371
	RESERVED
CVE-2020-21370
	RESERVED
CVE-2020-21369
	RESERVED
CVE-2020-21368
	RESERVED
CVE-2020-21367
	RESERVED
CVE-2020-21366
	RESERVED
CVE-2020-21365
	RESERVED
CVE-2020-21364
	RESERVED
CVE-2020-21363 (An arbitrary file deletion vulnerability exists within Maccms10. ...)
	NOT-FOR-US: Maccms10
CVE-2020-21362 (A cross site scripting (XSS) vulnerability in the background search fu ...)
	NOT-FOR-US: Maccms10
CVE-2020-21361
	RESERVED
CVE-2020-21360
	RESERVED
CVE-2020-21359 (An arbitrary file upload vulnerability in the Template Upload function ...)
	NOT-FOR-US: Maccms10
CVE-2020-21358 (A cross site request forgery (CSRF) in Wage-CMS 1.5.x-dev allows attac ...)
	NOT-FOR-US: Wage-CMS
CVE-2020-21357 (A stored cross site scripting (XSS) vulnerability in /admin.php?mod=us ...)
	NOT-FOR-US: PopojiCMS
CVE-2020-21356 (An information disclosure vulnerability in upload.php of PopojiCMS 1.2 ...)
	NOT-FOR-US: PopojiCMS
CVE-2020-21355
	RESERVED
CVE-2020-21354
	RESERVED
CVE-2020-21353 (A stored cross site scripting (XSS) vulnerability in /admin/snippets.p ...)
	NOT-FOR-US: GetSimple CMS
CVE-2020-21352
	RESERVED
CVE-2020-21351
	RESERVED
CVE-2020-21350
	RESERVED
CVE-2020-21349
	RESERVED
CVE-2020-21348
	RESERVED
CVE-2020-21347
	RESERVED
CVE-2020-21346
	RESERVED
CVE-2020-21345 (Cross Site Scripting (XSS) vulnerability in Halo 1.1.3 via post publis ...)
	NOT-FOR-US: halo
CVE-2020-21344
	RESERVED
CVE-2020-21343
	RESERVED
CVE-2020-21342 (Insecure permissions issue in zzcms 201910 via the reset any user pass ...)
	NOT-FOR-US: zzcms
CVE-2020-21341
	RESERVED
CVE-2020-21340
	RESERVED
CVE-2020-21339
	RESERVED
CVE-2020-21338
	RESERVED
CVE-2020-21337
	RESERVED
CVE-2020-21336
	RESERVED
CVE-2020-21335
	RESERVED
CVE-2020-21334
	RESERVED
CVE-2020-21333 (Cross Site Scripting (XSS) vulnerability in PublicCMS 4.0 to get an ad ...)
	NOT-FOR-US: PublicCMS
CVE-2020-21332
	RESERVED
CVE-2020-21331
	RESERVED
CVE-2020-21330
	RESERVED
CVE-2020-21329
	RESERVED
CVE-2020-21328
	RESERVED
CVE-2020-21327
	RESERVED
CVE-2020-21326
	RESERVED
CVE-2020-21325
	RESERVED
CVE-2020-21324
	RESERVED
CVE-2020-21323
	RESERVED
CVE-2020-21322 (An arbitrary file upload vulnerability in Feehi CMS v2.0.8 and below a ...)
	NOT-FOR-US: Feehi CMS
CVE-2020-21321 (emlog v6.0 contains a Cross-Site Request Forgery (CSRF) via /admin/lin ...)
	NOT-FOR-US: emlog CMS
CVE-2020-21320
	RESERVED
CVE-2020-21319
	RESERVED
CVE-2020-21318
	RESERVED
CVE-2020-21317
	RESERVED
CVE-2020-21316 (A Cross-site scripting (XSS) vulnerability exists in the comment secti ...)
	NOT-FOR-US: zrlog
CVE-2020-21315
	RESERVED
CVE-2020-21314
	RESERVED
CVE-2020-21313
	RESERVED
CVE-2020-21312
	RESERVED
CVE-2020-21311
	RESERVED
CVE-2020-21310
	RESERVED
CVE-2020-21309
	RESERVED
CVE-2020-21308
	RESERVED
CVE-2020-21307
	RESERVED
CVE-2020-21306
	RESERVED
CVE-2020-21305
	RESERVED
CVE-2020-21304
	RESERVED
CVE-2020-21303
	RESERVED
CVE-2020-21302
	RESERVED
CVE-2020-21301
	RESERVED
CVE-2020-21300
	RESERVED
CVE-2020-21299
	RESERVED
CVE-2020-21298
	RESERVED
CVE-2020-21297
	RESERVED
CVE-2020-21296
	RESERVED
CVE-2020-21295
	RESERVED
CVE-2020-21294
	RESERVED
CVE-2020-21293
	RESERVED
CVE-2020-21292
	RESERVED
CVE-2020-21291
	RESERVED
CVE-2020-21290
	RESERVED
CVE-2020-21289
	RESERVED
CVE-2020-21288
	RESERVED
CVE-2020-21287
	RESERVED
CVE-2020-21286
	RESERVED
CVE-2020-21285
	RESERVED
CVE-2020-21284
	RESERVED
CVE-2020-21283
	RESERVED
CVE-2020-21282
	RESERVED
CVE-2020-21281
	RESERVED
CVE-2020-21280
	RESERVED
CVE-2020-21279
	RESERVED
CVE-2020-21278
	RESERVED
CVE-2020-21277
	RESERVED
CVE-2020-21276
	RESERVED
CVE-2020-21275
	RESERVED
CVE-2020-21274
	RESERVED
CVE-2020-21273
	RESERVED
CVE-2020-21272
	RESERVED
CVE-2020-21271
	RESERVED
CVE-2020-21270
	RESERVED
CVE-2020-21269
	RESERVED
CVE-2020-21268
	RESERVED
CVE-2020-21267
	RESERVED
CVE-2020-21266 (Broadleaf Commerce 5.1.14-GA is affected by cross-site scripting (XSS) ...)
	NOT-FOR-US: Broadleaf Commerce
CVE-2020-21265
	RESERVED
CVE-2020-21264
	RESERVED
CVE-2020-21263
	RESERVED
CVE-2020-21262
	RESERVED
CVE-2020-21261
	RESERVED
CVE-2020-21260
	RESERVED
CVE-2020-21259
	RESERVED
CVE-2020-21258
	RESERVED
CVE-2020-21257
	RESERVED
CVE-2020-21256
	RESERVED
CVE-2020-21255
	RESERVED
CVE-2020-21254
	RESERVED
CVE-2020-21253
	RESERVED
CVE-2020-21252
	RESERVED
CVE-2020-21251
	RESERVED
CVE-2020-21250 (CSZ CMS v1.2.4 was discovered to contain an arbitrary file upload vuln ...)
	NOT-FOR-US: CSZ CMS
CVE-2020-21249
	RESERVED
CVE-2020-21248
	RESERVED
CVE-2020-21247
	RESERVED
CVE-2020-21246
	RESERVED
CVE-2020-21245
	RESERVED
CVE-2020-21244 (An issue was discovered in FrontAccounting 2.4.7. There is a Directory ...)
	- frontaccounting <removed>
CVE-2020-21243
	RESERVED
CVE-2020-21242
	RESERVED
CVE-2020-21241
	RESERVED
CVE-2020-21240
	RESERVED
CVE-2020-21239
	RESERVED
CVE-2020-21238 (An issue in the user login box of CSCMS v4.0 allows attackers to hijac ...)
	NOT-FOR-US: CSCMS
CVE-2020-21237 (An issue in the user login box of LJCMS v1.11 allows attackers to hija ...)
	NOT-FOR-US: LJCMS
CVE-2020-21236 (A vulnerability in /damicms-master/admin.php?s=/Article/doedit of Dami ...)
	NOT-FOR-US: DamiCMS
CVE-2020-21235
	RESERVED
CVE-2020-21234
	RESERVED
CVE-2020-21233
	RESERVED
CVE-2020-21232
	RESERVED
CVE-2020-21231
	RESERVED
CVE-2020-21230
	RESERVED
CVE-2020-21229
	RESERVED
CVE-2020-21228 (JIZHICMS 1.5.1 contains a cross-site scripting (XSS) vulnerability in  ...)
	NOT-FOR-US: JIZHICMS
CVE-2020-21227
	RESERVED
CVE-2020-21226
	RESERVED
CVE-2020-21225
	RESERVED
CVE-2020-21224 (A Remote Code Execution vulnerability has been found in Inspur Cluster ...)
	NOT-FOR-US: Inspur ClusterEngine
CVE-2020-21223
	RESERVED
CVE-2020-21222
	RESERVED
CVE-2020-21221
	RESERVED
CVE-2020-21220
	RESERVED
CVE-2020-21219
	RESERVED
CVE-2020-21218
	RESERVED
CVE-2020-21217
	RESERVED
CVE-2020-21216
	RESERVED
CVE-2020-21215
	RESERVED
CVE-2020-21214
	RESERVED
CVE-2020-21213
	RESERVED
CVE-2020-21212
	RESERVED
CVE-2020-21211
	RESERVED
CVE-2020-21210
	RESERVED
CVE-2020-21209
	RESERVED
CVE-2020-21208
	RESERVED
CVE-2020-21207
	RESERVED
CVE-2020-21206
	RESERVED
CVE-2020-21205
	RESERVED
CVE-2020-21204
	RESERVED
CVE-2020-21203
	RESERVED
CVE-2020-21202
	RESERVED
CVE-2020-21201
	RESERVED
CVE-2020-21200
	RESERVED
CVE-2020-21199
	RESERVED
CVE-2020-21198
	RESERVED
CVE-2020-21197
	RESERVED
CVE-2020-21196
	RESERVED
CVE-2020-21195
	RESERVED
CVE-2020-21194
	RESERVED
CVE-2020-21193
	RESERVED
CVE-2020-21192
	RESERVED
CVE-2020-21191
	RESERVED
CVE-2020-21190
	RESERVED
CVE-2020-21189
	RESERVED
CVE-2020-21188
	RESERVED
CVE-2020-21187
	RESERVED
CVE-2020-21186
	RESERVED
CVE-2020-21185
	RESERVED
CVE-2020-21184
	RESERVED
CVE-2020-21183
	RESERVED
CVE-2020-21182
	RESERVED
CVE-2020-21181
	RESERVED
CVE-2020-21180 (Sql injection vulnerability in koa2-blog 1.0.0 allows remote attackers ...)
	NOT-FOR-US: koa2-blog
CVE-2020-21179 (Sql injection vulnerability in koa2-blog 1.0.0 allows remote attackers ...)
	NOT-FOR-US: koa2-blog
CVE-2020-21178
	RESERVED
CVE-2020-21177
	RESERVED
CVE-2020-21176 (SQL injection vulnerability in the model.increment and model.decrement ...)
	NOT-FOR-US: ThinkJS
CVE-2020-21175
	RESERVED
CVE-2020-21174
	RESERVED
CVE-2020-21173
	RESERVED
CVE-2020-21172
	RESERVED
CVE-2020-21171
	RESERVED
CVE-2020-21170
	RESERVED
CVE-2020-21169
	RESERVED
CVE-2020-21168
	RESERVED
CVE-2020-21167
	RESERVED
CVE-2020-21166
	RESERVED
CVE-2020-21165
	RESERVED
CVE-2020-21164
	RESERVED
CVE-2020-21163
	RESERVED
CVE-2020-21162
	RESERVED
CVE-2020-21161
	RESERVED
CVE-2020-21160
	RESERVED
CVE-2020-21159
	RESERVED
CVE-2020-21158
	RESERVED
CVE-2020-21157
	RESERVED
CVE-2020-21156
	RESERVED
CVE-2020-21155
	RESERVED
CVE-2020-21154
	RESERVED
CVE-2020-21153
	RESERVED
CVE-2020-21152
	RESERVED
CVE-2020-21151
	RESERVED
CVE-2020-21150
	RESERVED
CVE-2020-21149
	RESERVED
CVE-2020-21148
	RESERVED
CVE-2020-21147 (RockOA V1.9.8 is affected by a cross-site scripting (XSS) vulnerabilit ...)
	NOT-FOR-US: RockOA
CVE-2020-21146 (Feehi CMS 2.0.8 is affected by a cross-site scripting (XSS) vulnerabil ...)
	NOT-FOR-US: Feehi CMS
CVE-2020-21145
	RESERVED
CVE-2020-21144
	RESERVED
CVE-2020-21143
	RESERVED
CVE-2020-21142 (Cross Site Scripting (XSS) vulnerabilty in IPFire 2.23 via the IPfire  ...)
	NOT-FOR-US: IPFire
CVE-2020-21141 (iCMS v7.0.15 was discovered to contain a Cross-Site Request Forgery (C ...)
	NOT-FOR-US: iCMS
CVE-2020-21140
	RESERVED
CVE-2020-21139 (EC Cloud E-Commerce System v1.3 was discovered to contain a Cross-Site ...)
	NOT-FOR-US: EC Cloud E-Commerce System
CVE-2020-21138
	RESERVED
CVE-2020-21137
	RESERVED
CVE-2020-21136
	RESERVED
CVE-2020-21135
	RESERVED
CVE-2020-21134
	RESERVED
CVE-2020-21133 (SQL Injection vulnerability in Metinfo 7.0.0 beta in member/getpasswor ...)
	NOT-FOR-US: Metinfo
CVE-2020-21132 (SQL Injection vulnerability in Metinfo 7.0.0beta in index.php. ...)
	NOT-FOR-US: Metinfo
CVE-2020-21131 (SQL Injection vulnerability in MetInfo 7.0.0beta via admin/?n=language ...)
	NOT-FOR-US: Metinfo
CVE-2020-21130 (Cross Site Scripting (XSS) vulnerability in HisiPHP 2.0.8 via the grou ...)
	NOT-FOR-US: HisiPHP
CVE-2020-21129
	RESERVED
CVE-2020-21128
	RESERVED
CVE-2020-21127 (MetInfo 7.0.0 contains a SQL injection vulnerability via admin/?n=logs ...)
	NOT-FOR-US: MetInfo
CVE-2020-21126 (MetInfo 7.0.0 contains a Cross-Site Request Forgery (CSRF) via admin/? ...)
	NOT-FOR-US: MetInfo
CVE-2020-21125 (An arbitrary file creation vulnerability in UReport 2.2.9 allows attac ...)
	NOT-FOR-US: UReport
CVE-2020-21124 (UReport 2.2.9 allows attackers to execute arbitrary code due to a lack ...)
	NOT-FOR-US: UReport
CVE-2020-21123
	RESERVED
CVE-2020-21122 (UReport v2.2.9 contains a Server-Side Request Forgery (SSRF) in the de ...)
	NOT-FOR-US: UReport
CVE-2020-21121 (Pligg CMS 2.0.2 contains a time-based SQL injection vulnerability via  ...)
	NOT-FOR-US: Pligg CMS
CVE-2020-21120
	RESERVED
CVE-2020-21119
	RESERVED
CVE-2020-21118
	RESERVED
CVE-2020-21117
	RESERVED
CVE-2020-21116
	RESERVED
CVE-2020-21115
	RESERVED
CVE-2020-21114
	RESERVED
CVE-2020-21113
	RESERVED
CVE-2020-21112
	RESERVED
CVE-2020-21111
	RESERVED
CVE-2020-21110
	RESERVED
CVE-2020-21109
	RESERVED
CVE-2020-21108
	RESERVED
CVE-2020-21107
	RESERVED
CVE-2020-21106
	RESERVED
CVE-2020-21105
	RESERVED
CVE-2020-21104
	RESERVED
CVE-2020-21103
	RESERVED
CVE-2020-21102
	RESERVED
CVE-2020-21101 (Cross Site Scriptiong vulnerabilityin Screenly screenly-ose all versio ...)
	NOT-FOR-US: Screenly
CVE-2020-21100
	RESERVED
CVE-2020-21099
	RESERVED
CVE-2020-21098
	RESERVED
CVE-2020-21097
	RESERVED
CVE-2020-21096
	RESERVED
CVE-2020-21095
	RESERVED
CVE-2020-21094
	RESERVED
CVE-2020-21093
	RESERVED
CVE-2020-21092
	RESERVED
CVE-2020-21091
	RESERVED
CVE-2020-21090
	RESERVED
CVE-2020-21089
	RESERVED
CVE-2020-21088 (Cross Site Scripting (XSS) in X2engine X2CRM v7.1 and older allows rem ...)
	NOT-FOR-US: X2engine X2CRM
CVE-2020-21087 (Cross Site Scripting (XSS) in X2Engine X2CRM v6.9 and older allows rem ...)
	NOT-FOR-US: X2engine X2CRM
CVE-2020-21086
	RESERVED
CVE-2020-21085
	RESERVED
CVE-2020-21084
	RESERVED
CVE-2020-21083
	RESERVED
CVE-2020-21082 (A cross-site scripting (XSS) vulnerability in the background administr ...)
	NOT-FOR-US: Maccms
CVE-2020-21081 (A cross-site request forgery (CSRF) in Maccms 8.0 causes administrator ...)
	NOT-FOR-US: Maccms
CVE-2020-21080
	RESERVED
CVE-2020-21079
	RESERVED
CVE-2020-21078
	RESERVED
CVE-2020-21077
	RESERVED
CVE-2020-21076
	RESERVED
CVE-2020-21075
	RESERVED
CVE-2020-21074
	RESERVED
CVE-2020-21073
	RESERVED
CVE-2020-21072
	RESERVED
CVE-2020-21071
	RESERVED
CVE-2020-21070
	RESERVED
CVE-2020-21069
	RESERVED
CVE-2020-21068
	RESERVED
CVE-2020-21067
	RESERVED
CVE-2020-21066 (An issue was discovered in Bento4 v1.5.1.0. There is a heap-buffer-ove ...)
	NOT-FOR-US: Bento4
CVE-2020-21065
	RESERVED
CVE-2020-21064
	REJECTED
CVE-2020-21063
	RESERVED
CVE-2020-21062
	RESERVED
CVE-2020-21061
	RESERVED
CVE-2020-21060
	RESERVED
CVE-2020-21059
	RESERVED
CVE-2020-21058
	RESERVED
CVE-2020-21057 (Directory Traversal vulnerability in FusionPBX 4.5.7, which allows a r ...)
	NOT-FOR-US: FusionPBX
CVE-2020-21056 (Directory Traversal vulnerability exists in FusionPBX 4.5.7, which all ...)
	NOT-FOR-US: FusionPBX
CVE-2020-21055 (A Directory Traversal vulnerability exists in FusionPBX 4.5.7 allows m ...)
	NOT-FOR-US: FusionPBX
CVE-2020-21054 (Cross Site Scripting (XSS) vulnerability in FusionPBX 4.5.7 allows rem ...)
	NOT-FOR-US: FusionPBX
CVE-2020-21053 (Cross Site Scriptiong (XSS) vulnerability exists in FusionPBX 4.5.7 al ...)
	NOT-FOR-US: FusionPBX
CVE-2020-21052
	RESERVED
CVE-2020-21051
	RESERVED
CVE-2020-21050 (Libsixel prior to v1.8.3 contains a stack buffer overflow in the funct ...)
	- libsixel 1.8.6-1
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/commit/7808a06b88c11dbc502318cdd51fa374f8cd47ee (v1.8.3)
	NOTE: https://github.com/saitoha/libsixel/issues/75
CVE-2020-21049 (An invalid read in the stb_image.h component of libsixel prior to v1.8 ...)
	- libsixel 1.8.6-1
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/74
	NOTE: https://github.com/saitoha/libsixel/commit/0b1e0b3f7b44233f84e5c9f512f8c90d6bbbe33d (v1.8.5)
CVE-2020-21048 (An issue in the dither.c component of libsixel prior to v1.8.4 allows  ...)
	- libsixel 1.8.6-1
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/73
	NOTE: https://github.com/saitoha/libsixel/commit/cb373ab6614c910407c5e5a93ab935144e62b037 (v1.8.4)
	NOTE: https://github.com/saitoha/libsixel/commit/26ac06f3623279348f0dce2d191a9b6ca0c80226 (v1.8.4)
CVE-2020-21047
	RESERVED
CVE-2020-21046
	RESERVED
CVE-2020-21045
	RESERVED
CVE-2020-21044
	RESERVED
CVE-2020-21043
	RESERVED
CVE-2020-21042
	RESERVED
CVE-2020-21041 (Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse ...)
	{DSA-4990-1 DLA-2742-1}
	[experimental] - ffmpeg 7:4.4-1
	- ffmpeg 7:4.3.2-0+deb11u2 (bug #989439)
	[stretch] - ffmpeg <postponed> (Wait for 4.1.9)
	NOTE: https://trac.ffmpeg.org/ticket/7989
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=5d9f44da460f781a1604d537d0555b78e29438ba
CVE-2020-21040
	RESERVED
CVE-2020-21039
	RESERVED
CVE-2020-21038
	RESERVED
CVE-2020-21037
	RESERVED
CVE-2020-21036
	RESERVED
CVE-2020-21035
	RESERVED
CVE-2020-21034
	RESERVED
CVE-2020-21033
	RESERVED
CVE-2020-21032
	RESERVED
CVE-2020-21031
	RESERVED
CVE-2020-21030
	RESERVED
CVE-2020-21029
	RESERVED
CVE-2020-21028
	RESERVED
CVE-2020-21027
	RESERVED
CVE-2020-21026
	RESERVED
CVE-2020-21025
	RESERVED
CVE-2020-21024
	RESERVED
CVE-2020-21023
	RESERVED
CVE-2020-21022
	RESERVED
CVE-2020-21021
	RESERVED
CVE-2020-21020
	RESERVED
CVE-2020-21019
	RESERVED
CVE-2020-21018
	RESERVED
CVE-2020-21017
	RESERVED
CVE-2020-21016
	RESERVED
CVE-2020-21015
	RESERVED
CVE-2020-21014 (emlog v6.0.0 contains an arbitrary file deletion vulnerability in admi ...)
	NOT-FOR-US: emlog
CVE-2020-21013 (emlog v6.0.0 contains a SQL injection via /admin/comment.php. ...)
	NOT-FOR-US: emlog
CVE-2020-21012 (Sourcecodester Hotel and Lodge Management System 2.0 is vulnerable to  ...)
	NOT-FOR-US: Sourcecodester Hotel and Lodge Management System
CVE-2020-21011
	RESERVED
CVE-2020-21010
	RESERVED
CVE-2020-21009
	REJECTED
CVE-2020-21008
	RESERVED
CVE-2020-21007
	RESERVED
CVE-2020-21006
	RESERVED
CVE-2020-21005 (WellCMS 2.0 beta3 is vulnerable to File Upload. A user can log in to t ...)
	NOT-FOR-US: WellCMS
CVE-2020-21004
	RESERVED
CVE-2020-21003 (Pbootcms v2.0.3 is vulnerable to Cross Site Scripting (XSS) via admin. ...)
	NOT-FOR-US: Pbootcms
CVE-2020-21002
	RESERVED
CVE-2020-21001
	RESERVED
CVE-2020-21000
	RESERVED
CVE-2020-20999
	RESERVED
CVE-2020-20998
	RESERVED
CVE-2020-20997
	RESERVED
CVE-2020-20996
	RESERVED
CVE-2020-20995
	RESERVED
CVE-2020-20994
	RESERVED
CVE-2020-20993
	RESERVED
CVE-2020-20992
	RESERVED
CVE-2020-20991
	RESERVED
CVE-2020-20990 (A cross site scripting (XSS) vulnerability in the /segments/edit.php c ...)
	NOT-FOR-US: DomainMOD
CVE-2020-20989 (A cross-site request forgery (CSRF) in /admin/maintenance/ of Domainmo ...)
	NOT-FOR-US: DomainMOD
CVE-2020-20988 (A cross site scripting (XSS) vulnerability in the /domains/cost-by-own ...)
	NOT-FOR-US: DomainMOD
CVE-2020-20987
	RESERVED
CVE-2020-20986
	RESERVED
CVE-2020-20985
	RESERVED
CVE-2020-20984
	RESERVED
CVE-2020-20983
	RESERVED
CVE-2020-20982 (Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allo ...)
	NOT-FOR-US: shadoweb wdja
CVE-2020-20981 (A SQL injection in the /admin/?n=logs&amp;c=index&amp;a=dolist compone ...)
	NOT-FOR-US: Metinfo
CVE-2020-20980
	RESERVED
CVE-2020-20979 (An arbitrary file upload vulnerability in the move_uploaded_file() fun ...)
	NOT-FOR-US: LJCMS
CVE-2020-20978
	RESERVED
CVE-2020-20977 (A stored cross site scripting (XSS) vulnerability in index.php/legend/ ...)
	NOT-FOR-US: UK CMS
CVE-2020-20976
	RESERVED
CVE-2020-20975 (In \lib\admin\action\dataaction.class.php in Gxlcms v1.1, SQL Injectio ...)
	NOT-FOR-US: Gxlcms
CVE-2020-20974
	RESERVED
CVE-2020-20973
	RESERVED
CVE-2020-20972
	RESERVED
CVE-2020-20971
	RESERVED
CVE-2020-20970
	RESERVED
CVE-2020-20969
	RESERVED
CVE-2020-20968
	RESERVED
CVE-2020-20967
	RESERVED
CVE-2020-20966
	RESERVED
CVE-2020-20965
	RESERVED
CVE-2020-20964
	RESERVED
CVE-2020-20963
	RESERVED
CVE-2020-20962
	RESERVED
CVE-2020-20961
	RESERVED
CVE-2020-20960
	RESERVED
CVE-2020-20959
	RESERVED
CVE-2020-20958
	RESERVED
CVE-2020-20957
	RESERVED
CVE-2020-20956
	RESERVED
CVE-2020-20955
	RESERVED
CVE-2020-20954
	RESERVED
CVE-2020-20953
	RESERVED
CVE-2020-20952
	RESERVED
CVE-2020-20951 (In Pluck-4.7.10-dev2 admin background, a remote command execution vuln ...)
	NOT-FOR-US: Pluck CMS
CVE-2020-20950 (Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip L ...)
	NOT-FOR-US: Microchip Libraries for Applications
CVE-2020-20949 (Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in STM32 crypt ...)
	NOT-FOR-US: STM32 cryptographic firmware library
CVE-2020-20948 (An arbitrary file download vulnerability in jeecg v3.8 allows attacker ...)
	NOT-FOR-US: jeecg
CVE-2020-20947
	RESERVED
CVE-2020-20946 (Qibosoft v7 contains a stored cross-site scripting (XSS) vulnerability ...)
	NOT-FOR-US: Qibosoft
CVE-2020-20945 (A Cross-Site Request Forgery (CSRF) in /admin/index.php?lfj=member&amp ...)
	NOT-FOR-US: Qibosoft
CVE-2020-20944 (An issue in /admin/index.php?lfj=mysql&amp;action=del of Qibosoft v7 a ...)
	NOT-FOR-US: Qibosoft
CVE-2020-20943 (A Cross-Site Request Forgery (CSRF) in /member/post.php?job=postnew&am ...)
	NOT-FOR-US: Qibosoft
CVE-2020-20942
	RESERVED
CVE-2020-20941
	RESERVED
CVE-2020-20940
	RESERVED
CVE-2020-20939
	RESERVED
CVE-2020-20938
	RESERVED
CVE-2020-20937
	RESERVED
CVE-2020-20936
	RESERVED
CVE-2020-20935
	RESERVED
CVE-2020-20934
	RESERVED
CVE-2020-20933
	RESERVED
CVE-2020-20932
	RESERVED
CVE-2020-20931
	RESERVED
CVE-2020-20930
	RESERVED
CVE-2020-20929
	RESERVED
CVE-2020-20928
	RESERVED
CVE-2020-20927
	RESERVED
CVE-2020-20926
	RESERVED
CVE-2020-20925
	RESERVED
CVE-2020-20924
	RESERVED
CVE-2020-20923
	RESERVED
CVE-2020-20922
	RESERVED
CVE-2020-20921
	RESERVED
CVE-2020-20920
	RESERVED
CVE-2020-20919
	RESERVED
CVE-2020-20918
	RESERVED
CVE-2020-20917
	RESERVED
CVE-2020-20916
	RESERVED
CVE-2020-20915
	RESERVED
CVE-2020-20914
	RESERVED
CVE-2020-20913
	RESERVED
CVE-2020-20912
	RESERVED
CVE-2020-20911
	RESERVED
CVE-2020-20910
	RESERVED
CVE-2020-20909
	RESERVED
CVE-2020-20908 (Akaunting v1.3.17 was discovered to contain a stored cross-site script ...)
	NOT-FOR-US: Akaunting
CVE-2020-20907 (MetInfo 7.0 beta is affected by a file modification vulnerability. Att ...)
	NOT-FOR-US: MetInfo
CVE-2020-20906
	RESERVED
CVE-2020-20905
	RESERVED
CVE-2020-20904
	RESERVED
CVE-2020-20903
	RESERVED
CVE-2020-20902 (A CWE-125: Out-of-bounds read vulnerability exists in long_term_filter ...)
	{DSA-4722-1}
	- ffmpeg 7:4.2.2-1
	[stretch] - ffmpeg <postponed> (Minor issue; can be fixed in next update)
	NOTE: https://trac.ffmpeg.org/ticket/8176
	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=5f0acc5064ed501cb40d4aaccae2b3ce5c4552fd (4.3)
	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=2c78a76cb0443f8a12a5eadc3b58373aa2f4ab22 (4.3)
	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=b97aaf791f6ea3506a6252ecef6a1a0e9a542e04 (4.2.2)
	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=81672bf00f3b5a3c025034f4b2e33d67b72f3839 (4.2.2)
	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a0c91fb0f0641f9f35f650281a176657907097cf (4.1.5)
CVE-2020-20901
	REJECTED
CVE-2020-20900
	REJECTED
CVE-2020-20899
	REJECTED
CVE-2020-20898 (Integer Overflow vulnerability in function filter16_prewitt in libavfi ...)
	- ffmpeg 7:4.3-2 (unimportant)
	[stretch] - ffmpeg <not-affected> (vulnerable code is not present)
	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/99f8d32129dd233d4eb2efa44678a0bc44869f23 (4.3)
	NOTE: https://trac.ffmpeg.org/ticket/8263
CVE-2020-20897
	REJECTED
CVE-2020-20896 (An issue was discovered in function latm_write_packet in libavformat/l ...)
	- ffmpeg 7:4.3-2
	[buster] - ffmpeg <postponed> (Wait for 4.1.9)
	[stretch] - ffmpeg <postponed> (Minor issue; can be fixed in next update)
	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/dd01947397b98e94c3f2a79d5820aaf4594f4d3b (4.3)
	NOTE: https://trac.ffmpeg.org/ticket/8273
CVE-2020-20895
	REJECTED
CVE-2020-20894
	REJECTED
CVE-2020-20893
	REJECTED
CVE-2020-20892 (An issue was discovered in function filter_frame in libavfilter/vf_len ...)
	- ffmpeg 7:4.3-2
	[buster] - ffmpeg <ignored> (Minor issue)
	[stretch] - ffmpeg <postponed> (Minor issue; can be fixed in next update)
	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=19587c9332f5be4f6bc6d7b2b8ef3fd21dfeaa01 (4.3)
	NOTE: https://trac.ffmpeg.org/ticket/8265
CVE-2020-20891 (Buffer Overflow vulnerability in function config_input in libavfilter/ ...)
	- ffmpeg 7:4.3-2
	[buster] - ffmpeg <postponed> (Wait for 4.1.9)
	[stretch] - ffmpeg <postponed> (Minor issue; can be fixed in next update)
	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/64a805883d7223c868a683f0030837d859edd2ab (4.3)
	NOTE: https://trac.ffmpeg.org/ticket/8282
CVE-2020-20890
	RESERVED
CVE-2020-20889
	RESERVED
CVE-2020-20888
	RESERVED
CVE-2020-20887
	RESERVED
CVE-2020-20886
	RESERVED
CVE-2020-20885
	RESERVED
CVE-2020-20884
	RESERVED
CVE-2020-20883
	RESERVED
CVE-2020-20882
	RESERVED
CVE-2020-20881
	RESERVED
CVE-2020-20880
	RESERVED
CVE-2020-20879
	RESERVED
CVE-2020-20878
	RESERVED
CVE-2020-20877
	RESERVED
CVE-2020-20876
	RESERVED
CVE-2020-20875
	RESERVED
CVE-2020-20874
	RESERVED
CVE-2020-20873
	RESERVED
CVE-2020-20872
	RESERVED
CVE-2020-20871
	RESERVED
CVE-2020-20870
	RESERVED
CVE-2020-20869
	RESERVED
CVE-2020-20868
	RESERVED
CVE-2020-20867
	RESERVED
CVE-2020-20866
	RESERVED
CVE-2020-20865
	RESERVED
CVE-2020-20864
	RESERVED
CVE-2020-20863
	RESERVED
CVE-2020-20862
	RESERVED
CVE-2020-20861
	RESERVED
CVE-2020-20860
	RESERVED
CVE-2020-20859
	RESERVED
CVE-2020-20858
	RESERVED
CVE-2020-20857
	RESERVED
CVE-2020-20856
	RESERVED
CVE-2020-20855
	RESERVED
CVE-2020-20854
	RESERVED
CVE-2020-20853
	RESERVED
CVE-2020-20852
	RESERVED
CVE-2020-20851
	RESERVED
CVE-2020-20850
	RESERVED
CVE-2020-20849
	RESERVED
CVE-2020-20848
	RESERVED
CVE-2020-20847
	RESERVED
CVE-2020-20846
	RESERVED
CVE-2020-20845
	RESERVED
CVE-2020-20844
	RESERVED
CVE-2020-20843
	RESERVED
CVE-2020-20842
	RESERVED
CVE-2020-20841
	RESERVED
CVE-2020-20840
	RESERVED
CVE-2020-20839
	RESERVED
CVE-2020-20838
	RESERVED
CVE-2020-20837
	RESERVED
CVE-2020-20836
	RESERVED
CVE-2020-20835
	RESERVED
CVE-2020-20834
	RESERVED
CVE-2020-20833
	RESERVED
CVE-2020-20832
	RESERVED
CVE-2020-20831
	RESERVED
CVE-2020-20830
	RESERVED
CVE-2020-20829
	RESERVED
CVE-2020-20828
	RESERVED
CVE-2020-20827
	RESERVED
CVE-2020-20826
	RESERVED
CVE-2020-20825
	RESERVED
CVE-2020-20824
	RESERVED
CVE-2020-20823
	RESERVED
CVE-2020-20822
	RESERVED
CVE-2020-20821
	RESERVED
CVE-2020-20820
	RESERVED
CVE-2020-20819
	RESERVED
CVE-2020-20818
	RESERVED
CVE-2020-20817
	RESERVED
CVE-2020-20816
	RESERVED
CVE-2020-20815
	RESERVED
CVE-2020-20814
	RESERVED
CVE-2020-20813
	RESERVED
CVE-2020-20812
	RESERVED
CVE-2020-20811
	RESERVED
CVE-2020-20810
	RESERVED
CVE-2020-20809
	RESERVED
CVE-2020-20808
	RESERVED
CVE-2020-20807
	RESERVED
CVE-2020-20806
	RESERVED
CVE-2020-20805
	RESERVED
CVE-2020-20804
	RESERVED
CVE-2020-20803
	RESERVED
CVE-2020-20802
	RESERVED
CVE-2020-20801
	RESERVED
CVE-2020-20800 (An issue was discovered in MetInfo v7.0.0 beta. There is SQL Injection ...)
	NOT-FOR-US: MetInfo
CVE-2020-20799 (JeeCMS 1.0.1 contains a stored cross-site scripting (XSS) vulnerabilit ...)
	NOT-FOR-US: JeeCMS
CVE-2020-20798
	RESERVED
CVE-2020-20797 (FlameCMS 3.3.5 contains a time-based blind SQL injection vulnerability ...)
	NOT-FOR-US: FlameCMS
CVE-2020-20796 (FlameCMS 3.3.5 contains a SQL injection vulnerability in /master/artic ...)
	NOT-FOR-US: FlameCMS
CVE-2020-20795
	RESERVED
CVE-2020-20794
	RESERVED
CVE-2020-20793
	RESERVED
CVE-2020-20792
	RESERVED
CVE-2020-20791
	RESERVED
CVE-2020-20790
	RESERVED
CVE-2020-20789
	RESERVED
CVE-2020-20788
	RESERVED
CVE-2020-20787
	RESERVED
CVE-2020-20786
	RESERVED
CVE-2020-20785
	RESERVED
CVE-2020-20784
	RESERVED
CVE-2020-20783
	RESERVED
CVE-2020-20782
	RESERVED
CVE-2020-20781 (A stored cross-site scripting (XSS) vulnerability in /ucms/index.php?d ...)
	NOT-FOR-US: UCMS
CVE-2020-20780
	RESERVED
CVE-2020-20779
	RESERVED
CVE-2020-20778
	RESERVED
CVE-2020-20777
	RESERVED
CVE-2020-20776
	RESERVED
CVE-2020-20775
	RESERVED
CVE-2020-20774
	RESERVED
CVE-2020-20773
	RESERVED
CVE-2020-20772
	RESERVED
CVE-2020-20771
	RESERVED
CVE-2020-20770
	RESERVED
CVE-2020-20769
	RESERVED
CVE-2020-20768
	RESERVED
CVE-2020-20767
	RESERVED
CVE-2020-20766
	RESERVED
CVE-2020-20765
	RESERVED
CVE-2020-20764
	RESERVED
CVE-2020-20763
	RESERVED
CVE-2020-20762
	RESERVED
CVE-2020-20761
	RESERVED
CVE-2020-20760
	RESERVED
CVE-2020-20759
	RESERVED
CVE-2020-20758
	RESERVED
CVE-2020-20757
	RESERVED
CVE-2020-20756
	RESERVED
CVE-2020-20755
	RESERVED
CVE-2020-20754
	RESERVED
CVE-2020-20753
	RESERVED
CVE-2020-20752
	RESERVED
CVE-2020-20751
	RESERVED
CVE-2020-20750
	RESERVED
CVE-2020-20749
	RESERVED
CVE-2020-20748
	RESERVED
CVE-2020-20747
	RESERVED
CVE-2020-20746 (A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03. ...)
	NOT-FOR-US: Tenda
CVE-2020-20745
	RESERVED
CVE-2020-20744
	RESERVED
CVE-2020-20743
	RESERVED
CVE-2020-20742
	RESERVED
CVE-2020-20741 (Incorrect Access Control in Beckhoff Automation GmbH &amp; Co. KG CX90 ...)
	NOT-FOR-US: Beckhoff
CVE-2020-20740 (PDFResurrect before 0.20 lack of header validation checks causes heap- ...)
	{DLA-2475-1}
	- pdfresurrect 0.21-1
	[buster] - pdfresurrect <no-dsa> (Minor issue)
	NOTE: https://github.com/enferex/pdfresurrect/commit/1b422459f07353adce2878806d5247d9e91fb397 (v0.21)
	NOTE: https://github.com/enferex/pdfresurrect/issues/14
CVE-2020-20739 (im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips befo ...)
	{DLA-2473-1}
	- vips 8.9.0-1
	[buster] - vips 8.7.4-1+deb10u1
	NOTE: https://github.com/libvips/libvips/commit/2ab5aa7bf515135c2b02d42e9a72e4c98e17031a (v8.9.0-alpha1)
	NOTE: https://github.com/libvips/libvips/issues/1419
CVE-2020-20738
	RESERVED
CVE-2020-20737
	RESERVED
CVE-2020-20736
	RESERVED
CVE-2020-20735
	RESERVED
CVE-2020-20734
	RESERVED
CVE-2020-20733
	RESERVED
CVE-2020-20732
	RESERVED
CVE-2020-20731
	RESERVED
CVE-2020-20730
	RESERVED
CVE-2020-20729
	RESERVED
CVE-2020-20728
	RESERVED
CVE-2020-20727
	RESERVED
CVE-2020-20726
	RESERVED
CVE-2020-20725
	RESERVED
CVE-2020-20724
	RESERVED
CVE-2020-20723
	RESERVED
CVE-2020-20722
	RESERVED
CVE-2020-20721
	RESERVED
CVE-2020-20720
	RESERVED
CVE-2020-20719
	RESERVED
CVE-2020-20718
	RESERVED
CVE-2020-20717
	RESERVED
CVE-2020-20716
	RESERVED
CVE-2020-20715
	RESERVED
CVE-2020-20714
	RESERVED
CVE-2020-20713
	RESERVED
CVE-2020-20712
	RESERVED
CVE-2020-20711
	RESERVED
CVE-2020-20710
	RESERVED
CVE-2020-20709
	RESERVED
CVE-2020-20708
	RESERVED
CVE-2020-20707
	RESERVED
CVE-2020-20706
	RESERVED
CVE-2020-20705
	RESERVED
CVE-2020-20704
	RESERVED
CVE-2020-20703
	RESERVED
CVE-2020-20702
	RESERVED
CVE-2020-20701 (A stored cross site scripting (XSS) vulnerability in /app/config/of S- ...)
	NOT-FOR-US: S-CMS PHP
CVE-2020-20700 (A stored cross site scripting (XSS) vulnerability in /app/form_add/of  ...)
	NOT-FOR-US: S-CMS PHP
CVE-2020-20699 (A cross site scripting (XSS) vulnerability in S-CMS PHP v3.0 allows at ...)
	NOT-FOR-US: S-CMS PHP
CVE-2020-20698 (A remote code execution (RCE) vulnerability in /1.com.php of S-CMS PHP ...)
	NOT-FOR-US: S-CMS PHP
CVE-2020-20697
	RESERVED
CVE-2020-20696 (A cross-site scripting (XSS) vulnerability in /admin/content/post of G ...)
	NOT-FOR-US: GilaCMS
CVE-2020-20695 (A stored cross-site scripting (XSS) vulnerability in GilaCMS v1.11.4 a ...)
	NOT-FOR-US: GilaCMS
CVE-2020-20694
	RESERVED
CVE-2020-20693 (A Cross-Site Request Forgery (CSRF) in GilaCMS v1.11.4 allows authenti ...)
	NOT-FOR-US: GilaCMS
CVE-2020-20692 (GilaCMS v1.11.4 was discovered to contain a SQL injection vulnerabilit ...)
	NOT-FOR-US: GilaCMS
CVE-2020-20691 (An issue in Monstra CMS v3.0.4 allows attackers to execute arbitrary w ...)
	NOT-FOR-US: Monstra CMS
CVE-2020-20690
	RESERVED
CVE-2020-20689
	RESERVED
CVE-2020-20688
	RESERVED
CVE-2020-20687
	RESERVED
CVE-2020-20686
	RESERVED
CVE-2020-20685
	RESERVED
CVE-2020-20684
	RESERVED
CVE-2020-20683
	RESERVED
CVE-2020-20682
	RESERVED
CVE-2020-20681
	RESERVED
CVE-2020-20680
	RESERVED
CVE-2020-20679
	RESERVED
CVE-2020-20678
	RESERVED
CVE-2020-20677
	RESERVED
CVE-2020-20676
	RESERVED
CVE-2020-20675 (Nuishop v2.3 contains a SQL injection vulnerability in /goods/getGoods ...)
	NOT-FOR-US: Nuishop
CVE-2020-20674
	RESERVED
CVE-2020-20673
	RESERVED
CVE-2020-20672 (An arbitrary file upload vulnerability in /admin/upload/uploadfile of  ...)
	NOT-FOR-US: KiteCMS
CVE-2020-20671 (A cross-site request forgery (CSRF) in KiteCMS V1.1 allows attackers t ...)
	NOT-FOR-US: KiteCMS
CVE-2020-20670 (An arbitrary file upload vulnerability in /admin/media/upload of ZKEAC ...)
	NOT-FOR-US: ZKEACMS
CVE-2020-20669
	RESERVED
CVE-2020-20668
	RESERVED
CVE-2020-20667
	RESERVED
CVE-2020-20666
	RESERVED
CVE-2020-20665 (rudp v0.6 was discovered to contain a memory leak in the component mai ...)
	NOT-FOR-US: rudp
CVE-2020-20664 (libiec_iccp_mod v1.5 contains a segmentation violation in the componen ...)
	NOT-FOR-US: libiec_iccp_mod
CVE-2020-20663 (libiec_iccp_mod v1.5 contains a heap-buffer-overflow in the component  ...)
	NOT-FOR-US: libiec_iccp_mod
CVE-2020-20662 (libiec_iccp_mod v1.5 contains a heap-buffer-overflow in the component  ...)
	NOT-FOR-US: libiec_iccp_mod
CVE-2020-20661
	RESERVED
CVE-2020-20660
	RESERVED
CVE-2020-20659
	RESERVED
CVE-2020-20658 (Buffer overflow vulnerability in fcovatti libiec_iccp_mod v1.5, allows ...)
	NOT-FOR-US: fcovatti libiec_iccp_mod
CVE-2020-20657 (Buffer overflow vulnerability in fcovatti libiec_iccp_mod v1.5, allows ...)
	NOT-FOR-US: fcovatti libiec_iccp_mod
CVE-2020-20656
	RESERVED
CVE-2020-20655
	RESERVED
CVE-2020-20654
	RESERVED
CVE-2020-20653
	RESERVED
CVE-2020-20652
	RESERVED
CVE-2020-20651
	RESERVED
CVE-2020-20650
	RESERVED
CVE-2020-20649
	RESERVED
CVE-2020-20648
	RESERVED
CVE-2020-20647
	RESERVED
CVE-2020-20646
	RESERVED
CVE-2020-20645 (Cross Site Scripting (XSS) vulnerability exists in EyouCMS1.3.6 in the ...)
	NOT-FOR-US: EyouCMS
CVE-2020-20644
	RESERVED
CVE-2020-20643
	RESERVED
CVE-2020-20642 (Cross Site Request Forgery (CSRF) vulnerability exists in EyouCMS 1.3. ...)
	NOT-FOR-US: EyouCMS
CVE-2020-20641
	RESERVED
CVE-2020-20640 (Cross Site Scripting (XSS) vulnerability in ECShop 4.0 due to security ...)
	NOT-FOR-US: ECShop
CVE-2020-20639
	RESERVED
CVE-2020-20638
	RESERVED
CVE-2020-20637
	RESERVED
CVE-2020-20636
	RESERVED
CVE-2020-20635
	RESERVED
CVE-2020-20634 (Elementor 2.9.5 and below WordPress plugin allows authenticated users  ...)
	NOT-FOR-US: Wordpress plugin
CVE-2020-20633 (ajax_policy_generator in admin/modules/cli-policy-generator/classes/cl ...)
	NOT-FOR-US: Wordpress plugin
CVE-2020-20632
	RESERVED
CVE-2020-20631
	RESERVED
CVE-2020-20630
	RESERVED
CVE-2020-20629
	RESERVED
CVE-2020-20628 (controller/controller-comments.php in WP GDPR plugin through 2.1.1 has ...)
	NOT-FOR-US: WP GDPR plugin
CVE-2020-20627 (The includes/gateways/stripe/includes/admin/admin-actions.php in GiveW ...)
	NOT-FOR-US: includes/gateways/stripe/includes/admin/admin-actions.php in GiveWP plugin for WordPress
CVE-2020-20626 (lara-google-analytics.php in Lara Google Analytics plugin through 2.0. ...)
	NOT-FOR-US: Lara Google Analytics plugin for WordPress
CVE-2020-20625 (Sliced Invoices plugin for WordPress 3.8.2 and earlier allows unauthen ...)
	NOT-FOR-US: Sliced Invoices plugin for WordPress
CVE-2020-20624
	RESERVED
CVE-2020-20623
	RESERVED
CVE-2020-20622
	RESERVED
CVE-2020-20621
	RESERVED
CVE-2020-20620
	RESERVED
CVE-2020-20619
	RESERVED
CVE-2020-20618
	RESERVED
CVE-2020-20617
	RESERVED
CVE-2020-20616
	RESERVED
CVE-2020-20615
	RESERVED
CVE-2020-20614
	RESERVED
CVE-2020-20613
	RESERVED
CVE-2020-20612
	RESERVED
CVE-2020-20611
	RESERVED
CVE-2020-20610
	RESERVED
CVE-2020-20609
	RESERVED
CVE-2020-20608
	RESERVED
CVE-2020-20607
	RESERVED
CVE-2020-20606
	RESERVED
CVE-2020-20605 (Blog CMS v1.0 contains a cross-site scripting (XSS) vulnerability in t ...)
	NOT-FOR-US: Blog CMS
CVE-2020-20604
	RESERVED
CVE-2020-20603
	RESERVED
CVE-2020-20602
	RESERVED
CVE-2020-20601 (An issue in ThinkCMF X2.2.2 and below allows attackers to execute arbi ...)
	NOT-FOR-US: ThinkCMF
CVE-2020-20600 (MetInfo 7.0 beta contains a stored cross-site scripting (XSS) vulnerab ...)
	NOT-FOR-US: MetInfo
CVE-2020-20599
	RESERVED
CVE-2020-20598 (A cross-site scripting (XSS) vulnerability in the Editing component of ...)
	NOT-FOR-US: com.mossle.lemon
CVE-2020-20597 (A cross-site scripting (XSS) vulnerability in the potrtalItemName para ...)
	NOT-FOR-US: com.mossle.lemon
	NOTE: https://github.com/xuhuisheng/lemon
CVE-2020-20596
	RESERVED
CVE-2020-20595 (A cross-site request forgery (CSRF) in OPMS v1.3 and below allows atta ...)
	NOT-FOR-US: OPMS
CVE-2020-20594
	RESERVED
CVE-2020-20593 (A cross-site request forgery (CSRF) in Rockoa v1.9.8 allows an authent ...)
	NOT-FOR-US: Rockoa
CVE-2020-20592
	RESERVED
CVE-2020-20591
	RESERVED
CVE-2020-20590
	RESERVED
CVE-2020-20589
	RESERVED
CVE-2020-20588
	RESERVED
CVE-2020-20587
	RESERVED
CVE-2020-20586 (A cross site request forgery (CSRF) vulnerability in the /xyhai.php?s= ...)
	NOT-FOR-US: XYHCMS
CVE-2020-20585 (A blind SQL injection in /admin/?n=logs&amp;c=index&amp;a=dode of Meti ...)
	NOT-FOR-US: Metinfo
CVE-2020-20584 (A cross site scripting vulnerability in baigo CMS v4.0-beta-1 allows a ...)
	NOT-FOR-US: baigo CMS
CVE-2020-20583 (A SQL injection vulnerability in /question.php of LJCMS Version v4.3.R ...)
	NOT-FOR-US: LJCMS
CVE-2020-20582 (A server side request forgery (SSRF) vulnerability in /ApiAdminDomainS ...)
	NOT-FOR-US: MipCMS
CVE-2020-20581
	RESERVED
CVE-2020-20580
	RESERVED
CVE-2020-20579
	RESERVED
CVE-2020-20578
	RESERVED
CVE-2020-20577
	RESERVED
CVE-2020-20576
	RESERVED
CVE-2020-20575
	RESERVED
CVE-2020-20574
	RESERVED
CVE-2020-20573
	RESERVED
CVE-2020-20572
	RESERVED
CVE-2020-20571
	RESERVED
CVE-2020-20570
	RESERVED
CVE-2020-20569
	RESERVED
CVE-2020-20568
	RESERVED
CVE-2020-20567
	RESERVED
CVE-2020-20566
	RESERVED
CVE-2020-20565
	RESERVED
CVE-2020-20564
	RESERVED
CVE-2020-20563
	RESERVED
CVE-2020-20562
	RESERVED
CVE-2020-20561
	RESERVED
CVE-2020-20560
	RESERVED
CVE-2020-20559
	RESERVED
CVE-2020-20558
	RESERVED
CVE-2020-20557
	RESERVED
CVE-2020-20556
	RESERVED
CVE-2020-20555
	RESERVED
CVE-2020-20554
	RESERVED
CVE-2020-20553
	RESERVED
CVE-2020-20552
	RESERVED
CVE-2020-20551
	RESERVED
CVE-2020-20550
	RESERVED
CVE-2020-20549
	RESERVED
CVE-2020-20548
	RESERVED
CVE-2020-20547
	RESERVED
CVE-2020-20546
	RESERVED
CVE-2020-20545 (Cross-Site Scripting (XSS) vulnerability in Zhiyuan G6 Government Coll ...)
	NOT-FOR-US: Zhiyuan G6 Government Collaboration System
CVE-2020-20544
	RESERVED
CVE-2020-20543
	RESERVED
CVE-2020-20542
	RESERVED
CVE-2020-20541
	RESERVED
CVE-2020-20540
	RESERVED
CVE-2020-20539
	RESERVED
CVE-2020-20538
	RESERVED
CVE-2020-20537
	RESERVED
CVE-2020-20536
	RESERVED
CVE-2020-20535
	RESERVED
CVE-2020-20534
	RESERVED
CVE-2020-20533
	RESERVED
CVE-2020-20532
	RESERVED
CVE-2020-20531
	RESERVED
CVE-2020-20530
	RESERVED
CVE-2020-20529
	RESERVED
CVE-2020-20528
	RESERVED
CVE-2020-20527
	RESERVED
CVE-2020-20526
	RESERVED
CVE-2020-20525
	RESERVED
CVE-2020-20524
	RESERVED
CVE-2020-20523
	RESERVED
CVE-2020-20522
	RESERVED
CVE-2020-20521
	RESERVED
CVE-2020-20520
	RESERVED
CVE-2020-20519
	RESERVED
CVE-2020-20518
	RESERVED
CVE-2020-20517
	RESERVED
CVE-2020-20516
	RESERVED
CVE-2020-20515
	RESERVED
CVE-2020-20514 (A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/ ...)
	NOT-FOR-US: Maccms
CVE-2020-20513
	RESERVED
CVE-2020-20512
	RESERVED
CVE-2020-20511
	RESERVED
CVE-2020-20510
	RESERVED
CVE-2020-20509
	RESERVED
CVE-2020-20508 (Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerab ...)
	NOT-FOR-US: Shopkit
CVE-2020-20507
	RESERVED
CVE-2020-20506
	RESERVED
CVE-2020-20505
	RESERVED
CVE-2020-20504
	RESERVED
CVE-2020-20503
	RESERVED
CVE-2020-20502
	RESERVED
CVE-2020-20501
	RESERVED
CVE-2020-20500
	RESERVED
CVE-2020-20499
	RESERVED
CVE-2020-20498
	RESERVED
CVE-2020-20497
	RESERVED
CVE-2020-20496
	RESERVED
CVE-2020-20495 (bludit v3.13.0 contains an arbitrary file deletion vulnerability in th ...)
	NOT-FOR-US: bludit
	NOTE: https://github.com/bludit/bludit
CVE-2020-20494
	RESERVED
CVE-2020-20493
	RESERVED
CVE-2020-20492
	RESERVED
CVE-2020-20491
	RESERVED
CVE-2020-20490 (A heap buffer-overflow in the client_example1.c component of libiec_ic ...)
	NOT-FOR-US: libiec_iccp_mod
	NOTE: https://github.com/fcovatti/libiec_iccp_mod
	NOTE: IEC 61850
CVE-2020-20489
	RESERVED
CVE-2020-20488
	RESERVED
CVE-2020-20487
	RESERVED
CVE-2020-20486 (IEC104 v1.0 contains a stack-buffer overflow in the parameter Iec10x_S ...)
	NOT-FOR-US: IEC104
	NOTE: https://github.com/airpig2011/IEC104
CVE-2020-20485
	RESERVED
CVE-2020-20484
	RESERVED
CVE-2020-20483
	RESERVED
CVE-2020-20482
	RESERVED
CVE-2020-20481
	RESERVED
CVE-2020-20480
	RESERVED
CVE-2020-20479
	RESERVED
CVE-2020-20478
	RESERVED
CVE-2020-20477
	RESERVED
CVE-2020-20476
	RESERVED
CVE-2020-20475
	RESERVED
CVE-2020-20474 (White Shark System (WSS) 1.3.2 has a SQL injection vulnerability. The  ...)
	NOT-FOR-US: White Shark System (WSS)
CVE-2020-20473 (White Shark System (WSS) 1.3.2 has a SQL injection vulnerability. The  ...)
	NOT-FOR-US: White Shark System (WSS)
CVE-2020-20472 (White Shark System (WSS) 1.3.2 has a sensitive information disclosure  ...)
	NOT-FOR-US: White Shark System (WSS)
CVE-2020-20471 (White Shark System (WSS) 1.3.2 has an unauthorized access vulnerabilit ...)
	NOT-FOR-US: White Shark System (WSS)
CVE-2020-20470 (White Shark System (WSS) 1.3.2 has web site physical path leakage vuln ...)
	NOT-FOR-US: White Shark System (WSS)
CVE-2020-20469 (White Shark System (WSS) 1.3.2 has a SQL injection vulnerability. The  ...)
	NOT-FOR-US: White Shark System (WSS)
CVE-2020-20468 (White Shark System (WSS) 1.3.2 is vulnerable to CSRF. Attackers can us ...)
	NOT-FOR-US: White Shark System (WSS)
CVE-2020-20467 (White Shark System (WSS) 1.3.2 is vulnerable to sensitive information  ...)
	NOT-FOR-US: White Shark System (WSS)
CVE-2020-20466 (White Shark System (WSS) 1.3.2 is vulnerable to unauthorized access vi ...)
	NOT-FOR-US: White Shark System (WSS)
CVE-2020-20465
	RESERVED
CVE-2020-20464
	RESERVED
CVE-2020-20463
	RESERVED
CVE-2020-20462
	RESERVED
CVE-2020-20461
	RESERVED
CVE-2020-20460
	RESERVED
CVE-2020-20459
	RESERVED
CVE-2020-20458
	RESERVED
CVE-2020-20457
	RESERVED
CVE-2020-20456
	RESERVED
CVE-2020-20455
	RESERVED
CVE-2020-20454
	RESERVED
CVE-2020-20453 (FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccod ...)
	{DSA-4998-1 DSA-4990-1 DLA-2818-1}
	- ffmpeg 7:4.4.1-1 (unimportant)
	NOTE: https://trac.ffmpeg.org/ticket/8003
	NOTE: Negligible security impact
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a7a7f32c8ad0179a1a85d0a8cff35924e6d90be8
CVE-2020-20452
	RESERVED
CVE-2020-20451 (Denial of Service issue in FFmpeg 4.2 due to resource management error ...)
	{DLA-2818-1}
	- ffmpeg 7:4.3-2 (unimportant)
	NOTE: https://trac.ffmpeg.org/ticket/8094
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=21265f42ecb265debe9fec1dbfd0cb7de5a8aefb
	NOTE: Negligible security impact
CVE-2020-20450 (FFmpeg 4.2 is affected by null pointer dereference passed as argument  ...)
	{DSA-4998-1}
	[experimental] - ffmpeg 7:4.4-1
	- ffmpeg 7:4.4-5 (unimportant)
	[stretch] - ffmpeg <not-affected> (vulnerable code is not present)
	NOTE: https://trac.ffmpeg.org/ticket/7993
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=5400e4a50c61e53e1bc50b3e77201649bbe9c510
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=3865b1952e5cf993b016d83ba78fe1deb63bbfad (4.3)
	NOTE: Negligible security impact
CVE-2020-20449
	RESERVED
CVE-2020-20448 (FFmpeg 4.1.3 is affected by a Divide By Zero issue via libavcodec/rate ...)
	{DSA-4722-1}
	- ffmpeg 7:4.3-2 (unimportant)
	[stretch] - ffmpeg <not-affected> (vulnerable code is not present)
	NOTE: https://trac.ffmpeg.org/ticket/7990
	NOTE: Negligible security impact
	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=8802e329c8317ca5ceb929df48a23eb0f9e852b2
	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=55279d699fa64d8eb1185d8db04ab4ed92e8dea2
CVE-2020-20447
	RESERVED
CVE-2020-20446 (FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy ...)
	{DSA-4998-1 DSA-4990-1 DLA-2818-1}
	- ffmpeg 7:4.4.1-1 (unimportant)
	NOTE: https://trac.ffmpeg.org/ticket/7995
	NOTE: Negligible security impact
	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/223b5e8ac9f6461bb13ed365419ec485c5b2b002
CVE-2020-20445 (FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/lpc.h, ...)
	{DSA-4998-1 DSA-4990-1 DLA-2818-1}
	- ffmpeg <unfixed> (unimportant)
	NOTE: https://trac.ffmpeg.org/ticket/7996
	NOTE: Negligible security impact
	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/38d18fb57863bb9c54e68ae44aa780c5c282a184
CVE-2020-20444 (Jact OpenClinic 0.8.20160412 allows the attacker to read server files  ...)
	NOT-FOR-US: Jact OpenClinic
CVE-2020-20443
	RESERVED
CVE-2020-20442
	RESERVED
CVE-2020-20441
	RESERVED
CVE-2020-20440
	RESERVED
CVE-2020-20439
	RESERVED
CVE-2020-20438
	RESERVED
CVE-2020-20437
	RESERVED
CVE-2020-20436
	RESERVED
CVE-2020-20435
	RESERVED
CVE-2020-20434
	RESERVED
CVE-2020-20433
	RESERVED
CVE-2020-20432
	RESERVED
CVE-2020-20431
	RESERVED
CVE-2020-20430
	RESERVED
CVE-2020-20429
	RESERVED
CVE-2020-20428
	RESERVED
CVE-2020-20427
	RESERVED
CVE-2020-20426 (S-CMS Government Station Building System v5.0 contains a cross-site sc ...)
	NOT-FOR-US: S-CMS Government Station Building System
CVE-2020-20425 (S-CMS Government Station Building System v5.0 contains a cross-site sc ...)
	NOT-FOR-US: S-CMS Government Station Building System
CVE-2020-20424
	RESERVED
CVE-2020-20423
	RESERVED
CVE-2020-20422
	RESERVED
CVE-2020-20421
	RESERVED
CVE-2020-20420
	RESERVED
CVE-2020-20419
	RESERVED
CVE-2020-20418
	RESERVED
CVE-2020-20417
	RESERVED
CVE-2020-20416
	RESERVED
CVE-2020-20415
	RESERVED
CVE-2020-20414
	RESERVED
CVE-2020-20413
	RESERVED
CVE-2020-20412 (lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12  ...)
	NOT-FOR-US: StepMania integration of libvorbis
CVE-2020-20411
	RESERVED
CVE-2020-20410
	RESERVED
CVE-2020-20409
	RESERVED
CVE-2020-20408
	RESERVED
CVE-2020-20407
	RESERVED
CVE-2020-20406 (A stored XSS vulnerability exists in the Custom Link Attributes contro ...)
	NOT-FOR-US: Elementor Page Builder
CVE-2020-20405
	RESERVED
CVE-2020-20404
	RESERVED
CVE-2020-20403
	RESERVED
CVE-2020-20402
	RESERVED
CVE-2020-20401
	RESERVED
CVE-2020-20400
	RESERVED
CVE-2020-20399
	RESERVED
CVE-2020-20398
	RESERVED
CVE-2020-20397
	RESERVED
CVE-2020-20396
	RESERVED
CVE-2020-20395
	RESERVED
CVE-2020-20394
	RESERVED
CVE-2020-20393
	RESERVED
CVE-2020-20392 (SQL Injection vulnerability in imcat v5.2 via the fm[auser] parameters ...)
	NOT-FOR-US: imcat
CVE-2020-20391 (Cross Site Scripting vulnerability in GetSimpleCMS 3.4.0a in admin/sni ...)
	NOT-FOR-US: GetSimpleCMS
CVE-2020-20390
	RESERVED
CVE-2020-20389 (Cross Site Scripting (XSS) vulnerability in GetSimpleCMS 3.4.0a in adm ...)
	NOT-FOR-US: GetSimpleCMS
CVE-2020-20388
	RESERVED
CVE-2020-20387
	RESERVED
CVE-2020-20386
	RESERVED
CVE-2020-20385
	RESERVED
CVE-2020-20384
	RESERVED
CVE-2020-20383
	RESERVED
CVE-2020-20382
	RESERVED
CVE-2020-20381
	RESERVED
CVE-2020-20380
	RESERVED
CVE-2020-20379
	RESERVED
CVE-2020-20378
	RESERVED
CVE-2020-20377
	RESERVED
CVE-2020-20376
	RESERVED
CVE-2020-20375
	RESERVED
CVE-2020-20374
	RESERVED
CVE-2020-20373
	RESERVED
CVE-2020-20372
	RESERVED
CVE-2020-20371
	RESERVED
CVE-2020-20370
	RESERVED
CVE-2020-20369
	RESERVED
CVE-2020-20368
	RESERVED
CVE-2020-20367
	RESERVED
CVE-2020-20366
	RESERVED
CVE-2020-20365
	RESERVED
CVE-2020-20364
	RESERVED
CVE-2020-20363 (Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.p ...)
	NOT-FOR-US: PbootCMS
CVE-2020-20362
	RESERVED
CVE-2020-20361
	RESERVED
CVE-2020-20360
	RESERVED
CVE-2020-20359
	RESERVED
CVE-2020-20358
	RESERVED
CVE-2020-20357
	RESERVED
CVE-2020-20356
	RESERVED
CVE-2020-20355
	RESERVED
CVE-2020-20354
	RESERVED
CVE-2020-20353
	RESERVED
CVE-2020-20352
	RESERVED
CVE-2020-20351
	RESERVED
CVE-2020-20350
	RESERVED
CVE-2020-20349 (WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability i ...)
	NOT-FOR-US: WTCMS
CVE-2020-20348 (WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability i ...)
	NOT-FOR-US: WTCMS
CVE-2020-20347 (WTCMS 1.0 contains a stored cross-site scripting (XSS) vulnerability i ...)
	NOT-FOR-US: WTCMS
CVE-2020-20346
	RESERVED
CVE-2020-20345 (WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerabili ...)
	NOT-FOR-US: WTCMS
CVE-2020-20344 (WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerabili ...)
	NOT-FOR-US: WTCMS
CVE-2020-20343 (WTCMS 1.0 contains a cross-site request forgery (CSRF) vulnerability i ...)
	NOT-FOR-US: WTCMS
CVE-2020-20342
	RESERVED
CVE-2020-20341 (YzmCMS v5.5 contains a server-side request forgery (SSRF) in the grab_ ...)
	NOT-FOR-US: YzmCMS
CVE-2020-20340 (A SQL injection vulnerability in the 4.edu.php\conn\function.php compo ...)
	NOT-FOR-US: S-CMS
CVE-2020-20339
	RESERVED
CVE-2020-20338
	RESERVED
CVE-2020-20337
	RESERVED
CVE-2020-20336
	RESERVED
CVE-2020-20335
	RESERVED
CVE-2020-20334
	RESERVED
CVE-2020-20333
	RESERVED
CVE-2020-20332
	RESERVED
CVE-2020-20331
	RESERVED
CVE-2020-20330
	RESERVED
CVE-2020-20329
	RESERVED
CVE-2020-20328
	RESERVED
CVE-2020-20327
	RESERVED
CVE-2020-20326
	RESERVED
CVE-2020-20325
	RESERVED
CVE-2020-20324
	RESERVED
CVE-2020-20323
	RESERVED
CVE-2020-20322
	RESERVED
CVE-2020-20321
	RESERVED
CVE-2020-20320
	RESERVED
CVE-2020-20319
	RESERVED
CVE-2020-20318
	RESERVED
CVE-2020-20317
	RESERVED
CVE-2020-20316
	RESERVED
CVE-2020-20315
	RESERVED
CVE-2020-20314
	RESERVED
CVE-2020-20313
	RESERVED
CVE-2020-20312
	RESERVED
CVE-2020-20311
	RESERVED
CVE-2020-20310
	RESERVED
CVE-2020-20309
	RESERVED
CVE-2020-20308
	RESERVED
CVE-2020-20307
	RESERVED
CVE-2020-20306
	RESERVED
CVE-2020-20305
	RESERVED
CVE-2020-20304
	RESERVED
CVE-2020-20303
	RESERVED
CVE-2020-20302
	RESERVED
CVE-2020-20301
	RESERVED
CVE-2020-20300 (SQL injection vulnerability in the wp_where function in WeiPHP 5.0. ...)
	NOT-FOR-US: WeiPHP
CVE-2020-20299 (WeiPHP 5.0 does not properly restrict access to pages, related to usin ...)
	NOT-FOR-US: WeiPHP
CVE-2020-20298 (Eval injection vulnerability in the parserCommom method in the ParserT ...)
	NOT-FOR-US: zzzphp
CVE-2020-20297
	RESERVED
CVE-2020-20296 (An issue was found in CMSWing project version 1.3.8, Because the recha ...)
	NOT-FOR-US: CMSWing
CVE-2020-20295 (An issue was found in CMSWing project version 1.3.8. Because the updat ...)
	NOT-FOR-US: CMSWing
CVE-2020-20294 (An issue was found in CMSWing project version 1.3.8. Because the log f ...)
	NOT-FOR-US: CMSWing
CVE-2020-20293
	RESERVED
CVE-2020-20292
	RESERVED
CVE-2020-20291
	RESERVED
CVE-2020-20290 (Directory traversal vulnerability in the yccms 3.3 project. The delete ...)
	NOT-FOR-US: yccms
CVE-2020-20289 (Sql injection vulnerability in the yccms 3.3 project. The no_top funct ...)
	NOT-FOR-US: yccms
CVE-2020-20288
	RESERVED
CVE-2020-20287 (Unrestricted file upload vulnerability in the yccms 3.3 project. The x ...)
	NOT-FOR-US: yccms
CVE-2020-20286
	RESERVED
CVE-2020-20285 (There is a XSS in the user login page in zzcms 2019. Users can inject  ...)
	NOT-FOR-US: zzcms
CVE-2020-20284
	RESERVED
CVE-2020-20283
	RESERVED
CVE-2020-20282
	RESERVED
CVE-2020-20281
	RESERVED
CVE-2020-20280
	RESERVED
CVE-2020-20279
	RESERVED
CVE-2020-20278
	RESERVED
CVE-2020-20277 (There are multiple unauthenticated directory traversal vulnerabilities ...)
	NOT-FOR-US: uftpd
CVE-2020-20276 (An unauthenticated stack-based buffer overflow vulnerability in common ...)
	NOT-FOR-US: uftpd
CVE-2020-20275
	RESERVED
CVE-2020-20274
	RESERVED
CVE-2020-20273
	RESERVED
CVE-2020-20272
	RESERVED
CVE-2020-20271
	RESERVED
CVE-2020-20270
	RESERVED
CVE-2020-20269 (A specially crafted Markdown document could cause the execution of mal ...)
	NOT-FOR-US: Caret Editor
CVE-2020-20268
	RESERVED
CVE-2020-20267 (Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corr ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20266 (Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corr ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20265 (Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corr ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20264 (Mikrotik RouterOs before 6.47 (stable tree) in the /ram/pckg/advanced- ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20263
	RESERVED
CVE-2020-20262 (Mikrotik RouterOs before 6.47 (stable tree) suffers from an assertion  ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20261
	RESERVED
CVE-2020-20260
	RESERVED
CVE-2020-20259
	RESERVED
CVE-2020-20258
	RESERVED
CVE-2020-20257
	RESERVED
CVE-2020-20256
	RESERVED
CVE-2020-20255
	RESERVED
CVE-2020-20254 (Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corr ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20253 (Mikrotik RouterOs before 6.47 (stable tree) suffers from a divison by  ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20252 (Mikrotik RouterOs before stable version 6.47 suffers from a memory cor ...)
	NOT-FOR-US: Mikrotik
CVE-2020-20251
	RESERVED
CVE-2020-20250 (Mikrotik RouterOs before stable version 6.47 suffers from a memory cor ...)
	NOT-FOR-US: Mikrotik
CVE-2020-20249 (Mikrotik RouterOs before stable 6.47 suffers from a memory corruption  ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20248 (Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled reso ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20247 (Mikrotik RouterOs before 6.46.5 (stable tree) suffers from a memory co ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20246 (Mikrotik RouterOs stable 6.46.3 suffers from a memory corruption vulne ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20245 (Mikrotik RouterOs stable 6.46.3 suffers from a memory corruption vulne ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20244
	RESERVED
CVE-2020-20243
	RESERVED
CVE-2020-20242
	RESERVED
CVE-2020-20241
	RESERVED
CVE-2020-20240
	RESERVED
CVE-2020-20239
	RESERVED
CVE-2020-20238
	RESERVED
CVE-2020-20237 (Mikrotik RouterOs 6.46.3 (stable tree) suffers from a memory corruptio ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20236 (Mikrotik RouterOs 6.46.3 (stable tree) suffers from a memory corruptio ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20235
	RESERVED
CVE-2020-20234
	RESERVED
CVE-2020-20233
	RESERVED
CVE-2020-20232
	RESERVED
CVE-2020-20231 (Mikrotik RouterOs through stable version 6.48.3 suffers from a memory  ...)
	NOT-FOR-US: Mikrotik
CVE-2020-20230 (Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled reso ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20229
	RESERVED
CVE-2020-20228
	RESERVED
CVE-2020-20227 (Mikrotik RouterOs stable 6.47 suffers from a memory corruption vulnera ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20226
	RESERVED
CVE-2020-20225 (Mikrotik RouterOs before 6.47 (stable tree) suffers from an assertion  ...)
	NOT-FOR-US: Mikrotik
CVE-2020-20224
	RESERVED
CVE-2020-20223
	RESERVED
CVE-2020-20222 (Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corrup ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20221 (Mikrotik RouterOs before 6.44.6 (long-term tree) suffers from an uncon ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20220 (Mikrotik RouterOs prior to stable 6.47 suffers from a memory corruptio ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20219 (Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corrup ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20218 (Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corrup ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20217 (Mikrotik RouterOs before 6.47 (stable tree) suffers from an uncontroll ...)
	NOT-FOR-US: Mikrotik
CVE-2020-20216 (Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corrup ...)
	NOT-FOR-US: Mikrotik
CVE-2020-20215 (Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corrup ...)
	NOT-FOR-US: Mikrotik
CVE-2020-20214 (Mikrotik RouterOs 6.44.6 (long-term tree) suffers from an assertion fa ...)
	NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20213 (Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an stack exhaus ...)
	NOT-FOR-US: Mikrotik
CVE-2020-20212 (Mikrotik RouterOs 6.44.5 (long-term tree) suffers from a memory corrup ...)
	NOT-FOR-US: Mikrotik
CVE-2020-20211 (Mikrotik RouterOs 6.44.5 (long-term tree) suffers from an assertion fa ...)
	NOT-FOR-US: Mikrotik
CVE-2020-20210
	RESERVED
CVE-2020-20209
	RESERVED
CVE-2020-20208
	RESERVED
CVE-2020-20207
	RESERVED
CVE-2020-20206
	RESERVED
CVE-2020-20205
	RESERVED
CVE-2020-20204
	RESERVED
CVE-2020-20203
	RESERVED
CVE-2020-20202
	RESERVED
CVE-2020-20201
	RESERVED
CVE-2020-20200
	RESERVED
CVE-2020-20199
	RESERVED
CVE-2020-20198
	RESERVED
CVE-2020-20197
	RESERVED
CVE-2020-20196
	RESERVED
CVE-2020-20195
	RESERVED
CVE-2020-20194
	RESERVED
CVE-2020-20193
	RESERVED
CVE-2020-20192
	RESERVED
CVE-2020-20191
	RESERVED
CVE-2020-20190
	RESERVED
CVE-2020-20189 (SQL Injection vulnerability in NewPK 1.1 via the title parameter to ad ...)
	NOT-FOR-US: NewPK
CVE-2020-20188
	RESERVED
CVE-2020-20187
	RESERVED
CVE-2020-20186
	RESERVED
CVE-2020-20185
	RESERVED
CVE-2020-20184 (GateOne allows remote attackers to execute arbitrary commands via shel ...)
	NOT-FOR-US: GateOne
CVE-2020-20183 (Insecure direct object reference vulnerability in Zyxel&#8217;s P1302- ...)
	NOT-FOR-US: Zyxel
CVE-2020-20182
	RESERVED
CVE-2020-20181
	RESERVED
CVE-2020-20180
	RESERVED
CVE-2020-20179
	RESERVED
CVE-2020-20178 (Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919#code.sol latest ve ...)
	NOT-FOR-US: Ethereum
CVE-2020-20177
	RESERVED
CVE-2020-20176
	RESERVED
CVE-2020-20175
	RESERVED
CVE-2020-20174
	RESERVED
CVE-2020-20173
	RESERVED
CVE-2020-20172
	RESERVED
CVE-2020-20171
	RESERVED
CVE-2020-20170
	RESERVED
CVE-2020-20169
	RESERVED
CVE-2020-20168
	RESERVED
CVE-2020-20167
	RESERVED
CVE-2020-20166
	RESERVED
CVE-2020-20165
	RESERVED
CVE-2020-20164
	RESERVED
CVE-2020-20163
	RESERVED
CVE-2020-20162
	RESERVED
CVE-2020-20161
	RESERVED
CVE-2020-20160
	RESERVED
CVE-2020-20159
	RESERVED
CVE-2020-20158
	RESERVED
CVE-2020-20157
	RESERVED
CVE-2020-20156
	RESERVED
CVE-2020-20155
	RESERVED
CVE-2020-20154
	RESERVED
CVE-2020-20153
	RESERVED
CVE-2020-20152
	RESERVED
CVE-2020-20151
	RESERVED
CVE-2020-20150
	RESERVED
CVE-2020-20149
	RESERVED
CVE-2020-20148
	RESERVED
CVE-2020-20147
	RESERVED
CVE-2020-20146
	RESERVED
CVE-2020-20145
	RESERVED
CVE-2020-20144
	RESERVED
CVE-2020-20143
	RESERVED
CVE-2020-20142 (Cross Site Scripting (XSS) vulnerability in the "To Remote CSV" compon ...)
	NOT-FOR-US: Flexmonster Pivot Table & Charts
CVE-2020-20141 (Cross Site Scripting (XSS) vulnerability in the To OLAP (XMLA) compone ...)
	NOT-FOR-US: Flexmonster Pivot Table & Charts
CVE-2020-20140 (Cross Site Scripting (XSS) vulnerability in Remote Report component un ...)
	NOT-FOR-US: Flexmonster Pivot Table & Charts
CVE-2020-20139 (Cross Site Scripting (XSS) vulnerability in the Remote JSON component  ...)
	NOT-FOR-US: Flexmonster Pivot Table & Charts
CVE-2020-20138 (Cross Site Scripting (XSS) vulnerability in the Showtime2 Slideshow mo ...)
	NOT-FOR-US: CMS Made Simple (CMSMS)
CVE-2020-20137
	RESERVED
CVE-2020-20136 (QuantConnect Lean versions from 2.3.0.0 to 2.4.0.1 are affected by an  ...)
	NOT-FOR-US: QuantConnect Lean
CVE-2020-20135
	RESERVED
CVE-2020-20134
	RESERVED
CVE-2020-20133
	RESERVED
CVE-2020-20132
	RESERVED
CVE-2020-20131 (LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerabil ...)
	NOT-FOR-US: LaraCMS
CVE-2020-20130
	RESERVED
CVE-2020-20129 (LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerabil ...)
	NOT-FOR-US: LaraCMS
CVE-2020-20128 (LaraCMS v1.0.1 transmits sensitive information in cleartext which can  ...)
	NOT-FOR-US: LaraCMS
CVE-2020-20127
	RESERVED
CVE-2020-20126
	RESERVED
CVE-2020-20125 (EARCLINK ESPCMS-P8 contains a cross-site scripting (XSS) vulnerability ...)
	NOT-FOR-US: EARCLINK ESPCMS-P8
CVE-2020-20124 (Wuzhi CMS v4.1.0 contains a remote code execution (RCE) vulnerability  ...)
	NOT-FOR-US: Wuzhi CMS
CVE-2020-20123
	RESERVED
CVE-2020-20122 (Wuzhi CMS v4.1 contains a SQL injection vulnerability in the checktitl ...)
	NOT-FOR-US: Wuzhi CMS
CVE-2020-20121
	RESERVED
CVE-2020-20120 (ThinkPHP v3.2.3 and below contains a SQL injection vulnerability which ...)
	NOT-FOR-US: ThinkPHP
CVE-2020-20119
	RESERVED
CVE-2020-20118
	RESERVED
CVE-2020-20117
	RESERVED
CVE-2020-20116
	RESERVED
CVE-2020-20115
	RESERVED
CVE-2020-20114
	RESERVED
CVE-2020-20113
	RESERVED
CVE-2020-20112
	RESERVED
CVE-2020-20111
	RESERVED
CVE-2020-20110
	RESERVED
CVE-2020-20109
	RESERVED
CVE-2020-20108
	RESERVED
CVE-2020-20107
	RESERVED
CVE-2020-20106
	RESERVED
CVE-2020-20105
	RESERVED
CVE-2020-20104
	RESERVED
CVE-2020-20103
	RESERVED
CVE-2020-20102
	RESERVED
CVE-2020-20101
	RESERVED
CVE-2020-20100
	RESERVED
CVE-2020-20099
	RESERVED
CVE-2020-20098
	RESERVED
CVE-2020-20097
	RESERVED
CVE-2020-20096
	RESERVED
CVE-2020-20095
	RESERVED
CVE-2020-20094
	RESERVED
CVE-2020-20093
	RESERVED
CVE-2020-20092 (File Upload vulnerability exists in ArticleCMS 1.0 via the image uploa ...)
	NOT-FOR-US: ArticleCMS
CVE-2020-20091
	RESERVED
CVE-2020-20090
	RESERVED
CVE-2020-20089
	RESERVED
CVE-2020-20088
	RESERVED
CVE-2020-20087
	RESERVED
CVE-2020-20086
	RESERVED
CVE-2020-20085
	RESERVED
CVE-2020-20084
	RESERVED
CVE-2020-20083
	RESERVED
CVE-2020-20082
	RESERVED
CVE-2020-20081
	RESERVED
CVE-2020-20080
	RESERVED
CVE-2020-20079
	RESERVED
CVE-2020-20078
	RESERVED
CVE-2020-20077
	RESERVED
CVE-2020-20076
	RESERVED
CVE-2020-20075
	RESERVED
CVE-2020-20074
	RESERVED
CVE-2020-20073
	RESERVED
CVE-2020-20072
	RESERVED
CVE-2020-20071
	RESERVED
CVE-2020-20070
	RESERVED
CVE-2020-20069
	RESERVED
CVE-2020-20068
	RESERVED
CVE-2020-20067
	RESERVED
CVE-2020-20066
	RESERVED
CVE-2020-20065
	RESERVED
CVE-2020-20064
	RESERVED
CVE-2020-20063
	RESERVED
CVE-2020-20062
	RESERVED
CVE-2020-20061
	RESERVED
CVE-2020-20060
	RESERVED
CVE-2020-20059
	RESERVED
CVE-2020-20058
	RESERVED
CVE-2020-20057
	RESERVED
CVE-2020-20056
	RESERVED
CVE-2020-20055
	RESERVED
CVE-2020-20054
	RESERVED
CVE-2020-20053
	RESERVED
CVE-2020-20052
	RESERVED
CVE-2020-20051
	RESERVED
CVE-2020-20050
	RESERVED
CVE-2020-20049
	RESERVED
CVE-2020-20048
	RESERVED
CVE-2020-20047
	RESERVED
CVE-2020-20046
	RESERVED
CVE-2020-20045
	RESERVED
CVE-2020-20044
	RESERVED
CVE-2020-20043
	RESERVED
CVE-2020-20042
	RESERVED
CVE-2020-20041
	RESERVED
CVE-2020-20040
	RESERVED
CVE-2020-20039
	RESERVED
CVE-2020-20038
	RESERVED
CVE-2020-20037
	RESERVED
CVE-2020-20036
	RESERVED
CVE-2020-20035
	RESERVED
CVE-2020-20034
	RESERVED
CVE-2020-20033
	RESERVED
CVE-2020-20032
	RESERVED
CVE-2020-20031
	RESERVED
CVE-2020-20030
	RESERVED
CVE-2020-20029
	RESERVED
CVE-2020-20028
	RESERVED
CVE-2020-20027
	RESERVED
CVE-2020-20026
	RESERVED
CVE-2020-20025
	RESERVED
CVE-2020-20024
	RESERVED
CVE-2020-20023
	RESERVED
CVE-2020-20022
	RESERVED
CVE-2020-20021
	RESERVED
CVE-2020-20020
	RESERVED
CVE-2020-20019
	RESERVED
CVE-2020-20018
	RESERVED
CVE-2020-20017
	RESERVED
CVE-2020-20016
	RESERVED
CVE-2020-20015
	RESERVED
CVE-2020-20014
	RESERVED
CVE-2020-20013
	RESERVED
CVE-2020-20012
	RESERVED
CVE-2020-20011
	RESERVED
CVE-2020-20010
	RESERVED
CVE-2020-20009
	RESERVED
CVE-2020-20008
	RESERVED
CVE-2020-20007
	RESERVED
CVE-2020-20006
	RESERVED
CVE-2020-20005
	RESERVED
CVE-2020-20004
	RESERVED
CVE-2020-20003
	RESERVED
CVE-2020-20002
	RESERVED
CVE-2020-20001
	RESERVED
CVE-2020-20000
	RESERVED
CVE-2020-19999
	RESERVED
CVE-2020-19998
	RESERVED
CVE-2020-19997
	RESERVED
CVE-2020-19996
	RESERVED
CVE-2020-19995
	RESERVED
CVE-2020-19994
	RESERVED
CVE-2020-19993
	RESERVED
CVE-2020-19992
	RESERVED
CVE-2020-19991
	RESERVED
CVE-2020-19990
	RESERVED
CVE-2020-19989
	RESERVED
CVE-2020-19988
	RESERVED
CVE-2020-19987
	RESERVED
CVE-2020-19986
	RESERVED
CVE-2020-19985
	RESERVED
CVE-2020-19984
	RESERVED
CVE-2020-19983
	RESERVED
CVE-2020-19982
	RESERVED
CVE-2020-19981
	RESERVED
CVE-2020-19980
	RESERVED
CVE-2020-19979
	RESERVED
CVE-2020-19978
	RESERVED
CVE-2020-19977
	RESERVED
CVE-2020-19976
	RESERVED
CVE-2020-19975
	RESERVED
CVE-2020-19974
	RESERVED
CVE-2020-19973
	RESERVED
CVE-2020-19972
	RESERVED
CVE-2020-19971
	RESERVED
CVE-2020-19970
	RESERVED
CVE-2020-19969
	RESERVED
CVE-2020-19968
	RESERVED
CVE-2020-19967
	RESERVED
CVE-2020-19966
	RESERVED
CVE-2020-19965
	RESERVED
CVE-2020-19964 (A Cross Site Request Forgery (CSRF) vulnerability was discovered in PH ...)
	NOT-FOR-US: PHPMyWind
CVE-2020-19963
	RESERVED
CVE-2020-19962 (A stored cross-site scripting (XSS) vulnerability in the getClientIp f ...)
	NOT-FOR-US: Chaoji CMS
CVE-2020-19961 (A SQL injection vulnerability has been discovered in zz cms version 20 ...)
	NOT-FOR-US: zz cms
CVE-2020-19960 (A SQL injection vulnerability has been discovered in zz cms version 20 ...)
	NOT-FOR-US: zz cms
CVE-2020-19959 (A SQL injection vulnerability has been discovered in zz cms version 20 ...)
	NOT-FOR-US: zz cms
CVE-2020-19958
	RESERVED
CVE-2020-19957 (A SQL injection vulnerability has been discovered in zz cms version 20 ...)
	NOT-FOR-US: zz cms
CVE-2020-19956
	RESERVED
CVE-2020-19955
	RESERVED
CVE-2020-19954 (An XML External Entity (XXE) vulnerability was discovered in /api/noti ...)
	NOT-FOR-US: S-CMS
CVE-2020-19953
	RESERVED
CVE-2020-19952
	RESERVED
CVE-2020-19951 (A cross-site request forgery (CSRF) in /controller/pay.class.php of Yz ...)
	NOT-FOR-US: YzmCMS
CVE-2020-19950 (A cross-site scripting (XSS) vulnerability in the /banner/add.html com ...)
	NOT-FOR-US: YzmCMS
CVE-2020-19949 (A cross-site scripting (XSS) vulnerability in the /link/add.html compo ...)
	NOT-FOR-US: YzmCMS
CVE-2020-19948
	RESERVED
CVE-2020-19947
	RESERVED
CVE-2020-19946
	RESERVED
CVE-2020-19945
	RESERVED
CVE-2020-19944
	RESERVED
CVE-2020-19943
	RESERVED
CVE-2020-19942
	RESERVED
CVE-2020-19941
	RESERVED
CVE-2020-19940
	RESERVED
CVE-2020-19939
	RESERVED
CVE-2020-19938
	RESERVED
CVE-2020-19937
	RESERVED
CVE-2020-19936
	RESERVED
CVE-2020-19935
	RESERVED
CVE-2020-19934
	RESERVED
CVE-2020-19933
	RESERVED
CVE-2020-19932
	RESERVED
CVE-2020-19931
	RESERVED
CVE-2020-19930
	RESERVED
CVE-2020-19929
	RESERVED
CVE-2020-19928
	RESERVED
CVE-2020-19927
	RESERVED
CVE-2020-19926
	RESERVED
CVE-2020-19925
	RESERVED
CVE-2020-19924 (In Boostnote 0.12.1, exporting to PDF contains opportunities for XSS a ...)
	NOT-FOR-US: Boostnote
CVE-2020-19923
	RESERVED
CVE-2020-19922
	RESERVED
CVE-2020-19921
	RESERVED
CVE-2020-19920
	RESERVED
CVE-2020-19919
	RESERVED
CVE-2020-19918
	RESERVED
CVE-2020-19917
	RESERVED
CVE-2020-19916
	RESERVED
CVE-2020-19915 (Cross Site Scripting (XSS vulnerability exists in WUZHI CMS 4.1.0 via  ...)
	NOT-FOR-US: WUZHI CMS
CVE-2020-19914
	RESERVED
CVE-2020-19913
	RESERVED
CVE-2020-19912
	RESERVED
CVE-2020-19911
	RESERVED
CVE-2020-19910
	RESERVED
CVE-2020-19909
	RESERVED
CVE-2020-19908
	RESERVED
CVE-2020-19907 (A command injection vulnerability in the sandcat plugin of Caldera 2.3 ...)
	NOT-FOR-US: Caldera plugin
CVE-2020-19906
	RESERVED
CVE-2020-19905
	RESERVED
CVE-2020-19904
	RESERVED
CVE-2020-19903
	RESERVED
CVE-2020-19902
	RESERVED
CVE-2020-19901
	RESERVED
CVE-2020-19900
	RESERVED
CVE-2020-19899
	RESERVED
CVE-2020-19898
	RESERVED
CVE-2020-19897
	RESERVED
CVE-2020-19896
	RESERVED
CVE-2020-19895
	RESERVED
CVE-2020-19894
	RESERVED
CVE-2020-19893
	RESERVED
CVE-2020-19892
	RESERVED
CVE-2020-19891 (DBHcms v1.2.0 has an Arbitrary file write vulnerability in dbhcms\mod\ ...)
	NOT-FOR-US: DBHcms
CVE-2020-19890 (DBHcms v1.2.0 has an Arbitrary file read vulnerability in dbhcms\mod\m ...)
	NOT-FOR-US: DBHcms
CVE-2020-19889 (DBHcms v1.2.0 has no CSRF protection mechanism,as demonstrated by CSRF ...)
	NOT-FOR-US: DBHcms
CVE-2020-19888 (DBHcms v1.2.0 has an unauthorized operation vulnerability because ther ...)
	NOT-FOR-US: DBHcms
CVE-2020-19887 (DBHcms v1.2.0 has a stored XSS vulnerability as there is no htmlspecia ...)
	NOT-FOR-US: DBHcms
CVE-2020-19886 (DBHcms v1.2.0 has no CSRF protection mechanism,as demonstrated by CSRF ...)
	NOT-FOR-US: DBHcms
CVE-2020-19885 (DBHcms v1.2.0 has a stored xss vulnerability as there is no htmlspecia ...)
	NOT-FOR-US: DBHcms
CVE-2020-19884 (DBHcms v1.2.0 has a stored xss vulnerability as there is no htmlspecia ...)
	NOT-FOR-US: DBHcms
CVE-2020-19883 (DBHcms v1.2.0 has a stored xss vulnerability as there is no security f ...)
	NOT-FOR-US: DBHcms
CVE-2020-19882 (DBHcms v1.2.0 has a stored xss vulnerability as there is no htmlspecia ...)
	NOT-FOR-US: DBHcms
CVE-2020-19881 (DBHcms v1.2.0 has a reflected xss vulnerability as there is no securit ...)
	NOT-FOR-US: DBHcms
CVE-2020-19880 (DBHcms v1.2.0 has a stored xss vulnerability as there is no htmlspecia ...)
	NOT-FOR-US: DBHcms
CVE-2020-19879 (DBHcms v1.2.0 has a stored xss vulnerability as there is no security f ...)
	NOT-FOR-US: DBHcms
CVE-2020-19878 (DBHcms v1.2.0 has a sensitive information leaks vulnerability as there ...)
	NOT-FOR-US: DBHcms
CVE-2020-19877 (DBHcms v1.2.0 has a directory traversal vulnerability as there is no d ...)
	NOT-FOR-US: DBHcms
CVE-2020-19876
	RESERVED
CVE-2020-19875
	RESERVED
CVE-2020-19874
	RESERVED
CVE-2020-19873
	RESERVED
CVE-2020-19872
	RESERVED
CVE-2020-19871
	RESERVED
CVE-2020-19870
	RESERVED
CVE-2020-19869
	RESERVED
CVE-2020-19868
	RESERVED
CVE-2020-19867
	RESERVED
CVE-2020-19866
	RESERVED
CVE-2020-19865
	RESERVED
CVE-2020-19864
	RESERVED
CVE-2020-19863
	RESERVED
CVE-2020-19862
	RESERVED
CVE-2020-19861 (When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt ...)
	{DLA-2910-1}
	- ldns <unfixed>
	[bullseye] - ldns <no-dsa> (Minor issue)
	[buster] - ldns <no-dsa> (Minor issue)
	NOTE: https://github.com/NLnetLabs/ldns/issues/51
	NOTE: https://github.com/NLnetLabs/ldns/commit/136ec420437041fe13f344a2053e774f9050cc38 (1.8.0-rc.1)
CVE-2020-19860 (When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_ ...)
	{DLA-2910-1}
	- ldns <unfixed>
	[bullseye] - ldns <no-dsa> (Minor issue)
	[buster] - ldns <no-dsa> (Minor issue)
	NOTE: https://github.com/NLnetLabs/ldns/issues/50
	NOTE: https://github.com/NLnetLabs/ldns/commit/15d96206996bea969fbc918eb0a4a346f514b9f3 (1.8.0-rc.1)
	NOTE: https://github.com/NLnetLabs/ldns/commit/4e9861576a600a5ecfa16ec2de853c90dd9ce276 (1.8.0-rc.1)
CVE-2020-19859
	RESERVED
CVE-2020-19858 (Platinum Upnp SDK through 1.2.0 has a directory traversal vulnerabilit ...)
	NOT-FOR-US: Platinum Upnp SDK
CVE-2020-19857
	RESERVED
CVE-2020-19856
	RESERVED
CVE-2020-19855 (phpwcms v1.9 contains a cross-site scripting (XSS) vulnerability in /i ...)
	NOT-FOR-US: phpwcms
CVE-2020-19854
	RESERVED
CVE-2020-19853 (BlueCMS v1.6 contains a SQL injection vulnerability via /ad_js.php. ...)
	NOT-FOR-US: BlueCMS
CVE-2020-19852
	RESERVED
CVE-2020-19851
	RESERVED
CVE-2020-19850
	RESERVED
CVE-2020-19849
	RESERVED
CVE-2020-19848
	RESERVED
CVE-2020-19847
	RESERVED
CVE-2020-19846
	RESERVED
CVE-2020-19845
	RESERVED
CVE-2020-19844
	RESERVED
CVE-2020-19843
	RESERVED
CVE-2020-19842
	RESERVED
CVE-2020-19841
	RESERVED
CVE-2020-19840
	RESERVED
CVE-2020-19839
	RESERVED
CVE-2020-19838
	RESERVED
CVE-2020-19837
	RESERVED
CVE-2020-19836
	RESERVED
CVE-2020-19835
	RESERVED
CVE-2020-19834
	RESERVED
CVE-2020-19833
	RESERVED
CVE-2020-19832
	RESERVED
CVE-2020-19831
	RESERVED
CVE-2020-19830
	RESERVED
CVE-2020-19829
	RESERVED
CVE-2020-19828
	RESERVED
CVE-2020-19827
	RESERVED
CVE-2020-19826
	RESERVED
CVE-2020-19825
	RESERVED
CVE-2020-19824
	RESERVED
CVE-2020-19823
	RESERVED
CVE-2020-19822 (A remote code execution (RCE) vulnerability in template_user.php of ZZ ...)
	NOT-FOR-US: ZZCMS
CVE-2020-19821 (A SQL injection vulnerability in admin.php of DOYOCMS 2.3 allows attac ...)
	NOT-FOR-US: DOYOCMS
CVE-2020-19820
	RESERVED
CVE-2020-19819
	RESERVED
CVE-2020-19818
	RESERVED
CVE-2020-19817
	RESERVED
CVE-2020-19816
	RESERVED
CVE-2020-19815
	RESERVED
CVE-2020-19814
	RESERVED
CVE-2020-19813
	RESERVED
CVE-2020-19812
	RESERVED
CVE-2020-19811
	RESERVED
CVE-2020-19810
	RESERVED
CVE-2020-19809
	RESERVED
CVE-2020-19808
	RESERVED
CVE-2020-19807
	RESERVED
CVE-2020-19806
	RESERVED
CVE-2020-19805
	RESERVED
CVE-2020-19804
	RESERVED
CVE-2020-19803
	RESERVED
CVE-2020-19802
	RESERVED
CVE-2020-19801
	RESERVED
CVE-2020-19800
	RESERVED
CVE-2020-19799
	RESERVED
CVE-2020-19798
	RESERVED
CVE-2020-19797
	RESERVED
CVE-2020-19796
	RESERVED
CVE-2020-19795
	RESERVED
CVE-2020-19794
	RESERVED
CVE-2020-19793
	RESERVED
CVE-2020-19792
	RESERVED
CVE-2020-19791
	RESERVED
CVE-2020-19790
	RESERVED
CVE-2020-19789
	RESERVED
CVE-2020-19788
	RESERVED
CVE-2020-19787
	RESERVED
CVE-2020-19786
	RESERVED
CVE-2020-19785
	RESERVED
CVE-2020-19784
	RESERVED
CVE-2020-19783
	RESERVED
CVE-2020-19782
	RESERVED
CVE-2020-19781
	RESERVED
CVE-2020-19780
	RESERVED
CVE-2020-19779
	RESERVED
CVE-2020-19778 (Incorrect Access Control in Shopxo v1.4.0 and v1.5.0 allows remote att ...)
	NOT-FOR-US: Shopxo
CVE-2020-19777
	RESERVED
CVE-2020-19776
	RESERVED
CVE-2020-19775
	RESERVED
CVE-2020-19774
	RESERVED
CVE-2020-19773
	RESERVED
CVE-2020-19772
	RESERVED
CVE-2020-19771
	RESERVED
CVE-2020-19770 (A cross-site scripting (XSS) vulnerability in the system bulletin comp ...)
	NOT-FOR-US: WUZHI CMS
CVE-2020-19769 (A lack of target address verification in the BurnMe() function of Rob  ...)
	NOT-FOR-US: Rob The Bank
CVE-2020-19768 (A lack of target address verification in the selfdestructs() function  ...)
	NOT-FOR-US: ICOVO
CVE-2020-19767 (A lack of target address verification in the destroycontract() functio ...)
	NOT-FOR-US: 0xRACER
CVE-2020-19766 (The time check operation of PepeAuctionSale 1.0 can be rendered ineffe ...)
	NOT-FOR-US: PepeAuctionSale
CVE-2020-19765 (An issue in the noReentrance() modifier of the Ethereum-based contract ...)
	NOT-FOR-US: Ethereum Accounting
CVE-2020-19764
	RESERVED
CVE-2020-19763
	RESERVED
CVE-2020-19762 (Automated Logic Corporation (ALC) WebCTRL System 6.5 and prior allows  ...)
	NOT-FOR-US: Automated Logic Corporation (ALC) WebCTRL System
CVE-2020-19761
	RESERVED
CVE-2020-19760
	RESERVED
CVE-2020-19759
	RESERVED
CVE-2020-19758
	RESERVED
CVE-2020-19757
	RESERVED
CVE-2020-19756
	RESERVED
CVE-2020-19755
	RESERVED
CVE-2020-19754
	RESERVED
CVE-2020-19753
	RESERVED
CVE-2020-19752 (The find_color_or_error function in gifsicle 1.92 contains a NULL poin ...)
	- gifsicle 1.93-2 (unimportant)
	NOTE: https://github.com/kohler/gifsicle/issues/140
	NOTE: https://github.com/kohler/gifsicle/commit/eb9e083dcc0050996d79de2076ddc76011ad2f10 (v1.93)
	NOTE: Crash in CLI tool, no security impact
CVE-2020-19751 (An issue was discovered in gpac 0.8.0. The gf_odf_del_ipmp_tool functi ...)
	- gpac 1.0.1+dfsg1-2
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	- ccextractor 0.93+ds2-1 (bug #994746)
	[bullseye] - ccextractor <no-dsa> (Minor issue)
	[buster] - ccextractor <no-dsa> (Minor issue)
	NOTE: https://github.com/gpac/gpac/issues/1272
	NOTE: https://github.com/gpac/gpac/commit/c26b0aa605aaea1f0ebe8d21fe1398d94680adf7 (v0.9.0-preview~20)
CVE-2020-19750 (An issue was discovered in gpac 0.8.0. The strdup function in box_code ...)
	- gpac 1.0.1+dfsg1-2
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	NOTE: https://github.com/gpac/gpac/issues/1262
	NOTE: https://github.com/gpac/gpac/commit/3fcf66c6031da966cf33ee89bcbefa2f8bec4b02 (v0.9.0-preview~20)
CVE-2020-19749
	RESERVED
CVE-2020-19748
	RESERVED
CVE-2020-19747
	RESERVED
CVE-2020-19746
	RESERVED
CVE-2020-19745
	RESERVED
CVE-2020-19744
	RESERVED
CVE-2020-19743
	RESERVED
CVE-2020-19742
	RESERVED
CVE-2020-19741
	RESERVED
CVE-2020-19740
	RESERVED
CVE-2020-19739
	RESERVED
CVE-2020-19738
	RESERVED
CVE-2020-19737
	RESERVED
CVE-2020-19736
	RESERVED
CVE-2020-19735
	RESERVED
CVE-2020-19734
	RESERVED
CVE-2020-19733
	RESERVED
CVE-2020-19732
	RESERVED
CVE-2020-19731
	RESERVED
CVE-2020-19730
	RESERVED
CVE-2020-19729
	RESERVED
CVE-2020-19728
	RESERVED
CVE-2020-19727
	RESERVED
CVE-2020-19726
	RESERVED
CVE-2020-19725
	RESERVED
CVE-2020-19724
	RESERVED
CVE-2020-19723
	RESERVED
CVE-2020-19722 (An unhandled memory allocation failure in Core/Ap4Atom.cpp of Bento 1. ...)
	NOT-FOR-US: Bento4
CVE-2020-19721 (A heap buffer overflow vulnerability in Ap4TrunAtom.cpp of Bento 1.5.1 ...)
	NOT-FOR-US: Bento4
CVE-2020-19720 (An unhandled memory allocation failure in Core/AP4IkmsAtom.cpp of Bent ...)
	NOT-FOR-US: Bento4
CVE-2020-19719 (A buffer overflow vulnerability in Ap4ElstAtom.cpp of Bento 1.5.1-628  ...)
	NOT-FOR-US: Bento4
CVE-2020-19718 (An unhandled memory allocation failure in Core/Ap4Atom.cpp of Bento 1. ...)
	NOT-FOR-US: Bento4
CVE-2020-19717 (An unhandled memory allocation failure in Core/Ap48bdlAtom.cpp of Bent ...)
	NOT-FOR-US: Bento4
CVE-2020-19716 (A buffer overflow vulnerability in the Databuf function in types.cpp o ...)
	- exiv2 <undetermined>
	NOTE: https://github.com/Exiv2/exiv2/issues/980
	TODO: check, unclear if fixed or not, upstream cannot reproduce as well in 0.27.1 as reported
CVE-2020-19715
	REJECTED
CVE-2020-19714
	RESERVED
CVE-2020-19713
	RESERVED
CVE-2020-19712
	RESERVED
CVE-2020-19711
	RESERVED
CVE-2020-19710
	RESERVED
CVE-2020-19709 (Insufficient filtering of the tag parameters in feehicms 0.1.3 allows  ...)
	NOT-FOR-US: feehicms
CVE-2020-19708
	RESERVED
CVE-2020-19707
	RESERVED
CVE-2020-19706
	RESERVED
CVE-2020-19705 (thinkphp-zcms as of 20190715 allows SQL injection via index.php?m=home ...)
	NOT-FOR-US: thinkphp-zcms
CVE-2020-19704 (A stored cross-site scripting (XSS) vulnerability via ResourceControll ...)
	NOT-FOR-US: Spring Boot admin
	NOTE: https://github.com/sail-y/spring-boot-admin
CVE-2020-19703 (A cross-site scripting (XSS) vulnerability in the referer parameter of ...)
	NOT-FOR-US: Dzzoffice
CVE-2020-19702
	RESERVED
CVE-2020-19701
	RESERVED
CVE-2020-19700
	RESERVED
CVE-2020-19699
	RESERVED
CVE-2020-19698
	RESERVED
CVE-2020-19697
	RESERVED
CVE-2020-19696
	RESERVED
CVE-2020-19695
	RESERVED
CVE-2020-19694
	RESERVED
CVE-2020-19693
	RESERVED
CVE-2020-19692
	RESERVED
CVE-2020-19691
	RESERVED
CVE-2020-19690
	RESERVED
CVE-2020-19689
	RESERVED
CVE-2020-19688
	RESERVED
CVE-2020-19687
	RESERVED
CVE-2020-19686
	RESERVED
CVE-2020-19685
	RESERVED
CVE-2020-19684
	RESERVED
CVE-2020-19683 (A Cross Site Scripting (XSS) exists in ZZZCMS V1.7.1 via an editfile a ...)
	NOT-FOR-US: zzzcms
CVE-2020-19682 (A Cross Site Request Forgery (CSRF) vulnerability exits in ZZZCMS V1.7 ...)
	NOT-FOR-US: zzzcms
CVE-2020-19681
	RESERVED
CVE-2020-19680
	RESERVED
CVE-2020-19679
	RESERVED
CVE-2020-19678
	RESERVED
CVE-2020-19677
	RESERVED
CVE-2020-19676 (Nacos 1.1.4 is affected by: Incorrect Access Control. An environment c ...)
	NOT-FOR-US: Nacos
CVE-2020-19675
	RESERVED
CVE-2020-19674
	RESERVED
CVE-2020-19673
	RESERVED
CVE-2020-19672 (Niushop B2B2C Multi-business basic version V1.11, can bypass the admin ...)
	NOT-FOR-US: Niushop B2B2C Multi-business basic
CVE-2020-19671
	RESERVED
CVE-2020-19670 (In Niushop B2B2C Multi-Business Basic Edition V1.11, authentication ca ...)
	NOT-FOR-US: Niushop B2B2C Multi-Business Basic Edition
CVE-2020-19669 (Cross Site Request Forgery (CSRF) vulnerability exists in Eyoucms 1.3. ...)
	NOT-FOR-US: Eyoucms
CVE-2020-19668 (Unverified indexs into the array lead to out of bound access in the gi ...)
	- libsixel 1.10.3-1 (bug #990799)
	[bullseye] - libsixel <no-dsa> (Minor issue)
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/136
	NOTE: https://github.com/libsixel/libsixel/issues/7
	NOTE: https://github.com/libsixel/libsixel/pull/8
	NOTE: https://github.com/libsixel/libsixel/commit/05e5d21d065c663ec7a83d185974f4c252314968 (v1.9.0)
	NOTE: Since 1.10.3-1 the Debian package moved from https://github.com/saitoha/libsixel to https://github.com/libsixel/libsixel fork
CVE-2020-19667 (Stack-based buffer overflow and unconditional jump in ReadXPMImage in  ...)
	{DLA-2523-1}
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1895
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/26538669546730c5b2dc36e7d48850f1f6928f94
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/5462fd4725018567764c8f66bed98b7ee3e23006
CVE-2020-19666
	RESERVED
CVE-2020-19665
	RESERVED
CVE-2020-19664 (DrayTek Vigor2960 1.5.1 allows remote command execution via shell meta ...)
	NOT-FOR-US: DrayTek Vigor2960
CVE-2020-19663
	RESERVED
CVE-2020-19662
	RESERVED
CVE-2020-19661
	RESERVED
CVE-2020-19660
	RESERVED
CVE-2020-19659
	RESERVED
CVE-2020-19658
	RESERVED
CVE-2020-19657
	RESERVED
CVE-2020-19656
	RESERVED
CVE-2020-19655
	RESERVED
CVE-2020-19654
	RESERVED
CVE-2020-19653
	RESERVED
CVE-2020-19652
	RESERVED
CVE-2020-19651
	RESERVED
CVE-2020-19650
	RESERVED
CVE-2020-19649
	RESERVED
CVE-2020-19648
	RESERVED
CVE-2020-19647
	RESERVED
CVE-2020-19646
	RESERVED
CVE-2020-19645
	RESERVED
CVE-2020-19644
	RESERVED
CVE-2020-19643 (Cross Site Scripting (XSS) vulnerability in INSMA Wifi Mini Spy 1080P  ...)
	NOT-FOR-US: INSMA Wifi Mini Spy 1080P HD Security IP Camera
CVE-2020-19642 (An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Ca ...)
	NOT-FOR-US: INSMA Wifi Mini Spy 1080P HD Security IP Camera
CVE-2020-19641 (An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Ca ...)
	NOT-FOR-US: INSMA Wifi Mini Spy 1080P HD Security IP Camera
CVE-2020-19640 (An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Ca ...)
	NOT-FOR-US: INSMA Wifi Mini Spy 1080P HD Security IP Camera
CVE-2020-19639 (Cross Site Request Forgery (CSRF) vulnerability in INSMA Wifi Mini Spy ...)
	NOT-FOR-US: INSMA Wifi Mini Spy 1080P HD Security IP Camera
CVE-2020-19638
	RESERVED
CVE-2020-19637
	RESERVED
CVE-2020-19636
	RESERVED
CVE-2020-19635
	RESERVED
CVE-2020-19634
	RESERVED
CVE-2020-19633
	RESERVED
CVE-2020-19632
	RESERVED
CVE-2020-19631
	RESERVED
CVE-2020-19630
	RESERVED
CVE-2020-19629
	RESERVED
CVE-2020-19628
	RESERVED
CVE-2020-19627
	RESERVED
CVE-2020-19626 (Cross Site Scripting (XSS) vulnerability in craftcms 3.1.31, allows re ...)
	NOT-FOR-US: craftcms
CVE-2020-19625 (Remote Code Execution Vulnerability in tests/support/stores/test_grid_ ...)
	NOT-FOR-US: oria gridx
CVE-2020-19624
	RESERVED
CVE-2020-19623
	RESERVED
CVE-2020-19622
	RESERVED
CVE-2020-19621
	RESERVED
CVE-2020-19620
	RESERVED
CVE-2020-19619 (Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the signatur ...)
	NOT-FOR-US: mblog
CVE-2020-19618 (Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post con ...)
	NOT-FOR-US: mblog
CVE-2020-19617 (Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the nickname ...)
	NOT-FOR-US: mblog
CVE-2020-19616 (Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post hea ...)
	NOT-FOR-US: mblog
CVE-2020-19615
	RESERVED
CVE-2020-19614
	RESERVED
CVE-2020-19613 (Server Side Request Forgery (SSRF) vulnerability in saveUrlAs function ...)
	NOT-FOR-US: sunkaifei FlyCMS
CVE-2020-19612
	RESERVED
CVE-2020-19611 (Cross Site Scripting (XSS) in redirect module of Racktables version 0. ...)
	- racktables <itp> (bug #629531)
CVE-2020-19610
	RESERVED
CVE-2020-19609 (Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff ...)
	{DLA-2765-1}
	- mupdf 1.17.0+ds1-2 (bug #991401)
	[buster] - mupdf <no-dsa> (Minor issue; can be fixed via point release)
	NOTE: http://git.ghostscript.com/?p=mupdf.git;h=b7892cdc7fae62aa57d63ae62144e1f11b5f9275
	NOTE: http://git.ghostscript.com/?p=mupdf.git;h=2c4f11f8dcdbd18c35a65e58cc789be0e46012a8
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701176
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=703076
CVE-2020-19608
	RESERVED
CVE-2020-19607
	RESERVED
CVE-2020-19606
	RESERVED
CVE-2020-19605
	RESERVED
CVE-2020-19604
	RESERVED
CVE-2020-19603
	RESERVED
CVE-2020-19602
	RESERVED
CVE-2020-19601
	RESERVED
CVE-2020-19600
	RESERVED
CVE-2020-19599
	RESERVED
CVE-2020-19598
	RESERVED
CVE-2020-19597
	RESERVED
CVE-2020-19596 (Buffer overflow vulnerability in Core FTP Server v1.2 Build 583, via a ...)
	NOT-FOR-US: Core FTP
CVE-2020-19595 (Buffer overflow vulnerability in Core FTP Server v2 Build 697, via a c ...)
	NOT-FOR-US: Core FTP
CVE-2020-19594
	RESERVED
CVE-2020-19593
	RESERVED
CVE-2020-19592
	RESERVED
CVE-2020-19591
	RESERVED
CVE-2020-19590
	RESERVED
CVE-2020-19589
	RESERVED
CVE-2020-19588
	RESERVED
CVE-2020-19587
	RESERVED
CVE-2020-19586
	RESERVED
CVE-2020-19585
	RESERVED
CVE-2020-19584
	RESERVED
CVE-2020-19583
	RESERVED
CVE-2020-19582
	RESERVED
CVE-2020-19581
	RESERVED
CVE-2020-19580
	RESERVED
CVE-2020-19579
	RESERVED
CVE-2020-19578
	RESERVED
CVE-2020-19577
	RESERVED
CVE-2020-19576
	RESERVED
CVE-2020-19575
	RESERVED
CVE-2020-19574
	RESERVED
CVE-2020-19573
	RESERVED
CVE-2020-19572
	RESERVED
CVE-2020-19571
	RESERVED
CVE-2020-19570
	RESERVED
CVE-2020-19569
	RESERVED
CVE-2020-19568
	RESERVED
CVE-2020-19567
	RESERVED
CVE-2020-19566
	RESERVED
CVE-2020-19565
	RESERVED
CVE-2020-19564
	RESERVED
CVE-2020-19563
	RESERVED
CVE-2020-19562
	RESERVED
CVE-2020-19561
	RESERVED
CVE-2020-19560
	RESERVED
CVE-2020-19559
	RESERVED
CVE-2020-19558
	RESERVED
CVE-2020-19557
	RESERVED
CVE-2020-19556
	RESERVED
CVE-2020-19555
	RESERVED
CVE-2020-19554 (Cross Site Scripting (XSS) vulnerability exists in ManageEngine OPMana ...)
	NOT-FOR-US: ManageEngine
CVE-2020-19553 (Cross Site Scripting (XSS) vlnerability exists in WUZHI CMS up to and  ...)
	NOT-FOR-US: WUZHI CMS
CVE-2020-19552
	RESERVED
CVE-2020-19551 (Blacklist bypass issue exists in WUZHI CMS up to and including 4.1.0 i ...)
	NOT-FOR-US: WUZHI CMS
CVE-2020-19550
	RESERVED
CVE-2020-19549
	RESERVED
CVE-2020-19548
	RESERVED
CVE-2020-19547 (Directory Traversal vulnerability exists in PopojiCMS 2.0.1 via the id ...)
	NOT-FOR-US: PopojiCMS
CVE-2020-19546
	RESERVED
CVE-2020-19545
	RESERVED
CVE-2020-19544
	RESERVED
CVE-2020-19543
	RESERVED
CVE-2020-19542
	RESERVED
CVE-2020-19541
	RESERVED
CVE-2020-19540
	RESERVED
CVE-2020-19539
	RESERVED
CVE-2020-19538
	RESERVED
CVE-2020-19537
	RESERVED
CVE-2020-19536
	RESERVED
CVE-2020-19535
	RESERVED
CVE-2020-19534
	RESERVED
CVE-2020-19533
	RESERVED
CVE-2020-19532
	RESERVED
CVE-2020-19531
	RESERVED
CVE-2020-19530
	RESERVED
CVE-2020-19529
	RESERVED
CVE-2020-19528
	RESERVED
CVE-2020-19527 (iCMS 7.0.14 attackers to execute arbitrary OS commands via shell metac ...)
	NOT-FOR-US: idreamsoft iCMS
CVE-2020-19526
	RESERVED
CVE-2020-19525
	RESERVED
CVE-2020-19524
	RESERVED
CVE-2020-19523
	RESERVED
CVE-2020-19522
	RESERVED
CVE-2020-19521
	RESERVED
CVE-2020-19520
	RESERVED
CVE-2020-19519
	RESERVED
CVE-2020-19518
	RESERVED
CVE-2020-19517
	RESERVED
CVE-2020-19516
	RESERVED
CVE-2020-19515 (qdPM V9.1 is vulnerable to Cross Site Scripting (XSS) via qdPM\install ...)
	NOT-FOR-US: qdPM
CVE-2020-19514
	RESERVED
CVE-2020-19513 (Buffer overflow in FinalWire Ltd AIDA64 Engineer 6.00.5100 allows atta ...)
	NOT-FOR-US: FinalWire Ltd AIDA64 Engineer
CVE-2020-19512
	RESERVED
CVE-2020-19511 (Cross Site Scriptiong vulnerability in Typesetter 5.1 via the !1) clas ...)
	NOT-FOR-US: Typesetter CMS
CVE-2020-19510 (Textpattern 4.7.3 contains an aribtrary file load via the file_insert  ...)
	NOT-FOR-US: Textpattern CMS
CVE-2020-19509
	RESERVED
CVE-2020-19508
	RESERVED
CVE-2020-19507
	RESERVED
CVE-2020-19506
	RESERVED
CVE-2020-19505
	RESERVED
CVE-2020-19504
	RESERVED
CVE-2020-19503
	RESERVED
CVE-2020-19502
	RESERVED
CVE-2020-19501
	RESERVED
CVE-2020-19500
	RESERVED
CVE-2020-19499 (An issue was discovered in heif::Box_iref::get_references in libheif 1 ...)
	- libheif 1.5.0-1
	[buster] - libheif <no-dsa> (Minor issue)
	NOTE: https://github.com/strukturag/libheif/commit/f7399b62d7fbc596f1b2871578c1d2053bedf1dd
	NOTE: https://github.com/strukturag/libheif/issues/138
CVE-2020-19498 (Floating point exception in function Fraction in libheif 1.4.0, allows ...)
	- libheif 1.5.0-1
	[buster] - libheif <no-dsa> (Minor issue)
	NOTE: https://github.com/strukturag/libheif/issues/139
	NOTE: https://github.com/strukturag/libheif/commit/2710c930918609caaf0a664e9c7bc3dce05d5b58
CVE-2020-19497 (Integer overflow vulnerability in Mat_VarReadNextInfo5 in mat5.c in tb ...)
	- libmatio 1.5.19-2
	[buster] - libmatio <no-dsa> (Minor issue)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: https://github.com/tbeu/matio/commit/5fa49ef9fc4368fe3d19b5fdaa36d8fa5e7f4606 (v1.5.18)
	NOTE: https://github.com/tbeu/matio/issues/121
CVE-2020-19496
	RESERVED
CVE-2020-19495
	RESERVED
CVE-2020-19494
	RESERVED
CVE-2020-19493
	RESERVED
CVE-2020-19492 (There is a floating point exception in ReadImage that leads to a Segme ...)
	- sam2p <removed>
	NOTE: https://github.com/pts/sam2p/commit/b953f63307c4a83fa4615a4863e3fb250205cd98
	NOTE: https://github.com/pts/sam2p/issues/66
CVE-2020-19491 (There is an invalid memory access bug in cgif.c that leads to a Segmen ...)
	- sam2p <removed>
	NOTE: https://github.com/pts/sam2p/commit/1d62cf8964bfcafa6561c4c3bb66d4aa4c529a73
	NOTE: https://github.com/pts/sam2p/issues/67
CVE-2020-19490 (tinyexr 0.9.5 has a integer overflow over-write in tinyexr::DecodePixe ...)
	- tinyexr <not-affected> (Fixed with initial upload to Debian)
	NOTE: https://github.com/syoyo/tinyexr/issues/124
	NOTE: https://github.com/syoyo/tinyexr/commit/a685e3332f61cd4e59324bf3f669d36973d64270
CVE-2020-19489
	RESERVED
CVE-2020-19488 (An issue was discovered in box_code_apple.c:119 in Gpac MP4Box 0.8.0,  ...)
	- gpac 1.0.1+dfsg1-2
	[buster] - gpac <not-affected> (Vulnerable code introduced later, in version 0.8.0)
	[stretch] - gpac <not-affected> (Vulnerable code introduced later, in version 0.8.0)
	NOTE: https://github.com/gpac/gpac/issues/1263
	NOTE: Introduced by: https://github.com/gpac/gpac/commit/86d072b6a13baa1a4a90168098a0f8354c24d8cf (v0.8.0)
	NOTE: Fixed by: https://github.com/gpac/gpac/commit/6170024568f4dda310e98ef7508477b425c58d09 (v0.9.0-preview)
CVE-2020-19487
	RESERVED
CVE-2020-19486
	RESERVED
CVE-2020-19485
	RESERVED
CVE-2020-19484
	RESERVED
CVE-2020-19483
	RESERVED
CVE-2020-19482
	RESERVED
CVE-2020-19481 (An issue was discovered in GPAC before 0.8.0, as demonstrated by MP4Bo ...)
	- gpac 1.0.1+dfsg1-2
	[buster] - gpac <not-affected> (Vulnerable code introduced later, in version 0.8.0)
	[stretch] - gpac <not-affected> (Vulnerable code introduced later, in version 0.8.0)
	NOTE: https://github.com/gpac/gpac/issues/1265
	NOTE: https://github.com/gpac/gpac/issues/1266
	NOTE: https://github.com/gpac/gpac/issues/1267
	NOTE: Introduced by: https://github.com/gpac/gpac/commit/bb002ad4f92d216f8ab7c8466102279ef8af6f88 (v0.8.0)
	NOTE: Fixed by: https://github.com/gpac/gpac/commit/2320eb73afba753b39b7147be91f7be7afc0eeb7 (v0.9.0-preview)
CVE-2020-19480
	RESERVED
CVE-2020-19479
	RESERVED
CVE-2020-19478
	RESERVED
CVE-2020-19477
	RESERVED
CVE-2020-19476
	RESERVED
CVE-2020-19475 (An issue has been found in function CCITTFaxStream::lookChar in PDF2JS ...)
	NOT-FOR-US: pdf2json
	NOTE: pdf2json bundles a 14 year old xpdf release (3.0.2), there's no point in
	NOTE: tracking whether this affects src:poppler
CVE-2020-19474 (An issue has been found in function Gfx::doShowText in PDF2JSON 0.70 t ...)
	NOT-FOR-US: pdf2json
	NOTE: pdf2json bundles a 14 year old xpdf release (3.0.2), there's no point in
	NOTE: tracking whether this affects src:poppler
CVE-2020-19473 (An issue has been found in function DCTStream::decodeImage in PDF2JSON ...)
	NOT-FOR-US: pdf2json
	NOTE: pdf2json bundles a 14 year old xpdf release (3.0.2), there's no point in
	NOTE: tracking whether this affects src:poppler
CVE-2020-19472 (An issue has been found in function DCTStream::readHuffSym in PDF2JSON ...)
	NOT-FOR-US: pdf2json
	NOTE: pdf2json bundles a 14 year old xpdf release (3.0.2), there's no point in
	NOTE: tracking whether this affects src:poppler
CVE-2020-19471 (An issue has been found in function DCTStream::decodeImage in PDF2JSON ...)
	NOT-FOR-US: pdf2json
	NOTE: pdf2json bundles a 14 year old xpdf release (3.0.2), there's no point in
	NOTE: tracking whether this affects src:poppler
CVE-2020-19470 (An issue has been found in function DCTStream::getChar in PDF2JSON 0.7 ...)
	NOT-FOR-US: pdf2json
	NOTE: pdf2json bundles a 14 year old xpdf release (3.0.2), there's no point in
	NOTE: tracking whether this affects src:poppler
CVE-2020-19469 (An issue has been found in function DCTStream::reset in PDF2JSON 0.70  ...)
	NOT-FOR-US: pdf2json
	NOTE: pdf2json bundles a 14 year old xpdf release (3.0.2), there's no point in
	NOTE: tracking whether this affects src:poppler
CVE-2020-19468 (An issue has been found in function EmbedStream::getChar in PDF2JSON 0 ...)
	NOT-FOR-US: pdf2json
	NOTE: pdf2json bundles a 14 year old xpdf release (3.0.2), there's no point in
	NOTE: tracking whether this affects src:poppler
CVE-2020-19467 (An issue has been found in function DCTStream::transformDataUnit in PD ...)
	NOT-FOR-US: pdf2json
	NOTE: pdf2json bundles a 14 year old xpdf release (3.0.2), there's no point in
	NOTE: tracking whether this affects src:poppler
CVE-2020-19466 (An issue has been found in function DCTStream::transformDataUnit in PD ...)
	NOT-FOR-US: pdf2json
	NOTE: pdf2json bundles a 14 year old xpdf release (3.0.2), there's no point in
	NOTE: tracking whether this affects src:poppler
CVE-2020-19465 (An issue has been found in function ObjectStream::getObject in PDF2JSO ...)
	NOT-FOR-US: pdf2json
	NOTE: pdf2json bundles a 14 year old xpdf release (3.0.2), there's no point in
	NOTE: tracking whether this affects src:poppler
CVE-2020-19464 (An issue has been found in function XRef::fetch in PDF2JSON 0.70 that  ...)
	NOT-FOR-US: pdf2json
	NOTE: pdf2json bundles a 14 year old xpdf release (3.0.2), there's no point in
	NOTE: tracking whether this affects src:poppler
CVE-2020-19463 (An issue has been found in function vfprintf in PDF2JSON 0.70 that all ...)
	NOT-FOR-US: pdf2json
	NOTE: pdf2json bundles a 14 year old xpdf release (3.0.2), there's no point in
	NOTE: tracking whether this affects src:poppler
CVE-2020-19462
	RESERVED
CVE-2020-19461
	RESERVED
CVE-2020-19460
	RESERVED
CVE-2020-19459
	RESERVED
CVE-2020-19458
	RESERVED
CVE-2020-19457
	RESERVED
CVE-2020-19456
	RESERVED
CVE-2020-19455 (SQL injection exists in the jdownloads 3.2.63 component for Joomla! vi ...)
	NOT-FOR-US: jdownloads component for Joomla!
CVE-2020-19454
	RESERVED
CVE-2020-19453
	RESERVED
CVE-2020-19452
	RESERVED
CVE-2020-19451 (SQL injection exists in the jdownloads 3.2.63 component for Joomla! vi ...)
	NOT-FOR-US: jdownloads component for Joomla!
CVE-2020-19450 (SQL injection exists in the jdownloads 3.2.63 component for Joomla! vi ...)
	NOT-FOR-US: jdownloads component for Joomla!
CVE-2020-19449
	RESERVED
CVE-2020-19448
	RESERVED
CVE-2020-19447 (SQL injection exists in the jdownloads 3.2.63 component for Joomla! co ...)
	NOT-FOR-US: jdownloads component for Joomla!
CVE-2020-19446
	RESERVED
CVE-2020-19445
	RESERVED
CVE-2020-19444
	RESERVED
CVE-2020-19443
	RESERVED
CVE-2020-19442
	RESERVED
CVE-2020-19441
	RESERVED
CVE-2020-19440
	RESERVED
CVE-2020-19439
	RESERVED
CVE-2020-19438
	RESERVED
CVE-2020-19437
	RESERVED
CVE-2020-19436
	RESERVED
CVE-2020-19435
	RESERVED
CVE-2020-19434
	RESERVED
CVE-2020-19433
	RESERVED
CVE-2020-19432
	RESERVED
CVE-2020-19431
	RESERVED
CVE-2020-19430
	RESERVED
CVE-2020-19429
	RESERVED
CVE-2020-19428
	RESERVED
CVE-2020-19427
	RESERVED
CVE-2020-19426
	RESERVED
CVE-2020-19425
	RESERVED
CVE-2020-19424
	RESERVED
CVE-2020-19423
	RESERVED
CVE-2020-19422
	RESERVED
CVE-2020-19421
	RESERVED
CVE-2020-19420
	RESERVED
CVE-2020-19419 (Incorrect Access Control in Emerson Smart Wireless Gateway 1420 4.6.59 ...)
	NOT-FOR-US: Emerson Smart Wireless Gateway 1420
CVE-2020-19418
	RESERVED
CVE-2020-19417 (Emerson Smart Wireless Gateway 1420 4.6.59 allows non-privileged users ...)
	NOT-FOR-US: Emerson Smart Wireless Gateway 1420
CVE-2020-19416
	RESERVED
CVE-2020-19415
	RESERVED
CVE-2020-19414
	RESERVED
CVE-2020-19413
	RESERVED
CVE-2020-19412
	RESERVED
CVE-2020-19411
	RESERVED
CVE-2020-19410
	RESERVED
CVE-2020-19409
	RESERVED
CVE-2020-19408
	RESERVED
CVE-2020-19407
	RESERVED
CVE-2020-19406
	RESERVED
CVE-2020-19405
	RESERVED
CVE-2020-19404
	RESERVED
CVE-2020-19403
	RESERVED
CVE-2020-19402
	RESERVED
CVE-2020-19401
	RESERVED
CVE-2020-19400
	RESERVED
CVE-2020-19399
	RESERVED
CVE-2020-19398
	RESERVED
CVE-2020-19397
	RESERVED
CVE-2020-19396
	RESERVED
CVE-2020-19395
	RESERVED
CVE-2020-19394
	RESERVED
CVE-2020-19393
	RESERVED
CVE-2020-19392
	RESERVED
CVE-2020-19391
	RESERVED
CVE-2020-19390
	RESERVED
CVE-2020-19389
	RESERVED
CVE-2020-19388
	RESERVED
CVE-2020-19387
	RESERVED
CVE-2020-19386
	RESERVED
CVE-2020-19385
	RESERVED
CVE-2020-19384
	RESERVED
CVE-2020-19383
	RESERVED
CVE-2020-19382
	RESERVED
CVE-2020-19381
	RESERVED
CVE-2020-19380
	RESERVED
CVE-2020-19379
	RESERVED
CVE-2020-19378
	RESERVED
CVE-2020-19377
	RESERVED
CVE-2020-19376
	RESERVED
CVE-2020-19375
	RESERVED
CVE-2020-19374
	RESERVED
CVE-2020-19373
	RESERVED
CVE-2020-19372
	RESERVED
CVE-2020-19371
	RESERVED
CVE-2020-19370
	RESERVED
CVE-2020-19369
	RESERVED
CVE-2020-19368
	RESERVED
CVE-2020-19367
	RESERVED
CVE-2020-19366
	RESERVED
CVE-2020-19365
	RESERVED
CVE-2020-19364 (OpenEMR 5.0.1 allows an authenticated attacker to upload and execute m ...)
	NOT-FOR-US: OpenEMR
CVE-2020-19363 (Vtiger CRM v7.2.0 allows an attacker to display hidden files, list dir ...)
	NOT-FOR-US: Vtiger CRM
CVE-2020-19362 (Reflected XSS in Vtiger CRM v7.2.0 in vtigercrm/index.php? through the ...)
	NOT-FOR-US: Vtiger CRM
CVE-2020-19361 (Reflected XSS in Medintux v2.16.000 CCAM.php by manipulating the mot1  ...)
	NOT-FOR-US: Medintux
CVE-2020-19360 (Local file inclusion in FHEM 6.0 allows in fhem/FileLog_logWrapper fil ...)
	NOT-FOR-US: FHEM
CVE-2020-19359
	RESERVED
CVE-2020-19358
	RESERVED
CVE-2020-19357
	RESERVED
CVE-2020-19356
	RESERVED
CVE-2020-19355
	RESERVED
CVE-2020-19354
	RESERVED
CVE-2020-19353
	RESERVED
CVE-2020-19352
	RESERVED
CVE-2020-19351
	RESERVED
CVE-2020-19350
	RESERVED
CVE-2020-19349
	RESERVED
CVE-2020-19348
	RESERVED
CVE-2020-19347
	RESERVED
CVE-2020-19346
	RESERVED
CVE-2020-19345
	RESERVED
CVE-2020-19344
	RESERVED
CVE-2020-19343
	RESERVED
CVE-2020-19342
	RESERVED
CVE-2020-19341
	RESERVED
CVE-2020-19340
	RESERVED
CVE-2020-19339
	RESERVED
CVE-2020-19338
	RESERVED
CVE-2020-19337
	RESERVED
CVE-2020-19336
	RESERVED
CVE-2020-19335
	RESERVED
CVE-2020-19334
	RESERVED
CVE-2020-19333
	RESERVED
CVE-2020-19332
	RESERVED
CVE-2020-19331
	RESERVED
CVE-2020-19330
	RESERVED
CVE-2020-19329
	RESERVED
CVE-2020-19328
	RESERVED
CVE-2020-19327
	RESERVED
CVE-2020-19326
	RESERVED
CVE-2020-19325
	RESERVED
CVE-2020-19324
	RESERVED
CVE-2020-19323
	RESERVED
CVE-2020-19322
	RESERVED
CVE-2020-19321
	RESERVED
CVE-2020-19320
	RESERVED
CVE-2020-19319
	RESERVED
CVE-2020-19318
	RESERVED
CVE-2020-19317
	RESERVED
CVE-2020-19316 (OS Command injection vulnerability in function link in Filesystem.php  ...)
	- php-laravel-framework <not-affected> (Fixed before initial upload to Debian)
	NOTE: http://www.netbytesec.com/advisories/OSCommandInjectionInLaravelFramework/
	NOTE: https://github.com/laravel/framework/commit/44c3feb604944599ad1c782a9942981c3991fa31 (5.8.17)
CVE-2020-19315
	RESERVED
CVE-2020-19314
	RESERVED
CVE-2020-19313
	RESERVED
CVE-2020-19312
	RESERVED
CVE-2020-19311
	RESERVED
CVE-2020-19310
	RESERVED
CVE-2020-19309
	RESERVED
CVE-2020-19308
	RESERVED
CVE-2020-19307
	RESERVED
CVE-2020-19306
	RESERVED
CVE-2020-19305 (An issue in /app/system/column/admin/index.class.php of Metinfo v7.0.0 ...)
	NOT-FOR-US: Metinfo
CVE-2020-19304 (An issue in /admin/index.php?n=system&amp;c=filept&amp;a=doGetFileList ...)
	NOT-FOR-US: Metinfo
CVE-2020-19303 (An arbitrary file upload vulnerability in /fileupload.php of hdcms 5.7 ...)
	NOT-FOR-US: hdcms
CVE-2020-19302 (An arbitrary file upload vulnerability in the avatar upload function o ...)
	NOT-FOR-US: vaeThink
CVE-2020-19301 (A vulnerability in the vae_admin_rule database table of vaeThink v1.0. ...)
	NOT-FOR-US: vaeThink
CVE-2020-19300
	RESERVED
CVE-2020-19299
	RESERVED
CVE-2020-19298
	RESERVED
CVE-2020-19297
	RESERVED
CVE-2020-19296
	RESERVED
CVE-2020-19295 (A reflected cross-site scripting (XSS) vulnerability in the /weibo/top ...)
	NOT-FOR-US: Jeesns
CVE-2020-19294 (A stored cross-site scripting (XSS) vulnerability in the /article/comm ...)
	NOT-FOR-US: Jeesns
CVE-2020-19293 (A stored cross-site scripting (XSS) vulnerability in the /article/add  ...)
	NOT-FOR-US: Jeesns
CVE-2020-19292 (A stored cross-site scripting (XSS) vulnerability in the /question/ask ...)
	NOT-FOR-US: Jeesns
CVE-2020-19291 (A stored cross-site scripting (XSS) vulnerability in the /weibo/publis ...)
	NOT-FOR-US: Jeesns
CVE-2020-19290 (A stored cross-site scripting (XSS) vulnerability in the /weibo/commen ...)
	NOT-FOR-US: Jeesns
CVE-2020-19289 (A stored cross-site scripting (XSS) vulnerability in the /member/pictu ...)
	NOT-FOR-US: Jeesns
CVE-2020-19288 (A stored cross-site scripting (XSS) vulnerability in the /localhost/u  ...)
	NOT-FOR-US: Jeesns
CVE-2020-19287 (A stored cross-site scripting (XSS) vulnerability in the /group/post c ...)
	NOT-FOR-US: Jeesns
CVE-2020-19286 (A stored cross-site scripting (XSS) vulnerability in the /question/det ...)
	NOT-FOR-US: Jeesns
CVE-2020-19285 (A stored cross-site scripting (XSS) vulnerability in the /group/apply  ...)
	NOT-FOR-US: Jeesns
CVE-2020-19284 (A stored cross-site scripting (XSS) vulnerability in the /group/commen ...)
	NOT-FOR-US: Jeesns
CVE-2020-19283 (A reflected cross-site scripting (XSS) vulnerability in the /newVersio ...)
	NOT-FOR-US: Jeesns
CVE-2020-19282 (A reflected cross-site scripting (XSS) vulnerability in Jeesns 1.4.2 a ...)
	NOT-FOR-US: Jeesns
CVE-2020-19281 (A stored cross-site scripting (XSS) vulnerability in the /manage/login ...)
	NOT-FOR-US: Jeesns
CVE-2020-19280 (Jeesns 1.4.2 contains a cross-site request forgery (CSRF) which allows ...)
	NOT-FOR-US: Jeesns
CVE-2020-19279
	RESERVED
CVE-2020-19278
	RESERVED
CVE-2020-19277
	RESERVED
CVE-2020-19276
	RESERVED
CVE-2020-19275 (An Information Disclosure vulnerability exists in dhcms 2017-09-18 whe ...)
	NOT-FOR-US: dhcms
CVE-2020-19274 (A Cross SIte Scripting (XSS) vulnerability exists in Dhcms 2017-09-18  ...)
	NOT-FOR-US: dhcms
CVE-2020-19273
	RESERVED
CVE-2020-19272
	RESERVED
CVE-2020-19271
	RESERVED
CVE-2020-19270
	RESERVED
CVE-2020-19269
	RESERVED
CVE-2020-19268 (A cross-site request forgery (CSRF) in index.php/Dswjcms/User/tfAdd of ...)
	NOT-FOR-US: Dswjcms
CVE-2020-19267 (An issue in index.php/Dswjcms/Basis/resources of Dswjcms 1.6.4 allows  ...)
	NOT-FOR-US: Dswjcms
CVE-2020-19266 (A stored cross-site scripting (XSS) vulnerability in the index.php/Dsw ...)
	NOT-FOR-US: Dswjcms
CVE-2020-19265 (A stored cross-site scripting (XSS) vulnerability in the index.php/Dsw ...)
	NOT-FOR-US: Dswjcms
CVE-2020-19264 (A cross-site request forgery (CSRF) in MipCMS v5.0.1 allows attackers  ...)
	NOT-FOR-US: MipCMS
CVE-2020-19263 (A cross-site request forgery (CSRF) in MipCMS v5.0.1 allows attackers  ...)
	NOT-FOR-US: MipCMS
CVE-2020-19262
	RESERVED
CVE-2020-19261
	RESERVED
CVE-2020-19260
	RESERVED
CVE-2020-19259
	RESERVED
CVE-2020-19258
	RESERVED
CVE-2020-19257
	RESERVED
CVE-2020-19256
	RESERVED
CVE-2020-19255
	RESERVED
CVE-2020-19254
	RESERVED
CVE-2020-19253
	RESERVED
CVE-2020-19252
	RESERVED
CVE-2020-19251
	RESERVED
CVE-2020-19250
	RESERVED
CVE-2020-19249
	RESERVED
CVE-2020-19248
	RESERVED
CVE-2020-19247
	RESERVED
CVE-2020-19246
	RESERVED
CVE-2020-19245
	RESERVED
CVE-2020-19244
	RESERVED
CVE-2020-19243
	RESERVED
CVE-2020-19242
	RESERVED
CVE-2020-19241
	RESERVED
CVE-2020-19240
	RESERVED
CVE-2020-19239
	RESERVED
CVE-2020-19238
	RESERVED
CVE-2020-19237
	RESERVED
CVE-2020-19236
	RESERVED
CVE-2020-19235
	RESERVED
CVE-2020-19234
	RESERVED
CVE-2020-19233
	RESERVED
CVE-2020-19232
	RESERVED
CVE-2020-19231
	RESERVED
CVE-2020-19230
	RESERVED
CVE-2020-19229
	RESERVED
CVE-2020-19228
	RESERVED
CVE-2020-19227
	RESERVED
CVE-2020-19226
	RESERVED
CVE-2020-19225
	RESERVED
CVE-2020-19224
	RESERVED
CVE-2020-19223
	RESERVED
CVE-2020-19222
	RESERVED
CVE-2020-19221
	RESERVED
CVE-2020-19220
	RESERVED
CVE-2020-19219
	RESERVED
CVE-2020-19218
	RESERVED
CVE-2020-19217
	RESERVED
CVE-2020-19216
	RESERVED
CVE-2020-19215
	RESERVED
CVE-2020-19214
	RESERVED
CVE-2020-19213
	RESERVED
CVE-2020-19212
	RESERVED
CVE-2020-19211
	RESERVED
CVE-2020-19210
	RESERVED
CVE-2020-19209
	RESERVED
CVE-2020-19208
	RESERVED
CVE-2020-19207
	RESERVED
CVE-2020-19206
	RESERVED
CVE-2020-19205
	RESERVED
CVE-2020-19204 (An authenticated Stored Cross-Site Scriptiong (XSS) vulnerability exis ...)
	NOT-FOR-US: IPFire
CVE-2020-19203 (An authenticated Cross-Site Scripting (XSS) vulnerability was found in ...)
	NOT-FOR-US: Netgate pfSense Community Edition
CVE-2020-19202 (An authenticated Stored XSS (Cross-site Scripting) exists in the "capt ...)
	NOT-FOR-US: IPFire
CVE-2020-19201 (A Stored Cross-Site Scripting (XSS) vulnerability was found in status_ ...)
	NOT-FOR-US: Netgate pfSense
CVE-2020-19200
	RESERVED
CVE-2020-19199 (A Cross Site Request Forgery (CSRF) vulnerability exists in PHPOK 5.2. ...)
	NOT-FOR-US: PHPOK
CVE-2020-19198
	RESERVED
CVE-2020-19197
	RESERVED
CVE-2020-19196
	RESERVED
CVE-2020-19195
	RESERVED
CVE-2020-19194
	RESERVED
CVE-2020-19193
	RESERVED
CVE-2020-19192
	RESERVED
CVE-2020-19191
	RESERVED
CVE-2020-19190
	RESERVED
CVE-2020-19189
	RESERVED
CVE-2020-19188
	RESERVED
CVE-2020-19187
	RESERVED
CVE-2020-19186
	RESERVED
CVE-2020-19185
	RESERVED
CVE-2020-19184
	RESERVED
CVE-2020-19183
	RESERVED
CVE-2020-19182
	RESERVED
CVE-2020-19181
	RESERVED
CVE-2020-19180
	RESERVED
CVE-2020-19179
	RESERVED
CVE-2020-19178
	RESERVED
CVE-2020-19177
	RESERVED
CVE-2020-19176
	RESERVED
CVE-2020-19175
	RESERVED
CVE-2020-19174
	RESERVED
CVE-2020-19173
	RESERVED
CVE-2020-19172
	RESERVED
CVE-2020-19171
	RESERVED
CVE-2020-19170
	RESERVED
CVE-2020-19169
	RESERVED
CVE-2020-19168
	RESERVED
CVE-2020-19167
	RESERVED
CVE-2020-19166
	RESERVED
CVE-2020-19165 (PHPSHE 1.7 has SQL injection via the admin.php?mod=user&amp;userlevel_ ...)
	NOT-FOR-US: PHPSHE
CVE-2020-19164
	RESERVED
CVE-2020-19163
	RESERVED
CVE-2020-19162
	RESERVED
CVE-2020-19161
	RESERVED
CVE-2020-19160
	RESERVED
CVE-2020-19159 (Cross Site Request Forgery (CSRF) in LaikeTui v3 allows remote attacke ...)
	NOT-FOR-US: LaikeTui
CVE-2020-19158 (Cross Site Scripting (XSS) in S-CMS build 20191014 and earlier allows  ...)
	NOT-FOR-US: S-CMS
CVE-2020-19157 (Cross Site Scripting (CSS) in Wenku CMS v3.4 allows remote attackers t ...)
	NOT-FOR-US: Wenku CMS
CVE-2020-19156 (Cross Site Scripting (XSS) in Ari Adminer v1 allows remote attackers t ...)
	NOT-FOR-US: Wordpress ari-adminer
CVE-2020-19155 (Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote ...)
	NOT-FOR-US: Jfinal CMS
CVE-2020-19154 (Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote ...)
	NOT-FOR-US: Jfinal CMS
CVE-2020-19153
	RESERVED
CVE-2020-19152
	RESERVED
CVE-2020-19151 (Command Injection in Jfinal CMS v4.7.1 and earlier allows remote attac ...)
	NOT-FOR-US: Jfinal CMS
CVE-2020-19150 (Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote ...)
	NOT-FOR-US: Jfinal CMS
CVE-2020-19149
	RESERVED
CVE-2020-19148 (Cross Site Scripting (XSS) in Jfinal CMS v4.7.1 and earlier allows rem ...)
	NOT-FOR-US: Jfinal CMS
CVE-2020-19147 (Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote ...)
	NOT-FOR-US: Jfinal CMS
CVE-2020-19146 (Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote ...)
	NOT-FOR-US: Jfinal CMS
CVE-2020-19145
	RESERVED
CVE-2020-19144 (Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial  ...)
	{DLA-2777-1}
	- tiff 4.0.10+git190814-1
	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2852
	NOTE: https://gitlab.com/libtiff/libtiff/-/issues/159
	NOTE: Fixed around https://gitlab.com/libtiff/libtiff/-/commit/1fb9e731ef3e4ceb7af128ce298adb271088064f (v4.1.0)
CVE-2020-19143 (Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial  ...)
	{DSA-4997-1}
	- tiff 4.1.0+git201212-1
	[stretch] - tiff <not-affected> (Vulnerable code introduced later)
	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2851
	NOTE: https://gitlab.com/libtiff/libtiff/-/issues/158
	NOTE: Introduced with: https://gitlab.com/libtiff/libtiff/-/commit/9eacd59fecc4ef593ac17689bc530ab451c8ec14 (v4.0.10)
	NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/-/commit/54ce8c522078cd0f39861df71db848648ec28ade (v4.2.0)
CVE-2020-19142 (iCMS 7 attackers to execute arbitrary OS commands via shell metacharac ...)
	NOT-FOR-US: idreamsoft iCMS
CVE-2020-19141
	RESERVED
CVE-2020-19140
	RESERVED
CVE-2020-19139
	RESERVED
CVE-2020-19138 (Unrestricted Upload of File with Dangerous Type in DotCMS v5.2.3 and e ...)
	NOT-FOR-US: DotCMS
CVE-2020-19137 (Incorrect Access Control in Autumn v1.0.4 and earlier allows remote at ...)
	NOT-FOR-US: Autumn
CVE-2020-19136
	RESERVED
CVE-2020-19135
	RESERVED
CVE-2020-19134
	RESERVED
CVE-2020-19133
	RESERVED
CVE-2020-19132
	RESERVED
CVE-2020-19131 (Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial  ...)
	{DLA-2777-1}
	- tiff 4.0.10+git190814-1
	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2831
	NOTE: https://gitlab.com/libtiff/libtiff/merge_requests/61
	NOTE: https://gitlab.com/libtiff/libtiff/-/commit/9cfa5c469109c207bf3b916c52e618d4400ba2c0 (v4.1.0)
CVE-2020-19130
	RESERVED
CVE-2020-19129
	RESERVED
CVE-2020-19128
	RESERVED
CVE-2020-19127
	RESERVED
CVE-2020-19126
	RESERVED
CVE-2020-19125
	RESERVED
CVE-2020-19124
	RESERVED
CVE-2020-19123
	RESERVED
CVE-2020-19122
	RESERVED
CVE-2020-19121
	RESERVED
CVE-2020-19120
	RESERVED
CVE-2020-19119
	RESERVED
CVE-2020-19118 (Cross Site Scripting (XSS) vulnerabiity in YzmCMS 5.2 via the site_cod ...)
	NOT-FOR-US: YzmCMS
CVE-2020-19117
	RESERVED
CVE-2020-19116
	RESERVED
CVE-2020-19115
	RESERVED
CVE-2020-19114 (SQL Injection vulnerability in Online Book Store v1.0 via the publishe ...)
	NOT-FOR-US: Online Book Store
CVE-2020-19113 (Arbitrary File Upload vulnerability in Online Book Store v1.0 in admin ...)
	NOT-FOR-US: Online Book Store
CVE-2020-19112 (SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn ...)
	NOT-FOR-US: Online Book Store
CVE-2020-19111 (Incorrect Access Control vulnerability in Online Book Store v1.0 via a ...)
	NOT-FOR-US: Online Book Store
CVE-2020-19110 (SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn ...)
	NOT-FOR-US: Online Book Store
CVE-2020-19109 (SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn ...)
	NOT-FOR-US: Online Book Store
CVE-2020-19108 (SQL Injection vulnerability in Online Book Store v1.0 via the pubid pa ...)
	NOT-FOR-US: Online Book Store
CVE-2020-19107 (SQL Injection vulnerability in Online Book Store v1.0 via the isbn par ...)
	NOT-FOR-US: Online Book Store
CVE-2020-19106
	RESERVED
CVE-2020-19105
	RESERVED
CVE-2020-19104
	RESERVED
CVE-2020-19103
	RESERVED
CVE-2020-19102
	RESERVED
CVE-2020-19101
	RESERVED
CVE-2020-19100
	RESERVED
CVE-2020-19099
	RESERVED
CVE-2020-19098
	RESERVED
CVE-2020-19097
	RESERVED
CVE-2020-19096
	RESERVED
CVE-2020-19095
	RESERVED
CVE-2020-19094
	RESERVED
CVE-2020-19093
	RESERVED
CVE-2020-19092
	RESERVED
CVE-2020-19091
	RESERVED
CVE-2020-19090
	RESERVED
CVE-2020-19089
	RESERVED
CVE-2020-19088
	RESERVED
CVE-2020-19087
	RESERVED
CVE-2020-19086
	RESERVED
CVE-2020-19085
	RESERVED
CVE-2020-19084
	RESERVED
CVE-2020-19083
	RESERVED
CVE-2020-19082
	RESERVED
CVE-2020-19081
	RESERVED
CVE-2020-19080
	RESERVED
CVE-2020-19079
	RESERVED
CVE-2020-19078
	RESERVED
CVE-2020-19077
	RESERVED
CVE-2020-19076
	RESERVED
CVE-2020-19075
	RESERVED
CVE-2020-19074
	RESERVED
CVE-2020-19073
	RESERVED
CVE-2020-19072
	RESERVED
CVE-2020-19071
	RESERVED
CVE-2020-19070
	RESERVED
CVE-2020-19069
	RESERVED
CVE-2020-19068
	RESERVED
CVE-2020-19067
	RESERVED
CVE-2020-19066
	RESERVED
CVE-2020-19065
	RESERVED
CVE-2020-19064
	RESERVED
CVE-2020-19063
	RESERVED
CVE-2020-19062
	RESERVED
CVE-2020-19061
	RESERVED
CVE-2020-19060
	RESERVED
CVE-2020-19059
	RESERVED
CVE-2020-19058
	RESERVED
CVE-2020-19057
	RESERVED
CVE-2020-19056
	RESERVED
CVE-2020-19055
	RESERVED
CVE-2020-19054
	RESERVED
CVE-2020-19053
	RESERVED
CVE-2020-19052
	RESERVED
CVE-2020-19051
	RESERVED
CVE-2020-19050
	RESERVED
CVE-2020-19049 (Cross Site Scripting (XSS) in MyBB v1.8.20 allows remote attackers to  ...)
	NOT-FOR-US: MyBB
CVE-2020-19048 (Cross Site Scripting (XSS) in MyBB v1.8.20 allows remote attackers to  ...)
	NOT-FOR-US: MyBB
CVE-2020-19047 (Cross Site Request Forgey (CSRF) in iWebShop v5.3 allows remote atatck ...)
	NOT-FOR-US: iWebShop
CVE-2020-19046 (Cross Site Scripting (XSS) in S-CMS v1.0 allows remote attackers to ex ...)
	NOT-FOR-US: S-CMS
CVE-2020-19045
	RESERVED
CVE-2020-19044
	RESERVED
CVE-2020-19043
	RESERVED
CVE-2020-19042 (Cross Site Scripting (XSS) vulnerability exists in zzcms 2019 XSS via  ...)
	NOT-FOR-US: zzcms
CVE-2020-19041
	RESERVED
CVE-2020-19040
	RESERVED
CVE-2020-19039
	RESERVED
CVE-2020-19038 (File Deletion vulnerability in Halo 0.4.3 via delBackup. ...)
	NOT-FOR-US: Halo
CVE-2020-19037 (Incorrect Access Control vulnearbility in Halo 0.4.3, which allows a m ...)
	NOT-FOR-US: Halo
CVE-2020-19036
	RESERVED
CVE-2020-19035
	RESERVED
CVE-2020-19034
	RESERVED
CVE-2020-19033
	RESERVED
CVE-2020-19032
	RESERVED
CVE-2020-19031
	RESERVED
CVE-2020-19030
	RESERVED
CVE-2020-19029
	RESERVED
CVE-2020-19028
	RESERVED
CVE-2020-19027
	RESERVED
CVE-2020-19026
	RESERVED
CVE-2020-19025
	RESERVED
CVE-2020-19024
	RESERVED
CVE-2020-19023
	RESERVED
CVE-2020-19022
	RESERVED
CVE-2020-19021
	RESERVED
CVE-2020-19020
	RESERVED
CVE-2020-19019
	RESERVED
CVE-2020-19018
	RESERVED
CVE-2020-19017
	RESERVED
CVE-2020-19016
	RESERVED
CVE-2020-19015
	RESERVED
CVE-2020-19014
	RESERVED
CVE-2020-19013
	RESERVED
CVE-2020-19012
	RESERVED
CVE-2020-19011
	RESERVED
CVE-2020-19010
	RESERVED
CVE-2020-19009
	RESERVED
CVE-2020-19008
	RESERVED
CVE-2020-19007 (Halo blog 1.2.0 allows users to submit comments on blog posts via /api ...)
	NOT-FOR-US: Halo blog
CVE-2020-19006
	RESERVED
CVE-2020-19005 (zrlog v2.1.0 has a vulnerability with the permission check. If admin a ...)
	NOT-FOR-US: zrlog
CVE-2020-19004
	RESERVED
CVE-2020-19003 (An issue in Gate One 1.2.0 allows attackers to bypass to the verificat ...)
	NOT-FOR-US: Gate One
CVE-2020-19002 (Cross Site Scripting (XSS) in Mezzanine v4.3.1 allows remote attackers ...)
	NOT-FOR-US: Mezzanine CMS
CVE-2020-19001 (Command Injection in Simiki v1.6.2.1 and prior allows remote attackers ...)
	NOT-FOR-US: Simiki
CVE-2020-19000 (Cross Site Scripting (XSS) in Simiki v1.6.2.1 and prior allows remote  ...)
	NOT-FOR-US: Simiki
CVE-2020-18999 (Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers t ...)
	NOT-FOR-US: Blog_mini
CVE-2020-18998 (Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote attackers t ...)
	NOT-FOR-US: Blog_mini
CVE-2020-18997
	RESERVED
CVE-2020-18996
	RESERVED
CVE-2020-18995
	RESERVED
CVE-2020-18994
	RESERVED
CVE-2020-18993
	RESERVED
CVE-2020-18992
	RESERVED
CVE-2020-18991
	RESERVED
CVE-2020-18990
	RESERVED
CVE-2020-18989
	RESERVED
CVE-2020-18988
	RESERVED
CVE-2020-18987
	RESERVED
CVE-2020-18986
	RESERVED
CVE-2020-18985 (An issue in /domain/service/.ewell-known/caldav of Zimbra Collaboratio ...)
	NOT-FOR-US: Zimbra
CVE-2020-18984 (A reflected cross-site scripting (XSS) vulnerability in the zimbraAdmi ...)
	NOT-FOR-US: Zimbra
CVE-2020-18983
	RESERVED
CVE-2020-18982 (Cross Sie Scripting (XSS) vulnerability in Halo 0.4.3 via CommentAutho ...)
	NOT-FOR-US: Halo
CVE-2020-18981
	RESERVED
CVE-2020-18980 (Remote Code Executon vulnerability in Halo 0.4.3 via the remoteAddr an ...)
	NOT-FOR-US: Halo
CVE-2020-18979 (Cross Siste Scripting (XSS) vulnerablity in Halo 0.4.3 via the X-forwa ...)
	NOT-FOR-US: Halo
CVE-2020-18978
	RESERVED
CVE-2020-18977
	RESERVED
CVE-2020-18976 (Buffer Overflow in Tcpreplay v4.3.2 allows attackers to cause a Denial ...)
	- tcpreplay 4.3.3-1 (unimportant)
	NOTE: https://github.com/appneta/tcpreplay/issues/556
	NOTE: Crash in CLI tool, no security impact
CVE-2020-18975
	RESERVED
CVE-2020-18974 (Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers  ...)
	- nasm <unfixed> (unimportant)
	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392568
	NOTE: Crash in CLI tool, no security impact
CVE-2020-18973
	RESERVED
CVE-2020-18972 (Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v ...)
	- libpodofo <unfixed>
	[bullseye] - libpodofo <no-dsa> (Minor issue)
	[buster] - libpodofo <no-dsa> (Minor issue)
	[stretch] - libpodofo <postponed> (Minor issue; can be fixed in next update)
	NOTE: https://sourceforge.net/p/podofo/tickets/49/
CVE-2020-18971 (Stack-based Buffer Overflow in PoDoFo v0.9.6 allows attackers to cause ...)
	- libpodofo <unfixed>
	[bullseye] - libpodofo <no-dsa> (Minor issue)
	[buster] - libpodofo <no-dsa> (Minor issue)
	[stretch] - libpodofo <postponed> (Minor issue; can be fixed in next update)
	NOTE: https://sourceforge.net/p/podofo/tickets/48/
CVE-2020-18970
	RESERVED
CVE-2020-18969
	RESERVED
CVE-2020-18968
	RESERVED
CVE-2020-18967
	RESERVED
CVE-2020-18966
	RESERVED
CVE-2020-18965
	RESERVED
CVE-2020-18964 (Cross Site Request Forgery (CSRF) Vulnerability in ForestBlog latest v ...)
	NOT-FOR-US: ForestBlog
CVE-2020-18963
	RESERVED
CVE-2020-18962
	RESERVED
CVE-2020-18961
	RESERVED
CVE-2020-18960
	RESERVED
CVE-2020-18959
	RESERVED
CVE-2020-18958
	RESERVED
CVE-2020-18957
	RESERVED
CVE-2020-18956
	RESERVED
CVE-2020-18955
	RESERVED
CVE-2020-18954
	RESERVED
CVE-2020-18953
	RESERVED
CVE-2020-18952
	RESERVED
CVE-2020-18951
	RESERVED
CVE-2020-18950
	RESERVED
CVE-2020-18949
	RESERVED
CVE-2020-18948
	RESERVED
CVE-2020-18947
	RESERVED
CVE-2020-18946
	RESERVED
CVE-2020-18945
	RESERVED
CVE-2020-18944
	RESERVED
CVE-2020-18943
	RESERVED
CVE-2020-18942
	RESERVED
CVE-2020-18941
	RESERVED
CVE-2020-18940
	RESERVED
CVE-2020-18939
	RESERVED
CVE-2020-18938
	RESERVED
CVE-2020-18937
	RESERVED
CVE-2020-18936
	RESERVED
CVE-2020-18935
	RESERVED
CVE-2020-18934
	RESERVED
CVE-2020-18933
	RESERVED
CVE-2020-18932
	RESERVED
CVE-2020-18931
	RESERVED
CVE-2020-18930
	RESERVED
CVE-2020-18929
	RESERVED
CVE-2020-18928
	RESERVED
CVE-2020-18927
	RESERVED
CVE-2020-18926
	RESERVED
CVE-2020-18925
	RESERVED
CVE-2020-18924
	RESERVED
CVE-2020-18923
	RESERVED
CVE-2020-18922
	RESERVED
CVE-2020-18921
	RESERVED
CVE-2020-18920
	RESERVED
CVE-2020-18919
	RESERVED
CVE-2020-18918
	RESERVED
CVE-2020-18917 (The plus/search.php component in DedeCMS 5.7 SP2 allows remote attacke ...)
	NOT-FOR-US: DedeCMS
CVE-2020-18916
	RESERVED
CVE-2020-18915
	RESERVED
CVE-2020-18914
	RESERVED
CVE-2020-18913 (EARCLINK ESPCMS-P8 was discovered to contain a SQL injection vulnerabi ...)
	NOT-FOR-US: EARCLINK ESPCMS-P8
CVE-2020-18912
	RESERVED
CVE-2020-18911
	RESERVED
CVE-2020-18910
	RESERVED
CVE-2020-18909
	RESERVED
CVE-2020-18908
	RESERVED
CVE-2020-18907
	RESERVED
CVE-2020-18906
	RESERVED
CVE-2020-18905
	RESERVED
CVE-2020-18904
	RESERVED
CVE-2020-18903
	RESERVED
CVE-2020-18902
	RESERVED
CVE-2020-18901
	RESERVED
CVE-2020-18900 (** DISPUTED ** A heap-based buffer overflow in the libexe_io_handle_re ...)
	NOT-FOR-US: libyal
CVE-2020-18899 (An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof( ...)
	- exiv2 0.27.2-6
	[buster] - exiv2 <no-dsa> (Minor issue)
	[stretch] - exiv2 <no-dsa> (Minor issue)
	NOTE: https://github.com/Exiv2/exiv2/issues/742
	NOTE: https://github.com/Exiv2/exiv2/commit/051b5d9df1f4669117937b7a40104404cc252993 (0.27.1)
CVE-2020-18898 (A stack exhaustion issue in the printIFDStructure function of Exiv2 0. ...)
	- exiv2 <unfixed> (unimportant)
	NOTE: https://github.com/Exiv2/exiv2/issues/741
	NOTE: Negligible security impact, issue in debugging only function
CVE-2020-18897 (An use-after-free vulnerability in the libpff_item_tree_create_node fu ...)
	- libpff 20180714-1
	[stretch] - libpff <no-dsa> (Minor issue)
	NOTE: https://github.com/libyal/libpff/issues/61
	NOTE: https://github.com/libyal/libpff/issues/62
	NOTE: https://github.com/libyal/libpff/commit/effae88adfc9def45be0bb7ff27d20ce133d8c7c
CVE-2020-18896
	RESERVED
CVE-2020-18895
	RESERVED
CVE-2020-18894
	RESERVED
CVE-2020-18893
	RESERVED
CVE-2020-18892
	RESERVED
CVE-2020-18891
	RESERVED
CVE-2020-18890 (Rmote Code Execution (RCE) vulnerability in puppyCMS v5.1 due to insec ...)
	NOT-FOR-US: puppyCMS
CVE-2020-18889 (Cross Site Request Forgery (CSRF) vulnerability in puppyCMS v5.1 that  ...)
	NOT-FOR-US: puppyCMS
CVE-2020-18888 (Arbitrary File Deletion vulnerability in puppyCMS v5.1 allows remote m ...)
	NOT-FOR-US: puppyCMS
CVE-2020-18887
	RESERVED
CVE-2020-18886 (Unrestricted File Upload in PHPMyWind v5.6 allows remote attackers to  ...)
	NOT-FOR-US: PHPMyWind
CVE-2020-18885 (Command Injection in PHPMyWind v5.6 allows remote attackers to execute ...)
	NOT-FOR-US: PHPMyWind
CVE-2020-18884
	RESERVED
CVE-2020-18883
	RESERVED
CVE-2020-18882
	RESERVED
CVE-2020-18881
	RESERVED
CVE-2020-18880
	RESERVED
CVE-2020-18879 (Unrestricted File Upload in Bludit v3.8.1 allows remote attackers to e ...)
	NOT-FOR-US: Bludit
CVE-2020-18878 (Directory Traversal in Skycaiji v1.3 allows remote attackers to obtain ...)
	NOT-FOR-US: Skycaiji
CVE-2020-18877 (SQL Injection in Wuzhi CMS v4.1.0 allows remote attackers to obtain se ...)
	NOT-FOR-US: Wuzhi CMS
CVE-2020-18876
	RESERVED
CVE-2020-18875 (Incorrect Access Control in DotCMS versions before 5.1 allows remote a ...)
	NOT-FOR-US: DotCMS
CVE-2020-18874
	RESERVED
CVE-2020-18873
	RESERVED
CVE-2020-18872
	RESERVED
CVE-2020-18871
	RESERVED
CVE-2020-18870
	RESERVED
CVE-2020-18869
	RESERVED
CVE-2020-18868
	RESERVED
CVE-2020-18867
	RESERVED
CVE-2020-18866
	RESERVED
CVE-2020-18865
	RESERVED
CVE-2020-18864
	RESERVED
CVE-2020-18863
	RESERVED
CVE-2020-18862
	RESERVED
CVE-2020-18861
	RESERVED
CVE-2020-18860
	RESERVED
CVE-2020-18859
	RESERVED
CVE-2020-18858
	RESERVED
CVE-2020-18857
	RESERVED
CVE-2020-18856
	RESERVED
CVE-2020-18855
	RESERVED
CVE-2020-18854
	RESERVED
CVE-2020-18853
	RESERVED
CVE-2020-18852
	RESERVED
CVE-2020-18851
	RESERVED
CVE-2020-18850
	RESERVED
CVE-2020-18849
	RESERVED
CVE-2020-18848
	RESERVED
CVE-2020-18847
	RESERVED
CVE-2020-18846
	RESERVED
CVE-2020-18845
	RESERVED
CVE-2020-18844
	RESERVED
CVE-2020-18843
	RESERVED
CVE-2020-18842
	RESERVED
CVE-2020-18841
	RESERVED
CVE-2020-18840
	RESERVED
CVE-2020-18839
	RESERVED
CVE-2020-18838
	RESERVED
CVE-2020-18837
	RESERVED
CVE-2020-18836
	RESERVED
CVE-2020-18835
	RESERVED
CVE-2020-18834
	RESERVED
CVE-2020-18833
	RESERVED
CVE-2020-18832
	RESERVED
CVE-2020-18831
	RESERVED
CVE-2020-18830
	RESERVED
CVE-2020-18829
	RESERVED
CVE-2020-18828
	RESERVED
CVE-2020-18827
	RESERVED
CVE-2020-18826
	RESERVED
CVE-2020-18825
	RESERVED
CVE-2020-18824
	RESERVED
CVE-2020-18823
	RESERVED
CVE-2020-18822
	RESERVED
CVE-2020-18821
	RESERVED
CVE-2020-18820
	RESERVED
CVE-2020-18819
	RESERVED
CVE-2020-18818
	RESERVED
CVE-2020-18817
	RESERVED
CVE-2020-18816
	RESERVED
CVE-2020-18815
	RESERVED
CVE-2020-18814
	RESERVED
CVE-2020-18813
	RESERVED
CVE-2020-18812
	RESERVED
CVE-2020-18811
	RESERVED
CVE-2020-18810
	RESERVED
CVE-2020-18809
	RESERVED
CVE-2020-18808
	RESERVED
CVE-2020-18807
	RESERVED
CVE-2020-18806
	RESERVED
CVE-2020-18805
	RESERVED
CVE-2020-18804
	RESERVED
CVE-2020-18803
	RESERVED
CVE-2020-18802
	RESERVED
CVE-2020-18801
	RESERVED
CVE-2020-18800
	RESERVED
CVE-2020-18799
	RESERVED
CVE-2020-18798
	RESERVED
CVE-2020-18797
	RESERVED
CVE-2020-18796
	RESERVED
CVE-2020-18795
	RESERVED
CVE-2020-18794
	RESERVED
CVE-2020-18793
	RESERVED
CVE-2020-18792
	RESERVED
CVE-2020-18791
	RESERVED
CVE-2020-18790
	RESERVED
CVE-2020-18789
	RESERVED
CVE-2020-18788
	RESERVED
CVE-2020-18787
	RESERVED
CVE-2020-18786
	RESERVED
CVE-2020-18785
	RESERVED
CVE-2020-18784
	RESERVED
CVE-2020-18783
	RESERVED
CVE-2020-18782
	RESERVED
CVE-2020-18781
	RESERVED
CVE-2020-18780
	RESERVED
CVE-2020-18779
	RESERVED
CVE-2020-18778 (In Libav 12.3, there is a heap-based buffer over-read in vc1_decode_p_ ...)
	- libav <removed>
	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1155
CVE-2020-18777
	RESERVED
CVE-2020-18776 (In Libav 12.3, there is a segmentation fault in vc1_decode_b_mb_intfr  ...)
	- libav <removed>
	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1153
CVE-2020-18775 (In Libav 12.3, there is a heap-based buffer over-read in vc1_decode_b_ ...)
	- libav <removed>
	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1152
CVE-2020-18774 (A float point exception in the printLong function in tags_int.cpp of E ...)
	- exiv2 <unfixed> (unimportant)
	NOTE: https://github.com/Exiv2/exiv2/issues/759
	NOTE: Negligible security impact
CVE-2020-18773 (An invalid memory access in the decode function in iptc.cpp of Exiv2 0 ...)
	- exiv2 <unfixed> (unimportant)
	NOTE: https://github.com/Exiv2/exiv2/issues/760
	NOTE: Negligible security impact
CVE-2020-18772
	RESERVED
CVE-2020-18771 (Exiv2 0.27.99.0 has a global buffer over-read in Exiv2::Internal::Niko ...)
	- exiv2 0.27.2-6
	[buster] - exiv2 <no-dsa> (Minor issue)
	[stretch] - exiv2 <no-dsa> (Minor issue)
	NOTE: https://github.com/Exiv2/exiv2/issues/756
CVE-2020-18770
	RESERVED
CVE-2020-18769
	RESERVED
CVE-2020-18768
	RESERVED
CVE-2020-18767
	RESERVED
CVE-2020-18766 (A cross-site scripting (XSS) vulnerability AntSword v2.0.7 can remotel ...)
	NOT-FOR-US: AntSword
CVE-2020-18765
	RESERVED
CVE-2020-18764
	RESERVED
CVE-2020-18763
	RESERVED
CVE-2020-18762
	RESERVED
CVE-2020-18761
	RESERVED
CVE-2020-18760
	RESERVED
CVE-2020-18759 (An information disclosure vulnerability exists in the EPA protocol of  ...)
	NOT-FOR-US: Dut Computer Control Engineering Co.'s PLC MAC1100
CVE-2020-18758 (An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows  ...)
	NOT-FOR-US: Dut Computer Control Engineering Co.'s PLC MAC1100
CVE-2020-18757 (An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows  ...)
	NOT-FOR-US: Dut Computer Control Engineering Co.'s PLC MAC1100
CVE-2020-18756 (An arbitrary memory access vulnerability in the EPA protocol of Dut Co ...)
	NOT-FOR-US: Dut Computer Control Engineering Co.'s PLC MAC1100
CVE-2020-18755
	RESERVED
CVE-2020-18754 (An information disclosure vulnerability exists within Dut Computer Con ...)
	NOT-FOR-US: Dut Computer Control Engineering Co.'s PLC MAC1100
CVE-2020-18753 (An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows  ...)
	NOT-FOR-US: Dut Computer Control Engineering Co.'s PLC MAC1100
CVE-2020-18752
	RESERVED
CVE-2020-18751
	RESERVED
CVE-2020-18750 (Buffer overflow in pdf2json 0.69 allows local users to execute arbitra ...)
	NOT-FOR-US: pdf2json
CVE-2020-18749
	RESERVED
CVE-2020-18748 (Cross Site Scripting (XSS) in Typora v0.9.65 allows attackers to execu ...)
	NOT-FOR-US: Typora
CVE-2020-18747
	RESERVED
CVE-2020-18746 (SQL Injection in AiteCMS v1.0 allows remote attackers to execute arbit ...)
	NOT-FOR-US: AiteCMS
CVE-2020-18745
	RESERVED
CVE-2020-18744
	RESERVED
CVE-2020-18743
	RESERVED
CVE-2020-18742
	RESERVED
CVE-2020-18741 (Improper Authorization in ThinkSAAS v2.7 allows remote attackers to mo ...)
	NOT-FOR-US: ThinkSAAS
CVE-2020-18740
	RESERVED
CVE-2020-18739
	RESERVED
CVE-2020-18738
	RESERVED
CVE-2020-18737 (An issue was discovered in Typora 0.9.67. There is an XSS vulnerabilit ...)
	NOT-FOR-US: Typora
CVE-2020-18736
	RESERVED
CVE-2020-18735 (A heap buffer overflow in /src/dds_stream.c of Eclipse IOT Cyclone DDS ...)
	NOT-FOR-US: Eclipse IOT Cyclone
CVE-2020-18734 (A stack buffer overflow in /ddsi/q_bitset.h of Eclipse IOT Cyclone DDS ...)
	NOT-FOR-US: Eclipse IOT Cyclone
CVE-2020-18733
	RESERVED
CVE-2020-18732
	RESERVED
CVE-2020-18731 (A segmentation violation in the Iec104_Deal_FirmUpdate function of IEC ...)
	NOT-FOR-US: IEC104
CVE-2020-18730 (A segmentation violation in the Iec104_Deal_I function of IEC104 v1.0  ...)
	NOT-FOR-US: IEC104
CVE-2020-18729
	RESERVED
CVE-2020-18728
	RESERVED
CVE-2020-18727
	RESERVED
CVE-2020-18726
	RESERVED
CVE-2020-18725
	RESERVED
CVE-2020-18724 (Authenticated stored cross-site scripting (XSS) in the contact name fi ...)
	NOT-FOR-US: MDaemon webmail
CVE-2020-18723 (Stored cross-site scripting (XSS) in file attachment field in MDaemon  ...)
	NOT-FOR-US: MDaemon webmail
CVE-2020-18722
	RESERVED
CVE-2020-18721
	RESERVED
CVE-2020-18720
	RESERVED
CVE-2020-18719
	RESERVED
CVE-2020-18718
	RESERVED
CVE-2020-18717 (SQL Injection in ZZZCMS zzzphp 1.7.1 allows remote attackers to execut ...)
	NOT-FOR-US: ZZZCMS
CVE-2020-18716 (SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privile ...)
	NOT-FOR-US: Rockoa
CVE-2020-18715
	REJECTED
CVE-2020-18714 (SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privile ...)
	NOT-FOR-US: Rockoa
CVE-2020-18713 (SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privile ...)
	NOT-FOR-US: Rockoa
CVE-2020-18712
	RESERVED
CVE-2020-18711
	RESERVED
CVE-2020-18710
	RESERVED
CVE-2020-18709
	RESERVED
CVE-2020-18708
	RESERVED
CVE-2020-18707
	RESERVED
CVE-2020-18706
	RESERVED
CVE-2020-18705 (XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers t ...)
	NOT-FOR-US: Quokka
CVE-2020-18704 (Unrestricted Upload of File with Dangerous Type in Django-Widgy v0.8.4 ...)
	NOT-FOR-US: Django-Widgy
CVE-2020-18703 (XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers t ...)
	NOT-FOR-US: Quokka
CVE-2020-18702 (Cross Site Scripting (XSS) in Quokka v0.4.0 allows remote attackers to ...)
	NOT-FOR-US: Quokka
CVE-2020-18701 (Incorrect Access Control in Lin-CMS-Flask v0.1.1 allows remote attacke ...)
	NOT-FOR-US: Lin-CMS-Flask
CVE-2020-18700
	RESERVED
CVE-2020-18699 (Cross Site Scripting (XSS) in Lin-CMS-Flask v0.1.1 allows remote attac ...)
	NOT-FOR-US: Lin-CMS-Flask
CVE-2020-18698 (Improper Authentication in Lin-CMS-Flask v0.1.1 allows remote attacker ...)
	NOT-FOR-US: Lin-CMS-Flask
CVE-2020-18697
	RESERVED
CVE-2020-18696
	RESERVED
CVE-2020-18695
	RESERVED
CVE-2020-18694 (Cross Site Request Forgery (CSRF) in IgnitedCMS v1.0 allows remote att ...)
	NOT-FOR-US: IgnitedCMS
CVE-2020-18693 (Cross Site Scripting (XSS) in MineWebCMS v1.7.0 allows remote attacker ...)
	NOT-FOR-US: MineWebCMS
CVE-2020-18692
	RESERVED
CVE-2020-18691
	RESERVED
CVE-2020-18690
	RESERVED
CVE-2020-18689
	RESERVED
CVE-2020-18688
	RESERVED
CVE-2020-18687
	RESERVED
CVE-2020-18686
	RESERVED
CVE-2020-18685 (Floodlight through 1.2 has poor input validation in checkFlow in Stati ...)
	NOT-FOR-US: Floodlight
CVE-2020-18684 (Floodlight through 1.2 has an integer overflow in checkFlow in StaticF ...)
	NOT-FOR-US: Floodlight
CVE-2020-18683 (Floodlight through 1.2 has poor input validation in checkFlow in Stati ...)
	NOT-FOR-US: Floodlight
CVE-2020-18682
	RESERVED
CVE-2020-18681
	RESERVED
CVE-2020-18680
	RESERVED
CVE-2020-18679
	RESERVED
CVE-2020-18678
	RESERVED
CVE-2020-18677
	RESERVED
CVE-2020-18676
	RESERVED
CVE-2020-18675
	RESERVED
CVE-2020-18674
	RESERVED
CVE-2020-18673
	RESERVED
CVE-2020-18672
	RESERVED
CVE-2020-18671 (Cross Site Scripting (XSS) vulnerability in Roundcube Mail &lt;=1.4.4  ...)
	- roundcube 1.4.5+dfsg.1-1
	[buster] - roundcube 1.3.13+dfsg.1-1~deb10u1
	[stretch] - roundcube <ignored> (Minor issue, XSS in installer which is not exposed in Debian)
	NOTE: https://github.com/roundcube/roundcubemail/issues/7406
	NOTE: https://roundcube.net/news/2020/06/02/security-updates-1.4.5-and-1.3.12
CVE-2020-18670 (Cross Site Scripting (XSS) vulneraibility in Roundcube mail .4.4 via d ...)
	- roundcube 1.4.5+dfsg.1-1
	[buster] - roundcube 1.3.13+dfsg.1-1~deb10u1
	[stretch] - roundcube <ignored> (Minor issue, XSS in installer which is not exposed in Debian)
	NOTE: https://github.com/roundcube/roundcubemail/issues/7406
	NOTE: https://roundcube.net/news/2020/06/02/security-updates-1.4.5-and-1.3.12
CVE-2020-18669
	RESERVED
CVE-2020-18668 (Cross Site Scripting (XSS) vulnerabililty in WebPort &lt;=1.19.1 via t ...)
	NOT-FOR-US: WebPort
CVE-2020-18667 (SQL Injection vulnerability in WebPort &lt;=1.19.1 via the new connect ...)
	NOT-FOR-US: WebPort
CVE-2020-18666
	REJECTED
CVE-2020-18665 (Directory Traversal vulnerability in WebPort &lt;=1.19.1 in tags of sy ...)
	NOT-FOR-US: WebPort
CVE-2020-18664 (Cross Site Scripting (XSS) vulnerability in WebPort &lt;=1.19.1via the ...)
	NOT-FOR-US: WebPort
CVE-2020-18663 (Cross Site Scripting (XSS) vulnerability in gnuboard5 &lt;=v5.3.2.8 vi ...)
	NOT-FOR-US: gnuboard5
CVE-2020-18662 (SQL Injection vulnerability in gnuboard5 &lt;=v5.3.2.8 via the table_p ...)
	NOT-FOR-US: gnuboard5
CVE-2020-18661 (Cross Site Scripting (XSS) vulnerability in gnuboard5 &lt;=v5.3.2.8 vi ...)
	NOT-FOR-US: gnuboard5
CVE-2020-18660 (GetSimpleCMS &lt;=3.3.15 has an open redirect in admin/changedata.php  ...)
	NOT-FOR-US: GetSimpleCMS
CVE-2020-18659 (Cross Site Scripting vulnerability in GetSimpleCMS &lt;=3.3.15 via the ...)
	NOT-FOR-US: GetSimpleCMS
CVE-2020-18658 (Cross Site Scriptiong (XSS) vulnerability in GetSimpleCMS &lt;=3.3.15  ...)
	NOT-FOR-US: GetSimpleCMS
CVE-2020-18657 (Cross Site Scripting (XSS) vulnerability in GetSimpleCMS &lt;= 3.3.15  ...)
	NOT-FOR-US: GetSimpleCMS
CVE-2020-18656
	RESERVED
CVE-2020-18655
	RESERVED
CVE-2020-18654 (Cross Site Scripting (XSS) in Wuzhi CMS v4.1.0 allows remote attackers ...)
	NOT-FOR-US: Wuzhi CMS
CVE-2020-18653
	RESERVED
CVE-2020-18652
	RESERVED
CVE-2020-18651
	RESERVED
CVE-2020-18650
	RESERVED
CVE-2020-18649
	RESERVED
CVE-2020-18648 (Cross Site Request Forgery (CSRF) in JuQingCMS v1.0 allows remote atta ...)
	NOT-FOR-US: JuQingCMS
CVE-2020-18647 (Information Disclosure in NoneCMS v1.3 allows remote attackers to obta ...)
	NOT-FOR-US: NoneCMS
CVE-2020-18646 (Information Disclosure in NoneCMS v1.3 allows remote attackers to obta ...)
	NOT-FOR-US: NoneCMS
CVE-2020-18645
	RESERVED
CVE-2020-18644
	RESERVED
CVE-2020-18643
	RESERVED
CVE-2020-18642
	RESERVED
CVE-2020-18641
	RESERVED
CVE-2020-18640
	RESERVED
CVE-2020-18639
	RESERVED
CVE-2020-18638
	RESERVED
CVE-2020-18637
	RESERVED
CVE-2020-18636
	RESERVED
CVE-2020-18635
	RESERVED
CVE-2020-18634
	RESERVED
CVE-2020-18633
	RESERVED
CVE-2020-18632
	RESERVED
CVE-2020-18631
	RESERVED
CVE-2020-18630
	RESERVED
CVE-2020-18629
	RESERVED
CVE-2020-18628
	RESERVED
CVE-2020-18627
	RESERVED
CVE-2020-18626
	RESERVED
CVE-2020-18625
	RESERVED
CVE-2020-18624
	RESERVED
CVE-2020-18623
	RESERVED
CVE-2020-18622
	RESERVED
CVE-2020-18621
	RESERVED
CVE-2020-18620
	RESERVED
CVE-2020-18619
	RESERVED
CVE-2020-18618
	RESERVED
CVE-2020-18617
	RESERVED
CVE-2020-18616
	RESERVED
CVE-2020-18615
	RESERVED
CVE-2020-18614
	RESERVED
CVE-2020-18613
	RESERVED
CVE-2020-18612
	RESERVED
CVE-2020-18611
	RESERVED
CVE-2020-18610
	RESERVED
CVE-2020-18609
	RESERVED
CVE-2020-18608
	RESERVED
CVE-2020-18607
	RESERVED
CVE-2020-18606
	RESERVED
CVE-2020-18605
	RESERVED
CVE-2020-18604
	RESERVED
CVE-2020-18603
	RESERVED
CVE-2020-18602
	RESERVED
CVE-2020-18601
	RESERVED
CVE-2020-18600
	RESERVED
CVE-2020-18599
	RESERVED
CVE-2020-18598
	RESERVED
CVE-2020-18597
	RESERVED
CVE-2020-18596
	RESERVED
CVE-2020-18595
	RESERVED
CVE-2020-18594
	RESERVED
CVE-2020-18593
	RESERVED
CVE-2020-18592
	RESERVED
CVE-2020-18591
	RESERVED
CVE-2020-18590
	RESERVED
CVE-2020-18589
	RESERVED
CVE-2020-18588
	RESERVED
CVE-2020-18587
	RESERVED
CVE-2020-18586
	RESERVED
CVE-2020-18585
	RESERVED
CVE-2020-18584
	RESERVED
CVE-2020-18583
	RESERVED
CVE-2020-18582
	RESERVED
CVE-2020-18581
	RESERVED
CVE-2020-18580
	RESERVED
CVE-2020-18579
	RESERVED
CVE-2020-18578
	RESERVED
CVE-2020-18577
	RESERVED
CVE-2020-18576
	RESERVED
CVE-2020-18575
	RESERVED
CVE-2020-18574
	RESERVED
CVE-2020-18573
	RESERVED
CVE-2020-18572
	RESERVED
CVE-2020-18571
	RESERVED
CVE-2020-18570
	RESERVED
CVE-2020-18569
	RESERVED
CVE-2020-18568 (The D-Link DSR-250 (3.14) DSR-1000N (2.11B201) UPnP service contains a ...)
	NOT-FOR-US: D-Link
CVE-2020-18567
	RESERVED
CVE-2020-18566
	RESERVED
CVE-2020-18565
	RESERVED
CVE-2020-18564
	RESERVED
CVE-2020-18563
	RESERVED
CVE-2020-18562
	RESERVED
CVE-2020-18561
	RESERVED
CVE-2020-18560
	RESERVED
CVE-2020-18559
	RESERVED
CVE-2020-18558
	RESERVED
CVE-2020-18557
	RESERVED
CVE-2020-18556
	RESERVED
CVE-2020-18555
	RESERVED
CVE-2020-18554
	RESERVED
CVE-2020-18553
	RESERVED
CVE-2020-18552
	RESERVED
CVE-2020-18551
	RESERVED
CVE-2020-18550
	RESERVED
CVE-2020-18549
	RESERVED
CVE-2020-18548
	RESERVED
CVE-2020-18547
	RESERVED
CVE-2020-18546
	RESERVED
CVE-2020-18545
	RESERVED
CVE-2020-18544 (SQL Injection in WMS v1.0 allows remote attackers to execute arbitrary ...)
	NOT-FOR-US: WMS
CVE-2020-18543
	RESERVED
CVE-2020-18542
	RESERVED
CVE-2020-18541
	RESERVED
CVE-2020-18540
	RESERVED
CVE-2020-18539
	RESERVED
CVE-2020-18538
	RESERVED
CVE-2020-18537
	RESERVED
CVE-2020-18536
	RESERVED
CVE-2020-18535
	RESERVED
CVE-2020-18534
	RESERVED
CVE-2020-18533
	RESERVED
CVE-2020-18532
	RESERVED
CVE-2020-18531
	RESERVED
CVE-2020-18530
	RESERVED
CVE-2020-18529
	RESERVED
CVE-2020-18528
	RESERVED
CVE-2020-18527
	RESERVED
CVE-2020-18526
	RESERVED
CVE-2020-18525
	RESERVED
CVE-2020-18524
	RESERVED
CVE-2020-18523
	RESERVED
CVE-2020-18522
	RESERVED
CVE-2020-18521
	RESERVED
CVE-2020-18520
	RESERVED
CVE-2020-18519
	RESERVED
CVE-2020-18518
	RESERVED
CVE-2020-18517
	RESERVED
CVE-2020-18516
	RESERVED
CVE-2020-18515
	RESERVED
CVE-2020-18514
	RESERVED
CVE-2020-18513
	RESERVED
CVE-2020-18512
	RESERVED
CVE-2020-18511
	RESERVED
CVE-2020-18510
	RESERVED
CVE-2020-18509
	RESERVED
CVE-2020-18508
	RESERVED
CVE-2020-18507
	RESERVED
CVE-2020-18506
	RESERVED
CVE-2020-18505
	RESERVED
CVE-2020-18504
	RESERVED
CVE-2020-18503
	RESERVED
CVE-2020-18502
	RESERVED
CVE-2020-18501
	RESERVED
CVE-2020-18500
	RESERVED
CVE-2020-18499
	RESERVED
CVE-2020-18498
	RESERVED
CVE-2020-18497
	RESERVED
CVE-2020-18496
	RESERVED
CVE-2020-18495
	RESERVED
CVE-2020-18494
	RESERVED
CVE-2020-18493
	RESERVED
CVE-2020-18492
	RESERVED
CVE-2020-18491
	RESERVED
CVE-2020-18490
	RESERVED
CVE-2020-18489
	RESERVED
CVE-2020-18488
	RESERVED
CVE-2020-18487
	RESERVED
CVE-2020-18486
	RESERVED
CVE-2020-18485
	RESERVED
CVE-2020-18484
	RESERVED
CVE-2020-18483
	RESERVED
CVE-2020-18482
	RESERVED
CVE-2020-18481
	RESERVED
CVE-2020-18480
	RESERVED
CVE-2020-18479
	RESERVED
CVE-2020-18478
	RESERVED
CVE-2020-18477 (SQL Injection vulnerability in Hucart CMS 5.7.4 via the purchase enqui ...)
	NOT-FOR-US: Hucart CMS
CVE-2020-18476 (SQL Injection vulnerability in Hucart CMS 5.7.4 via the basic informat ...)
	NOT-FOR-US: Hucart CMS
CVE-2020-18475 (Cross Site Scripting (XSS) vulnerabilty exists in Hucart CMS 5.7.4 is  ...)
	NOT-FOR-US: Hucart CMS
CVE-2020-18474
	RESERVED
CVE-2020-18473
	RESERVED
CVE-2020-18472
	RESERVED
CVE-2020-18471
	RESERVED
CVE-2020-18470 (Stored cross-site scripting (XSS) vulnerability in the Name of applica ...)
	NOT-FOR-US: Rukovoditel
CVE-2020-18469 (Stored cross-site scripting (XSS) vulnerability in the Copyright Text  ...)
	NOT-FOR-US: Rukovoditel
CVE-2020-18468 (Cross Site Scripting (XSS) vulnerability exists in qdPM 9.1 in the Hea ...)
	NOT-FOR-US: qdPM
CVE-2020-18467 (Cross Site Scripting (XSS) vulnerabilty exists in BigTree-CMS 4.4.3 in ...)
	NOT-FOR-US: BigTree-CMS
CVE-2020-18466
	RESERVED
CVE-2020-18465
	RESERVED
CVE-2020-18464 (Cross Site Request Forgery (CSRF) vulnerability in AikCms 2.0.0 in vid ...)
	NOT-FOR-US: AikCms
CVE-2020-18463 (Cross Site Request Forgery (CSRF) vulnerability exists in v2.0.0 in vi ...)
	NOT-FOR-US: AikCms
CVE-2020-18462 (File Upload vulnerabilty in AikCms v2.0.0 in poster_edit.php because t ...)
	NOT-FOR-US: AikCms
CVE-2020-18461
	RESERVED
CVE-2020-18460 (Cross Site Request Forgery (CSRF) vulnerability exists in 711cms v1.0. ...)
	NOT-FOR-US: 711cms
CVE-2020-18459
	RESERVED
CVE-2020-18458 (Cross Site Request Forgery (CSRF) vulnerability exists in DamiCMS v6.0 ...)
	NOT-FOR-US: DamiCMS
CVE-2020-18457 (Cross Site Request Forgery (CSRF) vulnerability exists in bycms v1.3.0 ...)
	NOT-FOR-US: bycms
CVE-2020-18456 (Cross Site Scripting (XSS) vulnerability exists in PbootCMS v1.3.7 via ...)
	NOT-FOR-US: PbootCMS
CVE-2020-18455 (Cross Site Scripting (XSS) vulnerability exists in bycms v3.0.4 via th ...)
	NOT-FOR-US: bycms
CVE-2020-18454 (Cross Site Request Forgery (CSRF) vulnerability in bycms v1.3 via admi ...)
	NOT-FOR-US: bycms
CVE-2020-18453
	RESERVED
CVE-2020-18452
	RESERVED
CVE-2020-18451 (Cross Site Scripting (XSS) vulnerability exists in DamiCMS v6.0.6 via  ...)
	NOT-FOR-US: DamiCMS
CVE-2020-18450
	RESERVED
CVE-2020-18449 (Cross Site Scripting (XSS) vulnerability exists in UKCMS v1.1.10 via d ...)
	NOT-FOR-US: UKCMS
CVE-2020-18448
	RESERVED
CVE-2020-18447
	RESERVED
CVE-2020-18446 (Cross Site Scripting (XSS) vulnerability exists in YUNUCMS 1.1.9 via t ...)
	NOT-FOR-US: YUNUCMS
CVE-2020-18445 (Cross Site Scripting (XSS) vulnerability exists in YUNUCMS 1.1.9 via t ...)
	NOT-FOR-US: YUNUCMS
CVE-2020-18444
	RESERVED
CVE-2020-18443
	RESERVED
CVE-2020-18442 (Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a d ...)
	{DLA-2859-1}
	- zziplib 0.13.72+dfsg.1-1
	[bullseye] - zziplib <no-dsa> (Minor issue)
	[buster] - zziplib <no-dsa> (Minor issue)
	NOTE: https://github.com/gdraheim/zziplib/issues/68
	NOTE: https://github.com/gdraheim/zziplib/commit/ac9ae39ef419e9f0f83da1e583314d8c7cda34a6
	NOTE: https://github.com/gdraheim/zziplib/commit/7e786544084548da7fcfcd9090d3c4e7f5777f7e
	NOTE: https://github.com/gdraheim/zziplib/commit/d453977f59ca59c61bf59dec28dd724498828f2a
	NOTE: https://github.com/gdraheim/zziplib/commit/0a9db9ded9d15fbdb63bf5cf451920d0a368c00e
	NOTE: https://github.com/gdraheim/zziplib/commit/a34a96fbda1e58fbec5c79f4c0b5063e031ce11d
	NOTE: https://github.com/gdraheim/zziplib/commit/fa1f78abe1b08544061204019016809664f2618c
	NOTE: https://github.com/gdraheim/zziplib/commit/f7a6fa9f0c29aecb4c2299568ed2e6094c34aca7
CVE-2020-18441
	RESERVED
CVE-2020-18440 (Buffer overflow vulnerability in framework/init.php in qinggan phpok 5 ...)
	NOT-FOR-US: qinggan phpok
CVE-2020-18439 (An issue was discoverered in in function edit_save_f in framework/admi ...)
	NOT-FOR-US: qinggan phpok
CVE-2020-18438 (Directory traversal vulnerability in qinggan phpok 5.1, allows attacke ...)
	NOT-FOR-US: qinggan phpok
CVE-2020-18437
	RESERVED
CVE-2020-18436
	RESERVED
CVE-2020-18435
	RESERVED
CVE-2020-18434
	RESERVED
CVE-2020-18433
	RESERVED
CVE-2020-18432
	RESERVED
CVE-2020-18431
	RESERVED
CVE-2020-18430 (tinyexr 0.9.5 was discovered to contain an array index error in the ti ...)
	- tinyexr <not-affected> (Fixed with initial upload to Debian)
	NOTE: https://github.com/ChijinZ/security_advisories/tree/master/tinyexr_65f9859#cve-2020-18430-out-of-memory-in-function-tinyexrdecodeexrimage-tinyexrh11046
	NOTE: https://github.com/syoyo/tinyexr/issues/108
CVE-2020-18429
	RESERVED
CVE-2020-18428 (tinyexr commit 0.9.5 was discovered to contain an array index error in ...)
	- tinyexr <not-affected> (Fixed with initial upload to Debian)
	NOTE: https://github.com/ChijinZ/security_advisories/tree/master/tinyexr_65f9859#cve-2020-18428-out-of-range-in-function-tinyexrsaveexr-tinyexrh13107
	NOTE: https://github.com/syoyo/tinyexr/issues/109
CVE-2020-18427
	RESERVED
CVE-2020-18426
	RESERVED
CVE-2020-18425
	RESERVED
CVE-2020-18424
	RESERVED
CVE-2020-18423
	RESERVED
CVE-2020-18422
	RESERVED
CVE-2020-18421
	RESERVED
CVE-2020-18420
	RESERVED
CVE-2020-18419
	RESERVED
CVE-2020-18418
	RESERVED
CVE-2020-18417
	RESERVED
CVE-2020-18416
	RESERVED
CVE-2020-18415
	RESERVED
CVE-2020-18414
	RESERVED
CVE-2020-18413
	RESERVED
CVE-2020-18412
	RESERVED
CVE-2020-18411
	RESERVED
CVE-2020-18410
	RESERVED
CVE-2020-18409
	RESERVED
CVE-2020-18408
	RESERVED
CVE-2020-18407
	RESERVED
CVE-2020-18406
	RESERVED
CVE-2020-18405
	RESERVED
CVE-2020-18404
	RESERVED
CVE-2020-18403
	RESERVED
CVE-2020-18402
	RESERVED
CVE-2020-18401
	RESERVED
CVE-2020-18400
	RESERVED
CVE-2020-18399
	RESERVED
CVE-2020-18398
	RESERVED
CVE-2020-18397
	RESERVED
CVE-2020-18396
	RESERVED
CVE-2020-18395 (A NULL-pointer deference issue was discovered in GNU_gama::set() in el ...)
	NOT-FOR-US: GNU Gama
CVE-2020-18394
	RESERVED
CVE-2020-18393
	RESERVED
CVE-2020-18392 (Stack overflow vulnerability in parse_array Cesanta MJS 1.20.1, allows ...)
	NOT-FOR-US: Cesanta MJS
CVE-2020-18391
	RESERVED
CVE-2020-18390
	RESERVED
CVE-2020-18389
	RESERVED
CVE-2020-18388
	RESERVED
CVE-2020-18387
	RESERVED
CVE-2020-18386
	RESERVED
CVE-2020-18385
	RESERVED
CVE-2020-18384
	RESERVED
CVE-2020-18383
	RESERVED
CVE-2020-18382
	RESERVED
CVE-2020-18381
	RESERVED
CVE-2020-18380
	RESERVED
CVE-2020-18379
	RESERVED
CVE-2020-18378
	RESERVED
CVE-2020-18377
	RESERVED
CVE-2020-18376
	RESERVED
CVE-2020-18375
	RESERVED
CVE-2020-18374
	RESERVED
CVE-2020-18373
	RESERVED
CVE-2020-18372
	RESERVED
CVE-2020-18371
	RESERVED
CVE-2020-18370
	RESERVED
CVE-2020-18369
	RESERVED
CVE-2020-18368
	RESERVED
CVE-2020-18367
	RESERVED
CVE-2020-18366
	RESERVED
CVE-2020-18365
	RESERVED
CVE-2020-18364
	RESERVED
CVE-2020-18363
	RESERVED
CVE-2020-18362
	RESERVED
CVE-2020-18361
	RESERVED
CVE-2020-18360
	RESERVED
CVE-2020-18359
	RESERVED
CVE-2020-18358
	RESERVED
CVE-2020-18357
	RESERVED
CVE-2020-18356
	RESERVED
CVE-2020-18355
	RESERVED
CVE-2020-18354
	RESERVED
CVE-2020-18353
	RESERVED
CVE-2020-18352
	RESERVED
CVE-2020-18351
	RESERVED
CVE-2020-18350
	RESERVED
CVE-2020-18349
	RESERVED
CVE-2020-18348
	RESERVED
CVE-2020-18347
	RESERVED
CVE-2020-18346
	RESERVED
CVE-2020-18345
	RESERVED
CVE-2020-18344
	RESERVED
CVE-2020-18343
	RESERVED
CVE-2020-18342
	RESERVED
CVE-2020-18341
	RESERVED
CVE-2020-18340
	RESERVED
CVE-2020-18339
	RESERVED
CVE-2020-18338
	RESERVED
CVE-2020-18337
	RESERVED
CVE-2020-18336
	RESERVED
CVE-2020-18335
	RESERVED
CVE-2020-18334
	RESERVED
CVE-2020-18333
	RESERVED
CVE-2020-18332
	RESERVED
CVE-2020-18331
	RESERVED
CVE-2020-18330
	RESERVED
CVE-2020-18329
	RESERVED
CVE-2020-18328
	RESERVED
CVE-2020-18327
	RESERVED
CVE-2020-18326
	RESERVED
CVE-2020-18325
	RESERVED
CVE-2020-18324
	RESERVED
CVE-2020-18323
	RESERVED
CVE-2020-18322
	RESERVED
CVE-2020-18321
	RESERVED
CVE-2020-18320
	RESERVED
CVE-2020-18319
	RESERVED
CVE-2020-18318
	RESERVED
CVE-2020-18317
	RESERVED
CVE-2020-18316
	RESERVED
CVE-2020-18315
	RESERVED
CVE-2020-18314
	RESERVED
CVE-2020-18313
	RESERVED
CVE-2020-18312
	RESERVED
CVE-2020-18311
	RESERVED
CVE-2020-18310
	RESERVED
CVE-2020-18309
	RESERVED
CVE-2020-18308
	RESERVED
CVE-2020-18307
	RESERVED
CVE-2020-18306
	RESERVED
CVE-2020-18305
	RESERVED
CVE-2020-18304
	RESERVED
CVE-2020-18303
	RESERVED
CVE-2020-18302
	RESERVED
CVE-2020-18301
	RESERVED
CVE-2020-18300
	RESERVED
CVE-2020-18299
	RESERVED
CVE-2020-18298
	RESERVED
CVE-2020-18297
	RESERVED
CVE-2020-18296
	RESERVED
CVE-2020-18295
	RESERVED
CVE-2020-18294
	RESERVED
CVE-2020-18293
	RESERVED
CVE-2020-18292
	RESERVED
CVE-2020-18291
	RESERVED
CVE-2020-18290
	RESERVED
CVE-2020-18289
	RESERVED
CVE-2020-18288
	RESERVED
CVE-2020-18287
	RESERVED
CVE-2020-18286
	RESERVED
CVE-2020-18285
	RESERVED
CVE-2020-18284
	RESERVED
CVE-2020-18283
	RESERVED
CVE-2020-18282
	RESERVED
CVE-2020-18281
	RESERVED
CVE-2020-18280
	RESERVED
CVE-2020-18279
	RESERVED
CVE-2020-18278
	RESERVED
CVE-2020-18277
	RESERVED
CVE-2020-18276
	RESERVED
CVE-2020-18275
	RESERVED
CVE-2020-18274
	RESERVED
CVE-2020-18273
	RESERVED
CVE-2020-18272
	RESERVED
CVE-2020-18271
	RESERVED
CVE-2020-18270
	RESERVED
CVE-2020-18269
	RESERVED
CVE-2020-18268 (Open Redirect in Z-BlogPHP v1.5.2 and earlier allows remote attackers  ...)
	NOT-FOR-US: Z-BlogPHP
CVE-2020-18267
	RESERVED
CVE-2020-18266
	RESERVED
CVE-2020-18265 (Cross Site Request Forgery (CSRF) in Simple-Log v1.6 allows remote att ...)
	NOT-FOR-US: Simple-Log
CVE-2020-18264 (Cross Site Request Forgery (CSRF) in Simple-Log v1.6 allows remote att ...)
	NOT-FOR-US: Simple-Log
CVE-2020-18263 (PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability i ...)
	NOT-FOR-US: PHP-CMS
CVE-2020-18262 (ED01-CMS v1.0 was discovered to contain a SQL injection in the compone ...)
	NOT-FOR-US: ED01-CMS
CVE-2020-18261 (An arbitrary file upload vulnerability in the image upload function of ...)
	NOT-FOR-US: ED01-CMS
CVE-2020-18260
	RESERVED
CVE-2020-18259 (ED01-CMS v1.0 was discovered to contain a reflective cross-site script ...)
	NOT-FOR-US: ED01-CMS
CVE-2020-18258
	RESERVED
CVE-2020-18257
	RESERVED
CVE-2020-18256
	RESERVED
CVE-2020-18255
	RESERVED
CVE-2020-18254
	RESERVED
CVE-2020-18253
	RESERVED
CVE-2020-18252
	RESERVED
CVE-2020-18251
	RESERVED
CVE-2020-18250
	RESERVED
CVE-2020-18249
	RESERVED
CVE-2020-18248
	RESERVED
CVE-2020-18247
	RESERVED
CVE-2020-18246
	RESERVED
CVE-2020-18245
	RESERVED
CVE-2020-18244
	RESERVED
CVE-2020-18243
	RESERVED
CVE-2020-18242
	RESERVED
CVE-2020-18241
	RESERVED
CVE-2020-18240
	RESERVED
CVE-2020-18239
	RESERVED
CVE-2020-18238
	RESERVED
CVE-2020-18237
	RESERVED
CVE-2020-18236
	RESERVED
CVE-2020-18235
	RESERVED
CVE-2020-18234
	RESERVED
CVE-2020-18233
	RESERVED
CVE-2020-18232
	RESERVED
CVE-2020-18231
	RESERVED
CVE-2020-18230 (Cross Site Scripting (XSS) in PHPMyWind v5.5 allows remote attackers t ...)
	NOT-FOR-US: PHPMyWind
CVE-2020-18229 (Cross Site Scripting (XSS) in PHPMyWind v5.5 allows remote attackers t ...)
	NOT-FOR-US: PHPMyWind
CVE-2020-18228
	RESERVED
CVE-2020-18227
	RESERVED
CVE-2020-18226
	RESERVED
CVE-2020-18225
	RESERVED
CVE-2020-18224
	RESERVED
CVE-2020-18223
	RESERVED
CVE-2020-18222
	RESERVED
CVE-2020-18221 (Cross Site Scripting (XSS) in Typora v0.9.65 and earlier allows remote ...)
	NOT-FOR-US: Typora
CVE-2020-18220 (Weak Encoding for Password in DoraCMS v2.1.1 and earlier allows attack ...)
	NOT-FOR-US: DoraCMS
CVE-2020-18219
	RESERVED
CVE-2020-18218
	RESERVED
CVE-2020-18217
	RESERVED
CVE-2020-18216
	RESERVED
CVE-2020-18215 (Multiple SQL Injection vulnerabilities in PHPSHE 1.7 in phpshe/admin.p ...)
	NOT-FOR-US: PHPSHE
CVE-2020-18214
	RESERVED
CVE-2020-18213
	RESERVED
CVE-2020-18212
	RESERVED
CVE-2020-18211
	RESERVED
CVE-2020-18210
	RESERVED
CVE-2020-18209
	RESERVED
CVE-2020-18208
	RESERVED
CVE-2020-18207
	RESERVED
CVE-2020-18206
	RESERVED
CVE-2020-18205
	RESERVED
CVE-2020-18204
	RESERVED
CVE-2020-18203
	RESERVED
CVE-2020-18202
	RESERVED
CVE-2020-18201
	RESERVED
CVE-2020-18200
	RESERVED
CVE-2020-18199
	RESERVED
CVE-2020-18198 (Cross Site Request Forgery (CSRF) in Pluck CMS v4.7.9 allows remote at ...)
	NOT-FOR-US: Pluck CMS
CVE-2020-18197
	RESERVED
CVE-2020-18196
	RESERVED
CVE-2020-18195 (Cross Site Request Forgery (CSRF) in Pluck CMS v4.7.9 allows remote at ...)
	NOT-FOR-US: Pluck CMS
CVE-2020-18194 (Cross Site Scripting (XSS) in emlog v6.0.0 allows remote attackers to  ...)
	NOT-FOR-US: emlog
CVE-2020-18193
	RESERVED
CVE-2020-18192
	RESERVED
CVE-2020-18191 (GetSimpleCMS-3.3.15 is affected by directory traversal. Remote attacke ...)
	NOT-FOR-US: GetSimple CMS
CVE-2020-18190 (Bludit v3.8.1 is affected by directory traversal. Remote attackers are ...)
	NOT-FOR-US: Bludit
CVE-2020-18189
	RESERVED
CVE-2020-18188
	RESERVED
CVE-2020-18187
	RESERVED
CVE-2020-18186
	RESERVED
CVE-2020-18185 (class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrar ...)
	- pluxml <unfixed> (unimportant; bug #973382)
	NOTE: https://github.com/pluxml/PluXml/issues/321
	NOTE: The attack vector is a little unusual but it would be quite expected that
	NOTE: the admin can execute arbitrary php code.
CVE-2020-18184 (In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_ ...)
	- pluxml <unfixed> (unimportant; bug #973382)
	NOTE: https://github.com/pluxml/PluXml/issues/320
	NOTE: One could question whether this is a vulnerability at all. The
	NOTE: developer documentation describes this as expected behavior.
CVE-2020-18183
	RESERVED
CVE-2020-18182
	RESERVED
CVE-2020-18181
	RESERVED
CVE-2020-18180
	RESERVED
CVE-2020-18179
	RESERVED
CVE-2020-18178 (Path Traversal in HongCMS v4.0.0 allows remote attackers to view, edit ...)
	NOT-FOR-US: HongCMS
CVE-2020-18177
	RESERVED
CVE-2020-18176
	RESERVED
CVE-2020-18175 (SQL Injection vulnerability in Metinfo 6.1.3 via a dosafety_emailadd a ...)
	NOT-FOR-US: Metinfo
CVE-2020-18174 (A process injection vulnerability in setup.exe of AutoHotkey 1.1.32.00 ...)
	NOT-FOR-US: AutoHotkey
CVE-2020-18173 (A DLL injection vulnerability in 1password.dll of 1Password 7.3.712 al ...)
	NOT-FOR-US: 1Password
CVE-2020-18172 (A code injection vulnerability in the SeDebugPrivilege component of Tr ...)
	NOT-FOR-US: Trezor Bridge
CVE-2020-18171 (** DISPUTED ** TechSmith Snagit 19.1.0.2653 uses Object Linking and Em ...)
	NOT-FOR-US: TechSmith Snagit
CVE-2020-18170 (An issue in the SeChangeNotifyPrivilege component of Abloy Key Manager ...)
	NOT-FOR-US: Abloy Key Manager
CVE-2020-18169 (** DISPUTED ** A vulnerability in the Windows installer XML (WiX) tool ...)
	NOT-FOR-US: TechSmith Snagit
CVE-2020-18168
	RESERVED
CVE-2020-18167 (Cross Site Scripting (XSS) in LAOBANCMS v2.0 allows remote attackers t ...)
	NOT-FOR-US: LAOBANCMS
CVE-2020-18166 (Unrestricted File Upload in LAOBANCMS v2.0 allows remote attackers to  ...)
	NOT-FOR-US: LAOBANCMS
CVE-2020-18165 (Cross Site Scripting (XSS) in LAOBANCMS v2.0 allows remote attackers t ...)
	NOT-FOR-US: LAOBANCMS
CVE-2020-18164 (SQL Injection vulnerability exists in tp-shop 2.x-3.x via the /index.p ...)
	NOT-FOR-US: tp-shop
CVE-2020-18163
	RESERVED
CVE-2020-18162
	RESERVED
CVE-2020-18161
	RESERVED
CVE-2020-18160
	RESERVED
CVE-2020-18159
	RESERVED
CVE-2020-18158 (Cross Site Scripting (XSS) vulnerability in HuCart 5.7.4 via nickname  ...)
	NOT-FOR-US: HuCart
CVE-2020-18157 (Cross Site Request Forgery (CSRF) vulnerability in MetInfo 6.1.3 via a ...)
	NOT-FOR-US: MetInfo
CVE-2020-18156
	RESERVED
CVE-2020-18155 (SQL Injection vulnerability in Subrion CMS v4.2.1 in the search page i ...)
	NOT-FOR-US: Subrion CMS
CVE-2020-18154
	RESERVED
CVE-2020-18153
	RESERVED
CVE-2020-18152
	RESERVED
CVE-2020-18151 (Cross Site Request Forgerly (CSRF) vulnerability in ThinkCMF v5.1.0, w ...)
	NOT-FOR-US: ThinkCMF
CVE-2020-18150
	RESERVED
CVE-2020-18149
	RESERVED
CVE-2020-18148
	RESERVED
CVE-2020-18147
	RESERVED
CVE-2020-18146
	RESERVED
CVE-2020-18145 (Cross Site Scripting (XSS) vulnerability in umeditor v1.2.3 via /publi ...)
	NOT-FOR-US: umeditor
CVE-2020-18144 (SQL Injection Vulnerability in ECTouch v2 via the integral_min paramet ...)
	NOT-FOR-US: ECTouch
CVE-2020-18143
	RESERVED
CVE-2020-18142
	RESERVED
CVE-2020-18141
	RESERVED
CVE-2020-18140
	RESERVED
CVE-2020-18139
	RESERVED
CVE-2020-18138
	RESERVED
CVE-2020-18137
	RESERVED
CVE-2020-18136
	RESERVED
CVE-2020-18135
	RESERVED
CVE-2020-18134
	RESERVED
CVE-2020-18133
	RESERVED
CVE-2020-18132
	RESERVED
CVE-2020-18131
	RESERVED
CVE-2020-18130
	RESERVED
CVE-2020-18129 (A CSRF vulnerability in Eyoucms v1.2.7 allows an attacker to add an ad ...)
	NOT-FOR-US: Eyoucms
CVE-2020-18128
	RESERVED
CVE-2020-18127 (An issue in the /config/config.php component of Indexhibit 2.1.5 allow ...)
	NOT-FOR-US: Indexhibit
CVE-2020-18126 (Multiple stored cross-site scripting (XSS) vulnerabilities in the Sect ...)
	NOT-FOR-US: Indexhibit
CVE-2020-18125 (A reflected cross-site scripting (XSS) vulnerability in the /plugin/aj ...)
	NOT-FOR-US: Indexhibit
CVE-2020-18124 (A cross-site request forgery (CSRF) vulnerability in Indexhibit 2.1.5  ...)
	NOT-FOR-US: Indexhibit
CVE-2020-18123 (A cross-site request forgery (CSRF) vulnerability in Indexhibit 2.1.5  ...)
	NOT-FOR-US: Indexhibit
CVE-2020-18122
	RESERVED
CVE-2020-18121 (A configuration issue in Indexhibit 2.1.5 allows authenticated attacke ...)
	NOT-FOR-US: Indexhibit
CVE-2020-18120
	RESERVED
CVE-2020-18119
	RESERVED
CVE-2020-18118
	RESERVED
CVE-2020-18117
	RESERVED
CVE-2020-18116 (A lack of filtering for searched keywords in the search bar of YouDian ...)
	NOT-FOR-US: YouDianCMS
CVE-2020-18115
	RESERVED
CVE-2020-18114 (An arbitrary file upload vulnerability in the /uploads/dede component  ...)
	NOT-FOR-US: DedeCMS
CVE-2020-18113
	RESERVED
CVE-2020-18112
	RESERVED
CVE-2020-18111
	RESERVED
CVE-2020-18110
	RESERVED
CVE-2020-18109
	RESERVED
CVE-2020-18108
	RESERVED
CVE-2020-18107
	RESERVED
CVE-2020-18106 (The GET parameter "id" in WMS v1.0 is passed without filtering, which  ...)
	NOT-FOR-US: WMS
	NOTE: https://github.com/FeMiner/wms
CVE-2020-18105
	RESERVED
CVE-2020-18104
	RESERVED
CVE-2020-18103
	RESERVED
CVE-2020-18102 (Cross Site Scripting (XSS) in Hotels_Server v1.0 allows remote attacke ...)
	NOT-FOR-US: Hotels_Server
CVE-2020-18101
	RESERVED
CVE-2020-18100
	RESERVED
CVE-2020-18099
	RESERVED
CVE-2020-18098
	RESERVED
CVE-2020-18097
	RESERVED
CVE-2020-18096
	RESERVED
CVE-2020-18095
	RESERVED
CVE-2020-18094
	RESERVED
CVE-2020-18093
	RESERVED
CVE-2020-18092
	RESERVED
CVE-2020-18091
	RESERVED
CVE-2020-18090
	RESERVED
CVE-2020-18089
	RESERVED
CVE-2020-18088
	RESERVED
CVE-2020-18087
	RESERVED
CVE-2020-18086
	RESERVED
CVE-2020-18085
	RESERVED
CVE-2020-18084 (Cross Site Scripting (XSS) in yzmCMS v5.2 allows remote attackers to e ...)
	NOT-FOR-US: yzmCMS
CVE-2020-18083
	RESERVED
CVE-2020-18082
	RESERVED
CVE-2020-18081 (The checkuser function of SEMCMS 3.8 was discovered to contain a vulne ...)
	NOT-FOR-US: SEMCMS
CVE-2020-18080
	RESERVED
CVE-2020-18079
	RESERVED
CVE-2020-18078 (A vulnerability in /include/web_check.php of SEMCMS v3.8 allows attack ...)
	NOT-FOR-US: SEMCMS
CVE-2020-18077 (A buffer overflow vulnerability in the Virtual Path Mapping component  ...)
	NOT-FOR-US: FTPShell Server
CVE-2020-18076
	RESERVED
CVE-2020-18075
	RESERVED
CVE-2020-18074
	RESERVED
CVE-2020-18073
	RESERVED
CVE-2020-18072
	RESERVED
CVE-2020-18071
	RESERVED
CVE-2020-18070 (Path Traversal in iCMS v7.0.13 allows remote attackers to delete folde ...)
	NOT-FOR-US: iCMS
CVE-2020-18069
	RESERVED
CVE-2020-18068
	RESERVED
CVE-2020-18067
	RESERVED
CVE-2020-18066 (Cross Site Scripting vulnerability in ZrLog 2.1.0 via the (1) userName ...)
	NOT-FOR-US: Zrlog
CVE-2020-18065 (Cross Site Scripting (XSS) vulnerability exists in PopojiCMS 2.0.1 in  ...)
	NOT-FOR-US: PopojiCMS
CVE-2020-18064
	RESERVED
CVE-2020-18063
	RESERVED
CVE-2020-18062
	RESERVED
CVE-2020-18061
	RESERVED
CVE-2020-18060
	RESERVED
CVE-2020-18059
	RESERVED
CVE-2020-18058
	RESERVED
CVE-2020-18057
	RESERVED
CVE-2020-18056
	RESERVED
CVE-2020-18055
	RESERVED
CVE-2020-18054
	RESERVED
CVE-2020-18053
	RESERVED
CVE-2020-18052
	RESERVED
CVE-2020-18051
	RESERVED
CVE-2020-18050
	RESERVED
CVE-2020-18049
	RESERVED
CVE-2020-18048 (An issue in craigms/main.php of CraigMS 1.0 allows attackers to execut ...)
	NOT-FOR-US: CraigMS
	NOTE: https://github.com/bertanddip/CraigMS
CVE-2020-18047
	RESERVED
CVE-2020-18046
	RESERVED
CVE-2020-18045
	RESERVED
CVE-2020-18044
	RESERVED
CVE-2020-18043
	RESERVED
CVE-2020-18042
	RESERVED
CVE-2020-18041
	RESERVED
CVE-2020-18040
	RESERVED
CVE-2020-18039
	RESERVED
CVE-2020-18038
	RESERVED
CVE-2020-18037
	RESERVED
CVE-2020-18036
	RESERVED
CVE-2020-18035 (Cross Site Scripting (XSS) in Jeesns v1.4.2 allows remote attackers to ...)
	NOT-FOR-US: Jeesns
CVE-2020-18034
	RESERVED
CVE-2020-18033
	RESERVED
CVE-2020-18032 (Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f ...)
	{DSA-4914-1 DLA-2659-1}
	- graphviz 2.42.2-5 (bug #988000)
	NOTE: https://gitlab.com/graphviz/graphviz/-/issues/1700
	NOTE: https://gitlab.com/graphviz/graphviz/-/commit/784411ca3655c80da0f6025ab20634b2a6ff696b
CVE-2020-18031
	RESERVED
CVE-2020-18030
	RESERVED
CVE-2020-18029
	RESERVED
CVE-2020-18028
	RESERVED
CVE-2020-18027
	RESERVED
CVE-2020-18026
	RESERVED
CVE-2020-18025
	RESERVED
CVE-2020-18024
	RESERVED
CVE-2020-18023
	RESERVED
CVE-2020-18022 (Cross Site Scripting (XSS) in Qibosoft QiboCMS v7 and earlier allows r ...)
	NOT-FOR-US: Qibosoft QiboCMS
CVE-2020-18021
	RESERVED
CVE-2020-18020 (SQL Injection in PHPSHE Mall System v1.7 allows remote attackers to ex ...)
	NOT-FOR-US: PHPSHE Mall System
CVE-2020-18019 (SQL Injection in Xinhu OA System v1.8.3 allows remote attackers to obt ...)
	NOT-FOR-US: Xinhu OA System
CVE-2020-18018
	RESERVED
CVE-2020-18017
	RESERVED
CVE-2020-18016
	RESERVED
CVE-2020-18015
	RESERVED
CVE-2020-18014
	RESERVED
CVE-2020-18013 (SQL Injextion vulnerability exists in Whatsns 4.0 via the ip parameter ...)
	NOT-FOR-US: Whatsns
CVE-2020-18012
	RESERVED
CVE-2020-18011
	RESERVED
CVE-2020-18010
	RESERVED
CVE-2020-18009
	RESERVED
CVE-2020-18008
	RESERVED
CVE-2020-18007
	RESERVED
CVE-2020-18006
	RESERVED
CVE-2020-18005
	RESERVED
CVE-2020-18004
	RESERVED
CVE-2020-18003
	RESERVED
CVE-2020-18002
	RESERVED
CVE-2020-18001
	RESERVED
CVE-2020-18000
	RESERVED
CVE-2020-17999 (Cross Site Scripting (XSS) in MiniCMS v1.10 allows remote attackers to ...)
	NOT-FOR-US: MiniCMS
CVE-2020-17998
	RESERVED
CVE-2020-17997
	RESERVED
CVE-2020-17996
	RESERVED
CVE-2020-17995
	RESERVED
CVE-2020-17994
	RESERVED
CVE-2020-17993
	RESERVED
CVE-2020-17992
	RESERVED
CVE-2020-17991
	RESERVED
CVE-2020-17990
	RESERVED
CVE-2020-17989
	RESERVED
CVE-2020-17988
	RESERVED
CVE-2020-17987
	RESERVED
CVE-2020-17986
	RESERVED
CVE-2020-17985
	RESERVED
CVE-2020-17984
	RESERVED
CVE-2020-17983
	RESERVED
CVE-2020-17982
	RESERVED
CVE-2020-17981
	RESERVED
CVE-2020-17980
	RESERVED
CVE-2020-17979
	RESERVED
CVE-2020-17978
	RESERVED
CVE-2020-17977
	RESERVED
CVE-2020-17976
	RESERVED
CVE-2020-17975
	RESERVED
CVE-2020-17974
	RESERVED
CVE-2020-17973
	RESERVED
CVE-2020-17972
	RESERVED
CVE-2020-17971
	RESERVED
CVE-2020-17970
	RESERVED
CVE-2020-17969
	RESERVED
CVE-2020-17968
	RESERVED
CVE-2020-17967
	RESERVED
CVE-2020-17966
	RESERVED
CVE-2020-17965
	RESERVED
CVE-2020-17964
	RESERVED
CVE-2020-17963
	RESERVED
CVE-2020-17962
	RESERVED
CVE-2020-17961
	RESERVED
CVE-2020-17960
	RESERVED
CVE-2020-17959
	RESERVED
CVE-2020-17958
	RESERVED
CVE-2020-17957
	RESERVED
CVE-2020-17956
	RESERVED
CVE-2020-17955
	RESERVED
CVE-2020-17954
	RESERVED
CVE-2020-17953
	RESERVED
CVE-2020-17952 (A remote code execution (RCE) vulnerability in /library/think/App.php  ...)
	NOT-FOR-US: Twothink
CVE-2020-17951
	RESERVED
CVE-2020-17950
	RESERVED
CVE-2020-17949
	RESERVED
CVE-2020-17948
	RESERVED
CVE-2020-17947
	RESERVED
CVE-2020-17946
	RESERVED
CVE-2020-17945
	RESERVED
CVE-2020-17944
	RESERVED
CVE-2020-17943
	RESERVED
CVE-2020-17942
	RESERVED
CVE-2020-17941
	RESERVED
CVE-2020-17940
	RESERVED
CVE-2020-17939
	RESERVED
CVE-2020-17938
	RESERVED
CVE-2020-17937
	RESERVED
CVE-2020-17936
	RESERVED
CVE-2020-17935
	RESERVED
CVE-2020-17934
	RESERVED
CVE-2020-17933
	RESERVED
CVE-2020-17932
	RESERVED
CVE-2020-17931
	RESERVED
CVE-2020-17930
	RESERVED
CVE-2020-17929
	RESERVED
CVE-2020-17928
	RESERVED
CVE-2020-17927
	RESERVED
CVE-2020-17926
	RESERVED
CVE-2020-17925
	RESERVED
CVE-2020-17924
	RESERVED
CVE-2020-17923
	RESERVED
CVE-2020-17922
	RESERVED
CVE-2020-17921
	RESERVED
CVE-2020-17920
	RESERVED
CVE-2020-17919
	RESERVED
CVE-2020-17918
	RESERVED
CVE-2020-17917
	RESERVED
CVE-2020-17916
	RESERVED
CVE-2020-17915
	RESERVED
CVE-2020-17914
	RESERVED
CVE-2020-17913
	RESERVED
CVE-2020-17912
	RESERVED
CVE-2020-17911
	RESERVED
CVE-2020-17910
	RESERVED
CVE-2020-17909
	RESERVED
CVE-2020-17908
	RESERVED
CVE-2020-17907
	RESERVED
CVE-2020-17906
	RESERVED
CVE-2020-17905
	RESERVED
CVE-2020-17904
	RESERVED
CVE-2020-17903
	RESERVED
CVE-2020-17902
	RESERVED
CVE-2020-17901 (Cross-site request forgery (CSRF) in PbootCMS 1.3.2 allows attackers t ...)
	NOT-FOR-US: PbootCMS
CVE-2020-17900
	RESERVED
CVE-2020-17899
	RESERVED
CVE-2020-17898
	RESERVED
CVE-2020-17897
	RESERVED
CVE-2020-17896
	RESERVED
CVE-2020-17895
	RESERVED
CVE-2020-17894
	RESERVED
CVE-2020-17893
	RESERVED
CVE-2020-17892
	RESERVED
CVE-2020-17891 (TP-Link Archer C1200 firmware version 1.13 Build 2018/01/24 rel.52299  ...)
	NOT-FOR-US: TP-Link
CVE-2020-17890
	RESERVED
CVE-2020-17889
	RESERVED
CVE-2020-17888
	RESERVED
CVE-2020-17887
	RESERVED
CVE-2020-17886
	RESERVED
CVE-2020-17885
	RESERVED
CVE-2020-17884
	RESERVED
CVE-2020-17883
	RESERVED
CVE-2020-17882
	RESERVED
CVE-2020-17881
	RESERVED
CVE-2020-17880
	RESERVED
CVE-2020-17879
	RESERVED
CVE-2020-17878
	RESERVED
CVE-2020-17877
	RESERVED
CVE-2020-17876
	RESERVED
CVE-2020-17875
	RESERVED
CVE-2020-17874
	RESERVED
CVE-2020-17873
	RESERVED
CVE-2020-17872
	RESERVED
CVE-2020-17871
	RESERVED
CVE-2020-17870
	RESERVED
CVE-2020-17869
	RESERVED
CVE-2020-17868
	RESERVED
CVE-2020-17867
	RESERVED
CVE-2020-17866
	RESERVED
CVE-2020-17865
	RESERVED
CVE-2020-17864
	RESERVED
CVE-2020-17863
	RESERVED
CVE-2020-17862
	RESERVED
CVE-2020-17861
	RESERVED
CVE-2020-17860
	RESERVED
CVE-2020-17859
	RESERVED
CVE-2020-17858
	RESERVED
CVE-2020-17857
	RESERVED
CVE-2020-17856
	RESERVED
CVE-2020-17855
	RESERVED
CVE-2020-17854
	RESERVED
CVE-2020-17853
	RESERVED
CVE-2020-17852
	RESERVED
CVE-2020-17851
	RESERVED
CVE-2020-17850
	RESERVED
CVE-2020-17849
	RESERVED
CVE-2020-17848
	RESERVED
CVE-2020-17847
	RESERVED
CVE-2020-17846
	RESERVED
CVE-2020-17845
	RESERVED
CVE-2020-17844
	RESERVED
CVE-2020-17843
	RESERVED
CVE-2020-17842
	RESERVED
CVE-2020-17841
	RESERVED
CVE-2020-17840
	RESERVED
CVE-2020-17839
	RESERVED
CVE-2020-17838
	RESERVED
CVE-2020-17837
	RESERVED
CVE-2020-17836
	RESERVED
CVE-2020-17835
	RESERVED
CVE-2020-17834
	RESERVED
CVE-2020-17833
	RESERVED
CVE-2020-17832
	RESERVED
CVE-2020-17831
	RESERVED
CVE-2020-17830
	RESERVED
CVE-2020-17829
	RESERVED
CVE-2020-17828
	RESERVED
CVE-2020-17827
	RESERVED
CVE-2020-17826
	RESERVED
CVE-2020-17825
	RESERVED
CVE-2020-17824
	RESERVED
CVE-2020-17823
	RESERVED
CVE-2020-17822
	RESERVED
CVE-2020-17821
	RESERVED
CVE-2020-17820
	RESERVED
CVE-2020-17819
	RESERVED
CVE-2020-17818
	RESERVED
CVE-2020-17817
	RESERVED
CVE-2020-17816
	RESERVED
CVE-2020-17815
	RESERVED
CVE-2020-17814
	RESERVED
CVE-2020-17813
	RESERVED
CVE-2020-17812
	RESERVED
CVE-2020-17811
	RESERVED
CVE-2020-17810
	RESERVED
CVE-2020-17809
	RESERVED
CVE-2020-17808
	RESERVED
CVE-2020-17807
	RESERVED
CVE-2020-17806
	RESERVED
CVE-2020-17805
	RESERVED
CVE-2020-17804
	RESERVED
CVE-2020-17803
	RESERVED
CVE-2020-17802
	RESERVED
CVE-2020-17801
	RESERVED
CVE-2020-17800
	RESERVED
CVE-2020-17799
	RESERVED
CVE-2020-17798
	RESERVED
CVE-2020-17797
	RESERVED
CVE-2020-17796
	RESERVED
CVE-2020-17795
	RESERVED
CVE-2020-17794
	RESERVED
CVE-2020-17793
	RESERVED
CVE-2020-17792
	RESERVED
CVE-2020-17791
	RESERVED
CVE-2020-17790
	RESERVED
CVE-2020-17789
	RESERVED
CVE-2020-17788
	RESERVED
CVE-2020-17787
	RESERVED
CVE-2020-17786
	RESERVED
CVE-2020-17785
	RESERVED
CVE-2020-17784
	RESERVED
CVE-2020-17783
	RESERVED
CVE-2020-17782
	RESERVED
CVE-2020-17781
	RESERVED
CVE-2020-17780
	RESERVED
CVE-2020-17779
	RESERVED
CVE-2020-17778
	RESERVED
CVE-2020-17777
	RESERVED
CVE-2020-17776
	RESERVED
CVE-2020-17775
	RESERVED
CVE-2020-17774
	RESERVED
CVE-2020-17773
	RESERVED
CVE-2020-17772
	RESERVED
CVE-2020-17771
	RESERVED
CVE-2020-17770
	RESERVED
CVE-2020-17769
	RESERVED
CVE-2020-17768
	RESERVED
CVE-2020-17767
	RESERVED
CVE-2020-17766
	RESERVED
CVE-2020-17765
	RESERVED
CVE-2020-17764
	RESERVED
CVE-2020-17763
	RESERVED
CVE-2020-17762
	RESERVED
CVE-2020-17761
	RESERVED
CVE-2020-17760
	RESERVED
CVE-2020-17759 (An issue was found in the Evernote client for Windows 10, 7, and 2008  ...)
	NOT-FOR-US: Evernote
CVE-2020-17758
	RESERVED
CVE-2020-17757
	RESERVED
CVE-2020-17756
	RESERVED
CVE-2020-17755
	RESERVED
CVE-2020-17754
	RESERVED
CVE-2020-17753 (An issue was discovered in function addMeByRC in the smart contract im ...)
	NOT-FOR-US: some Ethereum token
CVE-2020-17752 (Integer overflow vulnerability in payable function of a smart contract ...)
	NOT-FOR-US: some Ethereum token
CVE-2020-17751
	RESERVED
CVE-2020-17750
	RESERVED
CVE-2020-17749
	RESERVED
CVE-2020-17748
	RESERVED
CVE-2020-17747
	RESERVED
CVE-2020-17746
	RESERVED
CVE-2020-17745
	RESERVED
CVE-2020-17744
	RESERVED
CVE-2020-17743
	RESERVED
CVE-2020-17742
	RESERVED
CVE-2020-17741
	RESERVED
CVE-2020-17740
	RESERVED
CVE-2020-17739
	RESERVED
CVE-2020-17738
	RESERVED
CVE-2020-17737
	RESERVED
CVE-2020-17736
	RESERVED
CVE-2020-17735
	RESERVED
CVE-2020-17734
	RESERVED
CVE-2020-17733
	RESERVED
CVE-2020-17732
	RESERVED
CVE-2020-17731
	RESERVED
CVE-2020-17730
	RESERVED
CVE-2020-17729
	RESERVED
CVE-2020-17728
	RESERVED
CVE-2020-17727
	RESERVED
CVE-2020-17726
	RESERVED
CVE-2020-17725
	RESERVED
CVE-2020-17724
	RESERVED
CVE-2020-17723
	RESERVED
CVE-2020-17722
	RESERVED
CVE-2020-17721
	RESERVED
CVE-2020-17720
	RESERVED
CVE-2020-17719
	RESERVED
CVE-2020-17718
	RESERVED
CVE-2020-17717
	RESERVED
CVE-2020-17716
	RESERVED
CVE-2020-17715
	RESERVED
CVE-2020-17714
	RESERVED
CVE-2020-17713
	RESERVED
CVE-2020-17712
	RESERVED
CVE-2020-17711
	RESERVED
CVE-2020-17710
	RESERVED
CVE-2020-17709
	RESERVED
CVE-2020-17708
	RESERVED
CVE-2020-17707
	RESERVED
CVE-2020-17706
	RESERVED
CVE-2020-17705
	RESERVED
CVE-2020-17704
	RESERVED
CVE-2020-17703
	RESERVED
CVE-2020-17702
	RESERVED
CVE-2020-17701
	RESERVED
CVE-2020-17700
	RESERVED
CVE-2020-17699
	RESERVED
CVE-2020-17698
	RESERVED
CVE-2020-17697
	RESERVED
CVE-2020-17696
	RESERVED
CVE-2020-17695
	RESERVED
CVE-2020-17694
	RESERVED
CVE-2020-17693
	RESERVED
CVE-2020-17692
	RESERVED
CVE-2020-17691
	RESERVED
CVE-2020-17690
	RESERVED
CVE-2020-17689
	RESERVED
CVE-2020-17688
	RESERVED
CVE-2020-17687
	RESERVED
CVE-2020-17686
	RESERVED
CVE-2020-17685
	RESERVED
CVE-2020-17684
	RESERVED
CVE-2020-17683
	RESERVED
CVE-2020-17682
	RESERVED
CVE-2020-17681
	RESERVED
CVE-2020-17680
	RESERVED
CVE-2020-17679
	RESERVED
CVE-2020-17678
	RESERVED
CVE-2020-17677
	RESERVED
CVE-2020-17676
	RESERVED
CVE-2020-17675
	RESERVED
CVE-2020-17674
	RESERVED
CVE-2020-17673
	RESERVED
CVE-2020-17672
	RESERVED
CVE-2020-17671
	RESERVED
CVE-2020-17670
	RESERVED
CVE-2020-17669
	RESERVED
CVE-2020-17668
	RESERVED
CVE-2020-17667
	RESERVED
CVE-2020-17666
	RESERVED
CVE-2020-17665
	RESERVED
CVE-2020-17664
	RESERVED
CVE-2020-17663
	RESERVED
CVE-2020-17662
	RESERVED
CVE-2020-17661
	RESERVED
CVE-2020-17660
	RESERVED
CVE-2020-17659
	RESERVED
CVE-2020-17658
	RESERVED
CVE-2020-17657
	RESERVED
CVE-2020-17656
	RESERVED
CVE-2020-17655
	RESERVED
CVE-2020-17654
	RESERVED
CVE-2020-17653
	RESERVED
CVE-2020-17652
	RESERVED
CVE-2020-17651
	RESERVED
CVE-2020-17650
	RESERVED
CVE-2020-17649
	RESERVED
CVE-2020-17648
	RESERVED
CVE-2020-17647
	RESERVED
CVE-2020-17646
	RESERVED
CVE-2020-17645
	RESERVED
CVE-2020-17644
	RESERVED
CVE-2020-17643
	RESERVED
CVE-2020-17642
	RESERVED
CVE-2020-17641
	RESERVED
CVE-2020-17640
	RESERVED
CVE-2020-17639
	RESERVED
CVE-2020-17638
	RESERVED
CVE-2020-17637
	RESERVED
CVE-2020-17636
	RESERVED
CVE-2020-17635
	RESERVED
CVE-2020-17634
	RESERVED
CVE-2020-17633
	RESERVED
CVE-2020-17632
	RESERVED
CVE-2020-17631
	RESERVED
CVE-2020-17630
	RESERVED
CVE-2020-17629
	RESERVED
CVE-2020-17628
	RESERVED
CVE-2020-17627
	RESERVED
CVE-2020-17626
	RESERVED
CVE-2020-17625
	RESERVED
CVE-2020-17624
	RESERVED
CVE-2020-17623
	RESERVED
CVE-2020-17622
	RESERVED
CVE-2020-17621
	RESERVED
CVE-2020-17620
	RESERVED
CVE-2020-17619
	RESERVED
CVE-2020-17618
	RESERVED
CVE-2020-17617
	RESERVED
CVE-2020-17616
	RESERVED
CVE-2020-17615
	RESERVED
CVE-2020-17614
	RESERVED
CVE-2020-17613
	RESERVED
CVE-2020-17612
	RESERVED
CVE-2020-17611
	RESERVED
CVE-2020-17610
	RESERVED
CVE-2020-17609
	RESERVED
CVE-2020-17608
	RESERVED
CVE-2020-17607
	RESERVED
CVE-2020-17606
	RESERVED
CVE-2020-17605
	RESERVED
CVE-2020-17604
	RESERVED
CVE-2020-17603
	RESERVED
CVE-2020-17602
	RESERVED
CVE-2020-17601
	RESERVED
CVE-2020-17600
	RESERVED
CVE-2020-17599
	RESERVED
CVE-2020-17598
	RESERVED
CVE-2020-17597
	RESERVED
CVE-2020-17596
	RESERVED
CVE-2020-17595
	RESERVED
CVE-2020-17594
	RESERVED
CVE-2020-17593
	RESERVED
CVE-2020-17592
	RESERVED
CVE-2020-17591
	RESERVED
CVE-2020-17590
	RESERVED
CVE-2020-17589
	RESERVED
CVE-2020-17588
	RESERVED
CVE-2020-17587
	RESERVED
CVE-2020-17586
	RESERVED
CVE-2020-17585
	RESERVED
CVE-2020-17584
	RESERVED
CVE-2020-17583
	RESERVED
CVE-2020-17582
	RESERVED
CVE-2020-17581
	RESERVED
CVE-2020-17580
	RESERVED
CVE-2020-17579
	RESERVED
CVE-2020-17578
	RESERVED
CVE-2020-17577
	RESERVED
CVE-2020-17576
	RESERVED
CVE-2020-17575
	RESERVED
CVE-2020-17574
	RESERVED
CVE-2020-17573
	RESERVED
CVE-2020-17572
	RESERVED
CVE-2020-17571
	RESERVED
CVE-2020-17570
	RESERVED
CVE-2020-17569
	RESERVED
CVE-2020-17568
	RESERVED
CVE-2020-17567
	RESERVED
CVE-2020-17566
	RESERVED
CVE-2020-17565
	RESERVED
CVE-2020-17564 (Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arb ...)
	NOT-FOR-US: FeiFeiCMS
CVE-2020-17563 (Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arb ...)
	NOT-FOR-US: FeiFeiCMS
CVE-2020-17562
	RESERVED
CVE-2020-17561
	RESERVED
CVE-2020-17560
	RESERVED
CVE-2020-17559
	RESERVED
CVE-2020-17558
	RESERVED
CVE-2020-17557
	RESERVED
CVE-2020-17556
	RESERVED
CVE-2020-17555
	RESERVED
CVE-2020-17554
	RESERVED
CVE-2020-17553
	RESERVED
CVE-2020-17552
	RESERVED
CVE-2020-17551 (ImpressCMS 1.4.0 is affected by XSS in modules/system/admin.php which  ...)
	NOT-FOR-US: ImpressCMS
CVE-2020-17550
	RESERVED
CVE-2020-17549
	RESERVED
CVE-2020-17548
	RESERVED
CVE-2020-17547
	RESERVED
CVE-2020-17546
	RESERVED
CVE-2020-17545
	RESERVED
CVE-2020-17544
	RESERVED
CVE-2020-17543
	RESERVED
CVE-2020-17542 (Cross Site Scripting (XSS) in dotCMS v5.1.5 allows remote attackers to ...)
	NOT-FOR-US: dotCMS
CVE-2020-17541 (Libjpeg-turbo all version have a stack-based buffer overflow in the "t ...)
	- libjpeg-turbo 1:2.0.5-1 (unimportant)
	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/c76f4a08263b0cea40d2967560ac7c21f6959079
	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392
CVE-2020-17540
	RESERVED
CVE-2020-17539
	RESERVED
CVE-2020-17538 (A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/g ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701792
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=9f39ed4a92578a020ae10459643e1fe72573d134 (9.51)
	NOTE: chunk #1, see also CVE-2020-16296
CVE-2020-17537
	REJECTED
CVE-2020-17536
	REJECTED
CVE-2020-17535
	REJECTED
CVE-2020-17534 (There exists a race condition between the deletion of the temporary fi ...)
	NOT-FOR-US: netbeans-html4j
CVE-2020-17533 (Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not ...)
	NOT-FOR-US: Apache Accumulo
CVE-2020-17532 (When handler-router component is enabled in servicecomb-java-chassis,  ...)
	NOT-FOR-US: servicecomb-java-chassis
CVE-2020-17531 (A Java Serialization vulnerability was found in Apache Tapestry 4. Apa ...)
	NOT-FOR-US: Apache Tapestry
CVE-2020-17530 (Forced OGNL evaluation, when evaluated on raw user input in tag attrib ...)
	- libstruts1.2-java <not-affected> (Specific to 2.x)
	NOTE: https://cwiki.apache.org/confluence/display/WW/S2-061
CVE-2020-17529 (Out-of-bounds Write vulnerability in TCP Stack of Apache NuttX (incuba ...)
	NOT-FOR-US: Apache NuttX
CVE-2020-17528 (Out-of-bounds Write vulnerability in TCP stack of Apache NuttX (incuba ...)
	NOT-FOR-US: Apache NuttX
CVE-2020-17527 (While investigating bug 64830 it was discovered that Apache Tomcat 10. ...)
	{DSA-4835-1 DLA-2495-1}
	- tomcat9 9.0.40-1
	- tomcat8 <removed>
	NOTE: https://github.com/apache/tomcat/commit/d56293f816d6dc9e2b47107f208fa9e95db58c65 (9.0.40)
	NOTE: https://github.com/apache/tomcat/commit/21e3408671aac7e0d7e264e720cac8b1b189eb29 (8.5.60)
CVE-2020-17526 (Incorrect Session Validation in Apache Airflow Webserver versions prio ...)
	- airflow <itp> (bug #819700)
CVE-2020-17525 (Subversion's mod_authz_svn module will crash if the server is using in ...)
	{DSA-4851-1 DLA-2646-1}
	- subversion 1.14.1-1 (bug #982464)
	NOTE: https://subversion.apache.org/security/CVE-2020-17525-advisory.txt
CVE-2020-17524
	REJECTED
CVE-2020-17523 (Apache Shiro before 1.7.1, when using Apache Shiro with Spring, a spec ...)
	- shiro <not-affected> (Vulnerable code not present)
	NOTE: https://www.openwall.com/lists/oss-security/2021/02/01/3
	NOTE: https://issues.apache.org/jira/browse/SHIRO-797
CVE-2020-17522 (When ORT (now via atstccfg) generates ip_allow.config files in Apache  ...)
	NOT-FOR-US: Apache Traffic Control
CVE-2020-17521 (Apache Groovy provides extension methods to aid with creating temporar ...)
	- groovy 2.4.21-1 (bug #977399)
	[buster] - groovy <no-dsa> (Minor issue)
	[stretch] - groovy <no-dsa> (Minor issue)
	- groovy2 <removed>
	NOTE: https://issues.apache.org/jira/browse/GROOVY-9824
	NOTE: https://www.openwall.com/lists/oss-security/2020/12/06/1
	NOTE: https://github.com/apache/groovy/commit/4e418d4a34c973a7ec1e822552103043ac13780e (GROOVY_2_4_21)
CVE-2020-17520 (In the Pulsar manager 0.1.0 version, malicious users will be able to b ...)
	NOT-FOR-US: Apache Pulsar
CVE-2020-17519 (A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and ...)
	NOT-FOR-US: Apache Flink
CVE-2020-17518 (Apache Flink 1.5.1 introduced a REST handler that allows you to write  ...)
	NOT-FOR-US: Apache Flink
CVE-2020-17517 (The S3 buckets and keys in a secure Apache Ozone Cluster must be inacc ...)
	NOT-FOR-US: Apache Ozone
CVE-2020-17516 (Apache Cassandra versions 2.1.0 to 2.1.22, 2.2.0 to 2.2.19, 3.0.0 to 3 ...)
	- cassandra <itp> (bug #585905)
CVE-2020-17515 (The "origin" parameter passed to some of the endpoints like '/trigger' ...)
	- airflow <itp> (bug #819700)
CVE-2020-17514 (Apache Fineract prior to 1.5.0 disables HTTPS hostname verification in ...)
	NOT-FOR-US: Apache Fineract
CVE-2020-17513 (In Apache Airflow versions prior to 1.10.13, the Charts and Query View ...)
	- airflow <itp> (bug #819700)
CVE-2020-17512
	RESERVED
CVE-2020-17511 (In Airflow versions prior to 1.10.13, when creating a user using airfl ...)
	- airflow <itp> (bug #819700)
CVE-2020-17510 (Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a spec ...)
	{DLA-2726-1}
	- shiro 1.3.2-5 (bug #988728)
	[bullseye] - shiro 1.3.2-4+deb11u1
	[buster] - shiro 1.3.2-4+deb10u1
	NOTE: https://www.openwall.com/lists/oss-security/2020/11/04/7
	NOTE: https://lists.apache.org/thread.html/rc2cff2538b683d480426393eecf1ce8dd80e052fbef49303b4f47171%40%3Cdev.shiro.apache.org%3E
	NOTE: https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12349284&styleName=Text&projectId=12310950
CVE-2020-17509 (ATS negative cache option is vulnerable to a cache poisoning attack. I ...)
	{DSA-4805-1}
	- trafficserver 8.1.1+ds-1
	NOTE: https://github.com/apache/trafficserver/pull/7359
	NOTE: https://lists.apache.org/thread.html/raa9f0589c26c4d146646425e51e2a33e1457492df9f7ea2019daa6d3%40%3Cdev.trafficserver.apache.org%3E
CVE-2020-17508 (The ATS ESI plugin has a memory disclosure vulnerability. If you are r ...)
	{DSA-4805-1}
	- trafficserver 8.1.1+ds-1
	NOTE: https://github.com/apache/trafficserver/pull/7358
	NOTE: https://lists.apache.org/thread.html/r65434f7acca3aebf81b0588587149c893fe9f8f9f159eaa7364a70ff%40%3Cdev.trafficserver.apache.org%3E
CVE-2020-17507 (An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15. ...)
	{DLA-2377-1 DLA-2376-1}
	- qtbase-opensource-src 5.14.2+dfsg-6 (bug #968444)
	[buster] - qtbase-opensource-src 5.11.3+dfsg1-1+deb10u4
	- qt4-x11 <removed> (bug #970308)
	[buster] - qt4-x11 4:4.8.7+dfsg-18+deb10u1
	NOTE: https://codereview.qt-project.org/c/qt/qtbase/+/308436 (dev branch)
	NOTE: https://codereview.qt-project.org/c/qt/qtbase/+/308496 (5.15 branch)
	NOTE: https://codereview.qt-project.org/c/qt/qtbase/+/308495 (5.12 branch)
CVE-2020-17506 (Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privil ...)
	NOT-FOR-US: Artica Web Proxy
CVE-2020-17505 (Artica Web Proxy 4.30.000000 allows an authenticated remote attacker t ...)
	NOT-FOR-US: Artica Web Proxy
CVE-2020-17504 (The NDN-210 has a web administration panel which is made available ove ...)
	NOT-FOR-US: Barco
CVE-2020-17503 (The NDN-210 has a web administration panel which is made available ove ...)
	NOT-FOR-US: Barco
CVE-2020-17502 (Barco TransForm N before 3.8 allows Command Injection (issue 2 of 4).  ...)
	NOT-FOR-US: Barco
CVE-2020-17501
	RESERVED
CVE-2020-17500 (Barco TransForm NDN-210 Lite, NDN-210 Pro, NDN-211 Lite, and NDN-211 P ...)
	NOT-FOR-US: Barco
CVE-2020-17499
	RESERVED
CVE-2020-17498 (In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. ...)
	- wireshark 3.2.6-1
	[buster] - wireshark <not-affected> (Vulnerable compose_tvb code not present)
	[stretch] - wireshark <not-affected> (Vulnerable compose_tvb code not present)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16672
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=76afda963de4f0b9be24f2d8e873990a5cbf221b
	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-10.html
CVE-2020-17497 (eapol.c in iNet wireless daemon (IWD) through 1.8 allows attackers to  ...)
	- iwd 1.9-1 (bug #968996)
	[buster] - iwd <no-dsa> (Minor issue)
	NOTE: https://lists.01.org/hyperkitty/list/iwd@lists.01.org/thread/4GUXL4Z6KZWWZINATGHNJVAEUTS3I7PG/
	NOTE: https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=f22ba5aebb569ca54521afd2babdc1f67e3904ea
CVE-2020-17496 (vBulletin 5.5.4 through 5.6.2 allows remote command execution via craf ...)
	NOT-FOR-US: vBulletin
CVE-2020-17495 (django-celery-results through 1.2.1 stores task results in the databas ...)
	- python-django-celery-results <unfixed> (unimportant; bug #968305)
	NOTE: https://github.com/celery/django-celery-results/issues/142
	NOTE: Disputed upstream as security vulnerablity, as it is up to the developers who uses
	NOTE: sensitive information when calling celery tasks to provide suitable replacement argument
	NOTE: through argsrepr and kwargsrepr as described in:
	NOTE: https://github.com/celery/django-celery-results/issues/154#issuecomment-734706270
CVE-2020-17494 (Untangle Firewall NG before 16.0 uses MD5 for passwords. ...)
	NOT-FOR-US: Untangle Firewall NG
CVE-2020-17493
	RESERVED
CVE-2020-17492
	RESERVED
CVE-2020-17491
	RESERVED
CVE-2020-17490 (The TLS module within SaltStack Salt through 3002 creates certificates ...)
	{DSA-4837-1 DLA-2480-1}
	- salt 3002.1+dfsg1-1
	NOTE: https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
	NOTE: https://gitlab.com/saltstack/open/salt-patches/-/raw/master/patches/2020/09/02/2018.3.x.patch (2018.3.x)
	NOTE: https://gitlab.com/saltstack/open/salt-patches/-/raw/master/patches/2020/09/02/2016.11.x.patch (2016.11.x)
CVE-2020-17489 (An issue was discovered in certain configurations of GNOME gnome-shell ...)
	{DLA-2374-1}
	- gnome-shell 3.36.5-1 (bug #968311)
	[buster] - gnome-shell 3.30.2-11~deb10u2
	NOTE: https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/2997
	NOTE: https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1377
	NOTE: https://gitlab.gnome.org/GNOME/gnome-shell/-/commit/13137aad9db52223e8b62cecbd3456f4a7f66f04
CVE-2020-17488
	RESERVED
CVE-2020-17487 (radare2 4.5.0 misparses signature information in PE files, causing a s ...)
	- radare2 5.0.0+dfsg-1
	NOTE: https://github.com/radareorg/radare2/issues/17431
CVE-2020-17486
	RESERVED
CVE-2020-17485
	RESERVED
CVE-2020-17484
	RESERVED
CVE-2020-17483
	RESERVED
CVE-2020-17482 (An issue has been found in PowerDNS Authoritative Server before 4.3.1  ...)
	- pdns 4.3.1-1 (bug #970737)
	[buster] - pdns 4.1.6-3+deb10u1
	[stretch] - pdns <no-dsa> (Minor issue)
	NOTE: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-05.html
CVE-2020-17481
	RESERVED
CVE-2020-17480 (TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parse ...)
	- tinymce <removed> (bug #972642)
	[buster] - tinymce <no-dsa> (Minor issue)
	[stretch] - tinymce <no-dsa> (Minor issue)
	NOTE: https://github.com/tinymce/tinymce/security/advisories/GHSA-27gm-ghr9-4v95
CVE-2020-17479 (jpv (aka Json Pattern Validator) before 2.2.2 does not properly valida ...)
	NOT-FOR-US: jpv
CVE-2020-17478 (ECDSA/EC/Point.pm in Crypt::Perl before 0.33 does not properly conside ...)
	- libcrypt-perl-perl <itp> (bug #907353)
CVE-2020-17477
	RESERVED
CVE-2020-17476 (Mibew Messenger before 3.2.7 allows XSS via a crafted user name. ...)
	NOT-FOR-US: Mibew Messenger
CVE-2020-17475 (Lack of authentication in the network relays used in MEGVII Koala 2.9. ...)
	NOT-FOR-US: MEGVII Koala
CVE-2020-17474 (A token-reuse vulnerability in ZKTeco FaceDepot 7B 1.0.213 and ZKBiose ...)
	NOT-FOR-US: ZKTeco FaceDepot 7B and ZKBiosecurity Server
CVE-2020-17473 (Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBio ...)
	NOT-FOR-US: ZKTeco FaceDepot and ZKBiosecurity Server
CVE-2020-17472
	RESERVED
CVE-2020-17471
	RESERVED
CVE-2020-17470 (An issue was discovered in FNET through 4.6.4. The code that initializ ...)
	NOT-FOR-US: FNET
CVE-2020-17469 (An issue was discovered in FNET through 4.6.4. The code for IPv6 fragm ...)
	NOT-FOR-US: FNET
CVE-2020-17468 (An issue was discovered in FNET through 4.6.4. The code for processing ...)
	NOT-FOR-US: FNET
CVE-2020-17467 (An issue was discovered in FNET through 4.6.4. The code for processing ...)
	NOT-FOR-US: FNET
CVE-2020-17466 (Turcom TRCwifiZone through 2020-08-10 allows authentication bypass by  ...)
	NOT-FOR-US: Turcom TRCwifiZone
CVE-2020-17465 (Dashboards and progressiveProfileForms in ForgeRock Identity Manager b ...)
	NOT-FOR-US: Dashboards and progressiveProfileForms in ForgeRock Identity Manager
CVE-2020-17464
	REJECTED
CVE-2020-17463 (FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/it ...)
	NOT-FOR-US: FUEL CMS
CVE-2020-17462 (CMS Made Simple 2.2.14 allows Authenticated Arbitrary File Upload beca ...)
	NOT-FOR-US: CMS Made Simple
CVE-2020-17461
	RESERVED
CVE-2020-17460
	RESERVED
CVE-2020-17459
	RESERVED
CVE-2020-17458 (A post-authenticated stored XSS was found in MultiUx v.3.1.12.0 via th ...)
	NOT-FOR-US: MultiUx
CVE-2020-17457 (Fujitsu ServerView Suite iRMC before 9.62F allows XSS. An authenticate ...)
	NOT-FOR-US: Fujitsu
CVE-2020-17456 (SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution ...)
	NOT-FOR-US: SEOWON INTECH
CVE-2020-17455
	RESERVED
CVE-2020-17454 (WSO2 API Manager 3.1.0 and earlier has reflected XSS on the "publisher ...)
	NOT-FOR-US: WSO2 API Manager
CVE-2020-17453 (WSO2 Management Console through 5.10 allows XSS via the carbon/admin/l ...)
	NOT-FOR-US: WSO2 Management Console
CVE-2020-17452 (flatCore before 1.5.7 allows upload and execution of a .php file by an ...)
	NOT-FOR-US: flatCore CMS
CVE-2020-17451 (flatCore before 1.5.7 allows XSS by an admin via the acp/acp.php?tn=pa ...)
	NOT-FOR-US: flatCore CMS
CVE-2020-17450 (PHP-Fusion 9.03 allows XSS on the preview page. ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-17449 (PHP-Fusion 9.03 allows XSS via the error_log file. ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-17448 (Telegram Desktop through 2.1.13 allows a spoofed file type to bypass t ...)
	- telegram-desktop 2.2.0+ds-1
	[buster] - telegram-desktop <no-dsa> (Minor issue)
CVE-2020-17447
	REJECTED
CVE-2020-17446 (asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger  ...)
	{DLA-2363-1}
	- asyncpg 0.21.0-1
	NOTE: https://github.com/MagicStack/asyncpg/commit/69bcdf5bf7696b98ee708be5408fd7d854e910d0
CVE-2020-17445 (An issue was discovered in picoTCP 1.7.0. The code for processing the  ...)
	NOT-FOR-US: picoTCP
CVE-2020-17444 (An issue was discovered in picoTCP 1.7.0. The routine for processing t ...)
	NOT-FOR-US: picoTCP
CVE-2020-17443 (An issue was discovered in picoTCP 1.7.0. The code for creating an ICM ...)
	NOT-FOR-US: picoTCP
CVE-2020-17442 (An issue was discovered in picoTCP 1.7.0. The code for parsing the hop ...)
	NOT-FOR-US: picoTCP
CVE-2020-17441 (An issue was discovered in picoTCP 1.7.0. The code for processing the  ...)
	NOT-FOR-US: picoTCP
CVE-2020-17440 (An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other p ...)
	NOT-FOR-US: uIP as used in Contiki and other products (but apparently not open-iscsi)
CVE-2020-17439 (An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other p ...)
	NOT-FOR-US: uIP as used in Contiki and other products (but apparently not open-iscsi)
CVE-2020-17438 (An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other p ...)
	NOT-FOR-US: uIP as used in Contiki and other products (but apparently not open-iscsi)
CVE-2020-17437 (An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other p ...)
	- open-iscsi 2.1.3-1
	[buster] - open-iscsi <no-dsa> (Minor issue)
	[stretch] - open-iscsi <no-dsa> (Minor issue)
	NOTE: https://groups.google.com/g/open-iscsi/c/iRS9fcB1bJU/m/BbxY1SGPEwAJ
	NOTE: Adressed upstream in 2.1.3 release
CVE-2020-17436 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit
CVE-2020-17435 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit
CVE-2020-17434 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit
CVE-2020-17433 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit
CVE-2020-17432 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit
CVE-2020-17431 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2020-17430 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2020-17429 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit
CVE-2020-17428 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit
CVE-2020-17427 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2020-17426 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2020-17425 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2020-17424 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2020-17423 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2020-17422 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit
CVE-2020-17421 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2020-17420 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit
CVE-2020-17419 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2020-17418 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2020-17417 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-17416 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-17415 (This vulnerability allows local attackers to escalate privileges on af ...)
	NOT-FOR-US: Foxit
CVE-2020-17414 (This vulnerability allows local attackers to escalate privileges on af ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-17413 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2020-17412 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2020-17411 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit
CVE-2020-17410 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2020-17409 (This vulnerability allows network-adjacent attackers to disclose sensi ...)
	NOT-FOR-US: Netgear
CVE-2020-17408 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: NEC
CVE-2020-17407 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Microhard Bullet-LTE
CVE-2020-17406 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Microhard Bullet-LTE
CVE-2020-17405 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
	NOT-FOR-US: Senstar Symphony
CVE-2020-17404 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2020-17403 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2020-17402 (This vulnerability allows local attackers to disclose sensitive inform ...)
	NOT-FOR-US: Parallels Desktop
CVE-2020-17401 (This vulnerability allows local attackers to disclose sensitive inform ...)
	NOT-FOR-US: Parallels Desktop
CVE-2020-17400 (This vulnerability allows local attackers to escalate privileges on af ...)
	NOT-FOR-US: Parallels Desktop
CVE-2020-17399 (This vulnerability allows local attackers to escalate privileges on af ...)
	NOT-FOR-US: Parallels Desktop
CVE-2020-17398 (This vulnerability allows local attackers to disclose information on a ...)
	NOT-FOR-US: Parallels Desktop
CVE-2020-17397 (This vulnerability allows local attackers to escalate privileges on af ...)
	NOT-FOR-US: Parallels Desktop
CVE-2020-17396 (This vulnerability allows local attackers to escalate privileges on af ...)
	NOT-FOR-US: Parallels Desktop
CVE-2020-17395 (This vulnerability allows local attackers to escalate privileges on af ...)
	NOT-FOR-US: Parallels Desktop
CVE-2020-17394 (This vulnerability allows local attackers to disclose sensitive inform ...)
	NOT-FOR-US: Parallels Desktop
CVE-2020-17393 (This vulnerability allows local attackers to disclose information on a ...)
	NOT-FOR-US: Parallels Desktop
CVE-2020-17392 (This vulnerability allows local attackers to escalate privileges on af ...)
	NOT-FOR-US: Parallels Desktop
CVE-2020-17391 (This vulnerability allows local attackers to disclose information on a ...)
	NOT-FOR-US: Parallels Desktop
CVE-2020-17390 (This vulnerability allows local attackers to escalate privileges on af ...)
	NOT-FOR-US: Parallels Desktop
CVE-2020-17389 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Marvell QConvergeConsole
CVE-2020-17388 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Marvell QConvergeConsole
CVE-2020-17387 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Marvell QConvergeConsole
CVE-2020-17386 (Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputte ...)
	NOT-FOR-US: Cellopoint Cellos
CVE-2020-17385 (Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputte ...)
	NOT-FOR-US: Cellopoint Cellos
CVE-2020-17384 (Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputte ...)
	NOT-FOR-US: Cellopoint Cellos
CVE-2020-17383 (A directory traversal vulnerability on Telos Z/IP One devices through  ...)
	NOT-FOR-US: Telos Z/IP ONE Broadcast
CVE-2020-17382 (The MSI AmbientLink MsIo64 driver 1.0.0.8 has a Buffer Overflow (0x801 ...)
	NOT-FOR-US: MSI AmbientLink MsIo64 driver
CVE-2020-17381 (An issue was discovered in Ghisler Total Commander 9.51. Due to insuff ...)
	NOT-FOR-US: Ghisler Total Commander
CVE-2020-17380 (A heap-based buffer overflow was found in QEMU through 5.0.0 in the SD ...)
	{DLA-2623-1}
	- qemu 1:5.2+dfsg-10 (bug #970937)
	[buster] - qemu <postponed> (Minor issue, fix along in future DSA)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1862167
	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg01175.html
	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=dfba99f17feb6d4a129da19d38df1bcd8579d1c3
	NOTE: possible duplicate of CVE-2020-25085, see RH bug
CVE-2020-17379
	RESERVED
CVE-2020-17378
	RESERVED
CVE-2020-17377
	RESERVED
CVE-2020-17376 (An issue was discovered in Guest.migrate in virt/libvirt/guest.py in O ...)
	- nova 2:21.1.0-1 (bug #969052)
	[buster] - nova <no-dsa> (Minor issue)
	[stretch] - nova <no-dsa> (Minor issue)
	NOTE: https://launchpad.net/bugs/1890501
	NOTE: https://www.openwall.com/lists/oss-security/2020/08/25/4
CVE-2020-17375
	RESERVED
CVE-2020-17374
	RESERVED
CVE-2020-17373 (SugarCRM before 10.1.0 (Q3 2020) allows SQL Injection. ...)
	NOT-FOR-US: SugarCRM
CVE-2020-17372 (SugarCRM before 10.1.0 (Q3 2020) allows XSS. ...)
	NOT-FOR-US: SugarCRM
CVE-2020-17371
	RESERVED
CVE-2020-17370
	RESERVED
CVE-2020-17369
	RESERVED
CVE-2020-17368 (Firejail through 0.9.62 mishandles shell metacharacters during use of  ...)
	{DSA-4767-1 DSA-4742-1 DLA-2336-1}
	- firejail 0.9.62-4
	NOTE: https://phabricator.wikimedia.org/T258763
	NOTE: https://github.com/netblue30/firejail/commit/34193604fed04cad2b7b6b0f1a3a0428afd9ed5b
	NOTE: https://phabricator.wikimedia.org/T257062
	NOTE: https://www.mediawiki.org/wiki/Extension:Score/2021_security_advisory
CVE-2020-17367 (Firejail through 0.9.62 does not honor the -- end-of-options indicator ...)
	{DSA-4767-1 DSA-4742-1 DLA-2336-1}
	- firejail 0.9.62-4
	NOTE: https://phabricator.wikimedia.org/T258763
	NOTE: https://github.com/netblue30/firejail/commit/2c734d6350ad321fccbefc5ef0382199ac331b37
	NOTE: https://phabricator.wikimedia.org/T257062
	NOTE: https://www.mediawiki.org/wiki/Extension:Score/2021_security_advisory
CVE-2020-17366 (An issue was discovered in NLnet Labs Routinator 0.1.0 through 0.7.1.  ...)
	- routinator <itp> (bug #929024)
	NOTE: https://github.com/NLnetLabs/routinator/issues/319
CVE-2020-17365 (Improper directory permissions in the Hotspot Shield VPN client softwa ...)
	NOT-FOR-US: Hotspot Shield VPN client for Windows
CVE-2020-17364 (USVN (aka User-friendly SVN) before 1.0.9 allows XSS via SVN logs. ...)
	NOT-FOR-US: User-friendly SVN
CVE-2020-17363 (USVN (aka User-friendly SVN) before 1.0.9 allows remote code execution ...)
	NOT-FOR-US: User-friendly SVN
CVE-2020-17362 (search.php in the Nova Lite theme before 1.3.9 for WordPress allows Re ...)
	NOT-FOR-US: Nova Lite theme for WordPress
CVE-2020-17361 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in ReadyTalk A ...)
	NOT-FOR-US: ReadyTalk Avian
CVE-2020-17360 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in ReadyTalk A ...)
	NOT-FOR-US: ReadyTalk Avian
CVE-2020-17359
	RESERVED
CVE-2020-17358
	RESERVED
CVE-2020-17357
	RESERVED
CVE-2020-17356
	RESERVED
CVE-2020-17355 (Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23. ...)
	NOT-FOR-US: Arista
CVE-2020-17354
	RESERVED
	NOTE: https://phabricator.wikimedia.org/T259210
	NOTE: https://phabricator.wikimedia.org/T257062
	NOTE: https://www.mediawiki.org/wiki/Extension:Score/2021_security_advisory
CVE-2020-17353 (scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x ...)
	{DSA-4756-1}
	- lilypond 2.20.0-2 (bug #968993)
	NOTE: https://phabricator.wikimedia.org/T258547
	NOTE: http://git.savannah.gnu.org/gitweb/?p=lilypond.git;a=commit;h=b84ea4740f3279516905c5db05f4074e777c16ff
	NOTE: https://phabricator.wikimedia.org/T257062
	NOTE: https://www.mediawiki.org/wiki/Extension:Score/2021_security_advisory
CVE-2020-17352 (Two OS command injection vulnerabilities in the User Portal of Sophos  ...)
	NOT-FOR-US: Sophos
CVE-2020-17351
	RESERVED
CVE-2020-17350
	RESERVED
CVE-2020-17349
	RESERVED
CVE-2020-17348
	RESERVED
CVE-2020-17347
	RESERVED
CVE-2020-17346
	RESERVED
CVE-2020-17345
	RESERVED
CVE-2020-17344
	RESERVED
CVE-2020-17343
	RESERVED
CVE-2020-17342
	RESERVED
CVE-2020-17341
	RESERVED
CVE-2020-17340
	RESERVED
CVE-2020-17339
	RESERVED
CVE-2020-17338
	RESERVED
CVE-2020-17337
	RESERVED
CVE-2020-17336
	RESERVED
CVE-2020-17335
	RESERVED
CVE-2020-17334
	RESERVED
CVE-2020-17333
	RESERVED
CVE-2020-17332
	RESERVED
CVE-2020-17331
	RESERVED
CVE-2020-17330
	RESERVED
CVE-2020-17329
	RESERVED
CVE-2020-17328
	RESERVED
CVE-2020-17327
	RESERVED
CVE-2020-17326
	RESERVED
CVE-2020-17325
	RESERVED
CVE-2020-17324
	RESERVED
CVE-2020-17323
	RESERVED
CVE-2020-17322
	RESERVED
CVE-2020-17321
	RESERVED
CVE-2020-17320
	RESERVED
CVE-2020-17319
	RESERVED
CVE-2020-17318
	RESERVED
CVE-2020-17317
	RESERVED
CVE-2020-17316
	RESERVED
CVE-2020-17315
	RESERVED
CVE-2020-17314
	RESERVED
CVE-2020-17313
	RESERVED
CVE-2020-17312
	RESERVED
CVE-2020-17311
	RESERVED
CVE-2020-17310
	RESERVED
CVE-2020-17309
	RESERVED
CVE-2020-17308
	RESERVED
CVE-2020-17307
	RESERVED
CVE-2020-17306
	RESERVED
CVE-2020-17305
	RESERVED
CVE-2020-17304
	RESERVED
CVE-2020-17303
	RESERVED
CVE-2020-17302
	RESERVED
CVE-2020-17301
	RESERVED
CVE-2020-17300
	RESERVED
CVE-2020-17299
	RESERVED
CVE-2020-17298
	RESERVED
CVE-2020-17297
	RESERVED
CVE-2020-17296
	RESERVED
CVE-2020-17295
	RESERVED
CVE-2020-17294
	RESERVED
CVE-2020-17293
	RESERVED
CVE-2020-17292
	RESERVED
CVE-2020-17291
	RESERVED
CVE-2020-17290
	RESERVED
CVE-2020-17289
	RESERVED
CVE-2020-17288
	RESERVED
CVE-2020-17287
	RESERVED
CVE-2020-17286
	RESERVED
CVE-2020-17285
	RESERVED
CVE-2020-17284
	RESERVED
CVE-2020-17283
	RESERVED
CVE-2020-17282
	RESERVED
CVE-2020-17281
	RESERVED
CVE-2020-17280
	RESERVED
CVE-2020-17279
	RESERVED
CVE-2020-17278
	RESERVED
CVE-2020-17277
	RESERVED
CVE-2020-17276
	RESERVED
CVE-2020-17275
	RESERVED
CVE-2020-17274
	RESERVED
CVE-2020-17273
	RESERVED
CVE-2020-17272
	RESERVED
CVE-2020-17271
	RESERVED
CVE-2020-17270
	RESERVED
CVE-2020-17269
	RESERVED
CVE-2020-17268
	RESERVED
CVE-2020-17267
	RESERVED
CVE-2020-17266
	RESERVED
CVE-2020-17265
	RESERVED
CVE-2020-17264
	RESERVED
CVE-2020-17263
	RESERVED
CVE-2020-17262
	RESERVED
CVE-2020-17261
	RESERVED
CVE-2020-17260
	RESERVED
CVE-2020-17259
	RESERVED
CVE-2020-17258
	RESERVED
CVE-2020-17257
	RESERVED
CVE-2020-17256
	RESERVED
CVE-2020-17255
	RESERVED
CVE-2020-17254
	RESERVED
CVE-2020-17253
	RESERVED
CVE-2020-17252
	RESERVED
CVE-2020-17251
	RESERVED
CVE-2020-17250
	RESERVED
CVE-2020-17249
	RESERVED
CVE-2020-17248
	RESERVED
CVE-2020-17247
	RESERVED
CVE-2020-17246
	RESERVED
CVE-2020-17245
	RESERVED
CVE-2020-17244
	RESERVED
CVE-2020-17243
	RESERVED
CVE-2020-17242
	RESERVED
CVE-2020-17241
	RESERVED
CVE-2020-17240
	RESERVED
CVE-2020-17239
	RESERVED
CVE-2020-17238
	RESERVED
CVE-2020-17237
	RESERVED
CVE-2020-17236
	RESERVED
CVE-2020-17235
	RESERVED
CVE-2020-17234
	RESERVED
CVE-2020-17233
	RESERVED
CVE-2020-17232
	RESERVED
CVE-2020-17231
	RESERVED
CVE-2020-17230
	RESERVED
CVE-2020-17229
	RESERVED
CVE-2020-17228
	RESERVED
CVE-2020-17227
	RESERVED
CVE-2020-17226
	RESERVED
CVE-2020-17225
	RESERVED
CVE-2020-17224
	RESERVED
CVE-2020-17223
	RESERVED
CVE-2020-17222
	RESERVED
CVE-2020-17221
	RESERVED
CVE-2020-17220
	RESERVED
CVE-2020-17219
	RESERVED
CVE-2020-17218
	RESERVED
CVE-2020-17217
	RESERVED
CVE-2020-17216
	RESERVED
CVE-2020-17215
	RESERVED
CVE-2020-17214
	RESERVED
CVE-2020-17213
	RESERVED
CVE-2020-17212
	RESERVED
CVE-2020-17211
	RESERVED
CVE-2020-17210
	RESERVED
CVE-2020-17209
	RESERVED
CVE-2020-17208
	RESERVED
CVE-2020-17207
	RESERVED
CVE-2020-17206
	RESERVED
CVE-2020-17205
	RESERVED
CVE-2020-17204
	RESERVED
CVE-2020-17203
	RESERVED
CVE-2020-17202
	RESERVED
CVE-2020-17201
	RESERVED
CVE-2020-17200
	RESERVED
CVE-2020-17199
	RESERVED
CVE-2020-17198
	RESERVED
CVE-2020-17197
	RESERVED
CVE-2020-17196
	RESERVED
CVE-2020-17195
	RESERVED
CVE-2020-17194
	RESERVED
CVE-2020-17193
	RESERVED
CVE-2020-17192
	RESERVED
CVE-2020-17191
	RESERVED
CVE-2020-17190
	RESERVED
CVE-2020-17189
	RESERVED
CVE-2020-17188
	RESERVED
CVE-2020-17187
	RESERVED
CVE-2020-17186
	RESERVED
CVE-2020-17185
	RESERVED
CVE-2020-17184
	RESERVED
CVE-2020-17183
	RESERVED
CVE-2020-17182
	RESERVED
CVE-2020-17181
	RESERVED
CVE-2020-17180
	RESERVED
CVE-2020-17179
	RESERVED
CVE-2020-17178
	RESERVED
CVE-2020-17177
	RESERVED
CVE-2020-17176
	RESERVED
CVE-2020-17175
	RESERVED
CVE-2020-17174
	RESERVED
CVE-2020-17173
	RESERVED
CVE-2020-17172
	RESERVED
CVE-2020-17171
	RESERVED
CVE-2020-17170
	RESERVED
CVE-2020-17169
	RESERVED
CVE-2020-17168
	RESERVED
CVE-2020-17167
	RESERVED
CVE-2020-17166
	RESERVED
CVE-2020-17165
	RESERVED
CVE-2020-17164
	RESERVED
CVE-2020-17163
	RESERVED
CVE-2020-17162 (Microsoft Windows Security Feature Bypass Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17161
	RESERVED
CVE-2020-17160
	REJECTED
CVE-2020-17159 (Visual Studio Code Java Extension Pack Remote Code Execution Vulnerabi ...)
	NOT-FOR-US: Microsoft
CVE-2020-17158 (Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote ...)
	NOT-FOR-US: Microsoft
CVE-2020-17157
	RESERVED
CVE-2020-17156 (Visual Studio Remote Code Execution Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17155
	RESERVED
CVE-2020-17154
	RESERVED
CVE-2020-17153 (Microsoft Edge for Android Spoofing Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17152 (Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote ...)
	NOT-FOR-US: Microsoft
CVE-2020-17151
	RESERVED
CVE-2020-17150 (Visual Studio Code Remote Code Execution Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17149
	RESERVED
CVE-2020-17148 (Visual Studio Code Remote Development Extension Remote Code Execution  ...)
	NOT-FOR-US: Microsoft
CVE-2020-17147 (Dynamics CRM Webclient Cross-site Scripting Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17146
	RESERVED
CVE-2020-17145 (Azure DevOps Server and Team Foundation Services Spoofing Vulnerabilit ...)
	NOT-FOR-US: Microsoft
CVE-2020-17144 (Microsoft Exchange Remote Code Execution Vulnerability This CVE ID is  ...)
	NOT-FOR-US: Microsoft
CVE-2020-17143 (Microsoft Exchange Information Disclosure Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17142 (Microsoft Exchange Remote Code Execution Vulnerability This CVE ID is  ...)
	NOT-FOR-US: Microsoft
CVE-2020-17141 (Microsoft Exchange Remote Code Execution Vulnerability This CVE ID is  ...)
	NOT-FOR-US: Microsoft
CVE-2020-17140 (Windows SMB Information Disclosure Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17139 (Windows Overlay Filter Security Feature Bypass Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17138 (Windows Error Reporting Information Disclosure Vulnerability This CVE  ...)
	NOT-FOR-US: Microsoft
CVE-2020-17137 (DirectX Graphics Kernel Elevation of Privilege Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17136 (Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerab ...)
	NOT-FOR-US: Microsoft
CVE-2020-17135 (Azure DevOps Server Spoofing Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17134 (Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerab ...)
	NOT-FOR-US: Microsoft
CVE-2020-17133 (Microsoft Dynamics Business Central/NAV Information Disclosure ...)
	NOT-FOR-US: Microsoft
CVE-2020-17132 (Microsoft Exchange Remote Code Execution Vulnerability This CVE ID is  ...)
	NOT-FOR-US: Microsoft
CVE-2020-17131 (Chakra Scripting Engine Memory Corruption Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17130 (Microsoft Excel Security Feature Bypass Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17129 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
	NOT-FOR-US: Microsoft
CVE-2020-17128 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
	NOT-FOR-US: Microsoft
CVE-2020-17127 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
	NOT-FOR-US: Microsoft
CVE-2020-17126 (Microsoft Excel Information Disclosure Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17125 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
	NOT-FOR-US: Microsoft
CVE-2020-17124 (Microsoft PowerPoint Remote Code Execution Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17123 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
	NOT-FOR-US: Microsoft
CVE-2020-17122 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
	NOT-FOR-US: Microsoft
CVE-2020-17121 (Microsoft SharePoint Remote Code Execution Vulnerability This CVE ID i ...)
	NOT-FOR-US: Microsoft
CVE-2020-17120 (Microsoft SharePoint Information Disclosure Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17119 (Microsoft Outlook Information Disclosure Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17118 (Microsoft SharePoint Remote Code Execution Vulnerability This CVE ID i ...)
	NOT-FOR-US: Microsoft
CVE-2020-17117 (Microsoft Exchange Remote Code Execution Vulnerability This CVE ID is  ...)
	NOT-FOR-US: Microsoft
CVE-2020-17116
	RESERVED
CVE-2020-17115 (Microsoft SharePoint Spoofing Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17114
	RESERVED
CVE-2020-17113 (Windows Camera Codec Information Disclosure Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17112
	RESERVED
CVE-2020-17111
	RESERVED
CVE-2020-17110 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID  ...)
	NOT-FOR-US: Microsoft
CVE-2020-17109 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID  ...)
	NOT-FOR-US: Microsoft
CVE-2020-17108 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID  ...)
	NOT-FOR-US: Microsoft
CVE-2020-17107 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID  ...)
	NOT-FOR-US: Microsoft
CVE-2020-17106 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID  ...)
	NOT-FOR-US: Microsoft
CVE-2020-17105 (AV1 Video Extension Remote Code Execution Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17104 (Visual Studio Code JSHint Extension Remote Code Execution Vulnerabilit ...)
	NOT-FOR-US: Microsoft
CVE-2020-17103 (Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerab ...)
	NOT-FOR-US: Microsoft
CVE-2020-17102 (WebP Image Extensions Information Disclosure Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17101 (HEIF Image Extensions Remote Code Execution Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17100 (Visual Studio Tampering Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17099 (Windows Lock Screen Security Feature Bypass Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17098 (Windows GDI+ Information Disclosure Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17097 (Windows Digital Media Receiver Elevation of Privilege Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17096 (Windows NTFS Remote Code Execution Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17095 (Hyper-V Remote Code Execution Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17094 (Windows Error Reporting Information Disclosure Vulnerability This CVE  ...)
	NOT-FOR-US: Microsoft
CVE-2020-17093
	RESERVED
CVE-2020-17092 (Windows Network Connections Service Elevation of Privilege Vulnerabili ...)
	NOT-FOR-US: Microsoft
CVE-2020-17091 (Microsoft Teams Remote Code Execution Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17090 (Microsoft Defender for Endpoint Security Feature Bypass Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17089 (Microsoft SharePoint Elevation of Privilege Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17088 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
	NOT-FOR-US: Microsoft
CVE-2020-17087 (Windows Kernel Local Elevation of Privilege Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17086 (Raw Image Extension Remote Code Execution Vulnerability This CVE ID is ...)
	NOT-FOR-US: Microsoft
CVE-2020-17085 (Microsoft Exchange Server Denial of Service Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17084 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
	NOT-FOR-US: Microsoft
CVE-2020-17083 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
	NOT-FOR-US: Microsoft
CVE-2020-17082 (Raw Image Extension Remote Code Execution Vulnerability This CVE ID is ...)
	NOT-FOR-US: Microsoft
CVE-2020-17081 (Microsoft Raw Image Extension Information Disclosure Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17080
	RESERVED
CVE-2020-17079 (Raw Image Extension Remote Code Execution Vulnerability This CVE ID is ...)
	NOT-FOR-US: Microsoft
CVE-2020-17078 (Raw Image Extension Remote Code Execution Vulnerability This CVE ID is ...)
	NOT-FOR-US: Microsoft
CVE-2020-17077 (Windows Update Stack Elevation of Privilege Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17076 (Windows Update Orchestrator Service Elevation of Privilege Vulnerabili ...)
	NOT-FOR-US: Microsoft
CVE-2020-17075 (Windows USO Core Worker Elevation of Privilege Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17074 (Windows Update Orchestrator Service Elevation of Privilege Vulnerabili ...)
	NOT-FOR-US: Microsoft
CVE-2020-17073 (Windows Update Orchestrator Service Elevation of Privilege Vulnerabili ...)
	NOT-FOR-US: Microsoft
CVE-2020-17072
	RESERVED
CVE-2020-17071 (Windows Delivery Optimization Information Disclosure Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17070 (Windows Update Medic Service Elevation of Privilege Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17069 (Windows NDIS Information Disclosure Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17068 (Windows GDI+ Remote Code Execution Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17067 (Microsoft Excel Security Feature Bypass Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17066 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
	NOT-FOR-US: Microsoft
CVE-2020-17065 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
	NOT-FOR-US: Microsoft
CVE-2020-17064 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
	NOT-FOR-US: Microsoft
CVE-2020-17063 (Microsoft Office Online Spoofing Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17062 (Microsoft Office Access Connectivity Engine Remote Code Execution Vuln ...)
	NOT-FOR-US: Microsoft
CVE-2020-17061 (Microsoft SharePoint Remote Code Execution Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17060 (Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from ...)
	NOT-FOR-US: Microsoft
CVE-2020-17059
	RESERVED
CVE-2020-17058 (Microsoft Browser Memory Corruption Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17057 (Windows Win32k Elevation of Privilege Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17056 (Windows Network File System Information Disclosure Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17055 (Windows Remote Access Elevation of Privilege Vulnerability This CVE ID ...)
	NOT-FOR-US: Microsoft
CVE-2020-17054 (Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is ...)
	NOT-FOR-US: Microsoft
CVE-2020-17053 (Internet Explorer Memory Corruption Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17052 (Scripting Engine Memory Corruption Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17051 (Windows Network File System Remote Code Execution Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17050
	RESERVED
CVE-2020-17049 (Kerberos Security Feature Bypass Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17048 (Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is ...)
	NOT-FOR-US: Microsoft
CVE-2020-17047 (Windows Network File System Denial of Service Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17046 (Windows Error Reporting Denial of Service Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17045 (Windows KernelStream Information Disclosure Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17044 (Windows Remote Access Elevation of Privilege Vulnerability This CVE ID ...)
	NOT-FOR-US: Microsoft
CVE-2020-17043 (Windows Remote Access Elevation of Privilege Vulnerability This CVE ID ...)
	NOT-FOR-US: Microsoft
CVE-2020-17042 (Windows Print Spooler Remote Code Execution Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17041 (Windows Print Configuration Elevation of Privilege Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17040 (Windows Hyper-V Security Feature Bypass Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17039
	RESERVED
CVE-2020-17038 (Win32k Elevation of Privilege Vulnerability This CVE ID is unique from ...)
	NOT-FOR-US: Microsoft
CVE-2020-17037 (Windows WalletService Elevation of Privilege Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17036 (Windows Function Discovery SSDP Provider Information Disclosure Vulner ...)
	NOT-FOR-US: Microsoft
CVE-2020-17035 (Windows Kernel Elevation of Privilege Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17034 (Windows Remote Access Elevation of Privilege Vulnerability This CVE ID ...)
	NOT-FOR-US: Microsoft
CVE-2020-17033 (Windows Remote Access Elevation of Privilege Vulnerability This CVE ID ...)
	NOT-FOR-US: Microsoft
CVE-2020-17032 (Windows Remote Access Elevation of Privilege Vulnerability This CVE ID ...)
	NOT-FOR-US: Microsoft
CVE-2020-17031 (Windows Remote Access Elevation of Privilege Vulnerability This CVE ID ...)
	NOT-FOR-US: Microsoft
CVE-2020-17030 (Windows MSCTF Server Information Disclosure Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17029 (Windows Canonical Display Driver Information Disclosure Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17028 (Windows Remote Access Elevation of Privilege Vulnerability This CVE ID ...)
	NOT-FOR-US: Microsoft
CVE-2020-17027 (Windows Remote Access Elevation of Privilege Vulnerability This CVE ID ...)
	NOT-FOR-US: Microsoft
CVE-2020-17026 (Windows Remote Access Elevation of Privilege Vulnerability This CVE ID ...)
	NOT-FOR-US: Microsoft
CVE-2020-17025 (Windows Remote Access Elevation of Privilege Vulnerability This CVE ID ...)
	NOT-FOR-US: Microsoft
CVE-2020-17024 (Windows Client Side Rendering Print Provider Elevation of Privilege Vu ...)
	NOT-FOR-US: Microsoft
CVE-2020-17023 (A remote code execution vulnerability exists in Visual Studio Code whe ...)
	NOT-FOR-US: Microsoft
CVE-2020-17022 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2020-17021 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerabilit ...)
	NOT-FOR-US: Microsoft
CVE-2020-17020 (Microsoft Word Security Feature Bypass Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17019 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
	NOT-FOR-US: Microsoft
CVE-2020-17018 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerabilit ...)
	NOT-FOR-US: Microsoft
CVE-2020-17017 (Microsoft SharePoint Information Disclosure Vulnerability This CVE ID  ...)
	NOT-FOR-US: Microsoft
CVE-2020-17016 (Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from ...)
	NOT-FOR-US: Microsoft
CVE-2020-17015 (Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from ...)
	NOT-FOR-US: Microsoft
CVE-2020-17014 (Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID ...)
	NOT-FOR-US: Microsoft
CVE-2020-17013 (Win32k Information Disclosure Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17012 (Windows Bind Filter Driver Elevation of Privilege Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17011 (Windows Port Class Library Elevation of Privilege Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17010 (Win32k Elevation of Privilege Vulnerability This CVE ID is unique from ...)
	NOT-FOR-US: Microsoft
CVE-2020-17009
	RESERVED
CVE-2020-17008
	RESERVED
CVE-2020-17007 (Windows Error Reporting Elevation of Privilege Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17006 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerabilit ...)
	NOT-FOR-US: Microsoft
CVE-2020-17005 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerabilit ...)
	NOT-FOR-US: Microsoft
CVE-2020-17004 (Windows Graphics Component Information Disclosure Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17003 (A remote code execution vulnerability exists when the Base3D rendering ...)
	NOT-FOR-US: Microsoft
CVE-2020-17002 (Azure SDK for C Security Feature Bypass Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-17001 (Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID ...)
	NOT-FOR-US: Microsoft
CVE-2020-17000 (Remote Desktop Protocol Client Information Disclosure Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-16999 (Windows WalletService Information Disclosure Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-16998 (DirectX Elevation of Privilege Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-16997 (Remote Desktop Protocol Server Information Disclosure Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-16996 (Kerberos Security Feature Bypass Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-16995 (An elevation of privilege vulnerability exists in Network Watcher Agen ...)
	NOT-FOR-US: Microsoft
CVE-2020-16994 (Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is uniq ...)
	NOT-FOR-US: Microsoft
CVE-2020-16993 (Azure Sphere Elevation of Privilege Vulnerability This CVE ID is uniqu ...)
	NOT-FOR-US: Microsoft
CVE-2020-16992 (Azure Sphere Elevation of Privilege Vulnerability This CVE ID is uniqu ...)
	NOT-FOR-US: Microsoft
CVE-2020-16991 (Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is uniq ...)
	NOT-FOR-US: Microsoft
CVE-2020-16990 (Azure Sphere Information Disclosure Vulnerability This CVE ID is uniqu ...)
	NOT-FOR-US: Microsoft
CVE-2020-16989 (Azure Sphere Elevation of Privilege Vulnerability This CVE ID is uniqu ...)
	NOT-FOR-US: Microsoft
CVE-2020-16988 (Azure Sphere Elevation of Privilege Vulnerability This CVE ID is uniqu ...)
	NOT-FOR-US: Microsoft
CVE-2020-16987 (Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is uniq ...)
	NOT-FOR-US: Microsoft
CVE-2020-16986 (Azure Sphere Denial of Service Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-16985 (Azure Sphere Information Disclosure Vulnerability This CVE ID is uniqu ...)
	NOT-FOR-US: Microsoft
CVE-2020-16984 (Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is uniq ...)
	NOT-FOR-US: Microsoft
CVE-2020-16983 (Azure Sphere Tampering Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-16982 (Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is uniq ...)
	NOT-FOR-US: Microsoft
CVE-2020-16981 (Azure Sphere Elevation of Privilege Vulnerability This CVE ID is uniqu ...)
	NOT-FOR-US: Microsoft
CVE-2020-16980 (An elevation of privilege vulnerability exists when the Windows iSCSI  ...)
	NOT-FOR-US: Microsoft
CVE-2020-16979 (Microsoft SharePoint Information Disclosure Vulnerability This CVE ID  ...)
	NOT-FOR-US: Microsoft
CVE-2020-16978 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
	NOT-FOR-US: Microsoft
CVE-2020-16977 (A remote code execution vulnerability exists in Visual Studio Code whe ...)
	NOT-FOR-US: Microsoft
CVE-2020-16976 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-16975 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-16974 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-16973 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-16972 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-16971 (Azure SDK for Java Security Feature Bypass Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-16970 (Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is uniq ...)
	NOT-FOR-US: Microsoft
CVE-2020-16969 (An information disclosure vulnerability exists in how Microsoft Exchan ...)
	NOT-FOR-US: Microsoft
CVE-2020-16968 (A remote code execution vulnerability exists when the Windows Camera C ...)
	NOT-FOR-US: Microsoft
CVE-2020-16967 (A remote code execution vulnerability exists when the Windows Camera C ...)
	NOT-FOR-US: Microsoft
CVE-2020-16966
	RESERVED
CVE-2020-16965
	RESERVED
CVE-2020-16964 (Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID ...)
	NOT-FOR-US: Microsoft
CVE-2020-16963 (Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID ...)
	NOT-FOR-US: Microsoft
CVE-2020-16962 (Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID ...)
	NOT-FOR-US: Microsoft
CVE-2020-16961 (Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID ...)
	NOT-FOR-US: Microsoft
CVE-2020-16960 (Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID ...)
	NOT-FOR-US: Microsoft
CVE-2020-16959 (Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID ...)
	NOT-FOR-US: Microsoft
CVE-2020-16958 (Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID ...)
	NOT-FOR-US: Microsoft
CVE-2020-16957 (A remote code execution vulnerability exists when the Microsoft Office ...)
	NOT-FOR-US: Microsoft
CVE-2020-16956 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
	NOT-FOR-US: Microsoft
CVE-2020-16955 (An elevation of privilege vulnerability exists in the way that Microso ...)
	NOT-FOR-US: Microsoft
CVE-2020-16954 (A remote code execution vulnerability exists in Microsoft Office softw ...)
	NOT-FOR-US: Microsoft
CVE-2020-16953 (An information disclosure vulnerability exists when Microsoft SharePoi ...)
	NOT-FOR-US: Microsoft
CVE-2020-16952 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2020-16951 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2020-16950 (An information disclosure vulnerability exists when Microsoft SharePoi ...)
	NOT-FOR-US: Microsoft
CVE-2020-16949 (A denial of service vulnerability exists in Microsoft Outlook software ...)
	NOT-FOR-US: Microsoft
CVE-2020-16948 (An information disclosure vulnerability exists when Microsoft SharePoi ...)
	NOT-FOR-US: Microsoft
CVE-2020-16947 (A remote code execution vulnerability exists in Microsoft Outlook soft ...)
	NOT-FOR-US: Microsoft
CVE-2020-16946 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-16945 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-16944 (This vulnerability is caused when SharePoint Server does not properly  ...)
	NOT-FOR-US: Microsoft
CVE-2020-16943 (An elevation of privilege vulnerability exists in Microsoft Dynamics 3 ...)
	NOT-FOR-US: Microsoft
CVE-2020-16942 (An information disclosure vulnerability exists when Microsoft SharePoi ...)
	NOT-FOR-US: Microsoft
CVE-2020-16941 (An information disclosure vulnerability exists when Microsoft SharePoi ...)
	NOT-FOR-US: Microsoft
CVE-2020-16940 (An elevation of privilege vulnerability exists when the Windows User P ...)
	NOT-FOR-US: Microsoft
CVE-2020-16939 (An elevation of privilege vulnerability exists when Group Policy impro ...)
	NOT-FOR-US: Microsoft
CVE-2020-16938 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-16937 (An information disclosure vulnerability exists when the .NET Framework ...)
	- dotnet-core-3.1 <itp> (bug #968921)
CVE-2020-16936 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-16935 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-16934 (An elevation of privilege vulnerability exists in the way that Microso ...)
	NOT-FOR-US: Microsoft
CVE-2020-16933 (A security feature bypass vulnerability exists in Microsoft Word softw ...)
	NOT-FOR-US: Microsoft
CVE-2020-16932 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-16931 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-16930 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-16929 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-16928 (An elevation of privilege vulnerability exists in the way that Microso ...)
	NOT-FOR-US: Microsoft
CVE-2020-16927 (A denial of service vulnerability exists in Remote Desktop Protocol (R ...)
	NOT-FOR-US: Microsoft
CVE-2020-16926
	RESERVED
CVE-2020-16925
	RESERVED
CVE-2020-16924 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-16923 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2020-16922 (A spoofing vulnerability exists when Windows incorrectly validates fil ...)
	NOT-FOR-US: Microsoft
CVE-2020-16921 (An information disclosure vulnerability exists in Text Services Framew ...)
	NOT-FOR-US: Microsoft
CVE-2020-16920 (An elevation of privilege vulnerability exists when the Windows Applic ...)
	NOT-FOR-US: Microsoft
CVE-2020-16919 (An information disclosure vulnerability exists when the Windows Enterp ...)
	NOT-FOR-US: Microsoft
CVE-2020-16918 (A remote code execution vulnerability exists when the Base3D rendering ...)
	NOT-FOR-US: Microsoft
CVE-2020-16917
	RESERVED
CVE-2020-16916 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-16915 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-16914 (An information disclosure vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-16913 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-16912 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-16911 (A remote code execution vulnerability exists in the way that the Windo ...)
	NOT-FOR-US: Microsoft
CVE-2020-16910 (A security feature bypass vulnerability exists when Microsoft Windows  ...)
	NOT-FOR-US: Microsoft
CVE-2020-16909 (An elevation of privilege vulnerability exists in Windows Error Report ...)
	NOT-FOR-US: Microsoft
CVE-2020-16908 (An elevation of privilege vulnerability exists in Windows Setup in the ...)
	NOT-FOR-US: Microsoft
CVE-2020-16907 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-16906
	RESERVED
CVE-2020-16905 (An elevation of privilege vulnerability exists in Windows Error Report ...)
	NOT-FOR-US: Microsoft
CVE-2020-16904 (An elevation of privilege vulnerability exists in the way Azure Functi ...)
	NOT-FOR-US: Microsoft
CVE-2020-16903
	RESERVED
CVE-2020-16902 (An elevation of privilege vulnerability exists in the Windows Installe ...)
	NOT-FOR-US: Microsoft
CVE-2020-16901 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-16900 (An elevation of privilege vulnerability exists when the Windows Event  ...)
	NOT-FOR-US: Microsoft
CVE-2020-16899 (A denial of service vulnerability exists when the Windows TCP/IP stack ...)
	NOT-FOR-US: Microsoft
CVE-2020-16898 (A remote code execution vulnerability exists when the Windows TCP/IP s ...)
	NOT-FOR-US: Microsoft
CVE-2020-16897 (An information disclosure vulnerability exists when NetBIOS over TCP ( ...)
	NOT-FOR-US: Microsoft
CVE-2020-16896 (An information disclosure vulnerability exists in Remote Desktop Proto ...)
	NOT-FOR-US: Microsoft
CVE-2020-16895 (An elevation of privilege vulnerability exists when Windows Error Repo ...)
	NOT-FOR-US: Microsoft
CVE-2020-16894 (A remote code execution vulnerability exists when Windows Network Addr ...)
	NOT-FOR-US: Microsoft
CVE-2020-16893
	RESERVED
CVE-2020-16892 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-16891 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
	NOT-FOR-US: Microsoft
CVE-2020-16890 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-16889 (An information disclosure vulnerability exists when the Windows Kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-16888
	RESERVED
CVE-2020-16887 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-16886 (A security feature bypass vulnerability exists in the PowerShellGet V2 ...)
	NOT-FOR-US: Microsoft
CVE-2020-16885 (An elevation of privilege vulnerability exists when the Windows Storag ...)
	NOT-FOR-US: Microsoft
CVE-2020-16884 (A remote code execution vulnerability exists in the way that the IEToE ...)
	NOT-FOR-US: IEToEdge Browser Helper Object (BHO) plugin on Internet Explorer
CVE-2020-16883
	RESERVED
CVE-2020-16882
	RESERVED
CVE-2020-16881 (A remote code execution vulnerability exists in Visual Studio Code whe ...)
	NOT-FOR-US: Microsoft
CVE-2020-16880
	RESERVED
CVE-2020-16879 (An information disclosure vulnerability exists when a Windows Projecte ...)
	NOT-FOR-US: Microsoft
CVE-2020-16878 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
	NOT-FOR-US: Microsoft
CVE-2020-16877 (An elevation of privilege vulnerability exists when Microsoft Windows  ...)
	NOT-FOR-US: Microsoft
CVE-2020-16876 (An elevation of privilege vulnerability exists when the Windows Applic ...)
	NOT-FOR-US: Microsoft
CVE-2020-16875 (A remote code execution vulnerability exists in Microsoft Exchange ser ...)
	NOT-FOR-US: Microsoft
CVE-2020-16874 (A remote code execution vulnerability exists in Visual Studio when it  ...)
	NOT-FOR-US: Microsoft
CVE-2020-16873 (A spoofing vulnerability manifests in Microsoft Xamarin.Forms due to t ...)
	NOT-FOR-US: Microsoft
CVE-2020-16872 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
	NOT-FOR-US: Microsoft
CVE-2020-16871 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
	NOT-FOR-US: Microsoft
CVE-2020-16870
	RESERVED
CVE-2020-16869
	RESERVED
CVE-2020-16868
	RESERVED
CVE-2020-16867
	RESERVED
CVE-2020-16866
	RESERVED
CVE-2020-16865
	RESERVED
CVE-2020-16864 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
	NOT-FOR-US: Microsoft
CVE-2020-16863 (A denial of service vulnerability exists in Windows Remote Desktop Ser ...)
	NOT-FOR-US: Microsoft
CVE-2020-16862 (A remote code execution vulnerability exists in Microsoft Dynamics 365 ...)
	NOT-FOR-US: Microsoft
CVE-2020-16861 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
	NOT-FOR-US: Microsoft
CVE-2020-16860 (A remote code execution vulnerability exists in Microsoft Dynamics 365 ...)
	NOT-FOR-US: Microsoft
CVE-2020-16859 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
	NOT-FOR-US: Microsoft
CVE-2020-16858 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
	NOT-FOR-US: Microsoft
CVE-2020-16857 (A remote code execution vulnerability exists in Microsoft Dynamics 365 ...)
	NOT-FOR-US: Microsoft
CVE-2020-16856 (A remote code execution vulnerability exists in Visual Studio when it  ...)
	NOT-FOR-US: Microsoft
CVE-2020-16855 (An information disclosure vulnerability exists when Microsoft Office s ...)
	NOT-FOR-US: Microsoft
CVE-2020-16854 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-16853 (An elevation of privilege vulnerability exists when the OneDrive for W ...)
	NOT-FOR-US: Microsoft
CVE-2020-16852 (An elevation of privilege vulnerability exists when the OneDrive for W ...)
	NOT-FOR-US: Microsoft
CVE-2020-16851 (An elevation of privilege vulnerability exists when the OneDrive for W ...)
	NOT-FOR-US: Microsoft
CVE-2020-16850 (Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthent ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-16849 (An issue was discovered on Canon MF237w 06.07 devices. An "Improper Ha ...)
	NOT-FOR-US: Canon
CVE-2020-16848
	RESERVED
CVE-2020-16847 (Extreme Analytics in Extreme Management Center before 8.5.0.169 allows ...)
	NOT-FOR-US: Extreme Management Center
CVE-2020-16846 (An issue was discovered in SaltStack Salt through 3002. Sending crafte ...)
	{DSA-4837-1 DLA-2480-1}
	- salt 3002.1+dfsg1-1
	NOTE: https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/
	NOTE: https://gitlab.com/saltstack/open/salt-patches/tree/master/patches/2020/09/02/
	NOTE: Regression: https://github.com/saltstack/salt/issues/58970
	NOTE: Regression fix: https://github.com/saltstack/salt/commit/84d91931865626a9b53558f88d6c8919a270df3a (v3000.6)
CVE-2020-16845 (Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loo ...)
	{DSA-4848-1 DLA-2460-1 DLA-2459-1}
	- golang-1.15 1.15~rc2-1
	- golang-1.14 1.14.7-1
	- golang-1.11 <removed>
	- golang-1.8 <removed>
	- golang-1.7 <removed>
	NOTE: https://groups.google.com/forum/#!topic/golang-announce/NyPIaucMgXo
	NOTE: https://github.com/golang/go/issues/40618
	NOTE: Fixed in 1.15~rc2, 1.14.7, 1.13.15
CVE-2020-16844 (In Istio 1.5.0 though 1.5.8 and Istio 1.6.0 through 1.6.7, when users  ...)
	NOT-FOR-US: Istio
CVE-2020-16843 (In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the netw ...)
	NOT-FOR-US: Firecracker
CVE-2020-16842
	RESERVED
CVE-2020-16841
	RESERVED
CVE-2020-16840
	RESERVED
CVE-2020-16839 (On Crestron DM-NVX-DIR, DM-NVX-DIR80, and DM-NVX-ENT devices before th ...)
	NOT-FOR-US: Crestron
CVE-2020-16838
	RESERVED
CVE-2020-16837
	RESERVED
CVE-2020-16836
	REJECTED
CVE-2020-16835
	REJECTED
CVE-2020-16834
	REJECTED
CVE-2020-16833
	REJECTED
CVE-2020-16832
	REJECTED
CVE-2020-16831
	REJECTED
CVE-2020-16830
	REJECTED
CVE-2020-16829
	REJECTED
CVE-2020-16828
	REJECTED
CVE-2020-16827
	REJECTED
CVE-2020-16826
	REJECTED
CVE-2020-16825
	REJECTED
CVE-2020-16824
	REJECTED
CVE-2020-16823
	REJECTED
CVE-2020-16822
	REJECTED
CVE-2020-16821
	REJECTED
CVE-2020-16820
	REJECTED
CVE-2020-16819
	REJECTED
CVE-2020-16818
	REJECTED
CVE-2020-16817
	REJECTED
CVE-2020-16816
	REJECTED
CVE-2020-16815
	REJECTED
CVE-2020-16814
	REJECTED
CVE-2020-16813
	REJECTED
CVE-2020-16812
	REJECTED
CVE-2020-16811
	REJECTED
CVE-2020-16810
	REJECTED
CVE-2020-16809
	REJECTED
CVE-2020-16808
	REJECTED
CVE-2020-16807
	REJECTED
CVE-2020-16806
	REJECTED
CVE-2020-16805
	REJECTED
CVE-2020-16804
	REJECTED
CVE-2020-16803
	REJECTED
CVE-2020-16802
	REJECTED
CVE-2020-16801
	REJECTED
CVE-2020-16800
	REJECTED
CVE-2020-16799
	REJECTED
CVE-2020-16798
	REJECTED
CVE-2020-16797
	REJECTED
CVE-2020-16796
	REJECTED
CVE-2020-16795
	REJECTED
CVE-2020-16794
	REJECTED
CVE-2020-16793
	REJECTED
CVE-2020-16792
	REJECTED
CVE-2020-16791
	REJECTED
CVE-2020-16790
	REJECTED
CVE-2020-16789
	REJECTED
CVE-2020-16788
	REJECTED
CVE-2020-16787
	REJECTED
CVE-2020-16786
	REJECTED
CVE-2020-16785
	REJECTED
CVE-2020-16784
	REJECTED
CVE-2020-16783
	REJECTED
CVE-2020-16782
	REJECTED
CVE-2020-16781
	REJECTED
CVE-2020-16780
	REJECTED
CVE-2020-16779
	REJECTED
CVE-2020-16778
	REJECTED
CVE-2020-16777
	REJECTED
CVE-2020-16776
	REJECTED
CVE-2020-16775
	REJECTED
CVE-2020-16774
	REJECTED
CVE-2020-16773
	REJECTED
CVE-2020-16772
	REJECTED
CVE-2020-16771
	REJECTED
CVE-2020-16770
	REJECTED
CVE-2020-16769
	REJECTED
CVE-2020-16768
	REJECTED
CVE-2020-16767
	REJECTED
CVE-2020-16766
	REJECTED
CVE-2020-16765
	REJECTED
CVE-2020-16764
	REJECTED
CVE-2020-16763
	REJECTED
CVE-2020-16762
	REJECTED
CVE-2020-16761
	REJECTED
CVE-2020-16760
	REJECTED
CVE-2020-16759
	REJECTED
CVE-2020-16758
	REJECTED
CVE-2020-16757
	REJECTED
CVE-2020-16756
	REJECTED
CVE-2020-16755
	REJECTED
CVE-2020-16754
	REJECTED
CVE-2020-16753
	REJECTED
CVE-2020-16752
	REJECTED
CVE-2020-16751
	REJECTED
CVE-2020-16750
	REJECTED
CVE-2020-16749
	REJECTED
CVE-2020-16748
	REJECTED
CVE-2020-16747
	REJECTED
CVE-2020-16746
	REJECTED
CVE-2020-16745
	REJECTED
CVE-2020-16744
	REJECTED
CVE-2020-16743
	REJECTED
CVE-2020-16742
	REJECTED
CVE-2020-16741
	REJECTED
CVE-2020-16740
	REJECTED
CVE-2020-16739
	REJECTED
CVE-2020-16738
	REJECTED
CVE-2020-16737
	REJECTED
CVE-2020-16736
	REJECTED
CVE-2020-16735
	REJECTED
CVE-2020-16734
	REJECTED
CVE-2020-16733
	REJECTED
CVE-2020-16732
	REJECTED
CVE-2020-16731
	REJECTED
CVE-2020-16730
	REJECTED
CVE-2020-16729
	REJECTED
CVE-2020-16728
	REJECTED
CVE-2020-16727
	REJECTED
CVE-2020-16726
	REJECTED
CVE-2020-16725
	REJECTED
CVE-2020-16724
	REJECTED
CVE-2020-16723
	REJECTED
CVE-2020-16722
	REJECTED
CVE-2020-16721
	REJECTED
CVE-2020-16720
	REJECTED
CVE-2020-16719
	REJECTED
CVE-2020-16718
	REJECTED
CVE-2020-16717
	REJECTED
CVE-2020-16716
	REJECTED
CVE-2020-16715
	REJECTED
CVE-2020-16714
	REJECTED
CVE-2020-16713
	REJECTED
CVE-2020-16712
	REJECTED
CVE-2020-16711
	REJECTED
CVE-2020-16710
	REJECTED
CVE-2020-16709
	REJECTED
CVE-2020-16708
	REJECTED
CVE-2020-16707
	REJECTED
CVE-2020-16706
	REJECTED
CVE-2020-16705
	REJECTED
CVE-2020-16704
	REJECTED
CVE-2020-16703
	REJECTED
CVE-2020-16702
	REJECTED
CVE-2020-16701
	REJECTED
CVE-2020-16700
	REJECTED
CVE-2020-16699
	REJECTED
CVE-2020-16698
	REJECTED
CVE-2020-16697
	REJECTED
CVE-2020-16696
	REJECTED
CVE-2020-16695
	REJECTED
CVE-2020-16694
	REJECTED
CVE-2020-16693
	REJECTED
CVE-2020-16692
	REJECTED
CVE-2020-16691
	REJECTED
CVE-2020-16690
	REJECTED
CVE-2020-16689
	REJECTED
CVE-2020-16688
	REJECTED
CVE-2020-16687
	REJECTED
CVE-2020-16686
	REJECTED
CVE-2020-16685
	REJECTED
CVE-2020-16684
	REJECTED
CVE-2020-16683
	REJECTED
CVE-2020-16682
	REJECTED
CVE-2020-16681
	REJECTED
CVE-2020-16680
	REJECTED
CVE-2020-16679
	REJECTED
CVE-2020-16678
	REJECTED
CVE-2020-16677
	REJECTED
CVE-2020-16676
	REJECTED
CVE-2020-16675
	REJECTED
CVE-2020-16674
	REJECTED
CVE-2020-16673
	REJECTED
CVE-2020-16672
	REJECTED
CVE-2020-16671
	REJECTED
CVE-2020-16670
	REJECTED
CVE-2020-16669
	REJECTED
CVE-2020-16668
	REJECTED
CVE-2020-16667
	REJECTED
CVE-2020-16666
	REJECTED
CVE-2020-16665
	REJECTED
CVE-2020-16664
	REJECTED
CVE-2020-16663
	REJECTED
CVE-2020-16662
	REJECTED
CVE-2020-16661
	REJECTED
CVE-2020-16660
	REJECTED
CVE-2020-16659
	REJECTED
CVE-2020-16658
	REJECTED
CVE-2020-16657
	REJECTED
CVE-2020-16656
	REJECTED
CVE-2020-16655
	REJECTED
CVE-2020-16654
	REJECTED
CVE-2020-16653
	REJECTED
CVE-2020-16652
	REJECTED
CVE-2020-16651
	REJECTED
CVE-2020-16650
	REJECTED
CVE-2020-16649
	REJECTED
CVE-2020-16648
	REJECTED
CVE-2020-16647
	REJECTED
CVE-2020-16646
	REJECTED
CVE-2020-16645
	REJECTED
CVE-2020-16644
	REJECTED
CVE-2020-16643
	REJECTED
CVE-2020-16642
	REJECTED
CVE-2020-16641
	REJECTED
CVE-2020-16640
	REJECTED
CVE-2020-16639
	REJECTED
CVE-2020-16638
	REJECTED
CVE-2020-16637
	REJECTED
CVE-2020-16636
	REJECTED
CVE-2020-16635
	RESERVED
CVE-2020-16634
	RESERVED
CVE-2020-16633
	RESERVED
CVE-2020-16632 (A XSS Vulnerability in /uploads/dede/action_search.php in DedeCMS V5.7 ...)
	NOT-FOR-US: DedeCMS
CVE-2020-16631
	RESERVED
CVE-2020-16630 (TI&#8217;s BLE stack caches and reuses the LTK&#8217;s property for a  ...)
	NOT-FOR-US: Texas Instruments
CVE-2020-16629 (PhpOK 5.4.137 contains a SQL injection vulnerability that can inject a ...)
	NOT-FOR-US: PhpOK
CVE-2020-16628
	RESERVED
CVE-2020-16627
	RESERVED
CVE-2020-16626
	RESERVED
CVE-2020-16625
	RESERVED
CVE-2020-16624
	RESERVED
CVE-2020-16623
	RESERVED
CVE-2020-16622
	RESERVED
CVE-2020-16621
	RESERVED
CVE-2020-16620
	RESERVED
CVE-2020-16619
	RESERVED
CVE-2020-16618
	RESERVED
CVE-2020-16617
	RESERVED
CVE-2020-16616
	RESERVED
CVE-2020-16615
	RESERVED
CVE-2020-16614
	RESERVED
CVE-2020-16613
	RESERVED
CVE-2020-16612
	RESERVED
CVE-2020-16611
	RESERVED
CVE-2020-16610 (Hoosk Codeigniter CMS before 1.7.2 is affected by a Cross Site Request ...)
	NOT-FOR-US: Hoosk Codeigniter CMS
CVE-2020-16609
	RESERVED
CVE-2020-16608 (Notable 1.8.4 allows XSS via crafted Markdown text, with resultant rem ...)
	NOT-FOR-US: Notable
CVE-2020-16607
	RESERVED
CVE-2020-16606
	RESERVED
CVE-2020-16605
	RESERVED
CVE-2020-16604
	RESERVED
CVE-2020-16603
	RESERVED
CVE-2020-16602 (Razer Chroma SDK Rest Server through 3.12.17 allows remote attackers t ...)
	NOT-FOR-US: Razer Chroma SDK Rest Server
CVE-2020-16601
	RESERVED
CVE-2020-16600 (A Use After Free vulnerability exists in Artifex Software, Inc. MuPDF  ...)
	- mupdf 1.17.0+ds1-1 (bug #989526)
	[buster] - mupdf 1.14.0+ds1-4+deb10u3
	[stretch] - mupdf <not-affected> (Vulnerable code not present)
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=702253
	NOTE: http://git.ghostscript.com/?p=mupdf.git;h=96751b25462f83d6e16a9afaf8980b0c3f979c8b
CVE-2020-16599 (A Null Pointer Dereference vulnerability exists in the Binary File Des ...)
	- binutils 2.35-1 (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25842
	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8d55d10ac0d112c586eaceb92e75bd9b80aadcc4
	NOTE: binutils not covered by security support
CVE-2020-16598
	REJECTED
CVE-2020-16597
	RESERVED
CVE-2020-16596
	RESERVED
CVE-2020-16595
	RESERVED
CVE-2020-16594
	RESERVED
CVE-2020-16593 (A Null Pointer Dereference vulnerability exists in the Binary File Des ...)
	- binutils 2.35-1 (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25827
	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=aec72fda3b320c36eb99fc1c4cf95b10fc026729
	NOTE: binutils not covered by security support
CVE-2020-16592 (A use after free issue exists in the Binary File Descriptor (BFD) libr ...)
	- binutils 2.35-1 (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25823
	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7ecb51549ab1ec22aba5aaf34b70323cf0b8509a
	NOTE: binutils not covered by security support
CVE-2020-16591 (A Denial of Service vulnerability exists in the Binary File Descriptor ...)
	- binutils 2.35-1 (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25822
	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=001890e1f9269697f7e0212430a51479271bdab2
	NOTE: binutils not covered by security support
CVE-2020-16590 (A double free vulnerability exists in the Binary File Descriptor (BFD) ...)
	- binutils 2.35-1 (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25821
	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c98a4545dc7bf2bcaf1de539c4eb84784680eaa4
	NOTE: binutils not covered by security support
CVE-2020-16589 (A head-based buffer overflow exists in Academy Software Foundation Ope ...)
	{DLA-2491-1}
	- openexr 2.5.3-2
	[buster] - openexr <no-dsa> (Minor issue)
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/6bb36714528a9563dd3b92720c5063a1284b86f8 (v2.4.0-beta.1)
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/issues/494
CVE-2020-16588 (A Null Pointer Deference issue exists in Academy Software Foundation O ...)
	{DLA-2491-1}
	- openexr 2.5.3-2
	[buster] - openexr <no-dsa> (Minor issue)
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/74504503cff86e986bac441213c403b0ba28d58f (v2.4.0-beta.1)
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/issues/493
CVE-2020-16587 (A heap-based buffer overflow vulnerability exists in Academy Software  ...)
	{DLA-2701-1}
	- openexr 2.5.3-2
	[buster] - openexr <no-dsa> (Minor issue)
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/8b5370c688a7362673c3a5256d93695617a4cd9a (v2.4.0-beta.1)
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/issues/491
CVE-2020-16586
	RESERVED
CVE-2020-16585
	RESERVED
CVE-2020-16584
	RESERVED
CVE-2020-16583
	RESERVED
CVE-2020-16582
	RESERVED
CVE-2020-16581
	RESERVED
CVE-2020-16580
	RESERVED
CVE-2020-16579
	RESERVED
CVE-2020-16578
	RESERVED
CVE-2020-16577
	RESERVED
CVE-2020-16576
	RESERVED
CVE-2020-16575
	RESERVED
CVE-2020-16574
	RESERVED
CVE-2020-16573
	RESERVED
CVE-2020-16572
	RESERVED
CVE-2020-16571
	RESERVED
CVE-2020-16570
	RESERVED
CVE-2020-16569
	RESERVED
CVE-2020-16568
	RESERVED
CVE-2020-16567
	RESERVED
CVE-2020-16566
	RESERVED
CVE-2020-16565
	RESERVED
CVE-2020-16564
	RESERVED
CVE-2020-16563
	RESERVED
CVE-2020-16562
	RESERVED
CVE-2020-16561
	RESERVED
CVE-2020-16560
	RESERVED
CVE-2020-16559
	RESERVED
CVE-2020-16558
	RESERVED
CVE-2020-16557
	RESERVED
CVE-2020-16556
	RESERVED
CVE-2020-16555
	RESERVED
CVE-2020-16554
	RESERVED
CVE-2020-16553
	RESERVED
CVE-2020-16552
	RESERVED
CVE-2020-16551
	RESERVED
CVE-2020-16550
	RESERVED
CVE-2020-16549
	RESERVED
CVE-2020-16548
	RESERVED
CVE-2020-16547
	RESERVED
CVE-2020-16546
	RESERVED
CVE-2020-16545
	RESERVED
CVE-2020-16544
	RESERVED
CVE-2020-16543
	RESERVED
CVE-2020-16542
	RESERVED
CVE-2020-16541
	RESERVED
CVE-2020-16540
	RESERVED
CVE-2020-16539
	RESERVED
CVE-2020-16538
	RESERVED
CVE-2020-16537
	RESERVED
CVE-2020-16536
	RESERVED
CVE-2020-16535
	RESERVED
CVE-2020-16534
	RESERVED
CVE-2020-16533
	RESERVED
CVE-2020-16532
	RESERVED
CVE-2020-16531
	RESERVED
CVE-2020-16530
	RESERVED
CVE-2020-16529
	RESERVED
CVE-2020-16528
	RESERVED
CVE-2020-16527
	RESERVED
CVE-2020-16526
	REJECTED
CVE-2020-16525
	RESERVED
CVE-2020-16524
	RESERVED
CVE-2020-16523
	RESERVED
CVE-2020-16522
	RESERVED
CVE-2020-16521
	RESERVED
CVE-2020-16520
	RESERVED
CVE-2020-16519
	RESERVED
CVE-2020-16518
	RESERVED
CVE-2020-16517
	RESERVED
CVE-2020-16516
	RESERVED
CVE-2020-16515
	RESERVED
CVE-2020-16514
	RESERVED
CVE-2020-16513
	RESERVED
CVE-2020-16512
	RESERVED
CVE-2020-16511
	RESERVED
CVE-2020-16510
	RESERVED
CVE-2020-16509
	RESERVED
CVE-2020-16508
	RESERVED
CVE-2020-16507
	RESERVED
CVE-2020-16506
	RESERVED
CVE-2020-16505
	RESERVED
CVE-2020-16504
	RESERVED
CVE-2020-16503
	RESERVED
CVE-2020-16502
	RESERVED
CVE-2020-16501
	RESERVED
CVE-2020-16500
	RESERVED
CVE-2020-16499
	RESERVED
CVE-2020-16498
	RESERVED
CVE-2020-16497
	RESERVED
CVE-2020-16496
	RESERVED
CVE-2020-16495
	RESERVED
CVE-2020-16494
	RESERVED
CVE-2020-16493
	RESERVED
CVE-2020-16492
	RESERVED
CVE-2020-16491
	RESERVED
CVE-2020-16490
	RESERVED
CVE-2020-16489
	RESERVED
CVE-2020-16488
	RESERVED
CVE-2020-16487
	RESERVED
CVE-2020-16486
	RESERVED
CVE-2020-16485
	RESERVED
CVE-2020-16484
	RESERVED
CVE-2020-16483
	RESERVED
CVE-2020-16482
	RESERVED
CVE-2020-16481
	RESERVED
CVE-2020-16480
	RESERVED
CVE-2020-16479
	RESERVED
CVE-2020-16478
	RESERVED
CVE-2020-16477
	RESERVED
CVE-2020-16476
	RESERVED
CVE-2020-16475
	RESERVED
CVE-2020-16474
	RESERVED
CVE-2020-16473
	RESERVED
CVE-2020-16472
	RESERVED
CVE-2020-16471
	RESERVED
CVE-2020-16470
	RESERVED
CVE-2020-16469
	RESERVED
CVE-2020-16468
	RESERVED
CVE-2020-16467
	RESERVED
CVE-2020-16466
	RESERVED
CVE-2020-16465
	RESERVED
CVE-2020-16464
	RESERVED
CVE-2020-16463
	RESERVED
CVE-2020-16462
	RESERVED
CVE-2020-16461
	RESERVED
CVE-2020-16460
	RESERVED
CVE-2020-16459
	RESERVED
CVE-2020-16458
	RESERVED
CVE-2020-16457
	RESERVED
CVE-2020-16456
	RESERVED
CVE-2020-16455
	RESERVED
CVE-2020-16454
	RESERVED
CVE-2020-16453
	RESERVED
CVE-2020-16452
	RESERVED
CVE-2020-16451
	RESERVED
CVE-2020-16450
	RESERVED
CVE-2020-16449
	RESERVED
CVE-2020-16448
	RESERVED
CVE-2020-16447
	RESERVED
CVE-2020-16446
	RESERVED
CVE-2020-16445
	RESERVED
CVE-2020-16444
	RESERVED
CVE-2020-16443
	RESERVED
CVE-2020-16442
	RESERVED
CVE-2020-16441
	RESERVED
CVE-2020-16440
	RESERVED
CVE-2020-16439
	RESERVED
CVE-2020-16438
	RESERVED
CVE-2020-16437
	RESERVED
CVE-2020-16436
	RESERVED
CVE-2020-16435
	RESERVED
CVE-2020-16434
	RESERVED
CVE-2020-16433
	RESERVED
CVE-2020-16432
	RESERVED
CVE-2020-16431
	RESERVED
CVE-2020-16430
	RESERVED
CVE-2020-16429
	RESERVED
CVE-2020-16428
	RESERVED
CVE-2020-16427
	RESERVED
CVE-2020-16426
	RESERVED
CVE-2020-16425
	RESERVED
CVE-2020-16424
	RESERVED
CVE-2020-16423
	RESERVED
CVE-2020-16422
	RESERVED
CVE-2020-16421
	RESERVED
CVE-2020-16420
	RESERVED
CVE-2020-16419
	RESERVED
CVE-2020-16418
	RESERVED
CVE-2020-16417
	RESERVED
CVE-2020-16416
	RESERVED
CVE-2020-16415
	RESERVED
CVE-2020-16414
	RESERVED
CVE-2020-16413
	RESERVED
CVE-2020-16412
	RESERVED
CVE-2020-16411
	RESERVED
CVE-2020-16410
	RESERVED
CVE-2020-16409
	RESERVED
CVE-2020-16408
	RESERVED
CVE-2020-16407
	RESERVED
CVE-2020-16406
	RESERVED
CVE-2020-16405
	RESERVED
CVE-2020-16404
	RESERVED
CVE-2020-16403
	RESERVED
CVE-2020-16402
	RESERVED
CVE-2020-16401
	RESERVED
CVE-2020-16400
	RESERVED
CVE-2020-16399
	RESERVED
CVE-2020-16398
	RESERVED
CVE-2020-16397
	RESERVED
CVE-2020-16396
	RESERVED
CVE-2020-16395
	RESERVED
CVE-2020-16394
	RESERVED
CVE-2020-16393
	RESERVED
CVE-2020-16392
	RESERVED
CVE-2020-16391
	RESERVED
CVE-2020-16390
	RESERVED
CVE-2020-16389
	RESERVED
CVE-2020-16388
	RESERVED
CVE-2020-16387
	RESERVED
CVE-2020-16386
	RESERVED
CVE-2020-16385
	RESERVED
CVE-2020-16384
	RESERVED
CVE-2020-16383
	RESERVED
CVE-2020-16382
	RESERVED
CVE-2020-16381
	RESERVED
CVE-2020-16380
	RESERVED
CVE-2020-16379
	RESERVED
CVE-2020-16378
	RESERVED
CVE-2020-16377
	RESERVED
CVE-2020-16376
	RESERVED
CVE-2020-16375
	RESERVED
CVE-2020-16374
	RESERVED
CVE-2020-16373
	RESERVED
CVE-2020-16372
	RESERVED
CVE-2020-16371
	RESERVED
CVE-2020-16370
	RESERVED
CVE-2020-16369
	RESERVED
CVE-2020-16368
	RESERVED
CVE-2020-16367
	RESERVED
CVE-2020-16366
	RESERVED
CVE-2020-16365
	RESERVED
CVE-2020-16364
	RESERVED
CVE-2020-16363
	RESERVED
CVE-2020-16362
	RESERVED
CVE-2020-16361
	RESERVED
CVE-2020-16360
	RESERVED
CVE-2020-16359
	RESERVED
CVE-2020-16358
	RESERVED
CVE-2020-16357
	RESERVED
CVE-2020-16356
	RESERVED
CVE-2020-16355
	RESERVED
CVE-2020-16354
	RESERVED
CVE-2020-16353
	RESERVED
CVE-2020-16352
	RESERVED
CVE-2020-16351
	RESERVED
CVE-2020-16350
	RESERVED
CVE-2020-16349
	RESERVED
CVE-2020-16348
	RESERVED
CVE-2020-16347
	RESERVED
CVE-2020-16346
	RESERVED
CVE-2020-16345
	RESERVED
CVE-2020-16344
	RESERVED
CVE-2020-16343
	RESERVED
CVE-2020-16342
	RESERVED
CVE-2020-16341
	RESERVED
CVE-2020-16340
	RESERVED
CVE-2020-16339
	RESERVED
CVE-2020-16338
	RESERVED
CVE-2020-16337
	RESERVED
CVE-2020-16336
	RESERVED
CVE-2020-16335
	RESERVED
CVE-2020-16334
	RESERVED
CVE-2020-16333
	RESERVED
CVE-2020-16332
	RESERVED
CVE-2020-16331
	RESERVED
CVE-2020-16330
	RESERVED
CVE-2020-16329
	RESERVED
CVE-2020-16328
	RESERVED
CVE-2020-16327
	RESERVED
CVE-2020-16326
	RESERVED
CVE-2020-16325
	RESERVED
CVE-2020-16324
	RESERVED
CVE-2020-16323
	RESERVED
CVE-2020-16322
	RESERVED
CVE-2020-16321
	RESERVED
CVE-2020-16320
	RESERVED
CVE-2020-16319
	RESERVED
CVE-2020-16318
	RESERVED
CVE-2020-16317
	RESERVED
CVE-2020-16316
	RESERVED
CVE-2020-16315
	RESERVED
CVE-2020-16314
	RESERVED
CVE-2020-16313
	RESERVED
CVE-2020-16312
	RESERVED
CVE-2020-16311
	RESERVED
CVE-2020-16310 (A division by zero vulnerability in dot24_print_page() in devices/gdev ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701828
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=eaba1d97b62831b42c51840cc8ee2bc4576c942e (9.51)
CVE-2020-16309 (A buffer overflow vulnerability in lxm5700m_print_page() in devices/gd ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701827
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a6f7464dddc689386668a38b92dfd03cc1b38a10 (9.51)
	NOTE: PoC requires de8b6458abaeb9d0b14f02377f3e617f2854e647 (9.27) to trigger
CVE-2020-16308 (A buffer overflow vulnerability in p_print_image() in devices/gdevcdj. ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701829
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=af004276fd8f6c305727183c159b83021020f7d6 (9.51)
CVE-2020-16307 (A null pointer dereference vulnerability in devices/vector/gdevtxtw.c  ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701822
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=407c98a38c3a6ac1681144ed45cc2f4fc374c91f (9.51)
CVE-2020-16306 (A null pointer dereference vulnerability in devices/gdevtsep.c of Arti ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=aadb53eb834b3def3ef68d78865ff87a68901804 (9.51)
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701821
CVE-2020-16305 (A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701819
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2793769ff107d8d22dadd30c6e68cd781b569550 (9.51)
CVE-2020-16304 (A buffer overflow vulnerability in image_render_color_thresh() in base ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=027c546e0dd11e0526f1780a7f3c2c66acffe209 (9.51)
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701816
	NOTE: PoC requires de8b6458abaeb9d0b14f02377f3e617f2854e647 (9.27) to trigger
CVE-2020-16303 (A use-after-free vulnerability in xps_finish_image_path() in devices/v ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701818
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=94d8955cb7725eb5f3557ddc02310c76124fdd1a (9.51)
CVE-2020-16302 (A buffer overflow vulnerability in jetp3852_print_page() in devices/gd ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701815
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=366ad48d076c1aa4c8f83c65011258a04e348207 (9.51)
CVE-2020-16301 (A buffer overflow vulnerability in okiibm_print_page1() in devices/gde ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701808
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=f54414c8b15b2c27d1dcadd92cfe84f6d15f18dc (9.51)
CVE-2020-16300 (A buffer overflow vulnerability in tiff12_print_page() in devices/gdev ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701807
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=714e8995cd582d418276915cbbec3c70711fb19e (9.51)
CVE-2020-16299 (A Division by Zero vulnerability in bj10v_print_page() in contrib/japa ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701801
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=19cebe708b9ee3d9e0f8bcdd79dbc6ef9ddc70d2 (9.51)
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=4fcbece468706e0e89ed2856729b2ccacbc112be (9.51)
CVE-2020-16298 (A buffer overflow vulnerability in mj_color_correct() in contrib/japan ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701799
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=849e74e5ab450dd581942192da7101e0664fa5af (9.51)
CVE-2020-16297 (A buffer overflow vulnerability in FloydSteinbergDitheringC() in contr ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701800
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=bf72f1a3dd5392ee8291e3b1518a0c2c5dc6ba39 (9.51)
CVE-2020-16296 (A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/ ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701792
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=9f39ed4a92578a020ae10459643e1fe72573d134 (9.51)
	NOTE: chunk #2, see also CVE-2020-17538
CVE-2020-16295 (A null pointer dereference vulnerability in clj_media_size() in device ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;h=2c2dc335c212750e0fb8ae157063bc06cafa8d3e (9.51)
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701796
CVE-2020-16294 (A buffer overflow vulnerability in epsc_print_page() in devices/gdevep ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701794
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=89f58f1aa95b3482cadf6977da49457194ee5358 (9.51)
CVE-2020-16293 (A null pointer dereference vulnerability in compose_group_nonknockout_ ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701795
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=7870f4951bcc6a153f317e3439e14d0e929fd231 (9.51)
CVE-2020-16292 (A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701793
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=863ada11f9a942a622a581312e2be022d9e2a6f7 (9.51)
CVE-2020-16291 (A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Softwa ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;h=4f73e8b4d578e69a17f452fa60d2130c5faaefd6 (9.51)
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701787
CVE-2020-16290 (A buffer overflow vulnerability in jetp3852_print_page() in devices/gd ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;h=93cb0c0adbd9bcfefd021d59c472388f67d3300d (9.51)
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701786
CVE-2020-16289 (A buffer overflow vulnerability in cif_print_page() in devices/gdevcif ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701788
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=d31e25ed5b130499e0d880e4609b1b4824699768 (9.51)
CVE-2020-16288 (A buffer overflow vulnerability in pj_common_print_page() in devices/g ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;h=aba3375ac24f8e02659d9b1eb9093909618cdb9f (9.51)
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701791
CVE-2020-16287 (A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gd ...)
	{DSA-4748-1 DLA-2335-1}
	- ghostscript 9.51~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701785
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=450da26a76286a8342ec0864b3d113856709f8f6 (9.51)
CVE-2020-16286
	RESERVED
CVE-2020-16285
	RESERVED
CVE-2020-16284
	RESERVED
CVE-2020-16283
	RESERVED
CVE-2020-16282 (In the default configuration of Rangee GmbH RangeeOS 8.0.4, all compon ...)
	NOT-FOR-US: Rangee
CVE-2020-16281 (The Kommbox component in Rangee GmbH RangeeOS 8.0.4 could allow a loca ...)
	NOT-FOR-US: Rangee
CVE-2020-16280 (Multiple Rangee GmbH RangeeOS 8.0.4 modules store credentials in plain ...)
	NOT-FOR-US: Rangee
CVE-2020-16279 (The Kommbox component in Rangee GmbH RangeeOS 8.0.4 is vulnerable to R ...)
	NOT-FOR-US: Rangee
CVE-2020-16278 (A cross-site scripting (XSS) vulnerability in the Permissions componen ...)
	NOT-FOR-US: SAINT Security Suite
CVE-2020-16277 (An SQL injection vulnerability in the Analytics component of SAINT Sec ...)
	NOT-FOR-US: SAINT Security Suite
CVE-2020-16276 (An SQL injection vulnerability in the Assets component of SAINT Securi ...)
	NOT-FOR-US: SAINT Security Suite
CVE-2020-16275 (A cross-site scripting (XSS) vulnerability in the Credential Manager c ...)
	NOT-FOR-US: SAINT Security Suite
CVE-2020-16274
	RESERVED
CVE-2020-16273 (In Arm software implementing the Armv8-M processors (all versions), th ...)
	NOT-FOR-US: Arm hardware issue
CVE-2020-16272 (The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 is mis ...)
	NOT-FOR-US: Kee Vault KeePassRPC
CVE-2020-16271 (The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 genera ...)
	NOT-FOR-US: Kee Vault KeePassRPC
CVE-2020-16270 (OLIMPOKS under 3.3.39 allows Auth/Admin ErrorMessage XSS. Remote Attac ...)
	NOT-FOR-US: OLIMPOKS
CVE-2020-16269 (radare2 4.5.0 misparses DWARF information in executable files, causing ...)
	- radare2 5.0.0+dfsg-1
	NOTE: https://github.com/radareorg/radare2/issues/17383
CVE-2020-16268 (The MSI installer in 1E Client 4.1.0.267 and 5.0.0.745 allows remote a ...)
	NOT-FOR-US: 1E Client
CVE-2020-16267 (Zoho ManageEngine Applications Manager version 14740 and prior allows  ...)
	NOT-FOR-US: Zoho ManageEngine Applications Manager
CVE-2020-16266 (An XSS issue was discovered in MantisBT before 2.24.2. Improper escapi ...)
	- mantis <removed>
CVE-2020-16265
	RESERVED
CVE-2020-16264
	RESERVED
CVE-2020-16263 (Winston 1.5.4 devices have a CORS configuration that trusts arbitrary  ...)
	NOT-FOR-US: Winston devices
CVE-2020-16262 (Winston 1.5.4 devices have a local www-data user that is overly permis ...)
	NOT-FOR-US: Winston devices
CVE-2020-16261 (Winston 1.5.4 devices allow a U-Boot interrupt, resulting in local roo ...)
	NOT-FOR-US: Winston devices
CVE-2020-16260 (Winston 1.5.4 devices do not enforce authorization. This is exploitabl ...)
	NOT-FOR-US: Winston devices
CVE-2020-16259 (Winston 1.5.4 devices have an SSH user account with access from bastio ...)
	NOT-FOR-US: Winston devices
CVE-2020-16258 (Winston 1.5.4 devices make use of a Monit service (not managed during  ...)
	NOT-FOR-US: Winston devices
CVE-2020-16257 (Winston 1.5.4 devices are vulnerable to command injection via the API. ...)
	NOT-FOR-US: Winston devices
CVE-2020-16256 (The API on Winston 1.5.4 devices is vulnerable to CSRF. ...)
	NOT-FOR-US: Winston devices
CVE-2020-16255 (ownCloud (Core) before 10.5 allows XSS in login page 'forgot password. ...)
	- owncloud <removed>
CVE-2020-16254 (The Chartkick gem through 3.3.2 for Ruby allows Cascading Style Sheets ...)
	NOT-FOR-US: Chartkick gem
CVE-2020-16253 (The PgHero gem through 2.6.0 for Ruby allows CSRF. ...)
	- ruby-pghero <itp> (bug #882288)
CVE-2020-16252 (The Field Test gem 0.2.0 through 0.3.2 for Ruby allows CSRF. ...)
	NOT-FOR-US: Field Test gem
CVE-2020-16251 (HashiCorp Vault and Vault Enterprise versions 0.8.3 and newer, when co ...)
	NOT-FOR-US: HashiCorp Vault
CVE-2020-16250 (HashiCorp Vault and Vault Enterprise versions 0.7.1 and newer, when co ...)
	NOT-FOR-US: HashiCorp Vault
CVE-2020-16249
	RESERVED
CVE-2020-16248 (** DISPUTED ** Prometheus Blackbox Exporter through 0.17.0 allows /pro ...)
	- prometheus-blackbox-exporter <unfixed> (unimportant)
	NOTE: https://github.com/prometheus/blackbox_exporter/issues/669
	NOTE: https://www.openwall.com/lists/oss-security/2020/08/08/12
	NOTE: https://www.openwall.com/lists/oss-security/2020/08/08/3
	NOTE: Upstream of the project did disputed the CVE. Upstream position is
	NOTE: that the refererred behaviour is intended functionality.
CVE-2020-16247 (Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. Th ...)
	NOT-FOR-US: Philips
CVE-2020-16246 (The affected Reason S20 Ethernet Switch is vulnerable to cross-site sc ...)
	NOT-FOR-US: Reason S20 Ethernet Switch
CVE-2020-16245 (Advantech iView, Versions 5.7 and prior. The affected product is vulne ...)
	NOT-FOR-US: Advantech
CVE-2020-16244 (GE Digital APM Classic, Versions 4.4 and prior. Salt is not used for h ...)
	NOT-FOR-US: GE Digital APM Classic
CVE-2020-16243 (Multiple buffer overflow vulnerabilities exist when LeviStudioU (Versi ...)
	NOT-FOR-US: LeviStudioU
CVE-2020-16242 (The affected Reason S20 Ethernet Switch is vulnerable to cross-site sc ...)
	NOT-FOR-US: General Electric
CVE-2020-16241 (Philips SureSigns VS4, A.07.107 and prior. The software does not restr ...)
	NOT-FOR-US: Philips SureSigns
CVE-2020-16240 (GE Digital APM Classic, Versions 4.4 and prior. An insecure direct obj ...)
	NOT-FOR-US: GE Digital APM Classic
CVE-2020-16239 (Philips SureSigns VS4, A.07.107 and prior. When an actor claims to hav ...)
	NOT-FOR-US: Philips SureSigns
CVE-2020-16238
	RESERVED
CVE-2020-16237 (Philips SureSigns VS4, A.07.107 and prior. The product receives input  ...)
	NOT-FOR-US: Philips SureSigns
CVE-2020-16236 (FPWIN Pro is vulnerable to an out-of-bounds read vulnerability when a  ...)
	NOT-FOR-US: FPWIN Pro
CVE-2020-16235
	RESERVED
CVE-2020-16234 (In PLC WinProladder Version 3.28 and prior, a stack-based buffer overf ...)
	NOT-FOR-US: PLC WinProladder
CVE-2020-16233 (An attacker could send a specially crafted packet that could have Code ...)
	NOT-FOR-US: CodeMeter
CVE-2020-16232
	RESERVED
CVE-2020-16231
	RESERVED
CVE-2020-16230 (All version of Ewon Flexy and Cosy prior to 14.1 use wildcards such as ...)
	NOT-FOR-US: HMS Networks
CVE-2020-16229 (Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Process ...)
	NOT-FOR-US: Advantech WebAccess
CVE-2020-16228 (Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, Perfo ...)
	NOT-FOR-US: Philips
CVE-2020-16227 (Delta Electronics TPEditor Versions 1.97 and prior. An improper input  ...)
	NOT-FOR-US: Delta Electronics
CVE-2020-16226 (Multiple Mitsubishi Electric products are vulnerable to impersonations ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-16225 (Delta Electronics TPEditor Versions 1.97 and prior. A write-what-where ...)
	NOT-FOR-US: Delta Electronics
CVE-2020-16224 (Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, Perfo ...)
	NOT-FOR-US: Philips
CVE-2020-16223 (Delta Electronics TPEditor Versions 1.97 and prior. A heap-based buffe ...)
	NOT-FOR-US: Delta Electronics
CVE-2020-16222 (Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, Perfo ...)
	NOT-FOR-US: Philips
CVE-2020-16221 (Delta Electronics TPEditor Versions 1.97 and prior. A stack-based buff ...)
	NOT-FOR-US: Delta Electronics
CVE-2020-16220 (Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, Perfo ...)
	NOT-FOR-US: Philips
CVE-2020-16219 (Delta Electronics TPEditor Versions 1.97 and prior. An out-of-bounds r ...)
	NOT-FOR-US: Delta Electronics
CVE-2020-16218 (Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, Perfo ...)
	NOT-FOR-US: Philips
CVE-2020-16217 (Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. A doubl ...)
	NOT-FOR-US: Advantech WebAccess
CVE-2020-16216 (Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, Perfo ...)
	NOT-FOR-US: Philips
CVE-2020-16215 (Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Process ...)
	NOT-FOR-US: Advantech WebAccess
CVE-2020-16214 (Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, Perfo ...)
	NOT-FOR-US: Philips
CVE-2020-16213 (Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Process ...)
	NOT-FOR-US: Advantech WebAccess
CVE-2020-16212 (Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, Perfo ...)
	NOT-FOR-US: Philips
CVE-2020-16211 (Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. An out- ...)
	NOT-FOR-US: Advantech WebAccess
CVE-2020-16210 (The affected product is vulnerable to reflected cross-site scripting,  ...)
	NOT-FOR-US: N-Tron
CVE-2020-16209
	RESERVED
CVE-2020-16208 (The affected product is vulnerable to cross-site request forgery, whic ...)
	NOT-FOR-US: N-Tron
CVE-2020-16207 (Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Multipl ...)
	NOT-FOR-US: Advantech WebAccess
CVE-2020-16206 (The affected product is vulnerable to stored cross-site scripting, whi ...)
	NOT-FOR-US: N-Tron
CVE-2020-16205 (Using a specially crafted URL command, a remote authenticated user can ...)
	NOT-FOR-US: G-Cam and G-Code
CVE-2020-16204 (The affected product is vulnerable due to an undocumented interface fo ...)
	NOT-FOR-US: N-Tron
CVE-2020-16203 (Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and ...)
	NOT-FOR-US: Delta Industrial Automation
CVE-2020-16202 (WebAccess Node (All versions prior to 9.0.1) has incorrect permissions ...)
	NOT-FOR-US: WebAccess Node
CVE-2020-16201 (Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and ...)
	NOT-FOR-US: Delta Industrial Automation
CVE-2020-16200 (Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. Th ...)
	NOT-FOR-US: Philips
CVE-2020-16199 (Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and ...)
	NOT-FOR-US: Delta Industrial Automation
CVE-2020-16198 (Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. Wh ...)
	NOT-FOR-US: Philips
CVE-2020-16197 (An issue was discovered in Octopus Deploy 3.4. A deployment target can ...)
	NOT-FOR-US: Octopus Deploy
CVE-2020-16196
	REJECTED
CVE-2020-16195
	RESERVED
CVE-2020-16194 (An Insecure Direct Object Reference (IDOR) vulnerability was found in  ...)
	NOT-FOR-US: Prestashop Opart devis
CVE-2020-16193 (osTicket before 1.14.3 allows XSS because include/staff/banrule.inc.ph ...)
	NOT-FOR-US: osTicket
CVE-2020-16192 (LimeSurvey 4.3.2 allows reflected XSS because application/controllers/ ...)
	- limesurvey <itp> (bug #472802)
CVE-2020-16191
	RESERVED
CVE-2020-16190
	RESERVED
CVE-2020-16189
	RESERVED
CVE-2020-16188
	RESERVED
CVE-2020-16187
	RESERVED
CVE-2020-16186
	REJECTED
CVE-2020-16185
	RESERVED
CVE-2020-16184
	RESERVED
CVE-2020-16183
	RESERVED
CVE-2020-16182
	RESERVED
CVE-2020-16181
	RESERVED
CVE-2020-16180
	RESERVED
CVE-2020-16179
	RESERVED
CVE-2020-16178
	RESERVED
CVE-2020-16177
	RESERVED
CVE-2020-16176
	RESERVED
CVE-2020-16175
	RESERVED
CVE-2020-16174
	RESERVED
CVE-2020-16173
	RESERVED
CVE-2020-16172
	RESERVED
CVE-2020-16171 (An issue was discovered in Acronis Cyber Backup before 12.5 Build 1634 ...)
	NOT-FOR-US: Acronis
CVE-2020-16170 (Use of Hard-coded Credentials in temi Robox OS prior to 120, temi Andr ...)
	NOT-FOR-US: Temi application fo Android
CVE-2020-16169 (Authentication Bypass Using an Alternate Path or Channel in temi Robox ...)
	NOT-FOR-US: Temi Robox OS
CVE-2020-16168 (Origin Validation Error in temi Robox OS prior to 120, temi Android ap ...)
	NOT-FOR-US: Temi firmware
CVE-2020-16167 (Missing Authentication for Critical Function in temi Robox OS prior to ...)
	NOT-FOR-US: Temi Launcher OS
CVE-2020-16166 (The Linux kernel through 5.7.11 allows remote attackers to make observ ...)
	{DLA-2420-1 DLA-2385-1}
	- linux 5.7.17-1
	[buster] - linux 4.19.146-1
	NOTE: https://git.kernel.org/linus/f227e3ec3b5cad859ad15666874405e8c1bbc1d4
CVE-2020-16165 (The DAO/DTO implementation in SpringBlade through 2.7.1 allows SQL Inj ...)
	NOT-FOR-US: SpringBlade
CVE-2020-16164 (** DISPUTED ** An issue was discovered in RIPE NCC RPKI Validator 3.x  ...)
	NOT-FOR-US: RIPE NCC RPKI Validator
CVE-2020-16163 (** DISPUTED ** An issue was discovered in RIPE NCC RPKI Validator 3.x  ...)
	NOT-FOR-US: RIPE NCC RPKI Validator
CVE-2020-16162 (** DISPUTED ** An issue was discovered in RIPE NCC RPKI Validator 3.x  ...)
	NOT-FOR-US: RIPE NCC RPKI Validator
CVE-2020-16161 (GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_Sca ...)
	NOT-FOR-US: GoPro
CVE-2020-16160 (GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_Dec ...)
	NOT-FOR-US: GoPro
CVE-2020-16159 (GoPro gpmf-parser 1.5 has a heap out-of-bounds read and segfault in GP ...)
	NOT-FOR-US: GoPro
CVE-2020-16158 (GoPro gpmf-parser through 1.5 has a stack out-of-bounds write vulnerab ...)
	NOT-FOR-US: GoPro
CVE-2020-16157 (A Stored XSS vulnerability exists in Nagios Log Server before 2.1.7 vi ...)
	NOT-FOR-US: Nagios Log Server
CVE-2020-16156 (CPAN 2.28 allows Signature Verification Bypass. ...)
	- perl <unfixed>
	[bullseye] - perl <no-dsa> (Minor issue)
	[buster] - perl <no-dsa> (Minor issue)
	[stretch] - perl <no-dsa> (Minor issue)
	NOTE: https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
	NOTE: http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
CVE-2020-16155 (The CPAN::Checksums package 2.12 for Perl does not uniquely define sig ...)
	- libcpan-checksums-perl <unfixed>
	[bullseye] - libcpan-checksums-perl <no-dsa> (Minor issue)
	[buster] - libcpan-checksums-perl <no-dsa> (Minor issue)
	[stretch] - libcpan-checksums-perl <no-dsa> (Minor issue)
	NOTE: https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
	NOTE: http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
CVE-2020-16154 (The App::cpanminus package 1.7044 for Perl allows Signature Verificati ...)
	- cpanminus 1.7045-1
	[bullseye] - cpanminus <no-dsa> (Minor issue)
	[buster] - cpanminus <no-dsa> (Minor issue)
	[stretch] - cpanminus <no-dsa> (Minor issue)
	NOTE: https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
	NOTE: http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
CVE-2020-16153
	RESERVED
CVE-2020-16152 (The NetConfig UI administrative interface in Extreme Networks ExtremeW ...)
	NOT-FOR-US: Extreme Networks
CVE-2020-16151
	RESERVED
CVE-2020-16150 (A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/s ...)
	- mbedtls 2.16.9-0.1 (bug #972806)
	[buster] - mbedtls <no-dsa> (Minor issue)
	[stretch] - mbedtls <no-dsa> (Minor issue)
	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1
CVE-2020-16149
	REJECTED
CVE-2020-16148 (The ping page of the administration panel in Telmat AccessLog &lt;= 6. ...)
	NOT-FOR-US: Telmat AccessLog
CVE-2020-16147 (The login page in Telmat AccessLog &lt;= 6.0 (TAL_20180415) allows an  ...)
	NOT-FOR-US: Telmat AccessLog
CVE-2020-16146 (Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.7, 3.2.x ...)
	NOT-FOR-US: Espressif
CVE-2020-16145 (Roundcube Webmail before 1.3.15 and 1.4.8 allows stored XSS in HTML me ...)
	{DSA-4744-1 DLA-2322-1}
	- roundcube 1.4.8+dfsg.1-1 (bug #968216)
	NOTE: https://github.com/roundcube/roundcubemail/commit/a71bf2e8d4a64ff2c83fdabc1e8cb0c045a41ef4 (1.4.8)
	NOTE: https://github.com/roundcube/roundcubemail/commit/d44ca2308a96576b88d6bf27528964d4fe1a6b8b (1.3.15)
	NOTE: https://github.com/roundcube/roundcubemail/commit/589d36010048300ed39f4887aab1afd3ae98d00e (1.2.12)
CVE-2020-16144 (When using an object storage like S3 as the file store, when a user cr ...)
	- owncloud <removed>
CVE-2020-16143 (The seafile-client client 7.0.8 for Seafile is vulnerable to DLL hijac ...)
	- seafile-client <not-affected> (Windows-specific)
CVE-2020-16142 (On Mercedes-Benz C Class AMG Premium Plus c220 BlueTec vehicles, the B ...)
	NOT-FOR-US: Mercedes-Benz C Class AMG Premium Plus c220 BlueTec vehicles
CVE-2020-16141
	RESERVED
CVE-2020-16140 (The search functionality of the Greenmart theme 2.4.2 for WordPress is ...)
	NOT-FOR-US: search functionality of the Greenmart theme for WordPress
CVE-2020-16139 (** UNSUPPORTED WHEN ASSIGNED ** A denial-of-service in Cisco Unified I ...)
	NOT-FOR-US: Cisco
CVE-2020-16138 (** UNSUPPORTED WHEN ASSIGNED ** A denial-of-service issue in Cisco Uni ...)
	NOT-FOR-US: Cisco
CVE-2020-16137 (** UNSUPPORTED WHEN ASSIGNED ** A privilege escalation issue in Cisco  ...)
	NOT-FOR-US: Cisco
CVE-2020-16136 (In tgstation-server 4.4.0 and 4.4.1, an authenticated user with permis ...)
	NOT-FOR-US: tgstation-server
CVE-2020-16135 (libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if ssh_buf ...)
	{DLA-2303-1}
	- libssh 0.9.5-1 (bug #966560)
	[buster] - libssh <no-dsa> (Minor issue)
	NOTE: https://bugs.libssh.org/T232
	NOTE: https://bugs.libssh.org/rLIBSSHe631ebb3e2247dd25e9678e6827c20dc73b73238
	NOTE: https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120
CVE-2020-16134 (An issue was discovered on Swisscom Internet Box 2, Internet Box Stand ...)
	NOT-FOR-US: Swisscom
CVE-2020-16133
	RESERVED
CVE-2020-16132
	REJECTED
CVE-2020-16131 (Tiki before 21.2 allows XSS because [\s\/"\'] is not properly consider ...)
	- tikiwiki <removed>
CVE-2020-16130
	RESERVED
CVE-2020-16129
	RESERVED
CVE-2020-16128 (The aptdaemon DBus interface disclosed file existence disclosure by se ...)
	- aptdaemon <removed>
	NOTE: https://bugs.launchpad.net/ubuntu/+source/aptdaemon/+bug/1899513
CVE-2020-16127 (An Ubuntu-specific modification to AccountsService in versions before  ...)
	- accountsservice <not-affected> (Ubuntu-specific issue in 0010-set-language.patch)
CVE-2020-16126 (An Ubuntu-specific modification to AccountsService in versions before  ...)
	- accountsservice <not-affected> (Ubuntu-specific issue in 0010-set-language.patch)
CVE-2020-16125 (gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup  ...)
	{DLA-2434-1}
	- gdm3 3.38.2-1
	[buster] - gdm3 <no-dsa> (Minor issue on Debian)
	NOTE: https://github.com/GNOME/gdm/commit/dc8235128c3a1fcd5da8f30ab6839d413d353f28
	NOTE: https://gitlab.gnome.org/GNOME/gdm/-/issues/642
CVE-2020-16124 (Integer Overflow or Wraparound vulnerability in the XML RPC library of ...)
	- ros-ros-comm 1.15.8+ds1-2
	[buster] - ros-ros-comm 1.14.3+ds1-5+deb10u2
	[stretch] - ros-ros-comm <no-dsa> (Minor issue)
	NOTE: https://github.com/ros/ros_comm/pull/2065
CVE-2020-16123 (An Ubuntu-specific patch in PulseAudio created a race condition where  ...)
	- pulseaudio <not-affected> (Ubuntu-specific issue)
CVE-2020-16122 (PackageKit's apt backend mistakenly treated all local debs as trusted. ...)
	{DLA-2399-1}
	- packagekit 1.2.1-1 (bug #972229)
	[buster] - packagekit <no-dsa> (Minor issue)
	NOTE: https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/1882098
CVE-2020-16121 (PackageKit provided detailed error messages to unprivileged callers th ...)
	{DLA-2399-1}
	- packagekit 1.2.1-1 (bug #972229)
	[buster] - packagekit <no-dsa> (Minor issue)
	NOTE: https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/1888887
CVE-2020-16120 (Overlayfs did not properly perform permission checking when copying up ...)
	- linux 5.8.7-1
	[stretch] - linux <not-affected> (Vulnerable configuration combination not possible)
	NOTE: https://www.openwall.com/lists/oss-security/2020/10/13/6
CVE-2020-16119 (Use-after-free vulnerability in the Linux kernel exploitable by a loca ...)
	{DSA-4978-1 DLA-2843-1 DLA-2785-1}
	- linux 5.14.6-1
	[buster] - linux 4.19.208-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/10/13/7
	NOTE: https://git.kernel.org/linus/d9ea761fdd197351890418acd462c51f241014a7
CVE-2020-16118 (In GNOME Balsa before 2.6.0, a malicious server operator or man in the ...)
	- balsa 2.6.0-1
	[buster] - balsa <no-dsa> (Minor issue)
	[stretch] - balsa <no-dsa> (Minor issue)
	NOTE: https://gitlab.gnome.org/GNOME/balsa/-/commit/4e245d758e1c826a01080d40c22ca8706f0339e5
	NOTE: https://gitlab.gnome.org/GNOME/balsa/-/issues/23
CVE-2020-16117 (In GNOME evolution-data-server before 3.35.91, a malicious server can  ...)
	{DLA-2309-1}
	- evolution-data-server 3.36.0-1
	[buster] - evolution-data-server <no-dsa> (Minor issue)
	NOTE: https://gitlab.gnome.org/GNOME/evolution-data-server/-/commit/2cc39592b532cf0dc994fd3694b8e6bf924c9ab5
	NOTE: https://gitlab.gnome.org/GNOME/evolution-data-server/-/commit/627c3cdbfd077e59aa288c85ff8272950577f1d7
	NOTE: https://gitlab.gnome.org/GNOME/evolution-data-server/-/issues/189
CVE-2020-16116 (In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can ...)
	{DSA-4738-1}
	- ark 4:20.04.3-1
	[stretch] - ark <no-dsa> (Intrusive to backport, partial patch for GUI https://people.debian.org/~abhijith/upload/backport_to_1608.patch)
	NOTE: https://kde.org/info/security/advisory-20200730-1.txt
	NOTE: https://invent.kde.org/utilities/ark/-/commit/0df592524fed305d6fbe74ddf8a196bc9ffdb92f
CVE-2020-16115
	REJECTED
CVE-2020-16114
	REJECTED
CVE-2020-16113
	REJECTED
CVE-2020-16112
	REJECTED
CVE-2020-16111
	REJECTED
CVE-2020-16110
	REJECTED
CVE-2020-16109
	REJECTED
CVE-2020-16108
	REJECTED
CVE-2020-16107
	REJECTED
CVE-2020-16106
	REJECTED
CVE-2020-16105
	REJECTED
CVE-2020-16104 (SQL Injection vulnerability in Enterprise Data Interface of Gallagher  ...)
	NOT-FOR-US: Gallagher Command Centre Server
CVE-2020-16103 (Type confusion in Gallagher Command Centre Server allows a remote atta ...)
	NOT-FOR-US: Gallagher Command Centre Server
CVE-2020-16102 (Improper Authentication vulnerability in Gallagher Command Centre Serv ...)
	NOT-FOR-US: Gallagher Command Centre Server
CVE-2020-16101 (It is possible for an unauthenticated remote DCOM websocket connection ...)
	NOT-FOR-US: Gallagher Command Centre Server
CVE-2020-16100 (It is possible for an unauthenticated remote DCOM websocket connection ...)
	NOT-FOR-US: Gallagher Command Centre Server
CVE-2020-16099 (In Gallagher Command Centre v8.20 prior to v8.20.1093(MR2) it is possi ...)
	NOT-FOR-US: Gallagher Command Centre Server
CVE-2020-16098 (It is possible to enumerate access card credentials via an unauthentic ...)
	NOT-FOR-US: Gallagher Command Centre Server
CVE-2020-16097 (On controllers running versions of v8.20 prior to vCR8.20.200221b (dis ...)
	NOT-FOR-US: Gallagher Command Centre Server
CVE-2020-16096 (In Gallagher Command Centre versions 8.10 prior to 8.10.1134(MR4), 8.0 ...)
	NOT-FOR-US: Gallagher Command Centre Server
CVE-2020-16095 (The dlf (aka Kitodo.Presentation) extension before 3.1.2 for TYPO3 all ...)
	NOT-FOR-US: dlf for TYPO3
CVE-2020-16094 (In imap_scan_tree_recursive in Claws Mail through 3.17.6, a malicious  ...)
	- claws-mail 3.17.7-1 (bug #966630)
	[buster] - claws-mail <no-dsa> (Minor issue)
	[stretch] - claws-mail <no-dsa> (Minor issue)
	NOTE: https://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=4313
CVE-2020-16093
	RESERVED
	- lemonldap-ng 2.0.9+ds-1
	[buster] - lemonldap-ng <no-dsa> (Minor issue)
	[stretch] - lemonldap-ng <no-dsa> (Minor issue + 2.x is a complete re-write, so very hard to backport!)
	NOTE: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2250
CVE-2020-16092 (In QEMU through 5.0.0, an assertion failure can occur in the network p ...)
	{DSA-4760-1 DLA-2373-1}
	- qemu 1:5.1+dfsg-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1860283
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=035e69b063835a5fd23cacabd63690a3d84532a8
CVE-2020-16091
	REJECTED
CVE-2020-16090
	RESERVED
CVE-2020-16089
	RESERVED
CVE-2020-16088 (iked in OpenIKED, as used in OpenBSD through 6.7, allows authenticatio ...)
	NOT-FOR-US: OpenIKED
CVE-2020-16087 (An issue was discovered in Zalo.exe in VNG Zalo Desktop 19.8.1.0. An a ...)
	NOT-FOR-US: VNG Zalo Desktop
CVE-2020-16086
	RESERVED
CVE-2020-16085
	RESERVED
CVE-2020-16084
	RESERVED
CVE-2020-16083
	RESERVED
CVE-2020-16082
	RESERVED
CVE-2020-16081
	RESERVED
CVE-2020-16080
	RESERVED
CVE-2020-16079
	RESERVED
CVE-2020-16078
	RESERVED
CVE-2020-16077
	RESERVED
CVE-2020-16076
	RESERVED
CVE-2020-16075
	RESERVED
CVE-2020-16074
	RESERVED
CVE-2020-16073
	RESERVED
CVE-2020-16072
	RESERVED
CVE-2020-16071
	RESERVED
CVE-2020-16070
	RESERVED
CVE-2020-16069
	RESERVED
CVE-2020-16068
	RESERVED
CVE-2020-16067
	RESERVED
CVE-2020-16066
	RESERVED
CVE-2020-16065
	RESERVED
CVE-2020-16064
	RESERVED
CVE-2020-16063
	RESERVED
CVE-2020-16062
	RESERVED
CVE-2020-16061
	RESERVED
CVE-2020-16060
	RESERVED
CVE-2020-16059
	RESERVED
CVE-2020-16058
	RESERVED
CVE-2020-16057
	RESERVED
CVE-2020-16056
	RESERVED
CVE-2020-16055
	RESERVED
CVE-2020-16054
	RESERVED
CVE-2020-16053
	RESERVED
CVE-2020-16052
	RESERVED
CVE-2020-16051
	RESERVED
CVE-2020-16050
	RESERVED
CVE-2020-16049
	RESERVED
CVE-2020-16048 (Out of bounds read in ANGLE allowed a remote attacker to obtain sensit ...)
	- firefox <not-affected> (Only affects Windows)
	- firefox-esr <not-affected> (Only affects Windows)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1926979
CVE-2020-16047
	RESERVED
CVE-2020-16046 (Script injection in iOSWeb in Google Chrome on iOS prior to 84.0.4147. ...)
	- chromium <not-affected> (Only affects Chrome on iOS)
CVE-2020-16045 (Use after Free in Payments in Google Chrome on Android prior to 87.0.4 ...)
	- chromium <not-affected> (Only affects Chrome on Android)
CVE-2020-16044 (Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowe ...)
	{DSA-4846-1 DSA-4842-1 DSA-4827-1 DLA-2541-1 DLA-2521-1}
	- firefox 84.0.2-1
	- firefox-esr 78.6.1esr-1
	- thunderbird 1:78.6.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-01/#CVE-2020-16044
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-02/#CVE-2020-16044
CVE-2020-16043 (Insufficient data validation in networking in Google Chrome prior to 8 ...)
	{DSA-4832-1}
	- chromium 87.0.4280.141-0.1 (bug #979533)
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16042 (Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed ...)
	{DSA-4824-1 DSA-4815-1 DSA-4813-1 DLA-2497-1 DLA-2496-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
	- firefox 84.0-1
	- firefox-esr 78.6.0esr-1
	- thunderbird 1:78.6.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-16042
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-55/#CVE-2020-16042
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/#CVE-2020-16042
CVE-2020-16041 (Out of bounds read in networking in Google Chrome prior to 87.0.4280.8 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16040 (Insufficient data validation in V8 in Google Chrome prior to 87.0.4280 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16039 (Use after free in extensions in Google Chrome prior to 87.0.4280.88 al ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16038 (Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16037 (Use after free in clipboard in Google Chrome prior to 87.0.4280.88 all ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16036 (Inappropriate implementation in cookies in Google Chrome prior to 87.0 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16035 (Insufficient data validation in cros-disks in Google Chrome on ChromeO ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16034 (Inappropriate implementation in WebRTC in Google Chrome prior to 87.0. ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16033 (Inappropriate implementation in WebUSB in Google Chrome prior to 87.0. ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16032 (Insufficient data validation in sharing in Google Chrome prior to 87.0 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16031 (Insufficient data validation in UI in Google Chrome prior to 87.0.4280 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16030 (Insufficient data validation in Blink in Google Chrome prior to 87.0.4 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16029 (Inappropriate implementation in PDFium in Google Chrome prior to 87.0. ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16028 (Heap buffer overflow in WebRTC in Google Chrome prior to 87.0.4280.66  ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16027 (Insufficient policy enforcement in developer tools in Google Chrome pr ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16026 (Use after free in WebRTC in Google Chrome prior to 87.0.4280.66 allowe ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16025 (Heap buffer overflow in clipboard in Google Chrome prior to 87.0.4280. ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16024 (Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allo ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16023 (Use after free in WebCodecs in Google Chrome prior to 87.0.4280.66 all ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16022 (Insufficient policy enforcement in networking in Google Chrome prior t ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16021 (Race in image burner in Google Chrome on ChromeOS prior to 87.0.4280.6 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16020 (Inappropriate implementation in cryptohome in Google Chrome on ChromeO ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16019 (Inappropriate implementation in filesystem in Google Chrome on ChromeO ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16018 (Use after free in payments in Google Chrome prior to 87.0.4280.66 allo ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16017 (Use after free in site isolation in Google Chrome prior to 86.0.4240.1 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16016 (Inappropriate implementation in base in Google Chrome prior to 86.0.42 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16015 (Insufficient data validation in WASM in Google Chrome prior to 87.0.42 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16014 (Use after free in PPAPI in Google Chrome prior to 87.0.4280.66 allowed ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16013 (Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16012 (Side-channel information leakage in graphics in Google Chrome prior to ...)
	{DSA-4824-1 DSA-4796-1 DSA-4793-1 DLA-2464-1 DLA-2457-1}
	- firefox 83.0-1
	- firefox-esr 78.5.0esr-1
	- thunderbird 1:78.5.0-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-50/#CVE-2020-16012
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-51/#CVE-2020-16012
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-52/#CVE-2020-16012
CVE-2020-16011 (Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4 ...)
	{DSA-4824-1}
	- chromium <not-affected> (Windows-specific)
CVE-2020-16010 (Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4 ...)
	- chromium <not-affected> (Android-specific)
CVE-2020-16009 (Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16008 (Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.18 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16007 (Insufficient data validation in installer in Google Chrome prior to 86 ...)
	- chromium <not-affected> (debian package disables the installer)
CVE-2020-16006 (Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16005 (Insufficient policy enforcement in ANGLE in Google Chrome prior to 86. ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16004 (Use after free in user interface in Google Chrome prior to 86.0.4240.1 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16003 (Use after free in printing in Google Chrome prior to 86.0.4240.111 all ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16002 (Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allow ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16001 (Use after free in media in Google Chrome prior to 86.0.4240.111 allowe ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-16000 (Inappropriate implementation in Blink in Google Chrome prior to 86.0.4 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15999 (Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.1 ...)
	{DSA-4824-1 DSA-4777-1 DLA-2415-1}
	- freetype 2.10.2+dfsg-4 (bug #972586)
	NOTE: https://www.openwall.com/lists/oss-security/2020/10/20/7
	NOTE: https://savannah.nongnu.org/bugs/?59308
	NOTE: https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a3bab162b2ae616074c8877a04556932998aeacd
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=2103
CVE-2020-15998 (Use after free in USB in Google Chrome prior to 86.0.4240.99 allowed a ...)
	- chromium <not-affected> (Chrome on Android)
CVE-2020-15997 (Use after free in Mojo in Google Chrome prior to 86.0.4240.99 allowed  ...)
	- chromium <not-affected> (Chrome on Android)
CVE-2020-15996 (Use after free in passwords in Google Chrome prior to 86.0.4240.99 all ...)
	- chromium <not-affected> (Chrome on Android)
CVE-2020-15995 (Out of bounds write in V8 in Google Chrome prior to 86.0.4240.99 allow ...)
	{DSA-4832-1}
	- chromium 87.0.4280.141-0.1 (bug #979533)
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15994 (Use after free in V8 in Google Chrome prior to 86.0.4240.99 allowed a  ...)
	- chromium <not-affected> (Chrome on Android)
CVE-2020-15993 (Use after free in printing in Google Chrome prior to 86.0.4240.99 allo ...)
	- chromium <not-affected> (Chrome on Android)
CVE-2020-15992 (Insufficient policy enforcement in networking in Google Chrome prior t ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15991 (Use after free in password manager in Google Chrome prior to 86.0.4240 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15990 (Use after free in autofill in Google Chrome prior to 86.0.4240.75 allo ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15989 (Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 al ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15988 (Insufficient policy enforcement in downloads in Google Chrome on Windo ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15987 (Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowe ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15986 (Integer overflow in media in Google Chrome prior to 86.0.4240.75 allow ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15985 (Inappropriate implementation in Blink in Google Chrome prior to 86.0.4 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15984 (Insufficient policy enforcement in Omnibox in Google Chrome on iOS pri ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15983 (Insufficient data validation in webUI in Google Chrome on ChromeOS pri ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15982 (Inappropriate implementation in cache in Google Chrome prior to 86.0.4 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15981 (Out of bounds read in audio in Google Chrome prior to 86.0.4240.75 all ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15980 (Insufficient policy enforcement in Intents in Google Chrome on Android ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15979 (Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15978 (Insufficient data validation in navigation in Google Chrome on Android ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15977 (Insufficient data validation in dialogs in Google Chrome on OS X prior ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15976 (Use after free in WebXR in Google Chrome on Android prior to 86.0.4240 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15975 (Integer overflow in SwiftShader in Google Chrome prior to 86.0.4240.75 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15974 (Integer overflow in Blink in Google Chrome prior to 86.0.4240.75 allow ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15973 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15972 (Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15971 (Use after free in printing in Google Chrome prior to 86.0.4240.75 allo ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15970 (Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15969 (Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowe ...)
	{DSA-4824-1 DSA-4780-1 DSA-4778-1 DLA-2416-1 DLA-2411-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
	- firefox 82.0-1
	- firefox-esr 78.4.0esr-1
	- thunderbird 1:78.4.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-45/#CVE-2020-15969
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-46/#CVE-2020-15969
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-47/#CVE-2020-15969
CVE-2020-15968 (Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15967 (Use after free in payments in Google Chrome prior to 86.0.4240.75 allo ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15966 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15965 (Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15964 (Insufficient data validation in media in Google Chrome prior to 85.0.4 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15963 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15962 (Insufficient policy validation in serial in Google Chrome prior to 85. ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15961 (Insufficient policy validation in extensions in Google Chrome prior to ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15960 (Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.12 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15959 (Insufficient policy enforcement in networking in Google Chrome prior t ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-15958 (An issue was discovered in 1CRM System through 8.6.7. An insecure dire ...)
	NOT-FOR-US: 1CRM System
CVE-2020-15957 (An issue was discovered in DP3T-Backend-SDK before 1.1.1 for Decentral ...)
	NOT-FOR-US: DP3T-Backend-SDK for Decentralised Privacy-Preserving Proximity Tracing (DP3T)
CVE-2020-15956 (ActiveMediaServer.exe in ACTi NVR3 Standard Server 3.0.12.42 allows re ...)
	NOT-FOR-US: ACTi NVR3 Standard Server
CVE-2020-15955 (In s/qmail through 4.0.07, an active MitM can inject arbitrary plainte ...)
	NOT-FOR-US: s/qmail
CVE-2020-15954 (KDE KMail 19.12.3 (aka 5.13.3) engages in unencrypted POP3 communicati ...)
	{DLA-2300-1}
	- kdepim-runtime 4:20.04.1-2 (bug #966666)
	[buster] - kdepim-runtime <no-dsa> (Minor issue)
	- kmail-account-wizard 4:20.04.1-2 (bug #966667)
	[buster] - kmail-account-wizard <no-dsa> (Minor issue)
	- ksmtp <unfixed>
	[bullseye] - ksmtp <no-dsa> (Minor issue; Upstream changes change API)
	[buster] - ksmtp <no-dsa> (Minor issue; Upstream changes change API)
	NOTE: https://bugs.kde.org/show_bug.cgi?id=423426
	NOTE: kdepim-runtime: https://invent.kde.org/pim/kdepim-runtime/commit/bd64ab29116aa7318fdee7f95878ff97580162f2
	NOTE: kmail-account-wizard: https://invent.kde.org/pim/kmail-account-wizard/commit/a64d80e523edce7d3d59c26834973418fae042f6
	NOTE: https://kde.org/info/security/advisory-20211118-1.txt
	NOTE: https://bugs.kde.org/show_bug.cgi?id=423423
CVE-2020-15953 (LibEtPan through 1.9.4, as used in MailCore 2 through 0.6.3 and other  ...)
	{DLA-2329-1}
	- libetpan 1.9.4-3 (bug #966647)
	[buster] - libetpan <no-dsa> (Minor issue)
	NOTE: https://github.com/dinhvh/libetpan/issues/386
	NOTE: https://github.com/dinhvh/libetpan/pull/387
	NOTE: https://github.com/dinhvh/libetpan/pull/388
CVE-2020-15952 (Immuta v2.8.2 is affected by stored XSS that allows a low-privileged u ...)
	NOT-FOR-US: Immuta
CVE-2020-15951 (Immuta v2.8.2 accepts user-supplied project names without properly san ...)
	NOT-FOR-US: Immuta
CVE-2020-15950 (Immuta v2.8.2 is affected by improper session management: user session ...)
	NOT-FOR-US: Immuta
CVE-2020-15949 (Immuta v2.8.2 is affected by one instance of insecure permissions that ...)
	NOT-FOR-US: Immuta
CVE-2020-15948 (eGain Chat 15.5.5 allows XSS via the Name (aka full_name) field. ...)
	NOT-FOR-US: eGain Chat
CVE-2020-25573 (An issue was discovered in the linked-hash-map crate before 0.5.3 for  ...)
	- rust-linked-hash-map 0.5.4-1 (bug #966246)
	[buster] - rust-linked-hash-map <no-dsa> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0026.html
CVE-2020-15947 (A SQL injection vulnerability in the qm_adm/qm_export_stats_run.do end ...)
	NOT-FOR-US: Loway QueueMetrics
CVE-2020-15946
	RESERVED
CVE-2020-15945 (Lua through 5.4.0 has a segmentation fault in changedline in ldebug.c  ...)
	- lua5.4 5.4.1-1
	- lua5.3 <not-affected> (Specific to 5.4)
	- lua5.2 <not-affected> (Specific to 5.4)
	- lua5.1 <not-affected> (Specific to 5.4)
	- lua50 <not-affected> (Specific to 5.4)
	NOTE: https://github.com/lua/lua/commit/a2195644d89812e5b157ce7bac35543e06db05e3 (v5.4.1)
	NOTE: http://lua-users.org/lists/lua-l/2020-07/msg00123.html
CVE-2020-15944 (An issue was discovered in the Gantt-Chart module before 5.5.5 for Jir ...)
	NOT-FOR-US: Gantt-Chart module for Jira
CVE-2020-15943 (An issue was discovered in the Gantt-Chart module before 5.5.4 for Jir ...)
	NOT-FOR-US: Gantt-Chart module for Jira
CVE-2020-15942 (An information disclosure vulnerability in Web Vulnerability Scan prof ...)
	NOT-FOR-US: Fortinet
CVE-2020-15941 (A path traversal vulnerability [CWE-22] in FortiClientEMS versions 6.4 ...)
	NOT-FOR-US: Fortiguard
CVE-2020-15940 (An improper neutralization of input vulnerability [CWE-79] in FortiCli ...)
	NOT-FOR-US: Fortiguard
CVE-2020-15939 (An improper access control vulnerability (CWE-284) in FortiSandbox ver ...)
	NOT-FOR-US: FortiGuard
CVE-2020-15938 (When traffic other than HTTP/S (eg: SSH traffic, etc...) traverses the ...)
	NOT-FOR-US: FortiGate FortiGuard
CVE-2020-15937 (An improper neutralization of input vulnerability in FortiGate version ...)
	NOT-FOR-US: FortiGate FortiGuard
CVE-2020-15936
	RESERVED
CVE-2020-15935 (A cleartext storage of sensitive information in GUI in FortiADC versio ...)
	NOT-FOR-US: Fortiguard
CVE-2020-15934
	RESERVED
CVE-2020-15933 (A exposure of sensitive information to an unauthorized actor in Fortin ...)
	NOT-FOR-US: FortiGuard
CVE-2020-15932 (Overwolf before 0.149.2.30 mishandles Symbolic Links during updates, c ...)
	NOT-FOR-US: Overwolf
CVE-2020-15931 (Netwrix Account Lockout Examiner before 5.1 allows remote attackers to ...)
	NOT-FOR-US: Netwrix Account Lockout Examiner
CVE-2020-15930 (An XSS issue in Joplin desktop 1.0.190 to 1.0.245 allows arbitrary cod ...)
	NOT-FOR-US: Joplin desktop
CVE-2020-15929 (In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string paramet ...)
	NOT-FOR-US: Ortus TestBox
CVE-2020-15928 (In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string paramet ...)
	NOT-FOR-US: Ortus TestBox
CVE-2020-15927 (Zoho ManageEngine Applications Manager version 14740 and prior allows  ...)
	NOT-FOR-US: Zoho ManageEngine Applications Manager
CVE-2020-15926 (Rocket.Chat through 3.4.2 allows XSS where an attacker can send a spec ...)
	NOT-FOR-US: Rocket.Chat
CVE-2020-15925 (A SQL injection vulnerability at a tpf URI in Loway QueueMetrics befor ...)
	NOT-FOR-US: Loway QueueMetrics
CVE-2020-15924 (There is a SQL Injection in Mida eFramework through 2.9.0 that leads t ...)
	NOT-FOR-US: Mida eFramework
CVE-2020-15923 (Mida eFramework through 2.9.0 allows unauthenticated ../ directory tra ...)
	NOT-FOR-US: Mida eFramework
CVE-2020-15922 (There is an OS Command Injection in Mida eFramework 2.9.0 that allows  ...)
	NOT-FOR-US: Mida eFramework
CVE-2020-15921 (Mida eFramework through 2.9.0 has a back door that permits a change of ...)
	NOT-FOR-US: Mida eFramework
CVE-2020-15920 (There is an OS Command Injection in Mida eFramework through 2.9.0 that ...)
	NOT-FOR-US: Mida eFramework
CVE-2020-15919 (A Reflected Cross Site Scripting (XSS) vulnerability was discovered in ...)
	NOT-FOR-US: Mida eFramework
CVE-2020-15918 (Multiple Stored Cross Site Scripting (XSS) vulnerabilities were discov ...)
	NOT-FOR-US: Mida eFramework
CVE-2020-15917 (common/session.c in Claws Mail before 3.17.6 has a protocol violation  ...)
	- claws-mail 3.17.6-1
	[buster] - claws-mail <no-dsa> (Minor issue)
	[stretch] - claws-mail <no-dsa> (low priority issue)
	NOTE: https://git.claws-mail.org/?p=claws.git;a=commit;h=fcc25329049b6f9bd8d890f1197ed61eb12e14d5
CVE-2020-15916 (goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices a ...)
	NOT-FOR-US: Tenda devices
CVE-2020-15915
	RESERVED
CVE-2020-15914 (A cross-site scripting (XSS) vulnerability exists in the Origin Client ...)
	NOT-FOR-US: EA Origin Client
CVE-2020-15913
	RESERVED
CVE-2020-15912 (** DISPUTED ** Tesla Model 3 vehicles allow attackers to open a door b ...)
	NOT-FOR-US: Tesla
CVE-2020-15911
	RESERVED
CVE-2020-15910 (SolarWinds N-Central version 12.3 GA and lower does not set the JSESSI ...)
	NOT-FOR-US: SolarWinds
CVE-2020-15909 (SolarWinds N-central through 2020.1 allows session hijacking and requi ...)
	NOT-FOR-US: SolarWinds
CVE-2020-15908 (tar/TarFileReader.cpp in Cauldron cbang (aka C-Bang or C!) before 1.6. ...)
	NOT-FOR-US: Cauldron cbang
CVE-2020-15907 (In Mahara 19.04 before 19.04.6, 19.10 before 19.10.4, and 20.04 before ...)
	- mahara <removed>
CVE-2020-15906 (tiki-login.php in Tiki before 21.2 sets the admin password to a blank  ...)
	- tikiwiki <removed>
CVE-2020-15905
	RESERVED
CVE-2020-15904 (A buffer overflow in the patching routine of bsdiff4 before 1.2.0 allo ...)
	NOT-FOR-US: bsdiff4 (different from src:bsdiff)
CVE-2020-15903 (An issue was found in Nagios XI before 5.7.3. There is a privilege esc ...)
	NOT-FOR-US: Nagios XI
CVE-2020-15902 (Graph Explorer in Nagios XI before 5.7.2 allows XSS via the link url o ...)
	NOT-FOR-US: Nagios XI
CVE-2020-15901 (In Nagios XI before 5.7.3, ajaxhelper.php allows remote authenticated  ...)
	NOT-FOR-US: Nagios XI
CVE-2020-15900 (A memory corruption issue was found in Artifex Ghostscript 9.50 and 9. ...)
	- ghostscript 9.52.1~dfsg-1
	[buster] - ghostscript <not-affected> (Vulnerable code introduced later)
	[stretch] - ghostscript <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=702582
	NOTE: Introduced by: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=7ecbfda92b4c8dbf6f6c2bf8fc82020a29219eff (9.28rc1)
	NOTE: Fixed by: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5d499272b95a6b890a1397e11d20937de000d31b (9.53.0rc1)
CVE-2020-15899 (Grin 3.0.0 before 4.0.0 has insufficient validation of data related to ...)
	NOT-FOR-US: Grin
CVE-2020-15898 (In Arista EOS malformed packets can be incorrectly forwarded across VL ...)
	NOT-FOR-US: Arista
CVE-2020-15897 (Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23. ...)
	NOT-FOR-US: Arista EOS
CVE-2020-15896 (An authentication-bypass issue was discovered on D-Link DAP-1522 devic ...)
	NOT-FOR-US: D-Link
CVE-2020-15895 (An XSS issue was discovered on D-Link DIR-816L devices 2.x before 1.10 ...)
	NOT-FOR-US: D-Link
CVE-2020-15894 (An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04B ...)
	NOT-FOR-US: D-Link
CVE-2020-15893 (An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04B ...)
	NOT-FOR-US: D-Link
CVE-2020-15892 (An issue was discovered in apply.cgi on D-Link DAP-1520 devices before ...)
	NOT-FOR-US: D-Link
CVE-2020-15891
	RESERVED
CVE-2020-15890 (LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc hand ...)
	{DLA-2296-1}
	- luajit 2.1.0~beta3+git20210112+dfsg-2 (unimportant; bug #966148)
	NOTE: https://github.com/LuaJIT/LuaJIT/issues/601
	NOTE: https://github.com/LuaJIT/LuaJIT/commit/53f82e6e2e858a0a62fd1a2ff47e9866693382e6
	NOTE: No security impact, only "exploitable" with untrusted Lua code
CVE-2020-15889 (Lua 5.4.0 has a getobjname heap-based buffer over-read because youngco ...)
	- lua5.4 5.4.0-2
	NOTE: http://lua-users.org/lists/lua-l/2020-07/msg00078.html
	NOTE: https://github.com/lua/lua/commit/127e7a6c8942b362aa3c6627f44d660a4fb75312
	NOTE: Introduced in 5.4
CVE-2020-15888 (Lua through 5.4.0 mishandles the interaction between stack resizes and ...)
	- lua5.4 5.4.1-1 (bug #972101)
	NOTE: http://lua-users.org/lists/lua-l/2020-07/msg00053.html
	NOTE: http://lua-users.org/lists/lua-l/2020-07/msg00054.html
	NOTE: http://lua-users.org/lists/lua-l/2020-07/msg00071.html
	NOTE: http://lua-users.org/lists/lua-l/2020-07/msg00079.html
	NOTE: https://github.com/lua/lua/commit/6298903e35217ab69c279056f925fb72900ce0b7
	NOTE: https://github.com/lua/lua/commit/eb41999461b6f428186c55abd95f4ce1a76217d5
CVE-2020-15887 (A SQL injection vulnerability in softwareupdate_controller.php in the  ...)
	NOT-FOR-US: MunkiReport
CVE-2020-15886 (A SQL injection vulnerability in reportdata_controller.php in the repo ...)
	NOT-FOR-US: MunkiReport
CVE-2020-15885 (A Cross-Site Scripting (XSS) vulnerability in the comment module befor ...)
	NOT-FOR-US: MunkiReport
CVE-2020-15884 (A SQL injection vulnerability in TableQuery.php in MunkiReport before  ...)
	NOT-FOR-US: MunkiReport
CVE-2020-15883 (A Cross-Site Scripting (XSS) vulnerability in the managedinstalls modu ...)
	NOT-FOR-US: MunkiReport
CVE-2020-15882 (A CSRF issue in manager/delete_machine/{id} in MunkiReport before 5.6. ...)
	NOT-FOR-US: MunkiReport
CVE-2020-15881 (A Cross-Site Scripting (XSS) vulnerability in the munki_facts (aka Mun ...)
	NOT-FOR-US: MunkiReport
CVE-2020-15880
	RESERVED
CVE-2020-15879 (Bitwarden Server 1.35.1 allows SSRF because it does not consider certa ...)
	NOT-FOR-US: Bitwarden Server
	NOTE: bitwarden client is ITP'ed as #956836
CVE-2020-15878
	RESERVED
CVE-2020-15877 (An issue was discovered in LibreNMS before 1.65.1. It has insufficient ...)
	NOT-FOR-US: LibreNMS
CVE-2020-15876
	RESERVED
CVE-2020-15875
	RESERVED
CVE-2020-15874
	RESERVED
CVE-2020-15873 (In LibreNMS before 1.65.1, an authenticated attacker can achieve SQL I ...)
	NOT-FOR-US: LibreNMS
CVE-2020-15872
	RESERVED
CVE-2020-15871 (Sonatype Nexus Repository Manager OSS/Pro version before 3.25.1 allows ...)
	NOT-FOR-US: Sonatype Nexus Repository Manager OSS/Pro
CVE-2020-15870 (Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow ...)
	NOT-FOR-US: Sonatype Nexus Repository Manager OSS/Pro
CVE-2020-15869 (Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow ...)
	NOT-FOR-US: Sonatype Nexus Repository Manager OSS/Pro
CVE-2020-15868 (Sonatype Nexus Repository Manager OSS/Pro before 3.26.0 has Incorrect  ...)
	NOT-FOR-US: Sonatype Nexus Repository Manager OSS/Pro
CVE-2020-15867 (The git hook feature in Gogs 0.5.5 through 0.12.2 allows for authentic ...)
	NOT-FOR-US: Go Git Service
CVE-2020-15866 (mruby through 2.1.2-rc has a heap-based buffer overflow in the mrb_yie ...)
	- mruby 2.1.2-1 (bug #972051)
	[buster] - mruby <no-dsa> (Minor issue)
	[stretch] - mruby <no-dsa> (Minor issue)
	NOTE: https://github.com/mruby/mruby/issues/5042
	NOTE: https://github.com/mruby/mruby/commit/6334949ba69363cb909a57d6871895bd6d98bb6b (3.0.0-preview)
	NOTE: https://github.com/mruby/mruby/commit/63956036e116ef6a33a91e16348c4d1a09f6f72c (2.1.2-rc2)
CVE-2020-15865 (A Remote Code Execution vulnerability in Stimulsoft (aka Stimulsoft Re ...)
	NOT-FOR-US: Stimulsoft
CVE-2020-15864 (An issue was discovered in Quali CloudShell 9.3. An XSS vulnerability  ...)
	NOT-FOR-US: Quali CloudShell
CVE-2020-15863 (hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2 ...)
	{DSA-4760-1 DLA-2288-1}
	- qemu 1:5.0-12
	NOTE: https://www.openwall.com/lists/oss-security/2020/07/22/1
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=5519724a13664b43e225ca05351c60b4468e4555
CVE-2020-15861 (Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX ...)
	{DSA-4746-1 DLA-2313-1}
	- net-snmp 5.8+dfsg-5 (bug #966599)
	NOTE: https://github.com/net-snmp/net-snmp/issues/145
	NOTE: https://github.com/net-snmp/net-snmp/commit/4fd9a450444a434a993bc72f7c3486ccce41f602
CVE-2020-15860 (Parallels Remote Application Server (RAS) 17.1.1 has a Business Logic  ...)
	NOT-FOR-US: Parallels
CVE-2020-15859 (QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a gues ...)
	{DLA-2560-1}
	- qemu 1:5.2+dfsg-1 (bug #965978)
	[buster] - qemu <postponed> (Minor issue, can be fixed along in next DSA)
	NOTE: Proposed patch: https://lists.gnu.org/archive/html/qemu-devel/2020-07/msg05895.html
	NOTE: https://bugs.launchpad.net/qemu/+bug/1886362
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=22dc8663d9fc7baa22100544c600b6285a63c7a3
CVE-2020-15858 (Some devices of Thales DIS (formerly Gemalto, formerly Cinterion) allo ...)
	NOT-FOR-US: Thales DIS
CVE-2020-15857
	RESERVED
CVE-2020-15856
	RESERVED
CVE-2020-15855
	RESERVED
CVE-2020-15854
	RESERVED
CVE-2020-15853
	RESERVED
CVE-2020-XXXX [mpv insecure lua loadpath]
	- mpv 0.32.0-2 (bug #950816)
	[buster] - mpv <no-dsa> (Minor issue)
	[stretch] - mpv <no-dsa> (Minor issue)
	NOTE: https://github.com/mpv-player/mpv/commit/cce7062a8a6b6a3b3666aea3ff86db879cba67b6
CVE-2020-15851 (Lack of access control in Nakivo Backup &amp; Replication Transporter  ...)
	NOT-FOR-US: Nakivo Backup
CVE-2020-15850 (Insecure permissions in Nakivo Backup &amp; Replication Director versi ...)
	NOT-FOR-US: Nakivo Backup
CVE-2020-15849 (Re:Desk 2.3 has a blind authenticated SQL injection vulnerability in t ...)
	NOT-FOR-US: Re:Desk
CVE-2020-15848
	RESERVED
CVE-2020-15847
	RESERVED
CVE-2020-15846
	RESERVED
CVE-2020-15845
	RESERVED
CVE-2020-15844
	RESERVED
CVE-2020-15843 (ActFax Version 7.10 Build 0335 (2020-05-25) is susceptible to a privil ...)
	NOT-FOR-US: ActFax
CVE-2020-15842 (Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix pack 90, 7 ...)
	NOT-FOR-US: Liferay
CVE-2020-15841 (Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix pack 89, 7 ...)
	NOT-FOR-US: Liferay
CVE-2020-15840 (In Liferay Portal before 7.3.1, Liferay Portal 6.2 EE, and Liferay DXP ...)
	NOT-FOR-US: Liferay
CVE-2020-15839 (Liferay Portal before 7.3.3, and Liferay DXP 7.1 before fix pack 18 an ...)
	NOT-FOR-US: Liferay
CVE-2020-15838 (The Agent Update System in ConnectWise Automate before 2020.8 allows P ...)
	NOT-FOR-US: ConnectWise Automate
CVE-2020-15837
	RESERVED
CVE-2020-15836 (An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std dev ...)
	NOT-FOR-US: Mofi Network devices
CVE-2020-15835 (An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std dev ...)
	NOT-FOR-US: Mofi Network devices
CVE-2020-15834 (An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std dev ...)
	NOT-FOR-US: Mofi Network devices
CVE-2020-15833 (An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std dev ...)
	NOT-FOR-US: Mofi Network devices
CVE-2020-15832 (An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.1.5-std dev ...)
	NOT-FOR-US: Mofi Network devices
CVE-2020-15831 (JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in t ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2020-15830 (JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS in the  ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2020-15829 (In JetBrains TeamCity before 2019.2.3, password parameters could be di ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2020-15828 (In JetBrains TeamCity before 2020.1.1, project parameter values can be ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2020-15827 (In JetBrains ToolBox version 1.17 before 1.17.6856, the set of signatu ...)
	NOT-FOR-US: JetBrains ToolBox
CVE-2020-15826 (In JetBrains TeamCity before 2020.1, users are able to assign more per ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2020-15825 (In JetBrains TeamCity before 2020.1, users with the Modify Group permi ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2020-15824 (In JetBrains Kotlin from 1.4-M1 to 1.4-RC (as Kotlin 1.3.7x is not aff ...)
	- kotlin <unfixed>
CVE-2020-15823 (JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Wor ...)
	NOT-FOR-US: JetBrains YouTrack
CVE-2020-15822 (In JetBrains YouTrack before 2020.2.10514, SSRF is possible because UR ...)
	NOT-FOR-US: JetBrains YouTrack
CVE-2020-15821 (In JetBrains YouTrack before 2020.2.6881, a user without permission is ...)
	NOT-FOR-US: JetBrains YouTrack
CVE-2020-15820 (In JetBrains YouTrack before 2020.2.6881, the markdown parser could di ...)
	NOT-FOR-US: JetBrains YouTrack
CVE-2020-15819 (JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that all ...)
	NOT-FOR-US: JetBrains YouTrack
CVE-2020-15818 (In JetBrains YouTrack before 2020.2.8527, the subtasks workflow could  ...)
	NOT-FOR-US: JetBrains YouTrack
CVE-2020-15817 (In JetBrains YouTrack before 2020.1.1331, an external user could execu ...)
	NOT-FOR-US: JetBrains YouTrack
CVE-2020-15862 (Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP  ...)
	{DSA-4746-1 DLA-2299-1}
	- net-snmp 5.8+dfsg-4 (bug #965166)
	NOTE: The commit https://github.com/net-snmp/net-snmp/commit/c2b96ee744392243782094432f657ded4e985a07
	NOTE: disables NET-SNMP-EXTEND-MIB support by default. But it is still
	NOTE: possible to enable the MIB via --with-mib-modules configure option.
	NOTE: Upstream reverted the change and the solution is to make NET-SNMP-EXTEND-MIB
	NOTE: read-only, cf. https://bugs.debian.org/966544
	NOTE: Disabling was reverted with: https://github.com/net-snmp/net-snmp/commit/4097a311e952d3b5c12610102bb4cc2fe72b56e5
	NOTE: Makes extended mib read-only:
	NOTE: https://github.com/net-snmp/net-snmp/commit/77f6c60f57dba0aaea5d8ef1dd94bcd0c8e6d205
CVE-2020-15816 (In Western Digital WD Discovery before 4.0.251.0, a malicious applicat ...)
	NOT-FOR-US: Western Digital WD Discovery
CVE-2020-15815
	RESERVED
CVE-2020-15814
	RESERVED
CVE-2020-15813 (Graylog before 3.3.3 lacks SSL Certificate Validation for LDAP servers ...)
	- graylog2 <itp> (bug #652273)
CVE-2020-15812
	RESERVED
CVE-2020-15811 (An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due ...)
	{DSA-4751-1 DLA-2394-1}
	- squid 4.13-1 (bug #968932)
	- squid3 <removed>
	NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-c7p8-xqhm-49wv
	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_8.patch
CVE-2020-24606 (Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perfor ...)
	{DSA-4751-1 DLA-2394-1}
	- squid 4.13-1 (bug #968933)
	- squid3 <removed>
	NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-vvj7-xjgq-g2jg
	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_9.patch
CVE-2020-15810 (An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due ...)
	{DSA-4751-1 DLA-2394-1}
	- squid 4.13-1 (bug #968934)
	- squid3 <removed>
	NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-3365-q9qx-f98m
	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_10.patch
CVE-2020-15809 (spxmanage on certain SpinetiX devices allows requests that access unin ...)
	NOT-FOR-US: SpinetiX devices
CVE-2020-15808
	RESERVED
CVE-2020-15807 (GNU LibreDWG before 0.11 allows NULL pointer dereferences via crafted  ...)
	- libredwg <itp> (bug #595191)
CVE-2020-15806 (CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Me ...)
	NOT-FOR-US: CODESYS
CVE-2020-15805
	RESERVED
CVE-2020-15804
	RESERVED
CVE-2020-15803 (Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x bef ...)
	{DLA-2631-1 DLA-2311-1}
	- zabbix 1:5.0.2+dfsg-1 (bug #966146)
	[buster] - zabbix <no-dsa> (Minor issue)
	NOTE: https://support.zabbix.com/browse/ZBX-18057
CVE-2020-15802 (Devices supporting Bluetooth before 5.1 may allow man-in-the-middle at ...)
	- linux <unfixed>
	[bullseye] - linux <postponed> (Minor issue, revisit when/if fixed upstream)
	[buster] - linux <postponed> (Minor issue, revisit when/if fixed upstream)
	NOTE: https://www.kb.cert.org/vuls/id/589825/
CVE-2020-15801 (In Python 3.8.4, sys.path restrictions specified in a python38._pth fi ...)
	- python3.9 <not-affected> (Windows-specific)
	- python3.8 <not-affected> (Windows-specific)
	- python3.7 <not-affected> (Windows-specific)
	- python3.5 <not-affected> (Windows-specific)
	- python2.7 <not-affected> (Windows-specific)
CVE-2020-15852 (An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used ...)
	- linux 5.7.10-1
	[buster] - linux <not-affected> (Only affects 5.5 and later)
	[stretch] - linux <not-affected> (Only affects 5.5 and later)
	NOTE: https://www.openwall.com/lists/oss-security/2020/07/16/1
CVE-2020-15800 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...)
	NOT-FOR-US: Siemens
CVE-2020-15799 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...)
	NOT-FOR-US: Siemens
CVE-2020-15798 (A vulnerability has been identified in SIMATIC HMI Comfort Panels (inc ...)
	NOT-FOR-US: Siemens
CVE-2020-15797 (A vulnerability has been identified in DCA Vantage Analyzer (All versi ...)
	NOT-FOR-US: DCA Vantage Analyzer
CVE-2020-15796 (A vulnerability has been identified in SIMATIC ET 200SP Open Controlle ...)
	NOT-FOR-US: Siemens
CVE-2020-15795 (A vulnerability has been identified in Nucleus NET (All versions &lt;  ...)
	NOT-FOR-US: Nucleus (Siemens)
CVE-2020-15794 (A vulnerability has been identified in Desigo Insight (All versions).  ...)
	NOT-FOR-US: Desigo Insight
CVE-2020-15793 (A vulnerability has been identified in Desigo Insight (All versions).  ...)
	NOT-FOR-US: Desigo Insight
CVE-2020-15792 (A vulnerability has been identified in Desigo Insight (All versions).  ...)
	NOT-FOR-US: Desigo Insight
CVE-2020-15791 (A vulnerability has been identified in SIMATIC S7-300 CPU family (incl ...)
	NOT-FOR-US: Siemens
CVE-2020-15790 (A vulnerability has been identified in Spectrum Power 4 (All versions  ...)
	NOT-FOR-US: Siemens
CVE-2020-15789 (A vulnerability has been identified in Polarion Subversion Webclient ( ...)
	NOT-FOR-US: Siemens
CVE-2020-15788 (A vulnerability has been identified in Polarion Subversion Webclient ( ...)
	NOT-FOR-US: Siemens
CVE-2020-15787 (A vulnerability has been identified in SIMATIC HMI Unified Comfort Pan ...)
	NOT-FOR-US: Siemens
CVE-2020-15786 (A vulnerability has been identified in SIMATIC HMI Basic Panels 2nd Ge ...)
	NOT-FOR-US: Siemens
CVE-2020-15785 (A vulnerability has been identified in Siveillance Video Client (All v ...)
	NOT-FOR-US: Siveillance Video Client
CVE-2020-15784 (A vulnerability has been identified in Spectrum Power 4 (All versions  ...)
	NOT-FOR-US: Spectrum Power 4
CVE-2020-15783 (A vulnerability has been identified in SIMATIC S7-300 CPU family (incl ...)
	NOT-FOR-US: Siemens
CVE-2020-15782 (A vulnerability has been identified in SIMATIC Drive Controller family ...)
	NOT-FOR-US: Siemens
CVE-2020-15781 (A vulnerability has been identified in SICAM WEB firmware for SICAM A8 ...)
	NOT-FOR-US: SICAM
CVE-2020-15779 (A Path Traversal issue was discovered in the socket.io-file package th ...)
	NOT-FOR-US: Node socket.io-file
CVE-2020-15780 (An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux k ...)
	- linux 5.7.10-1
	[buster] - linux 4.19.146-1
	[stretch] - linux <ignored> (securelevel included but not supported)
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/15/3
	NOTE: Fixed by: https://git.kernel.org/linus/75b0cea7bf307f362057cc778efe89af4c615354
CVE-2020-15778 (** DISPUTED ** scp in OpenSSH through 8.3p1 allows command injection i ...)
	- openssh <unfixed> (unimportant)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1860487
	NOTE: https://github.com/cpandya2909/CVE-2020-15778
	NOTE: Negligible security impact, changing the scp protocol can have a good chance
	NOTE: of breaking existing workflows.
CVE-2020-15777 (An issue was discovered in the Maven Extension plugin before 1.6 for G ...)
	NOT-FOR-US: Maven Extension plugin for Gradle Enterprise
CVE-2020-15776 (An issue was discovered in Gradle Enterprise 2018.2 - 2020.2.4. The CS ...)
	NOT-FOR-US: Gradle Enterprise
CVE-2020-15775 (An issue was discovered in Gradle Enterprise 2017.1 - 2020.2.4. The /u ...)
	NOT-FOR-US: Gradle Enterprise
CVE-2020-15774 (An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. An att ...)
	NOT-FOR-US: Gradle Enterprise
CVE-2020-15773 (An issue was discovered in Gradle Enterprise before 2020.2.4. Because  ...)
	NOT-FOR-US: Gradle Enterprise
CVE-2020-15772 (An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. When c ...)
	NOT-FOR-US: Gradle Enterprise
CVE-2020-15771 (An issue was discovered in Gradle Enterprise 2018.2 and Gradle Enterpr ...)
	NOT-FOR-US: Gradle Enterprise
CVE-2020-15770 (An issue was discovered in Gradle Enterprise 2018.5. An attacker can p ...)
	NOT-FOR-US: Gradle Enterprise
CVE-2020-15769 (An issue was discovered in Gradle Enterprise 2020.2 - 2020.2.4. An XSS ...)
	NOT-FOR-US: Gradle Enterprise
CVE-2020-15768 (An issue was discovered in Gradle Enterprise 2017.3 - 2020.2.4 and Gra ...)
	NOT-FOR-US: Gradle Enterprise
CVE-2020-15767 (An issue was discovered in Gradle Enterprise before 2020.2.5. The cook ...)
	NOT-FOR-US: Gradle Enterprise
CVE-2020-15766
	REJECTED
CVE-2020-15765
	REJECTED
CVE-2020-15764
	REJECTED
CVE-2020-15763
	REJECTED
CVE-2020-15762
	REJECTED
CVE-2020-15761
	REJECTED
CVE-2020-15760
	REJECTED
CVE-2020-15759
	REJECTED
CVE-2020-15758
	REJECTED
CVE-2020-15757
	REJECTED
CVE-2020-15756
	REJECTED
CVE-2020-15755
	REJECTED
CVE-2020-15754
	REJECTED
CVE-2020-15753
	REJECTED
CVE-2020-15752
	REJECTED
CVE-2020-15751
	REJECTED
CVE-2020-15750
	REJECTED
CVE-2020-15749
	REJECTED
CVE-2020-15748
	REJECTED
CVE-2020-15747
	REJECTED
CVE-2020-15746
	REJECTED
CVE-2020-15745
	REJECTED
CVE-2020-15744 (Stack-based Buffer Overflow vulnerability in the ONVIF server componen ...)
	NOT-FOR-US: Victure PC420 devices
CVE-2020-15743
	REJECTED
CVE-2020-15742
	RESERVED
CVE-2020-15741
	REJECTED
CVE-2020-15740
	REJECTED
CVE-2020-15739
	RESERVED
CVE-2020-15738
	REJECTED
CVE-2020-15737
	REJECTED
CVE-2020-15736
	REJECTED
CVE-2020-15735
	RESERVED
CVE-2020-15734 (An Origin Validation Error vulnerability in Bitdefender Safepay allows ...)
	NOT-FOR-US: Bitdefender
CVE-2020-15733 (An Origin Validation Error vulnerability in the SafePay component of B ...)
	NOT-FOR-US: Bitdefender Antivirus Plus
CVE-2020-15732 (Improper Certificate Validation vulnerability in the Online Threat Pre ...)
	NOT-FOR-US: Bitdefender
CVE-2020-15731 (An improper Input Validation vulnerability in the code handling file r ...)
	NOT-FOR-US: Bitdefender
CVE-2020-15730
	RESERVED
CVE-2020-15729
	RESERVED
CVE-2020-15728
	REJECTED
CVE-2020-15727
	RESERVED
CVE-2020-15726
	RESERVED
CVE-2020-15725
	RESERVED
CVE-2020-15724 (In the version 12.1.0.1005 and below of 360 Total Security, when the G ...)
	NOT-FOR-US: 360 Total Security
CVE-2020-15723 (In the version 12.1.0.1004 and below of 360 Total Security, when the m ...)
	NOT-FOR-US: 360 Total Security
CVE-2020-15722 (In version 12.1.0.1004 and below of 360 Total Security,when TPI calls  ...)
	NOT-FOR-US: 360 Total Security
CVE-2020-15721 (RosarioSIS through 6.8-beta allows modules/Custom/NotifyParents.php XS ...)
	NOT-FOR-US: RosarioSIS
CVE-2020-15720 (In Dogtag PKI through 10.8.3, the pki.client.PKIConnection class did n ...)
	- dogtag-pki 10.9.1-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1855273
	NOTE: https://github.com/dogtagpki/pki/commit/50c23ec146ee9abf28c9de87a5f7787d495f0b72
CVE-2020-15719 (libldap in certain third-party OpenLDAP packages has a certificate-val ...)
	- openldap <unfixed> (unimportant; bug #965184)
	NOTE: https://bugs.openldap.org/show_bug.cgi?id=9266
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1740070
	NOTE: RedHat/CentOS applied patch: https://git.centos.org/rpms/openldap/raw/67459960064be9d226d57c5f82aaba0929876813/f/SOURCES/openldap-tlso-dont-check-cn-when-bad-san.patch
	NOTE: OpenLDAP upstream did dispute the issue as beeing valid, as the current libldap
	NOTE: behaviour does conform with RFC4513. RFC6125 does not superseed the rules for
	NOTE: verifying service identity provided in specifications for existing application
	NOTE: protocols published prior to RFC6125, like RFC4513 for LDAP.
CVE-2020-15718 (RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation o ...)
	NOT-FOR-US: RosarioSIS
CVE-2020-15717 (RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation o ...)
	NOT-FOR-US: RosarioSIS
CVE-2020-15716 (RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation o ...)
	NOT-FOR-US: RosarioSIS
CVE-2020-15715 (rConfig 3.9.5 could allow a remote authenticated attacker to execute a ...)
	NOT-FOR-US: rConfig
CVE-2020-15714 (rConfig 3.9.5 is vulnerable to SQL injection. A remote authenticated a ...)
	NOT-FOR-US: rConfig
CVE-2020-15713 (rConfig 3.9.5 is vulnerable to SQL injection. A remote authenticated a ...)
	NOT-FOR-US: rConfig
CVE-2020-15712 (rConfig 3.9.5 could allow a remote authenticated attacker to traverse  ...)
	NOT-FOR-US: rConfig
CVE-2020-15711 (In MISP before 2.4.129, setting a favourite homepage was not CSRF prot ...)
	NOT-FOR-US: MISP
CVE-2020-15710 (Potential double free in Bluez 5 module of PulseAudio could allow a lo ...)
	- pulseaudio <not-affected> (Issue in Ubuntu-specific patch)
	NOTE: https://bugs.launchpad.net/ubuntu/%2Bsource/pulseaudio/%2Bbug/1884738
CVE-2020-15709 (Versions of add-apt-repository before 0.98.9.2, 0.96.24.32.14, 0.96.20 ...)
	{DLA-2339-1}
	- software-properties <unfixed> (bug #968850)
	[bullseye] - software-properties <no-dsa> (Minor issue)
	[buster] - software-properties <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2020/08/03/1
	NOTE: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1890286
CVE-2020-15708 (Ubuntu's packaging of libvirt in 20.04 LTS created a control socket wi ...)
	- libvirt <not-affected> (Ubuntu specific issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1866270#c2
	NOTE: Debian used to use polkit in 1.2.9-rc1-1 and only later on
	NOTE: enabled as well libvirtd socket activation. Ubuntu OTOH continued
	NOTE: to ship the Allow-libvirt-group-to-access-the-socket.patch patch
	NOTE: which caused the CVE-2020-15708 issue.
	NOTE: Upstream improved documentation in with:
	NOTE: https://www.redhat.com/archives/libvir-list/2020-August/msg00360.html
CVE-2020-15707 (Integer overflows were discovered in the functions grub_cmd_initrd and ...)
	{DSA-4735-1}
	- grub2 2.04-9
	[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
	NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
	NOTE: https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=e7b8856f8be3292afdb38d2e8c70ad8d62a61e10
CVE-2020-15706 (GRUB2 contains a race condition in grub_script_function_create() leadi ...)
	{DSA-4735-1}
	- grub2 2.04-9
	[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
	NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
	NOTE: https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=426f57383d647406ae9c628c472059c27cd6e040
CVE-2020-15705 (GRUB2 fails to validate kernel signature when booted directly without  ...)
	- grub2 <not-affected> (Vulnerable code specific in Ubuntu)
	NOTE: Debian's grub_linuxefi_secure_validate has different interface than the one in
	NOTE: Ubuntu and returns the code from "shim not available" and "kernel signature
	NOTE: verification failed". The patch for CVE-2020-15705 is essentially about handling
	NOTE: those two cases in the same way when they were previously handled differently,
	NOTE: and so not a problem for src:grub2 in Debian.
	NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
CVE-2020-15704 (The modprobe child process in the ./debian/patches/load_ppp_generic_if ...)
	- ppp <not-affected> (Ubuntu-specific issue, load_ppp_generic_if_needed.patch not used in Debian)
CVE-2020-15703 (There is no input validation on the Locale property in an apt transact ...)
	- aptdaemon <removed>
	NOTE: https://bugs.launchpad.net/ubuntu/+source/aptdaemon/+bug/1888235
CVE-2020-15702 (TOCTOU Race Condition vulnerability in apport allows a local attacker  ...)
	NOT-FOR-US: Apport
CVE-2020-15701 (An unhandled exception in check_ignored() in apport/report.py can be e ...)
	NOT-FOR-US: Apport
CVE-2020-15700 (An issue was discovered in Joomla! through 3.9.19. A missing token che ...)
	NOT-FOR-US: Joomla!
CVE-2020-15699 (An issue was discovered in Joomla! through 3.9.19. Missing validation  ...)
	NOT-FOR-US: Joomla!
CVE-2020-15698 (An issue was discovered in Joomla! through 3.9.19. Inadequate filterin ...)
	NOT-FOR-US: Joomla!
CVE-2020-15697 (An issue was discovered in Joomla! through 3.9.19. Internal read-only  ...)
	NOT-FOR-US: Joomla!
CVE-2020-15696 (An issue was discovered in Joomla! through 3.9.19. Lack of input filte ...)
	NOT-FOR-US: Joomla!
CVE-2020-15695 (An issue was discovered in Joomla! through 3.9.19. A missing token che ...)
	NOT-FOR-US: Joomla!
CVE-2020-15694 (In Nim 1.2.4, the standard library httpClient fails to properly valida ...)
	- nim 1.2.6-1
	[buster] - nim <no-dsa> (Minor issue)
	[stretch] - nim <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2021/02/04/2
CVE-2020-15693 (In Nim 1.2.4, the standard library httpClient is vulnerable to a CR-LF ...)
	- nim 1.2.6-1
	[buster] - nim <no-dsa> (Minor issue)
	[stretch] - nim <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2021/02/04/2
CVE-2020-15692 (In Nim 1.2.4, the standard library browsers mishandles the URL argumen ...)
	- nim 1.2.6-1
	[buster] - nim <no-dsa> (Minor issue)
	[stretch] - nim <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2021/02/04/1
CVE-2020-15691
	RESERVED
CVE-2020-15690 (In Nim before 1.2.6, the standard library asyncftpclient lacks a check ...)
	- nim 1.2.6-1
	[buster] - nim <no-dsa> (Minor issue)
	[stretch] - nim <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2021/02/04/3
CVE-2020-15689 (Appweb before 7.2.2 and 8.x before 8.1.0, when built with CGI support, ...)
	NOT-FOR-US: Appweb
CVE-2020-15688 (The HTTP Digest Authentication in the GoAhead web server before 5.1.2  ...)
	NOT-FOR-US: Embedthis GoAhead
CVE-2020-15687 (Missing access control restrictions in the Hypervisor component of the ...)
	NOT-FOR-US: ACRN Project
CVE-2020-15686
	RESERVED
CVE-2020-15685
	RESERVED
	{DSA-4842-1 DLA-2541-1}
	- thunderbird 1:78.7.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-05/#CVE-2020-15685
CVE-2020-15684 (Mozilla developers reported memory safety bugs present in Firefox 81.  ...)
	- firefox 82.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-45/#CVE-2020-15684
CVE-2020-15683 (Mozilla developers and community members reported memory safety bugs p ...)
	{DSA-4780-1 DSA-4778-1 DLA-2416-1 DLA-2411-1}
	- firefox 82.0-1
	- firefox-esr 78.4.0esr-1
	- thunderbird 1:78.4.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-45/#CVE-2020-15683
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-46/#CVE-2020-15683
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-47/#CVE-2020-15683
CVE-2020-15682 (When a link to an external protocol was clicked, a prompt was presente ...)
	- firefox 82.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-45/#CVE-2020-15682
CVE-2020-15681 (When multiple WASM threads had a reference to a module, and were looki ...)
	- firefox 82.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-45/#CVE-2020-15681
CVE-2020-15680 (If a valid external protocol handler was referenced in an image tag, t ...)
	- firefox 82.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-45/#CVE-2020-15680
CVE-2020-15679
	RESERVED
CVE-2020-15678 (When recursing through graphical layers while scrolling, an iterator m ...)
	{DSA-4770-1 DSA-4768-1 DLA-2408-1 DLA-2387-1}
	- firefox 81.0-1
	- firefox-esr 78.3.0esr-1
	- thunderbird 1:78.3.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-42/#CVE-2020-15678
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-43/#CVE-2020-15678
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-44/#CVE-2020-15678
CVE-2020-15677 (By exploiting an Open Redirect vulnerability on a website, an attacker ...)
	{DSA-4770-1 DSA-4768-1 DLA-2408-1 DLA-2387-1}
	- firefox 81.0-1
	- firefox-esr 78.3.0esr-1
	- thunderbird 1:78.3.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-42/#CVE-2020-15677
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-43/#CVE-2020-15677
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-44/#CVE-2020-15677
CVE-2020-15676 (Firefox sometimes ran the onload handler for SVG elements that the DOM ...)
	{DSA-4770-1 DSA-4768-1 DLA-2408-1 DLA-2387-1}
	- firefox 81.0-1
	- firefox-esr 78.3.0esr-1
	- thunderbird 1:78.3.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-42/#CVE-2020-15676
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-43/#CVE-2020-15676
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-44/#CVE-2020-15676
CVE-2020-15675 (When processing surfaces, the lifetime may outlive a persistent buffer ...)
	- firefox 81.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-42/#CVE-2020-15675
CVE-2020-15674 (Mozilla developers reported memory safety bugs present in Firefox 80.  ...)
	- firefox 81.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-42/#CVE-2020-15674
CVE-2020-15673 (Mozilla developers reported memory safety bugs present in Firefox 80 a ...)
	{DSA-4770-1 DSA-4768-1 DLA-2408-1 DLA-2387-1}
	- firefox 81.0-1
	- firefox-esr 78.3.0esr-1
	- thunderbird 1:78.3.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-42/#CVE-2020-15673
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-43/#CVE-2020-15673
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-44/#CVE-2020-15673
CVE-2020-15672
	RESERVED
CVE-2020-15671 (When typing in a password under certain conditions, a race may have oc ...)
	- firefox <not-affected> (Android specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-39/#CVE-2020-15671
CVE-2020-15670 (Mozilla developers reported memory safety bugs present in Firefox for  ...)
	- firefox 80.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-36/#CVE-2020-15670
CVE-2020-15669 (When aborting an operation, such as a fetch, an abort signal may be de ...)
	{DSA-4754-1 DSA-4749-1 DLA-2360-1 DLA-2346-1}
	- firefox-esr 68.12.0esr-1
	- thunderbird 1:68.12.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-37/#CVE-2020-15669
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-40/#CVE-2020-15669
CVE-2020-15668 (A lock was missing when accessing a data structure and importing certi ...)
	- firefox 80.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-36/#CVE-2020-15668
CVE-2020-15667 (When processing a MAR update file, after the signature has been valida ...)
	- firefox 80.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-36/#CVE-2020-15667
CVE-2020-15666 (When trying to load a non-video in an audio/video context the exact st ...)
	- firefox 80.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-36/#CVE-2020-15666
CVE-2020-15665 (Firefox did not reset the address bar after the beforeunload dialog wa ...)
	- firefox 80.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-36/#CVE-2020-15665
CVE-2020-15664 (By holding a reference to the eval() function from an about:blank wind ...)
	{DSA-4754-1 DSA-4749-1 DLA-2360-1 DLA-2346-1}
	- firefox 80.0-1
	- firefox-esr 68.12.0esr-1
	- thunderbird 1:68.12.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-36/#CVE-2020-15664
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-37/#CVE-2020-15664
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-40/#CVE-2020-15664
CVE-2020-15663 (If Firefox is installed to a user-writable directory, the Mozilla Main ...)
	- firefox <not-affected> (Only affects Windows)
	- firefox-esr <not-affected> (Only affects Windows)
	- thunderbird <not-affected> (Only affects Windows)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-36/#CVE-2020-15663
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-37/#CVE-2020-15663
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-40/#CVE-2020-15663
CVE-2020-15662 (A rogue webpage could override the injected WKUserScript used by the d ...)
	- firefox <not-affected> (Specific to Firefox for iOS)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-34/#CVE-2020-15662
CVE-2020-15661 (A rogue webpage could override the injected WKUserScript used by the l ...)
	- firefox <not-affected> (Specific to Firefox for iOS)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-34/#CVE-2020-15661
CVE-2020-15660 (Missing checks on Content-Type headers in geckodriver before 0.27.0 co ...)
	- geckodriver <itp> (bug #989456)
CVE-2020-15659 (Mozilla developers and community members reported memory safety bugs p ...)
	{DSA-4740-1 DSA-4736-1 DLA-2310-1 DLA-2297-1}
	- firefox 79.0-1
	- firefox-esr 68.11.0esr-1
	- thunderbird 1:68.11.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-32/#CVE-2020-15659
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-33/#CVE-2020-15659
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-35/#CVE-2020-15659
CVE-2020-15658 (The code for downloading files did not properly take care of special c ...)
	- firefox 79.0-1
	- thunderbird <not-affected> (Only affects Thunderbird 78.x)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-32/#CVE-2020-15658
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-33/#CVE-2020-15658
CVE-2020-15657 (Firefox could be made to load attacker-supplied DLL files from the ins ...)
	- firefox <not-affected> (Only affects Windows)
	- thunderbird <not-affected> (Only affects Windows)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-32/#CVE-2020-15657
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-33/#CVE-2020-15657
CVE-2020-15656 (JIT optimizations involving the Javascript arguments object could conf ...)
	- firefox 79.0-1
	- thunderbird <not-affected> (Only affects Thunderbird 78.x)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-32/#CVE-2020-15656
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-33/#CVE-2020-15656
CVE-2020-15655 (A redirected HTTP request which is observed or modified through a web  ...)
	- firefox 79.0-1
	- thunderbird <not-affected> (Only affects Thunderbird 78.x)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-32/#CVE-2020-15655
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-33/#CVE-2020-15655
CVE-2020-15654 (When in an endless loop, a website specifying a custom cursor using CS ...)
	- firefox 79.0-1
	- thunderbird <not-affected> (Only affects Thunderbird 78.x)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-32/#CVE-2020-15654
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-33/#CVE-2020-15654
CVE-2020-15653 (An iframe sandbox element with the allow-popups flag could be bypassed ...)
	- firefox 79.0-1
	- thunderbird <not-affected> (Only affects Thunderbird 78.x)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-32/#CVE-2020-15653
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-33/#CVE-2020-15653
CVE-2020-15652 (By observing the stack trace for JavaScript errors in web workers, it  ...)
	{DSA-4740-1 DSA-4736-1 DLA-2310-1 DLA-2297-1}
	- firefox 79.0-1
	- firefox-esr 68.11.0esr-1
	- thunderbird 1:68.11.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-32/#CVE-2020-15652
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-33/#CVE-2020-15652
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-35/#CVE-2020-15652
CVE-2020-15651 (A unicode RTL order character in the downloaded file name can be used  ...)
	- firefox <not-affected> (Specific to Firefox for iOS)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-34/#CVE-2020-15651
CVE-2020-15650 (Given an installed malicious file picker application, an attacker was  ...)
	- firefox-esr <not-affected> (Android specific)
	- firefox <not-affected> (Android specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15650
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-32/#CVE-2020-15650
CVE-2020-15649 (Given an installed malicious file picker application, an attacker was  ...)
	- firefox-esr <not-affected> (Android specific)
	- firefox <not-affected> (Android specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15649
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-32/#CVE-2020-15649
CVE-2020-15648 (Using object or embed tags, it was possible to frame other websites, e ...)
	- firefox 78.0.2-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-28/#CVE-2020-15648
CVE-2020-15647 (A Content Provider in Firefox for Android allowed local files accessib ...)
	- firefox <not-affected> (Only affects Firefox for Android)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-27/#CVE-2020-15647
CVE-2020-15646 (If an attacker intercepts Thunderbird's initial attempt to perform aut ...)
	{DSA-4718-1}
	- thunderbird 1:68.10.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-26/#CVE-2020-15646
CVE-2020-15645 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Marvell QConvergeConsole
CVE-2020-15644 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Marvell QConvergeConsole
CVE-2020-15643 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Marvell QConvergeConsole
CVE-2020-15642 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Marvell QConvergeConsole
CVE-2020-15641 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Marvell QConvergeConsole
CVE-2020-15640 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Marvell QConvergeConsole
CVE-2020-15639 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Marvell QConvergeConsole
CVE-2020-15638 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2020-15637 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit
CVE-2020-15636 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Netgear
CVE-2020-15635 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
	NOT-FOR-US: Netgear
CVE-2020-15634 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
	NOT-FOR-US: Netgear
CVE-2020-15633 (This vulnerability allows network-adjacent attackers to bypass authent ...)
	NOT-FOR-US: D-Link
CVE-2020-15632 (This vulnerability allows network-adjacent attackers to bypass authent ...)
	NOT-FOR-US: D-Link
CVE-2020-15631 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
	NOT-FOR-US: D-Link
CVE-2020-15630 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit
CVE-2020-15629 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2020-15628 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15627 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15626 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15625 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15624 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15623 (This vulnerability allows remote attackers to write arbitrary files on ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15622 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15621 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15620 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15619 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15618 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15617 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15616 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15615 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15614 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15613 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15612 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15611 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15610 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15609 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15608 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15607 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15606 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15605 (If LDAP authentication is enabled, an LDAP authentication bypass vulne ...)
	NOT-FOR-US: Trend Micro
CVE-2020-15604 (An incomplete SSL server certification validation vulnerability in the ...)
	NOT-FOR-US: Trend Micro
CVE-2020-15603 (An invalid memory read vulnerability in a Trend Micro Secuity 2020 (v1 ...)
	NOT-FOR-US: Trend Micro
CVE-2020-15602 (An untrusted search path remote code execution (RCE) vulnerability in  ...)
	NOT-FOR-US: Trend Micro
CVE-2020-15601 (If LDAP authentication is enabled, an LDAP authentication bypass vulne ...)
	NOT-FOR-US: Trend Micro
CVE-2020-15600 (An issue was discovered in CMSUno before 1.6.1. uno.php allows CSRF to ...)
	NOT-FOR-US: CMSUno
CVE-2020-15599 (Victor CMS through 2019-02-28 allows XSS via the register.php user_fir ...)
	NOT-FOR-US: Victor CMS
CVE-2020-15598 (** DISPUTED ** Trustwave ModSecurity 3.x through 3.0.4 allows denial o ...)
	{DSA-4765-1}
	- modsecurity 3.0.4-2
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1879588
	NOTE: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/modsecurity-regular-expressions-and-disputed-cve-2020-15598/
	NOTE: https://coreruleset.org/20200914/cve-2020-15598/
	NOTE: https://github.com/SpiderLabs/ModSecurity/pull/2348
CVE-2020-15597 (SOPlanning 1.46.01 allows persistent XSS via the Project Name, Statute ...)
	NOT-FOR-US: SOPlanning
CVE-2020-15596 (The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on var ...)
	NOT-FOR-US: ALPS ALPINE touchpad driver for Windows
CVE-2020-XXXX [veyon-configurator tmp handling]
	- veyon 4.4.1+repack1-1 (bug #964568)
	[buster] - veyon <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2020/07/07/1
CVE-2020-15595 (An issue was discovered in Zoho Application Control Plus before versio ...)
	NOT-FOR-US: Zoho Application Control Plus
CVE-2020-15594 (An SSRF issue was discovered in Zoho Application Control Plus before v ...)
	NOT-FOR-US: Zoho Application Control Plus
CVE-2020-15593 (SteelCentral Aternity Agent 11.0.0.120 on Windows mishandles IPC. It u ...)
	NOT-FOR-US: SteelCentral Aternity Agent
CVE-2020-15592 (SteelCentral Aternity Agent before 11.0.0.120 on Windows allows Privil ...)
	NOT-FOR-US: SteelCentral Aternity Agent
CVE-2020-15591
	RESERVED
CVE-2020-15590 (A vulnerability in the Private Internet Access (PIA) VPN Client for Li ...)
	NOT-FOR-US: Private Internet Access client for Linux
CVE-2020-15589 (A design issue was discovered in GetInternetRequestHandle, InternetSen ...)
	NOT-FOR-US: Zoho ManageEngine Desktop Central
CVE-2020-15588 (An issue was discovered in the client side of Zoho ManageEngine Deskto ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2020-15587
	RESERVED
CVE-2020-15586 (Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net ...)
	{DSA-4848-1 DLA-2460-1 DLA-2459-1}
	- golang-1.15 1.15~rc1-1
	- golang-1.14 1.14.6-1
	- golang-1.11 <removed>
	- golang-1.8 <removed>
	- golang-1.7 <removed>
	- golang <removed>
	NOTE: https://github.com/golang/go/issues/34902
	NOTE: https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ
CVE-2020-15585
	RESERVED
CVE-2020-15584 (An issue was discovered on Samsung mobile devices with Q(10.0) softwar ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-15583 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-15582 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-15581 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-15580 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-15579 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-15578 (An issue was discovered on Samsung mobile devices with O(8.x) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-15577 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-15576 (SolarWinds Serv-U File Server before 15.2.1 allows information disclos ...)
	NOT-FOR-US: SolarWinds Serv-U File Server
CVE-2020-15575 (SolarWinds Serv-U File Server before 15.2.1 allows XSS as demonstrated ...)
	NOT-FOR-US: SolarWinds Serv-U File Server
CVE-2020-15574 (SolarWinds Serv-U File Server before 15.2.1 mishandles the Same-Site c ...)
	NOT-FOR-US: SolarWinds Serv-U File Server
CVE-2020-15573 (SolarWinds Serv-U File Server before 15.2.1 has a "Cross-script vulner ...)
	NOT-FOR-US: SolarWinds Serv-U File Server
CVE-2020-15572 (Tor before 0.4.3.6 has an out-of-bounds memory access that allows a re ...)
	- tor 0.4.3.6-1 (unimportant)
	NOTE: Tor in Debian doesn't use NSS
	NOTE: https://blog.torproject.org/new-release-tor-03511-0428-0436-security-fixes
CVE-2020-15571
	RESERVED
CVE-2020-15570 (The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 m ...)
	NOT-FOR-US: Whoopsie
CVE-2020-15569 (PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free ...)
	{DLA-2292-1}
	- milkytracker 1.02.00+dfsg-2.1 (bug #964797)
	[buster] - milkytracker 1.02.00+dfsg-1+deb10u1
	NOTE: https://github.com/milkytracker/MilkyTracker/commit/7afd55c42ad80d01a339197a2d8b5461d214edaf
CVE-2020-15568 (TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that lead ...)
	NOT-FOR-US: TerraMaster TOS
CVE-2020-15567 (An issue was discovered in Xen through 4.13.x, allowing Intel guest OS ...)
	{DSA-4723-1}
	- xen 4.11.4+24-gddaaccbbab-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-328.html
CVE-2020-15566 (An issue was discovered in Xen through 4.13.x, allowing guest OS users ...)
	{DSA-4723-1}
	- xen 4.11.4+24-gddaaccbbab-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-317.html
CVE-2020-15565 (An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM  ...)
	{DSA-4723-1}
	- xen 4.11.4+24-gddaaccbbab-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-321.html
CVE-2020-15564 (An issue was discovered in Xen through 4.13.x, allowing Arm guest OS u ...)
	{DSA-4723-1}
	- xen 4.11.4+24-gddaaccbbab-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-327.html
CVE-2020-15563 (An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest  ...)
	{DSA-4723-1}
	- xen 4.11.4+24-gddaaccbbab-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	NOTE: https://xenbits.xen.org/xsa/advisory-319.html
CVE-2020-15561
	RESERVED
CVE-2020-15560
	RESERVED
CVE-2020-15559
	RESERVED
CVE-2020-15558
	RESERVED
CVE-2020-15557
	RESERVED
CVE-2020-15556
	RESERVED
CVE-2020-15555
	RESERVED
CVE-2020-15554
	RESERVED
CVE-2020-15553
	RESERVED
CVE-2020-15552
	RESERVED
CVE-2020-15551
	RESERVED
CVE-2020-15550
	RESERVED
CVE-2020-15549
	RESERVED
CVE-2020-15548
	RESERVED
CVE-2020-15547
	RESERVED
CVE-2020-15546
	RESERVED
CVE-2020-15545
	RESERVED
CVE-2020-15544
	RESERVED
CVE-2020-15543 (SolarWinds Serv-U FTP server before 15.2.1 does not validate an argume ...)
	NOT-FOR-US: SolarWinds Serv-U FTP server
CVE-2020-15542 (SolarWinds Serv-U FTP server before 15.2.1 mishandles the CHMOD comman ...)
	NOT-FOR-US: SolarWinds Serv-U FTP server
CVE-2020-15541 (SolarWinds Serv-U FTP server before 15.2.1 allows remote command execu ...)
	NOT-FOR-US: SolarWinds Serv-U FTP server
CVE-2020-15562 (An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x befo ...)
	{DSA-4720-1}
	- roundcube 1.4.7+dfsg.1-1 (bug #964355)
	[stretch] - roundcube 1.2.3+dfsg.1-4+deb9u6
	NOTE: 1.4.x https://github.com/roundcube/roundcubemail/commit/3e8832d029b035e3fcfb4c75839567a9580b4f82
	NOTE: 1.3.x https://github.com/roundcube/roundcubemail/commit/19502419757a976dbd55ce5a746610c5bab7896b
	NOTE: 1.2.x https://github.com/roundcube/roundcubemail/commit/f3d1566cf223eb04f47b6dfffcd88753f66c36ee
CVE-2020-15540 (We-com OpenData CMS 2.0 allows SQL Injection via the username field on ...)
	NOT-FOR-US: We-com OpenData CMS
CVE-2020-15539 (SQL injection can occur in We-com Municipality portal CMS 2.1.x via th ...)
	NOT-FOR-US: We-com Municipality portal CMS
CVE-2020-15538 (XSS can occur in We-com Municipality portal CMS 2.1.x via the cerca/ s ...)
	NOT-FOR-US: We-com Municipality portal CMS
CVE-2020-15537 (An issue was discovered in the Vanguard plugin 2.1 for WordPress. XSS  ...)
	NOT-FOR-US: Vanguard plugin for WordPress
CVE-2020-15536 (An issue was discovered in the bestsoftinc Hotel Booking System Pro pl ...)
	NOT-FOR-US: bestsoftinc Hotel Booking System Pro plugin for WordPress
CVE-2020-15535 (An issue was discovered in the bestsoftinc Car Rental System plugin th ...)
	NOT-FOR-US: bestsoftinc Car Rental System plugin for WordPress
CVE-2020-15534
	RESERVED
CVE-2020-15533 (In Zoho ManageEngine Application Manager 14.7 Build 14730 (before 1468 ...)
	NOT-FOR-US: Zoho ManageEngine Application Manager
CVE-2020-15532 (Silicon Labs Bluetooth Low Energy SDK before 2.13.3 has a buffer overf ...)
	NOT-FOR-US: Silicon Labs Bluetooth Low Energy SDK
CVE-2020-15531 (Silicon Labs Bluetooth Low Energy SDK before 2.13.3 has a buffer overf ...)
	NOT-FOR-US: Silicon Labs Bluetooth Low Energy SDK
CVE-2020-15530 (An issue was discovered in Valve Steam Client 2.10.91.91. The installe ...)
	- steam <not-affected> (Steam on Windows)
CVE-2020-15529 (An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation  ...)
	NOT-FOR-US: GOG Galaxy client
CVE-2020-15528 (An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation  ...)
	NOT-FOR-US: GOG Galaxy client
CVE-2020-15527
	RESERVED
CVE-2020-15526 (In Redgate SQL Monitor 7.1.4 through 10.1.6 (inclusive), the scope for ...)
	NOT-FOR-US: Redgate SQL Monitor
CVE-2020-15525 (GitLab EE 11.3 through 13.1.2 has Incorrect Access Control because of  ...)
	- gitlab <not-affected> (Specific to EE)
CVE-2020-15524
	RESERVED
CVE-2020-15523 (In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, ...)
	- python3.8 <not-affected> (Python on Windows)
	- python2.7 <not-affected> (Python on Windows)
CVE-2020-15522 (Bouncy Castle BC Java before 1.66, BC C# .NET before 1.8.7, BC-FJA bef ...)
	- bouncycastle 1.68-1
	[buster] - bouncycastle <no-dsa> (Minor issue)
	[stretch] - bouncycastle <no-dsa> (Minor issue)
	NOTE: https://github.com/bcgit/bc-java/wiki/CVE-2020-15522
CVE-2020-15521 (Zoho ManageEngine Applications Manager before 14 build 14730 has no pr ...)
	NOT-FOR-US: Zoho
CVE-2020-15520
	RESERVED
CVE-2020-15519
	RESERVED
CVE-2020-15518 (VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup &a ...)
	NOT-FOR-US: Veeam
CVE-2020-15517 (The ke_search (aka Faceted Search) extension through 2.8.2, and 3.x th ...)
	NOT-FOR-US: Typo3 extension
CVE-2020-15516 (The mm_forum extension through 1.9.5 for TYPO3 allows XSS that can be  ...)
	NOT-FOR-US: Typo3 extension
CVE-2020-15515 (The turn extension through 0.3.2 for TYPO3 allows Remote Code Executio ...)
	NOT-FOR-US: Typo3 extension
CVE-2020-15514 (The jh_captcha extension through 2.1.3, and 3.x through 3.0.2, for TYP ...)
	NOT-FOR-US: Typo3 extension
CVE-2020-15513 (The typo3_forum extension before 1.2.1 for TYPO3 has Incorrect Access  ...)
	NOT-FOR-US: Typo3 extension
CVE-2020-15512
	RESERVED
CVE-2020-15511 (HashiCorp Terraform Enterprise up to v202006-1 contained a default sig ...)
	NOT-FOR-US: HashiCorp Terraform Enterprise
CVE-2020-15510
	RESERVED
CVE-2020-15509 (Nordic Semiconductor Android BLE Library through 2.2.1 and DFU Library ...)
	NOT-FOR-US: Nordic Semiconductor
CVE-2020-15508
	RESERVED
CVE-2020-15507 (An arbitrary file reading vulnerability in MobileIron Core versions 10 ...)
	NOT-FOR-US: MobileIron Core and Connector
CVE-2020-15506 (An authentication bypass vulnerability in MobileIron Core &amp; Connec ...)
	NOT-FOR-US: MobileIron Core and Connector
CVE-2020-15505 (A remote code execution vulnerability in MobileIron Core &amp; Connect ...)
	NOT-FOR-US: MobileIron Core and Connector
CVE-2020-15504 (A SQL injection vulnerability in the user and admin web interfaces of  ...)
	NOT-FOR-US: Sophos
CVE-2020-15503 (LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affect ...)
	[experimental] - libraw 0.20.0-1
	- libraw 0.20.0-4 (bug #964747)
	[buster] - libraw <no-dsa> (Minor issue)
	[stretch] - libraw <not-affected> (Vulnerable code not present)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1853477
	NOTE: https://github.com/LibRaw/LibRaw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d
CVE-2020-15502 (** DISPUTED ** The DuckDuckGo application through 5.58.0 for Android,  ...)
	NOT-FOR-US: DuckDuckGo application for Android and iOS
CVE-2020-15501 (** UNSUPPORTED WHEN ASSIGNED ** Smarter Coffee Maker before 2nd genera ...)
	NOT-FOR-US: Smarter Coffee Maker
CVE-2020-15500 (An issue was discovered in server.js in TileServer GL through 3.0.0. T ...)
	NOT-FOR-US: TileServer GL
CVE-2020-15499 (An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_ ...)
	NOT-FOR-US: ASUS RT-AC1900P routers
CVE-2020-15498 (An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_ ...)
	NOT-FOR-US: ASUS RT-AC1900P routers
CVE-2020-15497 (** DISPUTED ** jcore/portal/ajaxPortal.jsp in Jalios JCMS 10.0.2 build ...)
	NOT-FOR-US: Jalios JCMS
CVE-2020-15496 (Acronis True Image for Mac before 2021 Update 4 allowed local privileg ...)
	NOT-FOR-US: Acronis
CVE-2020-15495 (Acronis True Image 2019 update 1 through 2020 on macOS allows local pr ...)
	NOT-FOR-US: Acronis
CVE-2020-15494
	RESERVED
CVE-2020-15493
	RESERVED
CVE-2020-15492 (An issue was discovered in INNEO Startup TOOLS 2017 M021 12.0.66.3784  ...)
	NOT-FOR-US: INNEO
CVE-2020-15491
	RESERVED
CVE-2020-15490 (An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 dev ...)
	NOT-FOR-US: Wavlink WL-WN530HG4
CVE-2020-15489 (An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 dev ...)
	NOT-FOR-US: Wavlink WL-WN530HG4
CVE-2020-15488 (Re:Desk 2.3 allows insecure file upload. ...)
	NOT-FOR-US: Re:Desk
CVE-2020-15487 (Re:Desk 2.3 contains a blind unauthenticated SQL injection vulnerabili ...)
	NOT-FOR-US: Re:Desk
CVE-2020-15486 (An issue was discovered on Dr Trust ECG Pen 2.00.08 devices. Because t ...)
	NOT-FOR-US: Dr Trust ECG Pen 2.00.08 devices
CVE-2020-15485 (An issue was discovered on Nescomed Multipara Monitor M1000 devices. T ...)
	NOT-FOR-US: Nescomed Multipara Monitor M1000 devices
CVE-2020-15484 (An issue was discovered on Nescomed Multipara Monitor M1000 devices. T ...)
	NOT-FOR-US: Nescomed Multipara Monitor M1000 devices
CVE-2020-15483 (An issue was discovered on Nescomed Multipara Monitor M1000 devices. T ...)
	NOT-FOR-US: Nescomed Multipara Monitor M1000 devices
CVE-2020-15482 (An issue was discovered on Nescomed Multipara Monitor M1000 devices. T ...)
	NOT-FOR-US: Nescomed Multipara Monitor M1000 devices
CVE-2020-15481 (An issue was discovered in PassMark BurnInTest v9.1 Build 1008, OSFore ...)
	NOT-FOR-US: PassMark
CVE-2020-15480 (An issue was discovered in PassMark BurnInTest through 9.1, OSForensic ...)
	NOT-FOR-US: PassMark
CVE-2020-15479 (An issue was discovered in PassMark BurnInTest through 9.1, OSForensic ...)
	NOT-FOR-US: PassMark
CVE-2020-15478 (The Journal theme before 3.1.0 for OpenCart allows exposure of sensiti ...)
	NOT-FOR-US: Journal theme for OpenCart
CVE-2020-15477 (The WebControl in RaspberryTortoise through 2012-10-28 is vulnerable t ...)
	NOT-FOR-US: RaspberryTortoise
CVE-2020-15476 (In nDPI through 3.2, the Oracle protocol dissector has a heap-based bu ...)
	{DLA-2354-1}
	- ndpi 3.4-1 (bug #972050)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21780
	NOTE: https://github.com/ntop/nDPI/commit/b69177be2fbe01c2442239a61832c44e40136c05 (3.4)
CVE-2020-15475 (In nDPI through 3.2, ndpi_reset_packet_line_info in lib/ndpi_main.c om ...)
	- ndpi 3.4-1 (bug #972050)
	[stretch] - ndpi <not-affected> (Vulnerable code not present, content_disposition_line introduced later)
	NOTE: https://github.com/ntop/nDPI/commit/6a9f5e4f7c3fd5ddab3e6727b071904d76773952 (3.4)
CVE-2020-15474 (In nDPI through 3.2, there is a stack overflow in extractRDNSequence i ...)
	- ndpi 3.4-1 (bug #972050)
	[buster] - ndpi <not-affected> (Vulnerable code not present)
	[stretch] - ndpi <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/ntop/nDPI/commit/23594f036536468072198a57c59b6e9d63caf6ce (3.4)
CVE-2020-15473 (In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-bas ...)
	- ndpi 3.4-1 (bug #972050)
	[stretch] - ndpi <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/ntop/nDPI/commit/8e7b1ea7a136cc4e4aa9880072ec2d69900a825e (3.4)
CVE-2020-15472 (In nDPI through 3.2, the H.323 dissector is vulnerable to a heap-based ...)
	- ndpi 3.4-1 (bug #972050)
	[stretch] - ndpi <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/ntop/nDPI/commit/b7e666e465f138ae48ab81976726e67deed12701 (3.4)
CVE-2020-15471 (In nDPI through 3.2, the packet parsing code is vulnerable to a heap-b ...)
	- ndpi 3.4-1 (bug #972050)
	[buster] - ndpi <not-affected> (Vulnerable code not present)
	[stretch] - ndpi <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/ntop/nDPI/commit/61066fb106efa6d3d95b67e47b662de208b2b622 (3.4)
CVE-2020-15470 (ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfif_dec ...)
	NOT-FOR-US: ffjpeg
CVE-2020-15469 (In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback m ...)
	{DLA-2560-1}
	- qemu 1:6.0+dfsg-3 (low; bug #970253)
	[bullseye] - qemu <ignored> (Minor issue, too intrusive to backport)
	[buster] - qemu <ignored> (Minor issue, too intrusive to backport)
	NOTE: https://www.openwall.com/lists/oss-security/2020/07/02/1
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg09961.html
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg00674.html
	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=520f26fc6d17b71a43eaf620e834b3bdf316f3d3
	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=4f2a5202a05fc1612954804a2482f07bff105ea2
	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=24202d2b561c3b4c48bd28383c8c34b4ac66c2bf
	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=f867cebaedbc9c43189f102e4cdfdff05e88df7f
	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=b5bf601f364e1a14ca4c3276f88dfec024acf613
	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=921604e175b8ec06c39503310e7b3ec1e3eafe9e
	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=2c9fb3b784000c1df32231e1c2464bb2e3fc4620
	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=735754aaa15a6ed46db51fd731e88331c446ea54
CVE-2020-15468 (Persian VIP Download Script 1.0 allows SQL Injection via the cart_edit ...)
	NOT-FOR-US: Persian VIP Download Script
CVE-2020-15467 (The administrative interface of Cohesive Networks vns3:vpn appliances  ...)
	NOT-FOR-US: Cohesive Networks vns3:vpn appliances
CVE-2020-15466 (In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infin ...)
	{DLA-2547-1}
	- wireshark 3.2.5-1 (low)
	[buster] - wireshark 2.6.20-0+deb10u1
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16029
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=11f40896b696e4e8c7f8b2ad96028404a83a51a4
	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-09.html
CVE-2020-15465
	REJECTED
CVE-2020-15464
	REJECTED
CVE-2020-15463
	REJECTED
CVE-2020-15462
	REJECTED
CVE-2020-15461
	REJECTED
CVE-2020-15460
	REJECTED
CVE-2020-15459
	REJECTED
CVE-2020-15458
	REJECTED
CVE-2020-15457
	REJECTED
CVE-2020-15456
	REJECTED
CVE-2020-15455
	REJECTED
CVE-2020-15454
	REJECTED
CVE-2020-15453
	REJECTED
CVE-2020-15452
	REJECTED
CVE-2020-15451
	REJECTED
CVE-2020-15450
	REJECTED
CVE-2020-15449
	REJECTED
CVE-2020-15448
	REJECTED
CVE-2020-15447
	REJECTED
CVE-2020-15446
	REJECTED
CVE-2020-15445
	REJECTED
CVE-2020-15444
	REJECTED
CVE-2020-15443
	REJECTED
CVE-2020-15442
	REJECTED
CVE-2020-15441
	REJECTED
CVE-2020-15440
	REJECTED
CVE-2020-15439
	REJECTED
CVE-2020-15438
	REJECTED
CVE-2020-15437 (The Linux kernel before version 5.8 is vulnerable to a NULL pointer de ...)
	- linux 5.7.17-1
	[buster] - linux 4.19.146-1
	[stretch] - linux 4.9.240-1
	NOTE: https://git.kernel.org/linus/f4c23a140d80ef5e6d3d1f8f57007649014b60fa
CVE-2020-15436 (Use-after-free vulnerability in fs/block_dev.c in the Linux kernel bef ...)
	- linux 5.7.6-1
	[buster] - linux 4.19.131-1
	[stretch] - linux 4.9.240-1
	NOTE: https://git.kernel.org/linus/2d3a8e2deddea6c89961c422ec0c5b851e648c14
CVE-2020-15435 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15434 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15433 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15432 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15431 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15430 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15429 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15428 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15427 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15426 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15425 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15424 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15423 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15422 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15421 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15420 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-15419 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Veeam
CVE-2020-15418 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Veeam
CVE-2020-15417 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
	NOT-FOR-US: Netgear
CVE-2020-15416 (This vulnerability allows network-adjacent attackers to bypass authent ...)
	NOT-FOR-US: Netgear
CVE-2020-15415 (On DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, c ...)
	NOT-FOR-US: DrayTek
CVE-2020-15414
	RESERVED
CVE-2020-15413
	RESERVED
CVE-2020-15412 (An issue was discovered in MISP 2.4.128. app/Controller/EventsControll ...)
	NOT-FOR-US: MISP
CVE-2020-15411 (An issue was discovered in MISP 2.4.128. app/Controller/AttributesCont ...)
	NOT-FOR-US: MISP
CVE-2020-15410
	RESERVED
CVE-2020-15409
	RESERVED
CVE-2020-15408 (An issue was discovered in Pulse Secure Pulse Connect Secure before 9. ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2020-15407
	RESERVED
CVE-2020-15406
	RESERVED
CVE-2020-15405
	RESERVED
CVE-2020-15404
	RESERVED
CVE-2020-15403
	RESERVED
CVE-2020-15402
	RESERVED
CVE-2020-15401 (IOBit Malware Fighter Pro 8.0.2.547 allows local users to gain privile ...)
	NOT-FOR-US: IOBit Malware Fighter Pro
CVE-2020-15400 (CakePHP before 4.0.6 mishandles CSRF token generation. This might be r ...)
	- cakephp <unfixed> (bug #985673)
	[bullseye] - cakephp <ignored> (Minor issue)
	[buster] - cakephp <ignored> (Minor issue)
	[stretch] - cakephp <no-dsa> (Minor issue)
CVE-2020-15399
	RESERVED
CVE-2020-15398
	RESERVED
CVE-2020-15397 (HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execut ...)
	- hylafax <not-affected> (/var/spool/hylafax/bin and /var/spool/hylafax/etc are root-owned in Debian)
	NOTE: https://sourceforge.net/p/hylafax/HylaFAX+/2534/
CVE-2020-15396 (In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility ...)
	- hylafax 3:6.0.7-3.1 (bug #964198)
	[buster] - hylafax <no-dsa> (Minor issue)
	[stretch] - hylafax <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/hylafax/HylaFAX+/2534/
CVE-2020-15395 (In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based b ...)
	{DLA-2603-1}
	- libmediainfo 20.09+dfsg-1 (low; bug #967073)
	[buster] - libmediainfo <no-dsa> (Minor issue)
	[jessie] - libmediainfo <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/mediainfo/bugs/1127/
	NOTE: https://github.com/MediaArea/MediaInfoLib/commit/5b998282f47f080592d298a25c642f13a895c4dc
CVE-2020-15394 (The REST API in Zoho ManageEngine Applications Manager before build 14 ...)
	NOT-FOR-US: Zoho
CVE-2020-15393 (In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/u ...)
	{DLA-2420-1 DLA-2323-1}
	- linux 5.7.10-1
	[buster] - linux 4.19.131-1
	NOTE: https://git.kernel.org/linus/28ebeb8db77035e058a510ce9bd17c2b9a009dba
CVE-2020-15392 (A user enumeration vulnerability flaw was found in Venki Supravizio BP ...)
	NOT-FOR-US: Venki
CVE-2020-15391 (The UI in DevSpace 4.13.0 allows web sites to execute actions on pods  ...)
	NOT-FOR-US: DevSpace
CVE-2020-15390 (pyActivity in Pega Platform 8.4.0.237 has a security misconfiguration  ...)
	NOT-FOR-US: Pega Platform
CVE-2020-15389 (jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free th ...)
	{DSA-4882-1 DLA-2277-1}
	- openjpeg2 2.4.0-1 (bug #965220)
	NOTE: https://github.com/uclouvain/openjpeg/issues/1261
	NOTE: https://github.com/uclouvain/openjpeg/commit/e8e258ab049240c2dd1f1051b4e773b21e2d3dc0 (v2.4.0)
CVE-2020-15388
	RESERVED
CVE-2020-15387 (The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7. ...)
	NOT-FOR-US: Brocade
CVE-2020-15386 (Brocade Fabric OS prior to v9.0.1a and 8.2.3a and after v9.0.0 and 8.2 ...)
	NOT-FOR-US: Brocade
CVE-2020-15385 (Brocade SANnav before version 2.1.1 allows an authenticated attacker t ...)
	NOT-FOR-US: Brocade
CVE-2020-15384 (Brocade SANNav before version 2.1.1 contains an information disclosure ...)
	NOT-FOR-US: Brocade
CVE-2020-15383 (Running security scans against the SAN switch can cause config and sec ...)
	NOT-FOR-US: Brocade
CVE-2020-15382 (Brocade SANnav before version 2.1.1 uses a hard-coded administrator ac ...)
	NOT-FOR-US: Brocade
CVE-2020-15381 (Brocade SANnav before version 2.1.1 contains an Improper Authenticatio ...)
	NOT-FOR-US: Brocade
CVE-2020-15380 (Brocade SANnav before version 2.1.1 logs account credentials at the &# ...)
	NOT-FOR-US: Brocade
CVE-2020-15379 (Brocade SANnav before v.2.1.0a could allow remote attackers cause a de ...)
	NOT-FOR-US: Brocade
CVE-2020-15378 (The OVA version of Brocade SANnav before version 2.1.1 installation wi ...)
	NOT-FOR-US: Brocade
CVE-2020-15377 (Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated ...)
	NOT-FOR-US: Brocade
CVE-2020-15376 (Brocade Fabric OS versions before v9.0.0 and after version v8.1.0, con ...)
	NOT-FOR-US: Brocade Fabric OS
CVE-2020-15375 (Brocade Fabric OS versions before v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v ...)
	NOT-FOR-US: Brocade Fabric OS
CVE-2020-15374 (Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versio ...)
	NOT-FOR-US: Brocade Fabric OS
CVE-2020-15373 (Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric ...)
	NOT-FOR-US: Brocade Fabric OS
CVE-2020-15372 (A vulnerability in the command-line interface in Brocade Fabric OS bef ...)
	NOT-FOR-US: Brocade Fabric OS
CVE-2020-15371 (Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v ...)
	NOT-FOR-US: Brocade Fabric OS
CVE-2020-15370 (Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allo ...)
	NOT-FOR-US: Brocade Fabric OS
CVE-2020-15369 (Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d,  ...)
	NOT-FOR-US: Brocade Fabric OS
CVE-2020-15368 (AsrDrv103.sys in the ASRock RGB Driver does not properly restrict acce ...)
	NOT-FOR-US: ASRock RGB Driver
CVE-2020-15367 (Venki Supravizio BPM 10.1.2 does not limit the number of authenticatio ...)
	NOT-FOR-US: Venki
CVE-2020-15366 (An issue was discovered in ajv.validate() in Ajv (aka Another JSON Sch ...)
	- node-ajv 6.12.4-1
	[buster] - node-ajv <no-dsa> (Minor issue)
	NOTE: https://github.com/ajv-validator/ajv/releases/tag/v6.12.3
CVE-2020-15365 (LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in ...)
	- libraw <not-affected> (Vulnerable code introduced in 0.20-Beta1)
	NOTE: https://github.com/LibRaw/LibRaw/issues/301
	NOTE: https://github.com/LibRaw/LibRaw/commit/55f0a0c08974b8b79ebfa7762b555a1704b25fb2
CVE-2020-15364 (The Nexos theme through 1.7 for WordPress allows top-map/?search_locat ...)
	NOT-FOR-US: Wordpress theme
CVE-2020-15363 (The Nexos theme through 1.7 for WordPress allows side-map/?search_orde ...)
	NOT-FOR-US: Wordpress theme
CVE-2020-15362 (wifiscanner.js in thingsSDK WiFi Scanner 1.0.1 allows Code Injection b ...)
	NOT-FOR-US: thingsSDK WiFi Scanner
CVE-2020-15361
	RESERVED
CVE-2020-15360 (com.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege escalatio ...)
	NOT-FOR-US: Docker Desktop on Windows
CVE-2020-15359
	RESERVED
CVE-2020-15357 (Network Analysis functionality in Askey AP5100W_Dual_SIG_1.01.097 and  ...)
	NOT-FOR-US: Askey
CVE-2020-15358 (In SQLite before 3.32.3, select.c mishandles query-flattener optimizat ...)
	- sqlite3 3.32.3-1
	[buster] - sqlite3 3.27.2-3+deb10u1
	[stretch] - sqlite3 <not-affected> (Vulnerable code introduced in 3.25.0)
	[jessie] - sqlite3 <not-affected> (Vulnerable code introduced in 3.25.0)
	NOTE: https://www.sqlite.org/src/info/10fa79d00f8091e5
	NOTE: https://www.sqlite.org/src/tktview?name=8f157e8010
CVE-2020-15356
	REJECTED
CVE-2020-15355
	REJECTED
CVE-2020-15354
	REJECTED
CVE-2020-15353
	RESERVED
CVE-2020-15352 (An XML external entity (XXE) vulnerability in Pulse Connect Secure (PC ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2020-15351 (IDrive before 6.7.3.19 on Windows installs by default to %PROGRAMFILES ...)
	NOT-FOR-US: IDrive
CVE-2020-15350 (RIOT 2020.04 has a buffer overflow in the base64 decoder. The decoding ...)
	NOT-FOR-US: RIOT RIOT-OS
CVE-2020-15349 (BinaryNights ForkLift 3.x before 3.4 has a local privilege escalation  ...)
	NOT-FOR-US: BinaryNights ForkLift
CVE-2020-15348 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows use of live/CPEManag ...)
	NOT-FOR-US: Zyxel
CVE-2020-15347 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the q6xV4aW8bQ4cfD-b pa ...)
	NOT-FOR-US: Zyxel
CVE-2020-15346 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a /live/GLOBALS API wit ...)
	NOT-FOR-US: Zyxel
CVE-2020-15345 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_g ...)
	NOT-FOR-US: Zyxel
CVE-2020-15344 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_g ...)
	NOT-FOR-US: Zyxel
CVE-2020-15343 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_i ...)
	NOT-FOR-US: Zyxel
CVE-2020-15342 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_i ...)
	NOT-FOR-US: Zyxel
CVE-2020-15341 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated upda ...)
	NOT-FOR-US: Zyxel
CVE-2020-15340 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded opt/axess/A ...)
	NOT-FOR-US: Zyxel
CVE-2020-15339 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows live/CPEManager/AXCa ...)
	NOT-FOR-US: Zyxel
CVE-2020-15338 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request M ...)
	NOT-FOR-US: Zyxel
CVE-2020-15337 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request M ...)
	NOT-FOR-US: Zyxel
CVE-2020-15336 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for / ...)
	NOT-FOR-US: Zyxel
CVE-2020-15335 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for / ...)
	NOT-FOR-US: Zyxel
CVE-2020-15334 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows escape-sequence inje ...)
	NOT-FOR-US: Zyxel
CVE-2020-15333 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows attackers to discove ...)
	NOT-FOR-US: Zyxel
CVE-2020-15332 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/etc/def ...)
	NOT-FOR-US: Zyxel
CVE-2020-15331 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded OAUTH_SECRE ...)
	NOT-FOR-US: Zyxel
CVE-2020-15330 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded APP_KEY in  ...)
	NOT-FOR-US: Zyxel
CVE-2020-15329 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak Data.fs permission ...)
	NOT-FOR-US: Zyxel
CVE-2020-15328 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/var/blo ...)
	NOT-FOR-US: Zyxel
CVE-2020-15327 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without a ...)
	NOT-FOR-US: Zyxel
CVE-2020-15326 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate ...)
	NOT-FOR-US: Zyxel
CVE-2020-15325 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cook ...)
	NOT-FOR-US: Zyxel
CVE-2020-15324 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a world-readable axess/ ...)
	NOT-FOR-US: Zyxel
CVE-2020-15323 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the cloud1234 password  ...)
	NOT-FOR-US: Zyxel
CVE-2020-15322 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the wbboEZ4BN3ssxAfM ha ...)
	NOT-FOR-US: Zyxel
CVE-2020-15321 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axzyxel password fo ...)
	NOT-FOR-US: Zyxel
CVE-2020-15320 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axiros password for ...)
	NOT-FOR-US: Zyxel
CVE-2020-15319 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key ...)
	NOT-FOR-US: Zyxel
CVE-2020-15318 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key ...)
	NOT-FOR-US: Zyxel
CVE-2020-15317 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key ...)
	NOT-FOR-US: Zyxel
CVE-2020-15316 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH k ...)
	NOT-FOR-US: Zyxel
CVE-2020-15315 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key ...)
	NOT-FOR-US: Zyxel
CVE-2020-15314 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key ...)
	NOT-FOR-US: Zyxel
CVE-2020-15313 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH k ...)
	NOT-FOR-US: Zyxel
CVE-2020-15312 (Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key ...)
	NOT-FOR-US: Zyxel
CVE-2020-15311
	REJECTED
CVE-2020-15310
	RESERVED
CVE-2020-15309 (An issue was discovered in wolfSSL before 4.5.0, when single precision ...)
	- wolfssl 4.5.0+dfsg-1 (bug #969663)
	NOTE: https://github.com/wolfSSL/wolfssl/releases/tag/v4.5.0-stable
CVE-2020-15308 (Support Incident Tracker (aka SiT! or SiTracker) 3.67 p2 allows post-a ...)
	NOT-FOR-US: Support Incident Tracker
CVE-2020-15307 (Nozomi Guardian before 19.0.4 allows attackers to achieve stored XSS ( ...)
	NOT-FOR-US: Nozomi Guardian
CVE-2020-15306 (An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount a ...)
	{DSA-4755-1 DLA-2358-1}
	[experimental] - openexr 2.5.2-1
	- openexr 2.5.3-2
	[jessie] - openexr <not-affected> (getChunkOffsetTableSize introduced in v2)
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/738
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/6a9f8af6e89547bcd370ae3cec2b12849eee0b54
CVE-2020-15305 (An issue was discovered in OpenEXR before 2.5.2. Invalid input could c ...)
	{DSA-4755-1 DLA-2358-1}
	[experimental] - openexr 2.5.2-1
	- openexr 2.5.3-2
	[jessie] - openexr <not-affected> (ImfDeepScanLineInputFile.cpp introduced in v2)
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/730
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/3d03979dc101612e806cdf0b011475d9fa685a73
CVE-2020-15304 (An issue was discovered in OpenEXR before 2.5.2. An invalid tiled inpu ...)
	[experimental] - openexr 2.5.2-1
	- openexr 2.5.3-2
	[buster] - openexr <not-affected> (Vulnerable code not present)
	[stretch] - openexr <not-affected> (Vulnerable code not present)
	[jessie] - openexr <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/727
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/36e05c14c612a89c43d4e0b013669ecd7f8e3440 (v3.0.4)
	NOTE: Introduced by https://github.com/AcademySoftwareFoundation/openexr/commit/e79d2296496a50826a15c667bf92bdc5a05518b4 (v2.4.1)
CVE-2020-15303 (Infoblox NIOS before 8.5.2 allows entity expansion during an XML uploa ...)
	NOT-FOR-US: Infoblox NIOS
CVE-2020-15302 (In Argent RecoveryManager before 0xdc350d09f71c48c5D22fBE2741e4d6A0397 ...)
	NOT-FOR-US: Argent RecoveryManager
CVE-2020-15301 (SuiteCRM through 7.11.13 allows CSV Injection via registration fields  ...)
	NOT-FOR-US: SuiteCRM
CVE-2020-15300 (SuiteCRM through 7.11.13 has an Open Redirect in the Documents module  ...)
	NOT-FOR-US: SuiteCRM
CVE-2020-15299 (A reflected Cross-Site Scripting (XSS) Vulnerability in the KingCompos ...)
	NOT-FOR-US: KingComposer plugin for WordPress
CVE-2020-15298
	REJECTED
CVE-2020-15297 (Insufficient validation in the Bitdefender Update Server and BEST Rela ...)
	NOT-FOR-US: Bitdefender
CVE-2020-15296
	REJECTED
CVE-2020-15295
	REJECTED
CVE-2020-15294 (Compiler Optimization Removal or Modification of Security-critical Cod ...)
	NOT-FOR-US: Bitdefender
CVE-2020-15293 (Memory corruption in IntLixCrashDumpDmesg, IntLixTaskFetchCmdLine, Int ...)
	NOT-FOR-US: Bitdefender
CVE-2020-15292 (Lack of validation on data read from guest memory in IntPeGetDirectory ...)
	NOT-FOR-US: Bitdefender
CVE-2020-15291
	REJECTED
CVE-2020-15290
	REJECTED
CVE-2020-15289
	REJECTED
CVE-2020-15288
	REJECTED
CVE-2020-15287
	REJECTED
CVE-2020-15286
	REJECTED
CVE-2020-15285
	REJECTED
CVE-2020-15284
	RESERVED
CVE-2020-15283
	RESERVED
CVE-2020-15282
	REJECTED
CVE-2020-15281
	REJECTED
CVE-2020-15280
	RESERVED
CVE-2020-15279 (An Improper Access Control vulnerability in the logging component of B ...)
	NOT-FOR-US: Bitdefender
CVE-2020-15278 (Red Discord Bot before version 3.4.1 has an unauthorized privilege esc ...)
	NOT-FOR-US: Red Discord Bot
CVE-2020-15277 (baserCMS before version 4.4.1 is affected by Remote Code Execution (RC ...)
	NOT-FOR-US: baserCMS
CVE-2020-15276 (baserCMS before version 4.4.1 is vulnerable to Cross-Site Scripting. A ...)
	NOT-FOR-US: baserCMS
CVE-2020-15275 (MoinMoin is a wiki engine. In MoinMoin before version 1.9.11, an attac ...)
	{DSA-4787-1 DLA-2446-1}
	- moin <removed>
	NOTE: https://github.com/moinwiki/moin-1.9/security/advisories/GHSA-4q96-6xhq-ff43
	NOTE: https://github.com/moinwiki/moin-1.9/commit/64e16037a60646a4d834f0203c75481b9c3fa74c (1.9.11)
CVE-2020-15274 (In Wiki.js before version 2.5.162, an XSS payload can be injected in a ...)
	NOT-FOR-US: Wiki.js
CVE-2020-15273 (baserCMS before version 4.4.1 is vulnerable to Cross-Site Scripting. T ...)
	NOT-FOR-US: baserCMS
CVE-2020-15272 (In the git-tag-annotation-action (open source GitHub Action) before ve ...)
	NOT-FOR-US: git-tag-annotation-action
CVE-2020-15271 (In lookatme (python/pypi package) versions prior to 2.3.0, the package ...)
	- lookatme 2.3.0-1 (bug #972988)
	NOTE: https://github.com/d0c-s4vage/lookatme/security/advisories/GHSA-c84h-w6cr-5v8q
	NOTE: https://github.com/d0c-s4vage/lookatme/commit/72fe36b784b234548d49dae60b840c37f0eb8d84 (v2.3.0)
	NOTE: https://github.com/d0c-s4vage/lookatme/pull/110
CVE-2020-15270 (Parse Server (npm package parse-server) broadcasts events to all clien ...)
	NOT-FOR-US: Node parse-server
CVE-2020-15269 (In Spree before versions 3.7.11, 4.0.4, or 4.1.11, expired user tokens ...)
	NOT-FOR-US: Spree
CVE-2020-15268
	RESERVED
CVE-2020-15267
	RESERVED
CVE-2020-15266 (In Tensorflow before version 2.4.0, when the `boxes` argument of `tf.i ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15265 (In Tensorflow before version 2.4.0, an attacker can pass an invalid `a ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15264 (The Boxstarter installer before version 2.13.0 configures C:\ProgramDa ...)
	NOT-FOR-US: Boxstarter
CVE-2020-15263 (In platform before version 9.4.4, inline attributes are not properly e ...)
	NOT-FOR-US: Laravel Orchid Platform
CVE-2020-15262 (In webpack-subresource-integrity before version 1.5.1, all dynamically ...)
	NOT-FOR-US: Node webpack-subresource-integrity
CVE-2020-15261 (On Windows the Veyon Service before version 4.4.2 contains an unquoted ...)
	- veyon <not-affected> (Windows-specific)
	NOTE: https://github.com/veyon/veyon/security/advisories/GHSA-c8cc-x786-hqqp
CVE-2020-15260 (PJSIP is a free and open source multimedia communication library writt ...)
	- pjproject <removed>
	[stretch] - pjproject <not-affected> (Vulnerable code introduced later, no connection reuse available)
	- ring 20210112.2.b757bac~ds1-1 (bug #986815)
	[buster] - ring <not-affected> (Vulnerable code introduced later, no connection reuse available in embedded pjproject)
	[stretch] - ring <not-affected> (Vulnerable code introduced later, no connection reuse available in embedded pjproject)
	NOTE: https://github.com/pjsip/pjproject/security/advisories/GHSA-8hcp-hm38-mfph
	NOTE: https://github.com/pjsip/pjproject/commit/67e46c1ac45ad784db5b9080f5ed8b133c122872
	NOTE: https://github.com/pjsip/pjproject/pull/2663
CVE-2020-15259 (ad-ldap-connector's admin panel before version 5.0.13 does not provide ...)
	NOT-FOR-US: ad-ldap-connector
CVE-2020-15258 (In Wire before 3.20.x, `shell.openExternal` was used without checking  ...)
	NOT-FOR-US: Wire app
CVE-2020-15257 (containerd is an industry-standard container runtime and is available  ...)
	{DSA-4865-1}
	- containerd 1.4.3~ds1-1
	- docker.io 20.10.0~rc1+dfsg2-1
	NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-36xw-fx78-c5r4
	NOTE: https://github.com/containerd/containerd/commit/3519233e1b5a408c7e92b0af4293000820a0089b (v1.2)
	NOTE: docker.io switched to systemwide containerd packages in 20.10.0~rc1+dfsg2-1
CVE-2020-15256 (A prototype pollution vulnerability has been found in `object-path` &l ...)
	- node-object-path 0.11.5-3
	[buster] - node-object-path 0.11.4-2+deb10u1
	[stretch] - node-object-path <postponed> (Minor issue)
	NOTE: https://github.com/mariocasciaro/object-path/security/advisories/GHSA-cwx2-736x-mf6w
CVE-2020-15255 (In Anuko Time Tracker before verion 1.19.23.5325, due to not properly  ...)
	NOT-FOR-US: Anuko Time Tracker
CVE-2020-15254 (Crossbeam is a set of tools for concurrent programming. In crossbeam-c ...)
	- firefox 82.0-1
	- rust-crossbeam-channel <not-affected> (Only affected 0.4.3 which was not released in Debian)
	NOTE: https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-v5m7-53cv-f3hx
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-45/#CVE-2020-15254
CVE-2020-15253 (Versions of Grocy &lt;= 2.7.1 are vulnerable to Cross-Site Scripting v ...)
	NOT-FOR-US: Grocy
CVE-2020-15252 (In XWiki before version 12.5 and 11.10.6, any user with SCRIPT right ( ...)
	NOT-FOR-US: XWiki
CVE-2020-15251 (In the Channelmgnt plug-in for Sopel (a Python IRC bot) before version ...)
	NOT-FOR-US: Channelmgnt plug-in for Sopel
CVE-2020-15250 (In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryF ...)
	{DLA-2426-1}
	- junit4 4.13.1-1 (bug #972231)
	[buster] - junit4 <no-dsa> (Minor issue)
	NOTE: https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp
	NOTE: https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae
CVE-2020-15249 (October is a free, open-source, self-hosted CMS platform based on the  ...)
	NOT-FOR-US: October CMS
CVE-2020-15248 (October is a free, open-source, self-hosted CMS platform based on the  ...)
	NOT-FOR-US: October CMS
CVE-2020-15247 (October is a free, open-source, self-hosted CMS platform based on the  ...)
	NOT-FOR-US: October CMS
CVE-2020-15246 (October is a free, open-source, self-hosted CMS platform based on the  ...)
	NOT-FOR-US: October CMS
CVE-2020-15245 (In Sylius before versions 1.6.9, 1.7.9 and 1.8.3, the user may registe ...)
	NOT-FOR-US: Sylius
CVE-2020-15244 (In Magento (rubygems openmage/magento-lts package) before versions 19. ...)
	NOT-FOR-US: Magento
CVE-2020-15243 (Affected versions of Smartstore have a missing WebApi Authentication a ...)
	NOT-FOR-US: Smartstore
CVE-2020-15242 (Next.js versions &gt;=9.5.0 and &lt;9.5.4 are vulnerable to an Open Re ...)
	NOT-FOR-US: next.js
CVE-2020-15241 (TYPO3 Fluid Engine (package `typo3fluid/fluid`) before versions 2.0.5, ...)
	NOT-FOR-US: TYPO3 Fluid Engine
CVE-2020-15240 (omniauth-auth0 (rubygems) versions &gt;= 2.3.0 and &lt; 2.4.1 improper ...)
	- ruby-omniauth-auth0 <not-affected> (Introduced in 2.3.0)
	NOTE: https://github.com/auth0/omniauth-auth0/security/advisories/GHSA-58r4-h6v8-jcvm
CVE-2020-15239 (In xmpp-http-upload before version 0.4.0, when the GET method is attac ...)
	NOT-FOR-US: xmpp-http-upload
CVE-2020-15238 (Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the Dhcp ...)
	{DSA-4781-1 DLA-2430-1}
	- blueman 2.1.4-1 (bug #973718)
	NOTE: https://github.com/blueman-project/blueman/security/advisories/GHSA-jpc9-mgw6-2xwx
	NOTE: https://bugs.launchpad.net/ubuntu/+source/blueman/+bug/1897287
	NOTE: https://github.com/blueman-project/blueman/commit/02161d60e8e311b08fb18254615259085fcd6688
	NOTE: Additionally Build-Depends on libpolkit-agent-1-dev needed (blueman should
	NOTE: use polkit for authorisation but due to a packaging issue this was not
	NOTE: enabled).
CVE-2020-15237 (In Shrine before version 3.3.0, when using the `derivation_endpoint` p ...)
	NOT-FOR-US: Shrine
CVE-2020-15236 (In Wiki.js before version 2.5.151, directory traversal outside of Wiki ...)
	NOT-FOR-US: Wiki.js
CVE-2020-15235 (In RACTF before commit f3dc89b, unauthenticated users are able to get  ...)
	NOT-FOR-US: RACTF
CVE-2020-15234 (ORY Fosite is a security first OAuth2 &amp; OpenID Connect framework f ...)
	NOT-FOR-US: ORY Fosite
CVE-2020-15233 (ORY Fosite is a security first OAuth2 &amp; OpenID Connect framework f ...)
	NOT-FOR-US: ORY Fosite
CVE-2020-15232 (In mapfish-print before version 3.24, a user can do to an XML External ...)
	NOT-FOR-US: mapfish-print
CVE-2020-15231 (In mapfish-print before version 3.24, a user can use the JSONP support ...)
	NOT-FOR-US: mapfish-print
CVE-2020-15230 (Vapor is a web framework for Swift. In Vapor before version 4.29.4, At ...)
	NOT-FOR-US: Vapor
CVE-2020-15229 (Singularity (an open source container platform) from version 3.1.1 thr ...)
	[experimental] - singularity-container 3.9.4+ds2-1
	- singularity-container <unfixed> (bug #972212)
	NOTE: https://github.com/hpcng/singularity/security/advisories/GHSA-7gcp-w6ww-2xv9
CVE-2020-15228 (In the `@actions/core` npm module before version 1.2.6,`addPath` and ` ...)
	NOT-FOR-US: Node @actions/core
CVE-2020-15227 (Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 3.0.6 ar ...)
	{DLA-2617-1}
	- php-nette <removed>
	NOTE: https://github.com/nette/application/security/advisories/GHSA-8gv3-3j7f-wg94
CVE-2020-15226 (In GLPI before version 9.5.2, there is a SQL Injection in the API's se ...)
	- glpi <removed>
CVE-2020-15225 (django-filter is a generic system for filtering Django QuerySets based ...)
	- django-filter 2.4.0-1
	[buster] - django-filter <no-dsa> (Minor issue)
	[stretch] - django-filter <no-dsa> (Minor issue)
	NOTE: https://github.com/carltongibson/django-filter/security/advisories/GHSA-x7gm-rfgv-w973
	NOTE: https://github.com/carltongibson/django-filter/commit/340cf7a23a2b3dcd7183f6a0d6c383e85b130d2b
CVE-2020-15224 (In Open Enclave before version 0.12.0, an information disclosure vulne ...)
	NOT-FOR-US: Open Enclave
CVE-2020-15223 (In ORY Fosite (the security first OAuth2 &amp; OpenID Connect framewor ...)
	NOT-FOR-US: ORY Fosite
CVE-2020-15222 (In ORY Fosite (the security first OAuth2 &amp; OpenID Connect framewor ...)
	NOT-FOR-US: ORY Fosite
CVE-2020-15221 (Combodo iTop is a web based IT Service Management tool. In iTop before ...)
	NOT-FOR-US: Combodo iTop
CVE-2020-15220 (Combodo iTop is a web based IT Service Management tool. In iTop before ...)
	NOT-FOR-US: Combodo iTop
CVE-2020-15219 (Combodo iTop is a web based IT Service Management tool. In iTop before ...)
	NOT-FOR-US: Combodo iTop
CVE-2020-15218 (Combodo iTop is a web based IT Service Management tool. In iTop before ...)
	NOT-FOR-US: Combodo iTop
CVE-2020-15217 (In GLPI before version 9.5.2, there is a leakage of user information t ...)
	- glpi <removed>
CVE-2020-15216 (In goxmldsig (XML Digital Signatures implemented in pure Go) before ve ...)
	- golang-github-russellhaering-goxmldsig 1.1.0-1 (bug #971615)
	[buster] - golang-github-russellhaering-goxmldsig <no-dsa> (Minor issue)
	NOTE: https://github.com/russellhaering/goxmldsig/security/advisories/GHSA-q547-gmf8-8jr7
	NOTE: https://github.com/russellhaering/goxmldsig/commit/f6188febf0c29d7ffe26a0436212b19cb9615e64
CVE-2020-15215 (Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vuln ...)
	- electron <itp> (bug #842420)
CVE-2020-15214 (In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segme ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15213 (In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segme ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15212 (In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segme ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15211 (In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3 ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15210 (In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3 ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15209 (In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3 ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15208 (In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3 ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15207 (In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3 ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15206 (In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, c ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15205 (In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, t ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15204 (In eager mode, TensorFlow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1  ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15203 (In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, b ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15202 (In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, t ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15201 (In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` impl ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15200 (In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` impl ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15199 (In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` does ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15198 (In Tensorflow before version 2.3.1, the `SparseCountSparseOutput` impl ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15197 (In Tensorflow before version 2.3.1, the `SparseCountSparseOutput` impl ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15196 (In Tensorflow version 2.3.0, the `SparseCountSparseOutput` and `Ragged ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15195 (In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, t ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15194 (In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, t ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15193 (In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of ` ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15192 (In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15191 (In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an inv ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15190 (In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, t ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-15189 (SOY CMS 3.0.2 and earlier is affected by Remote Code Execution (RCE) u ...)
	NOT-FOR-US: SOY CMS
CVE-2020-15188 (SOY CMS 3.0.2.327 and earlier is affected by Unauthenticated Remote Co ...)
	NOT-FOR-US: SOY CMS
CVE-2020-15187 (In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain d ...)
	- helm-kubernetes <itp> (bug #910799)
CVE-2020-15186 (In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitiz ...)
	- helm-kubernetes <itp> (bug #910799)
CVE-2020-15185 (In Helm before versions 2.16.11 and 3.3.2, a Helm repository can conta ...)
	- helm-kubernetes <itp> (bug #910799)
CVE-2020-15184 (In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the  ...)
	- helm-kubernetes <itp> (bug #910799)
CVE-2020-15183 (SoyCMS 3.0.2 and earlier is affected by Reflected Cross-Site Scripting ...)
	NOT-FOR-US: SoyCMS
CVE-2020-15182 (The SOY Inquiry component of SOY CMS is affected by Cross-site Request ...)
	NOT-FOR-US: SoyCMS
CVE-2020-15181 (The Alfresco Reset Password add-on before version 1.2.0 relies on untr ...)
	NOT-FOR-US: Alfresco Reset Password add-on
CVE-2020-15180 (A flaw was found in the mysql-wsrep component of mariadb. Lack of inpu ...)
	{DSA-4776-1 DLA-2409-1}
	- mariadb-10.5 1:10.5.6-1
	[experimental] - mariadb-10.3 1:10.3.27-1~exp1
	- mariadb-10.3 <unfixed> (bug #972746)
	- mariadb-10.1 <removed>
	- percona-xtradb-cluster-5.5 <removed>
	NOTE: Fixed in MariaDB 10.5.6, 10.4.15, 10.3.25, 10.2.34, 10.1.47
	NOTE: https://jira.mariadb.org/browse/MDEV-23884
	NOTE: https://www.percona.com/blog/2020/10/30/cve-2020-15180-affects-percona-xtradb-cluster/
CVE-2020-15179 (The ScratchSig extension for MediaWiki before version 1.0.1 allows sto ...)
	NOT-FOR-US: ScratchSig MediaWiki extension
CVE-2020-15178 (In PrestaShop contactform module (prestashop/contactform) before versi ...)
	NOT-FOR-US: PrestaShop
CVE-2020-15177 (In GLPI before version 9.5.2, the `install/install.php` endpoint insec ...)
	- glpi <removed>
CVE-2020-15176 (In GLPI before version 9.5.2, when supplying a back tick in input that ...)
	- glpi <removed>
CVE-2020-15175 (In GLPI before version 9.5.2, the `&#8203;pluginimage.send.php&#8203;` ...)
	- glpi <removed>
CVE-2020-15174 (In Electron before versions 11.0.0-beta.1, 10.0.1, 9.3.0 or 8.5.1 the  ...)
	- electron <itp> (bug #842420)
CVE-2020-15173 (In ACCEL-PPP (an implementation of PPTP/PPPoE/L2TP/SSTP), there is a b ...)
	NOT-FOR-US: ACCEL-PPP
CVE-2020-15172 (The Act module for Red Discord Bot before commit 6b9f3b86 is vulnerabl ...)
	NOT-FOR-US: Act module for Red Discord Bot
CVE-2020-15171 (In XWiki before versions 11.10.5 or 12.2.1, any user with SCRIPT right ...)
	NOT-FOR-US: XWiki
CVE-2020-15170 (apollo-adminservice before version 1.7.1 does not implement access con ...)
	NOT-FOR-US: apollo-adminservice
CVE-2020-15169 (In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potentia ...)
	{DSA-4766-1 DLA-2403-1}
	- rails 2:6.0.3.3+dfsg-1 (bug #970040)
	NOTE: https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionview/CVE-2020-15169.yml
	NOTE: https://groups.google.com/g/rubyonrails-security/c/b-C9kSGXYrc?pli=1
	NOTE: https://github.com/rails/rails/commit/e663f084460ea56c55c3dc76f78c7caeddeeb02e (master)
	NOTE: https://github.com/rails/rails/commit/aaa7ab1320330b3c4fa8f0fbda716dcfa21e3d65 (5.2)
CVE-2020-15168 (node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the si ...)
	[experimental] - node-fetch 2.6.1-1
	- node-fetch 2.6.1-2 (bug #970173)
	[buster] - node-fetch <ignored> (Minor issue; Intrusive to backport)
	NOTE: https://github.com/node-fetch/node-fetch/security/advisories/GHSA-w7rc-rwvf-8q5r
CVE-2020-15167 (In Miller (command line utility) using the configuration file support  ...)
	- miller 5.9.1+dfsg-1 (bug #969467)
	[buster] - miller <not-affected> (Introduced in 5.9.0)
	[stretch] - miller <not-affected> (Introduced in 5.9.0)
	NOTE: https://github.com/johnkerl/miller/security/advisories/GHSA-mw2v-4q78-j2cw
CVE-2020-15166 (In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerabi ...)
	{DSA-4761-1 DLA-2443-1}
	- zeromq3 4.3.3-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/09/07/3
	NOTE: https://github.com/zeromq/libzmq/security/advisories/GHSA-25wp-cf8g-938m
	NOTE: https://github.com/zeromq/libzmq/commit/e7f0090b161ce6344f6bd35009816a925c070b09
CVE-2020-15165 (Version 1.1.6-free of Chameleon Mini Live Debugger on Google Play Stor ...)
	NOT-FOR-US: Chameleon Mini Live Debugger
CVE-2020-15164 (in Scratch Login (MediaWiki extension) before version 1.1, any account ...)
	NOT-FOR-US: Scrach Login MediaWiki extension
CVE-2020-15163 (Python TUF (The Update Framework) reference implementation before vers ...)
	- python-tuf <itp> (bug #934151)
CVE-2020-15162 (In PrestaShop from version 1.5.0.0 and before version 1.7.6.8, users a ...)
	NOT-FOR-US: PrestaShop
CVE-2020-15161 (In PrestaShop from version 1.6.0.4 and before version 1.7.6.8 an attac ...)
	NOT-FOR-US: PrestaShop
CVE-2020-15160 (PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerab ...)
	NOT-FOR-US: PrestaShop
CVE-2020-15159 (baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) a ...)
	NOT-FOR-US: baserCMS
CVE-2020-15158 (In libIEC61850 before version 1.4.3, when a message with COTP message  ...)
	NOT-FOR-US: libIEC61850
CVE-2020-15157 (In containerd (an industry-standard container runtime) before version  ...)
	{DSA-4865-1}
	- containerd 1.3.2~ds1-2
	- docker.io 19.03.13+dfsg2-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/10/15/1
	NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-742w-89gc-8m9c
	NOTE: https://github.com/containerd/containerd/commit/1ead8d9deb3b175bf40413b8c47b3d19c2262726 (v1.2.14)
	NOTE: docker.io switched to systemwide containerd packages in 20.10.0~rc1+dfsg2-1
	NOTE: docker.io/19.03.13+dfsg2-1 uses containerd 1.3.7
CVE-2020-15156 (In nodebb-plugin-blog-comments before version 0.7.0, a logged in user  ...)
	NOT-FOR-US: nodebb-plugin-blog-comments
CVE-2020-15155 (baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) v ...)
	NOT-FOR-US: baserCMS
CVE-2020-15154 (baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) v ...)
	NOT-FOR-US: baserCMS
CVE-2020-15153 (Ampache before version 4.2.2 allows unauthenticated users to perform S ...)
	- ampache <removed>
CVE-2020-15152 (ftp-srv is an npm package which is a modern and extensible FTP server  ...)
	NOT-FOR-US: Node ftp-srv
CVE-2020-15151 (OpenMage LTS before versions 19.4.6 and 20.0.2 allows attackers to cir ...)
	NOT-FOR-US: OpenMage
CVE-2020-15150 (There is a vulnerability in Paginator (Elixir/Hex package) which makes ...)
	NOT-FOR-US: Paginator
CVE-2020-15149 (NodeBB before version 1.14.3 has a bug introduced in version 1.12.2 in ...)
	NOT-FOR-US: NodeBB
CVE-2020-15148 (Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote cod ...)
	- yii <itp> (bug #597899)
CVE-2020-15147 (Red Discord Bot before versions 3.3.12 and 3.4 has a Remote Code Execu ...)
	NOT-FOR-US: Red Discord Bot
CVE-2020-15146 (In SyliusResourceBundle before versions 1.3.14, 1.4.7, 1.5.2 and 1.6.4 ...)
	NOT-FOR-US: SyliusResourceBundle
CVE-2020-15145 (In Composer-Setup for Windows before version 6.0.0, if the developer's ...)
	NOT-FOR-US: Composer-Setup for Windows
CVE-2020-15144
	RESERVED
CVE-2020-15143 (In SyliusResourceBundle before versions 1.3.14, 1.4.7, 1.5.2 and 1.6.4 ...)
	NOT-FOR-US: SyliusResourceBundle
CVE-2020-15142 (In openapi-python-client before version 0.5.3, clients generated with  ...)
	NOT-FOR-US: openapi-python-client
CVE-2020-15141 (In openapi-python-client before version 0.5.3, there is a path travers ...)
	NOT-FOR-US: openapi-python-client
CVE-2020-15140 (In Red Discord Bot before version 3.3.11, a RCE exploit has been disco ...)
	NOT-FOR-US: Red Discord Bot
CVE-2020-15139 (In MyBB before version 1.8.24, the custom MyCode (BBCode) for the visu ...)
	NOT-FOR-US: MyBB
CVE-2020-15138 (Prism is vulnerable to Cross-Site Scripting. The easing preview of the ...)
	- node-prismjs 1.11.0+dfsg-4 (bug #968094)
	NOTE: https://github.com/PrismJS/prism/security/advisories/GHSA-wvhm-4hhf-97x9
	NOTE: https://github.com/PrismJS/prism/commit/8bba4880202ef6bd7a1e379fe9aebe69dd75f7be
CVE-2020-15137 (All versions of HoRNDIS are affected by an integer overflow in the RND ...)
	NOT-FOR-US: HoRNDIS
CVE-2020-15136 (In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication  ...)
	[experimental] - etcd 3.3.25+dfsg-1
	- etcd 3.3.25+dfsg-5 (bug #968752)
	[buster] - etcd <no-dsa> (Minor issue)
	NOTE: https://github.com/etcd-io/etcd/security/advisories/GHSA-wr2v-9rpq-c35q
CVE-2020-15135 (save-server (npm package) before version 1.05 is affected by a CSRF vu ...)
	NOT-FOR-US: Node save-server
CVE-2020-15134 (Faye before version 1.4.0, there is a lack of certification validation ...)
	- ruby-faye 1.4.0-1 (bug #967063)
	[buster] - ruby-faye <no-dsa> (Minor issue)
	NOTE: https://github.com/faye/faye/security/advisories/GHSA-3q49-h8f9-9fr9
	NOTE: https://github.com/faye/faye/issues/524
	NOTE: https://blog.jcoglan.com/2020/07/31/missing-tls-verification-in-faye/
CVE-2020-15133 (In faye-websocket before version 0.11.0, there is a lack of certificat ...)
	- ruby-faye-websocket 0.11.0-1 (bug #967061)
	[buster] - ruby-faye-websocket <no-dsa> (Minor issue)
	NOTE: https://github.com/faye/faye-websocket-ruby/security/advisories/GHSA-2v5c-755p-p4gv
	NOTE: https://github.com/faye/faye-websocket-ruby/pull/129
	NOTE: https://blog.jcoglan.com/2020/07/31/missing-tls-verification-in-faye/
CVE-2020-15132 (In Sulu before versions 1.6.35, 2.0.10, and 2.1.1, when the "Forget pa ...)
	NOT-FOR-US: Sulu
CVE-2020-15131 (In SLP Validate (npm package slp-validate) before version 1.2.2, there ...)
	NOT-FOR-US: Node slp-validate
CVE-2020-15130 (In SLPJS (npm package slpjs) before version 0.27.4, there is a vulnera ...)
	NOT-FOR-US: Node slpjs
CVE-2020-15129 (In Traefik before versions 1.7.26, 2.2.8, and 2.3.0-rc3, there exists  ...)
	NOT-FOR-US: Traefik
CVE-2020-15128 (In OctoberCMS before version 1.0.468, encrypted cookie values were not ...)
	NOT-FOR-US: October CMS
CVE-2020-15127 (In Contour ( Ingress controller for Kubernetes) before version 1.7.0,  ...)
	NOT-FOR-US: Countour
CVE-2020-15126 (In parser-server from version 3.5.0 and before 4.3.0, an authenticated ...)
	NOT-FOR-US: Node parser-server
CVE-2020-15125 (In auth0 (npm package) versions before 2.27.1, a DenyList of specific  ...)
	NOT-FOR-US: Node auth0
CVE-2020-15124 (In Goobi Viewer Core before version 4.8.3, a path traversal vulnerabil ...)
	NOT-FOR-US: Goobi Viewer Core
CVE-2020-15123 (In codecov (npm package) before version 3.7.1 the upload method has a  ...)
	NOT-FOR-US: Node codedev
CVE-2020-15122
	RESERVED
CVE-2020-15121 (In radare2 before version 4.5.0, malformed PDB file names in the PDB s ...)
	- radare2 5.0.0+dfsg-1
	NOTE: https://github.com/radareorg/radare2/security/advisories/GHSA-r552-vp94-9358
	NOTE: https://github.com/radareorg/radare2/commit/04edfa82c1f3fa2bc3621ccdad2f93bdbf00e4f9
	NOTE: https://github.com/radareorg/radare2/issues/16945
	NOTE: https://github.com/radareorg/radare2/pull/16966
CVE-2020-15120 (In "I hate money" before version 4.1.5, an authenticated member of one ...)
	NOT-FOR-US: ihatemoney
CVE-2020-15119 (In auth0-lock versions before and including 11.25.1, dangerouslySetInn ...)
	NOT-FOR-US: Node auth0-lock
CVE-2020-15118 (In Wagtail before versions 2.7.4 and 2.9.3, when a form page type is m ...)
	NOT-FOR-US: Wagtail
CVE-2020-15117 (In Synergy before version 1.12.0, a Synergy server can be crashed by r ...)
	- synergy <removed>
	[stretch] - synergy <no-dsa> (minor issue, low priority)
	NOTE: https://github.com/symless/synergy-core/commit/0a97c2be0da2d0df25cb86dfd642429e7a8bea39
	NOTE: https://github.com/symless/synergy-core/security/advisories/GHSA-chfm-333q-gfpp
CVE-2020-15116
	RESERVED
CVE-2020-15115 (etcd before versions 3.3.23 and 3.4.10 does not perform any password l ...)
	[experimental] - etcd 3.3.25+dfsg-1
	- etcd 3.3.25+dfsg-5 (bug #968740)
	[buster] - etcd <no-dsa> (Minor issue)
	NOTE: https://github.com/etcd-io/etcd/security/advisories/GHSA-4993-m7g5-r9hh
CVE-2020-15114 (In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simpl ...)
	[experimental] - etcd 3.3.25+dfsg-1
	- etcd 3.3.25+dfsg-5 (bug #968740)
	[buster] - etcd <no-dsa> (Minor issue)
	NOTE: https://github.com/etcd-io/etcd/security/advisories/GHSA-2xhq-gv6c-p224
CVE-2020-15113 (In etcd before versions 3.3.23 and 3.4.10, certain directory paths are ...)
	[experimental] - etcd 3.3.25+dfsg-1
	- etcd 3.3.25+dfsg-5 (bug #968740)
	[buster] - etcd <no-dsa> (Minor issue)
	NOTE: https://github.com/etcd-io/etcd/security/advisories/GHSA-chh6-ppwq-jh92
CVE-2020-15112 (In etcd before versions 3.3.23 and 3.4.10, it is possible to have an e ...)
	[experimental] - etcd 3.3.25+dfsg-1
	- etcd 3.3.25+dfsg-5 (bug #968740)
	[buster] - etcd <no-dsa> (Minor issue)
	NOTE: https://github.com/etcd-io/etcd/security/advisories/GHSA-m332-53r6-2w93
CVE-2020-15111 (In Fiber before version 1.12.6, the filename that is given in c.Attach ...)
	NOT-FOR-US: Fiber
CVE-2020-15110 (In jupyterhub-kubespawner before 0.12, certain usernames will be able  ...)
	NOT-FOR-US: jupyterhub-kubespawner
CVE-2020-15109 (In solidus before versions 2.8.6, 2.9.6, and 2.10.2, there is an bilit ...)
	NOT-FOR-US: solidus
CVE-2020-15108 (In glpi before 9.5.1, there is a SQL injection for all usages of "Clon ...)
	- glpi <removed> (unimportant)
	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-qv6w-68gq-wx2v
	NOTE: https://github.com/glpi-project/glpi/commit/a4baa64114eb92fd2adf6056a36e0582324414ba
	NOTE: https://github.com/glpi-project/glpi/pull/6684
	NOTE: Only supported behind an authenticated HTTP zone
CVE-2020-15107 (In openenclave before 0.10.0, enclaves that use x87 FPU operations are ...)
	NOT-FOR-US: openenclave
CVE-2020-15106 (In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic  ...)
	[experimental] - etcd 3.3.25+dfsg-1
	- etcd 3.3.25+dfsg-5 (bug #968740)
	[buster] - etcd <no-dsa> (Minor issue)
	NOTE: https://github.com/etcd-io/etcd/security/advisories/GHSA-p4g4-wgrh-qrg2
CVE-2020-15105 (Django Two-Factor Authentication before 1.12, stores the user's passwo ...)
	NOT-FOR-US: Django Two-Factor Authentication
CVE-2020-15104 (In Envoy before versions 1.12.6, 1.13.4, 1.14.4, and 1.15.0 when valid ...)
	- envoyproxy <itp> (bug #987544)
CVE-2020-15103 (In FreeRDP less than or equal to 2.1.2, an integer overflow exists due ...)
	- freerdp2 2.2.0+dfsg1-1 (bug #965979)
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <not-affected> (Vulnerable gfx code not present)
	NOTE: https://github.com/FreeRDP/FreeRDP/pull/6381
	NOTE: https://github.com/FreeRDP/FreeRDP/commit/be8c8640ead04b1e4fc9176c504bf688351c8924 (stable-2.0)
	NOTE: https://github.com/FreeRDP/FreeRDP/commit/da684f5335c2b3b726a39f3c091ce804e55f4f8e (stable-2.0)
CVE-2020-15102 (In PrestaShop Dashboard Productions before version 2.1.0, there is imp ...)
	NOT-FOR-US: PrestaShop
CVE-2020-15101 (In freewvs before 0.1.1, a directory structure of more than 1000 neste ...)
	NOT-FOR-US: freewvs
CVE-2020-15100 (In freewvs before 0.1.1, a user could create a large file that freewvs ...)
	NOT-FOR-US: freewvs
CVE-2020-15099 (In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.20, and  ...)
	NOT-FOR-US: TYPO3
CVE-2020-15098 (In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.20, and  ...)
	NOT-FOR-US: TYPO3
CVE-2020-15097 (loklak is an open-source server application which is able to collect m ...)
	NOT-FOR-US: loklak
CVE-2020-15096 (In Electron before versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21, the ...)
	- electron <itp> (bug #842420)
CVE-2020-15095 (Versions of the npm CLI prior to 6.14.6 are vulnerable to an informati ...)
	- npm 6.14.6+ds-1 (low; bug #964746)
	[buster] - npm 5.8.0+ds6-4+deb10u2
	NOTE: https://github.com/npm/cli/security/advisories/GHSA-93f3-23rq-pjfp
	NOTE: https://github.com/npm/cli/commit/a9857b8f6869451ff058789c4631fadfde5bbcbc
CVE-2020-15094 (In Symfony before versions 4.4.13 and 5.1.5, the CachingHttpClient cla ...)
	- symfony 4.4.13+dfsg-1
	[buster] - symfony <not-affected> (Vulnerable code introduced later - in v4.4.0)
	[stretch] - symfony <not-affected> (Vulnerable code introduced later - in v4.4.0)
	NOTE: https://github.com/symfony/symfony/security/advisories/GHSA-754h-5r27-7x3r
	NOTE: https://github.com/symfony/symfony/commit/d9910e0b33a2e0f993abff41c6fbc86951b66d78
CVE-2020-15093 (The tough library (Rust/crates.io) prior to version 0.7.1 does not pro ...)
	NOT-FOR-US: Rust tough
CVE-2020-15092 (In TimelineJS before version 3.7.0, some user data renders as HTML. An ...)
	NOT-FOR-US: TimelineJS
CVE-2020-15091 (TenderMint from version 0.33.0 and before version 0.33.6 allows block  ...)
	NOT-FOR-US: TenderMint
CVE-2020-15090
	RESERVED
CVE-2020-15089
	RESERVED
CVE-2020-15088
	RESERVED
CVE-2020-15087 (In Presto before version 337, authenticated users can bypass authoriza ...)
	NOT-FOR-US: Presto query engine, different from src:presto
CVE-2020-15086 (In TYPO3 installations with the "mediace" extension from version 7.6.2 ...)
	NOT-FOR-US: TYPO3
CVE-2020-15085 (In Saleor Storefront before version 2.10.3, request data used to authe ...)
	NOT-FOR-US: Saleor Storefront
CVE-2020-15084 (In express-jwt (NPM package) up and including version 5.3.3, the algor ...)
	NOT-FOR-US: Node express-jwt
CVE-2020-15083 (In PrestaShop from version 1.7.0.0 and before version 1.7.6.6, if a ta ...)
	NOT-FOR-US: PrestaShop
CVE-2020-15082 (In PrestaShop from version 1.6.0.1 and before version 1.7.6.6, the das ...)
	NOT-FOR-US: PrestaShop
CVE-2020-15081 (In PrestaShop from version 1.5.0.0 and before 1.7.6.6, there is inform ...)
	NOT-FOR-US: PrestaShop
CVE-2020-15080 (In PrestaShop from version 1.7.4.0 and before version 1.7.6.6, some fi ...)
	NOT-FOR-US: PrestaShop
CVE-2020-15079 (In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, there i ...)
	NOT-FOR-US: PrestaShop
CVE-2020-15078 (OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass ...)
	- openvpn 2.5.1-2 (bug #987380)
	[buster] - openvpn 2.4.7-1+deb10u1
	[stretch] - openvpn <no-dsa> (Minor issue)
	NOTE: https://github.com/OpenVPN/openvpn/commit/f7b3bf067ffce72e7de49a4174fd17a3a83f0573 (v2.5.2)
	NOTE: https://github.com/OpenVPN/openvpn/commit/3d18e308c4e7e6f7ab7c2826c70d2d07b031c18a (v2.5.2)
	NOTE: https://github.com/OpenVPN/openvpn/commit/3aca477a1b58714754fea3a26d0892fffc51db6b (v2.5.2)
	NOTE: https://github.com/OpenVPN/openvpn/commit/0e5516a9d656ce86f7fb370c824344ea1760c255 (2.4.11)
CVE-2020-15077 (OpenVPN Access Server 2.8.7 and earlier versions allows a remote attac ...)
	NOT-FOR-US: OpenVPN Access Server (security impact for src:openvpn covered by CVE-2020-15078)
CVE-2020-15076 (Private Tunnel installer for macOS version 3.0.1 and older versions ma ...)
	NOT-FOR-US: Private Tunnel installer for macOS
CVE-2020-15075 (OpenVPN Connect installer for macOS version 3.2.6 and older may corrup ...)
	NOT-FOR-US: OpenVPN Connect installer for macOS
CVE-2020-15074 (OpenVPN Access Server older than version 2.8.4 and version 2.9.5 gener ...)
	NOT-FOR-US: OpenVPN Access Server
CVE-2020-15073 (An issue was discovered in phpList through 3.5.4. An XSS vulnerability ...)
	- phplist <itp> (bug #612288)
CVE-2020-15072 (An issue was discovered in phpList through 3.5.4. An error-based SQL I ...)
	- phplist <itp> (bug #612288)
CVE-2020-15071 (content/content.blueprintsevents.php in Symphony CMS 3.0.0 allows XSS  ...)
	NOT-FOR-US: Symphony CMS
CVE-2020-15070 (Zulip Server 2.x before 2.1.7 allows eval injection if a privileged at ...)
	- zulip-server <itp> (bug #800052)
CVE-2020-15069 (Sophos XG Firewall 17.x through v17.5 MR12 allows a Buffer Overflow an ...)
	NOT-FOR-US: Sophos
CVE-2020-15068
	RESERVED
CVE-2020-15067
	RESERVED
CVE-2020-15066
	RESERVED
CVE-2020-15065 (DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices al ...)
	NOT-FOR-US: DIGITUS DA-70254 4-Port Gigabit Network Hub devices
CVE-2020-15064 (DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices al ...)
	NOT-FOR-US: DIGITUS DA-70254 4-Port Gigabit Network Hub devices
CVE-2020-15063 (DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices al ...)
	NOT-FOR-US: DIGITUS DA-70254 4-Port Gigabit Network Hub devices
CVE-2020-15062 (DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices al ...)
	NOT-FOR-US: DIGITUS DA-70254 4-Port Gigabit Network Hub devices
CVE-2020-15061 (Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices al ...)
	NOT-FOR-US: Lindy 42633 4-Port USB 2.0 Gigabit Network Server devices
CVE-2020-15060 (Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices al ...)
	NOT-FOR-US: Lindy 42633 4-Port USB 2.0 Gigabit Network Server devices
CVE-2020-15059 (Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices al ...)
	NOT-FOR-US: Lindy 42633 4-Port USB 2.0 Gigabit Network Server devices
CVE-2020-15058 (Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices al ...)
	NOT-FOR-US: Lindy 42633 4-Port USB 2.0 Gigabit Network Server devices
CVE-2020-15057 (TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 al ...)
	NOT-FOR-US: TP-Link
CVE-2020-15056 (TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 al ...)
	NOT-FOR-US: TP-Link
CVE-2020-15055 (TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 al ...)
	NOT-FOR-US: TP-Link
CVE-2020-15054 (TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 al ...)
	NOT-FOR-US: TP-Link
CVE-2020-15053 (An issue was discovered in Artica Proxy CE before 4.28.030.418. Reflec ...)
	NOT-FOR-US: Artica Proxy
CVE-2020-15052 (An issue was discovered in Artica Proxy CE before 4.28.030.418. SQL In ...)
	NOT-FOR-US: Artica Proxy
CVE-2020-15051 (An issue was discovered in Artica Proxy before 4.30.000000. Stored XSS ...)
	NOT-FOR-US: Artica Proxy
CVE-2020-15050 (An issue was discovered in the Video Extension in Suprema BioStar 2 be ...)
	NOT-FOR-US: Suprema BioStar
CVE-2020-15049 (An issue was discovered in http/ContentLengthInterpreter.cc in Squid b ...)
	{DSA-4732-1 DLA-2394-1}
	- squid 4.12-1
	- squid3 <removed>
	NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-qf3v-rc95-96j5
	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-ea12a34d338b962707d5078d6d1fc7c6eb119a22.patch
CVE-2020-15048
	RESERVED
CVE-2020-15047 (MSA/SMTP.cpp in Trojita before 0.8 ignores certificate-verification er ...)
	- trojita <itp> (bug #795701)
CVE-2020-15046 (The web interface on Supermicro X10DRH-iT motherboards with BIOS 2.0a  ...)
	NOT-FOR-US: Supermicro
CVE-2020-15045
	RESERVED
CVE-2020-15044
	RESERVED
CVE-2020-15043 (iBall WRB303N devices allow CSRF attacks, as demonstrated by enabling  ...)
	NOT-FOR-US: iBall WRB303N devices
CVE-2020-15042
	RESERVED
CVE-2020-15041 (PHP-Fusion 9.03.60 allows XSS via the administration/site_links.php Ad ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-15040
	RESERVED
CVE-2020-15039
	RESERVED
CVE-2020-15038 (The SeedProd coming-soon plugin before 5.1.1 for WordPress allows XSS. ...)
	NOT-FOR-US: WordPress plugin
CVE-2020-15037 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...)
	NOT-FOR-US: NeDi
CVE-2020-15036 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...)
	NOT-FOR-US: NeDi
CVE-2020-15035 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...)
	NOT-FOR-US: NeDi
CVE-2020-15034 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...)
	NOT-FOR-US: NeDi
CVE-2020-15033 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...)
	NOT-FOR-US: NeDi
CVE-2020-15032 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...)
	NOT-FOR-US: NeDi
CVE-2020-15031 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...)
	NOT-FOR-US: NeDi
CVE-2020-15030 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...)
	NOT-FOR-US: NeDi
CVE-2020-15029 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...)
	NOT-FOR-US: NeDi
CVE-2020-15028 (NeDi 1.9C is vulnerable to a cross-site scripting (XSS) attack. The ap ...)
	NOT-FOR-US: NeDi
CVE-2020-15027 (ConnectWise Automate through 2020.x has insufficient validation on cer ...)
	NOT-FOR-US: ConnectWise
CVE-2020-15026 (Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../  ...)
	NOT-FOR-US: Bludit
CVE-2020-15025 (ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remo ...)
	- ntp 1:4.2.8p15-1 (low; bug #963807)
	[buster] - ntp <no-dsa> (Minor issue)
	[stretch] - ntp <not-affected> (Vulnerable code introduced later)
	[jessie] - ntp <not-affected> (Vulnerable code introduced later)
	- ntpsec <not-affected> (Vulnerable code not present)
	NOTE: https://support.ntp.org/bin/view/Main/NtpBug3661
	NOTE: https://support.ntp.org/bin/view/Main/SecurityNotice#June_2020_ntp_4_2_8p15_NTP_Relea
	NOTE: https://bugs.ntp.org/show_bug.cgi?id=3661
	NOTE: http://bk.ntp.org/ntp-stable/?PAGE=patch&REV=5e84aa07N2NcL4sE_0dW35Tizc74SA
CVE-2020-15024 (An issue was discovered in the Login Password feature of the Password  ...)
	NOT-FOR-US: Avast Antivirus
CVE-2020-15023 (Askey AP5100W devices through AP5100W_Dual_SIG_1.01.097 are affected b ...)
	NOT-FOR-US: Askey
CVE-2020-15022
	RESERVED
CVE-2020-15021
	RESERVED
CVE-2020-15020 (An issue was discovered in the Elementor plugin through 2.9.13 for Wor ...)
	NOT-FOR-US: Elementor plugin for WordPress
CVE-2020-15019
	RESERVED
CVE-2020-15018 (playSMS through 1.4.3 is vulnerable to session fixation. ...)
	NOT-FOR-US: playSMS
CVE-2020-15017 (NeDi 1.9C is vulnerable to reflected cross-site scripting. The Devices ...)
	NOT-FOR-US: NeDi
CVE-2020-15016 (NeDi 1.9C is vulnerable to reflected cross-site scripting. The Other-C ...)
	NOT-FOR-US: NeDi
CVE-2020-15015 (The FileExplorer component in GleamTech FileUltimate 6.1.5.0 allows XS ...)
	NOT-FOR-US: FileExplorer component in GleamTech FileUltimate
CVE-2020-15014 (pramodmahato BlogCMS through 2019-12-31 has admin/changepass.php CSRF. ...)
	NOT-FOR-US: BlogCMS
CVE-2020-15013
	RESERVED
CVE-2020-15012 (A Directory Traversal issue was discovered in Sonatype Nexus Repositor ...)
	NOT-FOR-US: Sonatype Nexus Repository Manager
CVE-2020-15011 (GNU Mailman before 2.1.33 allows arbitrary content injection via the C ...)
	{DSA-4991-1 DLA-2276-1 DLA-2265-1}
	- mailman <removed>
	NOTE: https://bugs.launchpad.net/mailman/+bug/1877379
	NOTE: Fixed by: https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1848
CVE-2020-15010
	RESERVED
CVE-2020-15009 (AsusScreenXpertServicec.exe and ScreenXpertUpgradeServiceManager.exe i ...)
	NOT-FOR-US: ASUS
CVE-2020-15008 (A SQLi exists in the probe code of all Connectwise Automate versions b ...)
	NOT-FOR-US: Connectwise
CVE-2020-15007 (A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tec ...)
	- rbdoom3bfg <unfixed> (unimportant)
	NOTE: https://github.com/AXDOOMER/doom-vanille/commit/8a6d9a02fa991a91ff90ccdc73b5ceabaa6cb9ec
	NOTE: Problematic code not built
CVE-2020-15006 (Bludit 3.12.0 allows stored XSS via JavaScript code in an SVG document ...)
	NOT-FOR-US: Bludit
CVE-2020-15005 (In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34. ...)
	{DSA-4767-1 DLA-2504-1}
	- mediawiki 1:1.31.8-1
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-June/093535.html
CVE-2020-15004 (OX App Suite through 7.10.3 allows stats/diagnostic?param= XSS. ...)
	NOT-FOR-US: Open-Xchange App Suite
CVE-2020-15003 (OX App Suite through 7.10.3 allows Information Exposure because a user ...)
	NOT-FOR-US: Open-Xchange App Suite
CVE-2020-15002 (OX App Suite through 7.10.3 allows SSRF via the the /ajax/messaging/me ...)
	NOT-FOR-US: Open-Xchange App Suite
CVE-2020-15001 (An information leak was discovered on Yubico YubiKey 5 NFC devices 5.0 ...)
	NOT-FOR-US: Yubico YubiKey 5 NFC devices
CVE-2020-15000 (A PIN management problem was discovered on Yubico YubiKey 5 devices 5. ...)
	NOT-FOR-US: Yubico YubiKey 5 devices
CVE-2020-14999 (A logic bug in system monitoring driver of Acronis Agent after 12.5.21 ...)
	NOT-FOR-US: Acronis
CVE-2020-14998
	RESERVED
CVE-2020-14997
	RESERVED
CVE-2020-14996
	RESERVED
CVE-2020-14995
	RESERVED
CVE-2020-14994
	RESERVED
CVE-2020-14993 (A stack-based buffer overflow on DrayTek Vigor2960, Vigor3900, and Vig ...)
	NOT-FOR-US: DrayTek devices
CVE-2020-14992
	RESERVED
CVE-2020-14991
	RESERVED
CVE-2020-14990 (IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain p ...)
	NOT-FOR-US: IOBit Advanced SystemCare Free
CVE-2020-14989 (An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0  ...)
	NOT-FOR-US: Bloomreach Experience Manager (brXM)
CVE-2020-14988 (An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0  ...)
	NOT-FOR-US: Bloomreach Experience Manager (brXM)
CVE-2020-14987 (An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0  ...)
	NOT-FOR-US: Bloomreach Experience Manager (brXM)
CVE-2020-14986
	RESERVED
CVE-2020-14985
	RESERVED
CVE-2020-14984
	RESERVED
CVE-2020-14983 (The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't valid ...)
	- crispy-doom 5.9.0-1 (bug #964564)
	[buster] - crispy-doom <no-dsa> (Minor issue)
	- chocolate-doom 3.0.1-1
	[buster] - chocolate-doom 3.0.0-4+deb10u1
	[stretch] - chocolate-doom <no-dsa> (Minor issue)
	[jessie] - chocolate-doom <end-of-life> (games are not supported)
	NOTE: https://github.com/chocolate-doom/chocolate-doom/issues/1293
	NOTE: https://github.com/chocolate-doom/chocolate-doom/commit/8b6cfbfc6c934923b3c2c16e5e7e5a74d5d238e1
	NOTE: https://github.com/fabiangreffrath/crispy-doom/commit/8b6cfbfc6c934923b3c2c16e5e7e5a74d5d238e1
CVE-2020-14982 (A Blind SQL Injection vulnerability in Kronos WebTA 3.8.x and later be ...)
	NOT-FOR-US: Kronos WebTA
CVE-2020-14981 (The ThreatTrack VIPRE Password Vault app through 1.100.1090 for iOS ha ...)
	NOT-FOR-US: ThreatTrack VIPRE Password Vault app for IOS
CVE-2020-14980 (The Sophos Secure Email application through 3.9.4 for Android has Miss ...)
	NOT-FOR-US: Sophos Secure Email application for Android
CVE-2020-14979 (The WinRing0.sys and WinRing0x64.sys drivers 1.2.0 in EVGA Precision X ...)
	NOT-FOR-US: EVGA Precision X1
CVE-2020-14978 (An issue was discovered in F-Secure SAFE 17.7 on macOS. Due to incorre ...)
	NOT-FOR-US: F-Secure SAFE
CVE-2020-14977 (An issue was discovered in F-Secure SAFE 17.7 on macOS. The XPC servic ...)
	NOT-FOR-US: F-Secure SAFE
CVE-2020-14976 (GNS3 ubridge through 0.9.18 on macOS, as used in GNS3 server before 2. ...)
	- gns3-server <itp> (bug #766166)
CVE-2020-14975 (The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to del ...)
	NOT-FOR-US: IOBit Unlocker
CVE-2020-14974 (The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to unl ...)
	NOT-FOR-US: IOBit Unlocker
CVE-2020-14973 (The loginForm within the general/login.php webpage in webTareas 2.0p8  ...)
	NOT-FOR-US: webTareas
CVE-2020-14972 (Multiple SQL injection vulnerabilities in Sourcecodester Pisay Online  ...)
	NOT-FOR-US: Sourcecodester Pisay Online E-Learning System
CVE-2020-14971 (Pi-hole through 5.0 allows code injection in piholedhcp (the Static DH ...)
	NOT-FOR-US: Pi-hole
CVE-2020-14970
	RESERVED
CVE-2020-14969 (app/Model/Attribute.php in MISP 2.4.127 lacks an ACL lookup on attribu ...)
	NOT-FOR-US: MISP
CVE-2020-14968 (An issue was discovered in the jsrsasign package before 8.0.17 for Nod ...)
	NOT-FOR-US: jsrsasign
CVE-2020-14967 (An issue was discovered in the jsrsasign package before 8.0.18 for Nod ...)
	NOT-FOR-US: jsrsasign
CVE-2020-14966 (An issue was discovered in the jsrsasign package through 8.0.18 for No ...)
	NOT-FOR-US: jsrsasign
CVE-2020-14965 (On TP-Link TL-WR740N v4 and TL-WR740ND v4 devices, an attacker with ac ...)
	NOT-FOR-US: TP-Link
CVE-2020-14964
	RESERVED
CVE-2020-14963
	RESERVED
CVE-2020-14962 (Multiple XSS vulnerabilities in the Final Tiles Gallery plugin before  ...)
	NOT-FOR-US: Final Tiles Gallery plugin for WordPress
CVE-2020-14961 (Concrete5 before 8.5.3 does not constrain the sort direction to a vali ...)
	NOT-FOR-US: Concrete5
CVE-2020-14960 (A SQL injection vulnerability in PHP-Fusion 9.03.50 affects the endpoi ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-14959 (Multiple XSS vulnerabilities in the Easy Testimonials plugin before 3. ...)
	NOT-FOR-US: Easy Testimonials plugin for WordPress
CVE-2020-14958 (In Gogs 0.11.91, MakeEmailPrimary in models/user_mail.go lacks a "not  ...)
	NOT-FOR-US: Go Git Service
CVE-2020-14957 (In Windows cleaning assistant 3.2, the driver file (AtpKrnl.sys) allow ...)
	NOT-FOR-US: Windows cleaning assistant
CVE-2020-14956 (In Windows cleaning assistant 3.2, the driver file (AtpKrnl.sys) allow ...)
	NOT-FOR-US: Windows cleaning assistant
CVE-2020-14955 (In Jiangmin Antivirus 16.0.13.129, the driver file (KVFG.sys) allows l ...)
	NOT-FOR-US: Jiangmin Antivirus
CVE-2020-14953
	RESERVED
CVE-2020-14952
	RESERVED
CVE-2020-14951
	RESERVED
CVE-2020-14950 (aaPanel through 6.6.6 allows remote authenticated users to execute arb ...)
	NOT-FOR-US: aaPanel
CVE-2020-14949
	RESERVED
CVE-2020-14948
	RESERVED
CVE-2020-14947 (OCS Inventory NG 2.7 allows Remote Command Execution via shell metacha ...)
	- ocsinventory-server <unfixed> (unimportant)
	NOTE: Only supported in trusted environments, see debtags
CVE-2020-14946 (downloadFile.ashx in the Administrator section of the Surveillance mod ...)
	NOT-FOR-US: Surveillance module in Global RADAR BSA Radar
CVE-2020-14945 (A privilege escalation vulnerability exists within Global RADAR BSA Ra ...)
	NOT-FOR-US: Global RADAR BSA Radar
CVE-2020-14944 (Global RADAR BSA Radar 1.6.7234.24750 and earlier lacks valid authoriz ...)
	NOT-FOR-US: Global RADAR BSA Radar
CVE-2020-14943 (The Firstname and Lastname parameters in Global RADAR BSA Radar 1.6.72 ...)
	NOT-FOR-US: Global RADAR BSA Radar
CVE-2020-14942 (Tendenci 12.0.10 allows unrestricted deserialization in apps\helpdesk\ ...)
	NOT-FOR-US: Tendenci
CVE-2020-14941
	RESERVED
CVE-2020-14940 (An issue was discovered in io/gpx/GPXDocumentReader.java in TuxGuitar  ...)
	- tuxguitar <unfixed> (bug #963626)
	[bullseye] - tuxguitar <no-dsa> (Minor issue)
	[buster] - tuxguitar <no-dsa> (Minor issue)
	[stretch] - tuxguitar <no-dsa> (Minor issue)
	[jessie] - tuxguitar <no-dsa> (Minor issue)
	NOTE: https://logicaltrust.net/blog/2020/06/tuxguitar.html
	NOTE: https://sourceforge.net/p/tuxguitar/bugs/126/
CVE-2020-14939 (An issue was discovered in savestruct_internal.c in FreedroidRPG 1.0rc ...)
	- freedroidrpg <unfixed> (low; bug #964197)
	[bullseye] - freedroidrpg <no-dsa> (Minor issue)
	[buster] - freedroidrpg <no-dsa> (Minor issue)
	[stretch] - freedroidrpg <no-dsa> (Minor issue)
	[jessie] - freedroidrpg <end-of-life> (games are not supported)
	NOTE: https://bugs.freedroid.org/b/issue953
	NOTE: https://logicaltrust.net/blog/2020/02/freedroid.html
CVE-2020-14938 (An issue was discovered in map.c in FreedroidRPG 1.0rc2. It assumes le ...)
	- freedroidrpg <unfixed> (low; bug #964197)
	[bullseye] - freedroidrpg <no-dsa> (Minor issue)
	[buster] - freedroidrpg <no-dsa> (Minor issue)
	[stretch] - freedroidrpg <no-dsa> (Minor issue)
	[jessie] - freedroidrpg <end-of-life> (games are not supported)
	NOTE: https://bugs.freedroid.org/b/issue952
	NOTE: https://logicaltrust.net/blog/2020/02/freedroid.html
CVE-2020-14937 (Memory access out of buffer boundaries issues was discovered in Contik ...)
	NOT-FOR-US: Contiki-NG
CVE-2020-14936 (Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the ...)
	NOT-FOR-US: Contiki-NG
CVE-2020-14935 (Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the ...)
	NOT-FOR-US: Contiki-NG
CVE-2020-14934 (Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the ...)
	NOT-FOR-US: Contiki-NG
CVE-2020-14933 (** DISPUTED ** compose.php in SquirrelMail 1.4.22 calls unserialize fo ...)
	- squirrelmail <removed>
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/20/1
CVE-2020-14932 (compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtoda ...)
	- squirrelmail <removed>
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/20/1
CVE-2020-14931 (A stack-based buffer overflow in DMitry (Deepmagic Information Gatheri ...)
	NOT-FOR-US: DMitry
CVE-2020-14930 (An issue was discovered in BT CTROMS Terminal OS Port Portal CT-464. A ...)
	NOT-FOR-US: BT CTROMS Terminal OS Port Portal CT-464
CVE-2020-14929 (Alpine before 2.23 silently proceeds to use an insecure connection aft ...)
	{DLA-2254-1}
	- alpine 2.23+dfsg1-1 (bug #963179)
	[buster] - alpine <no-dsa> (Minor issue)
	[stretch] - alpine <no-dsa> (Minor issue)
	NOTE: http://mailman13.u.washington.edu/pipermail/alpine-info/2020-June/008989.html
	NOTE: https://repo.or.cz/alpine.git/commitdiff/000edd9036b6aea5e6a06900ecd6c58faec665ab
CVE-2020-14928 (evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering is ...)
	{DSA-4725-1 DLA-2281-1}
	- evolution-data-server 3.36.4-1
	NOTE: https://gitlab.gnome.org/GNOME/evolution-data-server/-/issues/226
	NOTE: https://gitlab.gnome.org/GNOME//evolution-data-server/commit/ba82be72cfd427b5d72ff21f929b3a6d8529c4df
CVE-2020-14927 (Navigate CMS 2.9 allows XSS via the Alias or Real URL field of the "We ...)
	NOT-FOR-US: Navigate CMS
CVE-2020-14926 (CMS Made Simple 2.2.14 allows XSS via a Search Term to the admin/modul ...)
	NOT-FOR-US: CMS Made Simple
CVE-2020-14925
	RESERVED
CVE-2020-14924
	RESERVED
CVE-2020-14923
	RESERVED
CVE-2020-14922
	RESERVED
CVE-2020-14921
	RESERVED
CVE-2020-14920
	RESERVED
CVE-2020-14919
	RESERVED
CVE-2020-14918
	RESERVED
CVE-2020-14917
	RESERVED
CVE-2020-14916
	RESERVED
CVE-2020-14915
	RESERVED
CVE-2020-14914
	RESERVED
CVE-2020-14913
	RESERVED
CVE-2020-14912
	RESERVED
CVE-2020-14911
	RESERVED
CVE-2020-14910
	RESERVED
CVE-2020-14909
	RESERVED
CVE-2020-14908
	RESERVED
CVE-2020-14907
	RESERVED
CVE-2020-14906
	RESERVED
CVE-2020-14905
	RESERVED
CVE-2020-14904
	RESERVED
CVE-2020-14903
	RESERVED
CVE-2020-14902
	RESERVED
CVE-2020-14901 (Vulnerability in the RDBMS Security component of Oracle Database Serve ...)
	NOT-FOR-US: Oracle
CVE-2020-14900 (Vulnerability in the Oracle Application Express Group Calendar compone ...)
	NOT-FOR-US: Oracle
CVE-2020-14899 (Vulnerability in the Oracle Application Express Data Reporter componen ...)
	NOT-FOR-US: Oracle
CVE-2020-14898 (Vulnerability in the Oracle Application Express Packaged Apps componen ...)
	NOT-FOR-US: Oracle
CVE-2020-14897 (Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2020-14896 (Vulnerability in the Oracle Banking Payments product of Oracle Financi ...)
	NOT-FOR-US: Oracle
CVE-2020-14895 (Vulnerability in the Oracle Utilities Framework product of Oracle Util ...)
	NOT-FOR-US: Oracle
CVE-2020-14894 (Vulnerability in the Oracle Banking Corporate Lending product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-14893 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14892 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.16-dfsg-1
CVE-2020-14891 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14890 (Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2020-14889 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.16-dfsg-1
CVE-2020-14888 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14887 (Vulnerability in the Oracle FLEXCUBE Universal Banking product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-14886 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.16-dfsg-1
CVE-2020-14885 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.16-dfsg-1
CVE-2020-14884 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.16-dfsg-1
CVE-2020-14883 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14882 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14881 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.16-dfsg-1
CVE-2020-14880 (Vulnerability in the BI Publisher product of Oracle Fusion Middleware  ...)
	NOT-FOR-US: Oracle
CVE-2020-14879 (Vulnerability in the BI Publisher product of Oracle Fusion Middleware  ...)
	NOT-FOR-US: Oracle
CVE-2020-14878 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14877 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services prod ...)
	NOT-FOR-US: Oracle
CVE-2020-14876 (Vulnerability in the Oracle Trade Management product of Oracle E-Busin ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14875 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2020-14874 (Vulnerability in the Oracle Cloud Infrastructure Identity and Access M ...)
	NOT-FOR-US: Oracle
CVE-2020-14873 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14872 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.16-dfsg-1
CVE-2020-14871 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2020-14870 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14869 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #972824)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14868 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14867 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #972824)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14866 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14865 (Vulnerability in the PeopleSoft Enterprise SCM eSupplier Connection pr ...)
	NOT-FOR-US: Oracle
CVE-2020-14864 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
	NOT-FOR-US: Oracle
CVE-2020-14863 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2020-14862 (Vulnerability in the Oracle Universal Work Queue product of Oracle E-B ...)
	NOT-FOR-US: Oracle
CVE-2020-14861 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14860 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14859 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14858 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services prod ...)
	NOT-FOR-US: Oracle
CVE-2020-14857 (Vulnerability in the Oracle Trade Management product of Oracle E-Busin ...)
	NOT-FOR-US: Oracle
CVE-2020-14856 (Vulnerability in the Oracle Trade Management product of Oracle E-Busin ...)
	NOT-FOR-US: Oracle
CVE-2020-14855 (Vulnerability in the Oracle Universal Work Queue product of Oracle E-B ...)
	NOT-FOR-US: Oracle
CVE-2020-14854 (Vulnerability in the Hyperion Infrastructure Technology product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2020-14853 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...)
	- mysql-cluster <itp> (bug #833356)
CVE-2020-14852 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14851 (Vulnerability in the Oracle Trade Management product of Oracle E-Busin ...)
	NOT-FOR-US: Oracle
CVE-2020-14850 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2020-14849 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2020-14848 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14847 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-14846 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14845 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14844 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14843 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
	NOT-FOR-US: Oracle
CVE-2020-14842 (Vulnerability in the BI Publisher product of Oracle Fusion Middleware  ...)
	NOT-FOR-US: Oracle
CVE-2020-14841 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14840 (Vulnerability in the Oracle Application Object Library product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-14839 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14838 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14837 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14836 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14835 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2020-14834 (Vulnerability in the Oracle Trade Management product of Oracle E-Busin ...)
	NOT-FOR-US: Oracle
CVE-2020-14833 (Vulnerability in the Oracle Trade Management product of Oracle E-Busin ...)
	NOT-FOR-US: Oracle
CVE-2020-14832 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-14831 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2020-14830 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14829 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14828 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14827 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #972824)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14826 (Vulnerability in the Oracle Applications Manager product of Oracle E-B ...)
	NOT-FOR-US: Oracle
CVE-2020-14825 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14824 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
	NOT-FOR-US: Oracle
CVE-2020-14823 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2020-14822 (Vulnerability in the Oracle Installed Base product of Oracle E-Busines ...)
	NOT-FOR-US: Oracle
CVE-2020-14821 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14820 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14819 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2020-14818 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2020-14817 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2020-14816 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2020-14815 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
	NOT-FOR-US: Oracle
CVE-2020-14814 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14813 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-14812 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	{DLA-2538-1}
	- mariadb-10.5 1:10.5.8-1
	[experimental] - mariadb-10.3 1:10.3.27-1~exp1
	- mariadb-10.3 <unfixed>
	[buster] - mariadb-10.3 1:10.3.27-0+deb10u1
	- mariadb-10.1 <removed>
	- mysql-5.7 <removed> (bug #972824)
	- mysql-8.0 8.0.22-1 (bug #972623)
	NOTE: Fixed in MariaDB 10.5.7, 10.3.26, 10.1.48
CVE-2020-14811 (Vulnerability in the Oracle Applications Manager product of Oracle E-B ...)
	NOT-FOR-US: Oracle
CVE-2020-14810 (Vulnerability in the Oracle Hospitality Suite8 product of Oracle Hospi ...)
	NOT-FOR-US: Oracle
CVE-2020-14809 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14808 (Vulnerability in the Oracle Trade Management product of Oracle E-Busin ...)
	NOT-FOR-US: Oracle
CVE-2020-14807 (Vulnerability in the Oracle Hospitality Suite8 product of Oracle Hospi ...)
	NOT-FOR-US: Oracle
CVE-2020-14806 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-14805 (Vulnerability in the Oracle E-Business Suite Secure Enterprise Search  ...)
	NOT-FOR-US: Oracle
CVE-2020-14804 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14803 (Vulnerability in the Java SE product of Oracle Java SE (component: Lib ...)
	{DSA-4779-1 DLA-2412-1}
	- openjdk-15 15.0.1+9-1
	- openjdk-11 11.0.9+11-1
	- openjdk-8 8u272-b10-1
CVE-2020-14802 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-14801 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-14800 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14799 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14798 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4779-1 DLA-2412-1}
	- openjdk-15 15.0.1+9-1
	- openjdk-11 11.0.9+11-1
	- openjdk-8 8u272-b10-1
CVE-2020-14797 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4779-1 DLA-2412-1}
	- openjdk-15 15.0.1+9-1
	- openjdk-11 11.0.9+11-1
	- openjdk-8 8u272-b10-1
CVE-2020-14796 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4779-1 DLA-2412-1}
	- openjdk-15 15.0.1+9-1
	- openjdk-11 11.0.9+11-1
	- openjdk-8 8u272-b10-1
CVE-2020-14795 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-14794 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14793 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #972824)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14792 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4779-1 DLA-2412-1}
	- openjdk-15 15.0.1+9-1
	- openjdk-11 11.0.9+11-1
	- openjdk-8 8u272-b10-1
CVE-2020-14791 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14790 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #972824)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14789 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mariadb-10.5 1:10.5.8-1
	[experimental] - mariadb-10.3 1:10.3.27-1~exp1
	- mariadb-10.3 <unfixed>
	[buster] - mariadb-10.3 1:10.3.27-0+deb10u1
	- mysql-5.7 <removed> (bug #972824)
	- mysql-8.0 8.0.22-1 (bug #972623)
	NOTE: Fixed in MariaDB 10.5.7, 10.3.26
CVE-2020-14788 (Vulnerability in the Oracle Communications Diameter Signaling Router ( ...)
	NOT-FOR-US: Oracle
CVE-2020-14787 (Vulnerability in the Oracle Communications Diameter Signaling Router ( ...)
	NOT-FOR-US: Oracle
CVE-2020-14786 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14785 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14784 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
	NOT-FOR-US: Oracle
CVE-2020-14783 (Vulnerability in the Oracle Hospitality RES 3700 product of Oracle Foo ...)
	NOT-FOR-US: Oracle
CVE-2020-14782 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4779-1 DLA-2412-1}
	- openjdk-15 15.0.1+9-1
	- openjdk-11 11.0.9+11-1
	- openjdk-8 8u272-b10-1
CVE-2020-14781 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4779-1 DLA-2412-1}
	- openjdk-15 15.0.1+9-1
	- openjdk-11 11.0.9+11-1
	- openjdk-8 8u272-b10-1
CVE-2020-14780 (Vulnerability in the BI Publisher product of Oracle Fusion Middleware  ...)
	NOT-FOR-US: Oracle
CVE-2020-14779 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4779-1 DLA-2412-1}
	- openjdk-15 15.0.1+9-1
	- openjdk-11 11.0.9+11-1
	- openjdk-8 8u272-b10-1
CVE-2020-14778 (Vulnerability in the PeopleSoft Enterprise HCM Global Payroll Core pro ...)
	NOT-FOR-US: Oracle
CVE-2020-14777 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14776 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mariadb-10.5 1:10.5.8-1
	[experimental] - mariadb-10.3 1:10.3.27-1~exp1
	- mariadb-10.3 <unfixed>
	[buster] - mariadb-10.3 1:10.3.27-0+deb10u1
	- mysql-8.0 8.0.22-1 (bug #972623)
	- mysql-5.7 <removed> (bug #972824)
	NOTE: Fixed in MariaDB 10.5.7, 10.3.26
CVE-2020-14775 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
	- mysql-5.7 <removed> (bug #972824)
CVE-2020-14774 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2020-14773 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14772 (Vulnerability in the Hyperion Lifecycle Management product of Oracle H ...)
	NOT-FOR-US: Oracle
CVE-2020-14771 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #972824)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14770 (Vulnerability in the Hyperion BI+ product of Oracle Hyperion (componen ...)
	NOT-FOR-US: Oracle
CVE-2020-14769 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-8.0 8.0.22-1 (bug #972623)
	- mysql-5.7 <removed> (bug #972824)
CVE-2020-14768 (Vulnerability in the Hyperion Analytic Provider Services product of Or ...)
	NOT-FOR-US: Oracle
CVE-2020-14767 (Vulnerability in the Hyperion BI+ product of Oracle Hyperion (componen ...)
	NOT-FOR-US: Oracle
CVE-2020-14766 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
	NOT-FOR-US: Oracle
CVE-2020-14765 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	{DLA-2538-1}
	- mariadb-10.5 1:10.5.8-1
	[experimental] - mariadb-10.3 1:10.3.27-1~exp1
	- mariadb-10.3 <unfixed>
	[buster] - mariadb-10.3 1:10.3.27-0+deb10u1
	- mariadb-10.1 <removed>
	- mysql-8.0 8.0.22-1 (bug #972623)
	- mysql-5.7 <removed> (bug #972824)
	NOTE: Fixed in MariaDB 10.5.7, 10.3.26, 10.1.48
CVE-2020-14764 (Vulnerability in the Hyperion Planning product of Oracle Hyperion (com ...)
	NOT-FOR-US: Oracle
CVE-2020-14763 (Vulnerability in the Oracle Application Express Quick Poll component o ...)
	NOT-FOR-US: Oracle
CVE-2020-14762 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
	NOT-FOR-US: Oracle
CVE-2020-14761 (Vulnerability in the Oracle Applications Manager product of Oracle E-B ...)
	NOT-FOR-US: Oracle
CVE-2020-14760 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #972824)
CVE-2020-14759 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2020-14758 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2020-14757 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14756 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
	NOT-FOR-US: Oracle
CVE-2020-14755
	RESERVED
CVE-2020-14754 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2020-14753 (Vulnerability in the Oracle Hospitality Reporting and Analytics produc ...)
	NOT-FOR-US: Oracle
CVE-2020-14752 (Vulnerability in the Hyperion Lifecycle Management product of Oracle H ...)
	NOT-FOR-US: Oracle
CVE-2020-14751
	RESERVED
CVE-2020-14750 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14749
	RESERVED
CVE-2020-14748
	RESERVED
CVE-2020-14747
	RESERVED
CVE-2020-14746 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2020-14745 (Vulnerability in the Oracle REST Data Services product of Oracle REST  ...)
	NOT-FOR-US: Oracle
CVE-2020-14744 (Vulnerability in the Oracle REST Data Services product of Oracle REST  ...)
	NOT-FOR-US: Oracle
CVE-2020-14743 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
	NOT-FOR-US: Oracle
CVE-2020-14742 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
	NOT-FOR-US: Oracle
CVE-2020-14741 (Vulnerability in the Database Filesystem component of Oracle Database  ...)
	NOT-FOR-US: Oracle
CVE-2020-14740 (Vulnerability in the SQL Developer Install component of Oracle Databas ...)
	NOT-FOR-US: Oracle
CVE-2020-14739
	RESERVED
CVE-2020-14738
	RESERVED
CVE-2020-14737
	RESERVED
CVE-2020-14736 (Vulnerability in the Database Vault component of Oracle Database Serve ...)
	NOT-FOR-US: Oracle
CVE-2020-14735 (Vulnerability in the Scheduler component of Oracle Database Server. Su ...)
	NOT-FOR-US: Oracle
CVE-2020-14734 (Vulnerability in the Oracle Text component of Oracle Database Server.  ...)
	NOT-FOR-US: Oracle
CVE-2020-14733
	RESERVED
CVE-2020-14732 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...)
	NOT-FOR-US: Oracle
CVE-2020-14731 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...)
	NOT-FOR-US: Oracle
CVE-2020-14730
	RESERVED
CVE-2020-14729 (Vulnerability in SuiteCommerce Advanced (SCA) Sites component of Oracl ...)
	NOT-FOR-US: Oracle NetSuite
CVE-2020-14728 (Vulnerability in the SuiteCommerce Advanced (SCA) component of Oracle  ...)
	NOT-FOR-US: Oracle NetSuite
CVE-2020-14727
	RESERVED
CVE-2020-14726
	RESERVED
CVE-2020-14725 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14724 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2020-14723 (Vulnerability in the Oracle Help Technologies product of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2020-14722 (Vulnerability in the Oracle Enterprise Communications Broker product o ...)
	NOT-FOR-US: Oracle
CVE-2020-14721 (Vulnerability in the Oracle Enterprise Communications Broker product o ...)
	NOT-FOR-US: Oracle
CVE-2020-14720 (Vulnerability in the Oracle Internet Expenses product of Oracle E-Busi ...)
	NOT-FOR-US: Oracle
CVE-2020-14719 (Vulnerability in the Oracle Internet Expenses product of Oracle E-Busi ...)
	NOT-FOR-US: Oracle
CVE-2020-14718 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-14717 (Vulnerability in the Oracle Common Applications product of Oracle E-Bu ...)
	NOT-FOR-US: Oracle
CVE-2020-14716 (Vulnerability in the Oracle Common Applications product of Oracle E-Bu ...)
	NOT-FOR-US: Oracle
CVE-2020-14715 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14714 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14713 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14712 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14711 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox <not-affected> (MacOS-specific)
CVE-2020-14710 (Vulnerability in the Customer Management and Segmentation Foundation p ...)
	NOT-FOR-US: Oracle
CVE-2020-14709 (Vulnerability in the Customer Management and Segmentation Foundation p ...)
	NOT-FOR-US: Oracle
CVE-2020-14708 (Vulnerability in the Customer Management and Segmentation Foundation p ...)
	NOT-FOR-US: Oracle
CVE-2020-14707 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14706 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
	NOT-FOR-US: Oracle
CVE-2020-14705 (Vulnerability in the Oracle GoldenGate product of Oracle GoldenGate (c ...)
	NOT-FOR-US: Oracle
CVE-2020-14704 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14703 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14702 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14701 (Vulnerability in the Oracle SD-WAN Aware product of Oracle Communicati ...)
	NOT-FOR-US: Oracle
CVE-2020-14700 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14699 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14698 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14697 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14696 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
	NOT-FOR-US: Oracle
CVE-2020-14695 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14694 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14693 (Vulnerability in the Oracle Insurance Accounting Analyzer product of O ...)
	NOT-FOR-US: Oracle
CVE-2020-14692 (Vulnerability in the Oracle Financial Services Loan Loss Forecasting a ...)
	NOT-FOR-US: Oracle
CVE-2020-14691 (Vulnerability in the Oracle Financial Services Liquidity Risk Manageme ...)
	NOT-FOR-US: Oracle
CVE-2020-14690 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
	NOT-FOR-US: Oracle
CVE-2020-14689
	RESERVED
CVE-2020-14688 (Vulnerability in the Oracle Common Applications product of Oracle E-Bu ...)
	NOT-FOR-US: Oracle
CVE-2020-14687 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14686 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
	NOT-FOR-US: Oracle
CVE-2020-14685 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
	NOT-FOR-US: Oracle
CVE-2020-14684 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
	NOT-FOR-US: Oracle
CVE-2020-14683
	RESERVED
CVE-2020-14682 (Vulnerability in the Oracle Depot Repair product of Oracle E-Business  ...)
	NOT-FOR-US: Oracle
CVE-2020-14681 (Vulnerability in the Oracle E-Business Intelligence product of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2020-14680 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14679 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2020-14678 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14677 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14676 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14675 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14674 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14673 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14672 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #972824)
	- mysql-8.0 8.0.22-1 (bug #972623)
CVE-2020-14671 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2020-14670 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2020-14669 (Vulnerability in the Oracle Configurator product of Oracle Supply Chai ...)
	NOT-FOR-US: Oracle
CVE-2020-14668 (Vulnerability in the Oracle E-Business Intelligence product of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2020-14667 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2020-14666 (Vulnerability in the Oracle Email Center product of Oracle E-Business  ...)
	NOT-FOR-US: Oracle
CVE-2020-14665 (Vulnerability in the Oracle Trade Management product of Oracle E-Busin ...)
	NOT-FOR-US: Oracle
CVE-2020-14664 (Vulnerability in the Java SE product of Oracle Java SE (component: Jav ...)
	- openjfx 11+26-1
	[stretch] - openjfx <no-dsa> (Minor issue)
	NOTE: Oracle CPU lists only 8.x as affected, so marking the first 11.x upload as fixed
CVE-2020-14663 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14662 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
	NOT-FOR-US: Oracle
CVE-2020-14661 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2020-14660 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2020-14659 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2020-14658 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2020-14657 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2020-14656 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14655 (Vulnerability in the Oracle Security Service product of Oracle Fusion  ...)
	NOT-FOR-US: Oracle
CVE-2020-14654 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14653 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
	NOT-FOR-US: Oracle
CVE-2020-14652 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14651 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14650 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14649 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14648 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14647 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14646 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14645 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14644 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14643 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14642 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
	NOT-FOR-US: Oracle
CVE-2020-14641 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14640 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14639 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14638 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14637 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14636 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14635 (Vulnerability in the Oracle Application Object Library product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-14634 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14633 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14632 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14631 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14630 (Vulnerability in the Oracle Enterprise Session Border Controller produ ...)
	NOT-FOR-US: Oracle
CVE-2020-14629 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14628 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.12-dfsg-1
CVE-2020-14627 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-14626 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
	NOT-FOR-US: Oracle
CVE-2020-14625 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14624 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14623 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14622 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14621 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4734-1 DLA-2325-1}
	- openjdk-14 14.0.2+12-1
	- openjdk-11 11.0.8+10-1
	- openjdk-8 8u265-b01-1
CVE-2020-14620 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14619 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14618 (Vulnerability in the Primavera Unifier product of Oracle Construction  ...)
	NOT-FOR-US: Oracle
CVE-2020-14617 (Vulnerability in the Primavera Unifier product of Oracle Construction  ...)
	NOT-FOR-US: Oracle
CVE-2020-14616 (Vulnerability in the Oracle Hospitality Reporting and Analytics produc ...)
	NOT-FOR-US: Oracle
CVE-2020-14615 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
	NOT-FOR-US: Oracle
CVE-2020-14614 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14613 (Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14612 (Vulnerability in the PeopleSoft Enterprise HRMS product of Oracle Peop ...)
	NOT-FOR-US: Oracle
CVE-2020-14611 (Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion  ...)
	NOT-FOR-US: Oracle
CVE-2020-14610 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2020-14609 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
	NOT-FOR-US: Oracle
CVE-2020-14608 (Vulnerability in the Oracle Fusion Middleware MapViewer product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2020-14607 (Vulnerability in the Oracle Fusion Middleware MapViewer product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2020-14606 (Vulnerability in the Oracle SD-WAN Edge product of Oracle Communicatio ...)
	NOT-FOR-US: Oracle
CVE-2020-14605 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
	NOT-FOR-US: Oracle
CVE-2020-14604 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
	NOT-FOR-US: Oracle
CVE-2020-14603 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
	NOT-FOR-US: Oracle
CVE-2020-14602 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
	NOT-FOR-US: Oracle
CVE-2020-14601 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
	NOT-FOR-US: Oracle
CVE-2020-14600 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-14599 (Vulnerability in the Oracle CRM Gateway for Mobile Devices product of  ...)
	NOT-FOR-US: Oracle
CVE-2020-14598 (Vulnerability in the Oracle CRM Gateway for Mobile Devices product of  ...)
	NOT-FOR-US: Oracle
CVE-2020-14597 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14596 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite  ...)
	NOT-FOR-US: Oracle
CVE-2020-14595 (Vulnerability in the Oracle iLearning product of Oracle iLearning (com ...)
	NOT-FOR-US: Oracle
CVE-2020-14594 (Vulnerability in the Oracle Hospitality Reporting and Analytics produc ...)
	NOT-FOR-US: Oracle
CVE-2020-14593 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4734-1 DLA-2325-1}
	- openjdk-14 14.0.2+12-1
	- openjdk-11 11.0.8+10-1
	- openjdk-8 8u265-b01-1
CVE-2020-14592 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-14591 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14590 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2020-14589 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14588 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14587 (Vulnerability in the PeopleSoft Enterprise FIN Expenses product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2020-14586 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14585 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
	NOT-FOR-US: Oracle
CVE-2020-14584 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
	NOT-FOR-US: Oracle
CVE-2020-14583 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4734-1 DLA-2325-1}
	- openjdk-14 14.0.2+12-1
	- openjdk-11 11.0.8+10-1
	- openjdk-8 8u265-b01-1
CVE-2020-14582 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite  ...)
	NOT-FOR-US: Oracle
CVE-2020-14581 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4734-1 DLA-2325-1}
	- openjdk-14 14.0.2+12-1
	- openjdk-11 11.0.8+10-1
	- openjdk-8 8u265-b01-1
CVE-2020-14580 (Vulnerability in the Oracle Communications Session Border Controller p ...)
	NOT-FOR-US: Oracle
CVE-2020-14579 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4734-1 DLA-2325-1}
	- openjdk-14 14.0.2+12-1
	- openjdk-11 11.0.8+10-1
	- openjdk-8 8u265-b01-1
CVE-2020-14578 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4734-1 DLA-2325-1}
	- openjdk-14 14.0.2+12-1
	- openjdk-11 11.0.8+10-1
	- openjdk-8 8u265-b01-1
CVE-2020-14577 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4734-1 DLA-2325-1}
	- openjdk-14 14.0.2+12-1
	- openjdk-11 11.0.8+10-1
	- openjdk-8 8u265-b01-1
CVE-2020-14576 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #965168)
	NOTE: https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL
CVE-2020-14575 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14574 (Vulnerability in the Oracle Communications Interactive Session Recorde ...)
	NOT-FOR-US: Oracle
CVE-2020-14573 (Vulnerability in the Java SE product of Oracle Java SE (component: Hot ...)
	{DSA-4734-1}
	- openjdk-14 14.0.2+12-1
	- openjdk-11 11.0.8+10-1
CVE-2020-14572 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14571 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
	NOT-FOR-US: Oracle
CVE-2020-14570 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
	NOT-FOR-US: Oracle
CVE-2020-14569 (Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2020-14568 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2020-14567 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #965168)
	NOTE: https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL
CVE-2020-14566 (Vulnerability in the Primavera Portfolio Management product of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2020-14565 (Vulnerability in the Oracle Unified Directory product of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2020-14564 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-14563 (Vulnerability in the Oracle Enterprise Communications Broker product o ...)
	NOT-FOR-US: Oracle
CVE-2020-14562 (Vulnerability in the Java SE product of Oracle Java SE (component: Ima ...)
	{DSA-4734-1}
	- openjdk-14 14.0.2+12-1
	- openjdk-11 11.0.8+10-1
CVE-2020-14561 (Vulnerability in the Oracle Hospitality Reporting and Analytics produc ...)
	NOT-FOR-US: Oracle
CVE-2020-14560 (Vulnerability in the Oracle Hyperion BI+ product of Oracle Hyperion (c ...)
	NOT-FOR-US: Oracle
CVE-2020-14559 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #965168)
	NOTE: https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL
CVE-2020-14558 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-14557 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-14556 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4734-1 DLA-2325-1}
	- openjdk-14 14.0.2+12-1
	- openjdk-11 11.0.8+10-1
	- openjdk-8 8u265-b01-1
CVE-2020-14555 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2020-14554 (Vulnerability in the Oracle Application Object Library product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-14553 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #965168)
	NOTE: https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL
CVE-2020-14552 (Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion  ...)
	NOT-FOR-US: Oracle
CVE-2020-14551 (Vulnerability in the Oracle AutoVue product of Oracle Supply Chain (co ...)
	NOT-FOR-US: Oracle
CVE-2020-14550 (Vulnerability in the MySQL Client product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #965168)
	NOTE: https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL
CVE-2020-14549 (Vulnerability in the Primavera Portfolio Management product of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2020-14548 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
	NOT-FOR-US: Oracle
CVE-2020-14547 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #965168)
	NOTE: https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL
CVE-2020-14546 (Vulnerability in the Hyperion Financial Close Management product of Or ...)
	NOT-FOR-US: Oracle
CVE-2020-14545 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2020-14544 (Vulnerability in the Oracle Transportation Management product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-14543 (Vulnerability in the Oracle Hospitality Reporting and Analytics produc ...)
	NOT-FOR-US: Oracle
CVE-2020-14542 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2020-14541 (Vulnerability in the Hyperion Financial Close Management product of Or ...)
	NOT-FOR-US: Oracle
CVE-2020-14540 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #965168)
	NOTE: https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL
CVE-2020-14539 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #965168)
	NOTE: https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL
CVE-2020-14538
	RESERVED
CVE-2020-14537 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2020-14536 (Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce E ...)
	NOT-FOR-US: Oracle
CVE-2020-14535 (Vulnerability in the Oracle Commerce Service Center product of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2020-14534 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2020-14533 (Vulnerability in the Oracle Commerce Platform product of Oracle Commer ...)
	NOT-FOR-US: Oracle
CVE-2020-14532 (Vulnerability in the Oracle Commerce Platform product of Oracle Commer ...)
	NOT-FOR-US: Oracle
CVE-2020-14531 (Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM  ...)
	NOT-FOR-US: Oracle
CVE-2020-14530 (Vulnerability in the Oracle Security Service product of Oracle Fusion  ...)
	NOT-FOR-US: Oracle
CVE-2020-14529 (Vulnerability in the Primavera Portfolio Management product of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2020-14528 (Vulnerability in the Primavera Portfolio Management product of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2020-14527 (Vulnerability in the Primavera Portfolio Management product of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2020-14526
	RESERVED
CVE-2020-14525 (Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. Th ...)
	NOT-FOR-US: Philips
CVE-2020-14524 (Softing Industrial Automation all versions prior to the latest build o ...)
	NOT-FOR-US: Softing Industrial Automation
CVE-2020-14523 (Multiple Mitsubishi Electric Factory Automation products have a vulner ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-14522 (Softing Industrial Automation all versions prior to the latest build o ...)
	NOT-FOR-US: Softing Industrial Automation
CVE-2020-14521 (Multiple Mitsubishi Electric Factory Automation engineering software p ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-14520 (The affected product is vulnerable to an information leak, which may a ...)
	NOT-FOR-US: Inductive Automation Ignition
CVE-2020-14519 (This vulnerability allows an attacker to use the internal WebSockets A ...)
	NOT-FOR-US: CodeMeter
CVE-2020-14518 (Philips DreamMapper, Version 2.24 and prior. Information written to lo ...)
	NOT-FOR-US: Philips DreamMapper
CVE-2020-14517 (Protocol encryption can be easily broken for CodeMeter (All versions p ...)
	NOT-FOR-US: CodeMeter
CVE-2020-14516 (In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00  ...)
	NOT-FOR-US: Rockwell Automation
CVE-2020-14515 (CodeMeter (All versions prior to 6.90 when using CmActLicense update f ...)
	NOT-FOR-US: CodeMeter
CVE-2020-14514 (All trailer Power Line Communications are affected. PLC bus traffic ca ...)
	NOT-FOR-US: PLC
CVE-2020-14513 (CodeMeter (All versions prior to 6.81) and the software using it may c ...)
	NOT-FOR-US: CodeMeter
CVE-2020-14512 (GateManager versions prior to 9.2c, The affected product uses a weak h ...)
	NOT-FOR-US: GateManager
CVE-2020-14511 (Malicious operation of the crafted web browser cookie may cause a stac ...)
	NOT-FOR-US: EDR routers
CVE-2020-14510 (GateManager versions prior to 9.2c, The affected product contains a ha ...)
	NOT-FOR-US: GateManager
CVE-2020-14509 (Multiple memory corruption vulnerabilities exist in CodeMeter (All ver ...)
	NOT-FOR-US: CodeMeter
CVE-2020-14508 (GateManager versions prior to 9.2c, The affected product is vulnerable ...)
	NOT-FOR-US: GateManager
CVE-2020-14507 (Advantech iView, versions 5.6 and prior, is vulnerable to multiple pat ...)
	NOT-FOR-US: Advantech
CVE-2020-14506 (Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. Th ...)
	NOT-FOR-US: Philips
CVE-2020-14505 (Advantech iView, versions 5.6 and prior, has an improper neutralizatio ...)
	NOT-FOR-US: Advantech
CVE-2020-14504
	RESERVED
CVE-2020-14503 (Advantech iView, versions 5.6 and prior, has an improper input validat ...)
	NOT-FOR-US: Advantech
CVE-2020-14502
	RESERVED
CVE-2020-14501 (Advantech iView, versions 5.6 and prior, has an improper authenticatio ...)
	NOT-FOR-US: Advantech
CVE-2020-14500 (Secomea GateManager all versions prior to 9.2c, An attacker can send a ...)
	NOT-FOR-US: Secomea GateManager
CVE-2020-14499 (Advantech iView, versions 5.6 and prior, has an improper access contro ...)
	NOT-FOR-US: Advantech
CVE-2020-14498 (HMS Industrial Networks AB eCatcher all versions prior to 6.5.5. The a ...)
	NOT-FOR-US: HMS Industrial Networks AB eCatche
CVE-2020-14497 (Advantech iView, versions 5.6 and prior, contains multiple SQL injecti ...)
	NOT-FOR-US: Advantech
CVE-2020-14496
	RESERVED
CVE-2020-14495
	REJECTED
CVE-2020-14494 (OpenClinic GA versions 5.09.02 and 5.89.05b contain an authentication  ...)
	NOT-FOR-US: OpenClinic GA
CVE-2020-14493 (A low-privilege user may use SQL syntax to write arbitrary files to th ...)
	NOT-FOR-US: OpenClinic
CVE-2020-14492 (OpenClinic GA 5.09.02 and 5.89.05b does not properly neutralize user-c ...)
	NOT-FOR-US: OpenClinic
CVE-2020-14491 (OpenClinic GA versions 5.09.02 and 5.89.05b do not properly check perm ...)
	NOT-FOR-US: OpenClinic GA
CVE-2020-14490 (OpenClinic GA 5.09.02 and 5.89.05b includes arbitrary local files spec ...)
	NOT-FOR-US: OpenClinic
CVE-2020-14489 (OpenClinic GA 5.09.02 and 5.89.05b stores passwords using inadequate h ...)
	NOT-FOR-US: OpenClinic
CVE-2020-14488 (OpenClinic GA 5.09.02 and 5.89.05b does not properly verify uploaded f ...)
	NOT-FOR-US: OpenClinic
CVE-2020-14487 (OpenClinic GA 5.09.02 contains a hidden default user account that may  ...)
	NOT-FOR-US: OpenClinic
CVE-2020-14486 (An attacker may bypass permission/authorization checks in OpenClinic G ...)
	NOT-FOR-US: OpenClinic
CVE-2020-14485 (OpenClinic GA versions 5.09.02 and 5.89.05b may allow an attacker to b ...)
	NOT-FOR-US: OpenClinic GA
CVE-2020-14484 (OpenClinic GA versions 5.09.02 and 5.89.05b may allow an attacker to b ...)
	NOT-FOR-US: OpenClinic GA
CVE-2020-14483 (A timeout during a TLS handshake can result in the connection failing  ...)
	NOT-FOR-US: Niagara
CVE-2020-14482 (Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Ope ...)
	NOT-FOR-US: Delta Industrial Automation DOPSoft
CVE-2020-14481
	RESERVED
CVE-2020-14480
	RESERVED
CVE-2020-14479
	RESERVED
CVE-2020-14478
	RESERVED
CVE-2020-14477 (In Philips Ultrasound ClearVue Versions 3.2 and prior, Ultrasound CX V ...)
	NOT-FOR-US: Philips
CVE-2020-14476
	REJECTED
CVE-2020-14475 (A reflected cross-site scripting (XSS) vulnerability in Dolibarr 11.0. ...)
	- dolibarr <removed>
	NOTE: https://github.com/Dolibarr/dolibarr/commit/22ca5e067189bffe8066df26df923a386f044c08
CVE-2020-14474 (The Cellebrite UFED physical device 5.0 through 7.5.0.845 relies on ke ...)
	NOT-FOR-US: Cellebrite
CVE-2020-14473 (Stack-based buffer overflow vulnerability in Vigor3900, Vigor2960, and ...)
	NOT-FOR-US: DrayTek
CVE-2020-14472 (On Draytek Vigor3900, Vigor2960, and Vigor 300B devices before 1.5.1.1 ...)
	NOT-FOR-US: DrayTek
CVE-2020-14471
	RESERVED
CVE-2020-14470 (In Octopus Deploy 2018.8.0 through 2019.x before 2019.12.2, an authent ...)
	NOT-FOR-US: Octopus Deploy
CVE-2020-14469
	RESERVED
CVE-2020-14468
	RESERVED
CVE-2020-14467
	REJECTED
CVE-2020-14466
	RESERVED
CVE-2020-14465
	RESERVED
CVE-2020-14464
	RESERVED
CVE-2020-14463
	RESERVED
CVE-2020-14462 (CALDERA 2.7.0 allows XSS via the Operation Name box. ...)
	NOT-FOR-US: CALDERA
CVE-2020-14461 (Zyxel Armor X1 WAP6806 1.00(ABAL.6)C0 devices allow Directory Traversa ...)
	NOT-FOR-US: Zyxel
CVE-2020-14460 (An issue was discovered in Mattermost Server before 5.19.0, 5.18.1, 5. ...)
	- mattermost-server <itp> (bug #823556)
CVE-2020-14459 (An issue was discovered in Mattermost Server before 5.19.0. Attackers  ...)
	- mattermost-server <itp> (bug #823556)
CVE-2020-14458 (An issue was discovered in Mattermost Server before 5.19.0. Attackers  ...)
	- mattermost-server <itp> (bug #823556)
CVE-2020-14457 (An issue was discovered in Mattermost Server before 5.20.0. Non-member ...)
	- mattermost-server <itp> (bug #823556)
CVE-2020-14456 (An issue was discovered in Mattermost Desktop App before 4.4.0. The Sa ...)
	- mattermost-desktop <itp> (bug #831861)
CVE-2020-14455 (An issue was discovered in Mattermost Desktop App before 4.4.0. Prompt ...)
	- mattermost-desktop <itp> (bug #831861)
CVE-2020-14454 (An issue was discovered in Mattermost Desktop App before 4.4.0. Attack ...)
	- mattermost-desktop <itp> (bug #831861)
CVE-2020-14453 (An issue was discovered in Mattermost Server before 5.21.0. Socket rea ...)
	- mattermost-server <itp> (bug #823556)
CVE-2020-14452 (An issue was discovered in Mattermost Server before 5.21.0. mmctl allo ...)
	- mattermost-server <itp> (bug #823556)
CVE-2020-14451 (An issue was discovered in Mattermost Mobile Apps before 1.29.0. The i ...)
	NOT-FOR-US: Mattermost
CVE-2020-14450 (An issue was discovered in Mattermost Server before 5.22.0. The markdo ...)
	- mattermost-server <itp> (bug #823556)
CVE-2020-14449 (An issue was discovered in Mattermost Mobile Apps before 1.30.0. Autho ...)
	NOT-FOR-US: Mattermost
CVE-2020-14448 (An issue was discovered in Mattermost Server before 5.23.0. Automatic  ...)
	- mattermost-server <itp> (bug #823556)
CVE-2020-14447 (An issue was discovered in Mattermost Server before 5.23.0. Large webh ...)
	- mattermost-server <itp> (bug #823556)
CVE-2020-14954 (Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffe ...)
	{DSA-4708-1 DSA-4707-1 DLA-2268-2 DLA-2268-1}
	- mutt 1.14.4-1
	- neomutt 20200619+dfsg.1-1
	NOTE: https://gitlab.com/muttmua/mutt/commit/c547433cdf2e79191b15c6932c57f1472bfb5ff4
	NOTE: https://gitlab.com/muttmua/mutt/-/issues/248
	NOTE: https://github.com/neomutt/neomutt/commit/fb013ec666759cb8a9e294347c7b4c1f597639cc
CVE-2020-14446 (An issue was discovered in WSO2 Identity Server through 5.10.0 and WSO ...)
	NOT-FOR-US: WSO2 Identity Server
CVE-2020-14445 (An issue was discovered in WSO2 Identity Server through 5.9.0 and WSO2 ...)
	NOT-FOR-US: WSO2 Identity Server
CVE-2020-14444 (An issue was discovered in WSO2 Identity Server through 5.9.0 and WSO2 ...)
	NOT-FOR-US: WSO2 Identity Server
CVE-2020-14443 (A SQL injection vulnerability in accountancy/customer/card.php in Doli ...)
	- dolibarr <removed>
CVE-2020-14442 (Certain NETGEAR devices are affected by command injection by an unauth ...)
	NOT-FOR-US: NETGEAR
CVE-2020-14441 (Certain NETGEAR devices are affected by command injection by an unauth ...)
	NOT-FOR-US: NETGEAR
CVE-2020-14440 (Certain NETGEAR devices are affected by command injection by an unauth ...)
	NOT-FOR-US: NETGEAR
CVE-2020-14439 (Certain NETGEAR devices are affected by command injection by an unauth ...)
	NOT-FOR-US: NETGEAR
CVE-2020-14438 (Certain NETGEAR devices are affected by command injection by an unauth ...)
	NOT-FOR-US: NETGEAR
CVE-2020-14437 (Certain NETGEAR devices are affected by command injection by an unauth ...)
	NOT-FOR-US: NETGEAR
CVE-2020-14436 (Certain NETGEAR devices are affected by command injection by an unauth ...)
	NOT-FOR-US: NETGEAR
CVE-2020-14435 (Certain NETGEAR devices are affected by command injection by an unauth ...)
	NOT-FOR-US: NETGEAR
CVE-2020-14434 (Certain NETGEAR devices are affected by command injection by an authen ...)
	NOT-FOR-US: NETGEAR
CVE-2020-14433 (Certain NETGEAR devices are affected by command injection by an authen ...)
	NOT-FOR-US: NETGEAR
CVE-2020-14432 (Certain NETGEAR devices are affected by CSRF. This affects RBK752 befo ...)
	NOT-FOR-US: NETGEAR
CVE-2020-14431 (Certain NETGEAR devices are affected by disclosure of administrative c ...)
	NOT-FOR-US: NETGEAR
CVE-2020-14430 (Certain NETGEAR devices are affected by disclosure of administrative c ...)
	NOT-FOR-US: NETGEAR
CVE-2020-14429 (Certain NETGEAR devices are affected by disclosure of administrative c ...)
	NOT-FOR-US: NETGEAR
CVE-2020-14428 (Certain NETGEAR devices are affected by disclosure of administrative c ...)
	NOT-FOR-US: NETGEAR
CVE-2020-14427 (Certain NETGEAR devices are affected by disclosure of administrative c ...)
	NOT-FOR-US: NETGEAR
CVE-2020-14426 (Certain NETGEAR devices are affected by disclosure of administrative c ...)
	NOT-FOR-US: NETGEAR
CVE-2020-14425 (Foxit Reader before 10.0 allows Remote Command Execution via the app.o ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-14424 (Cacti before 1.2.18 allows remote attackers to trigger XSS via templat ...)
	- cacti 1.2.19+ds1-1
	[bullseye] - cacti <no-dsa> (Minor issue)
	[buster] - cacti <no-dsa> (Minor issue)
	[stretch] - cacti <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/Cacti/cacti/pull/4261
	NOTE: https://github.com/Cacti/cacti/commit/d12800ab479ad95a091bc577f28fd99ec95eb64c (release/1.2.18)
CVE-2020-14423 (Convos before 4.20 does not properly generate a random secret in Core/ ...)
	NOT-FOR-US: Convos
CVE-2020-14422 (Lib/ipaddress.py in Python through 3.8.3 improperly computes hash valu ...)
	{DLA-2280-1}
	- python3.8 3.8.4~rc1-1
	- python3.7 <removed>
	[buster] - python3.7 3.7.3-2+deb10u2
	- python3.5 <removed>
	- python3.4 <removed>
	[jessie] - python3.4 <postponed> (Minor issue, DoS with constraints)
	NOTE: https://bugs.python.org/issue41004
	NOTE: https://github.com/python/cpython/pull/20956
	NOTE: https://github.com/python/cpython/pull/21033
	NOTE: https://github.com/python/cpython/commit/b30ee26e366bf509b7538d79bfec6c6d38d53f28 (master)
	NOTE: https://github.com/python/cpython/commit/9a646aa82dfa62d70ca2a99ada901ee6cf9f82bd (3.9-branch)
	NOTE: https://github.com/python/cpython/commit/dc8ce8ead182de46584cc1ed8a8c51d48240cbd5 (v3.8.4rc1)
	NOTE: https://github.com/python/cpython/commit/b98e7790c77a4378ec4b1c71b84138cb930b69b7 (3.7-branch)
	NOTE: https://github.com/python/cpython/commit/cfc7ff8d05f7a949a88b8a8dd506fb5c1c30d3e9 (3.6-branch)
CVE-2020-14421 (aaPanel through 6.6.6 allows remote authenticated users to execute arb ...)
	NOT-FOR-US: aaPanel
CVE-2020-14420
	RESERVED
CVE-2020-14419
	RESERVED
CVE-2020-14418 (A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that al ...)
	NOT-FOR-US: madCodeHook
CVE-2020-14417
	RESERVED
CVE-2020-14415 (oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer ...)
	- qemu 1:5.0-1
	[buster] - qemu <not-affected> (Vulnerable code introduced later)
	[stretch] - qemu <not-affected> (Vulnerable code introduced later)
	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
	NOTE: Introduced in: https://git.qemu.org/?p=qemu.git;a=commit;h=3ba4066d085f5bdce2c7ac145692a4fd52493d67 (4.2.0-rc0)
	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=7a4ede0047a8613b0e3b72c9d351038f013dd357 (5.0.0-rc0)
CVE-2020-14416 (In the Linux kernel before 5.4.16, a race condition in tty-&gt;disc_da ...)
	- linux 5.4.19-1
	[buster] - linux 4.19.118-1
	[stretch] - linux 4.9.210-1+deb9u1
	[jessie] - linux 3.16.84-1
	NOTE: https://git.kernel.org/linus/0ace17d56824165c7f4c68785d6b58971db954dd
CVE-2020-14414 (NeDi 1.9C is vulnerable to Remote Command Execution. pwsec.php imprope ...)
	NOT-FOR-US: NeDi
CVE-2020-14413 (NeDi 1.9C is vulnerable to XSS because of an incorrect implementation  ...)
	NOT-FOR-US: NeDi
CVE-2020-14412 (NeDi 1.9C is vulnerable to Remote Command Execution. System-Snapshot.p ...)
	NOT-FOR-US: NeDi
CVE-2020-14411
	RESERVED
CVE-2020-14410 (SDL (Simple DirectMedia Layer) through 2.0.12 has a heap-based buffer  ...)
	{DLA-2536-1}
	- libsdl1.2 <not-affected> (Only affects SDL2)
	- libsdl2 2.0.14+dfsg2-2
	[buster] - libsdl2 <no-dsa> (Minor issue)
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=5200
	NOTE: https://hg.libsdl.org/SDL/rev/3f9b4e92c1d9
CVE-2020-14409 (SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow  ...)
	{DLA-2536-1}
	- libsdl2 2.0.14+dfsg2-2
	[buster] - libsdl2 <no-dsa> (Minor issue)
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=5200
	NOTE: https://hg.libsdl.org/SDL/rev/3f9b4e92c1d9
	NOTE: Specific to SDL2, these checks were addresses in SDL 1.2 with CVE-2019-7637
CVE-2020-14408 (An issue was discovered in Agentejo Cockpit 0.10.2. Insufficient sanit ...)
	NOT-FOR-US: Agentejo Cockpit
CVE-2020-14407
	RESERVED
CVE-2020-14406
	RESERVED
CVE-2020-14405 (An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rf ...)
	{DLA-2347-1 DLA-2264-1}
	- libvncserver 0.9.13+dfsg-1
	[buster] - libvncserver 0.9.11+dfsg-1.3+deb10u4
	NOTE: https://github.com/LibVNC/libvncserver/commit/8937203441ee241c4ace85da687b7d6633a12365
CVE-2020-14404 (An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rr ...)
	{DLA-2347-1 DLA-2264-1}
	- libvncserver 0.9.13+dfsg-1
	[buster] - libvncserver 0.9.11+dfsg-1.3+deb10u4
	NOTE: https://github.com/LibVNC/libvncserver/commit/74e8a70f2c9a5248d6718ce443e07c7ed314dfff
CVE-2020-14403 (An issue was discovered in LibVNCServer before 0.9.13. libvncserver/he ...)
	{DLA-2347-1 DLA-2264-1}
	- libvncserver 0.9.13+dfsg-1
	[buster] - libvncserver 0.9.11+dfsg-1.3+deb10u4
	NOTE: https://github.com/LibVNC/libvncserver/commit/74e8a70f2c9a5248d6718ce443e07c7ed314dfff
CVE-2020-14402 (An issue was discovered in LibVNCServer before 0.9.13. libvncserver/co ...)
	{DLA-2347-1 DLA-2264-1}
	- libvncserver 0.9.13+dfsg-1
	[buster] - libvncserver 0.9.11+dfsg-1.3+deb10u4
	NOTE: https://github.com/LibVNC/libvncserver/commit/74e8a70f2c9a5248d6718ce443e07c7ed314dfff
CVE-2020-14401 (An issue was discovered in LibVNCServer before 0.9.13. libvncserver/sc ...)
	{DLA-2347-1 DLA-2264-1}
	- libvncserver 0.9.13+dfsg-1
	[buster] - libvncserver 0.9.11+dfsg-1.3+deb10u4
	NOTE: https://github.com/LibVNC/libvncserver/commit/a6788d1da719ae006605b78d22f5a9f170b423af
CVE-2020-14400 (** DISPUTED ** An issue was discovered in LibVNCServer before 0.9.13.  ...)
	{DLA-2347-1 DLA-2264-1}
	- libvncserver 0.9.13+dfsg-1
	[buster] - libvncserver 0.9.11+dfsg-1.3+deb10u4
	NOTE: https://github.com/LibVNC/libvncserver/commit/53073c8d7e232151ea2ecd8a1243124121e10e2d
CVE-2020-14399 (** DISPUTED ** An issue was discovered in LibVNCServer before 0.9.13.  ...)
	{DLA-2347-1 DLA-2264-1}
	- libvncserver 0.9.13+dfsg-1
	[buster] - libvncserver 0.9.11+dfsg-1.3+deb10u4
	NOTE: https://github.com/LibVNC/libvncserver/commit/23e5cbe6b090d7f22982aee909a6a618174d3c2d
CVE-2020-14398 (An issue was discovered in LibVNCServer before 0.9.13. An improperly c ...)
	- libvncserver 0.9.13+dfsg-1
	[buster] - libvncserver <ignored> (Proposed patch might break ABI for consumers)
	[stretch] - libvncserver <ignored> (Proposed patch might break ABI for consumers)
	[jessie] - libvncserver <ignored> (Proposed patch might break ABI for consumers)
	NOTE: https://github.com/LibVNC/libvncserver/commit/57433015f856cc12753378254ce4f1c78f5d9c7b
CVE-2020-14397 (An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rf ...)
	{DLA-2347-1 DLA-2264-1}
	- libvncserver 0.9.13+dfsg-1
	[buster] - libvncserver 0.9.11+dfsg-1.3+deb10u4
	NOTE: https://github.com/LibVNC/libvncserver/commit/38e98ee61d74f5f5ab4aa4c77146faad1962d6d0
CVE-2020-14396 (An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tl ...)
	- libvncserver 0.9.13+dfsg-1
	[buster] - libvncserver <not-affected> (Vulnerable code not present)
	[stretch] - libvncserver <not-affected> (Vulnerable code not present)
	[jessie] - libvncserver <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/LibVNC/libvncserver/commit/33441d90a506d5f3ae9388f2752901227e430553
CVE-2020-14395
	RESERVED
CVE-2020-14394 [infinite loop in xhci_ring_chain_length() in hw/usb/hcd-xhci.c]
	RESERVED
	- qemu <unfixed> (bug #979677)
	[bullseye] - qemu <postponed> (Minor issue)
	[buster] - qemu <postponed> (Minor issue)
	[stretch] - qemu <postponed> (Minor issue, privileged local DoS, low CVSS, no patch)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1908004
	NOTE: https://gitlab.com/qemu-project/qemu/-/issues/646
	NOTE: No upstream patch as of 2022-01-28
CVE-2020-14393 (A buffer overflow was found in perl-DBI &lt; 1.643 in DBI.xs. A local  ...)
	{DLA-2386-1}
	- libdbi-perl 1.643-1
	[buster] - libdbi-perl 1.642-1+deb10u1
	NOTE: https://github.com/perl5-dbi/dbi/commit/36f2a2c5fea36d7d47d6871e420286643460e71b
CVE-2020-14392 (An untrusted pointer dereference flaw was found in Perl-DBI &lt; 1.643 ...)
	{DLA-2386-1}
	- libdbi-perl 1.643-1
	[buster] - libdbi-perl 1.642-1+deb10u1
	NOTE: https://github.com/perl5-dbi/dbi/commit/ea99b6aafb437db53c28fd40d5eafbe119cd66e1
CVE-2020-14391 (A flaw was found in the GNOME Control Center in Red Hat Enterprise Lin ...)
	- gnome-settings-daemon <not-affected> (Red Hat-specific plugin)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1873093
CVE-2020-14390 (A flaw was found in the Linux kernel in versions before 5.9-rc6. When  ...)
	{DLA-2420-1 DLA-2385-1}
	- linux 5.8.10-1
	[buster] - linux 4.19.146-1
	NOTE: https://git.kernel.org/linus/50145474f6ef4a9c19205b173da6264a644c7489
	NOTE: https://www.openwall.com/lists/oss-security/2020/09/15/2
CVE-2020-14389 (It was found that Keycloak before version 12.0.0 would permit a user w ...)
	NOT-FOR-US: Keycloak
CVE-2020-14388 (A flaw was found in the Red Hat 3scale API Management Platform, where  ...)
	NOT-FOR-US: 3scale
CVE-2020-14387 (A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperl ...)
	- rsync 3.2.3-3 (bug #969530)
	[buster] - rsync <not-affected> (Vulnerable code introduced later)
	[stretch] - rsync <not-affected> (Vulnerable code introduced later)
	NOTE: Introduced by: https://git.samba.org/?p=rsync.git;a=commitdiff;h=2a87d78f693f10fe5ad13af0bb9311bd3714077d (v3.2.0pre1)
	NOTE: Fixed by: https://git.samba.org/?p=rsync.git;a=commitdiff;h=c3f7414c450faaf6a8281cc4a4403529aeb7d859
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1875549
CVE-2020-14386 (A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption ...)
	{DLA-2420-1 DLA-2385-1}
	- linux 5.8.7-1
	[buster] - linux 4.19.146-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/09/03/3
CVE-2020-14385 (A flaw was found in the Linux kernel before 5.9-rc4. A failure of the  ...)
	{DLA-2385-1}
	- linux 5.8.7-1
	[buster] - linux 4.19.146-1
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.kernel.org/linus/f4020438fab05364018c91f7e02ebdd192085933
CVE-2020-14384 (A flaw was found in JBossWeb in versions before 7.5.31.Final-redhat-3. ...)
	NOT-FOR-US: JBossWeb
CVE-2020-14383 (A flaw was found in samba's DNS server. An authenticated user could us ...)
	{DLA-2463-1}
	[experimental] - samba 2:4.13.2+dfsg-1
	- samba 2:4.13.2+dfsg-2 (bug #973398)
	[buster] - samba <no-dsa> (Minor issue)
	NOTE: https://www.samba.org/samba/security/CVE-2020-14383.html
	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14472
CVE-2020-14382 (A vulnerability was found in upstream release cryptsetup-2.2.0 where,  ...)
	- cryptsetup 2:2.3.4-1 (bug #969471)
	[buster] - cryptsetup <not-affected> (Vulnerable code not present)
	[stretch] - cryptsetup <not-affected> (Vulnerable code not present)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1874712
	NOTE: https://gitlab.com/cryptsetup/cryptsetup/-/merge_requests/102
	NOTE: Fixed by: https://gitlab.com/cryptsetup/cryptsetup/-/commit/52f5cb8cedf22fb3e14c744814ec8af7614146c7
	NOTE: Improvement: https://gitlab.com/cryptsetup/cryptsetup/-/commit/46ee71edcd13e1dad50815ad65c28779aa6f7503
	NOTE: Improvement: https://gitlab.com/cryptsetup/cryptsetup/-/commit/752c9a52798f11d3b765b673ebaa3058eb25316e
	NOTE: Introduced with: https://gitlab.com/cryptsetup/cryptsetup/-/commit/a7f80a27701450e40ef37e2224577f1a0c98cf0f (v2.2.0-rc0)
CVE-2020-14381 (A flaw was found in the Linux kernel&#8217;s futex implementation. Thi ...)
	- linux 5.5.13-1
	[buster] - linux 4.19.118-1
	[stretch] - linux 4.9.228-1
	NOTE: https://git.kernel.org/linus/8019ad13ef7f64be44d4f892af9c840179009254
CVE-2020-14380 (An account takeover flaw was found in Red Hat Satellite 6.7.2 onward.  ...)
	NOT-FOR-US: Red Hat Satellite
CVE-2020-14379
	RESERVED
	NOT-FOR-US: Red Hat AMQ broker
CVE-2020-14378 (An integer underflow in dpdk versions before 18.11.10 and before 19.11 ...)
	- dpdk 19.11.5-1 (bug #971269)
	[buster] - dpdk 18.11.10-1~deb10u1
	[stretch] - dpdk <no-dsa> (Minor issue)
	NOTE: https://bugs.dpdk.org/show_bug.cgi?id=272
CVE-2020-14377 (A flaw was found in dpdk in versions before 18.11.10 and before 19.11. ...)
	- dpdk 19.11.5-1 (bug #971269)
	[buster] - dpdk 18.11.10-1~deb10u1
	[stretch] - dpdk <no-dsa> (Minor issue)
	NOTE: https://bugs.dpdk.org/show_bug.cgi?id=272
CVE-2020-14376 (A flaw was found in dpdk in versions before 18.11.10 and before 19.11. ...)
	- dpdk 19.11.5-1 (bug #971269)
	[buster] - dpdk 18.11.10-1~deb10u1
	[stretch] - dpdk <no-dsa> (Minor issue)
	NOTE: https://bugs.dpdk.org/show_bug.cgi?id=272
CVE-2020-14375 (A flaw was found in dpdk in versions before 18.11.10 and before 19.11. ...)
	- dpdk 19.11.5-1 (bug #971269)
	[buster] - dpdk 18.11.10-1~deb10u1
	[stretch] - dpdk <no-dsa> (Minor issue)
	NOTE: https://bugs.dpdk.org/show_bug.cgi?id=272
CVE-2020-14374 (A flaw was found in dpdk in versions before 18.11.10 and before 19.11. ...)
	- dpdk 19.11.5-1 (bug #971269)
	[buster] - dpdk 18.11.10-1~deb10u1
	[stretch] - dpdk <no-dsa> (Minor issue)
	NOTE: https://bugs.dpdk.org/show_bug.cgi?id=272
CVE-2020-14373 (A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of g ...)
	- ghostscript 9.26~dfsg-1
	[stretch] - ghostscript 9.26~dfsg-0+deb9u1
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ece5cbbd9979cd35737b00e68267762d72feb2ea
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=702851
CVE-2020-14372 (A flaw was found in grub2 in versions prior to 2.06, where it incorrec ...)
	{DSA-4867-1}
	- grub2 2.04-16
	[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
CVE-2020-14371 (A credential leak vulnerability was found in Red Hat Satellite. This f ...)
	NOT-FOR-US: Red Hat Satellite
CVE-2020-14370 (An information disclosure vulnerability was found in containers/podman ...)
	- libpod 2.0.6+dfsg1-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1874268
	NOTE: https://github.com/containers/podman/commit/a7e864e6e7de894d4edde4fff00e53dc6a0b5074
CVE-2020-14369 (This release fixes a Cross Site Request Forgery vulnerability was foun ...)
	NOT-FOR-US: Red Hat CloudForm
CVE-2020-14368 (A flaw was found in Eclipse Che in versions prior to 7.14.0 that impac ...)
	NOT-FOR-US: Eclipse Che
CVE-2020-14367 (A flaw was found in chrony versions before 3.5.1 when creating the PID ...)
	- chrony 3.5.1-1 (unimportant)
	[buster] - chrony 3.4-4+deb10u1
	NOTE: https://www.openwall.com/lists/oss-security/2020/08/21/1
	NOTE: Fixed by: https://git.tuxfamily.org/chrony/chrony.git/commit/util.c?id=7a4c396bba8f92a3ee8018620983529152050c74 (4.0-pre1)
	NOTE: Fixed by: https://git.tuxfamily.org/chrony/chrony.git/commit/main.c?id=e18903a6b56341481a2e08469c0602010bf7bfe3 (4.0-pre1)
	NOTE: Minimal backport: https://git.tuxfamily.org/chrony/chrony.git/commit/?id=f00fed20092b6a42283f29c6ee1f58244d74b545 (3.5.1)
	NOTE: Debian packaging relocates chronyd.pid as well to /run since 3.1-3
	NOTE: additionally mitigating the issue. Earlier versions used /var/run/chronyd.pid.
CVE-2020-14366 (A vulnerability was found in keycloak, where path traversal using URL- ...)
	NOT-FOR-US: Keycloak
CVE-2020-14365 (A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before ...)
	{DSA-4950-1}
	- ansible 2.9.13+dfsg-1 (unimportant)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1869154
	NOTE: https://github.com/ansible/ansible/commit/1d043e082b3b1f3ad35c803137f5d3bcbae92275 (v2.9.13)
	NOTE: Negligible security impact on Debian systems
CVE-2020-14364 (An out-of-bounds read/write access flaw was found in the USB emulator  ...)
	{DSA-4760-1 DLA-2373-1}
	- qemu 1:5.1+dfsg-4 (bug #968947)
	NOTE: https://xenbits.xen.org/xsa/advisory-335.html
	NOTE: https://www.openwall.com/lists/oss-security/2020/08/24/3
	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=b946434f2659a182afc17e155be6791ebfb302eb
CVE-2020-14363 (An integer overflow vulnerability leading to a double-free was found i ...)
	{DLA-2361-1}
	- libx11 2:1.6.12-1 (bug #969008)
	[buster] - libx11 2:1.6.7-1+deb10u1
	NOTE: https://lists.x.org/archives/xorg-announce/2020-August/003056.html
	NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/acdaaadcb3d85c61fd43669fc5dddf0f8c3f911d
CVE-2020-14362 (A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Int ...)
	{DSA-4758-1 DLA-2359-1}
	- xorg-server 2:1.20.9-1
	NOTE: https://lists.x.org/archives/xorg-announce/2020-August/003058.html
	NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/2902b78535ecc6821cc027351818b28a5c7fdbdc
CVE-2020-14361 (A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Int ...)
	{DSA-4758-1 DLA-2359-1}
	- xorg-server 2:1.20.9-1
	NOTE: https://lists.x.org/archives/xorg-announce/2020-August/003058.html
	NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/144849ea27230962227e62a943b399e2ab304787
CVE-2020-14360 (A flaw was found in the X.Org Server before version 1.20.10. An out-of ...)
	{DSA-4803-1 DLA-2486-1}
	- xorg-server 2:1.20.10-1 (bug #976216)
	NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/446ff2d3177087b8173fa779fa5b77a2a128988b
CVE-2020-14359 (A vulnerability was found in all versions of keycloak, where on using  ...)
	NOT-FOR-US: Keycloak
CVE-2020-14358
	REJECTED
CVE-2020-14357
	REJECTED
CVE-2020-14356 (A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem ...)
	{DLA-2420-1 DLA-2385-1}
	- linux 5.7.10-1 (bug #966846)
	[buster] - linux 4.19.146-1
	NOTE: Fixed by: https://git.kernel.org/linus/ad0f75e5f57ccbceec13274e1e242f2b5a6397ed
CVE-2020-14355 (Multiple buffer overflow vulnerabilities were found in the QUIC image  ...)
	{DSA-4771-1 DLA-2428-1 DLA-2427-1}
	- spice 0.14.3-2 (bug #971750)
	- spice-gtk 0.39-1 (bug #971751)
	[buster] - spice-gtk <no-dsa> (Minor issue)
	NOTE: https://gitlab.freedesktop.org/spice/spice-common/-/commit/762e0abae36033ccde658fd52d3235887b60862d
	NOTE: https://gitlab.freedesktop.org/spice/spice-common/-/commit/404d74782c8b5e57d146c5bf3118bb41bf3378e4
	NOTE: https://gitlab.freedesktop.org/spice/spice-common/-/commit/ef1b6ff7b82e15d759e5415b8e35b92bb1a4c206
	NOTE: https://gitlab.freedesktop.org/spice/spice-common/-/commit/b24fe6b66b86e601c725d30f00c37e684b6395b6
CVE-2020-14354 (A possible use-after-free and double-free in c-ares lib version 1.16.0 ...)
	- c-ares 1.16.1-1
	[buster] - c-ares <not-affected> (Vulnerable code introduced later)
	[stretch] - c-ares <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1866838
	NOTE: Introduced in: https://github.com/c-ares/c-ares/commit/dbd4c441fb7babad5c56f455d720af38e20546bc (1.16.0)
	NOTE: Fixed by: https://github.com/c-ares/c-ares/commit/1cc7e83c3bdfaafbc5919c95025592d8de3a170e (1.16.1)
CVE-2020-14353
	REJECTED
CVE-2020-14352 (A flaw was found in librepo in versions before 1.12.1. A directory tra ...)
	NOT-FOR-US: librepo
CVE-2020-14351 (A flaw was found in the Linux kernel. A use-after-free memory flaw was ...)
	{DLA-2494-1 DLA-2483-1}
	- linux 5.9.6-1
	[buster] - linux 4.19.160-1
	NOTE: https://lore.kernel.org/lkml/20200910104153.1672460-1-jolsa@kernel.org/
CVE-2020-14350 (It was found that some PostgreSQL extensions did not use search_path s ...)
	{DLA-2331-1}
	- postgresql-12 12.4-1
	- postgresql-11 <removed>
	[buster] - postgresql-11 11.9-0+deb10u1
	- postgresql-9.6 <removed>
	NOTE: https://www.postgresql.org/about/news/2060/
	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=7eeb1d9861b0a3f453f8b31c7648396cdd7f1e59
CVE-2020-14349 (It was found that PostgreSQL versions before 12.4, before 11.9 and bef ...)
	- postgresql-12 12.4-1
	- postgresql-11 <removed>
	[buster] - postgresql-11 11.9-0+deb10u1
	- postgresql-9.6 <not-affected> (Vulnerable code introduced later)
	NOTE: https://www.postgresql.org/about/news/2060/
	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=11da97024abbe76b8c81e3f2375b2a62e9717c67
	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=cec57b1a0fbcd3833086ba686897c5883e0a2afc
CVE-2020-14348 (It was found in AMQ Online before 1.5.2 that injecting an invalid fiel ...)
	NOT-FOR-US: AMQ Online
CVE-2020-14347 (A flaw was found in the way xserver memory was not properly initialize ...)
	{DSA-4758-1 DLA-2359-1}
	- xorg-server 2:1.20.9-1 (bug #968986)
	NOTE: https://lists.x.org/archives/xorg-announce/2020-July/003051.html
	NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/aac28e162e5108510065ad4c323affd6deffd816
CVE-2020-14346 (A flaw was found in xorg-x11-server before 1.20.9. An integer underflo ...)
	{DSA-4758-1 DLA-2359-1}
	- xorg-server 2:1.20.9-1
	NOTE: https://lists.x.org/archives/xorg-announce/2020-August/003058.html
	NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/c940cc8b6c0a2983c1ec974f1b3f019795dd4cff
CVE-2020-14345 (A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out ...)
	{DSA-4758-1 DLA-2359-1}
	- xorg-server 2:1.20.9-1
	NOTE: https://lists.x.org/archives/xorg-announce/2020-August/003058.html
	NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/f7cd1276bbd4fe3a9700096dec33b52b8440788d
CVE-2020-14344 (An integer overflow leading to a heap-buffer overflow was found in The ...)
	{DLA-2312-1}
	- libx11 2:1.6.10-1
	[buster] - libx11 2:1.6.7-1+deb10u1
	NOTE: https://lists.x.org/archives/xorg-announce/2020-July/003050.html
	NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/0e6561efcfaa0ae7b5c74eac7e064b76d687544e
	NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/388b303c62aa35a245f1704211a023440ad2c488
	NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/2fcfcc49f3b1be854bb9085993a01d17c62acf60
	NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/1a566c9e00e5f35c1f9e7f3d741a02e5170852b2
	NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/1703b9f3435079d3c6021e1ee2ec34fd4978103d
	NOTE: Original patchset introduces regression: https://bugs.debian.org/966691 and https://gitlab.freedesktop.org/xorg/lib/libx11/-/issues/116
	NOTE: Follow-up for regression: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/93fce3f4e79cbc737d6468a4f68ba3de1b83953b
CVE-2020-14343 (A vulnerability was discovered in the PyYAML library in versions befor ...)
	- pyyaml 5.3.1-4 (bug #966233)
	[buster] - pyyaml <not-affected> (Vulnerable code not present)
	[stretch] - pyyaml <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/yaml/pyyaml/issues/420
	NOTE: Fixed via: https://github.com/yaml/pyyaml/pull/472
	NOTE: https://github.com/yaml/pyyaml/commit/7adc0db3f613a82669f2b168edd98379b83adb3c
	NOTE: CVE is for an incomplete fix of CVE-2020-1747.
CVE-2020-14342 (It was found that cifs-utils' mount.cifs was invoking a shell when req ...)
	- cifs-utils 2:6.11-1 (bug #970172)
	[buster] - cifs-utils <no-dsa> (Minor issue)
	[stretch] - cifs-utils <no-dsa> (Minor issue)
	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14442
	NOTE: https://lists.samba.org/archive/samba-technical/2020-September/135747.html
	NOTE: https://git.samba.org/cifs-utils.git/?p=cifs-utils.git;a=commit;h=48a654e2e763fce24c22e1b9c695b42804bbdd4a
CVE-2020-14341 (The "Test Connection" available in v7.x of the Red Hat Single Sign On  ...)
	NOT-FOR-US: Red Hat Single Sign On application console
CVE-2020-14340 (A vulnerability was discovered in XNIO where file descriptor leak caus ...)
	- jboss-xnio 3.8.2-1
	[buster] - jboss-xnio <no-dsa> (Minor issue)
	[stretch] - jboss-xnio <not-affected> (vulnerable code is not present)
	NOTE: Fix for 3.8: https://github.com/xnio/xnio/pull/233
	NOTE: Fix for 3.7 (Buster): https://github.com/xnio/xnio/pull/234
CVE-2020-14339 (A flaw was found in libvirt, where it leaked a file descriptor for `/d ...)
	- libvirt 6.6.0-1 (bug #966563)
	[buster] - libvirt <not-affected> (Vulnerable code introduced later)
	[stretch] - libvirt <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1860069
	NOTE: https://www.redhat.com/archives/libvir-list/2020-July/msg01500.html
	NOTE: Proposed patch: https://www.redhat.com/archives/libvir-list/2020-July/msg01501.html
	NOTE: https://libvirt.org/git/?p=libvirt.git;a=commit;h=22494556542c676d1b9e7f1c1f2ea13ac17e1e3e (v6.6.0)
CVE-2020-14338 (A flaw was found in Wildfly's implementation of Xerces, specifically i ...)
	- wildfly <itp> (bug #752018)
CVE-2020-14337 (A data exposure flaw was found in Tower, where sensitive data was reve ...)
	NOT-FOR-US: Ansible Tower
CVE-2020-14336 (A flaw was found in the Restricted Security Context Constraints (SCC), ...)
	NOT-FOR-US: OpenShift
CVE-2020-14335 (A flaw was found in Red Hat Satellite, which allows a privileged attac ...)
	NOT-FOR-US: Red Hat Satellite
CVE-2020-14334 (A flaw was found in Red Hat Satellite 6 which allows privileged attack ...)
	- foreman <itp> (bug #663101)
CVE-2020-14333 (A flaw was found in Ovirt Engine's web interface in ovirt 4.4 and earl ...)
	NOT-FOR-US: ovirt-engine
CVE-2020-14332 (A flaw was found in the Ansible Engine when using module_args. Tasks e ...)
	{DSA-4950-1}
	- ansible 2.9.13+dfsg-1 (bug #966672)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1857805
	NOTE: https://github.com/ansible/ansible/pull/71033
	NOTE: https://github.com/ansible/ansible/commit/6cae9a4b168df776bf82deb04b2c62e00c38b49a (v2.9.12)
CVE-2020-14331 (A flaw was found in the Linux kernel&#8217;s implementation of the inv ...)
	{DLA-2420-1 DLA-2385-1}
	- linux 5.7.17-1 (unimportant)
	[buster] - linux 4.19.146-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/07/28/2
	NOTE: Only exploitable when CONFIG_VGACON_SOFT_SCROLLBACK is set
CVE-2020-14330 (An Improper Output Neutralization for Logs flaw was found in Ansible w ...)
	{DSA-4950-1}
	- ansible 2.9.13+dfsg-1
	NOTE: https://github.com/ansible/ansible/issues/68400
	NOTE: Initial fix: https://github.com/ansible/ansible/pull/69653
	NOTE: Complete fix (reverting first and adding more elaborated fix):
	NOTE: https://github.com/ansible/ansible/pull/70762
	NOTE: https://github.com/ansible/ansible/commit/e0f25a2b1f9e6c21f751ba0ed2dc2eee2152983e
	NOTE: https://github.com/ansible/ansible/commit/76815d3afccc7baffa196456d092f4de94b4fbb1 (v2.9.12)
CVE-2020-14329 (A data exposure flaw was found in Ansible Tower in versions before 3.7 ...)
	NOT-FOR-US: Ansible Tower
CVE-2020-14328 (A flaw was found in Ansible Tower in versions before 3.7.2. A Server S ...)
	NOT-FOR-US: Ansible Tower
CVE-2020-14327 (A Server-side request forgery (SSRF) flaw was found in Ansible Tower i ...)
	NOT-FOR-US: Ansible Tower
CVE-2020-14326 (A vulnerability was found in RESTEasy, where RootNode incorrectly cach ...)
	- resteasy <not-affected> (Vulnerable code introduced later)
	- resteasy3.0 <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1855826
	NOTE: https://issues.redhat.com/browse/RESTEASY-2643
	NOTE: https://issues.redhat.com/browse/RESTEASY-2646
	NOTE: Introduced by: https://github.com/resteasy/Resteasy/commit/f948c45f4ebe00531f858e289d17664bc2edd496 (4.2.0.Final)
CVE-2020-14325 (Red Hat CloudForms before 5.11.7.0 was vulnerable to the User Imperson ...)
	NOT-FOR-US: Red Hat CloudForm
CVE-2020-14324 (A high severity vulnerability was found in all active versions of Red  ...)
	NOT-FOR-US: Red Hat CloudForm
CVE-2020-14323 (A null pointer dereference flaw was found in samba's Winbind service i ...)
	{DLA-2463-1}
	[experimental] - samba 2:4.13.2+dfsg-1
	- samba 2:4.13.2+dfsg-2 (bug #973399)
	[buster] - samba <no-dsa> (Minor issue)
	NOTE: https://www.samba.org/samba/security/CVE-2020-14323.html
	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14436
CVE-2020-14322
	RESERVED
CVE-2020-14321
	RESERVED
CVE-2020-14320
	RESERVED
CVE-2020-14319 (It was found that the AMQ Online console is vulnerable to a Cross-Site ...)
	NOT-FOR-US: AMQ Online
CVE-2020-14318 (A flaw was found in the way samba handled file and directory permissio ...)
	{DLA-2463-1}
	[experimental] - samba 2:4.13.2+dfsg-1
	- samba 2:4.13.2+dfsg-2 (bug #973400)
	[buster] - samba <no-dsa> (Minor issue)
	NOTE: https://www.samba.org/samba/security/CVE-2020-14318.html
	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14434
CVE-2020-14317 (It was found that the issue for security flaw CVE-2019-3805 appeared a ...)
	- wildfly <itp> (bug #752018)
CVE-2020-14316 (A flaw was found in kubevirt 0.29 and earlier. Virtual Machine Instanc ...)
	NOT-FOR-US: KubeVirt
CVE-2020-14315 (A memory corruption vulnerability is present in bspatch as shipped in  ...)
	- bsdiff 4.3-22 (bug #964796)
	[buster] - bsdiff <no-dsa> (Minor issue)
	[stretch] - bsdiff <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2020/07/09/2
	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-16:29.bspatch.asc
CVE-2020-14314 (A memory out-of-bounds read flaw was found in the Linux kernel before  ...)
	{DLA-2420-1 DLA-2385-1}
	- linux 5.8.7-1
	[buster] - linux 4.19.146-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1853922
	NOTE: https://git.kernel.org/linus/5872331b3d91820e14716632ebb56b1399b34fe1
CVE-2020-14313 (An information disclosure vulnerability was found in Red Hat Quay in v ...)
	NOT-FOR-US: Quay
CVE-2020-14312 (A flaw was found in the default configuration of dnsmasq, as shipped w ...)
	- dnsmasq 2.69-1 (bug #732610)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1851342
CVE-2020-14311 (There is an issue with grub2 before version 2.06 while handling symlin ...)
	{DSA-4735-1}
	- grub2 2.04-9
	[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
	NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
	NOTE: https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=3f05d693d1274965ffbe4ba99080dc2c570944c6
CVE-2020-14310 (There is an issue on grub2 before version 2.06 at function read_sectio ...)
	{DSA-4735-1}
	- grub2 2.04-9
	[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
	NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
	NOTE: https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=3f05d693d1274965ffbe4ba99080dc2c570944c6
CVE-2020-14309 (There's an issue with grub2 in all versions before 2.06 when handling  ...)
	{DSA-4735-1}
	- grub2 2.04-9
	[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
	NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
	NOTE: https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=3f05d693d1274965ffbe4ba99080dc2c570944c6
CVE-2020-14308 (In grub2 versions before 2.06 the grub memory allocator doesn't check  ...)
	{DSA-4735-1}
	- grub2 2.04-9
	[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
	NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
	NOTE: https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=f725fa7cb2ece547c5af01eeeecfe8d95802ed41
CVE-2020-14307 (A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) ver ...)
	- wildfly <itp> (bug #752018)
CVE-2020-14306 (An incorrect access control flaw was found in the operator, openshift- ...)
	NOT-FOR-US: OpenShift
CVE-2020-14305 (An out-of-bounds memory write flaw was found in how the Linux kernel&# ...)
	{DLA-2420-1}
	- linux 4.12.6-1
	NOTE: https://patchwork.ozlabs.org/project/netfilter-devel/patch/c2385b5c-309c-cc64-2e10-a0ef62897502@virtuozzo.com/
CVE-2020-14304 (A memory disclosure flaw was found in the Linux kernel's ethernet driv ...)
	- linux <unfixed> (bug #960702)
	[bullseye] - linux <ignored> (Minor issue)
	[buster] - linux <ignored> (Minor issue)
CVE-2020-14303 (A flaw was found in the AD DC NBT server in all Samba versions before  ...)
	{DLA-2463-1}
	- samba 2:4.12.5+dfsg-1
	[buster] - samba <postponed> (Minor issue, fix along in next DSA)
	NOTE: https://www.samba.org/samba/security/CVE-2020-14303.html
CVE-2020-14302 (A flaw was found in Keycloak before 13.0.0 where an external identity  ...)
	NOT-FOR-US: Keycloak
CVE-2020-14301 (An information disclosure vulnerability was found in libvirt in versio ...)
	- libvirt <not-affected> (Vulnerable code introduced with 6.2.0)
	NOTE: Fixed by: https://github.com/libvirt/libvirt/commit/a5b064bf4b17a9884d7d361733737fb614ad8979
	NOTE: Fixed by: https://github.com/libvirt/libvirt/commit/524de6cc35d3b222f0e940bb0fd027f5482572c5
CVE-2020-14300 (The docker packages version docker-1.13.1-108.git4ef4b30.el7 as releas ...)
	- docker.io <not-affected> (Red Hat specific regression)
CVE-2020-14299 (A flaw was found in JBoss EAP, where the authentication configuration  ...)
	NOT-FOR-US: JBoss EAP
CVE-2020-14298 (The version of docker as released for Red Hat Enterprise Linux 7 Extra ...)
	- docker.io <not-affected> (Red Hat specific regression)
CVE-2020-14297 (A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat  ...)
	- wildfly <itp> (bug #752018)
CVE-2020-14296 (Red Hat CloudForms 4.7 and 5 was vulnerable to Server-Side Request For ...)
	NOT-FOR-US: Red Hat CloudForm
CVE-2020-14295 (A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to  ...)
	- cacti 1.2.13+ds1-1 (bug #963139)
	[buster] - cacti <not-affected> (Vulnerability introduced later)
	[stretch] - cacti <not-affected> (Vulnerability introduced later)
	[jessie] - cacti <not-affected> (Vulnerability introduced later)
	NOTE: https://github.com/Cacti/cacti/issues/3622
	NOTE: Fixed by: https://github.com/Cacti/cacti/commit/cc1a656f37b08c0c45667c119a44a3751271ac6e
	NOTE: Introduced with the fix for https://github.com/Cacti/cacti/issues/2839
	NOTE: Introduced by: https://github.com/Cacti/cacti/commit/b87747c38ba58e8cf6507d4f1f8476d1df567556 (1.2.6)
CVE-2020-14294 (An issue was discovered in Secudos Qiata FTA 1.70.19. The comment feat ...)
	NOT-FOR-US: Secudos Qiata FTA
CVE-2020-14293 (conf_datetime in Secudos DOMOS 5.8 allows remote attackers to execute  ...)
	NOT-FOR-US: Secudos DOMOS
CVE-2020-14292 (In the COVIDSafe application through 1.0.21 for Android, unsafe use of ...)
	NOT-FOR-US: COVIDSafe application for Android
CVE-2020-14291
	RESERVED
CVE-2020-14290
	RESERVED
CVE-2020-14289
	RESERVED
CVE-2020-14288
	RESERVED
CVE-2020-14287
	RESERVED
CVE-2020-14286
	RESERVED
CVE-2020-14285
	RESERVED
CVE-2020-14284
	RESERVED
CVE-2020-14283
	RESERVED
CVE-2020-14282
	RESERVED
CVE-2020-14281
	RESERVED
CVE-2020-14280
	RESERVED
CVE-2020-14279
	RESERVED
CVE-2020-14278
	RESERVED
CVE-2020-14277
	RESERVED
CVE-2020-14276
	RESERVED
CVE-2020-14275 (Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1 ...)
	NOT-FOR-US: HCL
CVE-2020-14274 (Information disclosure vulnerability in HCL Commerce 9.0.1.9 through 9 ...)
	NOT-FOR-US: HCL
CVE-2020-14273 (HCL Domino is susceptible to a Denial of Service (DoS) vulnerability d ...)
	NOT-FOR-US: HCL Domino
CVE-2020-14272
	RESERVED
CVE-2020-14271 (HCL iNotes v9, v10 and v11 is susceptible to a Stored Cross-Site Scrip ...)
	NOT-FOR-US: HCL iNotes
CVE-2020-14270 (HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vu ...)
	NOT-FOR-US: HCL Domino
CVE-2020-14269
	RESERVED
CVE-2020-14268 (A vulnerability in the MIME message handling of the Notes client (vers ...)
	NOT-FOR-US: HCL Notes
CVE-2020-14267
	RESERVED
CVE-2020-14266
	RESERVED
CVE-2020-14265
	RESERVED
CVE-2020-14264 ("HCL Traveler Companion is vulnerable to an iOS weak cryptographic pro ...)
	NOT-FOR-US: HCL
CVE-2020-14263 ("HCL Traveler Companion is vulnerable to an iOS weak cryptographic pro ...)
	NOT-FOR-US: HCL
CVE-2020-14262
	RESERVED
CVE-2020-14261
	RESERVED
CVE-2020-14260 (HCL Domino is susceptible to a Buffer Overflow vulnerability in DXL du ...)
	NOT-FOR-US: HCL Domino
CVE-2020-14259
	RESERVED
CVE-2020-14258 (HCL Notes is susceptible to a Denial of Service vulnerability caused b ...)
	NOT-FOR-US: HCL
CVE-2020-14257
	RESERVED
CVE-2020-14256
	RESERVED
CVE-2020-14255 (HCL Digital Experience 9.5 containers include vulnerabilities that cou ...)
	NOT-FOR-US: HCL
CVE-2020-14254 (TLS-RSA cipher suites are not disabled in HCL BigFix Inventory up to v ...)
	NOT-FOR-US: HCL BigFix Inventory
CVE-2020-14253
	RESERVED
CVE-2020-14252
	RESERVED
CVE-2020-14251
	RESERVED
CVE-2020-14250
	RESERVED
CVE-2020-14249
	RESERVED
CVE-2020-14248 (BigFix Inventory up to v10.0.2 does not set the secure flag for the se ...)
	NOT-FOR-US: HCL BigFix Inventory
CVE-2020-14247 (HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate sess ...)
	NOT-FOR-US: HCL
CVE-2020-14246 (HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication w ...)
	NOT-FOR-US: HCL
CVE-2020-14245 (HCL OneTest UI V9.5, V10.0, and V10.1 does not perform authentication  ...)
	NOT-FOR-US: HCL
CVE-2020-14244 (A vulnerability in the MIME message handling of the Domino server (ver ...)
	NOT-FOR-US: HCL Domino server
CVE-2020-14243
	RESERVED
CVE-2020-14242
	RESERVED
CVE-2020-14241
	RESERVED
CVE-2020-14240 (HCL Notes versions previous to releases 9.0.1 FP10 IF8, 10.0.1 FP6 and ...)
	NOT-FOR-US: HCL Notes
CVE-2020-14239
	RESERVED
CVE-2020-14238
	RESERVED
CVE-2020-14237
	RESERVED
CVE-2020-14236
	RESERVED
CVE-2020-14235
	RESERVED
CVE-2020-14234 (HCL Domino is susceptible to a Denial of Service vulnerability due to  ...)
	NOT-FOR-US: HCL
CVE-2020-14233
	RESERVED
CVE-2020-14232 (A vulnerability in the input parameter handling of HCL Notes v9 could  ...)
	NOT-FOR-US: HCL Notes
CVE-2020-14231 (A vulnerability in the input parameter handling of HCL Client Applicat ...)
	NOT-FOR-US: HCL
CVE-2020-14230 (HCL Domino is susceptible to a Denial of Service vulnerability caused  ...)
	NOT-FOR-US: HCL
CVE-2020-14229
	RESERVED
CVE-2020-14228
	RESERVED
CVE-2020-14227
	RESERVED
CVE-2020-14226
	RESERVED
CVE-2020-14225 (HCL iNotes is susceptible to a Tabnabbing vulnerability caused by impr ...)
	NOT-FOR-US: HCL iNotes
CVE-2020-14224 (A vulnerability in the MIME message handling of the HCL Notes v9 clien ...)
	NOT-FOR-US: HCL Notes
CVE-2020-14223 (HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross-site scri ...)
	NOT-FOR-US: HCL Digital Experience
CVE-2020-14222 (HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross site scri ...)
	NOT-FOR-US: HCL Digital Experience
CVE-2020-14221 (HCL Digital Experience 8.5, 9.0, and 9.5 exposes information about the ...)
	NOT-FOR-US: HCL
CVE-2020-14220
	RESERVED
CVE-2020-14219
	RESERVED
CVE-2020-14218
	RESERVED
CVE-2020-14217
	RESERVED
CVE-2020-14216
	RESERVED
CVE-2020-14215 (Zulip Server before 2.1.5 has Incorrect Access Control because 0198_pr ...)
	- zulip-server <itp> (bug #800052)
CVE-2020-14214 (Zammad before 3.3.1, when Domain Based Assignment is enabled, relies o ...)
	- zammad <itp> (bug #841355)
CVE-2020-14213 (In Zammad before 3.3.1, a Customer has ticket access that should only  ...)
	- zammad <itp> (bug #841355)
CVE-2020-14212 (FFmpeg through 4.3 has a heap-based buffer overflow in avio_get_str in ...)
	- ffmpeg 7:4.3.1-1
	[buster] - ffmpeg <not-affected> (Vulnerable code not present)
	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
	NOTE: https://trac.ffmpeg.org/ticket/8716
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0b3bd001ac1745d9d008a2d195817df57d7d1d14
CVE-2020-14211
	RESERVED
CVE-2020-14210 (Reflected Cross-Site Scripting (XSS) vulnerability in MONITORAPP WAF i ...)
	NOT-FOR-US: MONITORAPP
CVE-2020-14209 (Dolibarr before 11.0.5 allows low-privilege users to upload files of d ...)
	- dolibarr <removed>
CVE-2020-14208 (SuiteCRM 7.11.13 is affected by stored Cross-Site Scripting (XSS) in t ...)
	NOT-FOR-US: SuiteCRM
CVE-2020-14207 (The DiveBook plugin 1.1.4 for WordPress was prone to a SQL injection w ...)
	NOT-FOR-US: DiveBook plugin for WordPress
CVE-2020-14206 (The DiveBook plugin 1.1.4 for WordPress is prone to unauthenticated XS ...)
	NOT-FOR-US: DiveBook plugin for WordPress
CVE-2020-14205 (The DiveBook plugin 1.1.4 for WordPress is prone to improper access co ...)
	NOT-FOR-US: DiveBook plugin for WordPress
CVE-2020-14204 (In WebFOCUS Business Intelligence 8.0 (SP6), the administration portal ...)
	NOT-FOR-US: WebFOCUS Business Intelligence
CVE-2020-14203 (WebFOCUS Business Intelligence 8.0 (SP6) allows a Cross-Site Request F ...)
	NOT-FOR-US: WebFOCUS Business Intelligence
CVE-2020-14202 (WebFOCUS Business Intelligence 8.0 (SP6) was prone to XSS via arbitrar ...)
	NOT-FOR-US: WebFOCUS Business Intelligence
CVE-2020-14201 (Dolibarr CRM before 11.0.5 allows privilege escalation. This could all ...)
	- dolibarr <removed>
CVE-2020-14200
	RESERVED
CVE-2020-14199 (BIP-143 in the Bitcoin protocol specification mishandles the signing o ...)
	NOT-FOR-US: Bitcoin protocol issue
CVE-2020-14198 (Bitcoin Core 0.20.0 allows remote denial of service. ...)
	- bitcoin <unfixed> (bug #976448)
	NOTE: https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2020-14198
CVE-2020-14197
	RESERVED
CVE-2020-14196 (In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1 ...)
	- pdns-recursor 4.3.2-1 (low; bug #964103)
	[buster] - pdns-recursor <postponed> (Minor issue, fix along in next DSA)
	NOTE: https://www.openwall.com/lists/oss-security/2020/07/01/1
CVE-2020-14195 (FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interact ...)
	{DLA-2270-1}
	- jackson-databind 2.11.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u2
	[stretch] - jackson-databind 2.8.6-1+deb9u7
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2765
	NOTE: https://github.com/FasterXML/jackson-databind/commit/f6d9c664f6d481703138319f6a0f1fdbddb3a259
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
CVE-2020-14194 (Zulip Server before 2.1.5 allows reverse tabnapping via a topic header ...)
	- zulip-server <itp> (bug #800052)
CVE-2020-14193 (Affected versions of Automation for Jira - Server allowed remote attac ...)
	NOT-FOR-US: Atlassian
CVE-2020-14192 (Affected versions of Atlassian Fisheye and Crucible allow remote attac ...)
	NOT-FOR-US: Atlassian
CVE-2020-14191 (Affected versions of Atlassian Fisheye/Crucible allow remote attackers ...)
	NOT-FOR-US: Atlassian
CVE-2020-14190 (Affected versions of Atlassian Fisheye/Crucible allow remote attackers ...)
	NOT-FOR-US: Atlassian
CVE-2020-14189 (The execute function in in the Atlassian gajira-comment GitHub Action  ...)
	NOT-FOR-US: Atlassian
CVE-2020-14188 (The preprocessArgs function in the Atlassian gajira-create GitHub Acti ...)
	NOT-FOR-US: Atlassian
CVE-2020-14187
	RESERVED
CVE-2020-14186
	RESERVED
CVE-2020-14185 (Affected versions of Jira Server allow remote unauthenticated attacker ...)
	NOT-FOR-US: Atlassian
CVE-2020-14184 (Affected versions of Atlassian Jira Server allow remote attackers to i ...)
	NOT-FOR-US: Atlassian
CVE-2020-14183 (Affected versions of Jira Server &amp; Data Center allow a remote atta ...)
	NOT-FOR-US: Atlassian
CVE-2020-14182
	RESERVED
CVE-2020-14181 (Affected versions of Atlassian Jira Server and Data Center allow an un ...)
	NOT-FOR-US: Atlassian
CVE-2020-14180 (Affected versions of Atlassian Jira Service Desk Server and Data Cente ...)
	NOT-FOR-US: Atlassian
CVE-2020-14179 (Affected versions of Atlassian Jira Server and Data Center allow remot ...)
	NOT-FOR-US: Atlassian
CVE-2020-14178 (Affected versions of Atlassian Jira Server and Data Center allow remot ...)
	NOT-FOR-US: Atlassian
CVE-2020-14177 (Affected versions of Atlassian Jira Server and Data Center allow remot ...)
	NOT-FOR-US: Atlassian
CVE-2020-14176
	RESERVED
CVE-2020-14175 (Affected versions of Atlassian Confluence Server and Data Center allow ...)
	NOT-FOR-US: Atlassian
CVE-2020-14174 (Affected versions of Atlassian Jira Server and Data Center allow remot ...)
	NOT-FOR-US: Atlassian
CVE-2020-14173 (The file upload feature in Atlassian Jira Server and Data Center in af ...)
	NOT-FOR-US: Atlassian
CVE-2020-14172 (This issue exists to document that a security improvement in the way t ...)
	NOT-FOR-US: Atlassian
CVE-2020-14171 (Atlassian Bitbucket Server from version 4.9.0 before version 7.2.4 all ...)
	NOT-FOR-US: Atlassian
CVE-2020-14170 (Webhooks in Atlassian Bitbucket Server from version 5.4.0 before versi ...)
	NOT-FOR-US: Atlassian
CVE-2020-14169 (The quick search component in Atlassian Jira Server and Data Center be ...)
	NOT-FOR-US: Atlassian
CVE-2020-14168 (The email client in Jira Server and Data Center before version 7.13.16 ...)
	NOT-FOR-US: Atlassian
CVE-2020-14167 (The MessageBundleResource resource in Jira Server and Data Center befo ...)
	NOT-FOR-US: Atlassian
CVE-2020-14166 (The /servicedesk/customer/portals resource in Jira Service Desk Server ...)
	NOT-FOR-US: Atlassian
CVE-2020-14165 (The UniversalAvatarResource.getAvatars resource in Jira Server and Dat ...)
	NOT-FOR-US: Atlassian
CVE-2020-14164 (The WYSIWYG editor resource in Jira Server and Data Center before vers ...)
	NOT-FOR-US: Atlassian
CVE-2020-14163 (An issue was discovered in ecma/operations/ecma-container-object.c in  ...)
	- iotjs <not-affected> (Vulnerable code never in released version)
	NOTE: https://github.com/jerryscript-project/jerryscript/commit/c2b662170245a16f46ce02eae68815c325d99821
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3804
CVE-2020-14162 (An issue was discovered in Pi-Hole through 5.0. The local www-data use ...)
	NOT-FOR-US: Pi-Hole
CVE-2020-14161 (It is possible to inject HTML and/or JavaScript in the HTML to PDF con ...)
	NOT-FOR-US: Gotenberg
CVE-2020-14160 (An SSRF vulnerability in Gotenberg through 6.2.1 exists in the remote  ...)
	NOT-FOR-US: Gotenberg
CVE-2020-14159 (By using an Automate API in ConnectWise Automate before 2020.5.178, a  ...)
	NOT-FOR-US: ConnectWise
CVE-2020-14158 (The ABUS Secvest FUMO50110 hybrid module does not have any security me ...)
	NOT-FOR-US: ABUS Secvest FUMO50110 hybrid module
CVE-2020-14157 (The wireless-communication feature of the ABUS Secvest FUBE50001 devic ...)
	NOT-FOR-US: ABUS
CVE-2020-14156 (user_channel/passwd_mgr.cpp in OpenBMC phosphor-host-ipmid before 2020 ...)
	NOT-FOR-US: OpenBMC
CVE-2020-14155 (libpcre in PCRE before 8.44 allows an integer overflow via a large num ...)
	- pcre3 2:8.39-13 (bug #963086)
	[buster] - pcre3 <no-dsa> (Minor issue)
	[stretch] - pcre3 <no-dsa> (Minor issue)
	[jessie] - pcre3 <no-dsa> (Minor issue)
	NOTE: https://bugs.exim.org/show_bug.cgi?id=2463
	NOTE: Fixed by: https://vcs.pcre.org/pcre?view=revision&revision=1761 (8.44)
CVE-2020-14154 (Mutt before 1.14.3 proceeds with a connection even if, in response to  ...)
	- mutt 1.14.3-1 (unimportant)
	[buster] - mutt 1.10.1-2.1+deb10u1
	- neomutt 20200619+dfsg.1-1 (unimportant)
	NOTE: http://lists.mutt.org/pipermail/mutt-announce/Week-of-Mon-20200608/000022.html
	NOTE: https://gitlab.com/muttmua/mutt/commit/bb0e6277a45a5d4c3a30d3b968eeb31d78124e95
	NOTE: https://gitlab.com/muttmua/mutt/commit/5fccf603ebcf352ba783136d6b2d2600d811fb3b
	NOTE: https://gitlab.com/muttmua/mutt/commit/f64ec1deefb67d471a642004e102cd1c501a1db3
	NOTE: Negligible security impact
CVE-2020-14153 (In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an o ...)
	- libjpeg9 1:9d-1
	- libjpeg-turbo <not-affected> (Vulnerable code not present; problematic condition cannot be reached)
	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/445
CVE-2020-14152 (In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs. ...)
	{DLA-2302-1}
	- libjpeg9 1:9d-1 (low)
	- libjpeg-turbo 1:1.5.2-1 (low)
	[jessie] - libjpeg-turbo <no-dsa> (Minor issue)
	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/da2a27ef056a0179cbd80f9146e58b89403d9933
CVE-2020-14151
	REJECTED
CVE-2020-14150 (GNU Bison before 3.5.4 allows attackers to cause a denial of service ( ...)
	- bison 2:3.6.1+dfsg-1 (unimportant)
	NOTE: https://lists.gnu.org/archive/html/info-gnu/2020-04/msg00000.html
	NOTE: Crash in CLI tool, no security impact
CVE-2020-14149 (In uftpd before 2.12, handle_CWD in ftpcmd.c mishandled the path provi ...)
	NOT-FOR-US: uftpd
CVE-2020-14148 (The Server-Server protocol implementation in ngIRCd before 26~rc2 allo ...)
	{DLA-2252-1}
	- ngircd 26-1 (bug #963147)
	[buster] - ngircd <no-dsa> (Minor issue)
	[stretch] - ngircd <no-dsa> (Minor issue)
	NOTE: https://github.com/ngircd/ngircd/issues/274
	NOTE: https://github.com/ngircd/ngircd/issues/277
	NOTE: https://github.com/ngircd/ngircd/pull/275
	NOTE: https://github.com/ngircd/ngircd/pull/276
	NOTE: https://github.com/ngircd/ngircd/commit/02cf31c0e267a4c9a7656d43ad3ad4eeb37fc9c5
CVE-2020-14147 (An integer overflow in the getnum function in lua_struct.c in Redis be ...)
	{DSA-4731-1}
	- redis 5:6.0.0-1
	[stretch] - redis <not-affected> (Vulnerable code reintroduced later)
	[jessie] - redis <not-affected> (Vulnerable code reintroduced later)
	NOTE: https://github.com/antirez/redis/pull/6875
	NOTE: Issue re-introduced with https://github.com/antirez/redis/commit/1eb08bcd4634ae42ec45e8284923ac048beaa4c3 (5.0-rc4)
	NOTE: Fixed by: https://github.com/antirez/redis/commit/ef764dde1cca2f25d00686673d1bc89448819571
	NOTE: Fixed upstream in 6.0~rc2 and 5.0.8
CVE-2020-14146 (KumbiaPHP through 1.1.1, in Development mode, allows XSS via the publi ...)
	NOT-FOR-US: KumbiaPHP
CVE-2020-14145 (The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepan ...)
	- openssh <unfixed> (unimportant)
	NOTE: https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/
	NOTE: https://www.fzi.de/fileadmin/user_upload/2020-06-26-FSA-2020-2.pdf
	NOTE: The OpenSSH project is not planning to change the behaviour of OpenSSH regarding
	NOTE: the issue, details in "3.1 OpenSSH" in the publication.
	NOTE: Partial mitigation: https://anongit.mindrot.org/openssh.git/commit/?id=b3855ff053f5078ec3d3c653cdaedefaa5fc362d (V_8_4_P1)
CVE-2020-14144 (** DISPUTED ** The git hook feature in Gitea 1.1.0 through 1.12.5 migh ...)
	- gitea <removed>
CVE-2020-14143
	RESERVED
CVE-2020-14142
	RESERVED
CVE-2020-14141
	RESERVED
CVE-2020-14140
	RESERVED
CVE-2020-14139
	RESERVED
CVE-2020-14138
	RESERVED
CVE-2020-14137
	RESERVED
CVE-2020-14136
	RESERVED
CVE-2020-14135
	RESERVED
CVE-2020-14134
	RESERVED
CVE-2020-14133
	RESERVED
CVE-2020-14132
	RESERVED
CVE-2020-14131
	RESERVED
CVE-2020-14130 (Some js interfaces in the Xiaomi community were exposed, causing sensi ...)
	NOT-FOR-US: Xiaomi
CVE-2020-14129
	RESERVED
CVE-2020-14128
	RESERVED
CVE-2020-14127
	RESERVED
CVE-2020-14126
	RESERVED
CVE-2020-14125
	RESERVED
CVE-2020-14124 (There is a buffer overflow in librsa.so called by getwifipwdurl interf ...)
	NOT-FOR-US: Xiaomi
CVE-2020-14123
	RESERVED
CVE-2020-14122
	RESERVED
CVE-2020-14121
	RESERVED
CVE-2020-14120
	RESERVED
CVE-2020-14119 (There is command injection in the addMeshNode interface of xqnetwork.l ...)
	NOT-FOR-US: Xiaomi
CVE-2020-14118
	RESERVED
CVE-2020-14117
	RESERVED
CVE-2020-14116
	RESERVED
CVE-2020-14115
	RESERVED
CVE-2020-14114
	RESERVED
CVE-2020-14113
	RESERVED
CVE-2020-14112
	RESERVED
CVE-2020-14111
	RESERVED
CVE-2020-14110 (AX3600 router sensitive information leaked.There is an unauthorized in ...)
	NOT-FOR-US: AX3600 router
CVE-2020-14109 (There is command injection in the meshd program in the routing system, ...)
	NOT-FOR-US: Xiaomi
CVE-2020-14108
	RESERVED
CVE-2020-14107 (A stack overflow in the HTTP server of Cast can be exploited to make t ...)
	NOT-FOR-US: Xiaomi
CVE-2020-14106 (The application in the mobile phone can unauthorized access to the lis ...)
	NOT-FOR-US: Xiaomi
CVE-2020-14105 (The application in the mobile phone can read the SNO information of th ...)
	NOT-FOR-US: Xiaomi
CVE-2020-14104 (A RACE CONDITION on XQBACKUP causes a decompression path error on Xiao ...)
	NOT-FOR-US: Xiaomi
CVE-2020-14103 (The application in the mobile phone can read the SNO information of th ...)
	NOT-FOR-US: Xiaomi
CVE-2020-14102 (There is command injection when ddns processes the hostname, which cau ...)
	NOT-FOR-US: Xiaomi
CVE-2020-14101 (The data collection SDK of the router web management interface caused  ...)
	NOT-FOR-US: Xiaomi
CVE-2020-14100 (In Xiaomi router R3600 ROM version&lt;1.0.66, filters in the set_WAN6  ...)
	NOT-FOR-US: Xiaomi
CVE-2020-14099 (On Xiaomi router AX1800 rom version &lt; 1.0.336 and RM1800 root versi ...)
	NOT-FOR-US: Xiaomi
CVE-2020-14098 (The login verification can be bypassed by using the problem that the t ...)
	NOT-FOR-US: Xiaomi
CVE-2020-14097 (Wrong nginx configuration, causing specific paths to be downloaded wit ...)
	NOT-FOR-US: Xiaomi
CVE-2020-14096 (Memory overflow in Xiaomi AI speaker Rom version &lt;1.59.6 can happen ...)
	NOT-FOR-US: Xiaomi
CVE-2020-14095 (In Xiaomi router R3600, ROM version&lt;1.0.20, a connect service suffe ...)
	NOT-FOR-US: Xiaomi
CVE-2020-14094 (In Xiaomi router R3600, ROM version&lt;1.0.20, the connection service  ...)
	NOT-FOR-US: Xiaomi
CVE-2020-14093 (Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attac ...)
	{DSA-4708-1 DSA-4707-1 DLA-2268-2 DLA-2268-1}
	- mutt 1.14.3-1 (bug #962897)
	- neomutt 20200619+dfsg.1-1
	NOTE: Fixed by: https://gitlab.com/muttmua/mutt/commit/3e88866dc60b5fa6aaba6fd7c1710c12c1c3cd01
	NOTE: Fix for CVE-2020-14093 introduces a regression, cf. #963107
	NOTE: Regression fixed by: https://gitlab.com/muttmua/mutt/-/commit/dc909119b3433a84290f0095c0f43a23b98b3748
CVE-2020-14092 (The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for Wo ...)
	NOT-FOR-US: CodePeople Payment Form for PayPal Pro plugin for WordPress
CVE-2020-14091
	RESERVED
CVE-2020-14090
	RESERVED
CVE-2020-14089
	RESERVED
CVE-2020-14088
	RESERVED
CVE-2020-14087
	RESERVED
CVE-2020-14086
	RESERVED
CVE-2020-14085
	RESERVED
CVE-2020-14084
	RESERVED
CVE-2020-14083
	RESERVED
CVE-2020-14082
	RESERVED
CVE-2020-14081 (TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command i ...)
	NOT-FOR-US: TRENDnet
CVE-2020-14080 (TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buff ...)
	NOT-FOR-US: TRENDnet
CVE-2020-14079 (TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buff ...)
	NOT-FOR-US: TRENDnet
CVE-2020-14078 (TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buff ...)
	NOT-FOR-US: TRENDnet
CVE-2020-14077 (TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buff ...)
	NOT-FOR-US: TRENDnet
CVE-2020-14076 (TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buff ...)
	NOT-FOR-US: TRENDnet TEW-827DRU devices
CVE-2020-14075 (TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command i ...)
	NOT-FOR-US: TRENDnet
CVE-2020-14074 (TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buff ...)
	NOT-FOR-US: TRENDnet
CVE-2020-14073 (XSS exists in PRTG Network Monitor 20.1.56.1574 via crafted map proper ...)
	NOT-FOR-US: PRTG Network Monitor
CVE-2020-14072 (An issue was discovered in MK-AUTH 19.01. It allows command execution  ...)
	NOT-FOR-US: MK-AUTH
CVE-2020-14071 (An issue was discovered in MK-AUTH 19.01. XSS vulnerabilities in admin ...)
	NOT-FOR-US: MK-AUTH
CVE-2020-14070 (An issue was discovered in MK-AUTH 19.01. There is authentication bypa ...)
	NOT-FOR-US: MK-AUTH
CVE-2020-14069 (An issue was discovered in MK-AUTH 19.01. There are SQL injection issu ...)
	NOT-FOR-US: MK-AUTH
CVE-2020-14068 (An issue was discovered in MK-AUTH 19.01. The web login functionality  ...)
	NOT-FOR-US: MK-AUTH
CVE-2020-14067 (The install_from_hash functionality in Navigate CMS 2.9 does not consi ...)
	NOT-FOR-US: Navigate CMS
CVE-2020-14066 (IceWarp Email Server 12.3.0.1 allows remote attackers to upload JavaSc ...)
	NOT-FOR-US: IceWarp Email Server
CVE-2020-14065 (IceWarp Email Server 12.3.0.1 allows remote attackers to upload files  ...)
	NOT-FOR-US: IceWarp Email Server
CVE-2020-14064 (IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user ac ...)
	NOT-FOR-US: IceWarp Email Server
CVE-2020-14063 (A stored Cross-Site Scripting (XSS) vulnerability in the TC Custom Jav ...)
	NOT-FOR-US: TC Custom JavaScript plugin for WordPress
CVE-2020-14062 (FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interact ...)
	{DLA-2270-1}
	- jackson-databind 2.11.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u2
	[stretch] - jackson-databind 2.8.6-1+deb9u7
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2704
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
CVE-2020-14061 (FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interact ...)
	{DLA-2270-1}
	- jackson-databind 2.11.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u2
	[stretch] - jackson-databind 2.8.6-1+deb9u7
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2698
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
CVE-2020-14060 (FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interact ...)
	{DLA-2270-1}
	- jackson-databind 2.11.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u2
	[stretch] - jackson-databind 2.8.6-1+deb9u7
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2688
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
CVE-2020-14059 (An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect ...)
	- squid <not-affected> (vulnerability introduced in the 5.x series)
	- squid3 <not-affected> (vulnerability introduced in the 5.x series)
	NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-w7pw-2m4p-58hr
CVE-2020-14058 (An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due ...)
	- squid 4.12-1 (unimportant)
	- squid3 <removed> (unimportant)
	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-93f5fda134a2a010b84ffedbe833d670e63ba4be.patch
	NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-qvf6-485q-vm57
	NOTE: Squid in Debian builds without OpenSSL support
CVE-2020-14057 (Monsta FTP 2.10.1 or below allows external control of paths used in fi ...)
	NOT-FOR-US: Monsta FTP
CVE-2020-14056 (Monsta FTP 2.10.1 or below is prone to a server-side request forgery v ...)
	NOT-FOR-US: Monsta FTP
CVE-2020-14055 (Monsta FTP 2.10.1 or below is prone to a stored cross-site scripting v ...)
	NOT-FOR-US: Monsta FTP
CVE-2020-14054 (SOKKIA GNR5 Vanguard WEB version 1.2 (build: 91f2b2c3a04d203d79862f87e ...)
	NOT-FOR-US: SOKKIA GNR5 Vanguard WEB
CVE-2020-14053
	RESERVED
CVE-2020-14052
	RESERVED
CVE-2020-14051
	RESERVED
CVE-2020-14050
	RESERVED
CVE-2020-14049 (Viber for Windows up to 13.2.0.39 does not properly quote its custom U ...)
	NOT-FOR-US: Viber
CVE-2020-14048 (Zoho ManageEngine ServiceDesk Plus before 11.1 build 11115 allows remo ...)
	NOT-FOR-US: Zoho
CVE-2020-14047
	RESERVED
CVE-2020-14046
	RESERVED
CVE-2020-14045
	RESERVED
CVE-2020-14044 (** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Server-Side Request Forger ...)
	NOT-FOR-US: Codiad
CVE-2020-14043 (** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Cross Side Request Forgery ...)
	NOT-FOR-US: Codiad
CVE-2020-14042 (** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Cross Site Scripting (XSS) ...)
	NOT-FOR-US: Codiad
CVE-2020-14041
	RESERVED
CVE-2020-14040 (The x/text package before 0.3.3 for Go has a vulnerability in encoding ...)
	- golang-golang-x-text 0.3.3-1 (bug #964272)
	- golang-x-text <removed> (bug #964271)
	[buster] - golang-x-text <no-dsa> (Minor issue)
	[stretch] - golang-x-text <no-dsa> (Minor issue)
	NOTE: https://github.com/golang/go/issues/39491
	NOTE: https://go.googlesource.com/text/+/23ae387dee1f90d29a23c0e87ee0b46038fbed0e
	NOTE: https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0
CVE-2020-14039 (In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may  ...)
	- golang-1.15 <not-affected> (Windows-specific)
	- golang-1.14 <not-affected> (Windows-specific)
	- golang-1.11 <not-affected> (Windows-specific)
	NOTE: https://golang.org/issue/39360
	NOTE: https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ
CVE-2020-25286 (In wp-includes/comment-template.php in WordPress before 5.4.2, comment ...)
	{DSA-4709-1 DLA-2371-1}
	- wordpress 5.4.2+dfsg1-1 (bug #962685)
	NOTE: https://core.trac.wordpress.org/changeset/47984
CVE-2020-4050 (In affected versions of WordPress, misuse of the `set-screen-option` f ...)
	{DSA-4709-1 DLA-2371-1 DLA-2269-1}
	- wordpress 5.4.2+dfsg1-1 (bug #962685)
	NOTE: https://core.trac.wordpress.org/changeset/47951
	NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-4vpv-fgg2-gcqc
	NOTE: https://github.com/WordPress/wordpress-develop/commit/b8dea76b495f0072523106c6ec46b9ea0d2a0920
	NOTE: https://core.trac.wordpress.org/ticket/50392 (regression fix)
CVE-2020-4049 (In affected versions of WordPress, when uploading themes, the name of  ...)
	{DSA-4709-1 DLA-2371-1 DLA-2269-1}
	- wordpress 5.4.2+dfsg1-1 (bug #962685)
	NOTE: https://core.trac.wordpress.org/changeset/47950
	NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-87h4-phjv-rm6p
	NOTE: https://github.com/WordPress/wordpress-develop/commit/404f397b4012fd9d382e55bf7d206c1317f01148
CVE-2020-4048 (In affected versions of WordPress, due to an issue in wp_validate_redi ...)
	{DSA-4709-1 DLA-2371-1 DLA-2269-1}
	- wordpress 5.4.2+dfsg1-1 (bug #962685)
	NOTE: https://core.trac.wordpress.org/changeset/47949
	NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-q6pw-gvf4-5fj5
	NOTE: https://github.com/WordPress/wordpress-develop/commit/6ef777e9a022bee2a80fa671118e7e2657e52693
CVE-2020-4046 (In affected versions of WordPress, users with low privileges (like con ...)
	- wordpress 5.4.2+dfsg1-1 (bug #962685)
	[buster] - wordpress <not-affected> (Vulnerable code introduced later)
	[stretch] - wordpress <not-affected> (Vulnerable code introduced later)
	[jessie] - wordpress <not-affected> (Vulnerable code introduced later)
	NOTE: https://core.trac.wordpress.org/changeset/47947
	NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-rpwf-hrh2-39jf
CVE-2020-4047 (In affected versions of WordPress, authenticated users with upload per ...)
	{DSA-4709-1 DLA-2371-1 DLA-2269-1}
	- wordpress 5.4.2+dfsg1-1 (bug #962685)
	NOTE: https://core.trac.wordpress.org/changeset/47948
	NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-8q2w-5m27-wm27
	NOTE: https://github.com/WordPress/wordpress-develop/commit/0977c0d6b241479ecedfe19e96be69f727c3f81f
CVE-2020-14038
	RESERVED
CVE-2020-14037
	RESERVED
CVE-2020-14036
	RESERVED
CVE-2020-14035
	RESERVED
CVE-2020-14034 (An issue was discovered in janus-gateway (aka Janus WebRTC Server) thr ...)
	- janus 0.10.2-1
	NOTE: https://github.com/meetecho/janus-gateway/pull/2229
	NOTE: https://github.com/meetecho/janus-gateway/commit/dacb4edfad8e77f73b64d8c175cca0a7796ebf80
CVE-2020-14033 (An issue was discovered in janus-gateway (aka Janus WebRTC Server) thr ...)
	- janus 0.10.2-1
	NOTE: https://github.com/meetecho/janus-gateway/pull/2229
	NOTE: https://github.com/meetecho/janus-gateway/commit/dacb4edfad8e77f73b64d8c175cca0a7796ebf80
CVE-2020-14032 (ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege escalation via ...)
	NOT-FOR-US: ASRock
CVE-2020-14031 (An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The ou ...)
	NOT-FOR-US: Ozeki NG SMS Gateway
CVE-2020-14030 (An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. It sto ...)
	NOT-FOR-US: Ozeki NG SMS Gateway
CVE-2020-14029 (An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The RS ...)
	NOT-FOR-US: Ozeki NG SMS Gateway
CVE-2020-14028 (An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. By lev ...)
	NOT-FOR-US: Ozeki NG SMS Gateway
CVE-2020-14027 (An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The da ...)
	NOT-FOR-US: Ozeki NG SMS Gateway
CVE-2020-14026 (CSV Injection (aka Excel Macro Injection or Formula Injection) exists  ...)
	NOT-FOR-US: Ozeki NG SMS Gateway
CVE-2020-14025 (Ozeki NG SMS Gateway through 4.17.6 has multiple CSRF vulnerabilities. ...)
	NOT-FOR-US: Ozeki NG SMS Gateway
CVE-2020-14024 (Ozeki NG SMS Gateway through 4.17.6 has multiple authenticated stored  ...)
	NOT-FOR-US: Ozeki NG SMS Gateway
CVE-2020-14023 (Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To  ...)
	NOT-FOR-US: Ozeki NG SMS Gateway
CVE-2020-14022 (Ozeki NG SMS Gateway 4.17.1 through 4.17.6 does not check the file typ ...)
	NOT-FOR-US: Ozeki NG SMS Gateway
CVE-2020-14021 (An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The AS ...)
	NOT-FOR-US: Ozeki NG SMS Gateway
CVE-2020-14020
	RESERVED
CVE-2020-14019 (Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/targ ...)
	- python-rtslib-fb 2.1.71-3 (bug #972227)
	[buster] - python-rtslib-fb <not-affected> (Introduced in 2.1.70)
	[stretch] - python-rtslib-fb <not-affected> (vulnerable code introduced later, shutil.copyfile is not used)
	[jessie] - python-rtslib-fb <not-affected> (vulnerable code introduced later, shutil.copyfile is not used)
	NOTE: https://github.com/open-iscsi/rtslib-fb/pull/162
	NOTE: https://github.com/open-iscsi/rtslib-fb/commit/75e73778dce1cb7a2816a936240ef75adfbd6ed9
CVE-2020-14018 (An issue was discovered in Navigate CMS 2.9 r1433. There is a stored X ...)
	NOT-FOR-US: Navigate CMS
CVE-2020-14017 (An issue was discovered in Navigate CMS 2.9 r1433. Sessions, as well a ...)
	NOT-FOR-US: Navigate CMS
CVE-2020-14016 (An issue was discovered in Navigate CMS 2.9 r1433. The forgot-password ...)
	NOT-FOR-US: Navigate CMS
CVE-2020-14015 (An issue was discovered in Navigate CMS 2.9 r1433. When performing a p ...)
	NOT-FOR-US: Navigate CMS
CVE-2020-14014 (An issue was discovered in Navigate CMS 2.8 and 2.9 r1433. The query p ...)
	NOT-FOR-US: Navigate CMS
CVE-2020-14013
	RESERVED
CVE-2020-14012 (scp/categories.php in osTicket 1.14.2 allows XSS via a Knowledgebase C ...)
	NOT-FOR-US: osTicket
CVE-2020-14011 (Lansweeper 6.0.x through 7.2.x has a default installation in which the ...)
	NOT-FOR-US: Lansweeper
CVE-2020-14010 (The Laborator Xenon theme 1.3 for WordPress allows Reflected XSS via t ...)
	NOT-FOR-US: Laborator Xenon theme for WordPress
CVE-2020-14009 (Proofpoint Enterprise Protection (PPS/PoD) before 8.16.4 contains a vu ...)
	NOT-FOR-US: Proofpoint Enterprise Protection (PPS/PoD)
CVE-2020-14008 (Zoho ManageEngine Applications Manager 14710 and before allows an auth ...)
	NOT-FOR-US: Zoho ManageEngine Applications Manager
CVE-2020-14007 (Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF ...)
	NOT-FOR-US: Solarwinds
CVE-2020-14006 (Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF ...)
	NOT-FOR-US: Solarwinds
CVE-2020-14005 (Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF ...)
	NOT-FOR-US: Solarwinds
CVE-2020-14004 (An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dir ...)
	- icinga2 2.11.5-1 (bug #970252)
	[buster] - icinga2 2.10.3-2+deb10u1
	[stretch] - icinga2 <not-affected> (prepare-dirs script not shipped)
	[jessie] - icinga2 <not-affected> (prepare-dirs script not shipped)
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/12/1
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1172171
	NOTE: https://github.com/Icinga/icinga2/commit/2f0f2e8c355b75fa4407d23f85feea037d2bc4b6
CVE-2020-14003
	RESERVED
CVE-2020-14002 (PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an in ...)
	- putty 0.74-1
	[buster] - putty <no-dsa> (Minor issue)
	[stretch] - putty <no-dsa> (Minor issue)
	[jessie] - putty <no-dsa> (Minor issue)
	NOTE: Fixed by: https://git.tartarus.org/?p=simon/putty.git;a=commit;h=08f1e2a5066ea95559945af339a60ca14560d764 (0.74)
CVE-2020-14001 (The kramdown gem before 2.3.0 for Ruby processes the template option i ...)
	{DSA-4743-1 DLA-2316-1}
	[experimental] - ruby-kramdown 2.3.0-1
	- ruby-kramdown 2.3.0-3 (bug #965305)
	NOTE: https://github.com/advisories/GHSA-mqm2-cgpr-p4m6
	NOTE: https://github.com/gettalong/kramdown/commit/1b8fd33c3120bfc6e5164b449e2c2fc9c9306fde
CVE-2020-14000 (MIT Lifelong Kindergarten Scratch scratch-vm before 0.2.0-prerelease.2 ...)
	NOT-FOR-US: scratch-vm different from src:scratch
CVE-2020-13999 (ScaleViewPortExtEx in libemf.cpp in libEMF (aka ECMA-234 Metafile Libr ...)
	- libemf 1.0.13-1 (bug #963778)
	[buster] - libemf <no-dsa> (Minor issue)
	NOTE: Fixed upstream in 1.0.13
CVE-2020-13998 (** UNSUPPORTED WHEN ASSIGNED ** Citrix XenApp 6.5, when 2FA is enabled ...)
	NOT-FOR-US: Citrix
CVE-2020-13997 (In Shopware before 6.2.3, the database password is leaked to an unauth ...)
	NOT-FOR-US: Shopware
CVE-2020-13996 (The J2Store plugin before 3.3.13 for Joomla! allows a SQL injection at ...)
	NOT-FOR-US: J2Store plugin for Joomla!
CVE-2020-13995 (U.S. Air Force Sensor Data Management System extract75 has a buffer ov ...)
	NOT-FOR-US: U.S. Air Force Sensor Data Management System extract75
CVE-2020-13994 (An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A pri ...)
	NOT-FOR-US: Mods for HESK
CVE-2020-13993 (An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A bli ...)
	NOT-FOR-US: Mods for HESK
CVE-2020-13992 (An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A Sto ...)
	NOT-FOR-US: Mods for HESK
CVE-2020-13991 (vm/opcodes.c in JerryScript 2.2.0 allows attackers to hijack the flow  ...)
	- iotjs <not-affected> (Vulnerable code not present; cf. #972228)
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3858
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3859
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3860
	NOTE: https://github.com/jerryscript-project/jerryscript/pull/3867
CVE-2020-13990
	RESERVED
CVE-2020-13989
	RESERVED
CVE-2020-13988 (An issue was discovered in Contiki through 3.0. An Integer Overflow ex ...)
	- open-iscsi 2.1.3-1
	[buster] - open-iscsi <no-dsa> (Minor issue)
	[stretch] - open-iscsi <no-dsa> (Minor issue)
	NOTE: https://groups.google.com/g/open-iscsi/c/iRS9fcB1bJU/m/BbxY1SGPEwAJ
	NOTE: Adressed upstream in 2.1.3 release
CVE-2020-13987 (An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read  ...)
	- open-iscsi 2.1.3-1
	[buster] - open-iscsi <no-dsa> (Minor issue)
	[stretch] - open-iscsi <no-dsa> (Minor issue)
	NOTE: https://github.com/open-iscsi/open-iscsi/security/advisories/GHSA-r278-fm99-8rgp
	NOTE: https://groups.google.com/g/open-iscsi/c/iRS9fcB1bJU/m/BbxY1SGPEwAJ
	NOTE: Adressed upstream in 2.1.3 release
CVE-2020-13986 (An issue was discovered in Contiki through 3.0. An infinite loop exist ...)
	NOT-FOR-US: Contiki
CVE-2020-13985 (An issue was discovered in Contiki through 3.0. A memory corruption vu ...)
	NOT-FOR-US: Contiki
CVE-2020-13984 (An issue was discovered in Contiki through 3.0. An infinite loop exist ...)
	NOT-FOR-US: Contiki
CVE-2020-13983
	REJECTED
CVE-2020-13982
	RESERVED
CVE-2020-13981
	RESERVED
CVE-2020-13980 (** DISPUTED ** OpenCart 3.0.3.3 allows remote authenticated users to c ...)
	NOT-FOR-US: OpenCart
CVE-2020-13979
	RESERVED
CVE-2020-13978 (** DISPUTED ** Monstra CMS 3.0.4 allows an attacker, who already has a ...)
	NOT-FOR-US: Monstra CMS
CVE-2020-13977 (Nagios 4.4.5 allows an attacker, who already has administrative access ...)
	- nagios4 4.3.4-4 (bug #962826)
	[buster] - nagios4 <no-dsa> (Minor issue)
	NOTE: https://github.com/NagiosEnterprises/nagioscore/commit/8deeca7cad3df1143ad9c351d107b5c0a6c61213
CVE-2020-13976 (** DISPUTED ** An issue was discovered in DD-WRT through 16214. The Di ...)
	NOT-FOR-US: DD-WRT
CVE-2020-13975
	RESERVED
CVE-2020-13974 (An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers ...)
	{DLA-2323-1}
	- linux 5.7.6-1
	[buster] - linux 4.19.131-1
	[stretch] - linux 4.9.228-1
	NOTE: https://git.kernel.org/linus/b86dab054059b970111b5516ae548efaae5b3aae
CVE-2020-13973 (OWASP json-sanitizer before 1.2.1 allows XSS. An attacker who controls ...)
	NOT-FOR-US: OWASP json-sanitizer
CVE-2020-13972 (Enghouse Web Chat 6.2.284.34 allows XSS. When one enters their own dom ...)
	NOT-FOR-US: Enghouse Web Chat
CVE-2020-13971 (In Shopware before 6.2.3, authenticated users are allowed to use the M ...)
	NOT-FOR-US: Shopware
CVE-2020-13970 (Shopware before 6.2.3 is vulnerable to a Server-Side Request Forgery ( ...)
	NOT-FOR-US: Shopware
CVE-2020-13969 (CRK Business Platform &lt;= 2019.1 allows reflected XSS via erro.aspx  ...)
	NOT-FOR-US: CRK Business Platform
CVE-2020-13968 (CRK Business Platform &lt;= 2019.1 allows can inject SQL statements ag ...)
	NOT-FOR-US: CRK Business Platform
CVE-2020-13967
	RESERVED
CVE-2020-13966
	RESERVED
CVE-2020-13963 (SOPlanning before 1.47 has Incorrect Access Control because certain se ...)
	NOT-FOR-US: SOPlanning
CVE-2020-13962 (Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 ...)
	- qtbase-opensource-src 5.14.2+dfsg-6
	[buster] - qtbase-opensource-src <not-affected> (Only affects 5.12.2 and later)
	[stretch] - qtbase-opensource-src <not-affected> (Only affects 5.12.2 and later)
	[jessie] - qtbase-opensource-src <not-affected> (Only affects 5.12.2 and later)
	NOTE: https://bugreports.qt.io/browse/QTBUG-83450
	NOTE: https://github.com/mumble-voip/mumble/issues/3679
	NOTE: https://github.com/mumble-voip/mumble/pull/4032
CVE-2020-13961 (Strapi before 3.0.2 could allow a remote authenticated attacker to byp ...)
	NOT-FOR-US: Strapi
CVE-2020-13960 (D-Link DSL 2730-U IN_1.10 and IN_1.11 and DIR-600M 3.04 devices have t ...)
	NOT-FOR-US: D-Link
CVE-2020-13959 (The default error page for VelocityView in Apache Velocity Tools prior ...)
	{DLA-2597-1}
	- velocity-tools 2.0-8 (bug #985221)
	[buster] - velocity-tools <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2021/03/10/2
	NOTE: Fixed by: https://github.com/apache/velocity-tools/commit/e141828a4eb03e4b0224535eed12b5c463a24152
CVE-2020-13958 (A vulnerability in Apache OpenOffice scripting events allows an attack ...)
	NOT-FOR-US: Apache OpenOffice
CVE-2020-13957 (Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 ...)
	- lucene-solr <not-affected> (Vulnerable functionality not yet present)
CVE-2020-13956 (Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misin ...)
	{DSA-4772-1 DLA-2405-1}
	- httpcomponents-client 4.5.13-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1886587
	NOTE: Fixed by: https://github.com/apache/httpcomponents-client/commit/e628b4c5c464c2fa346385596cc78e035a91a62e (4.5.13-RC1)
CVE-2020-13955 (HttpUtils#getURLConnection method disables explicitly hostname verific ...)
	NOT-FOR-US: Apache Calcite
CVE-2020-13954 (By default, Apache CXF creates a /services page containing a listing o ...)
	NOT-FOR-US: Apache CXF
CVE-2020-13953 (In Apache Tapestry from 5.4.0 to 5.5.0, crafting specific URLs, an att ...)
	NOT-FOR-US: Apache Tapestry
CVE-2020-13952 (In the course of work on the open source project it was discovered tha ...)
	NOT-FOR-US: Apache Superset
CVE-2020-13951 (Attackers can use public NetTest web service of Apache OpenMeetings 4. ...)
	NOT-FOR-US: Apache OpenMeetings
CVE-2020-13950 (Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be mad ...)
	[experimental] - apache2 2.4.48-1
	- apache2 2.4.46-6
	[buster] - apache2 <not-affected> (Vulnerable code not present)
	[stretch] - apache2 <not-affected> (Vulnerable code not present)
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-13950
	NOTE: Fixed by: https://svn.apache.org/r1678771
	NOTE: Introduced by: https://svn.apache.org/r1656259
CVE-2020-13949 (In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send sho ...)
	- thrift <unfixed> (bug #988949)
	[bullseye] - thrift <no-dsa> (Minor issue)
	[buster] - thrift <no-dsa> (Minor issue)
	NOTE: https://seclists.org/oss-sec/2021/q1/140
CVE-2020-13948 (While investigating a bug report on Apache Superset, it was determined ...)
	NOT-FOR-US: Apache Superset
CVE-2020-13947 (An instance of a cross-site scripting vulnerability was identified to  ...)
	- activemq <unfixed> (unimportant)
	NOTE: Admin console not enabled in the Debian package, see #702670)
	NOTE: Fixed in 5.15.13, 5.16.1
CVE-2020-13946 (In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.1 ...)
	- cassandra <itp> (bug #585905)
CVE-2020-13945 (In Apache APISIX, the user enabled the Admin API and deleted the Admin ...)
	NOT-FOR-US: Apache APISIX
CVE-2020-13944 (In Apache Airflow &lt; 1.10.12, the "origin" parameter passed to some  ...)
	- airflow <itp> (bug #819700)
CVE-2020-13943 (If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7 ...)
	{DSA-4835-1 DLA-2407-1}
	- tomcat9 9.0.38-1
	- tomcat8 <removed>
	NOTE: https://github.com/apache/tomcat/commit/55911430df13f8c9998fbdee1f9716994d2db59b (9.0.38)
	NOTE: https://github.com/apache/tomcat/commit/9d7def063b47407a09a2f9202beed99f4dcb292a (8.5.58)
CVE-2020-13942 (It is possible to inject malicious OGNL or MVEL scripts into the /cont ...)
	NOT-FOR-US: Apache Unomi
CVE-2020-13941 (Reported in SOLR-14515 (private) and fixed in SOLR-14561 (public), rel ...)
	- lucene-solr 3.6.2+dfsg-23
	[buster] - lucene-solr <ignored> (Minor issue)
	[stretch] - lucene-solr <ignored> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2020/08/15/1
	NOTE: https://issues.apache.org/jira/browse/SOLR-14561
	NOTE: https://github.com/apache/lucene-solr/commit/936b9d770e769c9018a9f408d576f52e7c4e8be2
	NOTE: Server components disabled in 3.6.2+dfsg-23, using that as the fixed version
CVE-2020-13940 (In Apache NiFi 1.0.0 to 1.11.4, the notification service manager and v ...)
	NOT-FOR-US: Apache NiFi
CVE-2020-13939
	REJECTED
CVE-2020-13938 (Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users c ...)
	- apache2 <not-affected> (Only affects Apache on Windows)
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-13938
CVE-2020-13937 (Apache Kylin 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2 ...)
	NOT-FOR-US: Apache Kylin (different from Kylin desktop environment)
CVE-2020-13936 (An attacker that is able to modify Velocity templates may execute arbi ...)
	{DLA-2595-1}
	- velocity 1.7-6 (bug #985220)
	[buster] - velocity 1.7-5+deb10u1
	NOTE: https://www.openwall.com/lists/oss-security/2021/03/10/1
	NOTE: Fixed by: https://github.com/apache/velocity-engine/commit/1ba60771d23dae7e6b3138ae6bee09cf6f9d2485
CVE-2020-13935 (The payload length in a WebSocket frame was not correctly validated in ...)
	{DSA-4727-1 DLA-2286-1}
	- tomcat9 9.0.37-1
	- tomcat8 <removed>
	NOTE: https://www.openwall.com/lists/oss-security/2020/07/14/3
	NOTE: https://github.com/apache/tomcat/commit/12d715676038efbf9c728af10163f8277fc019d5 (8.5.57)
	NOTE: https://github.com/apache/tomcat/commit/40fa74c74822711ab878079d0a69f7357926723d (9.0.37)
CVE-2020-13934 (An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0. ...)
	{DSA-4727-1 DLA-2286-1}
	- tomcat9 9.0.37-1
	- tomcat8 <removed>
	NOTE: https://www.openwall.com/lists/oss-security/2020/07/14/4
	NOTE: https://github.com/apache/tomcat/commit/923d834500802a61779318911d7898bd85fc950e (8.5.57)
	NOTE: https://github.com/apache/tomcat/commit/172977f04a5215128f1e278a688983dcd230f399 (9.0.37)
CVE-2020-13933 (Apache Shiro before 1.6.0, when using Apache Shiro, a specially crafte ...)
	{DLA-2726-1}
	- shiro 1.3.2-5 (bug #968753)
	[bullseye] - shiro 1.3.2-4+deb11u1
	[buster] - shiro 1.3.2-4+deb10u1
	NOTE: https://lists.apache.org/thread.html/r539f87706094e79c5da0826030384373f0041068936912876856835f%40%3Cdev.shiro.apache.org%3E
CVE-2020-13932 (In Apache ActiveMQ Artemis 2.5.0 to 2.13.0, a specially crafted MQTT p ...)
	NOT-FOR-US: Apache ActiveMQ Artemis
	NOTE: https://activemq.apache.org/security-advisories.data/CVE-2020-13932-announcement.txt
CVE-2020-13931 (If Apache TomEE 8.0.0-M1 - 8.0.3, 7.1.0 - 7.1.3, 7.0.0-M1 - 7.0.8, 1.0 ...)
	NOT-FOR-US: Apache TomEE
CVE-2020-13930
	RESERVED
CVE-2020-13929 (Authentication bypass vulnerability in Apache Zeppelin allows an attac ...)
	NOT-FOR-US: Apache Zeppelin
CVE-2020-13928 (Apache Atlas before 2.1.0 contain a XSS vulnerability. While saving se ...)
	NOT-FOR-US: Apache Atlas
CVE-2020-13927 (The previous default setting for Airflow's Experimental API was to all ...)
	- airflow <itp> (bug #819700)
CVE-2020-13926 (Kylin concatenates and executes a Hive SQL in Hive CLI or beeline when ...)
	NOT-FOR-US: Apache Kylin (different from Kylin desktop environment)
CVE-2020-13925 (Similar to CVE-2020-1956, Kylin has one more restful API which concate ...)
	NOT-FOR-US: Apache Kylin (different from Kylin desktop environment)
CVE-2020-13924 (In Apache Ambari versions 2.6.2.2 and earlier, malicious users can con ...)
	NOT-FOR-US: Apache Ambari
CVE-2020-13923 (IDOR vulnerability in the order processing feature from ecommerce comp ...)
	NOT-FOR-US: Apache OFBiz
CVE-2020-13922 (Versions of Apache DolphinScheduler prior to 1.3.2 allowed an ordinary ...)
	NOT-FOR-US: Apache DolphinScheduler
CVE-2020-13921 (**Resolved** Only when using H2/MySQL/TiDB as Apache SkyWalking storag ...)
	NOT-FOR-US: Apache SkyWalking
CVE-2020-13920 (Apache ActiveMQ uses LocateRegistry.createRegistry() to create the JMX ...)
	{DLA-2400-1}
	- activemq 5.16.0-1
	[buster] - activemq <no-dsa> (Minor issue; can be fixed via point release)
	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2020-13920-announcement.txt
	NOTE: When fixing this issue make sure to use a complete fix and not open up
	NOTE: CVE-2020-11998 (a regression introduced in 5.15.12 in the commit preventing
	NOTE: JMX re-bind).
	NOTE: Fixed by: https://github.com/apache/activemq/commit/c29244931d54affaceabb478b3a52d9b74f5d543 (activemq-5.15.12)
	NOTE: Followup needed: https://github.com/apache/activemq/commit/0d6e5f240ef34bae2e4089102047593bef628e6c (activemq-5.15.13)
CVE-2020-13919 (emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow ...)
	NOT-FOR-US: Ruckus Wireless Unleashed
CVE-2020-13918 (Incorrect access control in webs in Ruckus Wireless Unleashed through  ...)
	NOT-FOR-US: Ruckus Wireless Unleashed
CVE-2020-13917 (rkscli in Ruckus Wireless Unleashed through 200.7.10.92 allows a remot ...)
	NOT-FOR-US: Ruckus Wireless Unleashed
CVE-2020-13916 (A stack buffer overflow in webs in Ruckus Wireless Unleashed through 2 ...)
	NOT-FOR-US: Ruckus Wireless Unleashed
CVE-2020-13915 (Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed throu ...)
	NOT-FOR-US: Ruckus Wireless Unleashed
CVE-2020-13914 (webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a rem ...)
	NOT-FOR-US: Ruckus Wireless Unleashed
CVE-2020-13913 (An XSS issue in emfd in Ruckus Wireless Unleashed through 200.7.10.102 ...)
	NOT-FOR-US: Ruckus Wireless Unleashed
CVE-2020-13912 (SolarWinds Advanced Monitoring Agent before 10.8.9 allows local users  ...)
	NOT-FOR-US: SolarWinds Advanced Monitoring Agent
CVE-2020-13911 (Your Online Shop 1.8.0 allows authenticated users to trigger XSS via a ...)
	NOT-FOR-US: Your Online Shop
CVE-2020-13910 (Pengutronix Barebox through v2020.05.0 has an out-of-bounds read in nf ...)
	NOT-FOR-US: Pengutronix Barebox
CVE-2020-13909 (The Ignition component before 2.0.5 for Laravel mishandles globals, _g ...)
	NOT-FOR-US: Laravel Ignition component
CVE-2020-13908
	RESERVED
CVE-2020-13907
	RESERVED
CVE-2020-13906 (IrfanView 4.54 allows a user-mode write access violation starting at F ...)
	NOT-FOR-US: IrfanView
CVE-2020-13905 (IrfanView 4.54 allows a user-mode write access violation starting at F ...)
	NOT-FOR-US: IrfanView
CVE-2020-13904 (FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duratio ...)
	{DSA-4722-1 DLA-2291-1}
	- ffmpeg 7:4.3.1-1
	NOTE: https://patchwork.ffmpeg.org/project/ffmpeg/patch/20200529033905.41926-1-lq@chinaffmpeg.org/
	NOTE: https://github.com/FFmpeg/FFmpeg/commit/9dfb19baeb86a8bb02c53a441682c6e9a6e104cc
	NOTE: https://trac.ffmpeg.org/ticket/8673
CVE-2020-13903
	REJECTED
CVE-2020-13902 (ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-re ...)
	- imagemagick 8:6.9.11.24+dfsg-1
	[buster] - imagemagick <not-affected> (Not affected, tiff uses TIFF_SETGET_C32_UINT32)
	[stretch] - imagemagick <not-affected> (Not affected, tiff uses TIFF_SETGET_C32_UINT32)
	[jessie] - imagemagick <not-affected> (Not affected, tiff uses TIFF_SETGET_C32_UINT32)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20920
	NOTE: https://github.com/ImageMagick/ImageMagick/discussions/2132
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/824f344ceb823e156ad6e85314d79c087933c2a0
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/218d6abc4e36596c90a07463bfb2ab9e8312efbb
CVE-2020-13901 (An issue was discovered in janus-gateway (aka Janus WebRTC Server) thr ...)
	- janus 0.10.1-1 (bug #962680)
	NOTE: https://github.com/meetecho/janus-gateway/pull/2214
	NOTE: https://github.com/meetecho/janus-gateway/pull/2214/commits/90cc2ada775c4d4d8f6ae66f96b4ec7588e4bc86
CVE-2020-13900 (An issue was discovered in janus-gateway (aka Janus WebRTC Server) thr ...)
	- janus 0.10.1-1 (bug #962680)
	NOTE: https://github.com/meetecho/janus-gateway/pull/2214
	NOTE: https://github.com/meetecho/janus-gateway/pull/2214/commits/5f33d5e1073207f7275a726b7bb4cd7dbb08d13a
CVE-2020-13899 (An issue was discovered in janus-gateway (aka Janus WebRTC Server) thr ...)
	- janus 0.10.1-1 (bug #962680)
	NOTE: https://github.com/meetecho/janus-gateway/pull/2214
	NOTE: https://github.com/meetecho/janus-gateway/pull/2214/commits/f46f27fb129fd1b3744830b4fc6e75ab78794636
CVE-2020-13898 (An issue was discovered in janus-gateway (aka Janus WebRTC Server) thr ...)
	- janus 0.10.1-1 (bug #962680)
	NOTE: https://github.com/meetecho/janus-gateway/pull/2214
	NOTE: https://github.com/meetecho/janus-gateway/pull/2214/commits/2ed485d04630b9ee9de7c96517135654b7f32120
CVE-2020-13897 (HESK before 3.1.10 allows reflected XSS. ...)
	NOT-FOR-US: HESK
CVE-2020-13896 (The web interface of Maipu MP1800X-50 7.5.3.14(R) devices allows remot ...)
	NOT-FOR-US: Maipu devices
CVE-2020-13894 (handler/upload_handler.jsp in DEXT5 Editor through 3.5.1402961 allows  ...)
	NOT-FOR-US: DEXT5 Editor
CVE-2020-13893 (Multiple stored cross-site scripting (XSS) vulnerabilities in Sage Eas ...)
	NOT-FOR-US: Sage EasyPay
CVE-2020-13892 (The SportsPress plugin before 2.7.2 for WordPress allows XSS. ...)
	NOT-FOR-US: SportsPress plugin for WordPress
CVE-2020-13891 (An issue was discovered in Mattermost Mobile Apps before 1.31.2 on iOS ...)
	NOT-FOR-US: Mattermost
CVE-2020-13890 (The Neon theme 2.0 before 2020-06-03 for Bootstrap allows XSS via an A ...)
	NOT-FOR-US: Bootstrap theme
CVE-2020-13889 (showAlert() in the administration panel in Bludit 3.12.0 allows XSS. ...)
	NOT-FOR-US: Bludit
CVE-2020-13888 (Kordil EDMS through 2.2.60rc3 allows stored XSS in users_edit.php, use ...)
	NOT-FOR-US: Kordil EDMS
CVE-2020-13887 (documents_add.php in Kordil EDMS through 2.2.60rc3 allows Remote Comma ...)
	NOT-FOR-US: Kordil EDMS
CVE-2020-13895 (Crypt::Perl::ECDSA in the Crypt::Perl (aka p5-Crypt-Perl) module befor ...)
	- libcrypt-perl-perl <itp> (bug #907353)
	NOTE: https://github.com/FGasper/p5-Crypt-Perl/issues/14
	NOTE: https://github.com/FGasper/p5-Crypt-Perl/commit/f960ce75502acf7404187231a706672f8369acb2
CVE-2020-13886 (Intelbras TIP 200 60.61.75.15, TIP 200 LITE 60.61.75.15, and TIP 300 6 ...)
	NOT-FOR-US: Intelbras TIP
CVE-2020-13885 (Citrix Workspace App before 1912 on Windows has Insecure Permissions w ...)
	NOT-FOR-US: Citrix
CVE-2020-13884 (Citrix Workspace App before 1912 on Windows has Insecure Permissions a ...)
	NOT-FOR-US: Citrix
CVE-2020-13883 (In WSO2 API Manager 3.0.0 and earlier, WSO2 API Microgateway 2.2.0, an ...)
	NOT-FOR-US: WSO2 API Manager
CVE-2020-13882 (CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TO ...)
	- lynis 3.0.0-1 (unimportant)
	NOTE: Neutralised by kernel hardening
	NOTE: https://github.com/CISOfy/lynis/pull/594
	NOTE: https://github.com/CISOfy/lynis/commit/5b09da0d9878096d45f04b858c4f65e674369ab4
CVE-2020-13881 (In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared se ...)
	{DLA-2730-1 DLA-2239-1}
	- libpam-tacplus 1.3.8-2.1 (low; bug #962830)
	[buster] - libpam-tacplus 1.3.8-2+deb10u1
	[stretch] - libpam-tacplus <no-dsa> (Minor issue)
	NOTE: https://github.com/kravietz/pam_tacplus/commit/4a9852c31c2fd0c0e72fbb689a586aabcfb11cb0
	NOTE: https://github.com/kravietz/pam_tacplus/issues/149
CVE-2020-13880
	RESERVED
CVE-2020-13879
	RESERVED
CVE-2020-13878
	RESERVED
CVE-2020-13877 (SQL Injection issues in various ASPX pages of ResourceXpress Meeting M ...)
	NOT-FOR-US: ResourceXpress Meeting Monitor
CVE-2020-13876
	RESERVED
CVE-2020-13875
	RESERVED
CVE-2020-13874
	RESERVED
CVE-2020-13873 (A SQL Injection vulnerability in get_topic_info() in sys/CODOF/Forum/T ...)
	NOT-FOR-US: Codoforum
CVE-2020-13872 (Royal TS before 5 has a 0.0.0.0 listener, which makes it easier for at ...)
	NOT-FOR-US: Royal TS
CVE-2020-13871 (SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c bec ...)
	{DLA-2340-1}
	- sqlite3 3.32.2-2
	[buster] - sqlite3 <not-affected> (Vulnerability introduced later)
	[jessie] - sqlite3 <not-affected> (Vulnerable code not present)
	NOTE: New fix: https://www.sqlite.org/src/info/44a58d6cb135a104
	NOTE: Fixed by: https://www.sqlite.org/src/info/79eff1d0383179c4
	NOTE: https://www.sqlite.org/src/info/c8d3b9f0a750a529
	NOTE: https://www.sqlite.org/src/info/cd708fa84d2aaaea
CVE-2020-13870 (An issue was discovered in the Comments plugin before 1.5.5 for Craft  ...)
	NOT-FOR-US: Comments plugin for Craft CMS
CVE-2020-13869 (An issue was discovered in the Comments plugin before 1.5.6 for Craft  ...)
	NOT-FOR-US: Comments plugin for Craft CMS
CVE-2020-13868 (An issue was discovered in the Comments plugin before 1.5.5 for Craft  ...)
	NOT-FOR-US: Comments plugin for Craft CMS
CVE-2020-13867 (Open-iSCSI targetcli-fb through 2.1.52 has weak permissions for /etc/t ...)
	- targetcli-fb 1:2.1.53-1 (low; bug #962331)
	[buster] - targetcli-fb <no-dsa> (Minor issue)
	[stretch] - targetcli-fb <no-dsa> (Minor issue)
	NOTE: https://github.com/open-iscsi/targetcli-fb/pull/172
CVE-2020-13866 (WinGate v9.4.1.5998 has insecure permissions for the installation dire ...)
	NOT-FOR-US: WinGate
CVE-2020-13865 (The Elementor Page Builder plugin before 2.9.9 for WordPress suffers f ...)
	NOT-FOR-US: Elementor Page Builder plugin for WordPress
CVE-2020-13864 (The Elementor Page Builder plugin before 2.9.9 for WordPress suffers f ...)
	NOT-FOR-US: Elementor Page Builder plugin for WordPress
CVE-2020-13863 (The SAS portal of Mitel MiCollab before 9.1.3 could allow an attacker  ...)
	NOT-FOR-US: Mitel
CVE-2020-13862
	RESERVED
CVE-2020-13861
	RESERVED
CVE-2020-13860 (An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std dev ...)
	NOT-FOR-US: Mofi Network devices
CVE-2020-13859 (An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std dev ...)
	NOT-FOR-US: Mofi Network devices
CVE-2020-13858 (An issue was discovered on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and ...)
	NOT-FOR-US: Mofi Network devices
CVE-2020-13857 (An issue was discovered on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and ...)
	NOT-FOR-US: Mofi Network devices
CVE-2020-13856 (An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std dev ...)
	NOT-FOR-US: Mofi Network devices
CVE-2020-13855 (Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remot ...)
	NOT-FOR-US: Artica Pandora FMS
CVE-2020-13854 (Artica Pandora FMS 7.44 allows privilege escalation. ...)
	NOT-FOR-US: Artica Pandora FMS
CVE-2020-13853 (Artica Pandora FMS 7.44 has persistent XSS in the Messages feature. ...)
	NOT-FOR-US: Artica Pandora FMS
CVE-2020-13852 (Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remot ...)
	NOT-FOR-US: Artica Pandora FMS
CVE-2020-13851 (Artica Pandora FMS 7.44 allows remote command execution via the events ...)
	NOT-FOR-US: Artica Pandora FMS
CVE-2020-13850 (Artica Pandora FMS 7.44 has inadequate access controls on a web folder ...)
	NOT-FOR-US: Artica Pandora FMS
CVE-2020-13849 (The MQTT protocol 3.1.1 requires a server to set a timeout value of 1. ...)
	NOT-FOR-US: MQTT protocol flaw
CVE-2020-13848 (Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attac ...)
	{DLA-2585-1 DLA-2238-1}
	- pupnp-1.8 <unfixed> (bug #962282)
	[bullseye] - pupnp-1.8 <no-dsa> (Minor issue)
	[buster] - pupnp-1.8 <no-dsa> (Minor issue)
	- libupnp <removed>
	NOTE: https://github.com/pupnp/pupnp/issues/177
	NOTE: https://github.com/pupnp/pupnp/commit/c805c1de1141cb22f74c0d94dd5664bda37398e0
CVE-2020-13847 (Sylabs Singularity 3.0 through 3.5 lacks support for an Integrity Chec ...)
	[experimental] - singularity-container 3.9.4+ds2-1
	- singularity-container <unfixed> (bug #965040)
	NOTE: https://github.com/hpcng/singularity/security/advisories/GHSA-m7j2-9565-4h9v
CVE-2020-13846 (Sylabs Singularity 3.5.0 through 3.5.3 fails to report an error in a S ...)
	[experimental] - singularity-container 3.9.4+ds2-1
	- singularity-container <unfixed> (bug #965040)
	NOTE: https://github.com/hpcng/singularity/security/advisories/GHSA-6w7g-p4jh-rf92
CVE-2020-13845 (Sylabs Singularity 3.0 through 3.5 has Improper Validation of an Integ ...)
	[experimental] - singularity-container 3.9.4+ds2-1
	- singularity-container <unfixed> (bug #965040)
	NOTE: https://github.com/hpcng/singularity/security/advisories/GHSA-pmfr-63c2-jr5c
CVE-2020-13844 (Arm Armv8-A core implementations utilizing speculative execution past  ...)
	NOTE: https://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
	NOTE: https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
	NOTE: Hardware issue, mitigations to intrusive to backport (and would require to recompile
	NOTE: the entire distro, which is not warranted for the impact)
	NOTE: GCC patches:
	NOTE: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=a9ba2a9b77bec7eacaf066801f22d1c366a2bc86
	NOTE: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=be178ecd5ac1fe1510d960ff95c66d0ff831afe1
	NOTE: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=96b7f495f9269d5448822e4fc28882edb35a58d7
CVE-2020-13843 (An issue was discovered on LG mobile devices with Android OS software  ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-13842 (An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-13841 (An issue was discovered on LG mobile devices with Android OS 9 and 10  ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-13840 (An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-13839 (An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-13838 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-13837 (An issue was discovered on Samsung mobile devices with Q(10.0) softwar ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-13836 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-13835 (An issue was discovered on Samsung mobile devices with O(8.x) (with TE ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-13834 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-13833 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-13832 (An issue was discovered on Samsung mobile devices with Q(10.0) (with T ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-13831 (An issue was discovered on Samsung mobile devices with O(8.x) and P(9. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-13830 (An issue was discovered on Samsung mobile devices with P(9.0) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-13829 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-13828 (Dolibarr 11.0.4 is affected by multiple stored Cross-Site Scripting (X ...)
	- dolibarr <removed>
CVE-2020-13827 (phpList before 3.5.4 allows XSS via /lists/admin/user.php and /lists/a ...)
	- phplist <itp> (bug #612288)
CVE-2020-13826 (A CSV injection (aka Excel Macro Injection or Formula Injection) issue ...)
	NOT-FOR-US: i-doit
CVE-2020-13825 (A cross-site scripting (XSS) vulnerability in i-doit 1.14.2 allows rem ...)
	NOT-FOR-US: i-doit
CVE-2020-13824
	RESERVED
CVE-2020-13823
	RESERVED
CVE-2020-13822 (The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleabi ...)
	- node-elliptic 6.5.3~dfsg-1 (bug #963149)
	[buster] - node-elliptic 6.4.1~dfsg-1+deb10u1
	NOTE: https://github.com/indutny/elliptic/issues/226
CVE-2020-13821 (An issue was discovered in HiveMQ Broker Control Center 4.3.2. A craft ...)
	NOT-FOR-US: HiveMQ Broker Control Center
CVE-2020-13820 (Extreme Management Center 8.4.1.24 allows unauthenticated reflected XS ...)
	NOT-FOR-US: Extreme Management Center
CVE-2020-13819 (Extreme EAC Appliance 8.4.1.24 allows unauthenticated reflected XSS vi ...)
	NOT-FOR-US: Extreme EAC Appliance
CVE-2020-13818 (In Zoho ManageEngine OpManager before 125144, when &lt;cachestart&gt;  ...)
	NOT-FOR-US: Zoho ManageEngine OpManager
CVE-2020-13817 (ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote att ...)
	- ntp 1:4.2.8p14+dfsg-1 (low)
	[buster] - ntp <ignored> (Minor issue)
	[stretch] - ntp <ignored> (Minor issue)
	[jessie] - ntp <ignored> (Too intrusive to backport, requires new configuration)
	- ntpsec <not-affected> (Doesn't affect ntpsec per upstream, #964395)
	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3596
	NOTE: https://bugs.ntp.org/show_bug.cgi?id=3596
	NOTE: http://bk.ntp.org/ntp-stable/?PAGE=patch&REV=5e312021VVVkyioYBR_aeIP1LqMCVg (4.2.8p14)
	NOTE: http://bk.ntp.org/ntp-stable/?PAGE=patch&REV=5e4a536dzxRWAzMw-KsKjm04l6joNA (4.2.8p14)
CVE-2020-13816
	REJECTED
CVE-2020-13815 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. I ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-13814 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7.1. I ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-13813 (An issue was discovered in Foxit Studio Photo before 3.6.6.922. It all ...)
	NOT-FOR-US: Foxit Studio Photo
CVE-2020-13812 (An issue was discovered in Foxit Studio Photo before 3.6.6.922. It all ...)
	NOT-FOR-US: Foxit Studio Photo
CVE-2020-13811 (An issue was discovered in Foxit Studio Photo before 3.6.6.922. It has ...)
	NOT-FOR-US: Foxit Studio Photo
CVE-2020-13810 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. I ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-13809 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. I ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-13808 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. I ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-13807 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. I ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-13806 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. I ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-13805 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. I ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-13804 (An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. I ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-13803 (An issue was discovered in Foxit PhantomPDF Mac and Foxit Reader for M ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-13802 (Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command in ...)
	- rebar3 <not-affected> (Fixed before initial upload to Debian)
	NOTE: https://github.com/erlang/rebar3/pull/2302
	NOTE: https://github.com/erlang/rebar3/commit/2e2d1a6bb141a969b6483e082a2afd361fc2ece2
CVE-2020-13801
	RESERVED
CVE-2020-13799 (Western Digital has identified a security vulnerability in the Replay  ...)
	NOT-FOR-US: Western Digital iNAND devices
CVE-2020-13798 (An issue was discovered in Navigate CMS through 2.8.7. It allows XSS b ...)
	NOT-FOR-US: Navigate CMS
CVE-2020-13797 (An issue was discovered in Navigate CMS through 2.8.7. It allows XSS b ...)
	NOT-FOR-US: Navigate CMS
CVE-2020-13796 (An issue was discovered in Navigate CMS through 2.8.7. It allows XSS b ...)
	NOT-FOR-US: Navigate CMS
CVE-2020-13795 (An issue was discovered in Navigate CMS through 2.8.7. It allows Direc ...)
	NOT-FOR-US: Navigate CMS
CVE-2020-13794 (Harbor 1.9.* 1.10.* and 2.0.* allows Exposure of Sensitive Information ...)
	NOT-FOR-US: Harbor
CVE-2020-13793 (Unsafe storage of AD credentials in Ivanti DSM netinst 5.1 due to a st ...)
	NOT-FOR-US: Ivanti
CVE-2020-13792 (PlayTube 1.8 allows disclosure of user details via ajax.php?type=../ad ...)
	NOT-FOR-US: PlayTube
CVE-2020-13965 (An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x b ...)
	{DSA-4700-1}
	- roundcube 1.4.5+dfsg.1-1 (bug #962124)
	NOTE: 1.4.x: https://github.com/roundcube/roundcubemail/commit/ccaccae6653031b809b4347a60021951e19a0e43
	NOTE: 1.3.x: https://github.com/roundcube/roundcubemail/commit/884eb611627ef2bd5a2e20e02009ebb1eceecdc3
CVE-2020-13964 (An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x b ...)
	{DSA-4700-1}
	- roundcube 1.4.5+dfsg.1-1 (bug #962123)
	NOTE: 1.4.x: https://github.com/roundcube/roundcubemail/commit/4beec65d40c5e5b1f2bace935c110baf05e10ae5
	NOTE: 1.3.x: https://github.com/roundcube/roundcubemail/commit/37e2bc745723ef6322f0f785aefd0b9313a40f19
CVE-2020-13800 (ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to tri ...)
	- qemu 1:5.0-6
	[buster] - qemu <not-affected> (Vulnerable code introduced later)
	[stretch] - qemu <not-affected> (Vulnerable code introduced later)
	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/04/2
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00833.html
	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=a98610c429d52db0937c1e48659428929835c455
CVE-2020-13791 (hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of- ...)
	- qemu 1:5.0-6
	[buster] - qemu <not-affected> (Vulnerable code introduced later)
	[stretch] - qemu <not-affected> (Vulnerable code introduced later)
	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/04/1
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00831.html
CVE-2020-13790 (libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-r ...)
	{DLA-2302-1}
	- libjpeg-turbo 1:2.0.5-1 (bug #962829)
	[buster] - libjpeg-turbo 1:1.5.2-2+deb10u1
	[jessie] - libjpeg-turbo <ignored> (No package in Debian jessie uses the TurboJPEG API)
	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/433
	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/1bfb0b5247f4fc8f6677639781ce468543490216 (1.5.x)
	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/3de15e0c344d11d4b90f4a47136467053eb2d09a (2.0.x)
CVE-2020-13789
	RESERVED
CVE-2020-13788 (Harbor prior to 2.0.1 allows SSRF with this limitation: an attacker wi ...)
	NOT-FOR-US: Harbor
CVE-2020-13787 (D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Transmission of ...)
	NOT-FOR-US: D-Link
CVE-2020-13786 (D-Link DIR-865L Ax 1.20B01 Beta devices allow CSRF. ...)
	NOT-FOR-US: D-Link
CVE-2020-13785 (D-Link DIR-865L Ax 1.20B01 Beta devices have Inadequate Encryption Str ...)
	NOT-FOR-US: D-Link
CVE-2020-13784 (D-Link DIR-865L Ax 1.20B01 Beta devices have a predictable seed in a P ...)
	NOT-FOR-US: D-Link
CVE-2020-13783 (D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Storage of Sens ...)
	NOT-FOR-US: D-Link
CVE-2020-13782 (D-Link DIR-865L Ax 1.20B01 Beta devices allow Command Injection. ...)
	NOT-FOR-US: D-Link
CVE-2020-13781
	RESERVED
CVE-2020-13780
	RESERVED
CVE-2020-13779
	RESERVED
CVE-2020-13778 (rConfig 3.9.4 and earlier allows authenticated code execution (of syst ...)
	NOT-FOR-US: rConfig
CVE-2020-13777 (GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting  ...)
	{DSA-4697-1}
	- gnutls28 3.6.14-1 (bug #962289)
	[stretch] - gnutls28 <not-affected> (Vulnerable code introduced in 3.6.4)
	[jessie] - gnutls28 <not-affected> (Vulnerable code introduced in 3.6.4)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1843723
	NOTE: https://gnutls.org/security-new.html#GNUTLS-SA-2020-06-03
	NOTE: https://gitlab.com/gnutls/gnutls/-/issues/1011
	NOTE: https://gitlab.com/gnutls/gnutls/-/commit/c2646aeee94e71cb15c90a3147cf3b5b0ca158ca
	NOTE: https://gitlab.com/gnutls/gnutls/-/commit/3d7fae761e65e9d0f16d7247ee8a464d4fe002da
CVE-2020-13776 (systemd through v245 mishandles numerical usernames such as ones compo ...)
	- systemd 246-2 (unimportant)
	NOTE: https://github.com/systemd/systemd/issues/15985
	NOTE: https://github.com/systemd/systemd/commit/156a5fd297b61bce31630d7a52c15614bf784843 (v246-rc1)
	NOTE: https://github.com/systemd/systemd/commit/6495ceddf38aed2c9efdcf9d3440140190800b55 (v246-rc1)
	NOTE: Issue exists due to an incomplete fix for CVE-2017-1000082.
CVE-2020-13775 (ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an app ...)
	- znc 1.8.1-1 (bug #962105)
	[buster] - znc <not-affected> (Vulnerable code introduced later)
	[stretch] - znc <not-affected> (Vulnerable code introduced later)
	[jessie] - znc <not-affected> (Vulnerable code introduced later)
	NOTE: Fixed by: https://github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8 (znc-1.8.1-rc1)
	NOTE: Introduced with: https://github.com/znc/znc/commit/d229761821da38d984a9e4098ad96842490dc001 (znc-1.8.0)
CVE-2020-13774 (An unrestricted file-upload issue in EditLaunchPadDialog.aspx in Ivant ...)
	NOT-FOR-US: Ivanti
CVE-2020-13773 (Ivanti Endpoint Manager through 2020.1.1 allows XSS via /LDMS/frm_spli ...)
	NOT-FOR-US: Ivanti
CVE-2020-13772 (In /ldclient/ldprov.cgi in Ivanti Endpoint Manager through 2020.1.1, a ...)
	NOT-FOR-US: Ivanti
CVE-2020-13771 (Various components in Ivanti Endpoint Manager through 2020.1.1 rely on ...)
	NOT-FOR-US: Ivanti
CVE-2020-13770 (Several services are accessing named pipes in Ivanti Endpoint Manager  ...)
	NOT-FOR-US: Ivanti
CVE-2020-13769 (LDMS/alert_log.aspx in Ivanti Endpoint Manager through 2020.1 allows S ...)
	NOT-FOR-US: Ivanti
CVE-2020-13768 (In MiniShare before 1.4.2, there is a stack-based buffer overflow via  ...)
	NOT-FOR-US: MiniShare
CVE-2020-13767 (The Mitel MiCollab application before 9.1.332 for iOS could allow an u ...)
	NOT-FOR-US: Mitel
CVE-2020-13766
	RESERVED
CVE-2020-13765 (rom_copy() in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate ...)
	{DSA-4728-1 DLA-2288-1 DLA-2262-1}
	- qemu 1:4.2-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/03/6
	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=e423455c4f23a1a828901c78fe6d03b7dde79319
	NOTE: https://bugs.launchpad.net/qemu/+bug/1844635
CVE-2020-13764 (common.php in the Gravity Forms plugin before 2.4.9 for WordPress can  ...)
	NOT-FOR-US: Gravity Forms plugin for WordPress
CVE-2020-13763 (In Joomla! before 3.9.19, the default settings of the global textfilte ...)
	NOT-FOR-US: Joomla!
CVE-2020-13762 (In Joomla! before 3.9.19, incorrect input validation of the module tag ...)
	NOT-FOR-US: Joomla!
CVE-2020-13761 (In Joomla! before 3.9.19, lack of input validation in the heading tag  ...)
	NOT-FOR-US: Joomla!
CVE-2020-13760 (In Joomla! before 3.9.19, missing token checks in com_postinstall lead ...)
	NOT-FOR-US: Joomla!
CVE-2020-13759 (rust-vmm vm-memory before 0.1.1 and 0.2.x before 0.2.1 allows attacker ...)
	NOT-FOR-US: rust-vmm
CVE-2020-13758 (modules/security/classes/general.post_filter.php/post_filter.php in th ...)
	NOT-FOR-US: Bitrix24
CVE-2020-13757 (Python-RSA before 4.1 ignores leading '\0' bytes during decryption of  ...)
	- python-rsa 4.7.2-1 (bug #962142)
	[bullseye] - python-rsa <no-dsa> (Minor issue)
	[buster] - python-rsa <no-dsa> (Minor issue)
	[stretch] - python-rsa <no-dsa> (Minor issue)
	[jessie] - python-rsa <no-dsa> (Minor issue)
	NOTE: https://github.com/sybrenstuvel/python-rsa/issues/146
	NOTE: https://github.com/sybrenstuvel/python-rsa/commit/93af6f2f89a9bf28361e67716c4240e691520f30 (version-4.1)
CVE-2020-13756 (Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data ...)
	NOT-FOR-US: Sabberworm PHP CSS Parser
CVE-2020-13755
	RESERVED
CVE-2020-13753 (The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, f ...)
	{DSA-4724-1}
	- webkit2gtk 2.28.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.3-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0006.html
CVE-2020-13752
	REJECTED
CVE-2020-13751
	REJECTED
CVE-2020-13750
	REJECTED
CVE-2020-13749
	REJECTED
CVE-2020-13748
	REJECTED
CVE-2020-13747
	REJECTED
CVE-2020-13746
	REJECTED
CVE-2020-13745
	REJECTED
CVE-2020-13744
	REJECTED
CVE-2020-13743
	REJECTED
CVE-2020-13742
	REJECTED
CVE-2020-13741
	REJECTED
CVE-2020-13740
	REJECTED
CVE-2020-13739
	REJECTED
CVE-2020-13738
	REJECTED
CVE-2020-13737
	REJECTED
CVE-2020-13736
	REJECTED
CVE-2020-13735
	REJECTED
CVE-2020-13734
	REJECTED
CVE-2020-13733
	REJECTED
CVE-2020-13732
	REJECTED
CVE-2020-13731
	REJECTED
CVE-2020-13730
	REJECTED
CVE-2020-13729
	REJECTED
CVE-2020-13728
	REJECTED
CVE-2020-13727
	REJECTED
CVE-2020-13726
	REJECTED
CVE-2020-13725
	REJECTED
CVE-2020-13724
	REJECTED
CVE-2020-13723
	REJECTED
CVE-2020-13722
	REJECTED
CVE-2020-13721
	REJECTED
CVE-2020-13720
	REJECTED
CVE-2020-13719
	REJECTED
CVE-2020-13718
	REJECTED
CVE-2020-13717
	REJECTED
CVE-2020-13716
	REJECTED
CVE-2020-13715
	REJECTED
CVE-2020-13714
	REJECTED
CVE-2020-13713
	REJECTED
CVE-2020-13712
	RESERVED
CVE-2020-13711
	RESERVED
CVE-2020-13710
	RESERVED
CVE-2020-13709
	RESERVED
CVE-2020-13708
	RESERVED
CVE-2020-13707
	RESERVED
CVE-2020-13706
	RESERVED
CVE-2020-13705
	RESERVED
CVE-2020-13704
	RESERVED
CVE-2020-13703
	RESERVED
CVE-2020-13754 (hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of ...)
	{DSA-4728-1 DLA-2288-1}
	- qemu 1:5.0-6
	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=5d971f9e672507210e77d020d89e0e89165c8fc9 (fix)
	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=dba04c3488c4699f5afe96f66e448b1d447cf3fb (regression fix)
	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=8e67fda2dd6202ccec093fda561107ba14830a17 (regression fix)
	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=70b78d4e71494c90d2ccb40381336bc9b9a22f79 (regression fix)
CVE-2020-13702 (The Rolling Proximity Identifier used in the Apple/Google Exposure Not ...)
	NOT-FOR-US: Apple/Google Exposure Notification API
CVE-2020-13701
	RESERVED
CVE-2020-13700 (An issue was discovered in the acf-to-rest-api plugin through 3.1.0 fo ...)
	NOT-FOR-US: acf-to-rest-api plugin for WordPress
CVE-2020-13699 (TeamViewer Desktop for Windows before 15.8.3 does not properly quote i ...)
	NOT-FOR-US: TeamViewer Desktop
CVE-2020-13698
	RESERVED
CVE-2020-13697 (An issue was discovered in RouterNanoHTTPD.java in NanoHTTPD through 2 ...)
	NOT-FOR-US: NanoHTTPD Java
CVE-2020-13696 (An issue was discovered in LinuxTV xawtv before 3.107. The function de ...)
	{DLA-2246-1}
	- xawtv 3.107-1 (bug #962221)
	[stretch] - xawtv <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/04/6
	NOTE: Fixed by: https://git.linuxtv.org/xawtv3.git/commit/?id=31f31f9cbaee7be806cba38e0ff5431bd44b20a3
	NOTE: Fixed by: https://git.linuxtv.org/xawtv3.git/commit/?id=36dc44e68e5886339b4a0fbe3f404fb1a4fd2292
	NOTE: But those sill allow to test for arbitrary files and would need:
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/04/6/1
CVE-2020-13695 (In QuickBox Community Edition through 2.5.5 and Pro Edition through 2. ...)
	NOT-FOR-US: QuickBox
CVE-2020-13694 (In QuickBox Community Edition through 2.5.5 and Pro Edition through 2. ...)
	NOT-FOR-US: QuickBox
CVE-2020-13693 (An unauthenticated privilege-escalation issue exists in the bbPress pl ...)
	NOT-FOR-US: bbPress plugin for WordPress
CVE-2020-13692 (PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE. ...)
	- libpgjava 42.2.12-2 (low; bug #962828)
	[buster] - libpgjava <no-dsa> (Minor issue)
	[stretch] - libpgjava <no-dsa> (Minor issue)
	[jessie] - libpgjava <no-dsa> (Minor issue)
	NOTE: https://github.com/pgjdbc/pgjdbc/commit/14b62aca4764d496813f55a43d050b017e01eb65
CVE-2020-13691
	RESERVED
CVE-2020-13690
	RESERVED
CVE-2020-13689
	RESERVED
CVE-2020-13688 (Cross-site scripting vulnerability in l Drupal Core allows an attacker ...)
	- drupal7 <not-affected> (Only affects Drupal 8 and 9)
	NOTE: https://www.drupal.org/sa-core-2020-009
CVE-2020-13687
	RESERVED
CVE-2020-13686
	RESERVED
CVE-2020-13685
	RESERVED
CVE-2020-13684
	RESERVED
CVE-2020-13683
	RESERVED
CVE-2020-13682
	RESERVED
CVE-2020-13681
	RESERVED
CVE-2020-13680
	RESERVED
CVE-2020-13679
	RESERVED
CVE-2020-13678
	RESERVED
CVE-2020-13677 (Under some circumstances, the Drupal core JSON:API module does not pro ...)
	NOT-FOR-US: Drupal 8.x
CVE-2020-13676 (The QuickEdit module does not properly check access to fields in some  ...)
	NOT-FOR-US: Drupal 8.x
CVE-2020-13675 (Drupal's JSON:API and REST/File modules allow file uploads through the ...)
	NOT-FOR-US: Drupal 8.x
CVE-2020-13674 (The QuickEdit module does not properly validate access to routes, whic ...)
	NOT-FOR-US: Drupal 8.x
CVE-2020-13673 (The Entity Embed module provides a filter to allow embedding entities  ...)
	NOT-FOR-US: Drupal Entity Embed module
CVE-2020-13671 (Drupal core does not properly sanitize certain filenames on uploaded f ...)
	{DLA-2458-1}
	- drupal7 <removed>
	NOTE: https://www.drupal.org/sa-core-2020-012
	NOTE: https://github.com/drupal/drupal/commit/0263ea89cfff630262b8c0bc6d9c629c42aa7a84
CVE-2020-13670 (Information Disclosure vulnerability in file module of Drupal Core all ...)
	NOT-FOR-US: Drupal 8.x
CVE-2020-13669 (Cross-site Scripting (XSS) vulnerability in ckeditor of Drupal Core al ...)
	NOT-FOR-US: Drupal 8.x
CVE-2020-13668 (Access Bypass vulnerability in Drupal Core allows for an attacker to l ...)
	NOT-FOR-US: Drupal 8.x
CVE-2020-13667 (Access bypass vulnerability in of Drupal Core Workspaces allows an att ...)
	NOT-FOR-US: Drupal 8.x
CVE-2020-13666 (Cross-site scripting vulnerability in Drupal Core. Drupal AJAX API doe ...)
	{DLA-2458-1}
	- drupal7 <removed>
	NOTE: https://www.drupal.org/sa-core-2020-007
	NOTE: https://github.com/drupal/drupal/commit/cd3721550d988240ef6e682bd1cae2939c6e9e5a
CVE-2020-13665 (Access bypass vulnerability in Drupal Core allows JSON:API when JSON:A ...)
	- drupal7 <not-affected> (Drupal 7 not affected)
	NOTE: https://www.drupal.org/sa-core-2020-006
CVE-2020-13664 (Arbitrary PHP code execution vulnerability in Drupal Core under certai ...)
	- drupal7 <not-affected> (Drupal 7 not affected)
	NOTE: https://www.drupal.org/sa-core-2020-005
CVE-2020-13663 (Cross Site Request Forgery vulnerability in Drupal Core Form API does  ...)
	{DSA-4706-1 DLA-2263-1}
	- drupal7 <removed>
	NOTE: https://www.drupal.org/sa-core-2020-004
	NOTE: https://git.drupalcode.org/project/drupal/-/commit/3999b8f658bf2ef8e96a7ee8ccb279c5d3073006
CVE-2020-13661 (Telerik Fiddler through 5.0.20202.18177 allows attackers to execute ar ...)
	NOT-FOR-US: Telerik
CVE-2020-13660 (CMS Made Simple through 2.2.14 allows XSS via a crafted File Picker pr ...)
	NOT-FOR-US: CMS Made Simple
CVE-2020-13659 (address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer d ...)
	{DSA-4728-1 DLA-2288-1}
	- qemu 1:5.0-6
	NOTE: https://bugs.launchpad.net/qemu/+bug/1878259
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg07313.html
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=77f55eac6c433e23e82a1b88b2d74f385c4c7d82
CVE-2020-13658 (In Lansweeper 8.0.130.17, the web console is vulnerable to a CSRF atta ...)
	NOT-FOR-US: Lansweeper
CVE-2020-13657 (An elevation of privilege vulnerability exists in Avast Free Antivirus ...)
	NOT-FOR-US: Avast
CVE-2020-13656 (In Morgan Stanley Hobbes through 2020-05-21, the array implementation  ...)
	NOT-FOR-US: Hobbes
CVE-2020-13655 (An issue was discovered in Collabtive 3.0 and later. managefile.php is ...)
	- collabtive <removed>
CVE-2020-13654 (XWiki Platform before 12.8 mishandles escaping in the property display ...)
	NOT-FOR-US: XWiki
CVE-2020-13653 (An XSS vulnerability exists in the Webmail component of Zimbra Collabo ...)
	NOT-FOR-US: Zimbra
CVE-2020-13652 (An issue was discovered in DigDash 2018R2 before p20200528, 2019R1 bef ...)
	NOT-FOR-US: DigDash
CVE-2020-13651 (An issue was discovered in DigDash 2018R2 before p20200528, 2019R1 bef ...)
	NOT-FOR-US: DigDash
CVE-2020-13650 (An issue was discovered in DigDash 2018R2 before p20200210 and 2019R1  ...)
	NOT-FOR-US: DigDash
CVE-2020-13649 (parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during c ...)
	- iotjs 1.0+715-1
	[buster] - iotjs <no-dsa> (Minor issue)
	NOTE: https://github.com/jerryscript-project/jerryscript/commit/69f8e78c2f8d562bd6d8002b5488f1662ac30d24
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3786
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3788
CVE-2020-13648
	RESERVED
CVE-2020-13647
	RESERVED
CVE-2020-13646 (In Cheetah free WiFi 5.1, the driver file (liebaonat.sys) allows local ...)
	NOT-FOR-US: cheetah free wifi
CVE-2020-13645 (In GNOME glib-networking through 2.64.2, the implementation of GTlsCli ...)
	- glib-networking 2.64.3-2 (bug #961756)
	[buster] - glib-networking 2.58.0-2+deb10u1
	[stretch] - glib-networking 2.50.0-1+deb9u1
	NOTE: https://gitlab.gnome.org/GNOME/glib-networking/-/issues/135
	NOTE: Updating glib-networking to address CVE-2020-13645 will need a compatibility
	NOTE: update as well for balsa (cf. https://bugs.debian.org/961792)
CVE-2020-13644 (An issue was discovered in the Accordion plugin before 2.2.9 for WordP ...)
	NOT-FOR-US: Accordion plugin for WordPress
CVE-2020-13643 (An issue was discovered in the SiteOrigin Page Builder plugin before 2 ...)
	NOT-FOR-US: SiteOrigin Page Builder plugin for WordPress
CVE-2020-13642 (An issue was discovered in the SiteOrigin Page Builder plugin before 2 ...)
	NOT-FOR-US: SiteOrigin Page Builder plugin for WordPress
CVE-2020-13641 (An issue was discovered in the Real-Time Find and Replace plugin befor ...)
	NOT-FOR-US: Real-Time Find and Replace plugin for WordPress
CVE-2020-13640 (A SQL injection issue in the gVectors wpDiscuz plugin 5.3.5 and earlie ...)
	NOT-FOR-US: gVectors wpDiscuz plugin for WordPress
CVE-2020-13639 (A stored XSS vulnerability was discovered in the ECT Provider in OutSy ...)
	NOT-FOR-US: OutSystems Platform
CVE-2020-13638 (lib/crud/userprocess.php in rConfig 3.9.x before 3.9.7 has an authenti ...)
	NOT-FOR-US: rConfig
CVE-2020-13637 (An issue was discovered in the stashcat app through 3.9.2 for macOS, W ...)
	NOT-FOR-US: stashcat app
CVE-2020-13636
	RESERVED
CVE-2020-13635
	RESERVED
CVE-2020-13634 (In Windows Master (aka Windows Optimization Master) 7.99.13.604, the d ...)
	NOT-FOR-US: Windows Master (aka Windows Optimization Master)
CVE-2020-13633 (Fork before 5.8.3 allows XSS via navigation_title or title. ...)
	NOT-FOR-US: Fork CMS
CVE-2020-13632 (ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer der ...)
	{DLA-2340-1}
	- sqlite3 3.32.0-1
	[buster] - sqlite3 3.27.2-3+deb10u1
	[jessie] - sqlite3 <not-affected> (Vulnerable code not present)
	NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=1080459
	NOTE: https://sqlite.org/src/info/a4dd148928ea65bd
	NOTE: https://github.com/sqlite/sqlite/commit/219b8e7e7587df8669d96ce867cdd61ca1c05730
CVE-2020-13631 (SQLite before 3.32.0 allows a virtual table to be renamed to the name  ...)
	- sqlite3 3.32.0-1
	[buster] - sqlite3 <ignored> (Minor issue, too intrusive to backport)
	[stretch] - sqlite3 <not-affected> (Vulnerable code not present)
	[jessie] - sqlite3 <no-dsa> (Too intrusive to backport)
	NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=1080459
	NOTE: https://sqlite.org/src/info/eca0ba2cf4c0fdf7
CVE-2020-13630 (ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3Ev ...)
	{DLA-2340-1}
	- sqlite3 3.32.0-1
	[buster] - sqlite3 3.27.2-3+deb10u1
	[jessie] - sqlite3 <not-affected> (Vulnerable code not found)
	NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=1080459
	NOTE: https://sqlite.org/src/info/0d69f76f0865f962
	NOTE: https://github.com/sqlite/sqlite/commit/becd68ba0dac41904aa817d96a67fb4685734b41
CVE-2020-13629
	RESERVED
CVE-2020-13628 (Cross-site scripting (XSS) vulnerability allows remote attackers to in ...)
	- centreon-web <itp> (bug #913903)
CVE-2020-13627 (Cross-site scripting (XSS) vulnerability allows remote attackers to in ...)
	- centreon-web <itp> (bug #913903)
CVE-2020-13626 (OnePlus App Locker through 2020-10-06 allows physically proximate atta ...)
	NOT-FOR-US: OnePlus App Locker
CVE-2020-13625 (PHPMailer before 6.1.6 contains an output escaping bug when the name o ...)
	{DLA-2306-1 DLA-2244-1}
	- libphp-phpmailer 6.1.6-1 (bug #962827)
	[buster] - libphp-phpmailer <no-dsa> (Minor issue)
	NOTE: https://github.com/PHPMailer/PHPMailer/security/advisories/GHSA-f7hx-fqxw-rvvj
	NOTE: https://github.com/PHPMailer/PHPMailer/commit/c2796cb1cb99d7717290b48c4e6f32cb6c60b7b3
CVE-2020-13624
	RESERVED
CVE-2020-13623 (JerryScript 2.2.0 allows attackers to cause a denial of service (stack ...)
	- iotjs <not-affected> (Vulnerable code never in released version)
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3785
CVE-2020-13622 (JerryScript 2.2.0 allows attackers to cause a denial of service (asser ...)
	- iotjs <not-affected> (Vulnerable code never in released version)
	NOTE: https://github.com/jerryscript-project/jerryscript/issues/3787
	NOTE: https://github.com/jerryscript-project/jerryscript/pull/3797
CVE-2020-13621
	RESERVED
CVE-2020-13620 (Fastweb FASTGate GPON FGA2130FWB devices through 2020-05-26 allow CSRF ...)
	NOT-FOR-US: Fastweb FASTGate GPON FGA2130FWB devices
CVE-2020-13619 (php/exec/escapeshellarg in Locutus PHP through 2.0.11 allows an attack ...)
	NOT-FOR-US: Locutus PHP
CVE-2020-13618
	RESERVED
CVE-2020-13617 (The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones  ...)
	NOT-FOR-US: Mitel
CVE-2020-13616 (The boost ASIO wrapper in net/asio.cpp in Pichi before 1.3.0 lacks TLS ...)
	NOT-FOR-US: pichi
CVE-2020-13615 (lib/QoreSocket.cpp in Qore before 0.9.4.2 lacks hostname verification  ...)
	NOT-FOR-US: Qore
CVE-2020-13614 (An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implem ...)
	- axel 2.17.8-1
	[buster] - axel <no-dsa> (Minor issue)
	[stretch] - axel <no-dsa> (Minor issue)
	[jessie] - axel <not-affected> (SSL/TLS implemented from v2.10. But without ssl support is a major drawback)
	NOTE: https://github.com/axel-download-accelerator/axel/issues/262
CVE-2020-13613
	RESERVED
CVE-2020-13612
	REJECTED
CVE-2020-13611
	REJECTED
CVE-2020-13610
	REJECTED
CVE-2020-13609
	REJECTED
CVE-2020-13608
	REJECTED
CVE-2020-13607
	REJECTED
CVE-2020-13606
	REJECTED
CVE-2020-13605
	REJECTED
CVE-2020-13604
	REJECTED
CVE-2020-13603 (Integer Overflow in memory allocating functions. Zephyr versions &gt;= ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-13602 (Remote Denial of Service in LwM2M do_write_op_tlv. Zephyr versions &gt ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-13601 (Possible read out of bounds in dns read. Zephyr versions &gt;= 1.14.2, ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-13600 (Malformed SPI in response for eswifi can corrupt kernel memory. Zephyr ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-13599 (Security problem with settings and littlefs. Zephyr versions &gt;= 1.1 ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-13598 (FS: Buffer Overflow when enabling Long File Names in FAT_FS and callin ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-13597 (Clusters using Calico (version 3.14.0 and below), Calico Enterprise (v ...)
	NOT-FOR-US: Calico
CVE-2020-13596 (An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0 ...)
	{DSA-4705-1 DLA-2233-1}
	- python-django 2:2.2.13-1 (bug #962323)
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/03/1
	NOTE: https://github.com/django/django/commit/2dd4d110c159d0c81dff42eaead2c378a0998735 (master)
	NOTE: https://github.com/django/django/commit/49d7cc19e33a104bb23f7ae1dbb1240b4f6c40f9 (3.1 branch)
	NOTE: https://github.com/django/django/commit/1f2dd37f6fcefdd10ed44cb233b2e62b520afb38 (3.0 branch)
	NOTE: https://github.com/django/django/commit/6d61860b22875f358fac83d903dc629897934815 (2.2. branch)
CVE-2020-13595 (The Bluetooth Low Energy (BLE) controller implementation in Espressif  ...)
	NOT-FOR-US: Espressif
CVE-2020-13594 (The Bluetooth Low Energy (BLE) controller implementation in Espressif  ...)
	NOT-FOR-US: Espressif
CVE-2020-13593 (The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation  ...)
	NOT-FOR-US: Espressif
CVE-2020-13662 (Open Redirect vulnerability in Drupal Core allows a user to be tricked ...)
	{DSA-4693-1 DLA-2250-1}
	- drupal7 <removed>
	NOTE: https://www.drupal.org/sa-core-2020-003
	NOTE: https://git.drupalcode.org/project/drupal/-/commit/905ff00a44160adee3f266cdcc87d3350a64a072
CVE-2020-13592 (An exploitable SQL injection vulnerability exists in "global_lists/cho ...)
	NOT-FOR-US: Rukovoditel Project Management App
CVE-2020-13591 (An exploitable SQL injection vulnerability exists in the "access_rules ...)
	NOT-FOR-US: Rukovoditel Project Management App
CVE-2020-13590
	RESERVED
CVE-2020-13589 (An exploitable SQL injection vulnerability exists in the &#8216;entiti ...)
	NOT-FOR-US: Rukovoditel Project Management App
CVE-2020-13588 (An exploitable SQL injection vulnerability exists in the &#8216;entiti ...)
	NOT-FOR-US: Rukovoditel Project Management App
CVE-2020-13587 (An exploitable SQL injection vulnerability exists in the "forms_fields ...)
	NOT-FOR-US: Rukovoditel Project Management App
CVE-2020-13586 (A memory corruption vulnerability exists in the Excel Document SST Rec ...)
	NOT-FOR-US: SoftMaker
CVE-2020-13585 (An out-of-bounds write vulnerability exists in the PSD Header processi ...)
	NOT-FOR-US: AccuSoft
CVE-2020-13584 (An exploitable use-after-free vulnerability exists in WebKitGTK browse ...)
	{DSA-4797-1}
	- webkit2gtk 2.30.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.30.3-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0008.html
CVE-2020-13583 (A denial-of-service vulnerability exists in the HTTP Server functional ...)
	NOT-FOR-US: Micrium
CVE-2020-13582 (A denial-of-service vulnerability exists in the HTTP Server functional ...)
	NOT-FOR-US: Micrium
CVE-2020-13581 (In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1 ...)
	NOT-FOR-US: SoftMaker
CVE-2020-13580 (An exploitable heap-based buffer overflow vulnerability exists in the  ...)
	NOT-FOR-US: SoftMaker
CVE-2020-13579 (An exploitable integer overflow vulnerability exists in the PlanMaker  ...)
	NOT-FOR-US: SoftMaker
CVE-2020-13578 (A denial-of-service vulnerability exists in the WS-Security plugin fun ...)
	- gsoap 2.8.104-3 (bug #983596)
	[buster] - gsoap <no-dsa> (Minor issue)
	[stretch] - gsoap <ignored> (intrusive to backport, will either not compile or may cause runtime errors)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1189
CVE-2020-13577 (A denial-of-service vulnerability exists in the WS-Security plugin fun ...)
	- gsoap 2.8.104-3 (bug #983596)
	[buster] - gsoap <no-dsa> (Minor issue)
	[stretch] - gsoap <ignored> (intrusive to backport, will either not compile or may cause runtime errors)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1188
CVE-2020-13576 (A code execution vulnerability exists in the WS-Addressing plugin func ...)
	- gsoap 2.8.104-3 (bug #983596)
	[buster] - gsoap <no-dsa> (Minor issue)
	[stretch] - gsoap <ignored> (intrusive to backport, will either not compile or may cause runtime errors)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1187
CVE-2020-13575 (A denial-of-service vulnerability exists in the WS-Addressing plugin f ...)
	- gsoap 2.8.104-3 (bug #983596)
	[buster] - gsoap <no-dsa> (Minor issue)
	[stretch] - gsoap <ignored> (intrusive to backport, will either not compile or may cause runtime errors)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1186
CVE-2020-13574 (A denial-of-service vulnerability exists in the WS-Security plugin fun ...)
	- gsoap 2.8.104-3 (bug #983596)
	[buster] - gsoap <no-dsa> (Minor issue)
	[stretch] - gsoap <ignored> (intrusive to backport, will either not compile or may cause runtime errors)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1185
CVE-2020-13573 (A denial-of-service vulnerability exists in the Ethernet/IP server fun ...)
	NOT-FOR-US: Rockwell Automation RSLinx Classic
CVE-2020-13572 (A heap overflow vulnerability exists in the way the GIF parser decodes ...)
	NOT-FOR-US: Accusoft
CVE-2020-13571 (An out-of-bounds write vulnerability exists in the SGI RLE decompressi ...)
	NOT-FOR-US: Accusoft
CVE-2020-13570 (A use-after-free vulnerability exists in the JavaScript engine of Foxi ...)
	NOT-FOR-US: Foxit
CVE-2020-13569 (A cross-site request forgery vulnerability exists in the GACL function ...)
	NOT-FOR-US: OpenEMR
CVE-2020-13568 (SQL injection vulnerability exists in phpGACL 3.3.7. A specially craft ...)
	NOT-FOR-US: phpGACL
CVE-2020-13567
	RESERVED
CVE-2020-13566 (SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially craf ...)
	NOT-FOR-US: phpGACL
CVE-2020-13565 (An open redirect vulnerability exists in the return_page redirection f ...)
	NOT-FOR-US: OpenEMR
CVE-2020-13564 (A cross-site scripting vulnerability exists in the template functional ...)
	NOT-FOR-US: phpGACL
CVE-2020-13563 (A cross-site scripting vulnerability exists in the template functional ...)
	NOT-FOR-US: phpGACL
CVE-2020-13562 (A cross-site scripting vulnerability exists in the template functional ...)
	NOT-FOR-US: phpGACL
CVE-2020-13561 (An out-of-bounds write vulnerability exists in the TIFF parser of Accu ...)
	NOT-FOR-US: Accusoft
CVE-2020-13560 (A use after free vulnerability exists in the JavaScript engine of Foxi ...)
	NOT-FOR-US: Foxit
CVE-2020-13559 (A denial-of-service vulnerability exists in the traffic-logging functi ...)
	NOT-FOR-US: FreyrSCADA IEC-60879-5-104 Server Simulator
CVE-2020-13558 (A code execution vulnerability exists in the AudioSourceProviderGStrea ...)
	{DSA-4854-1}
	- webkit2gtk 2.30.5-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	- wpewebkit 2.30.5-1
	NOTE: https://webkitgtk.org/security/WSA-2021-0001.html
CVE-2020-13557 (A use after free vulnerability exists in the JavaScript engine of Foxi ...)
	NOT-FOR-US: Foxit
CVE-2020-13556 (An out-of-bounds write vulnerability exists in the Ethernet/IP server  ...)
	NOT-FOR-US: EIP Stack Group OpENer
CVE-2020-13555 (An exploitable local privilege elevation vulnerability exists in the f ...)
	NOT-FOR-US: Advantech WebAccess/SCADA
CVE-2020-13554 (An exploitable local privilege elevation vulnerability exists in the f ...)
	NOT-FOR-US: Advantech WebAccess/SCADA
CVE-2020-13553 (An exploitable local privilege elevation vulnerability exists in the f ...)
	NOT-FOR-US: Advantech WebAccess/SCADA
CVE-2020-13552 (An exploitable local privilege elevation vulnerability exists in the f ...)
	NOT-FOR-US: Advantech WebAccess/SCADA
CVE-2020-13551 (An exploitable local privilege elevation vulnerability exists in the f ...)
	NOT-FOR-US: Advantech WebAccess/SCADA
CVE-2020-13550 (A local file inclusion vulnerability exists in the installation functi ...)
	NOT-FOR-US: Advantech WebAccess/SCADA
CVE-2020-13549 (An exploitable local privilege elevation vulnerability exists in the f ...)
	NOT-FOR-US: Sytech XL Reporter
CVE-2020-13548 (In Foxit Reader 10.1.0.37527, a specially crafted PDF document can tri ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-13547 (A type confusion vulnerability exists in the JavaScript engine of Foxi ...)
	NOT-FOR-US: Foxit
CVE-2020-13546 (In SoftMaker Software GmbH SoftMaker Office TextMaker 2021 (revision 1 ...)
	NOT-FOR-US: SoftMaker
CVE-2020-13545 (An exploitable signed conversion vulnerability exists in the TextMaker ...)
	NOT-FOR-US: SoftMaker
CVE-2020-13544 (An exploitable sign extension vulnerability exists in the TextMaker do ...)
	NOT-FOR-US: SoftMaker
CVE-2020-13543 (A code execution vulnerability exists in the WebSocket functionality o ...)
	{DSA-4797-1}
	- webkit2gtk 2.30.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	- wpewebkit 2.30.3-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0009.html
CVE-2020-13542 (A local privilege elevation vulnerability exists in the file system pe ...)
	NOT-FOR-US: LogicalDoc
CVE-2020-13541 (An exploitable local privilege elevation vulnerability exists in the f ...)
	NOT-FOR-US: Mobile-911 Server
CVE-2020-13540 (An exploitable local privilege elevation vulnerability exists in the f ...)
	NOT-FOR-US: Win-911 Enterprise
CVE-2020-13539 (An exploitable local privilege elevation vulnerability exists in the f ...)
	NOT-FOR-US: Win-911 Enterprise
CVE-2020-13538
	RESERVED
CVE-2020-13537 (An exploitable local privilege elevation vulnerability exists in the f ...)
	NOT-FOR-US: Moxa
CVE-2020-13536 (An exploitable local privilege elevation vulnerability exists in the f ...)
	NOT-FOR-US: Microsoft
CVE-2020-13535 (A privilege escalation vulnerability exists in Kepware LinkMaster 3.0. ...)
	NOT-FOR-US: Kepware LinkMaster
CVE-2020-13534 (A privilege escalation vulnerability exists in Dream Report 5 R20-2. C ...)
	NOT-FOR-US: Dream Report
CVE-2020-13533 (A privilege escalation vulnerability exists in Dream Report 5 R20-2. I ...)
	NOT-FOR-US: Dream Report
CVE-2020-13532 (A privilege escalation vulnerability exists in Dream Report 5 R20-2. I ...)
	NOT-FOR-US: Dream Report
CVE-2020-13531 (A use-after-free vulnerability exists in a way Pixar OpenUSD 20.08 pro ...)
	NOT-FOR-US: Pixar OpenUSD
CVE-2020-13530 (A denial-of-service vulnerability exists in the Ethernet/IP server fun ...)
	NOT-FOR-US: EIP Stack Group OpENer
CVE-2020-13529 (An exploitable denial-of-service vulnerability exists in Systemd 245.  ...)
	[experimental] - systemd 249~rc2-1
	- systemd <unfixed> (unimportant)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1142
	NOTE: https://github.com/systemd/systemd/issues/16774
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1959397
	NOTE: Fixed by: https://github.com/systemd/systemd/commit/38e980a6a5a3442c2f48b1f827284388096d8ca5 (v249-rc2)
	NOTE: Generic DHCP protocol issue, negligible security impact
CVE-2020-13528 (An information disclosure vulnerability exists in the Web Manager and  ...)
	NOT-FOR-US: Lantronix
CVE-2020-13527 (An authentication bypass vulnerability exists in the Web Manager funct ...)
	NOT-FOR-US: Lantronix
CVE-2020-13526 (SQL injection vulnerability exists in the handling of sort parameters  ...)
	NOT-FOR-US: ProcessMaker
CVE-2020-13525 (The sort parameter in the download page /sysworkflow/en/neoclassic/rep ...)
	NOT-FOR-US: ProcessMaker
CVE-2020-13524 (An out-of-bounds memory corruption vulnerability exists in the way Pix ...)
	NOT-FOR-US: Pixar OpenUSD
CVE-2020-13523 (An exploitable information disclosure vulnerability exists in SoftPerf ...)
	NOT-FOR-US: SoftPerfect
CVE-2020-13522 (An exploitable arbitrary file delete vulnerability exists in SoftPerfe ...)
	NOT-FOR-US: SoftPerfect
CVE-2020-13521
	REJECTED
CVE-2020-13520 (An out of bounds memory corruption vulnerability exists in the way Pix ...)
	NOT-FOR-US: Pixar OpenUSD
CVE-2020-13519 (A privilege escalation vulnerability exists in the WinRing0x64 Driver  ...)
	NOT-FOR-US: NZXT CAM
CVE-2020-13518 (An information disclosure vulnerability exists in the WinRing0x64 Driv ...)
	NOT-FOR-US: NZXT CAM
CVE-2020-13517 (An information disclosure vulnerability exists in the WinRing0x64 Driv ...)
	NOT-FOR-US: NZXT CAM
CVE-2020-13516 (An information disclosure vulnerability exists in the WinRing0x64 Driv ...)
	NOT-FOR-US: NZXT CAM
CVE-2020-13515 (A privilege escalation vulnerability exists in the WinRing0x64 Driver  ...)
	NOT-FOR-US: NZXT CAM
CVE-2020-13514 (A privilege escalation vulnerability exists in the WinRing0x64 Driver  ...)
	NOT-FOR-US: NZXT CAM
CVE-2020-13513 (A privilege escalation vulnerability exists in the WinRing0x64 Driver  ...)
	NOT-FOR-US: NZXT CAM
CVE-2020-13512 (A privilege escalation vulnerability exists in the WinRing0x64 Driver  ...)
	NOT-FOR-US: NZXT CAM
CVE-2020-13511 (An information disclosure vulnerability exists in the WinRing0x64 Driv ...)
	NOT-FOR-US: NZXT CAM
CVE-2020-13510 (An information disclosure vulnerability exists in the WinRing0x64 Driv ...)
	NOT-FOR-US: NZXT CAM
CVE-2020-13509 (An information disclosure vulnerability exists in the WinRing0x64 Driv ...)
	NOT-FOR-US: NZXT CAM
CVE-2020-13508
	REJECTED
CVE-2020-13507
	REJECTED
CVE-2020-13506
	REJECTED
CVE-2020-13505 (Parameter psClass in ednareporting.asmx is vulnerable to unauthenticat ...)
	NOT-FOR-US: ednareporting.asmx
CVE-2020-13504 (Parameter AttFilterValue in ednareporting.asmx is vulnerable to unauth ...)
	NOT-FOR-US: ednareporting.asmx
CVE-2020-13503
	REJECTED
CVE-2020-13502
	REJECTED
CVE-2020-13501 (An SQL injection vulnerability exists in the CHaD.asmx web service fun ...)
	NOT-FOR-US: CHaD.asmx
CVE-2020-13500 (SQL injection vulnerability exists in the CHaD.asmx web service functi ...)
	NOT-FOR-US: CHaD.asmx
CVE-2020-13499 (An SQL injection vulnerability exists in the CHaD.asmx web service fun ...)
	NOT-FOR-US: CHaD.asmx
CVE-2020-13498 (An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 han ...)
	NOT-FOR-US: Pixar OpenUSD
CVE-2020-13497 (An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 han ...)
	NOT-FOR-US: Pixar OpenUSD
CVE-2020-13496 (An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 han ...)
	NOT-FOR-US: Pixar OpenUSD
CVE-2020-13495
	RESERVED
CVE-2020-13494 (A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 parsin ...)
	NOT-FOR-US: Pixar OpenUSD
CVE-2020-13493 (A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the s ...)
	NOT-FOR-US: Pixar OpenUSD
CVE-2020-13492
	RESERVED
CVE-2020-13491
	RESERVED
CVE-2020-13490
	RESERVED
CVE-2020-13489
	RESERVED
CVE-2020-13488
	RESERVED
CVE-2020-13487 (The bbPress plugin through 2.6.4 for WordPress has stored XSS in the F ...)
	NOT-FOR-US: Wordpress plugin
CVE-2020-13486 (The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious red ...)
	NOT-FOR-US: Craft CMS plugin
CVE-2020-13485 (The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist  ...)
	NOT-FOR-US: Craft CMS plugin
CVE-2020-13484 (Bitrix24 through 20.0.975 allows SSRF via an intranet IP address in th ...)
	NOT-FOR-US: Bitrix24
CVE-2020-13483 (The Web Application Firewall in Bitrix24 through 20.0.0 allows XSS via ...)
	NOT-FOR-US: Bitrix24
CVE-2020-13482 (EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way ...)
	NOT-FOR-US: EM-HTTP-Request
CVE-2020-13481
	RESERVED
CVE-2020-13480 (Verint Workforce Optimization (WFO) 15.2 allows HTML injection via the ...)
	NOT-FOR-US: Verint Workforce Optimization (WFO)
CVE-2020-13479
	RESERVED
CVE-2020-13478
	RESERVED
CVE-2020-13477
	RESERVED
CVE-2020-13476 (NCH Express Invoice 8.06 to 8.24 is vulnerable to Reflected XSS in the ...)
	NOT-FOR-US: NCH Express Invoice
CVE-2020-13475
	RESERVED
CVE-2020-13474 (In NCH Express Accounts 8.24 and earlier, an authenticated low-privile ...)
	NOT-FOR-US: NCH Express Accounts
CVE-2020-13473 (NCH Express Accounts 8.24 and earlier allows local users to discover t ...)
	NOT-FOR-US: NCH Express Accounts
CVE-2020-13472 (The flash memory readout protection in Gigadevice GD32F103 devices all ...)
	NOT-FOR-US: Gigadevice GD32F103 devices
CVE-2020-13471 (Apex Microelectronics APM32F103 devices allow physical attackers to ex ...)
	NOT-FOR-US: Apex Microelectronics APM32F103 devices
CVE-2020-13470 (Gigadevice GD32F103 and GD32F130 devices allow physical attackers to e ...)
	NOT-FOR-US: Gigadevice GD32F103 and GD32F130 devices
CVE-2020-13469 (The flash memory readout protection in Gigadevice GD32VF103 devices al ...)
	NOT-FOR-US: Gigadevice GD32VF103 devices
CVE-2020-13468 (Gigadevice GD32F130 devices allow physical attackers to escalate their ...)
	NOT-FOR-US: Gigadevice GD32F130 devices
CVE-2020-13467 (The flash memory readout protection in China Key Systems &amp; Integra ...)
	NOT-FOR-US: China Key Systems & Integrated Circuit CKS32F103 devices
CVE-2020-13466 (STMicroelectronics STM32F103 devices through 2020-05-20 allow physical ...)
	NOT-FOR-US: STMicroelectronics STM32F103 devices
CVE-2020-13465 (The security protection in Gigadevice GD32F103 devices allows physical ...)
	NOT-FOR-US: Gigadevice GD32F103 devices
CVE-2020-13464 (The flash memory readout protection in China Key Systems &amp; Integra ...)
	NOT-FOR-US: China Key Systems & Integrated Circuit CKS32F103 devices
CVE-2020-13463 (The flash memory readout protection in Apex Microelectronics APM32F103 ...)
	NOT-FOR-US: Apex Microelectronics APM32F103 devices
CVE-2020-13462 (Insecure Direct Object Reference (IDOR) exists in Tufin SecureChange,  ...)
	NOT-FOR-US: Tufin
CVE-2020-13461 (Username enumeration in present in Tufin SecureTrack. It's affecting a ...)
	NOT-FOR-US: Tufin
CVE-2020-13460 (Multiple Cross-Site Request Forgery (CSRF) vulnerabilities were presen ...)
	NOT-FOR-US: Tufin
CVE-2020-13459 (An issue was discovered in the Image Resizer plugin before 2.0.9 for C ...)
	NOT-FOR-US: Image Resizer plugin for Craft CMS
CVE-2020-13458 (An issue was discovered in the Image Resizer plugin before 2.0.9 for C ...)
	NOT-FOR-US: Image Resizer plugin for Craft CMS
CVE-2020-13457
	RESERVED
CVE-2020-13456
	RESERVED
CVE-2020-13455
	RESERVED
CVE-2020-13454
	RESERVED
CVE-2020-13453
	RESERVED
CVE-2020-13452 (In Gotenberg through 6.2.1, insecure permissions for tini (writable by ...)
	NOT-FOR-US: Gotenberg
CVE-2020-13451 (An incomplete-cleanup vulnerability in the Office rendering engine of  ...)
	NOT-FOR-US: Gotenberg
CVE-2020-13450 (A directory traversal vulnerability in file upload function of Gotenbe ...)
	NOT-FOR-US: Gotenberg
CVE-2020-13449 (A directory traversal vulnerability in the Markdown engine of Gotenber ...)
	NOT-FOR-US: Gotenberg
CVE-2020-13448 (QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8 ...)
	NOT-FOR-US: QuickBox
CVE-2020-13447
	RESERVED
CVE-2020-13446
	RESERVED
CVE-2020-13445 (In Liferay Portal before 7.3.2 and Liferay DXP 7.0 before fix pack 92, ...)
	NOT-FOR-US: Liferay
CVE-2020-13444 (Liferay Portal 7.x before 7.3.2, and Liferay DXP 7.0 before fix pack 9 ...)
	NOT-FOR-US: Liferay
CVE-2020-13443 (ExpressionEngine before 5.3.2 allows remote attackers to upload and ex ...)
	NOT-FOR-US: ExpressionEngine
CVE-2020-13442 (A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 t ...)
	NOT-FOR-US: DEXT5
CVE-2020-13441
	RESERVED
CVE-2020-13440 (ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c. ...)
	NOT-FOR-US: ffjpeg
CVE-2020-13439 (ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_de ...)
	NOT-FOR-US: ffjpeg
CVE-2020-13438 (ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c ...)
	NOT-FOR-US: ffjpeg
CVE-2020-13437
	RESERVED
CVE-2020-13436
	RESERVED
CVE-2020-13435 (SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarge ...)
	- sqlite3 3.32.1-1
	[buster] - sqlite3 3.27.2-3+deb10u1
	[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
	[jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
	NOTE: https://www.sqlite.org/src/info/7a5279a25c57adf1
	NOTE: https://www.sqlite.org/src/info/ad7bb70af9bb68d1
	NOTE: https://www.sqlite.org/src/info/572105de1d44bca4
CVE-2020-13434 (SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf  ...)
	{DLA-2340-1 DLA-2221-1}
	- sqlite3 3.32.1-1
	[buster] - sqlite3 3.27.2-3+deb10u1
	NOTE: https://www.sqlite.org/src/info/23439ea582241138
	NOTE: https://www.sqlite.org/src/info/d08d3405878d394e
	NOTE: https://github.com/sqlite/sqlite/commit/dd6c33d372f3b83f4fe57904c2bd5ebba5c38018
CVE-2020-13433 (Jason2605 AdminPanel 4.0 allows SQL Injection via the editPlayer.php h ...)
	NOT-FOR-US: Jason2605 AdminPanel
CVE-2020-13432 (rejetto HFS (aka HTTP File Server) v2.3m Build #300, when virtual file ...)
	NOT-FOR-US: Rejetto HTTP File Server
CVE-2020-13431 (I2P before 0.9.46 allows local users to gain privileges via a Trojan h ...)
	- i2p <not-affected> (Windows-specific)
CVE-2020-13430 (Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource. ...)
	- grafana <removed>
	NOTE: https://github.com/grafana/grafana/pull/24539
CVE-2020-13429 (legend.ts in the piechart-panel (aka Pie Chart Panel) plugin before 1. ...)
	NOT-FOR-US: piechart-panel plugin for Grafana
CVE-2020-13428 (A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in mod ...)
	{DSA-4704-1}
	- vlc 3.0.11-1
	[jessie] - vlc <end-of-life> (Not supported in jessie LTS)
	NOTE: https://github.com/videolan/vlc-3.0/releases/tag/3.0.11
	NOTE: https://git.videolan.org/?p=vlc/vlc-3.0.git;a=commit;h=d5c43c21c747ff30ed19fcca745dea3481c733e0
CVE-2020-13427 (Victor CMS 1.0 has Persistent XSS in admin/users.php?source=add_user v ...)
	NOT-FOR-US: Victor CMS
CVE-2020-13426 (The Multi-Scheduler plugin 1.0.0 for WordPress has a Cross-Site Reques ...)
	NOT-FOR-US: Multi-Scheduler plugin for WordPress
CVE-2020-13425 (TrackR devices through 2020-05-06 allow attackers to trigger the Beep  ...)
	NOT-FOR-US: TrackR
CVE-2020-13424 (The XCloner component before 3.5.4 for Joomla! allows Authenticated Lo ...)
	NOT-FOR-US: Joomla addon
CVE-2020-13423 (Form Builder 2.1.0 for Magento has multiple XSS issues that can be exp ...)
	NOT-FOR-US: Form Builder for Magento
CVE-2020-13422 (OpenIAM before 4.2.0.3 does not verify if a user has permissions to pe ...)
	NOT-FOR-US: OpenIAM
CVE-2020-13421 (OpenIAM before 4.2.0.3 has Incorrect Access Control for the Create Use ...)
	NOT-FOR-US: OpenIAM
CVE-2020-13420 (OpenIAM before 4.2.0.3 allows remote attackers to execute arbitrary co ...)
	NOT-FOR-US: OpenIAM
CVE-2020-13419 (OpenIAM before 4.2.0.3 allows Directory Traversal in the Batch task. ...)
	NOT-FOR-US: OpenIAM
CVE-2020-13418 (OpenIAM before 4.2.0.3 allows XSS in the Add New User feature. ...)
	NOT-FOR-US: OpenIAM
CVE-2020-13417 (An Elevation of Privilege issue was discovered in Aviatrix VPN Client  ...)
	NOT-FOR-US: Aviatrix
CVE-2020-13416 (An issue was discovered in Aviatrix Controller before 5.4.1066. A Cont ...)
	NOT-FOR-US: Aviatrix
CVE-2020-13415 (An issue was discovered in Aviatrix Controller through 5.1. An attacke ...)
	NOT-FOR-US: Aviatrix
CVE-2020-13414 (An issue was discovered in Aviatrix Controller before 5.4.1204. It con ...)
	NOT-FOR-US: Aviatrix
CVE-2020-13413 (An issue was discovered in Aviatrix Controller before 5.4.1204. There  ...)
	NOT-FOR-US: Aviatrix
CVE-2020-13412 (An issue was discovered in Aviatrix Controller before 5.4.1204. An API ...)
	NOT-FOR-US: Aviatrix
CVE-2020-13411
	RESERVED
CVE-2020-13410 (An issue was discovered in MoscaJS Aedes 0.42.0. lib/write.js does not ...)
	NOT-FOR-US: MoscaJS Aedes
CVE-2020-13409 (Tufin SecureTrack &lt; R20-2 GA contains reflected + stored XSS (as in ...)
	NOT-FOR-US: Tufin
CVE-2020-13408 (Tufin SecureTrack &lt; R20-2 GA contains reflected + stored XSS (as in ...)
	NOT-FOR-US: Tufin
CVE-2020-13407 (Tufin SecureTrack &lt; R20-2 GA contains reflected + stored XSS (as in ...)
	NOT-FOR-US: Tufin
CVE-2020-13406
	RESERVED
CVE-2020-13405 (userfiles/modules/users/controller/controller.php in Microweber before ...)
	NOT-FOR-US: Microweber
CVE-2020-13404 (The ATOS/Sips (aka Atos-Magento) community module 3.0.0 to 3.0.5 for M ...)
	NOT-FOR-US: Atos-Magento
CVE-2020-13403
	RESERVED
CVE-2020-13402
	RESERVED
CVE-2020-13401 (An issue was discovered in Docker Engine before 19.03.11. An attacker  ...)
	{DSA-4716-1}
	- docker.io 19.03.11+dfsg1-1 (bug #962141)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1833233
	NOTE: https://github.com/moby/libnetwork/commit/153d0769a1181bf591a9637fd487a541ec7db1e6
CVE-2020-13400
	RESERVED
CVE-2020-13399
	RESERVED
CVE-2020-13398 (An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB ...)
	{DLA-2356-1}
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	NOTE: https://github.com/FreeRDP/FreeRDP/commit/8305349a943c68b1bc8c158f431dc607655aadea
CVE-2020-13397 (An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB ...)
	{DLA-2356-1}
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	NOTE: https://github.com/FreeRDP/FreeRDP/commit/d6cd14059b257318f176c0ba3ee0a348826a9ef8
CVE-2020-13396 (An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB ...)
	{DLA-2356-1}
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	NOTE: https://github.com/FreeRDP/FreeRDP/commit/48361c411e50826cb602c7aab773a8a20e1da6bc
CVE-2020-13395
	RESERVED
CVE-2020-13394 (An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 ...)
	NOT-FOR-US: Tenda devices
CVE-2020-13393 (An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 ...)
	NOT-FOR-US: Tenda devices
CVE-2020-13392 (An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 ...)
	NOT-FOR-US: Tenda devices
CVE-2020-13391 (An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 ...)
	NOT-FOR-US: Tenda devices
CVE-2020-13390 (An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 ...)
	NOT-FOR-US: Tenda devices
CVE-2020-13389 (An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 ...)
	NOT-FOR-US: Tenda devices
CVE-2020-13388 (An exploitable vulnerability exists in the configuration-loading funct ...)
	NOT-FOR-US: jw.util
CVE-2020-13387 (Pexip Infinity before 23.4 has a lack of input validation, leading to  ...)
	NOT-FOR-US: Pexip Infinity
CVE-2020-13386 (In SmartDraw 2020 27.0.0.0, the installer gives inherited write permis ...)
	NOT-FOR-US: SmartDraw
CVE-2020-13385
	RESERVED
CVE-2020-13384 (Monstra CMS 3.0.4 allows remote authenticated users to upload and exec ...)
	NOT-FOR-US: Monstra CMS
CVE-2020-13383 (openSIS through 7.4 allows Directory Traversal. ...)
	NOT-FOR-US: openSIS
CVE-2020-13382 (openSIS through 7.4 has Incorrect Access Control. ...)
	NOT-FOR-US: openSIS
CVE-2020-13381 (openSIS through 7.4 allows SQL Injection. ...)
	NOT-FOR-US: openSIS
CVE-2020-13380 (openSIS before 7.4 allows SQL Injection. ...)
	NOT-FOR-US: openSIS
CVE-2020-13379 (The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrec ...)
	- grafana <removed>
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/03/4
	NOTE: https://grafana.com/blog/2020/06/03/grafana-6.7.4-and-7.0.2-released-with-important-security-fix/
CVE-2020-13378
	RESERVED
CVE-2020-13377
	RESERVED
CVE-2020-13376 (SecurEnvoy SecurMail 9.3.503 allows attackers to upload executable fil ...)
	NOT-FOR-US: SecurEnvoy SecurMail
CVE-2020-13375
	RESERVED
CVE-2020-13374
	RESERVED
CVE-2020-13373
	RESERVED
CVE-2020-13372
	RESERVED
CVE-2020-13371
	RESERVED
CVE-2020-13370
	RESERVED
CVE-2020-13369
	RESERVED
CVE-2020-13368
	RESERVED
CVE-2020-13367
	RESERVED
CVE-2020-13366
	RESERVED
CVE-2020-13365 (Certain Zyxel products have a locally accessible binary that allows a  ...)
	NOT-FOR-US: Zyxel
CVE-2020-13364 (A backdoor in certain Zyxel products allows remote TELNET access via a ...)
	NOT-FOR-US: Zyxel
CVE-2020-13363
	RESERVED
CVE-2020-13362 (In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c h ...)
	{DSA-4728-1 DLA-2288-1 DLA-2262-1}
	- qemu 1:5.0-6 (bug #961887)
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg03463.html
CVE-2020-13361 (In QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c  ...)
	{DSA-4728-1 DLA-2288-1 DLA-2262-1}
	- qemu 1:5.0-6 (bug #961888)
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg07230.html
CVE-2020-13360
	REJECTED
CVE-2020-13359 (The Terraform API in GitLab CE/EE 12.10+ exposed the object storage si ...)
	- gitlab 13.3.9-1
	NOTE: https://about.gitlab.com/releases/2020/11/02/security-release-gitlab-13-5-2-released/
CVE-2020-13358 (A vulnerability in the internal Kubernetes agent api in GitLab CE/EE v ...)
	- gitlab 13.3.9-1
	NOTE: https://about.gitlab.com/releases/2020/11/02/security-release-gitlab-13-5-2-released/
CVE-2020-13357 (An issue was discovered in Gitlab CE/EE versions &gt;= 13.1 to &lt;13. ...)
	- gitlab 13.4.7-1
	NOTE: https://about.gitlab.com/releases/2020/12/07/security-release-gitlab-13-6-2-released/
CVE-2020-13356 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
	- gitlab 13.3.9-1
	NOTE: https://about.gitlab.com/releases/2020/11/02/security-release-gitlab-13-5-2-released/
CVE-2020-13355 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
	- gitlab 13.3.9-1
	NOTE: https://about.gitlab.com/releases/2020/11/02/security-release-gitlab-13-5-2-released/
CVE-2020-13354 (A potential DOS vulnerability was discovered in GitLab CE/EE starting  ...)
	- gitlab 13.3.9-1
	NOTE: https://about.gitlab.com/releases/2020/11/02/security-release-gitlab-13-5-2-released/
CVE-2020-13353 (When importing repos via URL, one time use git credentials were persis ...)
	- gitaly 13.3.9-1
CVE-2020-13352 (Private group info is leaked leaked in GitLab CE/EE version 10.2 and a ...)
	- gitlab 13.3.9-1
	NOTE: https://about.gitlab.com/releases/2020/11/02/security-release-gitlab-13-5-2-released/
CVE-2020-13351 (Insufficient permission checks in scheduled pipeline API in GitLab CE/ ...)
	- gitlab 13.3.9-1
	NOTE: https://about.gitlab.com/releases/2020/11/02/security-release-gitlab-13-5-2-released/
CVE-2020-13350 (CSRF in runner administration page in all versions of GitLab CE/EE all ...)
	- gitlab 13.3.9-1
	NOTE: https://about.gitlab.com/releases/2020/11/02/security-release-gitlab-13-5-2-released/
CVE-2020-13349 (An issue has been discovered in GitLab EE affecting all versions start ...)
	- gitlab <not-affected> (Specific to EE)
CVE-2020-13348 (An issue has been discovered in GitLab EE affecting all versions start ...)
	- gitlab <not-affected> (Specific to EE)
CVE-2020-13347 (A command injection vulnerability was discovered in Gitlab runner vers ...)
	- gitlab-ci-multi-runner <not-affected> (Only affects gitlab-runner when configured on Windows)
CVE-2020-13346 (Membership changes are not reflected in ToDo subscriptions in GitLab v ...)
	- gitlab 13.2.10-1
CVE-2020-13345 (An issue has been discovered in GitLab affecting all versions starting ...)
	- gitlab 13.2.10-1
CVE-2020-13344 (An issue has been discovered in GitLab affecting all versions prior to ...)
	- gitlab 13.2.10-1
CVE-2020-13343 (An issue has been discovered in GitLab affecting all versions starting ...)
	- gitlab 13.2.10-1
CVE-2020-13342 (An issue has been discovered in GitLab affecting versions prior to 13. ...)
	- gitlab 13.2.10-1
CVE-2020-13341 (An issue has been discovered in GitLab affecting all versions prior to ...)
	- gitlab 13.2.10-1
CVE-2020-13340 (An issue has been discovered in GitLab affecting all versions prior to ...)
	- gitlab 13.3.9-1
	NOTE: https://about.gitlab.com/releases/2020/11/02/security-release-gitlab-13-5-2-released/
CVE-2020-13339 (An issue has been discovered in GitLab affecting all versions before 1 ...)
	- gitlab 13.2.10-1
CVE-2020-13338 (An issue has been discovered in GitLab affecting versions prior to 12. ...)
	- gitlab 13.2.3-2
	NOTE: https://gitlab.com/gitlab-org/gitlab/-/issues/213273
CVE-2020-13337 (An issue has been discovered in GitLab affecting versions from 12.10 t ...)
	- gitlab <not-affected> (Only affected 12.10 to 12.10.12)
	NOTE: https://gitlab.com/gitlab-org/gitlab/-/issues/199049
CVE-2020-13336 (An issue has been discovered in GitLab affecting versions from 11.8 be ...)
	- gitlab <not-affected> (Only affected 11.x/12.x while unstable on 13.x)
CVE-2020-13335 (Improper group membership validation when deleting a user account in G ...)
	- gitlab 13.2.10-1
CVE-2020-13334 (In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper autho ...)
	- gitlab 13.2.10-1
CVE-2020-13333 (A potential DOS vulnerability was discovered in GitLab versions 13.1,  ...)
	- gitlab 13.2.10-1
CVE-2020-13332
	REJECTED
CVE-2020-13331 (An issue has been discovered in GitLab affecting versions prior to 12. ...)
	- gitlab 13.2.3-2
CVE-2020-13330 (An issue has been discovered in GitLab affecting versions prior to 12. ...)
	- gitlab 13.2.3-2
CVE-2020-13329 (An issue has been discovered in GitLab affecting versions from 12.6.2  ...)
	- gitlab 13.2.3-2
CVE-2020-13328 (An issue has been discovered in GitLab affecting versions prior to 13. ...)
	- gitlab 13.2.3-2
CVE-2020-13327 (An issue has been discovered in GitLab Runner affecting all versions s ...)
	- gitlab-ci-multi-runner <unfixed> (bug #985377)
CVE-2020-13326 (A vulnerability was discovered in GitLab versions prior to 13.1. Under ...)
	- gitlab 13.2.3-2
CVE-2020-13325 (A vulnerability was discovered in GitLab versions prior 13.1. The comm ...)
	- gitlab 13.2.3-2
CVE-2020-13324 (A vulnerability was discovered in GitLab versions prior to 13.1. Under ...)
	- gitlab 13.2.3-2
CVE-2020-13323 (A vulnerability was discovered in GitLab versions prior 13.1. Under ce ...)
	- gitlab 13.2.3-2
CVE-2020-13322 (A vulnerability was discovered in GitLab versions after 12.9. Due to i ...)
	- gitlab 13.2.3-2
CVE-2020-13321 (A vulnerability was discovered in GitLab versions prior to 13.1. Usern ...)
	- gitlab 13.2.3-2
CVE-2020-13320 (An issue has been discovered in GitLab before version 12.10.13 that al ...)
	- gitlab 13.2.3-2
CVE-2020-13319 (An issue has been discovered in GitLab affecting versions prior to 13. ...)
	- gitlab 13.2.3-2
CVE-2020-13318 (A vulnerability was discovered in GitLab versions before 13.0.12, 13.1 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13317 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13316 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13315 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13314 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13313 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13312 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13311 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13310 (A vulnerability was discovered in GitLab runner versions before 13.1.3 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13309 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13308 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13307 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13306 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13305 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13304 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13303 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13302 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13301 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13300 (GitLab before version 13.3.4 was vulnerable to an OAuth authorization  ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13299 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13298 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13297 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13296 (An issue has been discovered in GitLab affecting versions &gt;=10.7 &l ...)
	- gitlab 13.2.6-1
CVE-2020-13295 (For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd ...)
	- gitlab-ci-multi-runner <unfixed> (bug #985377)
	NOTE: https://about.gitlab.com/releases/2020/08/05/gitlab-13-2-3-released/
CVE-2020-13294 (In GitLab before 13.0.12, 13.1.6 and 13.2.3, access grants were not re ...)
	[experimental] - gitlab 13.1.6-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/08/05/gitlab-13-2-3-released/
CVE-2020-13293 (In GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexa ...)
	[experimental] - gitlab 13.1.6-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/08/05/gitlab-13-2-3-released/
CVE-2020-13292 (In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass  ...)
	[experimental] - gitlab 13.1.6-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/08/05/gitlab-13-2-3-released/
CVE-2020-13291 (In GitLab before 13.2.3, project sharing could temporarily allow too p ...)
	- gitlab <not-affected> (Only affects GitLab 13.2 and later)
	NOTE: https://about.gitlab.com/releases/2020/08/05/gitlab-13-2-3-released/
CVE-2020-13290 (In GitLab before 13.0.12, 13.1.6, and 13.2.3, improper access control  ...)
	[experimental] - gitlab 13.1.6-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/08/05/gitlab-13-2-3-released/
CVE-2020-13289 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13288 (In GitLab before 13.0.12, 13.1.6, and 13.2.3, a stored XSS vulnerabili ...)
	- gitlab <not-affected> (Only affects GitLab 13.0 and later)
	NOTE: https://about.gitlab.com/releases/2020/08/05/gitlab-13-2-3-released/
CVE-2020-13287 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13286 (For GitLab before 13.0.12, 13.1.6, 13.2.3 user controlled git configur ...)
	- gitlab <not-affected> (Only affects GitLab 12.7 and later)
	NOTE: https://about.gitlab.com/releases/2020/08/05/gitlab-13-2-3-released/
CVE-2020-13285 (For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting (XSS) ...)
	- gitlab <not-affected> (Only affects GitLab 12.9 and later)
	NOTE: https://about.gitlab.com/releases/2020/08/05/gitlab-13-2-3-released/
CVE-2020-13284 (A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...)
	- gitlab 13.2.8-1
	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
CVE-2020-13283 (For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting vulne ...)
	[experimental] - gitlab 13.1.6-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/08/05/gitlab-13-2-3-released/
CVE-2020-13282 (For GitLab before 13.0.12, 13.1.6, 13.2.3 after a group transfer occur ...)
	[experimental] - gitlab 13.1.6-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/08/05/gitlab-13-2-3-released/
CVE-2020-13281 (For GitLab before 13.0.12, 13.1.6, 13.2.3 a denial of service exists i ...)
	[experimental] - gitlab 13.1.6-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/08/05/gitlab-13-2-3-released/
CVE-2020-13280 (For GitLab before 13.0.12, 13.1.6, 13.2.3 a memory exhaustion flaw exi ...)
	[experimental] - gitlab 13.1.6-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/08/05/gitlab-13-2-3-released/
CVE-2020-13279 (Client side code execution in gitlab-vscode-extension v2.2.0 allows at ...)
	NOT-FOR-US: gitlab-vscode-extension
CVE-2020-13278 (Reflected Cross-Site Scripting vulnerability in Modules.php in Rosario ...)
	NOT-FOR-US: RosarioSIS Student Information System
CVE-2020-13277 (An authorization issue in the mirroring logic allowed read access to p ...)
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/06/10/critical-security-release-13-0-6-released/
CVE-2020-13276 (User is allowed to set an email as a notification email even without v ...)
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/05/27/security-release-13-0-1-released/
CVE-2020-13275 (A user with an unverified email address could request an access to dom ...)
	- gitlab <not-affected> (Only affects GitLab EE/CE 12.2 and later)
CVE-2020-13274 (A security issue allowed achieving Denial of Service attacks through m ...)
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/05/27/security-release-13-0-1-released/
CVE-2020-13273 (A Denial of Service vulnerability allowed exhausting the system resour ...)
	- gitlab <not-affected> (Only affects GitLab 12.0 and later)
	NOTE: https://about.gitlab.com/releases/2020/05/27/security-release-13-0-1-released/
CVE-2020-13272 (OAuth flow missing verification checks CE/EE 12.3 and later through 13 ...)
	- gitlab <not-affected> (Only affects GitLab 12.3 and later)
CVE-2020-13271 (A Stored Cross-Site Scripting vulnerability allowed the execution of a ...)
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/05/27/security-release-13-0-1-released/
CVE-2020-13270 (Missing permission check on fork relation creation in GitLab CE/EE 11. ...)
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/05/27/security-release-13-0-1-released/
CVE-2020-13269 (A Reflected Cross-Site Scripting vulnerability allowed the execution o ...)
	- gitlab <not-affected> (Only affects GitLab 12.10 and later)
	NOTE: https://about.gitlab.com/releases/2020/05/27/security-release-13-0-1-released/
CVE-2020-13268 (A specially crafted request could be used to confirm the existence of  ...)
	- gitlab <not-affected> (Only affects GitLab 12.10 and later)
	NOTE: https://about.gitlab.com/releases/2020/05/27/security-release-13-0-1-released/
CVE-2020-13267 (A Stored Cross-Site Scripting vulnerability allowed the execution on J ...)
	- gitlab <not-affected> (Only affects GitLab 12.8 and later)
	NOTE: https://about.gitlab.com/releases/2020/05/27/security-release-13-0-1-released/
CVE-2020-13266 (Insecure authorization in Project Deploy Keys in GitLab CE/EE 12.8 and ...)
	- gitlab <not-affected> (Only affects GitLab 12.8 and later)
	NOTE: https://about.gitlab.com/releases/2020/05/27/security-release-13-0-1-released/
CVE-2020-13265 (User email verification bypass in GitLab CE/EE 12.5 and later through  ...)
	- gitlab <not-affected> (Only affects GitLab 12.5 and later)
	NOTE: https://about.gitlab.com/releases/2020/05/27/security-release-13-0-1-released/
CVE-2020-13264 (Kubernetes cluster token disclosure in GitLab CE/EE 10.3 and later thr ...)
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/05/27/security-release-13-0-1-released/
CVE-2020-13263 (An authorization issue relating to project maintainer impersonation wa ...)
	- gitlab <not-affected> (Specific to EE)
CVE-2020-13262 (Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 ...)
	- gitlab <not-affected> (Only affects GitLab 12.9 and later)
	NOTE: https://about.gitlab.com/releases/2020/05/27/security-release-13-0-1-released/
CVE-2020-13261 (Amazon EKS credentials disclosure in GitLab CE/EE 12.6 and later throu ...)
	- gitlab <not-affected> (Only affects GitLab 12.6 and later)
	NOTE: https://about.gitlab.com/releases/2020/05/27/security-release-13-0-1-released/
CVE-2020-13260 (A vulnerability in the web-based management interface of RAD SecFlow-1 ...)
	NOT-FOR-US: RAD SecFlow-1v os-image
CVE-2020-13259 (A vulnerability in the web-based management interface of RAD SecFlow-1 ...)
	NOT-FOR-US: RAD SecFlow-1v os-image
CVE-2020-13258 (Contentful through 2020-05-21 for Python allows reflected XSS, as demo ...)
	NOT-FOR-US: Contentful
CVE-2020-13257
	RESERVED
CVE-2020-13256
	RESERVED
CVE-2020-13255
	RESERVED
CVE-2020-13254 (An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0 ...)
	{DSA-4705-1 DLA-2233-1}
	- python-django 2:2.2.13-1 (bug #962323)
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/03/1
	NOTE: https://github.com/django/django/commit/2c82414914ae6476be5a166be9ff49c24d0d9069 (master)
	NOTE: https://github.com/django/django/commit/580bd64c0482ae9b7c05715390e25f4405a12719 (3.1 branch)
	NOTE: https://github.com/django/django/commit/84b2da5552e100ae3294f564f6c862fef8d0e693 (3.0 branch)
	NOTE: https://github.com/django/django/commit/07e59caa02831c4569bbebb9eb773bdd9cb4b206 (2.2 branch)
	NOTE: Regression https://code.djangoproject.com/ticket/31654
CVE-2020-13253 (sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, wh ...)
	{DLA-2373-1}
	- qemu 1:5.0-8 (bug #961297)
	[buster] - qemu <postponed> (Minor issue, revisit when fixed upstream)
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg05835.html
	NOTE: https://www.openwall.com/lists/oss-security/2020/05/27/2
	NOTE: https://bugs.launchpad.net/qemu/+bug/1880822 (reproducer)
	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=790762e5487114341cccc5bffcec4cb3c022c3cd (5.1)
CVE-2020-13252 (Centreon before 19.04.15 allows remote attackers to execute arbitrary  ...)
	- centreon-web <itp> (bug #913903)
CVE-2020-13251
	RESERVED
CVE-2020-13250 (HashiCorp Consul and Consul Enterprise include an HTTP API (introduced ...)
	- consul 1.7.4+dfsg1-1
	[buster] - consul <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md
	NOTE: https://github.com/hashicorp/consul/pull/8023
CVE-2020-13249 (libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not  ...)
	- mariadb-10.3 1:10.3.23-1
	[buster] - mariadb-10.3 1:10.3.23-0+deb10u1
	- mariadb-10.1 <not-affected> (Vulnerable code introduced later)
	NOTE: Fixed by: https://github.com/mariadb-corporation/mariadb-connector-c/commit/2759b87d72926b7c9b5426437a7c8dd15ff57945 (v3.1.8)
	NOTE: Introduced around: https://github.com/mariadb-corporation/mariadb-connector-c/commit/b4efe73c9e725f97b3550371f8a78a10a20bf2fd (v3.0-cc-server-integ-0)
CVE-2020-13248 (BooleBox Secure File Sharing Utility before 4.2.3.0 allows stored XSS  ...)
	NOT-FOR-US: BooleBox Secure File Sharing Utility
CVE-2020-13247 (BooleBox Secure File Sharing Utility before 4.2.3.0 allows CSV injecti ...)
	NOT-FOR-US: BooleBox Secure File Sharing Utility
CVE-2020-13246 (An issue was discovered in Gitea through 1.11.5. An attacker can trigg ...)
	- gitea <removed>
CVE-2020-13245 (Certain NETGEAR devices are affected by Missing SSL Certificate Valida ...)
	NOT-FOR-US: Netgear
CVE-2020-13244
	RESERVED
CVE-2020-13243
	RESERVED
CVE-2020-13242
	RESERVED
CVE-2020-13241 (Microweber 1.1.18 allows Unrestricted File Upload because admin/view:m ...)
	NOT-FOR-US: Microweber
CVE-2020-13240 (The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup doc ...)
	- dolibarr <removed>
CVE-2020-13239 (The DMS/ECM module in Dolibarr 11.0.4 renders user-uploaded .html file ...)
	- dolibarr <removed>
CVE-2020-13238 (Mitsubishi MELSEC iQ-R Series PLCs with firmware 33 allow attackers to ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-13237
	RESERVED
CVE-2020-13236
	RESERVED
CVE-2020-13235
	RESERVED
CVE-2020-13234
	RESERVED
CVE-2020-13233
	RESERVED
CVE-2020-13232
	RESERVED
CVE-2020-13231 (In Cacti before 1.2.11, auth_profile.php?action=edit allows CSRF for a ...)
	- cacti 1.2.11+ds1-1
	[buster] - cacti 1.2.2+ds1-2+deb10u3
	[stretch] - cacti <no-dsa> (Minor issue)
	NOTE: https://github.com/Cacti/cacti/issues/3342
CVE-2020-13230 (In Cacti before 1.2.11, disabling a user account does not immediately  ...)
	- cacti 1.2.11+ds1-1
	[buster] - cacti 1.2.2+ds1-2+deb10u3
	[stretch] - cacti <no-dsa> (Minor issue, Partial patch https://people.debian.org/~abhijith/upload/CVE-2020-13230.patch)
	NOTE: https://github.com/Cacti/cacti/issues/3343
CVE-2020-13229 (An issue was discovered in Sysax Multi Server 6.90. A session can be h ...)
	NOT-FOR-US: Sysax Multi Server
CVE-2020-13228 (An issue was discovered in Sysax Multi Server 6.90. There is reflected ...)
	NOT-FOR-US: Sysax Multi Server
CVE-2020-13227 (An issue was discovered in Sysax Multi Server 6.90. An attacker can de ...)
	NOT-FOR-US: Sysax Multi Server
CVE-2020-13226 (WSO2 API Manager 3.0.0 does not properly restrict outbound network acc ...)
	NOT-FOR-US: WSO2 API Manager
CVE-2020-13225 (phpIPAM 1.4 contains a stored cross site scripting (XSS) vulnerability ...)
	- phpipam <itp> (bug #731713)
	NOTE: https://github.com/phpipam/phpipam/issues/3025
CVE-2020-13224 (TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices throu ...)
	NOT-FOR-US: TP-LINK
CVE-2020-13223 (HashiCorp Vault and Vault Enterprise logged proxy environment variable ...)
	NOT-FOR-US: HashiCorp Vault
CVE-2020-13222
	REJECTED
CVE-2020-13221
	REJECTED
CVE-2020-13220
	REJECTED
CVE-2020-13219
	REJECTED
CVE-2020-13218
	REJECTED
CVE-2020-13217
	REJECTED
CVE-2020-13216
	REJECTED
CVE-2020-13215
	REJECTED
CVE-2020-13214
	REJECTED
CVE-2020-13213
	REJECTED
CVE-2020-13212
	REJECTED
CVE-2020-13211
	REJECTED
CVE-2020-13210
	REJECTED
CVE-2020-13209
	REJECTED
CVE-2020-13208
	REJECTED
CVE-2020-13207
	REJECTED
CVE-2020-13206
	REJECTED
CVE-2020-13205
	REJECTED
CVE-2020-13204
	REJECTED
CVE-2020-13203
	REJECTED
CVE-2020-13202
	REJECTED
CVE-2020-13201
	REJECTED
CVE-2020-13200
	REJECTED
CVE-2020-13199
	REJECTED
CVE-2020-13198
	REJECTED
CVE-2020-13197
	REJECTED
CVE-2020-13196
	REJECTED
CVE-2020-13195
	REJECTED
CVE-2020-13194
	REJECTED
CVE-2020-13193
	REJECTED
CVE-2020-13192
	REJECTED
CVE-2020-13191
	REJECTED
CVE-2020-13190
	REJECTED
CVE-2020-13189
	REJECTED
CVE-2020-13188
	REJECTED
CVE-2020-13187
	REJECTED
CVE-2020-13186 (An Anti CSRF mechanism was discovered missing in the Teradici Cloud Ac ...)
	NOT-FOR-US: Teradici
CVE-2020-13185 (Certain web application pages in the authenticated section of the Tera ...)
	NOT-FOR-US: Teradici
CVE-2020-13184
	RESERVED
CVE-2020-13183 (Reflected Cross Site Scripting in Teradici PCoIP Management Console pr ...)
	NOT-FOR-US: Teradici
CVE-2020-13182
	RESERVED
CVE-2020-13181
	RESERVED
CVE-2020-13180
	RESERVED
CVE-2020-13179 (Broker Protocol messages in Teradici PCoIP Standard Agent for Windows  ...)
	NOT-FOR-US: Teradici
CVE-2020-13178 (A function in the Teradici PCoIP Standard Agent for Windows and Graphi ...)
	NOT-FOR-US: Teradici
CVE-2020-13177 (The support bundler in Teradici PCoIP Standard Agent for Windows and G ...)
	NOT-FOR-US: Teradici
CVE-2020-13176 (The Management Interface of the Teradici Cloud Access Connector and Cl ...)
	NOT-FOR-US: Teradici
CVE-2020-13175 (The Management Interface of the Teradici Cloud Access Connector and Cl ...)
	NOT-FOR-US: Teradici
CVE-2020-13174 (The web server in the Teradici Managament console versions 20.04 and 2 ...)
	NOT-FOR-US: Teradici
CVE-2020-13173 (Initialization of the pcoip_credential_provider in Teradici PCoIP Stan ...)
	NOT-FOR-US: Teradici
CVE-2020-13172
	RESERVED
CVE-2020-13171
	RESERVED
CVE-2020-13170 (HashiCorp Consul and Consul Enterprise did not appropriately enforce s ...)
	- consul 1.7.4+dfsg1-1
	[buster] - consul <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md
	NOTE: https://github.com/hashicorp/consul/pull/8068
CVE-2020-13169 (Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platf ...)
	NOT-FOR-US: SolarWinds
CVE-2020-13168 (SysAid 20.1.11b26 allows reflected XSS via the ForgotPassword.jsp acco ...)
	NOT-FOR-US: SysAid
CVE-2020-13167 (Netsweeper through 6.4.3 allows unauthenticated remote code execution  ...)
	NOT-FOR-US: Netsweeper
CVE-2020-13166 (The management tool in MyLittleAdmin 3.8 allows remote attackers to ex ...)
	NOT-FOR-US: MyLittleAdmin
CVE-2020-13165
	RESERVED
CVE-2020-13164 (In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the ...)
	{DLA-2547-1}
	- wireshark 3.2.4-1 (low)
	[buster] - wireshark 2.6.20-0+deb10u1
	[jessie] - wireshark <postponed> (Can be fixed along with other CVEs)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16476
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e6e98eab8e5e0bbc982cfdc808f2469d7cab6c5a
	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-08.html
CVE-2020-13163 (em-imap 0.5 uses the library eventmachine in an insecure way that allo ...)
	NOT-FOR-US: em-imap
CVE-2020-13162 (A time-of-check time-of-use vulnerability in PulseSecureService.exe in ...)
	NOT-FOR-US: Pulse Secure Client
CVE-2020-13161
	RESERVED
CVE-2020-13160 (AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerab ...)
	NOT-FOR-US: AnyDesk
CVE-2020-13159 (Artica Proxy before 4.30.000000 Community Edition allows OS command in ...)
	NOT-FOR-US: Artica Proxy
CVE-2020-13158 (Artica Proxy before 4.30.000000 Community Edition allows Directory Tra ...)
	NOT-FOR-US: Artica Proxy
CVE-2020-13157 (modules\users\admin\edit.php in NukeViet 4.4 allows CSRF to change a u ...)
	NOT-FOR-US: NukeViet
CVE-2020-13156 (modules\users\admin\add_user.php in NukeViet 4.4 allows CSRF to add a  ...)
	NOT-FOR-US: NukeViet
CVE-2020-13155 (clearsystem.php in NukeViet 4.4 allows CSRF with resultant HTML inject ...)
	NOT-FOR-US: NukeViet
CVE-2020-13154 (Zoho ManageEngine Service Plus before 11.1 build 11112 allows low-priv ...)
	NOT-FOR-US: Zoho
CVE-2020-13153 (app/View/Events/resolved_attributes.ctp in MISP before 2.4.126 has XSS ...)
	NOT-FOR-US: MISP
CVE-2020-13152 (A remote user can create a specially crafted M3U file, media playlist  ...)
	- amarok <removed> (unimportant)
	NOTE: Elevated resource usage in client application, no security impact
CVE-2020-13151 (Aerospike Community Edition 4.9.0.5 allows for unauthenticated submiss ...)
	NOT-FOR-US: Aerospike
CVE-2020-13150 (D-link DSL-2750U ISL2750UEME3.V1E devices allow approximately 90 secon ...)
	NOT-FOR-US: D-link
CVE-2020-13149 (Weak permissions on the "%PROGRAMDATA%\MSI\Dragon Center" folder in Dr ...)
	NOT-FOR-US: Dragon Center
CVE-2020-13148
	RESERVED
CVE-2020-13147
	RESERVED
CVE-2020-13146 (Studio in Open edX Ironwood 2.5 allows CSV injection because an added  ...)
	NOT-FOR-US: Studio in Open edX Ironwood
CVE-2020-13145 (Studio in Open edX Ironwood 2.5 allows users to upload SVG files via t ...)
	NOT-FOR-US: Studio in Open edX Ironwood
CVE-2020-13144 (Studio in Open edX Ironwood 2.5, when CodeJail is not used, allows a u ...)
	NOT-FOR-US: Studio in Open edX Ironwood
CVE-2020-13142
	RESERVED
CVE-2020-13141
	RESERVED
CVE-2020-13140
	RESERVED
CVE-2020-13139
	RESERVED
CVE-2020-13138
	RESERVED
CVE-2020-13137
	RESERVED
CVE-2020-13136 (D-Link DSP-W215 1.26b03 devices send an obfuscated hash that can be re ...)
	NOT-FOR-US: D-Link
CVE-2020-13135 (D-Link DSP-W215 1.26b03 devices allow information disclosure by interc ...)
	NOT-FOR-US: D-Link
CVE-2020-13134 (Tufin SecureChange prior to R19.3 HF3 and R20-1 HF1 are vulnerable to  ...)
	NOT-FOR-US: Tufin SecureChange
CVE-2020-13133 (Tufin SecureChange prior to R19.3 HF3 and R20-1 HF1 are vulnerable to  ...)
	NOT-FOR-US: Tufin SecureChange
CVE-2020-13132 (An issue was discovered in Yubico libykpiv before 2.1.0. An attacker c ...)
	- yubico-piv-tool 2.1.1-1 (bug #972644)
	[stretch] - yubico-piv-tool <not-affected> (Vulnerable code not present)
	NOTE: https://www.yubico.com/support/security-advisories/ysa-2020-02/
	NOTE: https://blog.inhq.net/posts/yubico-libykpiv-vuln/
CVE-2020-13131 (An issue was discovered in Yubico libykpiv before 2.1.0. lib/util.c in ...)
	- yubico-piv-tool 2.1.1-1 (bug #975612)
	[stretch] - yubico-piv-tool <not-affected> (Vulnerable code not present)
	NOTE: https://blog.inhq.net/posts/yubico-libykpiv-vuln/
CVE-2020-13143 (gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linu ...)
	{DSA-4699-1 DSA-4698-1 DLA-2242-1 DLA-2241-1}
	- linux 5.6.14-1
	NOTE: https://git.kernel.org/linus/15753588bcd4bbffae1cca33c8ced5722477fe1f
CVE-2020-13130
	RESERVED
CVE-2020-13129 (An issue was discovered in the stashcat app through 3.9.1 for macOS, W ...)
	NOT-FOR-US: stashcat app for MacOS
CVE-2020-13128 (An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServle ...)
	NOT-FOR-US: Manolo GWTUpload
CVE-2020-13127 (A SQL injection vulnerability at a tpf URI in Loway QueueMetrics befor ...)
	NOT-FOR-US: Loway QueueMetrics
CVE-2020-13126 (An issue was discovered in the Elementor Pro plugin before 2.9.4 for W ...)
	NOT-FOR-US: Elementor Pro plugin for WordPress
CVE-2020-13125 (An issue was discovered in the "Ultimate Addons for Elementor" plugin  ...)
	NOT-FOR-US: "Ultimate Addons for Elementor" plugin for WordPress
CVE-2020-13124 (SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in ...)
	- sabnzbdplus 3.1.1+dfsg-1
	[buster] - sabnzbdplus 2.3.6+dfsg-1+deb10u1
	[stretch] - sabnzbdplus <ignored> (contrib not supported)
	NOTE: https://github.com/sabnzbd/sabnzbd/security/advisories/GHSA-9x87-96gg-33w2
	NOTE: https://github.com/sabnzbd/sabnzbd/commit/dfcba6e2fb37f58fea06b453b1ba258c7f110429
	NOTE: https://github.com/sabnzbd/sabnzbd/commit/73d3f7b5c248fc369de3454fe53e3e93924ebfe3
CVE-2020-13123
	RESERVED
CVE-2020-13122 (The novish command-line interface, included in NoviFlow NoviWare befor ...)
	NOT-FOR-US: Noviflow
CVE-2020-13121 (Submitty through 20.04.01 has an open redirect via authentication/logi ...)
	NOT-FOR-US: Submitty
CVE-2020-13120
	RESERVED
CVE-2020-13119 (ismartgate PRO 1.5.9 is vulnerable to clickjacking. ...)
	NOT-FOR-US: ismartgate PRO
CVE-2020-13118 (An issue was discovered in Mikrotik-Router-Monitoring-System through 2 ...)
	NOT-FOR-US: Mikrotik-Router-Monitoring-System
CVE-2020-13117 (Wavlink WN575A4 and WN579X3 devices through 2020-05-15 allow unauthent ...)
	NOT-FOR-US: Wavlink WN575A4 and WN579X3 devices
CVE-2020-13116 (OpenText Carbonite Server Backup Portal before 8.8.7 allows XSS by an  ...)
	NOT-FOR-US: OpenText Carbonite Server Backup Portal
CVE-2020-13115
	RESERVED
CVE-2020-13114 (An issue was discovered in libexif before 0.6.22. An unrestricted size ...)
	{DLA-2222-1}
	- libexif 0.6.21-9 (bug #961410)
	[buster] - libexif 0.6.21-5.1+deb10u3
	[stretch] - libexif 0.6.21-2+deb9u3
	NOTE: https://github.com/libexif/libexif/commit/e6a38a1a23ba94d139b1fa2cd4519fdcfe3c9bab (0.6.22)
CVE-2020-13113 (An issue was discovered in libexif before 0.6.22. Use of uninitialized ...)
	{DLA-2222-1}
	- libexif 0.6.21-9 (bug #961409)
	[buster] - libexif 0.6.21-5.1+deb10u3
	[stretch] - libexif 0.6.21-2+deb9u3
	NOTE: https://github.com/libexif/libexif/commit/ec412aa4583ad71ecabb967d3c77162760169d1f (0.6.22)
CVE-2020-13112 (An issue was discovered in libexif before 0.6.22. Several buffer over- ...)
	{DLA-2222-1}
	- libexif 0.6.21-9 (bug #961407)
	[buster] - libexif 0.6.21-5.1+deb10u3
	[stretch] - libexif 0.6.21-2+deb9u3
	NOTE: https://github.com/libexif/libexif/commit/435e21f05001fb03f9f186fa7cbc69454afd00d1 (0.6.22)
CVE-2020-13111 (NaviServer 4.99.4 to 4.99.19 allows denial of service due to the nsd/d ...)
	NOT-FOR-US: NaviServer
CVE-2020-13110 (The kerberos package before 1.0.0 for Node.js allows arbitrary code ex ...)
	NOT-FOR-US: Node kerberos
CVE-2020-13109 (Morita Shogi 64 through 2020-05-02 for Nintendo 64 devices allows remo ...)
	NOT-FOR-US: Morita Shogi
CVE-2020-13108
	RESERVED
CVE-2020-13107
	RESERVED
CVE-2020-13106
	RESERVED
CVE-2020-13105
	RESERVED
CVE-2020-13104
	RESERVED
CVE-2020-13103
	RESERVED
CVE-2020-13102
	RESERVED
CVE-2020-13101 (In OASIS Digital Signature Services (DSS) 1.0, an attacker can control ...)
	NOT-FOR-US: OASIS Digital Signature Services (DSS)
CVE-2020-13100 (Arista&#8217;s CloudVision eXchange (CVX) server before 4.21.12M, 4.22 ...)
	NOT-FOR-US: Arista
CVE-2020-13099
	RESERVED
CVE-2020-13098
	RESERVED
CVE-2020-13097
	RESERVED
CVE-2020-13096
	RESERVED
CVE-2020-13095 (Little Snitch version 4.5.1 and older changed ownership of a directory ...)
	NOT-FOR-US: Little Snitch
CVE-2020-13094 (Dolibarr before 11.0.4 allows XSS. ...)
	- dolibarr <removed>
CVE-2020-13093 (iSpyConnect.com Agent DVR before 2.7.1.0 allows directory traversal. ...)
	NOT-FOR-US: iSpyConnect.com Agent DVR
CVE-2020-13092 (** DISPUTED ** scikit-learn (aka sklearn) through 0.23.0 can unseriali ...)
	- scikit-learn <unfixed> (unimportant)
CVE-2020-13091 (** DISPUTED ** pandas through 1.0.3 can unserialize and execute comman ...)
	- pandas <unfixed> (unimportant)
CVE-2020-13090
	RESERVED
CVE-2020-13089
	REJECTED
CVE-2020-13088
	REJECTED
CVE-2020-13087
	REJECTED
CVE-2020-13086
	REJECTED
CVE-2020-13085
	REJECTED
CVE-2020-13084
	REJECTED
CVE-2020-13083
	REJECTED
CVE-2020-13082
	REJECTED
CVE-2020-13081
	REJECTED
CVE-2020-13080
	REJECTED
CVE-2020-13079
	REJECTED
CVE-2020-13078
	REJECTED
CVE-2020-13077
	REJECTED
CVE-2020-13076
	REJECTED
CVE-2020-13075
	REJECTED
CVE-2020-13074
	REJECTED
CVE-2020-13073
	REJECTED
CVE-2020-13072
	REJECTED
CVE-2020-13071
	REJECTED
CVE-2020-13070
	REJECTED
CVE-2020-13069
	REJECTED
CVE-2020-13068
	REJECTED
CVE-2020-13067
	REJECTED
CVE-2020-13066
	REJECTED
CVE-2020-13065
	REJECTED
CVE-2020-13064
	REJECTED
CVE-2020-13063
	REJECTED
CVE-2020-13062
	REJECTED
CVE-2020-13061
	REJECTED
CVE-2020-13060
	REJECTED
CVE-2020-13059
	REJECTED
CVE-2020-13058
	REJECTED
CVE-2020-13057
	REJECTED
CVE-2020-13056
	REJECTED
CVE-2020-13055
	REJECTED
CVE-2020-13054
	REJECTED
CVE-2020-13053
	REJECTED
CVE-2020-13052
	REJECTED
CVE-2020-13051
	REJECTED
CVE-2020-13050
	REJECTED
CVE-2020-13049
	REJECTED
CVE-2020-13048
	REJECTED
CVE-2020-13047
	REJECTED
CVE-2020-13046
	REJECTED
CVE-2020-13045
	REJECTED
CVE-2020-13044
	REJECTED
CVE-2020-13043
	REJECTED
CVE-2020-13042
	REJECTED
CVE-2020-13041
	REJECTED
CVE-2020-13040
	REJECTED
CVE-2020-13039
	REJECTED
CVE-2020-13038
	REJECTED
CVE-2020-13037
	REJECTED
CVE-2020-13036
	REJECTED
CVE-2020-13035
	REJECTED
CVE-2020-13034
	REJECTED
CVE-2020-13033
	REJECTED
CVE-2020-13032
	REJECTED
CVE-2020-13031
	REJECTED
CVE-2020-13030
	REJECTED
CVE-2020-13029
	REJECTED
CVE-2020-13028
	REJECTED
CVE-2020-13027
	REJECTED
CVE-2020-13026
	REJECTED
CVE-2020-13025
	REJECTED
CVE-2020-13024
	REJECTED
CVE-2020-13023
	REJECTED
CVE-2020-13022
	REJECTED
CVE-2020-13021
	REJECTED
CVE-2020-13020
	REJECTED
CVE-2020-13019
	REJECTED
CVE-2020-13018
	REJECTED
CVE-2020-13017
	REJECTED
CVE-2020-13016
	REJECTED
CVE-2020-13015
	REJECTED
CVE-2020-13014
	REJECTED
CVE-2020-13013
	REJECTED
CVE-2020-13012
	REJECTED
CVE-2020-13011
	REJECTED
CVE-2020-13010
	REJECTED
CVE-2020-13009
	REJECTED
CVE-2020-13008
	REJECTED
CVE-2020-13007
	REJECTED
CVE-2020-13006
	REJECTED
CVE-2020-13005
	REJECTED
CVE-2020-13004
	REJECTED
CVE-2020-13003
	REJECTED
CVE-2020-13002
	REJECTED
CVE-2020-13001
	REJECTED
CVE-2020-13000
	REJECTED
CVE-2020-12999
	REJECTED
CVE-2020-12998
	REJECTED
CVE-2020-12997
	REJECTED
CVE-2020-12996
	REJECTED
CVE-2020-12995
	REJECTED
CVE-2020-12994
	REJECTED
CVE-2020-12993
	REJECTED
CVE-2020-12992
	REJECTED
CVE-2020-12991
	REJECTED
CVE-2020-12990
	REJECTED
CVE-2020-12989
	REJECTED
CVE-2020-12988 (A potential denial of service (DoS) vulnerability exists in the integr ...)
	NOT-FOR-US: AMD
CVE-2020-12987 (A heap information leak/kernel pool address disclosure vulnerability i ...)
	NOT-FOR-US: AMD
CVE-2020-12986 (An insufficient pointer validation vulnerability in the AMD Graphics D ...)
	NOT-FOR-US: AMD
CVE-2020-12985 (An insufficient pointer validation vulnerability in the AMD Graphics D ...)
	NOT-FOR-US: AMD
CVE-2020-12984
	REJECTED
CVE-2020-12983 (An out of bounds write vulnerability in the AMD Graphics Driver for Wi ...)
	NOT-FOR-US: AMD
CVE-2020-12982 (An invalid object pointer free vulnerability in the AMD Graphics Drive ...)
	NOT-FOR-US: AMD
CVE-2020-12981 (An insufficient input validation in the AMD Graphics Driver for Window ...)
	NOT-FOR-US: AMD
CVE-2020-12980 (An out of bounds write and read vulnerability in the AMD Graphics Driv ...)
	NOT-FOR-US: AMD
CVE-2020-12979
	REJECTED
CVE-2020-12978
	REJECTED
CVE-2020-12977
	REJECTED
CVE-2020-12976
	REJECTED
CVE-2020-12975
	REJECTED
CVE-2020-12974
	REJECTED
CVE-2020-12973
	REJECTED
CVE-2020-12972
	REJECTED
CVE-2020-12971
	REJECTED
CVE-2020-12970
	REJECTED
CVE-2020-12969
	REJECTED
CVE-2020-12968
	REJECTED
CVE-2020-12967 (The lack of nested page table protection in the AMD SEV/SEV-ES feature ...)
	NOT-FOR-US: AMD
CVE-2020-12966 (AMD EPYC&#8482; Processors contain an information disclosure vulnerabi ...)
	NOT-FOR-US: AMD
CVE-2020-12965 (When combined with specific software sequences, AMD CPUs may transient ...)
	NOT-FOR-US: AMD
CVE-2020-12964 (A potential privilege escalation/denial of service issue exists in the ...)
	NOT-FOR-US: Intel / AMD
CVE-2020-12963 (An insufficient pointer validation vulnerability in the AMD Graphics D ...)
	NOT-FOR-US: Intel / AMD
CVE-2020-12962 (Escape call interface in the AMD Graphics Driver for Windows may cause ...)
	NOT-FOR-US: AMD
CVE-2020-12961 (A potential vulnerability exists in AMD Platform Security Processor (P ...)
	NOT-FOR-US: AMD
CVE-2020-12960 (AMD Graphics Driver for Windows 10, amdfender.sys may improperly handl ...)
	NOT-FOR-US: AMD
CVE-2020-12959
	REJECTED
CVE-2020-12958
	REJECTED
CVE-2020-12957
	REJECTED
CVE-2020-12956
	REJECTED
CVE-2020-12955
	REJECTED
CVE-2020-12954 (A side effect of an integrated chipset option may be able to be used b ...)
	NOT-FOR-US: AMD
CVE-2020-12953
	REJECTED
CVE-2020-12952
	REJECTED
CVE-2020-12951 (Race condition in PSP FW could allow less privileged x86 code to perfo ...)
	NOT-FOR-US: AMD
CVE-2020-12950
	REJECTED
CVE-2020-12949
	REJECTED
CVE-2020-12948
	REJECTED
CVE-2020-12947
	REJECTED
CVE-2020-12946 (Insufficient input validation in PSP firmware for discrete TPM command ...)
	NOT-FOR-US: AMD
CVE-2020-12945
	REJECTED
CVE-2020-12944 (Insufficient validation of BIOS image length by PSP Firmware could lea ...)
	NOT-FOR-US: AMD
CVE-2020-12943
	REJECTED
CVE-2020-12942
	REJECTED
CVE-2020-12941
	REJECTED
CVE-2020-12940
	RESERVED
CVE-2020-12939
	REJECTED
CVE-2020-12938
	REJECTED
CVE-2020-12937
	REJECTED
CVE-2020-12936
	REJECTED
CVE-2020-12935
	REJECTED
CVE-2020-12934
	REJECTED
CVE-2020-12933 (A denial of service vulnerability exists in the D3DKMTEscape handler f ...)
	NOT-FOR-US: AMD ATIKMDAG.SYS
CVE-2020-12932
	RESERVED
CVE-2020-12931
	RESERVED
CVE-2020-12930
	RESERVED
CVE-2020-12929 (Improper parameters validation in some trusted applications of the PSP ...)
	NOT-FOR-US: AMD
CVE-2020-12928 (A vulnerability in a dynamically loaded AMD driver in AMD Ryzen Master ...)
	NOT-FOR-US: AMD Ryzen Master
CVE-2020-12927 (A potential vulnerability in a dynamically loaded AMD driver in AMD VB ...)
	NOT-FOR-US: AMD
CVE-2020-12926 (The Trusted Platform Modules (TPM) reference software may not properly ...)
	NOT-FOR-US: AMD
CVE-2020-12925
	REJECTED
CVE-2020-12924
	REJECTED
CVE-2020-12923
	REJECTED
CVE-2020-12922
	REJECTED
CVE-2020-12921
	REJECTED
CVE-2020-12920 (A potential denial of service issue exists in the AMD Display driver E ...)
	NOT-FOR-US: AMD
CVE-2020-12919
	REJECTED
CVE-2020-12918
	REJECTED
CVE-2020-12917
	REJECTED
CVE-2020-12916
	REJECTED
CVE-2020-12915
	REJECTED
CVE-2020-12914
	REJECTED
CVE-2020-12913
	REJECTED
CVE-2020-12912 (A potential vulnerability in the AMD extension to Linux "hwmon" servic ...)
	- linux 5.9.9-1 (unimportant)
	[buster] - linux <not-affected> (Vulnerable driver introduced later)
	[stretch] - linux <not-affected> (Vulnerable driver introduced later)
	NOTE: https://lore.kernel.org/stable/238e3cf7-582f-a265-5300-9b44948107b0@roeck-us.net/T/#ma48754bff34127867149bf466fc2f9c2deea3960
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1897402
	NOTE: https://support.lenovo.com/lu/uk/product_security/LEN-50481
	NOTE: CONFIG_SENSORS_AMD_ENERGY not enabled in Debian builds
CVE-2020-12911 (A denial of service vulnerability exists in the D3DKMTCreateAllocation ...)
	NOT-FOR-US: AMD ATIKMDAG.SYS
CVE-2020-12910
	REJECTED
CVE-2020-12909
	REJECTED
CVE-2020-12908
	REJECTED
CVE-2020-12907
	REJECTED
CVE-2020-12906
	REJECTED
CVE-2020-12905 (Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3 ...)
	NOT-FOR-US: Intel / AMD
CVE-2020-12904 (Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3 ...)
	NOT-FOR-US: Intel / AMD
CVE-2020-12903 (Out of Bounds Write and Read in AMD Graphics Driver for Windows 10 in  ...)
	NOT-FOR-US: Intel / AMD
CVE-2020-12902 (Arbitrary Decrement Privilege Escalation in AMD Graphics Driver for Wi ...)
	NOT-FOR-US: Intel / AMD
CVE-2020-12901 (Arbitrary Free After Use in AMD Graphics Driver for Windows 10 may lea ...)
	NOT-FOR-US: Intel / AMD
CVE-2020-12900 (An arbitrary write vulnerability in the AMD Radeon Graphics Driver for ...)
	NOT-FOR-US: Intel / AMD
CVE-2020-12899 (Arbitrary Read in AMD Graphics Driver for Windows 10 may lead to KASLR ...)
	NOT-FOR-US: Intel / AMD
CVE-2020-12898 (Stack Buffer Overflow in AMD Graphics Driver for Windows 10 may lead t ...)
	NOT-FOR-US: Intel / AMD
CVE-2020-12897 (Kernel Pool Address disclosure in AMD Graphics Driver for Windows 10 m ...)
	NOT-FOR-US: Intel / AMD
CVE-2020-12896
	REJECTED
CVE-2020-12895 (Pool/Heap Overflow in AMD Graphics Driver for Windows 10 in Escape 0x1 ...)
	NOT-FOR-US: Intel / AMD
CVE-2020-12894 (Arbitrary Write in AMD Graphics Driver for Windows 10 in Escape 0x4001 ...)
	NOT-FOR-US: Intel / AMD
CVE-2020-12893 (Stack Buffer Overflow in AMD Graphics Driver for Windows 10 in Escape  ...)
	NOT-FOR-US: Intel / AMD
CVE-2020-12892 (An untrusted search path in AMD Radeon settings Installer may lead to  ...)
	NOT-FOR-US: Intel / AMD
CVE-2020-12891 (AMD Radeon Software may be vulnerable to DLL Hijacking through path va ...)
	NOT-FOR-US: AMD
CVE-2020-12890 (Improper handling of pointers in the System Management Mode (SMM) hand ...)
	NOT-FOR-US: AMD
CVE-2020-12889 (MISP MISP-maltego 1.4.4 incorrectly shares a MISP connection across us ...)
	NOT-FOR-US: MISP
CVE-2020-12888 (The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles atte ...)
	{DLA-2420-1 DLA-2385-1}
	- linux 5.8.7-1
	[buster] - linux 4.19.146-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1836244
CVE-2020-12887 (Memory leaks were discovered in the CoAP library in Arm Mbed OS 5.15.3 ...)
	NOT-FOR-US: Mbed CoAP (diffrent from src:mbedtls)
CVE-2020-12886 (A buffer over-read was discovered in the CoAP library in Arm Mbed OS 5 ...)
	NOT-FOR-US: Mbed CoAP (diffrent from src:mbedtls)
CVE-2020-12885 (An infinite loop was discovered in the CoAP library in Arm Mbed OS 5.1 ...)
	NOT-FOR-US: Mbed CoAP (diffrent from src:mbedtls)
CVE-2020-12884 (A buffer over-read was discovered in the CoAP library in Arm Mbed OS 5 ...)
	NOT-FOR-US: Mbed CoAP (diffrent from src:mbedtls)
CVE-2020-12883 (Buffer over-reads were discovered in the CoAP library in Arm Mbed OS 5 ...)
	NOT-FOR-US: Mbed CoAP (diffrent from src:mbedtls)
CVE-2020-12882 (Submitty through 20.04.01 allows XSS via upload of an SVG document, as ...)
	NOT-FOR-US: Submitty
CVE-2020-12881
	RESERVED
CVE-2020-12880 (An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect ...)
	NOT-FOR-US: Pulse
CVE-2020-12879
	RESERVED
CVE-2020-12878 (Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate pr ...)
	NOT-FOR-US: Digi ConnectPort X2e
CVE-2020-12877 (Veritas APTARE versions prior to 10.4 allowed sensitive information to ...)
	NOT-FOR-US: Veritas
CVE-2020-12876 (Veritas APTARE versions prior to 10.4 allowed remote users to access s ...)
	NOT-FOR-US: Veritas
CVE-2020-12875 (Veritas APTARE versions prior to 10.4 did not perform adequate authori ...)
	NOT-FOR-US: Veritas
CVE-2020-12874 (Veritas APTARE versions prior to 10.4 included code that bypassed the  ...)
	NOT-FOR-US: Veritas
CVE-2020-12873 (An issue was discovered in Alfresco Enterprise Content Management (ECM ...)
	NOT-FOR-US: Alfresco Enterprise Content Management (ECM)
CVE-2020-12872 (yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS  ...)
	- erlang 1:21.2.6+dfsg-1 (low)
	[stretch] - erlang 1:19.2.1+dfsg-2+deb9u3
	[jessie] - erlang <no-dsa> (Minor issue)
	NOTE: https://medium.com/@charlielabs101/cve-2020-12872-df315411aa70
	NOTE: https://github.com/erlyaws/yaws/issues/402
	NOTE: In Debian yaws uses the cipher settings from erlang, mark the version which
	NOTE: landed in Buster as fixed (although it was possibly fixed earlier between
	NOTE: Stretch and Buster. The CVE was assigned specifically for yaws, cf. #961422
	NOTE: for discussion.
CVE-2020-12871
	RESERVED
CVE-2020-12870 (RainbowFish PacsOne Server 6.8.4 allows SQL injection on the username  ...)
	NOT-FOR-US: RainbowFish PacsOne Server
CVE-2020-12869 (RainbowFish PacsOne Server 6.8.4 allows XSS. ...)
	NOT-FOR-US: RainbowFish PacsOne Server
CVE-2020-12868
	RESERVED
CVE-2020-12867 (A NULL pointer dereference in sanei_epson_net_read in SANE Backends be ...)
	{DLA-2332-1 DLA-2231-1}
	[experimental] - sane-backends 1.0.30-1~experimental1
	- sane-backends 1.0.31-2 (bug #961302)
	[buster] - sane-backends <no-dsa> (Minor issue)
	NOTE: https://gitlab.com/sane-project/backends/-/issues/279
	NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-1-ghsl-2020-075-null-pointer-dereference-in-sanei_epson_net_read
	NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
	NOTE: https://gitlab.com/sane-project/backends/-/commit/fff83e7eacd0f27bb2d71c42488e0fd735c15ac3 (1.0.30)
CVE-2020-12866 (A NULL pointer dereference in SANE Backends before 1.0.30 allows a mal ...)
	[experimental] - sane-backends 1.0.30-1~experimental1
	- sane-backends 1.0.31-2 (bug #961302)
	[buster] - sane-backends <no-dsa> (Minor issue)
	[stretch] - sane-backends <ignored> (already mitigated, auto-discovery for unsupported network access added in 1.0.27)
	[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
	NOTE: https://gitlab.com/sane-project/backends/-/issues/279
	NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-2-ghsl-2020-079-null-pointer-dereference-in-epsonds_net_read
	NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
	NOTE: https://gitlab.com/sane-project/backends/-/commit/30b1831a28f24ab2921b9f717c66d37f02bb81cc (1.0.30, disable unsupported network access)
	NOTE: https://gitlab.com/sane-project/backends/-/merge_requests/500 (prospective network code fix)
CVE-2020-12865 (A heap buffer overflow in SANE Backends before 1.0.30 may allow a mali ...)
	{DLA-2332-1}
	[experimental] - sane-backends 1.0.30-1~experimental1
	- sane-backends 1.0.31-2 (bug #961302)
	[buster] - sane-backends <no-dsa> (Minor issue)
	[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
	NOTE: https://gitlab.com/sane-project/backends/-/issues/279
	NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-9-ghsl-2020-084-buffer-overflow-in-esci2_img
	NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
	NOTE: https://gitlab.com/sane-project/backends/-/commit/b9b0173409df73e235da2aa0dae5edd21fb55967 (1.0.30)
CVE-2020-12864 (An out-of-bounds read in SANE Backends before 1.0.30 may allow a malic ...)
	[experimental] - sane-backends 1.0.30-1~experimental1
	- sane-backends 1.0.31-2 (bug #961302)
	[buster] - sane-backends <no-dsa> (Minor issue)
	[stretch] - sane-backends <ignored> (already mitigated, auto-discovery for unsupported network access added in 1.0.27)
	[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
	NOTE: https://gitlab.com/sane-project/backends/-/issues/279
	NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-4-ghsl-2020-081-reading-uninitialized-data-in-epsonds_net_read
	NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
	NOTE: https://gitlab.com/sane-project/backends/-/commit/30b1831a28f24ab2921b9f717c66d37f02bb81cc (1.0.30, disable unsupported network access)
	NOTE: https://gitlab.com/sane-project/backends/-/merge_requests/500 (prospective network code fix)
CVE-2020-12863 (An out-of-bounds read in SANE Backends before 1.0.30 may allow a malic ...)
	{DLA-2332-1}
	[experimental] - sane-backends 1.0.30-1~experimental1
	- sane-backends 1.0.31-2 (bug #961302)
	[buster] - sane-backends <no-dsa> (Minor issue)
	[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
	NOTE: https://gitlab.com/sane-project/backends/-/issues/279
	NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-7-ghsl-2020-083-out-of-bounds-read-in-esci2_check_header
	NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
	NOTE: https://gitlab.com/sane-project/backends/-/commit/db9480b09ea807e52029f2334769a55d4b95e45b (1.0.30)
CVE-2020-12862 (An out-of-bounds read in SANE Backends before 1.0.30 may allow a malic ...)
	{DLA-2332-1}
	[experimental] - sane-backends 1.0.30-1~experimental1
	- sane-backends 1.0.31-2 (bug #961302)
	[buster] - sane-backends <no-dsa> (Minor issue)
	[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
	NOTE: https://gitlab.com/sane-project/backends/-/issues/279
	NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-5-ghsl-2020-082-out-of-bounds-read-in-decode_binary
	NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
	NOTE: https://gitlab.com/sane-project/backends/-/commit/27ea994d23ee52fe1ec1249c92ebc1080a358288 (1.0.30)
CVE-2020-12861 (A heap buffer overflow in SANE Backends before 1.0.30 allows a malicio ...)
	[experimental] - sane-backends 1.0.30-1~experimental1
	- sane-backends 1.0.31-2 (bug #961302)
	[buster] - sane-backends <no-dsa> (Minor issue)
	[stretch] - sane-backends <ignored> (already mitigated, auto-discovery for unsupported network access added in 1.0.27)
	[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
	NOTE: https://gitlab.com/sane-project/backends/-/issues/279
	NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-3-ghsl-2020-080-heap-buffer-overflow-in-epsonds_net_read
	NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
	NOTE: https://gitlab.com/sane-project/backends/-/commit/30b1831a28f24ab2921b9f717c66d37f02bb81cc (1.0.30, disable unsupported network access)
	NOTE: https://gitlab.com/sane-project/backends/-/merge_requests/500 (prospective network code fix)
CVE-2020-12860 (COVIDSafe through v1.0.17 allows a remote attacker to access phone nam ...)
	NOT-FOR-US: COVIDSafe
CVE-2020-12859 (Unnecessary fields in the OpenTrace/BlueTrace protocol in COVIDSafe th ...)
	NOT-FOR-US: COVIDSafe
CVE-2020-12858 (Non-reinitialisation of random data in the advertising payload in COVI ...)
	NOT-FOR-US: COVIDSafe
CVE-2020-12857 (Caching of GATT characteristic values (TempID) in COVIDSafe v1.0.15 an ...)
	NOT-FOR-US: COVIDSafe
CVE-2020-12856 (OpenTrace, as used in COVIDSafe through v1.0.17, TraceTogether, ABTrac ...)
	NOT-FOR-US: COVIDSafe
CVE-2020-12855 (A Host header injection vulnerability has been discovered in SecZetta  ...)
	NOT-FOR-US: SecZetta NEProfile
CVE-2020-12854 (A remote code execution vulnerability was identified in SecZetta NEPro ...)
	NOT-FOR-US: SecZetta NEProfile
CVE-2020-12853 (Pydio Cells 2.0.4 allows XSS. A malicious user can either upload or cr ...)
	NOT-FOR-US: Pydio Cells
CVE-2020-12852 (The update feature for Pydio Cells 2.0.4 allows an administrator user  ...)
	NOT-FOR-US: Pydio Cells
CVE-2020-12851 (Pydio Cells 2.0.4 allows an authenticated user to write or overwrite e ...)
	NOT-FOR-US: Pydio Cells
CVE-2020-12850 (The following vulnerability applies only to the Pydio Cells Enterprise ...)
	NOT-FOR-US: Pydio Cells
CVE-2020-12849 (Pydio Cells 2.0.4 allows any user to upload a profile image to the web ...)
	NOT-FOR-US: Pydio Cells
CVE-2020-12848 (In Pydio Cells 2.0.4, once an authenticated user shares a file selecti ...)
	NOT-FOR-US: Pydio Cells
CVE-2020-12847 (Pydio Cells 2.0.4 web application offers an administrative console nam ...)
	NOT-FOR-US: Pydio Cells
CVE-2020-12846 (Zimbra before 8.8.15 Patch 10 and 9.x before 9.0.0 Patch 3 allows remo ...)
	NOT-FOR-US: Zimbra
CVE-2020-12845 (Cherokee 0.4.27 to 1.2.104 is affected by a denial of service due to a ...)
	- cherokee <removed>
CVE-2020-12844
	RESERVED
CVE-2020-12843 (ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the f ...)
	NOT-FOR-US: ismartgate PRO
CVE-2020-12842 (ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appendin ...)
	NOT-FOR-US: ismartgate PRO
CVE-2020-12841 (ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attacker ...)
	NOT-FOR-US: ismartgate PRO
CVE-2020-12840 (ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attacker ...)
	NOT-FOR-US: ismartgate PRO
CVE-2020-12839 (ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appendin ...)
	NOT-FOR-US: ismartgate PRO
CVE-2020-12838 (ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appendin ...)
	NOT-FOR-US: ismartgate PRO
CVE-2020-12837 (ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the f ...)
	NOT-FOR-US: ismartgate PRO
CVE-2020-12836
	RESERVED
CVE-2020-12835 (An issue was discovered in SmartBear ReadyAPI SoapUI Pro 3.2.5. Due to ...)
	NOT-FOR-US: SmartBear ReadyAPI SoapUI Pro
CVE-2020-12834 (eQ-3 Homematic Central Control Unit (CCU)2 through 2.51.6 and CCU3 thr ...)
	NOT-FOR-US: eQ-3 Homematic Central Control Unit
CVE-2020-12833
	RESERVED
CVE-2020-12832 (WordPress Plugin Simple File List before 4.2.8 is prone to a vulnerabi ...)
	NOT-FOR-US: simple-file-list plugin for WordPress
CVE-2020-12831 (** DISPUTED ** An issue was discovered in FRRouting FRR (aka Free Rang ...)
	- frr <unfixed> (unimportant)
	NOTE: https://github.com/FRRouting/frr/pull/6383
	NOTE: https://github.com/FRRouting/frr/commit/7734484a378052a513c9e21165c13bf85f78ad48
CVE-2020-12830 (Addressed multiple stack buffer overflow vulnerabilities that could al ...)
	NOT-FOR-US: Western Digital My Cloud devices
CVE-2020-12829 (In QEMU through 5.0.0, an integer overflow was found in the SM501 disp ...)
	{DSA-4760-1}
	- qemu 1:5.0-12 (low; bug #961451)
	[stretch] - qemu <not-affected> (SM501 only compiled for misc/sh4 where it's not enabled as a graphics device yet; intrusive)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1808510
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1786026
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=b15a22bbcbe6a78dc3d88fe3134985e4cdd87de4
CVE-2020-12828 (An issue was discovered in AnchorFree VPN SDK before 1.3.3.218. The VP ...)
	NOT-FOR-US: AnchorFree VPN SDK
CVE-2020-12827 (MJML prior to 4.6.3 contains a path traversal vulnerability when proce ...)
	NOT-FOR-US: MJML
CVE-2020-12826 (A signal access-control issue was discovered in the Linux kernel befor ...)
	{DLA-2241-1}
	- linux 5.6.7-1
	[buster] - linux 4.19.118-1
	[stretch] - linux 4.9.228-1
	NOTE: https://git.kernel.org/linus/d1e7fd6462ca9fc76650fbe6ca800e35b24267da
CVE-2020-12825 (libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any ...)
	- libcroco <removed> (low; bug #960527)
	[buster] - libcroco <ignored> (Minor issue)
	[stretch] - libcroco <ignored> (Minor issue)
	[jessie] - libcroco <ignored> (Minor issue)
	NOTE: https://gitlab.gnome.org/GNOME/libcroco/-/issues/8
CVE-2020-12824 (Pexip Infinity 23.x before 23.3 has improper input validation, leading ...)
	NOT-FOR-US: Pexip Infinity
CVE-2020-12823 (OpenConnect 8.09 has a buffer overflow, causing a denial of service (a ...)
	{DLA-2212-1}
	- openconnect 8.10-1 (unimportant; bug #960620)
	NOTE: https://gitlab.com/openconnect/openconnect/-/merge_requests/108
	NOTE: Only triggerable by local certs, which are under the control of the user
CVE-2020-12822
	RESERVED
CVE-2020-12821 (Gossipsub 1.0 does not properly resist invalid message spam, such as a ...)
	NOT-FOR-US: Gossipsub
CVE-2020-12820
	RESERVED
CVE-2020-12819
	RESERVED
CVE-2020-12818 (An insufficient logging vulnerability in FortiGate before 6.4.1 may al ...)
	NOT-FOR-US: FortiGuard
CVE-2020-12817 (An improper neutralization of input vulnerability in FortiAnalyzer bef ...)
	NOT-FOR-US: FortiGuard
CVE-2020-12816 (An improper neutralization of input vulnerability in FortiNAC before 8 ...)
	NOT-FOR-US: FortiGuard
CVE-2020-12815 (An improper neutralization of input vulnerability in FortiTester befor ...)
	NOT-FOR-US: FortiGuard
CVE-2020-12814 (A improper neutralization of input during web page generation ('cross- ...)
	NOT-FOR-US: Fortiguard
CVE-2020-12813
	RESERVED
CVE-2020-12812 (An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0,  ...)
	NOT-FOR-US: Fortinet
CVE-2020-12811 (An improper neutralization of script-related HTML tags in a web page i ...)
	NOT-FOR-US: FortiGuard
CVE-2020-12810
	RESERVED
CVE-2020-12809
	RESERVED
CVE-2020-12808
	RESERVED
CVE-2020-12807
	RESERVED
CVE-2020-12806
	RESERVED
CVE-2020-12805
	RESERVED
CVE-2020-12804
	RESERVED
CVE-2020-12803 (ODF documents can contain forms to be filled out by the user. Similar  ...)
	- libreoffice 1:6.4.4-1 (low)
	[buster] - libreoffice <ignored> (Minor issue)
	[stretch] - libreoffice <ignored> (Minor issue)
	[jessie] - libreoffice <ignored> (Minor issue)
	NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12803
CVE-2020-12802 (LibreOffice has a 'stealth mode' in which only documents from location ...)
	- libreoffice 1:6.4.4-1 (low)
	[buster] - libreoffice <ignored> (Minor issue)
	[stretch] - libreoffice <ignored> (Minor issue)
	[jessie] - libreoffice <no-dsa> (Minor issue)
	NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12802
CVE-2020-12801 (If LibreOffice has an encrypted document open and crashes, that docume ...)
	- libreoffice 1:6.4.3-1 (low)
	[buster] - libreoffice <ignored> (Minor issue)
	[stretch] - libreoffice <ignored> (Minor issue)
	[jessie] - libreoffice <no-dsa> (Minor issue)
	NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12801
CVE-2020-12800 (The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1. ...)
	NOT-FOR-US: drag-and-drop-multiple-file-upload-contact-form-7 plugin for WordPress
CVE-2020-12799
	RESERVED
CVE-2020-12798 (Cellebrite UFED 5.0 to 7.5.0.845 implements local operating system pol ...)
	NOT-FOR-US: Cellebrite UFED
CVE-2020-12797 (HashiCorp Consul and Consul Enterprise failed to enforce changes to le ...)
	- consul 1.7.4+dfsg1-1
	[buster] - consul <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md
	NOTE: https://github.com/hashicorp/consul/pull/8047
CVE-2020-12796
	RESERVED
CVE-2020-12795
	RESERVED
CVE-2020-12794
	RESERVED
CVE-2020-12793
	RESERVED
CVE-2020-12792
	RESERVED
CVE-2020-12791
	RESERVED
CVE-2020-12790 (In the SEOmatic plugin before 3.2.49 for Craft CMS, helpers/DynamicMet ...)
	NOT-FOR-US: SEOmatic plugin for Craft CMS
CVE-2020-12789 (The Secure Monitor in Microchip Atmel ATSAMA5 products use a hardcoded ...)
	NOT-FOR-US: Microchip Atmel ATSAMA5 products
CVE-2020-12788 (CMAC verification functionality in Microchip Atmel ATSAMA5 products is ...)
	NOT-FOR-US: Microchip Atmel ATSAMA5 products
CVE-2020-12787 (Microchip Atmel ATSAMA5 products in Secure Mode allow an attacker to b ...)
	NOT-FOR-US: Microchip Atmel ATSAMA5 products
CVE-2020-12786
	RESERVED
CVE-2020-12785 (cPanel before 86.0.14 allows attackers to obtain access to the current ...)
	NOT-FOR-US: cPanel
CVE-2020-12784 (cPanel before 86.0.14 allows remote attackers to trigger a bandwidth s ...)
	NOT-FOR-US: cPanel
CVE-2020-12782 (Openfind MailGates contains a Command Injection flaw, when receiving e ...)
	NOT-FOR-US: Openfind MailGates
CVE-2020-12781 (Combodo iTop contains a cross-site request forgery (CSRF) vulnerabilit ...)
	NOT-FOR-US: Combodo iTop
CVE-2020-12780 (A security misconfiguration exists in Combodo iTop, which can expose s ...)
	NOT-FOR-US: Combodo iTop
CVE-2020-12779 (Combodo iTop contains a stored Cross-site Scripting vulnerability, whi ...)
	NOT-FOR-US: Combodo iTop
CVE-2020-12778 (Combodo iTop does not validate inputted parameters, attackers can inje ...)
	NOT-FOR-US: Combodo iTop
CVE-2020-12777 (A function in Combodo iTop contains a vulnerability of Broken Access C ...)
	NOT-FOR-US: Combodo iTop
CVE-2020-12776 (Openfind Mail2000 contains Broken Access Control vulnerability, which  ...)
	NOT-FOR-US: Openfind Mail2000
CVE-2020-12775
	RESERVED
CVE-2020-12774 (D-Link DSL-7740C does not properly validate user input, which allows a ...)
	NOT-FOR-US: D-Link
CVE-2020-12773 (A security misconfiguration vulnerability exists in the SDK of some Re ...)
	NOT-FOR-US: Realtek ADSL/PON Modem SoC firmware
CVE-2020-12783 (Exim through 4.93 has an out-of-bounds read in the SPA authenticator t ...)
	{DSA-4687-1 DLA-2213-1}
	- exim4 4.93-16
	NOTE: https://bugs.exim.org/show_bug.cgi?id=2571
	NOTE: https://git.exim.org/exim.git/commitdiff/57aa14b216432be381b6295c312065b2fd034f86
	NOTE: https://git.exim.org/exim.git/commitdiff/a04174dc2a84ae1008c23b6a7109e7fa3fb7b8b0
CVE-2020-12772 (An issue was discovered in Ignite Realtime Spark 2.8.3 (and the ROAR p ...)
	NOT-FOR-US: Ignite Realtime Spark
CVE-2020-12767 (exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by ...)
	{DLA-2214-1}
	- libexif 0.6.21-7 (bug #960199)
	[buster] - libexif 0.6.21-5.1+deb10u2
	[stretch] - libexif 0.6.21-2+deb9u2
	NOTE: https://github.com/libexif/libexif/issues/31
	NOTE: https://github.com/libexif/libexif/commit/e22f73064f804c94e90b642cd0db4697c827da72
CVE-2020-XXXX [unspecified fexsrv security issue]
	- fex 20160919-2
	[buster] - fex 20160919-2~deb10u1
	[stretch] - fex 20160919-2~deb9u1
CVE-2020-12771 (An issue was discovered in the Linux kernel through 5.6.11. btree_gc_c ...)
	{DLA-2420-1 DLA-2323-1}
	- linux 5.7.6-1
	[buster] - linux 4.19.131-1
	NOTE: https://lkml.org/lkml/2020/4/26/87
	NOTE: https://git.kernel.org/linus/be23e837333a914df3f24bf0b32e87b0331ab8d1 (5.8-rc2)
CVE-2020-12770 (An issue was discovered in the Linux kernel through 5.6.11. sg_write l ...)
	{DSA-4699-1 DSA-4698-1 DLA-2242-1 DLA-2241-1}
	- linux 5.6.14-1
	NOTE: https://git.kernel.org/linus/83c6f2390040f188cc25b270b4befeb5628c1aee (5.7-rc3)
CVE-2020-12769 (An issue was discovered in the Linux kernel before 5.4.17. drivers/spi ...)
	{DLA-2241-1}
	- linux 5.4.19-1
	[buster] - linux 4.19.118-1
	[stretch] - linux 4.9.228-1
	NOTE: https://git.kernel.org/linus/19b61392c5a852b4e8a0bf35aecb969983c5932d (5.5-rc6)
CVE-2020-12768 (** DISPUTED ** An issue was discovered in the Linux kernel before 5.6. ...)
	{DSA-4699-1}
	- linux 5.6.7-1 (unimportant)
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	[jessie] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://git.kernel.org/linus/d80b64ff297e40c2b6f7d7abc1b3eba70d22a068 (5.6-rc4)
CVE-2020-12766 (Gnuteca 3.8 allows action=main:search:simpleSearch SQL Injection via t ...)
	NOT-FOR-US: Gnuteca
CVE-2020-12765 (Solis Miolo 2.0 allows index.php?module=install&amp;action=view&amp;it ...)
	NOT-FOR-US: Solis Miolo
CVE-2020-12764 (Gnuteca 3.8 allows file.php?folder=/&amp;file= Directory Traversal. ...)
	NOT-FOR-US: Gnuteca
CVE-2020-12763 (TRENDnet ProView Wireless camera TV-IP512WN 1.0R 1.0.4 is vulnerable t ...)
	NOT-FOR-US: TRENDnet ProView
CVE-2020-12762 (json-c through 0.14 has an integer overflow and out-of-bounds write vi ...)
	{DSA-4741-1 DLA-2301-1 DLA-2228-2 DLA-2228-1}
	- json-c 0.13.1+dfsg-8 (bug #960326)
	NOTE: https://github.com/json-c/json-c/pull/592
	NOTE: https://github.com/json-c/json-c/commit/099016b7e8d70a6d5dd814e788bba08d33d48426
	NOTE: https://github.com/json-c/json-c/commit/77d935b7ae7871a1940cd827e850e6063044ec45
	NOTE: https://github.com/json-c/json-c/commit/d07b91014986900a3a75f306d302e13e005e9d67
	NOTE: https://github.com/json-c/json-c/commit/519dfe1591d85432986f9762d41d1a883198c157
	NOTE: https://github.com/json-c/json-c/commit/a59d5acfab4485d5133114df61785b1fc633e0c6
	NOTE: d07b91014986 ("Fix integer overflows.") introduces a regression tracked as:
	NOTE: https://github.com/json-c/json-c/issues/599
	NOTE: https://github.com/json-c/json-c/pull/610
	NOTE: Working backports for older branches: https://github.com/json-c/json-c/pull/608
CVE-2020-12761 (modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow ( ...)
	- imlib2 1.6.1-2 (bug #960192)
	[buster] - imlib2 <not-affected> (Vulnerable code introduced later)
	[stretch] - imlib2 <not-affected> (Vulnerable code introduced later)
	[jessie] - imlib2 <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?id=c95f938ff1effaf91729c050a0f1c8684da4dd63
CVE-2020-12760 (An issue was discovered in OpenNMS Horizon before 26.0.1, and Meridian ...)
	- opennms <itp> (bug #450615)
CVE-2020-12759 (Zulip Server before 2.1.5 allows reflected XSS via the Dropbox webhook ...)
	- zulip-server <itp> (bug #800052)
CVE-2020-12758 (HashiCorp Consul and Consul Enterprise could crash when configured wit ...)
	- consul 1.7.4+dfsg1-1
	[buster] - consul <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md
	NOTE: https://github.com/hashicorp/consul/pull/7783
CVE-2020-12757 (HashiCorp Vault and Vault Enterprise 1.4.0 and 1.4.1, when configured  ...)
	NOT-FOR-US: HashiCorp Vault
CVE-2020-12756
	RESERVED
CVE-2020-12755 (fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras t ...)
	- kio-extras 4:20.08.3-1 (low; bug #960306)
	[buster] - kio-extras <no-dsa> (Minor issue)
	[stretch] - kio-extras <no-dsa> (Minor issue)
	NOTE: https://github.com/KDE/kio-extras/commit/d813cef3cecdec9af1532a40d677a203ff979145
CVE-2020-12754 (An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-12753 (An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-12752 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-12751 (An issue was discovered on Samsung mobile devices with O(8.X), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-12750 (An issue was discovered on Samsung mobile devices with Q(10.0) softwar ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-12749 (An issue was discovered on Samsung mobile devices with P(9.0) (Exynos  ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-12748 (An issue was discovered on Samsung mobile devices with Q(10.0) softwar ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-12747 (An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-12746 (An issue was discovered on Samsung mobile devices with O(8.X), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-12745 (An issue was discovered on Samsung mobile devices with Q(10.0) softwar ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-12744
	RESERVED
CVE-2020-12743 (An issue was discovered in Gazie 7.32. A successful installation does  ...)
	NOT-FOR-US: Gazie
CVE-2020-12742 (The iubenda-cookie-law-solution plugin before 2.3.5 for WordPress does ...)
	NOT-FOR-US: iubenda-cookie-law-solution plugin for WordPress
CVE-2020-12741
	RESERVED
CVE-2020-12740 (tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-rea ...)
	- tcpreplay 4.3.3-1 (unimportant)
	[jessie] - tcpreplay <not-affected> (Vulnerable code added later)
	NOTE: https://github.com/appneta/tcpreplay/issues/576
	NOTE: https://github.com/appneta/tcpreplay/pull/590
	NOTE: Fixed with: https://github.com/appneta/tcpreplay/issues/578
	NOTE: --fuzz-seed in PoC not present until version 4.2.0
	NOTE: Crash in CLI tool, no security impact
CVE-2020-12739 (A denial-of-service vulnerability in the Fanuc i Series CNC (0i-MD and ...)
	NOT-FOR-US: Fanuc i Series CNC
CVE-2020-12738
	RESERVED
CVE-2020-12737 (An issue was discovered in Maxum Rumpus before 8.2.12 on macOS. Authen ...)
	NOT-FOR-US: Maxum Rumpus
CVE-2020-12736 (Code42 environments with on-premises server versions 7.0.4 and earlier ...)
	NOT-FOR-US: Code42
CVE-2020-12735 (reset.php in DomainMOD 4.13.0 uses insufficient entropy for password r ...)
	NOT-FOR-US: DomainMOD
CVE-2020-12734 (DEPSTECH WiFi Digital Microscope 3 allows remote attackers to change t ...)
	NOT-FOR-US: DEPSTECH WiFi Digital Microscope
CVE-2020-12733 (Certain Shenzhen PENGLIXIN components on DEPSTECH WiFi Digital Microsc ...)
	NOT-FOR-US: DEPSTECH WiFi Digital Microscope
CVE-2020-12732 (DEPSTECH WiFi Digital Microscope 3 has a default SSID of Jetion_xxxxxx ...)
	NOT-FOR-US: DEPSTECH WiFi Digital Microscope
CVE-2020-12731 (The MagicMotion Flamingo 2 application for Android stores data on an s ...)
	NOT-FOR-US: MagicMotion Flamingo 2 application for Android
CVE-2020-12730 (MagicMotion Flamingo 2 lacks BLE encryption, enabling data sniffing an ...)
	NOT-FOR-US: MagicMotion Flamingo 2
CVE-2020-12729 (MagicMotion Flamingo 2 has a lack of access control for reading from d ...)
	NOT-FOR-US: MagicMotion Flamingo 2
CVE-2020-12728
	RESERVED
CVE-2020-12727
	RESERVED
CVE-2020-12726
	RESERVED
CVE-2020-12725 (Havoc Research discovered an authenticated Server-Side Request Forgery ...)
	NOT-FOR-US: Redash
CVE-2020-12724
	RESERVED
CVE-2020-12723 (regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted ...)
	- perl 5.30.3-1 (bug #962005)
	[buster] - perl 5.28.1-6+deb10u1
	[stretch] - perl 5.24.1-3+deb9u7
	NOTE: https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a (v5.30.3)
CVE-2020-12722
	RESERVED
CVE-2020-12721
	RESERVED
CVE-2020-12720 (vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6 ...)
	NOT-FOR-US: vBulletin
CVE-2020-12719 (XXE during an EventPublisher update can occur in Management Console in ...)
	NOT-FOR-US: WSO2
CVE-2020-12718 (In administration/comments.php in PHP-Fusion 9.03.50, an authenticated ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-12717 (The COVIDSafe (Australia) app 1.0 and 1.1 for iOS allows a remote atta ...)
	NOT-FOR-US: COVIDSafe (Australia) app
CVE-2020-12716
	RESERVED
CVE-2020-12715 (RainbowFish PacsOne Server 6.8.4 has Incorrect Access Control. ...)
	NOT-FOR-US: RainbowFish PacsOne Server
CVE-2020-12714 (An issue was discovered in CipherMail Community Gateway Virtual Applia ...)
	NOT-FOR-US: CipherMail
CVE-2020-12713 (An issue was discovered in CipherMail Community Gateway and Profession ...)
	NOT-FOR-US: CipherMail
CVE-2020-12712 (A vulnerability based on insecure user/password encryption in the JOE  ...)
	NOT-FOR-US: SOS JobScheduler
CVE-2020-12711
	RESERVED
CVE-2020-12710
	RESERVED
CVE-2020-12709
	RESERVED
CVE-2020-12708 (Multiple cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 al ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-12707 (An XSS vulnerability exists in modules/wysiwyg/save.php of LeptonCMS 4 ...)
	NOT-FOR-US: LeptonCMS
CVE-2020-12706 (Multiple Cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 al ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-12705 (Multiple cross-site scripting (XSS) vulnerabilities exist in LeptonCMS ...)
	NOT-FOR-US: LeptonCMS
CVE-2020-12704 (UliCMS before 2020.2 has PageController stored XSS. ...)
	NOT-FOR-US: UliCMS
CVE-2020-12703 (UliCMS before 2020.2 has XSS during PackageController uninstall. ...)
	NOT-FOR-US: UliCMS
CVE-2020-12702 (Weak encryption in the Quick Pairing mode in the eWeLink mobile applic ...)
	NOT-FOR-US: eWeLink mobile application
CVE-2020-12701
	RESERVED
CVE-2020-12700 (The direct_mail extension through 5.2.3 for TYPO3 allows Information D ...)
	NOT-FOR-US: Typo3 extension
CVE-2020-12699 (The direct_mail extension through 5.2.3 for TYPO3 has an Open Redirect ...)
	NOT-FOR-US: Typo3 extension
CVE-2020-12698 (The direct_mail extension through 5.2.3 for TYPO3 has Broken Access Co ...)
	NOT-FOR-US: Typo3 extension
CVE-2020-12697 (The direct_mail extension through 5.2.3 for TYPO3 allows Denial of Ser ...)
	NOT-FOR-US: Typo3 extension
CVE-2020-12696 (The iframe plugin before 4.5 for WordPress does not sanitize a URL. ...)
	NOT-FOR-US: iframe plugin for WordPress
CVE-2020-12695 (The Open Connectivity Foundation UPnP specification before 2020-04-17  ...)
	{DSA-4898-1 DSA-4806-1 DLA-2489-1 DLA-2318-1 DLA-2315-1}
	- wpa 2:2.9.0-16 (bug #976106)
	- gupnp 1.2.3-1
	[buster] - gupnp 1.0.5-0+deb10u1
	- minidlna 1.2.1+dfsg-3 (bug #976594)
	- pupnp-1.8 <unfixed> (bug #983206)
	[bullseye] - pupnp-1.8 <no-dsa> (Minor issue)
	[buster] - pupnp-1.8 <no-dsa> (Minor issue)
	- libupnp <removed>
	[stretch] - libupnp <no-dsa> (Invasive change, hard to backport; chances of regression)
	NOTE: https://w1.fi/security/2020-1/upnp-subscribe-misbehavior-wps-ap.txt
	NOTE: https://w1.fi/security/2020-1/0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch
	NOTE: https://w1.fi/security/2020-1/0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch
	NOTE: https://w1.fi/security/2020-1/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch
	NOTE: https://sourceforge.net/p/minidlna/git/ci/06ee114731612462eb1eb1266f0431ccf59269d2 (v1_3_0)
	NOTE: https://github.com/pupnp/pupnp/commit/5f76bf2858dd601bd985bf37a1db9f262c0ff7bf (release-1.14.0)
	NOTE: https://github.com/pupnp/pupnp/commit/7b3f0f5f497f9f493c82307af495b87fa9ebdacb (release-1.14.0)
CVE-2020-12694
	RESERVED
CVE-2020-12693 (Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare c ...)
	{DSA-4841-1 DLA-2886-1}
	- slurm-wlm <not-affected> (Fixed with first upload to Debian with renamed source package)
	- slurm-llnl <removed> (bug #961406)
	[jessie] - slurm-llnl <not-affected> (Message Aggregation added in 14.11)
	NOTE: https://www.schedmd.com/news.php?id=236
	NOTE: https://lists.schedmd.com/pipermail/slurm-announce/2020/000036.html
	NOTE: Issue affects systems with Message Aggregation enabled
	NOTE: slurm-wlm/20.02.6-1 changed the source package name and included the fix
CVE-2020-12688
	RESERVED
CVE-2020-12687 (An issue was discovered in Serpico before 1.3.3. The /admin/attacments ...)
	NOT-FOR-US: Serpico
CVE-2020-12686
	RESERVED
CVE-2020-12685 (XSS in the admin help system admin/help.html and admin/quicklinks.html ...)
	NOT-FOR-US: Interchange
CVE-2020-12684 (XXE injection can occur in i-net Clear Reports 2019 19.0.287 (Designer ...)
	NOT-FOR-US: i-net Clear Reports
CVE-2020-12683 (Katyshop2 before 2.12 has multiple stored XSS issues. ...)
	NOT-FOR-US: Katyshop2
CVE-2020-12682
	RESERVED
CVE-2020-12681 (Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices  ...)
	NOT-FOR-US: 3xLogic Infinias eIDC32 devices
CVE-2020-12680 (** DISPUTED ** Avira Free Antivirus through 15.0.2005.1866 allows loca ...)
	NOT-FOR-US: Avira Free Antivirus
CVE-2020-12679 (A reflected cross-site scripting (XSS) vulnerability in the Mitel Shor ...)
	NOT-FOR-US: Mitel
CVE-2020-12678
	REJECTED
CVE-2020-12677 (An issue was discovered in Progress MOVEit Automation Web Admin. A Web ...)
	NOT-FOR-US: Progress MOVEit Automation Web Admin
CVE-2020-12676 (FusionAuth fusionauth-samlv2 0.2.3 allows remote attackers to forge me ...)
	NOT-FOR-US: FusionAuth
CVE-2020-12675 (The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPr ...)
	NOT-FOR-US: mappress-google-maps-for-wordpress plugin for WordPress
CVE-2020-12692 (An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0. ...)
	{DSA-4679-1}
	- keystone 2:17.0.0~rc2-1 (bug #959900)
	[stretch] - keystone <end-of-life> (Not supported in stretch LTS)
	[jessie] - keystone <end-of-life> (Not supported in Jessie LTS)
	NOTE: https://bugs.launchpad.net/keystone/+bug/1872737
	NOTE: https://www.openwall.com/lists/oss-security/2020/05/06/4
CVE-2020-12691 (An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0. ...)
	{DSA-4679-1}
	- keystone 2:17.0.0~rc2-1 (bug #959900)
	[stretch] - keystone <end-of-life> (Not supported in stretch LTS)
	[jessie] - keystone <end-of-life> (Not supported in Jessie LTS)
	NOTE: https://bugs.launchpad.net/keystone/+bug/1872733
	NOTE: https://www.openwall.com/lists/oss-security/2020/05/06/5
CVE-2020-12690 (An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0. ...)
	{DSA-4679-1}
	- keystone 2:17.0.0~rc2-1 (bug #959900)
	[stretch] - keystone <end-of-life> (Not supported in stretch LTS)
	[jessie] - keystone <end-of-life> (Not supported in Jessie LTS)
	NOTE: https://bugs.launchpad.net/keystone/+bug/1873290
	NOTE: https://www.openwall.com/lists/oss-security/2020/05/06/6
CVE-2020-12674 (In Dovecot before 2.3.11.3, sending a specially formatted RPA request  ...)
	{DSA-4745-1 DLA-2328-1}
	- dovecot 1:2.3.11.3+dfsg1-1 (bug #968302)
	NOTE: https://www.openwall.com/lists/oss-security/2020/08/12/3
	NOTE: https://github.com/dovecot/core/commit/69ad3c902ea4bbf9f21ab1857d8923f975dc6145
CVE-2020-12673 (In Dovecot before 2.3.11.3, sending a specially formatted NTLM request ...)
	{DSA-4745-1 DLA-2328-1}
	- dovecot 1:2.3.11.3+dfsg1-1 (bug #968302)
	NOTE: https://www.openwall.com/lists/oss-security/2020/08/12/2
	NOTE: https://github.com/dovecot/core/commit/fb246611e62ad8c5a95b0ca180a63f17aa34b0d8
CVE-2020-12689 (An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0. ...)
	{DSA-4679-1}
	- keystone 2:17.0.0~rc2-1 (bug #959900)
	[stretch] - keystone <end-of-life> (Not supported in stretch LTS)
	[jessie] - keystone <end-of-life> (Not supported in Jessie)
	NOTE: https://bugs.launchpad.net/keystone/+bug/1872735
	NOTE: https://www.openwall.com/lists/oss-security/2020/05/06/5
CVE-2020-12672 (GraphicsMagick through 1.3.35 has a heap-based buffer overflow in Read ...)
	{DLA-2902-1 DLA-2236-1}
	- graphicsmagick 1.4+really1.3.35-2 (bug #960000)
	[buster] - graphicsmagick <postponed> (Minor issue; can be fixed along in future DSA)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19025
	NOTE: Fixed by: https://sourceforge.net/p/graphicsmagick/code/ci/50395430a37188d0d197e71bd85ed6dd0f649ee3/
CVE-2020-12671
	RESERVED
CVE-2020-12670 (XSS exists in Webmin 1.941 and earlier affecting the Save function of  ...)
	- webmin <removed>
CVE-2020-12669 (core/get_menudiv.php in Dolibarr before 11.0.4 allows remote authentic ...)
	- dolibarr <removed>
CVE-2020-12668 (Jinjava before 2.5.4 allow access to arbitrary classes by calling Java ...)
	NOT-FOR-US: Jinjava
CVE-2020-12667 (Knot Resolver before 5.1.1 allows traffic amplification via a crafted  ...)
	- knot-resolver 5.1.1-0.1 (bug #961076)
	[buster] - knot-resolver <no-dsa> (Minor issue; can be fixed via point release)
	NOTE: https://en.blog.nic.cz/2020/05/19/nxnsattack-upgrade-resolvers-to-stop-new-kind-of-random-subdomain-attack/
	NOTE: commit: https://gitlab.labs.nic.cz/knot/knot-resolver/-/commit/54f05e4d7b2e47c0bdd30b84272fc503cc65304b
	NOTE: commit: https://gitlab.labs.nic.cz/knot/knot-resolver/-/commit/ba7b89db780fe3884b4e90090318e25ee5afb118
CVE-2020-12666 (macaron before 1.3.7 has an open redirect in the static handler, as de ...)
	NOT-FOR-US: macaron
CVE-2020-12665
	RESERVED
CVE-2020-12664
	RESERVED
CVE-2020-12663 (Unbound before 1.10.1 has an infinite loop via malformed DNS answers r ...)
	{DSA-4694-1 DLA-2556-1}
	- unbound 1.10.1-1
	[stretch] - unbound <end-of-life> (No longer supported, see DSA 4694)
	[jessie] - unbound <end-of-life> (No longer supported)
	NOTE: https://nlnetlabs.nl/downloads/unbound/CVE-2020-12662_2020-12663.txt
	NOTE: Patch: https://nlnetlabs.nl/downloads/unbound/patch_cve_2020-12662_2020-12663.diff
CVE-2020-12662 (Unbound before 1.10.1 has Insufficient Control of Network Message Volu ...)
	{DSA-4694-1 DLA-2556-1}
	- unbound 1.10.1-1
	[stretch] - unbound <end-of-life> (No longer supported, see DSA 4694)
	[jessie] - unbound <end-of-life> (No longer supported)
	NOTE: https://nlnetlabs.nl/downloads/unbound/CVE-2020-12662_2020-12663.txt
	NOTE: Patch: https://nlnetlabs.nl/downloads/unbound/patch_cve_2020-12662_2020-12663.diff
CVE-2020-12661
	RESERVED
CVE-2020-12660
	RESERVED
CVE-2020-12659 (An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg ...)
	- linux 5.6.7-1
	[buster] - linux 4.19.118-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/99e3a236dd43d06c65af0a2ef9cb44306aef6e02 (5.7-rc2)
CVE-2020-12658 (** DISPUTED ** gssproxy (aka gss-proxy) before 0.8.3 does not unlock c ...)
	{DLA-2516-1}
	- gssproxy <unfixed> (unimportant; bug #978931)
	NOTE: https://github.com/gssapi/gssproxy/commit/cb761412e299ef907f22cd7c4146d50c8a792003 (v0.8.3)
	NOTE: code change in question only happens in a shutdown path.
CVE-2020-12657 (An issue was discovered in the Linux kernel before 5.6.5. There is a u ...)
	- linux 5.6.7-1
	[buster] - linux 4.19.118-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/2f95fa5c955d0a9987ffdc3a095e2f4e62c5f2a9 (5.7-rc1)
CVE-2020-12656 (** DISPUTED ** gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c  ...)
	- linux 5.7.6-1 (unimportant)
	[buster] - linux 4.19.131-1
	[stretch] - linux 4.9.228-1
	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=206651
	NOTE: Issue is triggered only at module reloading / rebinding
CVE-2020-12655 (An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c ...)
	{DLA-2420-1 DLA-2323-1}
	- linux 5.6.14-1
	[buster] - linux 4.19.131-1
	NOTE: https://git.kernel.org/linus/d0c7feaf87678371c2c09b3709400be416b2dc62 (5.7-rc1)
CVE-2020-12654 (An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_s ...)
	{DSA-4698-1 DLA-2242-1 DLA-2241-1}
	- linux 5.5.13-1
	[buster] - linux 4.19.118-1
	NOTE: https://git.kernel.org/linus/3a9b153c5591548612c3955c9600a98150c81875 (5.6-rc1)
CVE-2020-12653 (An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_appen ...)
	{DSA-4698-1 DLA-2242-1 DLA-2241-1}
	- linux 5.5.13-1
	[buster] - linux 4.19.118-1
	NOTE: https://git.kernel.org/linus/b70261a288ea4d2f4ac7cd04be08a9f0f2de4f4d (5.6-rc1)
CVE-2020-12652 (The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the  ...)
	{DSA-4698-1 DLA-2242-1 DLA-2241-1}
	- linux 5.4.19-1
	[buster] - linux 4.19.98-1
	NOTE: https://git.kernel.org/linus/28d76df18f0ad5bcf5fa48510b225f0ed262a99b (5.5-rc7)
CVE-2020-12651 (SecureCRT before 8.7.2 allows remote attackers to execute arbitrary co ...)
	NOT-FOR-US: SecureCRT
CVE-2020-12650
	REJECTED
CVE-2020-12649 (Gurbalib through 2020-04-30 allows lib/cmds/player/help.c directory tr ...)
	NOT-FOR-US: Gurbalib
CVE-2020-12648 (A cross-site scripting (XSS) vulnerability in TinyMCE 5.2.1 and earlie ...)
	- tinymce <removed> (bug #972642)
	[buster] - tinymce <no-dsa> (Minor issue)
	[stretch] - tinymce <ignored> (Vulnerable code not present and not reproducible)
	NOTE: https://labs.bishopfox.com/advisories/tinymce-version-5.2.1
CVE-2020-12647 (Unisys ALGOL Compiler 58.1 before 58.1a.15, 59.1 before 59.1a.9, and 6 ...)
	NOT-FOR-US: Unisys ALGOL Compiler
CVE-2020-12646 (OX App Suite 7.10.3 and earlier allows XSS via text/x-javascript, text ...)
	NOT-FOR-US: OX App Suite
CVE-2020-12645 (OX App Suite 7.10.1 to 7.10.3 has improper input validation for rate l ...)
	NOT-FOR-US: OX App Suite
CVE-2020-12644 (OX App Suite 7.10.3 and earlier allows SSRF, related to the mail accou ...)
	NOT-FOR-US: OX App Suite
CVE-2020-12643 (OX App Suite 7.10.3 and earlier has Incorrect Access Control via an /a ...)
	NOT-FOR-US: OX App Suite
CVE-2020-12642 (An issue was discovered in service-api before 4.3.12 and 5.x before 5. ...)
	NOT-FOR-US: Report Portal
CVE-2020-12641 (rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to  ...)
	- roundcube 1.4.4+dfsg.1-1 (unimportant)
	[buster] - roundcube 1.3.11+dfsg.1-1~deb10u1
	NOTE: https://github.com/roundcube/roundcubemail/commit/fcfb099477f353373c34c8a65c9035b06b364db3
	NOTE: https://roundcube.net/news/2020/04/29/security-updates-1.4.4-1.3.11-and-1.2.10
CVE-2020-12640 (Roundcube Webmail before 1.4.4 allows attackers to include local files ...)
	- roundcube 1.4.4+dfsg.1-1 (unimportant)
	[buster] - roundcube 1.3.11+dfsg.1-1~deb10u1
	NOTE: https://github.com/roundcube/roundcubemail/commit/814eadb699e8576ce3a78f21e95bf69a7c7b3794
	NOTE: https://roundcube.net/news/2020/04/29/security-updates-1.4.4-1.3.11-and-1.2.10
CVE-2020-12639 (phpList before 3.5.3 allows XSS, with resultant privilege elevation, v ...)
	- phplist <itp> (bug #612288)
CVE-2020-12638 (An encryption-bypass issue was discovered on Espressif ESP-IDF devices ...)
	NOT-FOR-US: Espressif
CVE-2020-12637 (Zulip Desktop before 5.2.0 has Missing SSL Certificate Validation beca ...)
	NOT-FOR-US: Zulip Desktop
CVE-2020-12636
	RESERVED
CVE-2020-12635 (XSS exists in the WebForms Pro M2 extension before 2.9.17 for Magento  ...)
	NOT-FOR-US: WebForms Pro M2 extension for Magento
CVE-2020-12634
	RESERVED
CVE-2020-12633
	RESERVED
CVE-2020-12632
	RESERVED
CVE-2020-12631
	RESERVED
CVE-2020-12630
	RESERVED
CVE-2020-12629 (include/class.sla.php in osTicket before 1.14.2 allows XSS via the SLA ...)
	NOT-FOR-US: osTicket
CVE-2020-12628
	RESERVED
CVE-2020-12627 (Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j ...)
	NOT-FOR-US: Calibre-Web
CVE-2020-12624 (The League application before 2020-05-02 on Android sends a bearer tok ...)
	NOT-FOR-US: League
CVE-2020-12623
	RESERVED
CVE-2020-12622
	RESERVED
CVE-2020-12621 (The Teamwire application 5.3.0 for Android allows physically proximate ...)
	NOT-FOR-US: Teamwire application for Android
CVE-2020-12620 (Pi-hole 4.4 allows a user able to write to /etc/pihole/dns-servers.con ...)
	NOT-FOR-US: Pi-hole
CVE-2020-12619 (MailMate before 1.11 automatically imported S/MIME certificates and th ...)
	NOT-FOR-US: MailMate
CVE-2020-12618 (eM Client before 7.2.33412.0 automatically imported S/MIME certificate ...)
	NOT-FOR-US: eM Client
CVE-2020-12617
	RESERVED
CVE-2020-12616
	RESERVED
CVE-2020-12615
	RESERVED
CVE-2020-12614
	RESERVED
CVE-2020-12613
	RESERVED
CVE-2020-12612
	RESERVED
CVE-2020-12611
	RESERVED
CVE-2020-12610
	RESERVED
CVE-2020-12609
	RESERVED
CVE-2020-12608 (An issue was discovered in SolarWinds MSP PME (Patch Management Engine ...)
	NOT-FOR-US: SolarWinds
CVE-2020-12607 (An issue was discovered in fastecdsa before 2.1.2. When using the NIST ...)
	NOT-FOR-US: fastecdsa
CVE-2020-12606 (An issue was discovered in DB Soft SGLAC before 20.05.001. The Procedi ...)
	NOT-FOR-US: DB Soft
CVE-2020-12605 (Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive  ...)
	- envoyproxy <itp> (bug #987544)
CVE-2020-12604 (Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to incr ...)
	- envoyproxy <itp> (bug #987544)
CVE-2020-12603 (Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive  ...)
	- envoyproxy <itp> (bug #987544)
CVE-2020-12602
	RESERVED
CVE-2020-12601
	RESERVED
CVE-2020-12600
	RESERVED
CVE-2020-12599
	RESERVED
CVE-2020-12598
	RESERVED
CVE-2020-12597
	RESERVED
CVE-2020-12596
	RESERVED
CVE-2020-12595 (An information disclosure flaw allows a malicious, authenticated, priv ...)
	NOT-FOR-US: Symantec
CVE-2020-12594 (A privilege escalation flaw allows a malicious, authenticated, privile ...)
	NOT-FOR-US: Symantec
CVE-2020-12593 (Symantec Endpoint Detection &amp; Response, prior to 4.5, may be susce ...)
	NOT-FOR-US: Symantec
CVE-2020-12592
	RESERVED
CVE-2020-12591
	RESERVED
CVE-2020-12590
	RESERVED
CVE-2020-12589
	RESERVED
CVE-2020-12588
	RESERVED
CVE-2020-12587
	RESERVED
CVE-2020-12586
	RESERVED
CVE-2020-12585
	RESERVED
CVE-2020-12584
	RESERVED
CVE-2020-12583
	RESERVED
CVE-2020-12582
	RESERVED
CVE-2020-12581
	RESERVED
CVE-2020-12580
	RESERVED
CVE-2020-12579
	RESERVED
CVE-2020-12578
	RESERVED
CVE-2020-12577
	RESERVED
CVE-2020-12576
	RESERVED
CVE-2020-12575
	RESERVED
CVE-2020-12574
	RESERVED
CVE-2020-12573
	RESERVED
CVE-2020-12572
	RESERVED
CVE-2020-12571
	RESERVED
CVE-2020-12570
	RESERVED
CVE-2020-12569
	RESERVED
CVE-2020-12568
	RESERVED
CVE-2020-12567
	RESERVED
CVE-2020-12566
	RESERVED
CVE-2020-12565
	RESERVED
CVE-2020-12564
	RESERVED
CVE-2020-12563
	RESERVED
CVE-2020-12562
	RESERVED
CVE-2020-12561
	RESERVED
CVE-2020-12560
	RESERVED
CVE-2020-12559
	RESERVED
CVE-2020-12558
	RESERVED
CVE-2020-12557
	RESERVED
CVE-2020-12556
	RESERVED
CVE-2020-12555
	RESERVED
CVE-2020-12554
	RESERVED
CVE-2020-12553
	RESERVED
CVE-2020-12552
	RESERVED
CVE-2020-12551
	RESERVED
CVE-2020-12550
	RESERVED
CVE-2020-12549
	RESERVED
CVE-2020-12548
	RESERVED
CVE-2020-12547
	RESERVED
CVE-2020-12546
	RESERVED
CVE-2020-12545
	RESERVED
CVE-2020-12544
	RESERVED
CVE-2020-12543
	RESERVED
CVE-2020-12542
	RESERVED
CVE-2020-12541
	RESERVED
CVE-2020-12540
	RESERVED
CVE-2020-12539
	RESERVED
CVE-2020-12538
	RESERVED
CVE-2020-12537
	RESERVED
CVE-2020-12536
	RESERVED
CVE-2020-12535
	RESERVED
CVE-2020-12534
	RESERVED
CVE-2020-12533
	RESERVED
CVE-2020-12532
	RESERVED
CVE-2020-12531
	RESERVED
CVE-2020-12530 (An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT ...)
	NOT-FOR-US: MB connect software
CVE-2020-12529 (An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT ...)
	NOT-FOR-US: MB connect software
CVE-2020-12528 (An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT ...)
	NOT-FOR-US: MB connect software
CVE-2020-12527 (An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT ...)
	NOT-FOR-US: MB connect software
CVE-2020-12526 (TwinCAT OPC UA Server in versions up to 2.3.0.12 and IPC Diagnostics U ...)
	NOT-FOR-US: TwinCAT OPC UA Server
CVE-2020-12525 (M&amp;M Software fdtCONTAINER Component in versions below 3.5.20304.x  ...)
	NOT-FOR-US: M&M Software fdtCONTAINER Component
CVE-2020-12524 (Uncontrolled Resource Consumption can be exploited to cause the Phoeni ...)
	NOT-FOR-US: Phoenix Contact HMIs BTP
CVE-2020-12523 (On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get  ...)
	NOT-FOR-US: Phoenix Contact mGuard Devices
CVE-2020-12522 (The reported vulnerability allows an attacker who has network access t ...)
	NOT-FOR-US: WAGO
CVE-2020-12521 (On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS  ...)
	NOT-FOR-US: Phoenix Contact PLCnext Control Devices
CVE-2020-12520
	RESERVED
CVE-2020-12519 (On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS  ...)
	NOT-FOR-US: Phoenix Contact PLCnext Control Devices
CVE-2020-12518 (On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS  ...)
	NOT-FOR-US: Phoenix Contact PLCnext Control Devices
CVE-2020-12517 (On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS  ...)
	NOT-FOR-US: Phoenix Contact PLCnext Control Devices
CVE-2020-12516 (Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88 ...)
	NOT-FOR-US: WAGO
CVE-2020-12515
	RESERVED
CVE-2020-12514 (Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is pr ...)
	NOT-FOR-US: Pepperl+Fuchs Comtrol IO-Link Master
CVE-2020-12513 (Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is pr ...)
	NOT-FOR-US: Pepperl+Fuchs Comtrol IO-Link Master
CVE-2020-12512 (Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is pr ...)
	NOT-FOR-US: Pepperl+Fuchs Comtrol IO-Link Master
CVE-2020-12511 (Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is pr ...)
	NOT-FOR-US: Pepperl+Fuchs Comtrol IO-Link Master
CVE-2020-12510 (The default installation path of the TwinCAT XAR 3.1 software in all v ...)
	NOT-FOR-US: Beckhoff
CVE-2020-12509
	RESERVED
CVE-2020-12508
	RESERVED
CVE-2020-12507
	RESERVED
CVE-2020-12506 (Improper Authentication vulnerability in WAGO 750-8XX series with FW v ...)
	NOT-FOR-US: WAGO
CVE-2020-12505 (Improper Authentication vulnerability in WAGO 750-8XX series with FW v ...)
	NOT-FOR-US: WAGO
CVE-2020-12504 (Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol Rock ...)
	NOT-FOR-US: Pepperl+Fuchs
CVE-2020-12503 (Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol Rock ...)
	NOT-FOR-US: Pepperl+Fuchs
CVE-2020-12502 (Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol Rock ...)
	NOT-FOR-US: Pepperl+Fuchs
CVE-2020-12501 (Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol Rock ...)
	NOT-FOR-US: Pepperl+Fuchs
CVE-2020-12500 (Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol Rock ...)
	NOT-FOR-US: Pepperl+Fuchs
CVE-2020-12499 (In PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and earlier an im ...)
	NOT-FOR-US: PHOENIX CONTACT PLCnext Engineer
CVE-2020-12498 (mwe file parsing in Phoenix Contact PC Worx and PC Worx Express versio ...)
	NOT-FOR-US: Phoenix
CVE-2020-12497 (PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Expres ...)
	NOT-FOR-US: Phoenix
CVE-2020-12496 (Endress+Hauser Ecograph T (Neutral/Private Label) (RSG35, ORSG35) and  ...)
	NOT-FOR-US: Endress+Hauser
CVE-2020-12495 (Endress+Hauser Ecograph T (Neutral/Private Label) (RSG35, ORSG35) with ...)
	NOT-FOR-US: Endress+Hauser
CVE-2020-12494 (Beckhoff's TwinCAT RT network driver for Intel 8254x and 8255x is prov ...)
	NOT-FOR-US: Beckhoff
CVE-2020-12493 (An open port used for debugging in SWARCOs CPU LS4000 Series with vers ...)
	NOT-FOR-US: SWARCOs CPU LS4000 Series
CVE-2020-12492
	RESERVED
CVE-2020-12491
	RESERVED
CVE-2020-12490
	RESERVED
CVE-2020-12489
	RESERVED
CVE-2020-12488 (The attacker can access the sensitive information stored within the jo ...)
	NOT-FOR-US: Vivo
CVE-2020-12487
	RESERVED
CVE-2020-12486
	RESERVED
CVE-2020-12485 (The frame touch module does not make validity judgments on parameter l ...)
	NOT-FOR-US: Vivo
CVE-2020-12484
	RESERVED
CVE-2020-12483 (The appstore before 8.12.0.0 exposes some of its components, and the a ...)
	NOT-FOR-US: Vivo
CVE-2020-12482
	RESERVED
CVE-2020-12481
	RESERVED
CVE-2020-12480 (In Play Framework 2.6.0 through 2.8.1, the CSRF filter can be bypassed ...)
	NOT-FOR-US: Play Framework
CVE-2020-12479 (TeamPass 2.1.27.36 allows any authenticated TeamPass user to trigger a ...)
	- teampass <itp> (bug #730180)
CVE-2020-12478 (TeamPass 2.1.27.36 allows an unauthenticated attacker to retrieve file ...)
	- teampass <itp> (bug #730180)
CVE-2020-12477 (The REST API functions in TeamPass 2.1.27.36 allow any user with a val ...)
	- teampass <itp> (bug #730180)
CVE-2020-12476
	RESERVED
CVE-2020-12475 (TP-Link Omada Controller Software 3.2.6 allows Directory Traversal for ...)
	NOT-FOR-US: TP-Link
CVE-2020-12474 (Telegram Desktop through 2.0.1, Telegram through 6.0.1 for Android, an ...)
	- telegram-desktop 2.1.0+ds-1
	[buster] - telegram-desktop <no-dsa> (Minor issue)
	NOTE: https://github.com/VijayT007/Vulnerability-Database/blob/master/Telegram:CVE-2020-12474
CVE-2020-12473 (MonoX through 5.1.40.5152 allows admins to execute arbitrary programs  ...)
	NOT-FOR-US: MonoX
CVE-2020-12472 (MonoX through 5.1.40.5152 allows stored XSS via User Status, Blog Comm ...)
	NOT-FOR-US: MonoX
CVE-2020-12471 (MonoX through 5.1.40.5152 allows remote code execution via HTML5Upload ...)
	NOT-FOR-US: MonoX
CVE-2020-12470 (MonoX through 5.1.40.5152 allows administrators to execute arbitrary c ...)
	NOT-FOR-US: MonoX
CVE-2020-12469 (admin/blocks.php in Subrion CMS through 4.2.1 allows PHP Object Inject ...)
	NOT-FOR-US: Subrion CMS
CVE-2020-12468 (Subrion CMS 4.2.1 allows CSV injection via a phrase value within a lan ...)
	NOT-FOR-US: Subrion CMS
CVE-2020-12467 (Subrion CMS 4.2.1 allows session fixation via an alphanumeric value in ...)
	NOT-FOR-US: Subrion CMS
CVE-2020-12626 (An issue was discovered in Roundcube Webmail before 1.4.4. A CSRF atta ...)
	{DSA-4674-1}
	- roundcube 1.4.4+dfsg.1-1 (bug #959142)
	NOTE: https://github.com/roundcube/roundcubemail/pull/7302
	NOTE: 1.4.x: https://github.com/roundcube/roundcubemail/commit/9bbda422ff0b782b81de59c86994f1a5fd93f8e6
	NOTE: 1.3.x: https://github.com/roundcube/roundcubemail/commit/1e7bec9cb868fa32b05acf6b0a557a6311350c56
	NOTE: 1.2.x: https://github.com/roundcube/roundcubemail/commit/cceeff2472c00acb2c6b96c9df7a289f1db77713
CVE-2020-12625 (An issue was discovered in Roundcube Webmail before 1.4.4. There is a  ...)
	{DSA-4674-1}
	- roundcube 1.4.4+dfsg.1-1 (bug #959140)
	NOTE: 1.4.x: https://github.com/roundcube/roundcubemail/commit/87e4cd0cf2c550e77586860b94e5c75d2b7686d0
	NOTE: 1.3.x: https://github.com/roundcube/roundcubemail/commit/23c06159ae8c6f500336e3075820e648aa6f40a4
	NOTE: 1.2.x: https://github.com/roundcube/roundcubemail/commit/4312dc4efecb9553fcacfab0ab9d9ee6e88477e7
CVE-2020-12466
	RESERVED
CVE-2020-12465 (An array overflow was discovered in mt76_add_fragment in drivers/net/w ...)
	- linux 5.5.13-1
	[buster] - linux 4.19.118-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/b102f0c522cf668c8382c56a4f771b37d011cda2 (5.6-rc6)
CVE-2020-12464 (usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before ...)
	{DSA-4699-1 DSA-4698-1 DLA-2242-1 DLA-2241-1}
	- linux 5.6.14-1
	NOTE: https://git.kernel.org/linus/056ad39ee9253873522f6469c3364964a322912b (5.7-rc3)
CVE-2020-12463 (An elevation of privilege vulnerability exists in Avira Software Updat ...)
	NOT-FOR-US: Avira
CVE-2020-12462 (The ninja-forms plugin before 3.4.24.2 for WordPress allows CSRF with  ...)
	NOT-FOR-US: ninja-forms plugin for WordPress
CVE-2020-12461 (PHP-Fusion 9.03.50 allows SQL Injection because maincore.php has an in ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-12460 (OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 has improper nul ...)
	{DLA-2639-1}
	- opendmarc 1.4.0~beta1+dfsg-3 (bug #966464)
	[buster] - opendmarc 1.3.2-6+deb10u2
	NOTE: https://github.com/trusteddomainproject/OpenDMARC/issues/64
	NOTE: https://github.com/trusteddomainproject/OpenDMARC/commit/50d28af25d8735504b6103537228ce7f76ad765f
CVE-2020-12459 (In certain Red Hat packages for Grafana 6.x through 6.3.6, the configu ...)
	NOT-FOR-US: Grafana as shipped in Red Hat
CVE-2020-12458 (An information-disclosure flaw was found in Grafana through 6.7.3. The ...)
	- grafana <removed>
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1827765
	NOTE: https://github.com/grafana/grafana/issues/8283
CVE-2020-12457 (An issue was discovered in wolfSSL before 4.5.0. It mishandles the cha ...)
	- wolfssl 4.5.0+dfsg-1 (bug #969663)
	NOTE: https://github.com/wolfSSL/wolfssl/commit/df1b7f34f173cfc2968ce12e8fcd2fd8bcc61a59 (v4.5.0-stable)
	NOTE: https://github.com/wolfSSL/wolfssl/pull/2927
CVE-2020-12456 (A remote code execution vulnerability in Mitel MiVoice Connect Client  ...)
	NOT-FOR-US: Mitel
CVE-2020-12455
	RESERVED
CVE-2020-12454
	RESERVED
CVE-2020-12453
	RESERVED
CVE-2020-12452
	RESERVED
CVE-2020-12451
	RESERVED
CVE-2020-12450
	RESERVED
CVE-2020-12449
	RESERVED
CVE-2020-12448 (GitLab EE 12.8 and later allows Exposure of Sensitive Information to a ...)
	- gitlab <not-affected> (Only affects GitLab EE 12.8 and later)
	NOTE: https://about.gitlab.com/releases/2020/04/30/security-release-12-10-2-released/
CVE-2020-12447 (A Local File Inclusion (LFI) issue on Onkyo TX-NR585 1000-0000-000-000 ...)
	NOT-FOR-US: Onkyo
CVE-2020-12446 (The ene.sys driver in G.SKILL Trident Z Lighting Control through 1.00. ...)
	NOT-FOR-US: G.SKILL Trident Z Lighting Control
CVE-2020-12445
	RESERVED
CVE-2020-12444
	RESERVED
CVE-2020-12443 (BigBlueButton before 2.2.6 allows remote attackers to read arbitrary f ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-12442 (Ivanti Avalanche 6.3 allows a SQL injection that is vaguely associated ...)
	NOT-FOR-US: Ivanti
CVE-2020-12441 (Denial-of-Service (DoS) in Ivanti Service Manager HEAT Remote Control  ...)
	NOT-FOR-US: Ivanti
CVE-2020-12440
	REJECTED
CVE-2020-12439 (Grin before 3.1.0 allows attackers to adversely affect availability of ...)
	NOT-FOR-US: Grin
CVE-2020-12438 (An XSS vulnerability exists in the banners.php page of PHP-Fusion 9.03 ...)
	NOT-FOR-US: PHP-Fusion
CVE-2020-12437
	RESERVED
CVE-2020-12436
	RESERVED
CVE-2020-12435
	RESERVED
CVE-2020-12434
	RESERVED
CVE-2020-12433
	RESERVED
CVE-2020-12432 (The WOPI API integration for Vereign Collabora CODE through 4.2.2 does ...)
	NOT-FOR-US: Vereign Collabora CODE
CVE-2020-12431 (A Windows privilege change issue was discovered in Splashtop Software  ...)
	NOT-FOR-US: Splashtop Software Updater
CVE-2020-12430 (An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_dri ...)
	[experimental] - libvirt 6.2.0-1
	- libvirt 6.4.0-2 (low; bug #959447)
	[buster] - libvirt <no-dsa> (Minor issue)
	[stretch] - libvirt <not-affected> (Vulnerable code introduced later)
	[jessie] - libvirt <not-affected> (Vulnerable code introduced later)
	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=9bf9e0ae6af38c806f4672ca7b12a6b38d5a9581 (v6.1.0-rc1)
	NOTE: Introduced in: https://libvirt.org/git/?p=libvirt.git;a=commit;h=d1eac92784573559b6fd56836e33b215c89308e3 (v4.10.0-rc1)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1804548
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1828190
CVE-2020-12429 (Online Course Registration 2.0 has multiple SQL injections that would  ...)
	NOT-FOR-US: Online Course Registration
CVE-2020-12428
	RESERVED
CVE-2020-12427 (The Western Digital WD Discovery application before 3.8.229 for MyClou ...)
	NOT-FOR-US: Western Digital
CVE-2020-12426 (Mozilla developers and community members reported memory safety bugs p ...)
	- firefox 78.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/#CVE-2020-12426
CVE-2020-12425 (Due to confusion processing a hyphen character in Date.parse(), a one- ...)
	- firefox 78.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/#CVE-2020-12425
CVE-2020-12424 (When constructing a permission prompt for WebRTC, a URI was supplied f ...)
	- firefox 78.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/#CVE-2020-12424
CVE-2020-12423 (When the Windows DLL "webauthn.dll" was missing from the Operating Sys ...)
	- firefox <not-affected> (Windows-specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/#CVE-2020-12423
CVE-2020-12422 (In non-standard configurations, a JPEG image created by JavaScript cou ...)
	- firefox 78.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/#CVE-2020-12422
CVE-2020-12421 (When performing add-on updates, certificate chains terminating in non- ...)
	{DSA-4718-1 DSA-4713-1}
	- firefox 78.0-1
	- firefox-esr 68.10.0esr-1
	- thunderbird 1:68.10.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/#CVE-2020-12421
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-25/#CVE-2020-12421
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-26/#CVE-2020-12421
CVE-2020-12420 (When trying to connect to a STUN server, a race condition could have c ...)
	{DSA-4718-1 DSA-4713-1}
	- firefox 78.0-1
	- firefox-esr 68.10.0esr-1
	- thunderbird 1:68.10.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/#CVE-2020-12420
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-25/#CVE-2020-12420
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-26/#CVE-2020-12420
CVE-2020-12419 (When processing callbacks that occurred during window flushing in the  ...)
	{DSA-4718-1 DSA-4713-1}
	- firefox 78.0-1
	- firefox-esr 68.10.0esr-1
	- thunderbird 1:68.10.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/#CVE-2020-12419
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-25/#CVE-2020-12419
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-26/#CVE-2020-12419
CVE-2020-12418 (Manipulating individual parts of a URL object could have caused an out ...)
	{DSA-4718-1 DSA-4713-1}
	- firefox 78.0-1
	- firefox-esr 68.10.0esr-1
	- thunderbird 1:68.10.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/#CVE-2020-12418
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-25/#CVE-2020-12418
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-26/#CVE-2020-12418
CVE-2020-12417 (Due to confusion about ValueTags on JavaScript Objects, an object may  ...)
	{DSA-4718-1 DSA-4713-1}
	- firefox 78.0-1
	- firefox-esr 68.10.0esr-1
	- thunderbird 1:68.10.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/#CVE-2020-12417
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-25/#CVE-2020-12417
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-26/#CVE-2020-12417
CVE-2020-12416 (A VideoStreamEncoder may have been freed in a race condition with Vide ...)
	- firefox 78.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/#CVE-2020-12416
CVE-2020-12415 (When "%2F" was present in a manifest URL, Firefox's AppCache behavior  ...)
	- firefox 78.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/#CVE-2020-12415
CVE-2020-12414 (IndexedDB should be cleared when leaving private browsing mode and it  ...)
	- firefox <not-affected> (Specific to Firefox on iOS)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-23/#CVE-2020-12414
CVE-2020-12413 [racoon attack for NSS]
	RESERVED
	- nss 2:3.17-1
	[buster] - nss <no-dsa> (Minor issue)
	[stretch] - nss <no-dsa> (Minor issue)
	NOTE: https://raccoon-attack.com/
	NOTE: Starting with 3.17 NSS allows to disable reuse of ECDHE keys, marking this
	NOTE: as the "fixed" version for unstable:
	NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17_release_notes
CVE-2020-12412 (By navigating a tab using the history API, an attacker could cause the ...)
	- firefox 70.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2020-12412
CVE-2020-12411 (Mozilla developers reported memory safety bugs present in Firefox 76.  ...)
	- firefox 77.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/#CVE-2020-12411
CVE-2020-12410 (Mozilla developers reported memory safety bugs present in Firefox 76 a ...)
	{DSA-4702-1 DSA-4695-1 DLA-2247-1 DLA-2243-1}
	- firefox 77.0-1
	- firefox-esr 68.9.0esr-1
	- thunderbird 1:68.9.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/#CVE-2020-12410
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-21/#CVE-2020-12410
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-22/#CVE-2020-12410
CVE-2020-12409 (When using certain blank characters in a URL, they where incorrectly r ...)
	- firefox 77.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/#CVE-2020-12409
CVE-2020-12408 (When browsing a document hosted on an IP address, an attacker could in ...)
	- firefox 77.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/#CVE-2020-12408
CVE-2020-12407 (Mozilla Developer Nicolas Silva found that when using WebRender, Firef ...)
	- firefox 77.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/#CVE-2020-12407
CVE-2020-12406 (Mozilla Developer Iain Ireland discovered a missing type check during  ...)
	{DSA-4702-1 DSA-4695-1 DLA-2247-1 DLA-2243-1}
	- firefox 77.0-1
	- firefox-esr 68.9.0esr-1
	- thunderbird 1:68.9.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/#CVE-2020-12406
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-21/#CVE-2020-12406
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-22/#CVE-2020-12406
CVE-2020-12405 (When browsing a malicious page, a race condition in our SharedWorkerSe ...)
	{DSA-4702-1 DSA-4695-1 DLA-2247-1 DLA-2243-1}
	- firefox 77.0-1
	- firefox-esr 68.9.0esr-1
	- thunderbird 1:68.9.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/#CVE-2020-12405
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-21/#CVE-2020-12405
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-22/#CVE-2020-12405
CVE-2020-12404 (For native-to-JS bridging the app requires a unique token to be passed ...)
	- firefox <not-affected> (Specific to iOS)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-19/#CVE-2020-12404
CVE-2020-12403 (A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS i ...)
	{DLA-2388-1}
	- nss 2:3.55-1
	[buster] - nss <no-dsa> (Minor issue)
	NOTE: https://hg.mozilla.org/projects/nss/rev/f282556e6cc7715f5754aeaadda6f902590e7e38
	NOTE: https://hg.mozilla.org/projects/nss/rev/c25adfdfab34ddb08d3262aac3242e3399de1095
	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1636771
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1868931
CVE-2020-12402 (During RSA key generation, bignum implementations used a variation of  ...)
	{DSA-4726-1 DLA-2388-1 DLA-2266-1}
	- nss 2:3.53.1-1 (bug #963152)
	NOTE: https://hg.mozilla.org/projects/nss/rev/699541a7793bbe9b20f1d73dc49e25c6054aa4c1
	NOTE: Fixed upstream in 3.53.1
CVE-2020-12401 (During ECDSA signature generation, padding applied in the nonce design ...)
	{DLA-2388-1}
	- firefox 80.0-1
	- nss 2:3.55-1
	[buster] - nss <no-dsa> (Minor issue)
	NOTE: https://hg.mozilla.org/projects/nss/rev/aeb2e583ee957a699d949009c7ba37af76515c20
	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1631573 (private)
	NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.55_release_notes
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-36/#CVE-2020-12401
CVE-2020-12400 (When converting coordinates from projective to affine, the modular inv ...)
	{DLA-2388-1}
	- firefox 80.0-1
	- nss 2:3.55-1
	[buster] - nss <no-dsa> (Minor issue)
	NOTE: https://hg.mozilla.org/projects/nss/rev/e55ab3145546ae3cf1333b43956a974675d2d25c
	NOTE: https://hg.mozilla.org/projects/nss/rev/3f022d5eca5d3cd0e366a825a5681953d76299d0
	NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.55_release_notes
	NOTE: Issue relates to CVE-2020-6829 and resolved in the same commits.
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-36/#CVE-2020-12400
CVE-2020-12399 (NSS has shown timing differences when performing DSA signatures, which ...)
	{DSA-4726-1 DSA-4702-1 DSA-4695-1 DLA-2388-1 DLA-2266-1 DLA-2247-1 DLA-2243-1}
	- firefox 77.0-1
	- firefox-esr 68.9.0esr-1
	- nss 2:3.53-1 (bug #961752)
	- thunderbird 1:68.9.0-1
	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1631576 (non-public)
	NOTE: Fixed by: https://hg.mozilla.org/projects/nss/rev/daa823a4a29bcef0fec33a379ec83857429aea2e
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/#CVE-2020-12399
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-21/#CVE-2020-12399
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-22/#CVE-2020-12399
CVE-2020-12398 (If Thunderbird is configured to use STARTTLS for an IMAP server, and t ...)
	{DSA-4702-1 DLA-2247-1}
	- thunderbird 1:68.9.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-22/#CVE-2020-12398
CVE-2020-12397 (By encoding Unicode whitespace characters within the From email header ...)
	{DSA-4683-1 DLA-2206-1}
	- thunderbird 1:68.8.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-18/#CVE-2020-12397
CVE-2020-12396 (Mozilla developers and community members reported memory safety bugs p ...)
	- firefox 76.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/#CVE-2020-12396
CVE-2020-12395 (Mozilla developers and community members reported memory safety bugs p ...)
	{DSA-4683-1 DSA-4678-1 DLA-2206-1 DLA-2205-1}
	- firefox 76.0-1
	- firefox-esr 68.8.0esr-1
	- thunderbird 1:68.8.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/#CVE-2020-12395
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-17/#CVE-2020-12395
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-18/#CVE-2020-12395
CVE-2020-12394 (A logic flaw in our location bar implementation could have allowed a l ...)
	- firefox 76.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/#CVE-2020-12394
CVE-2020-12393 (The 'Copy as cURL' feature of Devtools' network tab did not properly e ...)
	- firefox <not-affected> (Only affects Windows)
	- firefox-esr <not-affected> (Only affects Windows)
	- thunderbird <not-affected> (Only affects Windows)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/#CVE-2020-12393
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-17/#CVE-2020-12393
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-18/#CVE-2020-12393
CVE-2020-12392 (The 'Copy as cURL' feature of Devtools' network tab did not properly e ...)
	{DSA-4683-1 DSA-4678-1 DLA-2206-1 DLA-2205-1}
	- firefox 76.0-1
	- firefox-esr 68.8.0esr-1
	- thunderbird 1:68.8.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/#CVE-2020-12392
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-17/#CVE-2020-12392
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-18/#CVE-2020-12392
CVE-2020-12391 (Documents formed using data: URLs in an OBJECT element failed to inher ...)
	- firefox 76.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/#CVE-2020-12391
CVE-2020-12390 (Incorrect origin serialization of URLs with IPv6 addresses could lead  ...)
	- firefox 76.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/#CVE-2020-12390
CVE-2020-12389 (The Firefox content processes did not sufficiently lockdown access con ...)
	- firefox <not-affected> (Only affects Windows)
	- firefox-esr <not-affected> (Only affects Windows)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/#CVE-2020-12389
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-17/#CVE-2020-12389
CVE-2020-12388 (The Firefox content processes did not sufficiently lockdown access con ...)
	- firefox <not-affected> (Only affects Windows)
	- firefox-esr <not-affected> (Only affects Windows)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/#CVE-2020-12388
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-17/#CVE-2020-12388
CVE-2020-12387 (A race condition when running shutdown code for Web Worker led to a us ...)
	{DSA-4683-1 DSA-4678-1 DLA-2206-1 DLA-2205-1}
	- firefox 76.0-1
	- firefox-esr 68.8.0esr-1
	- thunderbird 1:68.8.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/#CVE-2020-12387
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-17/#CVE-2020-12387
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-18/#CVE-2020-12387
CVE-2020-12386 (Out-of-bounds write in some Intel(R) Graphics Drivers before version 1 ...)
	NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-12385 (Improper input validation in some Intel(R) Graphics Drivers before ver ...)
	NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-12384 (Improper access control in some Intel(R) Graphics Drivers before versi ...)
	NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-12383
	RESERVED
CVE-2020-12382
	RESERVED
CVE-2020-12381
	RESERVED
CVE-2020-12380 (Out of bounds read in the BMC firmware for some Intel(R) Server Boards ...)
	NOT-FOR-US: Intel
CVE-2020-12379
	RESERVED
CVE-2020-12378
	RESERVED
CVE-2020-12377 (Insufficient input validation in the BMC firmware for some Intel(R) Se ...)
	NOT-FOR-US: Intel
CVE-2020-12376 (Use of hard-coded key in the BMC firmware for some Intel(R) Server Boa ...)
	NOT-FOR-US: Intel
CVE-2020-12375 (Heap overflow in the BMC firmware for some Intel(R) Server Boards, Ser ...)
	NOT-FOR-US: Intel
CVE-2020-12374 (Buffer overflow in the BMC firmware for some Intel(R) Server Boards, S ...)
	NOT-FOR-US: Intel
CVE-2020-12373 (Expired pointer dereference in some Intel(R) Graphics Drivers before v ...)
	NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-12372 (Unchecked return value in some Intel(R) Graphics Drivers before versio ...)
	NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-12371 (Divide by zero in some Intel(R) Graphics Drivers before version 26.20. ...)
	NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-12370 (Untrusted pointer dereference in some Intel(R) Graphics Drivers before ...)
	NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-12369 (Out of bound write in some Intel(R) Graphics Drivers before version 26 ...)
	NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-12368 (Integer overflow in some Intel(R) Graphics Drivers before version 26.2 ...)
	NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-12367 (Integer overflow in some Intel(R) Graphics Drivers before version 26.2 ...)
	NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-12366 (Insufficient input validation in some Intel(R) Graphics Drivers before ...)
	NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-12365 (Untrusted pointer dereference in some Intel(R) Graphics Drivers before ...)
	NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-12364 (Null pointer reference in some Intel(R) Graphics Drivers for Windows*  ...)
	- linux <unfixed>
	[bullseye] - linux <ignored> (Too intrusive to backport)
	[buster] - linux <ignored> (Too intrusive to backport)
	- firmware-nonfree 20210208-1
	[buster] - firmware-nonfree <no-dsa> (Non-free not supported)
	[stretch] - firmware-nonfree <ignored> (Minor issue, too intrusive to fix since kernel patch is needed)
	NOTE: Short of details: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html
	NOTE: Per Intel, this was fixed by a firmware update. v49.0.1 of the
	NOTE: firmware is required. The new firmware requires a kernel patch
	NOTE: https://git.kernel.org/linus/c784e5249e773689e38d2bc1749f08b986621a26
	NOTE: Firmware was added via https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=c487f7dadcd21116613441ed355b764003b3f57b
	NOTE: The vulnerability is fixed in firmware, but needs an updated Linux kernel to load
	NOTE: the updated firmware, thus also marking linux as affected
CVE-2020-12363 (Improper input validation in some Intel(R) Graphics Drivers for Window ...)
	- linux <unfixed>
	[bullseye] - linux <ignored> (Too intrusive to backport)
	[buster] - linux <ignored> (Too intrusive to backport)
	- firmware-nonfree 20210208-1
	[buster] - firmware-nonfree <no-dsa> (Non-free not supported)
	[stretch] - firmware-nonfree <ignored> (Minor issue, too intrusive to fix since kernel patch is needed)
	NOTE: Short of details: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html
	NOTE: Per Intel, this was fixed by a firmware update. v49.0.1 of the
	NOTE: firmware is required. The new firmware requires a kernel patch
	NOTE: https://git.kernel.org/linus/c784e5249e773689e38d2bc1749f08b986621a26
	NOTE: Firmware was added via https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=c487f7dadcd21116613441ed355b764003b3f57b
	NOTE: The vulnerability is fixed in firmware, but needs an updated Linux kernel to load
	NOTE: the updated firmware, thus also marking linux as affected
CVE-2020-12362 (Integer overflow in the firmware for some Intel(R) Graphics Drivers fo ...)
	- linux <unfixed>
	[bullseye] - linux <ignored> (Too intrusive to backport)
	[buster] - linux <ignored> (Too intrusive to backport)
	- firmware-nonfree 20210208-1
	[buster] - firmware-nonfree <no-dsa> (Non-free not supported)
	[stretch] - firmware-nonfree <ignored> (Minor issue, too intrusive to fix since kernel patch is needed)
	NOTE: Short of details: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html
	NOTE: Per Intel, this was fixed by a firmware update. v49.0.1 of the
	NOTE: firmware is required. The new firmware requires a kernel patch
	NOTE: https://git.kernel.org/linus/c784e5249e773689e38d2bc1749f08b986621a26
	NOTE: Firmware was added via https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=c487f7dadcd21116613441ed355b764003b3f57b
	NOTE: The vulnerability is fixed in firmware, but needs an updated Linux kernel to load
	NOTE: the updated firmware, thus also marking linux as affected
CVE-2020-12361 (Use after free in some Intel(R) Graphics Drivers before version 15.33. ...)
	NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-12360 (Out of bounds read in the firmware for some Intel(R) Processors may al ...)
	NOT-FOR-US: Intel
CVE-2020-12359 (Insufficient control flow management in the firmware for some Intel(R) ...)
	NOT-FOR-US: Intel
CVE-2020-12358 (Out of bounds write in the firmware for some Intel(R) Processors may a ...)
	NOT-FOR-US: Intel
CVE-2020-12357 (Improper initialization in the firmware for some Intel(R) Processors m ...)
	NOT-FOR-US: Intel
CVE-2020-12356 (Out-of-bounds read in subsystem in Intel(R) AMT versions before 11.8.8 ...)
	NOT-FOR-US: Intel
CVE-2020-12355 (Authentication bypass by capture-replay in RPMB protocol message authe ...)
	NOT-FOR-US: Intel
CVE-2020-12354 (Incorrect default permissions in Windows(R) installer in Intel(R) AMT  ...)
	NOT-FOR-US: Intel
CVE-2020-12353 (Improper permissions in the Intel(R) Data Center Manager Console befor ...)
	NOT-FOR-US: Intel
CVE-2020-12352 (Improper access control in BlueZ may allow an unauthenticated user to  ...)
	{DSA-4774-1 DLA-2420-1 DLA-2417-1}
	- linux 5.9.1-1
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html
	NOTE: https://github.com/google/security-research/security/advisories/GHSA-7mh3-gq28-gfrq
	NOTE: Fixed by: https://git.kernel.org/linus/eddb7732119d53400f48a02536a84c509692faa8
CVE-2020-12351 (Improper input validation in BlueZ may allow an unauthenticated user t ...)
	{DSA-4774-1 DLA-2420-1 DLA-2417-1}
	- linux 5.9.1-1
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html
	NOTE: https://github.com/google/security-research/security/advisories/GHSA-h637-c88j-47wq
	NOTE: Fixed by: https://git.kernel.org/linus/f19425641cb2572a33cb074d5e30283720bd4d22
CVE-2020-12350 (Improper access control in the Intel(R) XTU before version 6.5.1.360 m ...)
	NOT-FOR-US: Intel
CVE-2020-12349 (Improper input validation in the Intel(R) Data Center Manager Console  ...)
	NOT-FOR-US: Intel
CVE-2020-12348
	RESERVED
CVE-2020-12347 (Improper input validation in the Intel(R) Data Center Manager Console  ...)
	NOT-FOR-US: Intel
CVE-2020-12346 (Improper permissions in the installer for the Intel(R) Battery Life Di ...)
	NOT-FOR-US: Intel
CVE-2020-12345 (Improper permissions in the installer for the Intel(R) Data Center Man ...)
	NOT-FOR-US: Intel
CVE-2020-12344
	RESERVED
CVE-2020-12343
	RESERVED
CVE-2020-12342
	RESERVED
CVE-2020-12341
	RESERVED
CVE-2020-12340
	RESERVED
CVE-2020-12339 (Insufficient control flow management in the API for the Intel(R) Colla ...)
	NOT-FOR-US: Intel
CVE-2020-12338 (Insufficient control flow management in the Open WebRTC Toolkit before ...)
	NOT-FOR-US: Intel
CVE-2020-12337 (Improper buffer restrictions in firmware for some Intel(R) NUCs may al ...)
	NOT-FOR-US: Intel
CVE-2020-12336 (Insecure default variable initialization in firmware for some Intel(R) ...)
	NOT-FOR-US: Intel
CVE-2020-12335 (Improper permissions in the installer for the Intel(R) Processor Ident ...)
	NOT-FOR-US: Intel
CVE-2020-12334 (Improper permissions in the installer for the Intel(R) Advisor tools b ...)
	NOT-FOR-US: Intel
CVE-2020-12333 (Insufficiently protected credentials in the Intel(R) QAT for Linux bef ...)
	NOT-FOR-US: Intel
CVE-2020-12332 (Improper permissions in the installer for the Intel(R) HID Event Filte ...)
	NOT-FOR-US: Intel
CVE-2020-12331 (Improper access controls in Intel Unite(R) Cloud Service client before ...)
	NOT-FOR-US: Intel
CVE-2020-12330 (Improper permissions in the installer for the Intel(R) Falcon 8+ UAS A ...)
	NOT-FOR-US: Intel
CVE-2020-12329 (Uncontrolled search path in the Intel(R) VTune(TM) Profiler before ver ...)
	NOT-FOR-US: Intel
CVE-2020-12328 (Protection mechanism failure in some Intel(R) Thunderbolt(TM) DCH driv ...)
	NOT-FOR-US: Intel
CVE-2020-12327 (Insecure default variable initialization in some Intel(R) Thunderbolt( ...)
	NOT-FOR-US: Intel
CVE-2020-12326 (Improper initialization in some Intel(R) Thunderbolt(TM) DCH drivers f ...)
	NOT-FOR-US: Intel
CVE-2020-12325 (Improper buffer restrictions in some Intel(R) Thunderbolt(TM) DCH driv ...)
	NOT-FOR-US: Intel
CVE-2020-12324 (Protection mechanism failure in some Intel(R) Thunderbolt(TM) DCH driv ...)
	NOT-FOR-US: Intel
CVE-2020-12323 (Improper input validation in the Intel(R) ADAS IE before version ADAS_ ...)
	NOT-FOR-US: Intel
CVE-2020-12322 (Improper input validation in some Intel(R) Wireless Bluetooth(R) produ ...)
	NOT-FOR-US: Intel (Wireless Bluetooth products, but only affecting Windows)
CVE-2020-12321 (Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) pro ...)
	- firmware-nonfree <undetermined>
	[buster] - firmware-nonfree <no-dsa> (non-free not supported)
	[stretch] - firmware-nonfree <no-dsa> (Minor issue, can be considered if some other major issue appear)
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403.html
	NOTE: See notes for CVE-2020-12313
CVE-2020-12320 (Uncontrolled search path in Intel(R) SCS Add-on for Microsoft* SCCM be ...)
	NOT-FOR-US: Intel
CVE-2020-12319 (Insufficient control flow management in some Intel(R) PROSet/Wireless  ...)
	- firmware-nonfree <undetermined>
	[buster] - firmware-nonfree <no-dsa> (non-free not supported)
	[stretch] - firmware-nonfree <no-dsa> (Minor issue, can be considered if some other major issue appear)
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html
	NOTE: See notes for CVE-2020-12313
CVE-2020-12318 (Protection mechanism failure in some Intel(R) PROSet/Wireless WiFi pro ...)
	NOT-FOR-US: Intel PROSet/Wireless WiFi products (not applicable to Linux)
CVE-2020-12317 (Improper buffer restriction in some Intel(R) PROSet/Wireless WiFi prod ...)
	- firmware-nonfree <undetermined>
	[buster] - firmware-nonfree <no-dsa> (non-free not supported)
	[stretch] - firmware-nonfree <no-dsa> (Minor Issue, May be considered if some major issue appear)
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html
	NOTE: See notes for CVE-2020-12313
CVE-2020-12316 (Insufficiently protected credentials in the Intel(R) EMA before versio ...)
	NOT-FOR-US: Intel
CVE-2020-12315 (Path traversal in the Intel(R) EMA before version 1.3.3 may allow an u ...)
	NOT-FOR-US: Intel
CVE-2020-12314 (Improper input validation in some Intel(R) PROSet/Wireless WiFi produc ...)
	NOT-FOR-US: Intel PROSet/Wireless WiFi products (not applicable to Linux)
CVE-2020-12313 (Insufficient control flow management in some Intel(R) PROSet/Wireless  ...)
	- firmware-nonfree <undetermined>
	[buster] - firmware-nonfree <no-dsa> (non-free not supported)
	[stretch] - firmware-nonfree <no-dsa> (Minor Issue, May be considered if some major issue appear)
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html
	NOTE: Fixed firmware blobs:
	NOTE: ibt-18-16-1.sfi: FW Build: REL17064 Release Version: 22.20.0.3
	NOTE: ibt-hw-37.8.10-fw-22.50.19.14.f.bseq
	NOTE: Not shipped in Debian: Wi-Fi 6 AX200, Wireless-AC 9560, Wireless-AC 9462, Wireless-AC 9461, Dual Band Wireless-AC 3165
	NOTE: Intel seems to have missed the update for ibt-12-16.sfi, last update from May 2019
	NOTE: Intel seems to have missed the update for ibt-11-5.sfi, last update from Jan 2019
	NOTE: There's no conclusive information which allows to track these, until something
	NOTE: gets confirmed by Intel, track as <undetermined>
CVE-2020-12312 (Improper buffer restrictions in the Intel(R) Stratix(R) 10 FPGA firmwa ...)
	NOT-FOR-US: Intel
CVE-2020-12311 (Insufficient control flow managementin firmware in some Intel(R) Clien ...)
	NOT-FOR-US: Intel
CVE-2020-12310 (Insufficient control flow managementin firmware in some Intel(R) Clien ...)
	NOT-FOR-US: Intel
CVE-2020-12309 (Insufficiently protected credentialsin subsystem in some Intel(R) Clie ...)
	NOT-FOR-US: Intel
CVE-2020-12308 (Improper access control for the Intel(R) Computing Improvement Program ...)
	NOT-FOR-US: Intel
CVE-2020-12307 (Improper permissions in some Intel(R) High Definition Audio drivers be ...)
	NOT-FOR-US: Intel
CVE-2020-12306 (Incorrect default permissions in the Intel(R) RealSense(TM) D400 Serie ...)
	NOT-FOR-US: Intel
CVE-2020-12305
	RESERVED
CVE-2020-12304 (Improper access control in Installer for Intel(R) DAL SDK before versi ...)
	NOT-FOR-US: Intel
CVE-2020-12303 (Use after free in DAL subsystem for Intel(R) CSME versions before 11.8 ...)
	NOT-FOR-US: Intel
CVE-2020-12302 (Improper permissions in the Intel(R) Driver &amp; Support Assistant be ...)
	NOT-FOR-US: Intel
CVE-2020-12301 (Improper initialization in BIOS firmware for Intel(R) Server Board Fam ...)
	NOT-FOR-US: Intel
CVE-2020-12300 (Uninitialized pointer in BIOS firmware for Intel(R) Server Board Famil ...)
	NOT-FOR-US: Intel
CVE-2020-12299 (Improper input validation in BIOS firmware for Intel(R) Server Board F ...)
	NOT-FOR-US: Intel
CVE-2020-12298
	RESERVED
CVE-2020-12297 (Improper access control in Installer for Intel(R) CSME Driver for Wind ...)
	NOT-FOR-US: Intel
CVE-2020-12296 (Uncontrolled resource consumption in some Intel(R) Thunderbolt(TM) con ...)
	NOT-FOR-US: Intel
CVE-2020-12295 (Improper input validation in some Intel(R) Thunderbolt(TM) controllers ...)
	NOT-FOR-US: Intel
CVE-2020-12294 (Insufficient control flow management in some Intel(R) Thunderbolt(TM)  ...)
	NOT-FOR-US: Intel
CVE-2020-12293 (Improper control of a resource through its lifetime in some Intel(R) T ...)
	NOT-FOR-US: Intel
CVE-2020-12292 (Improper conditions check in some Intel(R) Thunderbolt(TM) controllers ...)
	NOT-FOR-US: Intel
CVE-2020-12291 (Uncontrolled resource consumption in some Intel(R) Thunderbolt(TM) con ...)
	NOT-FOR-US: Intel
CVE-2020-12290 (Improper access control in some Intel(R) Thunderbolt(TM) controllers m ...)
	NOT-FOR-US: Intel
CVE-2020-12289 (Out-of-bounds write in some Intel(R) Thunderbolt(TM) controllers may a ...)
	NOT-FOR-US: Intel
CVE-2020-12288 (Protection mechanism failure in some Intel(R) Thunderbolt(TM) controll ...)
	NOT-FOR-US: Intel
CVE-2020-12287 (Incorrect permissions in the Intel(R) Distribution of OpenVINO(TM) Too ...)
	NOT-FOR-US: Intel
CVE-2020-12286 (In Octopus Deploy before 2019.12.9 and 2020 before 2020.1.12, the Task ...)
	NOT-FOR-US: Octopus Deploy
CVE-2020-12285
	RESERVED
CVE-2020-12284 (cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2 ...)
	{DSA-4722-1}
	- ffmpeg 7:4.2.3-1
	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19734
	NOTE: https://github.com/FFmpeg/FFmpeg/commit/1812352d767ccf5431aa440123e2e260a4db2726
CVE-2020-12283 (Sourcegraph before 3.15.1 has a vulnerable authentication workflow bec ...)
	NOT-FOR-US: Sourcegraph
CVE-2020-12282 (iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in  ...)
	NOT-FOR-US: iSmartgate PRO
CVE-2020-12281 (iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attacker ...)
	NOT-FOR-US: iSmartgate PRO
CVE-2020-12280 (iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attacker ...)
	NOT-FOR-US: iSmartgate PRO
CVE-2020-12279 (An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99. ...)
	- libgit2 0.28.4+dfsg.1-2
	[buster] - libgit2 <no-dsa> (Minor issue; only problematic when used on NTFS like filesystem)
	[stretch] - libgit2 <no-dsa> (Minor issue; only problematic when used on NTFS like filesystem)
	[jessie] - libgit2 <no-dsa> (Minor issue; only problematic when used on NTFS like filesystem)
	NOTE: https://github.com/libgit2/libgit2/commit/64c612cc3e25eff5fb02c59ef5a66ba7a14751e4
CVE-2020-12278 (An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99. ...)
	- libgit2 0.28.4+dfsg.1-2
	[buster] - libgit2 <no-dsa> (Minor issue; only problematic when used on NTFS like filesystem)
	[stretch] - libgit2 <no-dsa> (Minor issue; only problematic when used on NTFS like filesystem)
	[jessie] - libgit2 <no-dsa> (Minor issue; only problematic when used on NTFS like filesystem)
	NOTE: https://github.com/libgit2/libgit2/commit/3f7851eadca36a99627ad78cbe56a40d3776ed01
	NOTE: https://github.com/libgit2/libgit2/commit/e1832eb20a7089f6383cfce474f213157f5300cb
CVE-2020-12277 (GitLab 10.8 through 12.9 has a vulnerability that allows someone to mi ...)
	[experimental] - gitlab 12.8.8-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
CVE-2020-12276 (GitLab 9.5.9 through 12.9 is vulnerable to stored XSS in an admin noti ...)
	[experimental] - gitlab 12.8.8-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
CVE-2020-12275 (GitLab 12.6 through 12.9 is vulnerable to a privilege escalation that  ...)
	[experimental] - gitlab 12.8.8-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
CVE-2020-12274 (In TestLink 1.9.20, the lib/cfields/cfieldsExport.php goback_url param ...)
	NOT-FOR-US: TestLink
CVE-2020-12273 (In TestLink 1.9.20, a crafted login.php viewer parameter exposes clear ...)
	NOT-FOR-US: TestLink
CVE-2020-12272 (OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentic ...)
	- opendmarc 1.4.0~beta1+dfsg-4 (bug #977767)
	[buster] - opendmarc <no-dsa> (Minor issue)
	[stretch] - opendmarc <postponed> (Minor issue; can be fixed in next update)
	NOTE: https://sourceforge.net/p/opendmarc/tickets/237/
	NOTE: https://www.usenix.org/system/files/sec20fall_chen-jianjun_prepub_0.pdf
	NOTE: Fix: https://github.com/trusteddomainproject/OpenDMARC/commit/f3a9a9d4edfaa05102292727d021683f58aa4b6e
CVE-2020-12271 (A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 bef ...)
	NOT-FOR-US: SFOS
CVE-2020-12270 (** DISPUTED ** React Native Bluetooth Scan in Bluezone 1.0.0 uses six- ...)
	NOT-FOR-US: Bluezone
CVE-2020-12269
	RESERVED
CVE-2020-12268 (jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 h ...)
	{DLA-2796-1}
	- jbig2dec 0.18-1
	[buster] - jbig2dec <no-dsa> (Minor issue)
	[jessie] - jbig2dec <no-dsa> (Minor issue)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20332
	NOTE: https://github.com/ArtifexSoftware/jbig2dec/commit/0726320a4b55078e9d8deb590e477d598b3da66e
CVE-2020-12267 (setMarkdown in Qt before 5.14.2 has a use-after-free related to QTextM ...)
	- qtbase-opensource-src <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/qt/qtbase/commit/7447e2b337f12b4d04935d0f30fc673e4327d5a0
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20450
	NOTE: The 5.14 in experimental contains the code, but is already fixed
CVE-2020-12266 (An issue was discovered where there are multiple externally accessible ...)
	NOT-FOR-US: WAVLINK
CVE-2020-12265 (The decompress package before 4.2.1 for Node.js is vulnerable to Arbit ...)
	NOT-FOR-US: Node decompress
CVE-2020-12264
	RESERVED
CVE-2020-12263
	RESERVED
CVE-2020-12262 (Intelbras TIP200 60.61.75.15, TIP200LITE 60.61.75.15, and TIP300 65.61 ...)
	NOT-FOR-US: Intelbras
CVE-2020-12261 (Open-AudIT 3.3.0 allows an XSS attack after login. ...)
	NOT-FOR-US: Open-AudIT
CVE-2020-12260
	RESERVED
CVE-2020-12259 (rConfig 3.9.4 is vulnerable to reflected XSS. The configDevice.php fil ...)
	NOT-FOR-US: rConfig
CVE-2020-12258 (rConfig 3.9.4 is vulnerable to session fixation because session expiry ...)
	NOT-FOR-US: rConfig
CVE-2020-12257 (rConfig 3.9.4 is vulnerable to cross-site request forgery (CSRF) becau ...)
	NOT-FOR-US: rConfig
CVE-2020-12256 (rConfig 3.9.4 is vulnerable to reflected XSS. The devicemgmnt.php file ...)
	NOT-FOR-US: rConfig
CVE-2020-12255 (rConfig 3.9.4 is vulnerable to remote code execution due to improper v ...)
	NOT-FOR-US: rConfig
CVE-2020-12254 (Avira Antivirus before 5.0.2003.1821 on Windows allows privilege escal ...)
	NOT-FOR-US: Avira Antivirus
CVE-2020-12253
	RESERVED
CVE-2020-12252 (An issue was discovered in Gigamon GigaVUE 5.5.01.11. The upload funct ...)
	NOT-FOR-US: Gigamon
CVE-2020-12251 (An issue was discovered in Gigamon GigaVUE 5.5.01.11. The upload funct ...)
	NOT-FOR-US: Gigamon
CVE-2020-12250
	RESERVED
CVE-2020-12249
	RESERVED
CVE-2020-12248 (In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9. ...)
	NOT-FOR-US: Foxit
CVE-2020-12247 (In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9. ...)
	NOT-FOR-US: Foxit
CVE-2020-12246 (Beeline Smart Box 2.0.38 routers allow "Advanced settings &gt; Other & ...)
	NOT-FOR-US: Beeline Smart Box
CVE-2020-12245 (Grafana before 6.7.3 allows table-panel XSS via column.title or cellLi ...)
	- grafana <removed>
	NOTE: https://github.com/grafana/grafana/pull/23816
CVE-2020-12244 (An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where ...)
	{DSA-4691-1}
	- pdns-recursor 4.3.1-1
	[jessie] - pdns-recursor <not-affected> (Vulnerable code added later)
	NOTE: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-02.html
	NOTE: https://www.openwall.com/lists/oss-security/2020/05/19/3
CVE-2020-12243 (In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters wi ...)
	{DSA-4666-1 DLA-2199-1}
	- openldap 2.4.50+dfsg-1
	NOTE: https://bugs.openldap.org/show_bug.cgi?id=9202
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/d38d48fc8f572dedfb67b9da61a2ba3b125ced91 (master)
	NOTE: https://git.openldap.org/openldap/openldap/-/commit/98464c11df8247d6a11b52e294ba5dd4f0380440 (OPENLDAP_REL_ENG_2_4_50)
CVE-2020-12242 (Valve Source allows local users to gain privileges by writing to the / ...)
	NOT-FOR-US: Valve
CVE-2020-12241
	RESERVED
CVE-2020-12240
	RESERVED
CVE-2020-12239
	RESERVED
CVE-2020-12238
	RESERVED
CVE-2020-12237
	RESERVED
CVE-2020-12236
	RESERVED
CVE-2020-12235
	RESERVED
CVE-2020-12234
	RESERVED
CVE-2020-12233
	RESERVED
CVE-2020-12232
	RESERVED
CVE-2020-12231
	RESERVED
CVE-2020-12230
	RESERVED
CVE-2020-12229
	RESERVED
CVE-2020-12228
	RESERVED
CVE-2020-12227
	RESERVED
CVE-2020-12226
	RESERVED
CVE-2020-12225
	RESERVED
CVE-2020-12224
	RESERVED
CVE-2020-12223
	RESERVED
CVE-2020-12222
	RESERVED
CVE-2020-12221
	RESERVED
CVE-2020-12220
	RESERVED
CVE-2020-12219
	RESERVED
CVE-2020-12218
	RESERVED
CVE-2020-12217
	RESERVED
CVE-2020-12216
	RESERVED
CVE-2020-12215
	RESERVED
CVE-2020-12214
	RESERVED
CVE-2020-12213
	RESERVED
CVE-2020-12212
	RESERVED
CVE-2020-12211
	RESERVED
CVE-2020-12210
	RESERVED
CVE-2020-12209
	RESERVED
CVE-2020-12208
	RESERVED
CVE-2020-12207
	RESERVED
CVE-2020-12206
	RESERVED
CVE-2020-12205
	RESERVED
CVE-2020-12204
	RESERVED
CVE-2020-12203
	RESERVED
CVE-2020-12202
	RESERVED
CVE-2020-12201
	RESERVED
CVE-2020-12200
	RESERVED
CVE-2020-12199
	RESERVED
CVE-2020-12198
	RESERVED
CVE-2020-12197
	RESERVED
CVE-2020-12196
	RESERVED
CVE-2020-12195
	RESERVED
CVE-2020-12194
	RESERVED
CVE-2020-12193
	RESERVED
CVE-2020-12192
	RESERVED
CVE-2020-12191
	RESERVED
CVE-2020-12190
	RESERVED
CVE-2020-12189
	RESERVED
CVE-2020-12188
	RESERVED
CVE-2020-12187
	RESERVED
CVE-2020-12186
	RESERVED
CVE-2020-12185
	RESERVED
CVE-2020-12184
	RESERVED
CVE-2020-12183
	RESERVED
CVE-2020-12182
	RESERVED
CVE-2020-12181
	RESERVED
CVE-2020-12180
	RESERVED
CVE-2020-12179
	RESERVED
CVE-2020-12178
	RESERVED
CVE-2020-12177
	RESERVED
CVE-2020-12176
	RESERVED
CVE-2020-12175
	RESERVED
CVE-2020-12174
	RESERVED
CVE-2020-12173
	RESERVED
CVE-2020-12172
	RESERVED
CVE-2020-12171
	RESERVED
CVE-2020-12170
	RESERVED
CVE-2020-12169
	RESERVED
CVE-2020-12168
	RESERVED
CVE-2020-12167
	RESERVED
CVE-2020-12166
	RESERVED
CVE-2020-12165
	RESERVED
CVE-2020-12164
	RESERVED
CVE-2020-12163
	RESERVED
CVE-2020-12162
	RESERVED
CVE-2020-12161
	RESERVED
CVE-2020-12160
	RESERVED
CVE-2020-12159
	RESERVED
CVE-2020-12158
	RESERVED
CVE-2020-12157
	RESERVED
CVE-2020-12156
	RESERVED
CVE-2020-12155
	RESERVED
CVE-2020-12154
	RESERVED
CVE-2020-12153
	RESERVED
CVE-2020-12152
	RESERVED
CVE-2020-12151
	RESERVED
CVE-2020-12150
	RESERVED
CVE-2020-12149 (The configuration backup/restore function in Silver Peak Unity ECOSTM  ...)
	NOT-FOR-US: Silver Peak Unity ECOSTM (ECOS) appliance software
CVE-2020-12148 (A command injection flaw identified in the nslookup API in Silver Peak ...)
	NOT-FOR-US: Silver Peak Unity ECOSTM (ECOS) appliance software
CVE-2020-12147 (In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, ...)
	NOT-FOR-US: Silver Peak Unity Orchestrator
CVE-2020-12146 (In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, ...)
	NOT-FOR-US: Silver Peak Unity Orchestrator
CVE-2020-12145 (Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or ...)
	NOT-FOR-US: Silver Peak Unity Orchestrator
CVE-2020-12144 (The certificate used to identify the Silver Peak Cloud Portal to EdgeC ...)
	NOT-FOR-US: Silver Peak Cloud Portal
CVE-2020-12143 (The certificate used to identify Orchestrator to EdgeConnect devices i ...)
	NOT-FOR-US: EdgeConnect
CVE-2020-12142 (1. IPSec UDP key material can be retrieved from machine-to-machine int ...)
	NOT-FOR-US: EdgeConnect
CVE-2020-12141 (An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier  ...)
	NOT-FOR-US: SNMP stack in Contiki-NG
CVE-2020-12140 (A buffer overflow in os/net/mac/ble/ble-l2cap.c in the BLE stack in Co ...)
	NOT-FOR-US: Contiki-NG
CVE-2020-12139
	RESERVED
CVE-2020-12138 (AMD ATI atillk64.sys 5.11.9.0 allows low-privileged users to interact  ...)
	NOT-FOR-US: AMD ATI atillk64.sys specific issue
CVE-2020-12136
	RESERVED
CVE-2020-12135 (bson before 0.8 incorrectly uses int rather than size_t for many varia ...)
	- duo-unix <unfixed> (unimportant; bug #958998)
	NOTE: Embedded older version, but affected function not used
CVE-2020-12134 (Nanometrics Centaur through 4.3.23 and TitanSMA through 4.2.20 mishand ...)
	NOT-FOR-US: Nanometrics Centaur / TitanSMA
CVE-2020-12133 (The Apros Evolution, ConsciusMap, and Furukawa provisioning systems th ...)
	NOT-FOR-US: Apros Evolution, ConsciusMap, and Furukawa
CVE-2020-12132 (Fifthplay S.A.M.I before 2019.3_HP2 allows unauthenticated stored XSS  ...)
	NOT-FOR-US: Fifthplay
CVE-2020-12131 (The AirDisk Pro app 5.5.3 for iOS allows XSS via the devicename parame ...)
	NOT-FOR-US: AirDisk Pro app for iOS
CVE-2020-12130 (The AirDisk Pro app 5.5.3 for iOS allows XSS via the deleteFile parame ...)
	NOT-FOR-US: AirDisk Pro app for iOS
CVE-2020-12129 (The AirDisk Pro app 5.5.3 for iOS allows XSS via the createFolder para ...)
	NOT-FOR-US: AirDisk Pro app for iOS
CVE-2020-12128 (DONG JOO CHO File Transfer iFamily 2.1 allows directory traversal rela ...)
	NOT-FOR-US: DONG JOO CHO File Transfer iFamily
CVE-2020-12127 (An information disclosure vulnerability in the /cgi-bin/ExportAllSetti ...)
	NOT-FOR-US: WAVLINK
CVE-2020-12126 (Multiple authentication bypass vulnerabilities in the /cgi-bin/ endpoi ...)
	NOT-FOR-US: WAVLINK
CVE-2020-12125 (A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi ...)
	NOT-FOR-US: WAVLINK
CVE-2020-12124 (A remote command-line injection vulnerability in the /cgi-bin/live_api ...)
	NOT-FOR-US: WAVLINK
CVE-2020-12123 (CSRF vulnerabilities in the /cgi-bin/ directory of the WAVLINK WN530H4 ...)
	NOT-FOR-US: WAVLINK
CVE-2020-12122 (In Max Secure Max Spyware Detector 1.0.0.044, the driver file (MaxProc ...)
	NOT-FOR-US: Max Secure Max Spyware Detector
CVE-2020-12121
	RESERVED
CVE-2020-12120 (The Correos Express addon for PrestaShop 1.6 through 1.7 allows remote ...)
	NOT-FOR-US: PrestaShop
CVE-2020-12119 (Ledger Live before 2.7.0 does not handle Bitcoin's Replace-By-Fee (RBF ...)
	NOT-FOR-US: Ledger Live
CVE-2020-12118 (The keygen protocol implementation in Binance tss-lib before 1.2.0 all ...)
	NOT-FOR-US: Binance tss-lib
CVE-2020-12117 (Moxa Service in Moxa NPort 5150A firmware version 1.5 and earlier allo ...)
	NOT-FOR-US: Moxa
CVE-2020-12116 (Zoho ManageEngine OpManager Stable build before 124196 and Released bu ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2020-12115
	RESERVED
CVE-2020-12114 (A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4. ...)
	{DSA-4699-1 DSA-4698-1 DLA-2242-1 DLA-2241-1}
	- linux 5.3.7-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/05/04/2
CVE-2020-12113 (BigBlueButton before 2.2.4 allows XSS via closed captions because dang ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-12112 (BigBlueButton before 2.2.5 allows remote attackers to obtain sensitive ...)
	NOT-FOR-US: BigBlueButton
CVE-2020-12111 (Certain TP-Link devices allow Command Injection. This affects NC260 1. ...)
	NOT-FOR-US: TP-Link
CVE-2020-12110 (Certain TP-Link devices have a Hardcoded Encryption Key. This affects  ...)
	NOT-FOR-US: TP-Link
CVE-2020-12109 (Certain TP-Link devices allow Command Injection. This affects NC200 2. ...)
	NOT-FOR-US: TP-Link
CVE-2020-12108 (/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content ...)
	{DSA-4991-1 DLA-2276-1 DLA-2204-1}
	- mailman <removed>
	NOTE: https://bugs.launchpad.net/mailman/+bug/1873722
	NOTE: Fixed by: https://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1844
CVE-2020-12107 (The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows command ...)
	NOT-FOR-US: VPNCrypt
CVE-2020-12106 (The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows unauthe ...)
	NOT-FOR-US: VPNCrypt
CVE-2020-12105 (OpenConnect through 8.08 mishandles negative return values from X509_c ...)
	- openconnect <unfixed> (unimportant; bug #959428)
	[jessie] - openconnect <not-affected> (Vulnerable code introduced later)
	NOTE: https://gitlab.com/openconnect/openconnect/-/merge_requests/96
	NOTE: Only an issue if building with OpenSSL, where Debian binary packages use
	NOTE: GnuTLS.
CVE-2020-12104 (The Import feature in the wp-advanced-search plugin 3.3.6 for WordPres ...)
	NOT-FOR-US: Import feature in the wp-advanced-search plugin for WordPress
CVE-2020-12103 (In Tiny File Manager 2.4.1 there is a vulnerability in the ajax file b ...)
	NOT-FOR-US: Tiny File Manager
CVE-2020-12102 (In Tiny File Manager 2.4.1, there is a Path Traversal vulnerability in ...)
	NOT-FOR-US: Tiny File Manager
CVE-2020-12101 (The address-management feature in xt:Commerce 5.1 to 6.2.2 allows remo ...)
	NOT-FOR-US: xt:Commerce
CVE-2020-12100 (In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp ...)
	{DSA-4745-1 DLA-2328-1}
	- dovecot 1:2.3.11.3+dfsg1-1 (bug #968302)
	NOTE: https://www.openwall.com/lists/oss-security/2020/08/12/1
	NOTE: https://github.com/dovecot/core/commit/d4bb43a08ab9ecfab7249a17279e5f773c8abaad
	NOTE: https://github.com/dovecot/core/commit/6d77e00e4d170efde908591dc5871a8e48ea844b
	NOTE: https://github.com/dovecot/core/commit/926742088a3c66c11099386b2c6e80999c29f405
	NOTE: https://github.com/dovecot/core/commit/e5830ae88531a32db36c97ebf122cba9a39cf801
	NOTE: https://github.com/dovecot/core/commit/cb00e21fd70aae49453aedc1bb33c0765ab98667
	NOTE: https://github.com/dovecot/core/commit/5ecadd30746d91854b5aa484feff9c70ea91c20b
	NOTE: https://github.com/dovecot/core/commit/24f0bfefdbccaaaaab9f52be428648ec3f1c34d3
	NOTE: https://github.com/dovecot/core/commit/02c7c6dbb51748a5af8b0c70a499a3ab17de8490
	NOTE: https://github.com/dovecot/core/commit/729941c996ee0b0ede40f462c9e34ceb6a6bd049
	NOTE: https://github.com/dovecot/core/commit/8dbc754a31fbf7684e858aa1fb633b8dfbeb13cf
	NOTE: https://github.com/dovecot/core/commit/a175d654c3bc4d57641b871bbff99c10799b7d67
	NOTE: https://github.com/dovecot/core/commit/a676cb539fc1545c58d1341baa2f875f7b694133
	NOTE: https://github.com/dovecot/core/commit/0f46088a1af7b493db76a1d97ef4ecc6bb41f5a4
	NOTE: https://github.com/dovecot/core/commit/7868f5f49be91fe51795b477a5440e69c1540716
	NOTE: https://github.com/dovecot/core/commit/be53a118e789886efcdd57c513651c5148651161
	NOTE: https://github.com/dovecot/core/commit/19193f40b1d74e8d4ef88121992b4a61d84773e3
CVE-2020-12099
	RESERVED
CVE-2020-12098
	RESERVED
CVE-2020-12097
	RESERVED
CVE-2020-12096
	RESERVED
CVE-2020-12095
	RESERVED
CVE-2020-12094
	RESERVED
CVE-2020-12093
	RESERVED
CVE-2020-12092
	RESERVED
CVE-2020-12091
	RESERVED
CVE-2020-12090
	RESERVED
CVE-2020-12089
	RESERVED
CVE-2020-12088
	RESERVED
CVE-2020-12087
	RESERVED
CVE-2020-12086
	RESERVED
CVE-2020-12085
	RESERVED
CVE-2020-12084
	RESERVED
CVE-2020-12083 (An elevated privileges issue related to Spring MVC calls impacts Code  ...)
	NOT-FOR-US: Code Insight
CVE-2020-12082 (A stored cross-site scripting issue impacts certain areas of the Web U ...)
	NOT-FOR-US: Insight
CVE-2020-12081 (An information disclosure vulnerability has been identified in FlexNet ...)
	NOT-FOR-US: FlexNet Publisher lmadmin.exe
CVE-2020-12080 (A Denial of Service vulnerability has been identified in FlexNet Publi ...)
	NOT-FOR-US: FlexNet
CVE-2020-12137 (GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed app ...)
	{DSA-4664-1 DLA-2200-1}
	- mailman <removed> (bug #958930)
	NOTE: https://www.openwall.com/lists/oss-security/2020/02/24/2
	NOTE: http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1801
CVE-2020-12079 (Beaker before 0.8.9 allows a sandbox escape, enabling system access an ...)
	NOT-FOR-US: Beaker browser, different from src:beaker
CVE-2020-12078 (An issue was discovered in Open-AudIT 3.3.1. There is shell metacharac ...)
	NOT-FOR-US: Open-AudIT
CVE-2020-12077 (The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPr ...)
	NOT-FOR-US: mappress-google-maps-for-wordpress plugin for WordPress
CVE-2020-12076 (The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPr ...)
	NOT-FOR-US: data-tables-generator-by-supsystic plugin for WordPress
CVE-2020-12075 (The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPr ...)
	NOT-FOR-US: data-tables-generator-by-supsystic plugin for WordPress
CVE-2020-12074 (The users-customers-import-export-for-wp-woocommerce plugin before 1.3 ...)
	NOT-FOR-US: users-customers-import-export-for-wp-woocommerce plugin for WordPress
CVE-2020-12073 (The responsive-add-ons plugin before 2.2.7 for WordPress has incorrect ...)
	NOT-FOR-US: responsive-add-ons plugin for WordPress
CVE-2020-12072
	RESERVED
CVE-2020-12071 (Anchor 0.12.7 allows admins to cause XSS via crafted post content. ...)
	NOT-FOR-US: Anchor
CVE-2020-12070 (The Advanced Woo Search plugin version through 1.99 for Wordpress suff ...)
	NOT-FOR-US: Advanced Woo Search plugin for WordPress
CVE-2020-12069
	RESERVED
CVE-2020-12068 (An issue was discovered in CODESYS Development System before 3.5.16.0. ...)
	NOT-FOR-US: CODESYS
CVE-2020-12067
	RESERVED
CVE-2020-12066 (CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before ...)
	{DSA-4763-1}
	- teeworlds 0.7.5-1
	[jessie] - teeworlds <end-of-life> (Not supported in jessie LTS)
	NOTE: https://github.com/teeworlds/teeworlds/commit/c68402fa7e279d42886d5951d1ea8ac2facc1ea5
	NOTE: https://www.teeworlds.com/forum/viewtopic.php?id=14785
CVE-2020-12065
	RESERVED
CVE-2020-12064
	RESERVED
CVE-2020-12063 (** DISPUTED ** A certain Postfix 2.10.1-7 package could allow an attac ...)
	NOTE: https://www.openwall.com/lists/oss-security/2020/04/23/3
	NOTE: https://www.openwall.com/lists/oss-security/2020/04/23/12
	NOTE: Not considered a Postfix vulnerability and scope is outside of the design goals
CVE-2020-12062 (** DISPUTED ** The scp client in OpenSSH 8.2 incorrectly sends duplica ...)
	- openssh 1:8.3p1-1 (unimportant)
	NOTE: https://github.com/openssh/openssh-portable/commit/955854cafca88e0cdcd3d09ca1ad4ada465364a1
	NOTE: https://github.com/openssh/openssh-portable/commit/aad87b88fc2536b1ea023213729aaf4eaabe1894
	NOTE: https://www.openwall.com/lists/oss-security/2020/05/27/1
	NOTE: Negligible security impact, a malicious peer can achieve no more than already
	NOTE: able o achieve within the scp protocol.
CVE-2020-12061 (An issue was discovered in Nitrokey FIDO U2F firmware through 1.1. Com ...)
	NOT-FOR-US: Nitrokey firmware
CVE-2020-12060
	RESERVED
CVE-2020-12059 (An issue was discovered in Ceph through 13.2.9. A POST request with an ...)
	- ceph 14.2.4-1
	[buster] - ceph <no-dsa> (Minor issue)
	[stretch] - ceph <not-affected> (Vulnerable code introduced later)
	[jessie] - ceph <not-affected> (Vulnerable code introduced later)
	NOTE: https://tracker.ceph.com/issues/44967
	NOTE: Introduced with: https://github.com/ceph/ceph/commit/5fb068114bb3da2f8fabea89160a8453f861dc96 (v12.1.1)
	NOTE: Fixed by: https://github.com/ceph/ceph/commit/375d926a4f2720a29b079c216bafb884eef985c3 (v13.2.10)
	NOTE: Consider 14.x series as fixed due to the use of the new style xml parsing.
CVE-2020-12058 (Several XSS vulnerabilities in osCommerce CE Phoenix before 1.0.6.0 al ...)
	NOT-FOR-US: osCommerce CE Phoenix
CVE-2020-12057
	RESERVED
CVE-2020-12056
	RESERVED
CVE-2020-12055
	RESERVED
CVE-2020-12054 (The Catch Breadcrumb plugin before 1.5.4 for WordPress allows Reflecte ...)
	NOT-FOR-US: Catch Breadcrumb plugin for WordPress
CVE-2020-12053 (In Unisys Stealth 3.4.x, 4.x and 5.x before 5.0.026, if certificate-ba ...)
	NOT-FOR-US: Unisys Stealth
CVE-2020-12052 (Grafana version &lt; 6.7.3 is vulnerable for annotation popup XSS. ...)
	- grafana <removed>
CVE-2020-12051 (The CentralAuth extension through REL1_34 for MediaWiki allows remote  ...)
	NOT-FOR-US: MediaWiki extension
CVE-2020-12050 (SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.99 ...)
	- sqliteodbc <unfixed> (unimportant)
	NOTE: The issue is located in the *.spec files used for rpm packaging using insecurely
	NOTE: /tmp/sqliteodbc$$. Debian packaging maintainer scripts do not suffer from same
	NOTE: issue.
CVE-2020-12049 (An issue was discovered in dbus &gt;= 1.3.0 before 1.12.18. The DBusSe ...)
	{DLA-2235-1}
	- dbus 1.12.18-1
	[buster] - dbus 1.12.20-0+deb10u1
	[stretch] - dbus 1.10.32-0+deb9u1
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/04/3
	NOTE: https://gitlab.freedesktop.org/dbus/dbus/-/issues/294
	NOTE: Fixed by: https://gitlab.freedesktop.org/dbus/dbus/-/commit/272d484283883fa9ff95b69d924fff6cd34842f5
	NOTE: Test: https://gitlab.freedesktop.org/dbus/dbus/-/commit/8bc1381819e5a845331650bfa28dacf6d2ac1748
CVE-2020-12048 (Phoenix Hemodialysis Delivery System SW 3.36 and 3.40, The Phoenix Hem ...)
	NOT-FOR-US: Phoenix Hemodialysis Delivery System
CVE-2020-12047 (The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24), whe ...)
	NOT-FOR-US: Baxter Spectrum WBM
CVE-2020-12046 (Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC&#8217;s firmwar ...)
	NOT-FOR-US: Opto 22 SoftPAC Project
CVE-2020-12045 (The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) when ...)
	NOT-FOR-US: Baxter Spectrum WBM
CVE-2020-12044
	RESERVED
CVE-2020-12043 (The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) when ...)
	NOT-FOR-US: Baxter Spectrum WBM
CVE-2020-12042 (Opto 22 SoftPAC Project Version 9.6 and prior. Paths specified within  ...)
	NOT-FOR-US: Opto 22 SoftPAC Project
CVE-2020-12041 (The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) teln ...)
	NOT-FOR-US: Baxter Spectrum WBM
CVE-2020-12040 (Sigma Spectrum Infusion System v's6.x (model 35700BAX) and Baxter Spec ...)
	NOT-FOR-US: Sigma Spectrum Infusion System
CVE-2020-12039 (Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v' ...)
	NOT-FOR-US: Baxter
CVE-2020-12038 (Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk ...)
	NOT-FOR-US: Rockwell Automation
CVE-2020-12037 (Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The ...)
	NOT-FOR-US: Baxter
CVE-2020-12036 (Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The ...)
	NOT-FOR-US: Baxter
CVE-2020-12035 (Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The ...)
	NOT-FOR-US: Baxter
CVE-2020-12034 (Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk ...)
	NOT-FOR-US: Rockwell Automation
CVE-2020-12033 (In Rockwell Automation FactoryTalk Services Platform, all versions, th ...)
	NOT-FOR-US: Rockwell Automation
CVE-2020-12032 (Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Vers ...)
	NOT-FOR-US: Baxter
CVE-2020-12031 (In all versions of FactoryTalk View SE, after bypassing memory corrupt ...)
	NOT-FOR-US: FactoryTalk View SE
CVE-2020-12030 (There is a flaw in the code used to configure the internal gateway fir ...)
	NOT-FOR-US: Emerson WirelessHART Gateway
CVE-2020-12029 (All versions of FactoryTalk View SE do not properly validate input of  ...)
	NOT-FOR-US: FactoryTalk View SE
CVE-2020-12028 (In all versions of FactoryTalk View SEA remote, an authenticated attac ...)
	NOT-FOR-US: FactoryTalk View
CVE-2020-12027 (All versions of FactoryTalk View SE disclose the hostnames and file pa ...)
	NOT-FOR-US: FactoryTalk View SE
CVE-2020-12026 (Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Mult ...)
	NOT-FOR-US: Advantech WebAccess Node
CVE-2020-12025 (Rockwell Automation Logix Designer Studio 5000 Versions 32.00, 32.01,  ...)
	NOT-FOR-US: Rockwell Automation
CVE-2020-12024 (Baxter ExactaMix EM 2400 versions 1.10, 1.11, 1.13, 1.14 and ExactaMix ...)
	NOT-FOR-US: Baxter
CVE-2020-12023 (Philips IntelliBridge Enterprise (IBE), Versions B.12 and prior, Intel ...)
	NOT-FOR-US: Philips
CVE-2020-12022 (Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An i ...)
	NOT-FOR-US: Advantech WebAccess Node
CVE-2020-12021 (In OSIsoft PI Web API 2019 Patch 1 (1.12.0.6346) and all previous vers ...)
	NOT-FOR-US: OSIsoft PI Web
CVE-2020-12020 (Baxter ExactaMix EM 2400 Versions 1.10, 1.11, and 1.13 and ExactaMix E ...)
	NOT-FOR-US: Baxter
CVE-2020-12019 (WebAccess Node Version 8.4.4 and prior is vulnerable to a stack-based  ...)
	NOT-FOR-US: WebAccess Node
CVE-2020-12018 (Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An o ...)
	NOT-FOR-US: Advantech WebAccess Node
CVE-2020-12017 (GE Grid Solutions Reason RT Clocks, RT430, RT431, and RT434, all firmw ...)
	NOT-FOR-US: GE Grid Solutions Reason RT Clocks
CVE-2020-12016 (Baxter ExactaMix EM 2400 &amp; EM 1200, Versions ExactaMix EM2400 Vers ...)
	NOT-FOR-US: Baxter
CVE-2020-12015 (A specially crafted communication packet sent to the affected systems  ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-12014 (Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Inpu ...)
	NOT-FOR-US: Advantech WebAccess Node
CVE-2020-12013 (A specially crafted WCF client that interfaces to the may allow the ex ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-12012 (Baxter ExactaMix EM 2400 &amp; EM 1200, Versions ExactaMix EM2400 Vers ...)
	NOT-FOR-US: Baxter
CVE-2020-12011 (A specially crafted communication packet sent to the affected systems  ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-12010 (Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Mult ...)
	NOT-FOR-US: Advantech WebAccess Node
CVE-2020-12009 (A specially crafted communication packet sent to the affected device c ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-12008 (Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Vers ...)
	NOT-FOR-US: Baxter
CVE-2020-12007 (A specially crafted communication packet sent to the affected devices  ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-12006 (Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Mult ...)
	NOT-FOR-US: Advantech WebAccess Node
CVE-2020-12005 (FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.0 ...)
	NOT-FOR-US: FactoryTalk
CVE-2020-12004 (The affected product lacks proper authentication required to query the ...)
	NOT-FOR-US: Inductive Automation Ignition
CVE-2020-12003 (FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.0 ...)
	NOT-FOR-US: FactoryTalk
CVE-2020-12002 (Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Mult ...)
	NOT-FOR-US: Advantech WebAccess Node
CVE-2020-12001 (FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.0 ...)
	NOT-FOR-US: FactoryTalk
CVE-2020-12000 (The affected product is vulnerable to the handling of serialized data. ...)
	NOT-FOR-US: Inductive Automation Ignition
CVE-2020-11999 (FactoryTalk Linx versions 6.00, 6.10, and 6.11, RSLinx Classic v4.11.0 ...)
	NOT-FOR-US: FactoryTalk
CVE-2020-11998 (A regression has been introduced in the commit preventing JMX re-bind. ...)
	- activemq <not-affected> (Only affects 5.15.12)
	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2020-11998-announcement.txt
CVE-2020-11997 (Apache Guacamole 1.2.0 and earlier do not consistently restrict access ...)
	- guacamole-client <unfixed>
	[stretch] - guacamole-client <ignored> (Minor issue; fix intrusive to backport)
	NOTE: https://lists.apache.org/thread.html/r1a9ae9d1608c9f846875c4191cd738f95543d1be06b52dc1320e8117%40%3Cannounce.guacamole.apache.org%3E
	NOTE: https://issues.apache.org/jira/browse/GUACAMOLE-1123
	NOTE: https://github.com/apache/guacamole-client/pulls?q=is%3Apr+guacamole-1123+is%3Aclosed
	NOTE: https://github.com/glyptodon/guacamole-client/pull/453
	NOTE: https://enterprise.glyptodon.com/doc/latest/cve-2020-11997-inconsistent-restriction-of-connection-history-visibility-31424710.html
	NOTE: https://enterprise.glyptodon.com/doc/1.x/changelog-950368.html#id-.Changelogv1.x-1.14
CVE-2020-11996 (A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat  ...)
	{DSA-4727-1 DLA-2279-1}
	- tomcat9 9.0.36-1
	- tomcat8 <removed>
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/25/6
	NOTE: https://github.com/apache/tomcat/commit/9a0231683a77e2957cea0fdee88b193b30b0c976 (9.0.36)
	NOTE: https://github.com/apache/tomcat/commit/c8acd2ab7371e39aeca7c306f3b5380f00afe552 (8.5.56)
CVE-2020-11995 (A deserialization vulnerability existed in dubbo 2.7.5 and its earlier ...)
	NOT-FOR-US: Apache Dubbo
CVE-2020-11994 (Server-Side Template Injection and arbitrary file disclosure on Camel  ...)
	NOT-FOR-US: Apache Camel
CVE-2020-11993 (Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enab ...)
	{DSA-4757-1}
	- apache2 2.4.46-1
	[stretch] - apache2 <ignored> (Too intrusive to backport)
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993
	NOTE: https://www.openwall.com/lists/oss-security/2020/08/07/3
	NOTE: https://svn.apache.org/r1879642
	NOTE: https://github.com/apache/httpd/commit/63a0a87efa0925514d15c211b508f6594669888c
CVE-2020-11992
	REJECTED
CVE-2020-11991 (When using the StreamGenerator, the code parse a user-provided XML. A  ...)
	- cocoon <removed>
CVE-2020-11990 (We have resolved a security issue in the camera plugin that could have ...)
	NOT-FOR-US: Apache Cordova
CVE-2020-11989 (Apache Shiro before 1.5.3, when using Apache Shiro with Spring dynamic ...)
	{DLA-2273-1}
	- shiro 1.3.2-5 (bug #988728)
	[bullseye] - shiro 1.3.2-4+deb11u1
	[buster] - shiro 1.3.2-4+deb10u1
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/22/1
	NOTE: https://github.com/apache/shiro/pull/211
	NOTE: https://issues.apache.org/jira/browse/SHIRO-753
	NOTE: The original CVE-2020-1957 adressed in 1.5.2 introduced an encoding issue
	NOTE: which can (security wise) be exploited, resulting in a 1.5.3 release. This
	NOTE: CVE is closely related to CVE-2020-1957.
CVE-2020-11988 (Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-sid ...)
	- xmlgraphics-commons 2.4-2 (bug #984949)
	[bullseye] - xmlgraphics-commons 2.4-2~deb11u1
	[buster] - xmlgraphics-commons 2.3-1+deb10u1
	[stretch] - xmlgraphics-commons <not-affected> (Vulnerable code is not present)
	NOTE: https://github.com/apache/xmlgraphics-commons/commit/57393912eb87b994c7fed39ddf30fb778a275183
	NOTE: https://issues.apache.org/jira/browse/XGC-122
CVE-2020-11987 (Apache Batik 1.13 is vulnerable to server-side request forgery, caused ...)
	- batik 1.14-1 (bug #984829)
	[bullseye] - batik <no-dsa> (Minor issue)
	[buster] - batik <no-dsa> (Minor issue)
	[stretch] - batik <no-dsa> (Minor issue)
	NOTE: https://github.com/apache/xmlgraphics-batik/commit/0ef5b661a1f77772d1110877ea9e0287987098f6
CVE-2020-11986 (To be able to analyze gradle projects, the build scripts need to be ex ...)
	- netbeans 12.1-1
	[stretch] - netbeans <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2020/09/07/2
CVE-2020-11985 (IP address spoofing when proxying using mod_remoteip and mod_rewrite F ...)
	- apache2 2.4.25-1
	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=60251
	NOTE: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1875299
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11985
	NOTE: https://www.openwall.com/lists/oss-security/2020/08/07/2
	NOTE: Upstream patch: https://svn.apache.org/r1688399
	NOTE: https://github.com/apache/httpd/commit/dd6c959b3625048ee15ba4ad72e6cb7bcaf91020
CVE-2020-11984 (Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure an ...)
	{DSA-4757-1 DLA-2362-1}
	- apache2 2.4.46-1
	[stretch] - apache2 <not-affected> (Vulnerable code not present)
	- uwsgi <unfixed> (unimportant)
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11984
	NOTE: https://www.openwall.com/lists/oss-security/2020/08/07/1
	NOTE: https://svn.apache.org/r1880251
	NOTE: https://github.com/apache/httpd/commit/0c543e3f5b3881d515d6235f152aacaaaf3aba72
	NOTE: uwsgi since 2.0.15-11 drops building the libapache2-mod-proxy-uwsgi{,-dbg}
	NOTE: packages which are provided by src:apache2 itself.
CVE-2020-11983 (An issue was found in Apache Airflow versions 1.10.10 and below. It wa ...)
	- airflow <itp> (bug #819700)
CVE-2020-11982 (An issue was found in Apache Airflow versions 1.10.10 and below. When  ...)
	- airflow <itp> (bug #819700)
CVE-2020-11981 (An issue was found in Apache Airflow versions 1.10.10 and below. When  ...)
	- airflow <itp> (bug #819700)
CVE-2020-11980 (In Karaf, JMX authentication takes place using JAAS and authorization  ...)
	- apache-karaf <itp> (bug #881297)
CVE-2020-11979 (As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissi ...)
	- ant 1.10.9-1 (bug #971612)
	[buster] - ant <not-affected> (Vulnerability not present as CVE-2020-1945 not addressed)
	[stretch] - ant <not-affected> (Vulnerability not present as CVE-2020-1945 not addressed)
	NOTE: https://lists.apache.org/thread.html/rc3c8ef9724b5b1e171529b47f4b35cb7920edfb6e917fa21eb6c64ea%40%3Cdev.ant.apache.org%3E
	NOTE: Issue is pesent depending on if CVE-2020-1945 was fixed.
CVE-2020-11978 (An issue was found in Apache Airflow versions 1.10.10 and below. A rem ...)
	- airflow <itp> (bug #819700)
CVE-2020-11977 (In Apache Syncope 2.1.X releases prior to 2.1.7, when the Flowable ext ...)
	NOT-FOR-US: Apache Syncope
CVE-2020-11976 (By crafting a special URL it is possible to make Wicket deliver unproc ...)
	NOT-FOR-US: Apache Wicket
CVE-2020-11975 (Apache Unomi allows conditions to use OGNL scripting which offers the  ...)
	NOT-FOR-US: Apache Unomi
CVE-2020-11974 (In DolphinScheduler 1.2.0 and 1.2.1, with mysql connectorj a remote co ...)
	NOT-FOR-US: DolphinScheduler
CVE-2020-11973 (Apache Camel Netty enables Java deserialization by default. Apache Cam ...)
	NOT-FOR-US: Apache Camel
CVE-2020-11972 (Apache Camel RabbitMQ enables Java deserialization by default. Apache  ...)
	NOT-FOR-US: Apache Camel
CVE-2020-11971 (Apache Camel's JMX is vulnerable to Rebind Flaw. Apache Camel 2.22.x,  ...)
	NOT-FOR-US: Apache Camel
CVE-2020-11970
	REJECTED
CVE-2020-11969 (If Apache TomEE is configured to use the embedded ActiveMQ broker, and ...)
	NOT-FOR-US: Apache TomEE
CVE-2020-11968 (** DISPUTED ** In the web-panel in IQrouter through 3.3.1, remote atta ...)
	NOT-FOR-US: IQrouter
CVE-2020-11967 (** DISPUTED ** In IQrouter through 3.3.1, remote attackers can control ...)
	NOT-FOR-US: IQrouter
CVE-2020-11966 (** DISPUTED ** In IQrouter through 3.3.1, the Lua function reset_passw ...)
	NOT-FOR-US: IQrouter
CVE-2020-11965 (** DISPUTED ** In IQrouter through 3.3.1, there is a root user without ...)
	NOT-FOR-US: IQrouter
CVE-2020-11964 (** DISPUTED ** In IQrouter through 3.3.1, the Lua function diag_set_pa ...)
	NOT-FOR-US: IQrouter
CVE-2020-11963 (** DISPUTED ** IQrouter through 3.3.1, when unconfigured, has multiple ...)
	NOT-FOR-US: IQrouter
CVE-2020-11962
	RESERVED
CVE-2020-11961 (Xiaomi router R3600 ROM before 1.0.50 is affected by a sensitive infor ...)
	NOT-FOR-US: Xiaomi
CVE-2020-11960 (Xiaomi router R3600 ROM before 1.0.50 is affected by a vulnerability w ...)
	NOT-FOR-US: Xiaomi
CVE-2020-11959 (An unsafe configuration of nginx lead to information leak in Xiaomi ro ...)
	NOT-FOR-US: Xiaomi
CVE-2020-11958 (re2c 1.3 has a heap-based buffer overflow in Scanner::fill in parse/sc ...)
	- re2c 1.3-2 (bug #963158)
	[buster] - re2c <not-affected> (Vulnerability introduced later)
	[stretch] - re2c <not-affected> (Vulnerability introduced later)
	[jessie] - re2c <not-affected> (Vulnerability introduced later)
	NOTE: http://blogs.gentoo.org/ago/2020/04/19/re2c-heap-overflow-in-scannerfill-scanner-cc/
	NOTE: Logical error introduced in: https://github.com/skvadrik/re2c/commit/2f3e597abce36fb7f41413373308b7f13fc98181 (1.2)
	NOTE: Vulnerability introduced in: https://github.com/skvadrik/re2c/commit/1edd26a35457c5835afd58b8fa8330d33e7a1192 (1.2)
	NOTE: https://github.com/skvadrik/re2c/commit/c4603ba5ce229db83a2a4fb93e6d4b4e3ec3776a#commitcomment-38652070
	NOTE: Fixed by: https://github.com/skvadrik/re2c/commit/c4603ba5ce229db83a2a4fb93e6d4b4e3ec3776a
CVE-2020-11957 (The Bluetooth Low Energy implementation in Cypress PSoC Creator BLE 4. ...)
	NOT-FOR-US: Cypress
CVE-2020-11956 (An issue was discovered on Rittal PDU-3C002DEC through 5.17.10 and CMC ...)
	NOT-FOR-US: Rittal PDU-3C002DEC
CVE-2020-11955 (An issue was discovered on Rittal PDU-3C002DEC through 5.15.70 and CMC ...)
	NOT-FOR-US: Rittal PDU-3C002DEC
CVE-2020-11954
	RESERVED
CVE-2020-11953 (An issue was discovered on Rittal PDU-3C002DEC through 5.15.40 and CMC ...)
	NOT-FOR-US: Rittal PDU-3C002DEC
CVE-2020-11952 (An issue was discovered on Rittal PDU-3C002DEC through 5.17.10 and CMC ...)
	NOT-FOR-US: Rittal PDU-3C002DEC
CVE-2020-11951 (An issue was discovered on Rittal PDU-3C002DEC through 5.17.10 and CMC ...)
	NOT-FOR-US: Rittal PDU-3C002DEC
CVE-2020-11950 (VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XX ...)
	NOT-FOR-US: VIVOTEK Network Cameras
CVE-2020-11949 (testserver.cgi of the web service on VIVOTEK Network Cameras before XX ...)
	NOT-FOR-US: VIVOTEK Network Cameras
CVE-2020-11948
	RESERVED
CVE-2020-11947 (iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buf ...)
	{DSA-4665-1 DLA-2288-1}
	- qemu 1:4.2-7
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=ff0507c239a246fd7215b31c5658fc6a3ee1e4c5 (v5.0.0-rc4)
CVE-2020-11946 (Zoho ManageEngine OpManager before 125120 allows an unauthenticated us ...)
	NOT-FOR-US: Zoho ManageEngine OpManager
CVE-2020-11945 (An issue was discovered in Squid before 5.0.2. A remote attacker can r ...)
	{DSA-4682-1 DLA-2278-1}
	- squid 4.11-1
	- squid3 <removed>
	NOTE: http://www.squid-cache.org/Advisories/SQUID-2020_4.txt
	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-eeebf0f37a72a2de08348e85ae34b02c34e9a811.patch
CVE-2020-11944 (Abe (aka bitcoin-abe) through 0.7.2, and 0.8pre, allows XSS in __call_ ...)
	NOT-FOR-US: bitcoin-abe
CVE-2020-11943 (An issue was discovered in Open-AudIT 3.2.2. There is Arbitrary file u ...)
	NOT-FOR-US: Open-AudIT
CVE-2020-11942 (An issue was discovered in Open-AudIT 3.2.2. There are Multiple SQL In ...)
	NOT-FOR-US: Open-AudIT
CVE-2020-11941 (An issue was discovered in Open-AudIT 3.2.2. There is OS Command injec ...)
	NOT-FOR-US: Open-AudIT
CVE-2020-11940 (In nDPI through 3.2 Stable, an out-of-bounds read in concat_hash_strin ...)
	- ndpi 3.4-1 (bug #972050)
	[buster] - ndpi <not-affected> (Introduced in 3.0)
	[stretch] - ndpi <not-affected> (Introduced in 3.0)
	[jessie] - ndpi <not-affected> (Introduced in 3.0)
	NOTE: https://github.com/ntop/nDPI/commit/3bbb0cd3296023f6f922c71d21a1c374d2b0a435 (3.4)
	NOTE: https://securitylab.github.com/advisories/GHSL-2020-051_052-ntop-ndpi
CVE-2020-11939 (In nDPI through 3.2 Stable, the SSH protocol dissector has multiple KE ...)
	- ndpi 3.4-1 (bug #972050)
	[buster] - ndpi <not-affected> (Introduced in 3.0)
	[stretch] - ndpi <not-affected> (Introduced in 3.0)
	[jessie] - ndpi <not-affected> (Introduced in 3.0)
	NOTE: https://github.com/ntop/nDPI/commit/7ce478a58b4dd29a8d1e6f4e9df2f778613d9202 (3.4)
	NOTE: https://securitylab.github.com/advisories/GHSL-2020-051_052-ntop-ndpi
CVE-2020-11938 (In JetBrains TeamCity 2018.2 through 2019.2.1, a project administrator ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2020-11937 (In whoopsie, parse_report() from whoopsie.c allows a local attacker to ...)
	NOT-FOR-US: Whoopsie
CVE-2020-11936
	RESERVED
CVE-2020-11935
	RESERVED
	- aufs <unfixed> (bug #964748)
	[buster] - aufs <no-dsa> (Minor issue; CONFIG_IMA not enabled in kernel; can be fixed via point release)
	[stretch] - aufs <ignored> (Minor issue; too many other aufs issues open)
	NOTE: To exploit the issue CONFIG_IMA in Kernel needs to be enabled.
	NOTE: linux/4.9.y had the config enabled, but was disabled in later versions
	NOTE: including linux/4.19.y.
	NOTE: https://sourceforge.net/p/aufs/mailman/message/37048642/
	NOTE: https://github.com/sfjro/aufs4-linux/commit/515a586eeef31e0717d5dea21e2c11a965340b3c
	NOTE: https://github.com/sfjro/aufs4-linux/commit/f10aea57d39d6cd311312e9e7746804f7059b5c8
CVE-2020-11934 (It was discovered that snapctl user-open allowed altering the $XDG_DAT ...)
	- snapd 2.45.2-1
	[buster] - snapd <no-dsa> (Minor issue)
	[stretch] - snapd <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/snapcore/snapd/commit/06342a31878f1cf99d56da5483e71b9af61f46ad
CVE-2020-11933 (cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 de ...)
	NOT-FOR-US: cloud-init in some Ubuntu images
CVE-2020-11932 (It was discovered that the Subiquity installer for Ubuntu Server logge ...)
	NOT-FOR-US: Subiquity installer for Ubuntu
CVE-2020-11931 (An Ubuntu-specific modification to Pulseaudio to provide security medi ...)
	NOT-FOR-US: Ubuntu snap packaging of Pulseaudio
CVE-2020-11930 (The GTranslate plugin before 2.8.52 for WordPress has Reflected XSS vi ...)
	NOT-FOR-US: GTranslate plugin for WordPress
CVE-2020-11929
	RESERVED
CVE-2020-11928 (In the media-library-assistant plugin before 2.82 for WordPress, Remot ...)
	NOT-FOR-US: media-library-assistant plugin for WordPress
CVE-2020-11927
	RESERVED
CVE-2020-11926
	RESERVED
CVE-2020-11925 (An issue was discovered in Luvion Grand Elite 3 Connect through 2020-0 ...)
	NOT-FOR-US: Luvion Grand Elite 3 Connect
CVE-2020-11924 (An issue was discovered in WiZ Colors A60 1.14.0. Wi-Fi credentials ar ...)
	NOT-FOR-US: WiZ Colors A60
CVE-2020-11923 (An issue was discovered in WiZ Colors A60 1.14.0. API credentials are  ...)
	NOT-FOR-US: WiZ Colors A60
CVE-2020-11922 (An issue was discovered in WiZ Colors A60 1.14.0. The device sends unn ...)
	NOT-FOR-US: WiZ Colors A60
CVE-2020-11921
	RESERVED
CVE-2020-11920 (An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3. ...)
	NOT-FOR-US: Svakom Siime Eye
CVE-2020-11919
	RESERVED
CVE-2020-11918
	RESERVED
CVE-2020-11917
	RESERVED
CVE-2020-11916
	RESERVED
CVE-2020-11915 (An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3. ...)
	NOT-FOR-US: Svakom Siime Eye
CVE-2020-11914 (The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read. ...)
	NOT-FOR-US: Treck TCP/IP stack / Cisco
CVE-2020-11913 (The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. ...)
	NOT-FOR-US: Treck TCP/IP stack / Cisco
CVE-2020-11912 (The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read. ...)
	NOT-FOR-US: Treck TCP/IP stack / Cisco
CVE-2020-11911 (The Treck TCP/IP stack before 6.0.1.66 has Improper ICMPv4 Access Cont ...)
	NOT-FOR-US: Treck TCP/IP stack / Cisco
CVE-2020-11910 (The Treck TCP/IP stack before 6.0.1.66 has an ICMPv4 Out-of-bounds Rea ...)
	NOT-FOR-US: Treck TCP/IP stack / Cisco
CVE-2020-11909 (The Treck TCP/IP stack before 6.0.1.66 has an IPv4 Integer Underflow. ...)
	NOT-FOR-US: Treck TCP/IP stack / Cisco
CVE-2020-11908 (The Treck TCP/IP stack before 4.7.1.27 mishandles '\0' termination in  ...)
	NOT-FOR-US: Treck TCP/IP stack / Cisco
CVE-2020-11907 (The Treck TCP/IP stack before 6.0.1.66 improperly handles a Length Par ...)
	NOT-FOR-US: Treck TCP/IP stack / Cisco
CVE-2020-11906 (The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Inte ...)
	NOT-FOR-US: Treck TCP/IP stack / Cisco
CVE-2020-11905 (The Treck TCP/IP stack before 6.0.1.66 has a DHCPv6 Out-of-bounds Read ...)
	NOT-FOR-US: Treck TCP/IP stack / Cisco
CVE-2020-11904 (The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during  ...)
	NOT-FOR-US: Treck TCP/IP stack / Cisco
CVE-2020-11903 (The Treck TCP/IP stack before 6.0.1.28 has a DHCP Out-of-bounds Read. ...)
	NOT-FOR-US: Treck TCP/IP stack / Cisco
CVE-2020-11902 (The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling O ...)
	NOT-FOR-US: Treck TCP/IP stack / Cisco
CVE-2020-11901 (The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution vi ...)
	NOT-FOR-US: Treck TCP/IP stack / Cisco
CVE-2020-11900 (The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Fr ...)
	NOT-FOR-US: Treck TCP/IP stack / Cisco
CVE-2020-11899 (The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. ...)
	NOT-FOR-US: Treck TCP/IP stack / Cisco
CVE-2020-11898 (The Treck TCP/IP stack before 6.0.1.66 improperly handles an IPv4/ICMP ...)
	NOT-FOR-US: Treck TCP/IP stack / Cisco
CVE-2020-11897 (The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via  ...)
	NOT-FOR-US: Treck TCP/IP stack / Cisco
CVE-2020-11896 (The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, r ...)
	NOT-FOR-US: Treck TCP/IP stack / Cisco
CVE-2020-11895 (Ming (aka libming) 0.4.8 has a heap-based buffer over-read (2 bytes) i ...)
	- ming <removed>
	NOTE: https://github.com/libming/libming/issues/197
CVE-2020-11894 (Ming (aka libming) 0.4.8 has a heap-based buffer over-read (8 bytes) i ...)
	- ming <removed>
	NOTE: https://github.com/libming/libming/issues/196
CVE-2020-11893
	RESERVED
CVE-2020-11892
	RESERVED
CVE-2020-11891 (An issue was discovered in Joomla! before 3.9.17. Incorrect ACL checks ...)
	NOT-FOR-US: Joomla!
CVE-2020-11890 (An issue was discovered in Joomla! before 3.9.17. Improper input valid ...)
	NOT-FOR-US: Joomla!
CVE-2020-11889 (An issue was discovered in Joomla! before 3.9.17. Incorrect ACL checks ...)
	NOT-FOR-US: Joomla!
CVE-2020-11888 (python-markdown2 through 2.3.8 allows XSS because element names are mi ...)
	- python-markdown2 2.3.9-1 (bug #959445)
	[buster] - python-markdown2 2.3.7-2+deb10u1
	NOTE: https://github.com/trentm/python-markdown2/issues/348
CVE-2020-11887 (svg2png 4.1.1 allows XSS with resultant SSRF via JavaScript inside an  ...)
	NOT-FOR-US: svg2png
CVE-2020-11886 (OpenNMS Horizon and Meridian allows HQL Injection in element/nodeList. ...)
	- opennms <itp> (bug #450615)
CVE-2020-11885 (WSO2 Enterprise Integrator through 6.6.0 has an XXE vulnerability wher ...)
	NOT-FOR-US: WSO2 Enterprise Integrator
CVE-2020-11884 (In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code exec ...)
	{DSA-4667-1}
	- linux 5.6.7-1
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.kernel.org/linus/316ec154810960052d4586b634156c54d0778f74
CVE-2020-11883 (In Divante vue-storefront-api through 1.11.1 and storefront-api throug ...)
	NOT-FOR-US: Divante vue-storefront-api
CVE-2020-11882 (The O2 Business application 1.2.0 for Android exposes the canvasm.myo2 ...)
	NOT-FOR-US: O2 Business
CVE-2020-11881 (An array index error in MikroTik RouterOS 6.41.3 through 6.46.5, and 7 ...)
	NOT-FOR-US: MikroTik RouterOS
CVE-2020-11880 (An issue was discovered in KDE KMail before 19.12.3. By using the prop ...)
	- kmail 4:20.04.1-1 (bug #958054)
	[buster] - kmail <no-dsa> (Minor issue)
	- kdepim <removed>
	[stretch] - kdepim <no-dsa> (Minor issue)
	[jessie] - kdepim <no-dsa> (Minor issue)
	NOTE: https://github.com/KDE/kmail/commit/2a348eccd352260f192d9b449492071bbf2b34b1
CVE-2020-11879 (An issue was discovered in GNOME Evolution before 3.35.91. By using th ...)
	- evolution 3.36.0-1
	[buster] - evolution <no-dsa> (Minor issue)
	[stretch] - evolution <no-dsa> (Minor issue)
	[jessie] - evolution <no-dsa> (Minor issue)
	NOTE: https://gitlab.gnome.org/GNOME/evolution/issues/784
	NOTE: https://gitlab.gnome.org/GNOME/evolution/-/commit/6489f20d6905cc797e2b2581c415e558c457caa7
CVE-2020-11878 (The Jitsi Meet (aka docker-jitsi-meet) stack on Docker before stable-4 ...)
	- jitsi-meet <itp> (bug #760485)
CVE-2020-11877 (** DISPUTED ** airhost.exe in Zoom Client for Meetings 4.6.11 uses 342 ...)
	NOT-FOR-US: Zoom Client for Meetings
CVE-2020-11876 (** DISPUTED ** airhost.exe in Zoom Client for Meetings 4.6.11 uses the ...)
	NOT-FOR-US: Zoom Client for Meetings
CVE-2020-11875 (An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-11874 (An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-11873 (An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, ...)
	NOT-FOR-US: LG mobile devices
CVE-2020-11872 (The Cloud Functions subsystem in OpenTrace 1.0 might allow fabrication ...)
	NOT-FOR-US: OpenTrace
CVE-2020-11871
	RESERVED
CVE-2020-11870
	RESERVED
CVE-2020-11869 (An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way i ...)
	- qemu 1:5.0-1
	[buster] - qemu <not-affected> (Vulnerable code introduced later)
	[stretch] - qemu <not-affected> (Vulnerable code introduced later)
	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=ac2071c3791b67fc7af78b8ceb320c01ca1b5df7
	NOTE: https://www.openwall.com/lists/oss-security/2020/04/24/2
CVE-2020-11868 (ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-pat ...)
	{DLA-2201-1}
	- ntp 1:4.2.8p14+dfsg-1
	[buster] - ntp <no-dsa> (Minor issue)
	[stretch] - ntp <no-dsa> (Minor issue)
	- ntpsec <not-affected> (Doesn't affect ntpsec per upstream, #958027)
	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3592
	NOTE: http://bugs.ntp.org/3592
	NOTE: http://bk.ntp.org/ntp-stable/?PAGE=patch&REV=5df73278nIf5dNbaR_vTeCY43_h7Vg
	NOTE: http://bk.ntp.org/ntp-stable/?PAGE=patch&REV=5deb5269ieF1tee6Mp3UJyZOk8DB-Q
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1716665
	NOTE: https://gitlab.com/NTPsec/ntpsec/issues/651
CVE-2020-11867 (Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USE ...)
	- audacity 2.4.2~dfsg0-4 (bug #976874)
	[buster] - audacity <no-dsa> (Minor issue)
	[stretch] - audacity <no-dsa> (Minor issue)
	NOTE: https://github.com/audacity/audacity/pull/700
CVE-2020-11866 (libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-aft ...)
	- libemf 1.0.12-1
	[buster] - libemf <no-dsa> (Minor issue)
CVE-2020-11865 (libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows out-of-bo ...)
	- libemf 1.0.12-1
	[buster] - libemf <no-dsa> (Minor issue)
CVE-2020-11864 (libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of ...)
	- libemf 1.0.12-1
	[buster] - libemf <no-dsa> (Minor issue)
CVE-2020-11863 (libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of ...)
	- libemf 1.0.12-1
	[buster] - libemf <no-dsa> (Minor issue)
CVE-2020-11862
	RESERVED
CVE-2020-11861 (Unauthorized escalation of local privileges vulnerability on Micro Foc ...)
	NOT-FOR-US: Micro Focus
CVE-2020-11860 (Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger prod ...)
	NOT-FOR-US: Micro Focus
CVE-2020-11859
	RESERVED
CVE-2020-11858 (Code execution with escalated privileges vulnerability in Micro Focus  ...)
	NOT-FOR-US: Micro Focus
CVE-2020-11857 (An Authorization Bypass vulnerability on Micro Focus Operation Bridge  ...)
	NOT-FOR-US: Micro Focus
CVE-2020-11856 (Arbitrary code execution vulnerability on Micro Focus Operation Bridge ...)
	NOT-FOR-US: Micro Focus
CVE-2020-11855 (An Authorization Bypass vulnerability on Micro Focus Operation Bridge  ...)
	NOT-FOR-US: Micro Focus
CVE-2020-11854 (Arbitrary code execution vlnerability in Operation bridge Manager, App ...)
	NOT-FOR-US: Micro Focus
CVE-2020-11853 (Arbitrary code execution vulnerability affecting multiple Micro Focus  ...)
	NOT-FOR-US: Micro Focus
CVE-2020-11852 (DKIM key management page vulnerability on Micro Focus Secure Messaging ...)
	NOT-FOR-US: Micro Focus
CVE-2020-11851 (Arbitrary code execution vulnerability on Micro Focus ArcSight Logger  ...)
	NOT-FOR-US: Micro Focus
CVE-2020-11850
	RESERVED
CVE-2020-11849 (Elevation of privilege and/or unauthorized access vulnerability in Mic ...)
	NOT-FOR-US: Micro Focus
CVE-2020-11848 (Denial of service vulnerability on Micro Focus ArcSight Management Cen ...)
	NOT-FOR-US: Micro Focus
CVE-2020-11847
	RESERVED
CVE-2020-11846
	RESERVED
CVE-2020-11845 (Cross Site Scripting vulnerability in Micro Focus Service Manager prod ...)
	NOT-FOR-US: Micro Focus
CVE-2020-11844 (Incorrect Authorization vulnerability in Micro Focus Container Deploym ...)
	NOT-FOR-US: Micro Focus
CVE-2020-11843
	RESERVED
CVE-2020-11842 (Information disclosure vulnerability in Micro Focus Verastream Host In ...)
	NOT-FOR-US: Micro Focus
CVE-2020-11841 (Unauthorized information disclosure vulnerability in Micro Focus ArcSi ...)
	NOT-FOR-US: Micro Focus
CVE-2020-11840 (Unauthorized information disclosure vulnerability in Micro Focus ArcSi ...)
	NOT-FOR-US: Micro Focus
CVE-2020-11839 (Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logge ...)
	NOT-FOR-US: Micro Focus
CVE-2020-11838 (Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Manag ...)
	NOT-FOR-US: Micro Focus
CVE-2020-11837
	RESERVED
CVE-2020-11836 (OPPO Android Phone with MTK chipset and Android 8.1/9/10/11 versions h ...)
	NOT-FOR-US: OPPO Android Phone
CVE-2020-11835 (In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_d ...)
	NOT-FOR-US: oppo
CVE-2020-11834 (In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_vooc.c, the  ...)
	NOT-FOR-US: oppo
CVE-2020-11833 (In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_m ...)
	NOT-FOR-US: oppo
CVE-2020-11832 (In functions charging_limit_current_write and charging_limit_time_writ ...)
	NOT-FOR-US: oppo
CVE-2020-11831 (OvoiceManager has system permission to write vulnerability reports for ...)
	NOT-FOR-US: OvoiceManager
CVE-2020-11830 (QualityProtect has a vulnerability to execute arbitrary system command ...)
	NOT-FOR-US: QualityProtect
CVE-2020-11829 (Dynamic loading of services in the backup and restore SDK leads to ele ...)
	NOT-FOR-US: com.coloros.codebook (oppo.com)
CVE-2020-11828 (In ColorOS (oppo mobile phone operating system, based on AOSP framewor ...)
	NOT-FOR-US: ColorOS
CVE-2020-11827 (In GOG Galaxy 1.2.67, there is a service that is vulnerable to weak fi ...)
	NOT-FOR-US: GOG Galaxy client
CVE-2020-11826 (Users can lock their notes with a password in Memono version 3.8. Thus ...)
	NOT-FOR-US: Memono
CVE-2020-11825 (In Dolibarr 10.0.6, forms are protected with a CSRF token against CSRF ...)
	- dolibarr <removed>
CVE-2020-11824
	RESERVED
CVE-2020-11823 (In Dolibarr 10.0.6, if USER_LOGIN_FAILED is active, there is a stored  ...)
	- dolibarr <removed>
CVE-2020-11822 (In Rukovoditel 2.5.2, there is a stored XSS vulnerability on the appli ...)
	NOT-FOR-US: Rukovoditel
CVE-2020-11821 (In Rukovoditel 2.5.2, users' passwords and usernames are stored in a c ...)
	NOT-FOR-US: Rukovoditel
CVE-2020-11820 (Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because ...)
	NOT-FOR-US: Rukovoditel
CVE-2020-11819 (In Rukovoditel 2.5.2, an attacker may inject an arbitrary .php file lo ...)
	NOT-FOR-US: Rukovoditel
CVE-2020-11818 (In Rukovoditel 2.5.2 has a form_session_token value to prevent CSRF at ...)
	NOT-FOR-US: Rukovoditel
CVE-2020-11817 (In Rukovoditel V2.5.2, attackers can upload an arbitrary file to the s ...)
	NOT-FOR-US: Rukovoditel
CVE-2020-11816 (Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because ...)
	NOT-FOR-US: Rukovoditel
CVE-2020-11815 (In Rukovoditel 2.5.2, attackers can upload arbitrary file to the serve ...)
	NOT-FOR-US: Rukovoditel
CVE-2020-11814 (A Host Header Injection vulnerability in qdPM 9.1 may allow an attacke ...)
	NOT-FOR-US: qdPM
CVE-2020-11813 (In Rukovoditel 2.5.2, there is a stored XSS vulnerability on the confi ...)
	NOT-FOR-US: Rukovoditel
CVE-2020-11812 (Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because ...)
	NOT-FOR-US: Rukovoditel
CVE-2020-11811 (In qdPM 9.1, an attacker can upload a malicious .php file to the serve ...)
	NOT-FOR-US: qdPM
CVE-2020-11810 (An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can ...)
	- openvpn 2.4.9-1 (low)
	[buster] - openvpn 2.4.7-1+deb10u1
	[stretch] - openvpn <no-dsa> (Minor issue)
	[jessie] - openvpn <no-dsa> (Minor issue)
	NOTE: https://github.com/OpenVPN/openvpn/commit/37bc691e7d26ea4eb61a8a434ebd7a9ae76225ab
CVE-2020-11809
	RESERVED
CVE-2020-11808
	RESERVED
CVE-2020-11807 (Because of Unrestricted Upload of a File with a Dangerous Type, Source ...)
	NOT-FOR-US: Sourcefabric Newscoop
CVE-2020-11806 (In MailStore Outlook Add-in (and Email Archive Outlook Add-in) through ...)
	NOT-FOR-US: MailStore Outlook Add-in
CVE-2020-11805 (Pexip Reverse Proxy and TURN Server before 6.1.0 has Incorrect UDP Acc ...)
	NOT-FOR-US: Pexip Reverse Proxy and TURN Server
CVE-2020-11804 (An issue was discovered in Titan SpamTitan 7.07. Due to improper sanit ...)
	NOT-FOR-US: Titan SpamTitan
CVE-2020-11803 (An issue was discovered in Titan SpamTitan 7.07. Improper sanitization ...)
	NOT-FOR-US: Titan SpamTitan
CVE-2020-11802
	RESERVED
CVE-2020-11801
	RESERVED
CVE-2020-11800 (Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote att ...)
	{DLA-2461-1}
	- zabbix 1:4.0.0+dfsg-1
	NOTE: https://support.zabbix.com/browse/DEV-1538
	NOTE: https://support.zabbix.com/browse/ZBX-17600
	NOTE: https://support.zabbix.com/browse/ZBXSEC-30 (not public)
	NOTE: https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/85453e04656fc7bd8a6790f5295d79410101745c
CVE-2020-11799 (Z-Cron 5.6 Build 04 allows an unprivileged attacker to elevate privile ...)
	NOT-FOR-US: Z-Cron
CVE-2020-11798 (A Directory Traversal vulnerability in the web conference component of ...)
	NOT-FOR-US: Mitel
CVE-2020-11797 (An Authentication Bypass vulnerability in the Published Area of the we ...)
	NOT-FOR-US: Mitel
CVE-2020-11796 (In JetBrains Space through 2020-04-22, the password authentication imp ...)
	NOT-FOR-US: JetBrains Space
CVE-2020-11795 (In JetBrains Space through 2020-04-22, the session timeout period was  ...)
	NOT-FOR-US: JetBrains Space
CVE-2020-11794
	RESERVED
CVE-2020-11793 (A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKi ...)
	{DSA-4658-1}
	- webkit2gtk 2.28.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.1-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0004.html
CVE-2020-11792 (NETGEAR R8900, R9000, RAX120, and XR700 devices before 2020-01-20 are  ...)
	NOT-FOR-US: Netgear
CVE-2020-11791 (NETGEAR JGS516PE devices before 2.6.0.43 are affected by reflected XSS ...)
	NOT-FOR-US: Netgear
CVE-2020-11790 (NETGEAR R7800 devices before 1.0.2.68 are affected by remote code exec ...)
	NOT-FOR-US: Netgear
CVE-2020-11789 (Certain NETGEAR devices are affected by command injection by an unauth ...)
	NOT-FOR-US: Netgear
CVE-2020-11788 (Certain NETGEAR devices are affected by authentication bypass. This af ...)
	NOT-FOR-US: Netgear
CVE-2020-11787 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-11786 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-11785 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-11784 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-11783 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-11782 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-11781 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-11780 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-11779 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-11778 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-11777 (Certain NETGEAR devices are affected by Stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-11776 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-11775 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-11774 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-11773 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-11772 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-11771 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-11770 (Certain NETGEAR devices are affected by command injection by an authen ...)
	NOT-FOR-US: Netgear
CVE-2020-11769 (Certain NETGEAR devices are affected by stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-11768 (Certain NETGEAR devices are affected by Stored XSS. This affects D7800 ...)
	NOT-FOR-US: Netgear
CVE-2020-11767 (Istio through 1.5.1 and Envoy through 1.14.1 have a data-leak issue. I ...)
	NOT-FOR-US: Istio
CVE-2020-11766 (sendfax.php in iFAX AvantFAX before 3.3.6 and HylaFAX Enterprise Web I ...)
	NOT-FOR-US: iFAX AvantFAX
CVE-2020-11765 (An issue was discovered in OpenEXR before 2.4.1. There is an off-by-on ...)
	{DSA-4755-1 DLA-2358-1}
	[experimental] - openexr 2.5.0-1
	- openexr 2.5.3-2 (bug #959444)
	[jessie] - openexr <not-affected> (Vulnerable code not present)
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/3eda5d70aba127bae9bd6bae9956fcf024b64031
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/2ae5f8376b0a6c3e2bb100042f5de79503ba837a
	NOTE: Introduced by https://github.com/AcademySoftwareFoundation/openexr/commit/7f0c9e256f34cac5a31e9d9cce00ccc898f49f3b (v2.2.0)
CVE-2020-11764 (An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ...)
	{DSA-4755-1 DLA-2358-1}
	[experimental] - openexr 2.5.0-1
	- openexr 2.5.3-2 (bug #959444)
	[jessie] - openexr <no-dsa> (Minor issue)
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/e7c26f6ef5bf7ae8ea21ecf19963186cd1391720
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/a6408c90339bdf19f89476578d7f936b741be9b2
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/6bad53af7eebed507564dd5fc90320e4c6a6c0bc
CVE-2020-11763 (An issue was discovered in OpenEXR before 2.4.1. There is an std::vect ...)
	{DSA-4755-1 DLA-2358-1}
	[experimental] - openexr 2.5.0-1
	- openexr 2.5.3-2 (bug #959444)
	[jessie] - openexr <no-dsa> (Minor issue)
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/37750013830def57f19f3c3b7faaa9fc1dae81b3
CVE-2020-11762 (An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ...)
	{DSA-4755-1 DLA-2358-1}
	[experimental] - openexr 2.5.0-1
	- openexr 2.5.3-2 (bug #959444)
	[jessie] - openexr <not-affected> (Vulnerable code not present)
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/3eda5d70aba127bae9bd6bae9956fcf024b64031
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/2ae5f8376b0a6c3e2bb100042f5de79503ba837a
	NOTE: Introduced by https://github.com/AcademySoftwareFoundation/openexr/commit/7f0c9e256f34cac5a31e9d9cce00ccc898f49f3b (v2.2.0)
CVE-2020-11761 (An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ...)
	{DSA-4755-1 DLA-2358-1}
	[experimental] - openexr 2.5.0-1
	- openexr 2.5.3-2 (bug #959444)
	[jessie] - openexr <no-dsa> (Minor issue)
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/b1c34c496b62117115b1089b18a44e0031800a09
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/801272c9bf8b84a66c62f1e8a4490ece81da6a56
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/43cd3ad47d53356da6ae2e983e47c8313aebf72e
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/ea3349896d4a8a3b523e8f3b830334a85240b1e6
CVE-2020-11760 (An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ...)
	{DSA-4755-1 DLA-2358-1}
	[experimental] - openexr 2.5.0-1
	- openexr 2.5.3-2 (bug #959444)
	[jessie] - openexr <no-dsa> (Minor issue)
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/37750013830def57f19f3c3b7faaa9fc1dae81b3
CVE-2020-11759 (An issue was discovered in OpenEXR before 2.4.1. Because of integer ov ...)
	{DSA-4755-1 DLA-2358-1}
	[experimental] - openexr 2.5.0-1
	- openexr 2.5.3-2 (bug #959444)
	[jessie] - openexr <not-affected> (Vulnerable code not present)
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/b9997d0c045fa01af3d2e46e1a74b07cc4519446
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/acad98d6d3e787f36012a3737c23c42c7f43a00f
	NOTE: Introduced by https://github.com/AcademySoftwareFoundation/openexr/commit/9f011ae9ce9b1ca03521ff76e7659d34ee830344 (v2.0.0)
CVE-2020-11758 (An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ...)
	{DSA-4755-1 DLA-2358-1}
	[experimental] - openexr 2.5.0-1
	- openexr 2.5.3-2 (bug #959444)
	[jessie] - openexr <not-affected> (SSE support introduced in v2.0)
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/7a52d40ae23c148f27116cb1f6e897b9143b372c
CVE-2020-11757
	RESERVED
CVE-2020-11756
	RESERVED
CVE-2020-11755
	RESERVED
CVE-2020-11754
	RESERVED
CVE-2020-11753 (An issue was discovered in Sonatype Nexus Repository Manager in versio ...)
	NOT-FOR-US: Sonatype
CVE-2020-11752
	RESERVED
CVE-2020-11751
	RESERVED
CVE-2020-11750
	RESERVED
CVE-2020-11749 (Pandora FMS 7.0 NG &lt;= 746 suffers from Multiple XSS vulnerabilities ...)
	NOT-FOR-US: Pandora FMS
CVE-2020-11748
	RESERVED
CVE-2020-11747
	REJECTED
CVE-2020-11746
	RESERVED
CVE-2020-11745
	RESERVED
CVE-2020-11744
	RESERVED
CVE-2020-11743 (An issue was discovered in Xen through 4.13.x, allowing guest OS users ...)
	{DSA-4723-1}
	- xen 4.11.4-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-316.html
CVE-2020-11742 (An issue was discovered in Xen through 4.13.x, allowing guest OS users ...)
	{DSA-4723-1}
	- xen 4.11.4-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-318.html
CVE-2020-11741 (An issue was discovered in xenoprof in Xen through 4.13.x, allowing gu ...)
	{DSA-4723-1}
	- xen 4.11.4-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-313.html
CVE-2020-11740 (An issue was discovered in xenoprof in Xen through 4.13.x, allowing gu ...)
	{DSA-4723-1}
	- xen 4.11.4-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-313.html
CVE-2020-11739 (An issue was discovered in Xen through 4.13.x, allowing guest OS users ...)
	{DSA-4723-1}
	- xen 4.11.4-1
	[stretch] - xen <end-of-life> (DSA 4602-1)
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-314.html
CVE-2020-11738 (The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Dupl ...)
	NOT-FOR-US: Snap Creek Duplicator plugin for WordPress
CVE-2020-11737 (A cross-site scripting (XSS) vulnerability in Web Client in Zimbra 9.0 ...)
	NOT-FOR-US: Zimbra
CVE-2020-11735 (The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use ...)
	- wolfssl 4.4.0+dfsg-1
	NOTE: https://github.com/wolfSSL/wolfssl/commit/1de07da61f0c8e9926dcbd68119f73230dae283f
CVE-2020-11736 (fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Dir ...)
	{DLA-2180-1}
	- file-roller 3.36.2-1 (bug #956638)
	[buster] - file-roller 3.30.1-2+deb10u1
	[stretch] - file-roller 3.22.3-1+deb9u2
	NOTE: https://gitlab.gnome.org/GNOME/file-roller/-/commit/21dfcdbfe258984db89fb65243a1a888924e45a0
CVE-2020-11734 (cgi-bin/go in CyberSolutions CyberMail 5 or later allows XSS via the A ...)
	NOT-FOR-US: CyberSolutions CyberMail
CVE-2020-11733 (An issue was discovered on Spirent TestCenter and Avalanche appliance  ...)
	NOT-FOR-US: Spirent
CVE-2020-11732 (The Media Library Assistant plugin before 2.82 for Wordpress suffers f ...)
	NOT-FOR-US: Media Library Assistant plugin for WordPress
CVE-2020-11731 (The Media Library Assistant plugin before 2.82 for Wordpress suffers f ...)
	NOT-FOR-US: Media Library Assistant plugin for WordPress
CVE-2020-11730
	RESERVED
CVE-2020-11729 (An issue was discovered in DAViCal Andrew's Web Libraries (AWL) throug ...)
	{DSA-4660-1 DLA-2178-1}
	- awl 0.61-1 (bug #956650)
	NOTE: https://gitlab.com/davical-project/awl/-/issues/18
	NOTE: https://gitlab.com/davical-project/awl/-/commit/535505c9acd0dda9cf664c38f5f8cb8dd61dc0cd
CVE-2020-11728 (An issue was discovered in DAViCal Andrew's Web Libraries (AWL) throug ...)
	{DSA-4660-1 DLA-2178-1}
	- awl 0.61-1 (bug #956650)
	NOTE: https://gitlab.com/davical-project/awl/-/issues/19
	NOTE: https://gitlab.com/davical-project/awl/-/commit/c2e808cc2420f8d870ac0a4aa9cc1f2c90562428
CVE-2020-11727 (A cross-site scripting (XSS) vulnerability in the AlgolPlus Advanced O ...)
	NOT-FOR-US: AlgolPlus
CVE-2020-11726
	RESERVED
CVE-2020-11724 (An issue was discovered in OpenResty before 1.15.8.4. ngx_http_lua_sub ...)
	{DSA-4750-1 DLA-2283-1}
	- nginx 1.18.0-5 (bug #964950)
	NOTE: https://github.com/openresty/lua-nginx-module/commit/9ab38e8ee35fc08a57636b1b6190dca70b0076fa (ngx_lua 0.10.17, with tests)
	NOTE: https://github.com/openresty/openresty/commit/4e8b4c395f842a078e429c80dd063b2323999957 (ngx_lua 0.10.15)
	NOTE: nginx packages include ngx_lua in debian/modules/
CVE-2020-11725 (** DISPUTED ** snd_ctl_elem_add in sound/core/control.c in the Linux k ...)
	- linux <unfixed> (unimportant)
	NOTE: https://twitter.com/yabbadabbadrew/status/1248632267028582400
	NOTE: Disputed security-impact across the kernel community
CVE-2020-11723 (Cellebrite UFED 5.0 through 7.29 uses four hardcoded RSA private keys  ...)
	NOT-FOR-US: Cellebrite UFED
CVE-2020-11722 (Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote ...)
	- crawl 2:0.25.0-1 (bug #958232)
	[buster] - crawl <no-dsa> (Minor issue)
	[stretch] - crawl <no-dsa> (Minor issue)
	[jessie] - crawl <no-dsa> (Minor issue)
	NOTE: https://dpmendenhall.blogspot.com/2020/03/dungeon-crawl-stone-soup.html
	NOTE: https://github.com/crawl/crawl/commit/768f60da87a3fa0b5561da5ade9309577c176d04
	NOTE: https://github.com/crawl/crawl/commit/fc522ff6eb1bbb85e3de60c60a45762571e48c28
CVE-2020-11721 (load_png in loader.c in libsixel.a in libsixel 1.8.6 has an uninitiali ...)
	- libsixel 1.10.3-1 (low; bug #972641)
	[bullseye] - libsixel <no-dsa> (Minor issue)
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	[jessie] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/134
	NOTE: https://github.com/libsixel/libsixel/issues/9
	NOTE: https://github.com/libsixel/libsixel/pull/10
	NOTE: https://github.com/libsixel/libsixel/commit/e71aacc97b5f756948b13c1228877d29395c7b55 (v1.9.0)
	NOTE: Since 1.10.3-1 the Debian package moved from https://github.com/saitoha/libsixel to https://github.com/libsixel/libsixel fork
CVE-2020-11720 (An issue was discovered in Programi Bilanc build 007 release 014 31.01 ...)
	NOT-FOR-US: Programi Bilanc
CVE-2020-11719 (An issue was discovered in Programi Bilanc build 007 release 014 31.01 ...)
	NOT-FOR-US: Programi Bilanc
CVE-2020-11718 (An issue was discovered in Programi Bilanc build 007 release 014 31.01 ...)
	NOT-FOR-US: Programi Bilanc
CVE-2020-11717 (An issue was discovered in Programi 014 31.01.2020. It has multiple SQ ...)
	NOT-FOR-US: Programi
CVE-2020-11716 (Panasonic P110, Eluga Z1 Pro, Eluga X1, and Eluga X1 Pro devices throu ...)
	NOT-FOR-US: Panasonic
CVE-2020-11715 (Panasonic P99 devices through 2020-04-10 have Incorrect Access Control ...)
	NOT-FOR-US: Panasonic
CVE-2020-11714 (eten PSG-6528VM 1.1 devices allow XSS via System Contact or System Loc ...)
	NOT-FOR-US: eten PSG-6528VM 1.1 devices
CVE-2020-11713 (wolfSSL 4.3.0 has mulmod code in wc_ecc_mulmod_ex in ecc.c that does n ...)
	- wolfssl 4.4.0+dfsg-1 (bug #960190)
	NOTE: https://github.com/wolfSSL/wolfssl/pull/2894/
CVE-2020-11712 (Open Upload through 0.4.3 allows XSS via index.php?action=u and the fi ...)
	NOT-FOR-US: Open Upload
CVE-2020-11711
	RESERVED
CVE-2020-11710 (** DISPUTED ** An issue was discovered in docker-kong (for Kong) throu ...)
	NOT-FOR-US: docker-kong
CVE-2020-11709 (cpp-httplib through 0.5.8 does not filter \r\n in parameters passed in ...)
	NOT-FOR-US: cpp-httplip
	NOTE: https://github.com/yhirose/cpp-httplib/issues/425
CVE-2020-11708 (An issue was discovered in ProVide (formerly zFTPServer) through 13.1. ...)
	NOT-FOR-US: ProVide (formerly zFTPServer)
CVE-2020-11707 (An issue was discovered in ProVide (formerly zFTPServer) through 13.1. ...)
	NOT-FOR-US: ProVide (formerly zFTPServer)
CVE-2020-11706 (An issue was discovered in ProVide (formerly zFTPServer) through 13.1. ...)
	NOT-FOR-US: ProVide (formerly zFTPServer)
CVE-2020-11705 (An issue was discovered in ProVide (formerly zFTPServer) through 13.1. ...)
	NOT-FOR-US: ProVide (formerly zFTPServer)
CVE-2020-11704 (An issue was discovered in ProVide (formerly zFTPServer) through 13.1. ...)
	NOT-FOR-US: ProVide (formerly zFTPServer)
CVE-2020-11703 (An issue was discovered in ProVide (formerly zFTPServer) through 13.1. ...)
	NOT-FOR-US: ProVide (formerly zFTPServer)
CVE-2020-11702 (An issue was discovered in ProVide (formerly zFTPServer) through 13.1. ...)
	NOT-FOR-US: ProVide (formerly zFTPServer)
CVE-2020-11701 (An issue was discovered in ProVide (formerly zFTPServer) through 13.1. ...)
	NOT-FOR-US: ProVide (formerly zFTPServer)
CVE-2020-11700 (An issue was discovered in Titan SpamTitan 7.07. Improper sanitization ...)
	NOT-FOR-US: Titan SpamTitan
CVE-2020-11699 (An issue was discovered in Titan SpamTitan 7.07. Improper validation o ...)
	NOT-FOR-US: Titan SpamTitan
CVE-2020-11698 (An issue was discovered in Titan SpamTitan 7.07. Improper input saniti ...)
	NOT-FOR-US: Titan SpamTitan
CVE-2020-11697 (In Combodo iTop, dashboard ids can be exploited with a reflective XSS  ...)
	NOT-FOR-US: Combodo iTop
CVE-2020-11696 (In Combodo iTop a menu shortcut name can be exploited with a stored XS ...)
	NOT-FOR-US: Combodo iTop
CVE-2020-11695
	RESERVED
CVE-2020-11694 (In JetBrains PyCharm 2019.2.5 and 2019.3 on Windows, Apple Notarizatio ...)
	- pycharm <itp> (bug #742394)
CVE-2020-11693 (JetBrains YouTrack before 2020.1.659 was vulnerable to DoS that could  ...)
	NOT-FOR-US: JetBrains YouTrack
CVE-2020-11692 (In JetBrains YouTrack before 2020.1.659, DB export was accessible to r ...)
	NOT-FOR-US: JetBrains YouTrack
CVE-2020-11691 (In JetBrains Hub before 2020.1.12099, content spoofing in the Hub OAut ...)
	NOT-FOR-US: JetBrains Hub
CVE-2020-11690 (In JetBrains IntelliJ IDEA before 2020.1, the license server could be  ...)
	- intellij-idea <itp> (bug #747616)
CVE-2020-11689 (In JetBrains TeamCity before 2019.2.1, a user without appropriate perm ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2020-11688 (In JetBrains TeamCity before 2019.2.1, the application state is kept a ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2020-11687 (In JetBrains TeamCity before 2019.2.2, password values were shown in a ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2020-11686 (In JetBrains TeamCity before 2019.1.4, a project administrator was abl ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2020-11685 (In JetBrains GoLand before 2019.3.2, the plugin repository was accesse ...)
	NOT-FOR-US: JetBrains GoLand
CVE-2020-11684 (AT91bootstrap before 3.9.2 does not properly wipe encryption and authe ...)
	NOT-FOR-US: Microchip AT91bootstrap
CVE-2020-11683 (A timing side channel was discovered in AT91bootstrap before 3.9.2. It ...)
	NOT-FOR-US: Microchip AT91bootstrap
CVE-2020-11682 (Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing  ...)
	NOT-FOR-US: Castel NextGen DVR
CVE-2020-11681 (Castel NextGen DVR v1.0.0 stores and displays credentials for the asso ...)
	NOT-FOR-US: Castel NextGen DVR
CVE-2020-11680 (Castel NextGen DVR v1.0.0 is vulnerable to authorization bypass on all ...)
	NOT-FOR-US: Castel NextGen DVR
CVE-2020-11679 (Castel NextGen DVR v1.0.0 is vulnerable to privilege escalation throug ...)
	NOT-FOR-US: Castel NextGen DVR
CVE-2020-11678
	RESERVED
CVE-2020-11677 (Cerner medico 26.00 has a Local Buffer Overflow (issue 3 of 3). ...)
	NOT-FOR-US: Cerner medico
CVE-2020-11676 (Cerner medico 26.00 has a Local Buffer Overflow (issue 2 of 3). ...)
	NOT-FOR-US: Cerner medico
CVE-2020-11675 (Cerner medico 26.00 has a Local Buffer Overflow (issue 1 of 3). ...)
	NOT-FOR-US: Cerner medico
CVE-2020-11674 (Cerner medico 26.00 allows variable reuse, possibly causing data corru ...)
	NOT-FOR-US: Cerner medico
CVE-2020-11673 (An issue was discovered in the Responsive Poll through 1.3.4 for Wordp ...)
	NOT-FOR-US: Responsive Poll for WordPress
CVE-2020-11672
	RESERVED
CVE-2020-11671 (Lack of authorization controls in REST API functions in TeamPass throu ...)
	- teampass <itp> (bug #730180)
CVE-2020-11670
	RESERVED
CVE-2020-11669 (An issue was discovered in the Linux kernel before 5.2 on the powerpc  ...)
	- linux 5.2.6-1
	[buster] - linux 4.19.118-1
	[stretch] - linux <not-affected> (Vulnerability introduced later with support for KVM guests on POWER9)
	[jessie] - linux <not-affected> (Vulnerability introduced later with support for KVM guests on POWER9)
	NOTE: https://git.kernel.org/linus/53a712bae5dd919521a58d7bad773b949358add0
	NOTE: https://www.openwall.com/lists/oss-security/2020/04/15/1
CVE-2020-11668 (In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit. ...)
	{DSA-4698-1 DLA-2242-1 DLA-2241-1}
	- linux 5.5.17-1
	[buster] - linux 4.19.118-1
	NOTE: https://git.kernel.org/linus/a246b4d547708f33ff4d4b9a7a5dbac741dc89d8
CVE-2020-11667
	RESERVED
CVE-2020-11666 (CA API Developer Portal 4.3.1 and earlier contains an access control f ...)
	NOT-FOR-US: CA API Developer Portal
CVE-2020-11665 (CA API Developer Portal 4.3.1 and earlier handles loginRedirect page r ...)
	NOT-FOR-US: CA API Developer Portal
CVE-2020-11664 (CA API Developer Portal 4.3.1 and earlier handles homeRedirect page re ...)
	NOT-FOR-US: CA API Developer Portal
CVE-2020-11663 (CA API Developer Portal 4.3.1 and earlier handles 404 requests in an i ...)
	NOT-FOR-US: CA API Developer Portal
CVE-2020-11662 (CA API Developer Portal 4.3.1 and earlier handles requests insecurely, ...)
	NOT-FOR-US: CA API Developer Portal
CVE-2020-11661 (CA API Developer Portal 4.3.1 and earlier contains an access control f ...)
	NOT-FOR-US: CA API Developer Portal
CVE-2020-11660 (CA API Developer Portal 4.3.1 and earlier contains an access control f ...)
	NOT-FOR-US: CA API Developer Portal
CVE-2020-11659 (CA API Developer Portal 4.3.1 and earlier contains an access control f ...)
	NOT-FOR-US: CA API Developer Portal
CVE-2020-11658 (CA API Developer Portal 4.3.1 and earlier handles shared secret keys i ...)
	NOT-FOR-US: CA API Developer Portal
CVE-2020-11657
	RESERVED
CVE-2020-11656 (In SQLite through 3.31.1, the ALTER TABLE implementation has a use-aft ...)
	- sqlite3 3.32.0-1 (unimportant)
	NOTE: https://www.sqlite.org/cgi/src/tktview?name=4722bdab08cb14
	NOTE: https://www.sqlite.org/src/info/d09f8c3621d5f7f8
	NOTE: https://www.sqlite.org/src/info/b64674919f673602
	NOTE: Negliglible security impact (and uncovered in DEBUG build)
CVE-2020-11655 (SQLite through 3.31.1 allows attackers to cause a denial of service (s ...)
	{DLA-2340-1 DLA-2203-1}
	- sqlite3 3.31.1-5
	[buster] - sqlite3 <not-affected> (Introduced/exploitable in 3.30 with 3251a2031bfd29f338a5fda1a08c18878296d354)
	NOTE: https://www.sqlite.org/cgi/src/tktview?name=af4556bb5c
	NOTE: Issue covered before: https://www.sqlite.org/cgi/src/info/712e47714863a8ed
	NOTE: Fixed by: https://www.sqlite.org/cgi/src/info/4a302b42c7bf5e11
	NOTE: https://github.com/sqlite/sqlite/commit/3251a2031bfd29f338a5fda1a08c18878296d354
	NOTE: https://github.com/sqlite/sqlite/commit/c415d91007e1680e4eb17def583b202c3c83c718
	NOTE: https://github.com/sqlite/sqlite/commit/4db7ab53f9c30e2e22731ace93ab6b18eef6c4ae
CVE-2020-11654
	RESERVED
CVE-2020-11653 (An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6 ...)
	- varnish 6.4.0-1 (bug #956307)
	[buster] - varnish <postponed> (Can be fixed along in next DSA)
	[stretch] - varnish <not-affected> (Only affects 6.x)
	[jessie] - varnish <not-affected> (Only affects 6.x)
	NOTE: https://varnish-cache.org/security/VSV00005.html#vsv00005
	NOTE: https://github.com/varnishcache/varnish-cache/commit/2d8fc1a784a1e26d78c30174923a2b14ee2ebf62
CVE-2020-11652 (An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 bef ...)
	{DSA-4676-2 DSA-4676-1 DLA-2223-1}
	- salt 3000.2+dfsg1-1 (bug #959684)
	NOTE: https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst
	NOTE: Fixed by: https://github.com/saltstack/salt/commit/cce7abad9c22d9d50ccee2813acabff8deca35dd
CVE-2020-11651 (An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 bef ...)
	{DSA-4676-2 DSA-4676-1 DLA-2223-1}
	- salt 3000.2+dfsg1-1 (bug #959684)
	NOTE: https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst
	NOTE: Fixed by: https://github.com/saltstack/salt/commit/a67d76b15615983d467ed81371b38b4a17e4f3b7 (v3000.2)
	NOTE: Regression: https://github.com/saltstack/salt/blob/v3000.2_docs/doc/topics/releases/3000.2.rst#known-issue
	NOTE: Regression fix: https://github.com/saltstack/salt/commit/cea28c850f7562fd3b869a1bbcc95050ab19e0f1 (v3000.3)
	NOTE: See also https://gitlab.com/saltstack/open/salt-patches/-/tree/master/patches/2020/04/14/
CVE-2020-11650 (An issue was discovered in iXsystems FreeNAS (and TrueNAS) 11.2 before ...)
	NOT-FOR-US: FreeNAS
CVE-2020-11649 (An issue was discovered in GitLab CE and EE 8.15 through 12.9.2. Membe ...)
	[experimental] - gitlab 12.9.3+dfsg-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/04/14/critical-security-release-gitlab-12-dot-9-dot-3-released/
CVE-2020-11648
	RESERVED
CVE-2020-11647 (In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the  ...)
	{DLA-2547-1}
	- wireshark 3.2.3-1 (low; bug #958213)
	[buster] - wireshark 2.6.20-0+deb10u1
	[jessie] - wireshark <postponed> (Minor, can be fixed along in a future update)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16474
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6f56fc9496db158218243ea87e3660c874a0bab0
	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-07.html
CVE-2020-11646 (A log information disclosure vulnerability in B&amp;R GateManager 4260 ...)
	NOT-FOR-US: B&R GateManager
CVE-2020-11645 (A denial of service vulnerability in B&amp;R GateManager 4260 and 9250 ...)
	NOT-FOR-US: B&R GateManager
CVE-2020-11644 (The information disclosure vulnerability present in B&amp;R GateManage ...)
	NOT-FOR-US: B&R GateManager
CVE-2020-11643 (An information disclosure vulnerability in B&amp;R GateManager 4260 an ...)
	NOT-FOR-US: B&R GateManager
CVE-2020-11642 (The local file inclusion vulnerability present in B&amp;R SiteManager  ...)
	NOT-FOR-US: B&R SiteManager
CVE-2020-11641 (A local file inclusion vulnerability in B&amp;R SiteManager versions & ...)
	NOT-FOR-US: B&R GateManager
CVE-2020-11640
	RESERVED
CVE-2020-11639
	RESERVED
CVE-2020-11638
	RESERVED
CVE-2020-11637 (A memory leak in the TFTP service in B&amp;R Automation Runtime versio ...)
	NOT-FOR-US: B&R Automation Runtime
CVE-2020-11636
	RESERVED
CVE-2020-11635 (The Zscaler Client Connector prior to 3.1.0 did not sufficiently valid ...)
	NOT-FOR-US: Zscaler Client Connector
CVE-2020-11634 (The Zscaler Client Connector for Windows prior to 2.1.2.105 had a DLL  ...)
	NOT-FOR-US: Zscaler Client Connector
CVE-2020-11633 (The Zscaler Client Connector for Windows prior to 2.1.2.74 had a stack ...)
	NOT-FOR-US: Zscaler Client Connector for Windows
CVE-2020-11632 (The Zscaler Client Connector prior to 2.1.2.150 did not quote the sear ...)
	NOT-FOR-US: Zscaler Client Connector
CVE-2020-11631 (An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1. ...)
	NOT-FOR-US: EJBCA / PrimeKey
CVE-2020-11630 (An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1. ...)
	NOT-FOR-US: EJBCA / PrimeKey
CVE-2020-11629 (An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1. ...)
	NOT-FOR-US: EJBCA / PrimeKey
CVE-2020-11628 (An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1. ...)
	NOT-FOR-US: EJBCA / PrimeKey
CVE-2020-11627 (An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1. ...)
	NOT-FOR-US: EJBCA / PrimeKey
CVE-2020-11626 (An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1. ...)
	NOT-FOR-US: EJBCA / PrimeKey
CVE-2020-11625 (An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Ou ...)
	NOT-FOR-US: AvertX
CVE-2020-11624 (An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Ou ...)
	NOT-FOR-US: AvertX
CVE-2020-11623 (An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Ou ...)
	NOT-FOR-US: AvertX
CVE-2020-11622 (A vulnerability exists in Arista&#8217;s Cloud EOS VM / vEOS 4.23.2M a ...)
	NOT-FOR-US: Cloud EOS
CVE-2020-11621
	RESERVED
CVE-2020-11620 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
	{DLA-2179-1}
	- jackson-databind 2.11.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u2
	[stretch] - jackson-databind 2.8.6-1+deb9u7
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2682
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
CVE-2020-11619 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
	{DLA-2179-1}
	- jackson-databind 2.11.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u2
	[stretch] - jackson-databind 2.8.6-1+deb9u7
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2680
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
CVE-2020-11618 (THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top b ...)
	NOT-FOR-US: THOMSON
CVE-2020-11617 (The RSS application on THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA ...)
	NOT-FOR-US: THOMSON
CVE-2020-11616 (NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contai ...)
	NOT-FOR-US: NVIDIA DGX servers
CVE-2020-11615 (NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contai ...)
	NOT-FOR-US: NVIDIA DGX servers
CVE-2020-11614 (Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as w ...)
	NOT-FOR-US: Mids' Reborn Hero Designer
CVE-2020-11613 (Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulne ...)
	NOT-FOR-US: Mids' Reborn Hero Designer
CVE-2020-11612 (The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memo ...)
	{DSA-4885-1 DLA-2364-1}
	- netty 1:4.1.48-1
	[jessie] - netty <ignored> (OOM DoS with fix/mitigation involving new API; too intrusive to backport due to more limited 3.x buffer API)
	NOTE: https://github.com/netty/netty/issues/6168
	NOTE: https://github.com/netty/netty/pull/9924
	NOTE: https://github.com/netty/netty/commit/1543218d3e7afcb33a90b728b14370395a3deca0
CVE-2020-11611 (An issue was discovered in xdLocalStorage through 2.0.5. The buildMess ...)
	NOT-FOR-US: xdLocalStorage
CVE-2020-11610 (An issue was discovered in xdLocalStorage through 2.0.5. The postData( ...)
	NOT-FOR-US: xdLocalStorage
CVE-2020-11609 (An issue was discovered in the stv06xx subsystem in the Linux kernel b ...)
	{DSA-4698-1 DLA-2242-1 DLA-2241-1}
	- linux 5.5.17-1
	[buster] - linux 4.19.118-1
	NOTE: https://git.kernel.org/linus/485b06aadb933190f4bc44e006076bc27a23f205
CVE-2020-11608 (An issue was discovered in the Linux kernel before 5.6.1. drivers/medi ...)
	{DSA-4698-1 DLA-2242-1 DLA-2241-1}
	- linux 5.5.17-1
	[buster] - linux 4.19.118-1
	NOTE: https://git.kernel.org/linus/998912346c0da53a6dbb71fab3a138586b596b30
CVE-2020-11607 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-11606 (An issue was discovered on Samsung mobile devices with Q(10.0) softwar ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-11605 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-11604 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-11603 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-11602 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-11601 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-11600 (An issue was discovered on Samsung mobile devices with Q(10.0) softwar ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-11599 (An issue was discovered in CIPPlanner CIPAce 6.80 Build 2016031401. Ge ...)
	NOT-FOR-US: CIPPlanner
CVE-2020-11598 (An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Upl ...)
	NOT-FOR-US: CIPPlanner
CVE-2020-11597 (An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An  ...)
	NOT-FOR-US: CIPPlanner
CVE-2020-11596 (A Directory Traversal issue was discovered in CIPPlanner CIPAce 9.1 Bu ...)
	NOT-FOR-US: CIPPlanner
CVE-2020-11595 (An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An  ...)
	NOT-FOR-US: CIPPlanner
CVE-2020-11594 (An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An  ...)
	NOT-FOR-US: CIPPlanner
CVE-2020-11593 (An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An  ...)
	NOT-FOR-US: CIPPlanner
CVE-2020-11592 (An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An  ...)
	NOT-FOR-US: CIPPlanner
CVE-2020-11591 (An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An  ...)
	NOT-FOR-US: CIPPlanner
CVE-2020-11590 (An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An  ...)
	NOT-FOR-US: CIPPlanner
CVE-2020-11589 (An Insecure Direct Object Reference issue was discovered in CIPPlanner ...)
	NOT-FOR-US: CIPPlanner
CVE-2020-11588 (An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An  ...)
	NOT-FOR-US: CIPPlanner
CVE-2020-11587 (An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An  ...)
	NOT-FOR-US: CIPPlanner
CVE-2020-11586 (An XXE issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. ...)
	NOT-FOR-US: CIPPlanner
CVE-2020-11585 (There is an information disclosure issue in DNN (formerly DotNetNuke)  ...)
	NOT-FOR-US: DNN (formerly DotNetNuke)
CVE-2020-11584 (A GET-based XSS reflected vulnerability in Plesk Onyx 17.8.11 allows r ...)
	NOT-FOR-US: Plesk Onyx
CVE-2020-11583 (A GET-based XSS reflected vulnerability in Plesk Obsidian 18.0.17 allo ...)
	NOT-FOR-US: Plesk Obsidian
CVE-2020-11582 (An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) thr ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2020-11581 (An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) thr ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2020-11580 (An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) thr ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2020-11579 (An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. instal ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-11578
	RESERVED
CVE-2020-11577
	RESERVED
CVE-2020-11576 (Fixed in v1.5.1, Argo version v1.5.0 was vulnerable to a user-enumerat ...)
	NOT-FOR-US: Argo
CVE-2020-11575
	RESERVED
CVE-2020-11574
	RESERVED
CVE-2020-11573
	RESERVED
CVE-2020-11572
	RESERVED
CVE-2020-11571
	RESERVED
CVE-2020-11570
	RESERVED
CVE-2020-11569
	RESERVED
CVE-2020-11568
	RESERVED
CVE-2020-11567
	RESERVED
CVE-2020-11566
	RESERVED
CVE-2020-11565 (** DISPUTED ** An issue was discovered in the Linux kernel through 5.6 ...)
	{DSA-4698-1 DSA-4667-1 DLA-2242-1 DLA-2241-1}
	- linux 5.5.17-1
	NOTE: https://git.kernel.org/linus/aa9f7d5172fac9bf1f09e678c35e287a40a7b7dd
CVE-2020-11564
	RESERVED
CVE-2020-11563
	RESERVED
CVE-2020-11562
	RESERVED
CVE-2020-11561 (In NCH Express Invoice 7.25, an authenticated low-privilege user can e ...)
	NOT-FOR-US: NCH Express Invoice
CVE-2020-11560 (NCH Express Invoice 7.25 allows local users to discover the cleartext  ...)
	NOT-FOR-US: NCH Express Invoice
CVE-2020-11559
	RESERVED
CVE-2020-11558 (An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by ...)
	- gpac 1.0.1+dfsg1-2 (bug #972053)
	[buster] - gpac <not-affected> (Vulnerable code introduced later, in version 0.8.0)
	[stretch] - gpac <not-affected> (Vulnerable code introduced later, in version 0.8.0)
	[jessie] - gpac <not-affected> (Vulnerable code not present and not reproducible)
	NOTE: https://github.com/gpac/gpac/issues/1440
	NOTE: Introduced by: https://github.com/gpac/gpac/commit/3f1564c43825e052a5d53cbb4c8a242abdf603b4 (v0.9.0-preview)
	NOTE: and https://github.com/gpac/gpac/commit/526bc968451e1ec83386c93f2c1f5a74ac65e649 (v0.9.0-preview)
	NOTE: Fixed by: https://github.com/gpac/gpac/commit/6063b1a011c3f80cee25daade18154e15e4c058c (v0.9.0-preview~20)
CVE-2020-11557 (An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 20 ...)
	NOT-FOR-US: Castle Rock SNMPc
CVE-2020-11556 (An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 20 ...)
	NOT-FOR-US: Castle Rock SNMPc
CVE-2020-11555 (An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 20 ...)
	NOT-FOR-US: Castle Rock SNMPc
CVE-2020-11554 (An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 20 ...)
	NOT-FOR-US: Castle Rock SNMPc
CVE-2020-11553 (An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 20 ...)
	NOT-FOR-US: Castle Rock SNMPc
CVE-2020-11552 (An elevation of privilege vulnerability exists in ManageEngine ADSelfS ...)
	NOT-FOR-US: ManageEngine
CVE-2020-11551 (An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on  ...)
	NOT-FOR-US: Netgear
CVE-2020-11550 (An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on  ...)
	NOT-FOR-US: Netgear
CVE-2020-11549 (An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on  ...)
	NOT-FOR-US: Netgear
CVE-2020-11548 (The Search Meter plugin through 2.13.2 for WordPress allows user input ...)
	NOT-FOR-US: Search Meter plugin for WordPress
CVE-2020-11547 (PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated ...)
	NOT-FOR-US: PRTG Network Monitor
CVE-2020-11546 (SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution  ...)
	NOT-FOR-US: SuperWebMailer
CVE-2020-11545 (Project Worlds Official Car Rental System 1 is vulnerable to multiple  ...)
	NOT-FOR-US: Project Worlds Official Car Rental System 1
CVE-2020-11544 (An issue was discovered in Project Worlds Official Car Rental System 1 ...)
	NOT-FOR-US: Project Worlds Official Car Rental System 1
CVE-2020-11543 (OpsRamp Gateway before 7.0.0 has a backdoor account vadmin with the pa ...)
	NOT-FOR-US: OpsRamp Gateway
CVE-2020-11542 (3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow Authenticat ...)
	NOT-FOR-US: 3xLOGIC Infinias eIDC32 2.213 devices
CVE-2020-11541 (In TechSmith SnagIt 11.2.1 through 20.0.3, an XML External Entity (XXE ...)
	NOT-FOR-US: TechSmith SnagIt
CVE-2020-11540
	RESERVED
CVE-2020-11539 (An issue was discovered on Tata Sonata Smart SF Rush 1.12 devices. It  ...)
	NOT-FOR-US: Tata Sonata Smart SF Rush 1.12 devices
CVE-2020-11538 (In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out- ...)
	- pillow 7.2.0-1 (low)
	[buster] - pillow 5.4.1-2+deb10u2
	[stretch] - pillow <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/python-pillow/Pillow/pull/4504
	NOTE: https://github.com/python-pillow/Pillow/pull/4538
CVE-2020-11537 (A SQL Injection issue was discovered in ONLYOFFICE Document Server 5.5 ...)
	NOT-FOR-US: ONLYOFFICE Document Server
CVE-2020-11536 (An issue was discovered in ONLYOFFICE Document Server 5.5.0. An attack ...)
	NOT-FOR-US: ONLYOFFICE Document Server
CVE-2020-11535 (An issue was discovered in ONLYOFFICE Document Server 5.5.0. An attack ...)
	NOT-FOR-US: ONLYOFFICE Document Server
CVE-2020-11534 (An issue was discovered in ONLYOFFICE Document Server 5.5.0. An attack ...)
	NOT-FOR-US: ONLYOFFICE Document Server
CVE-2020-11533 (Ivanti Workspace Control before 10.4.30.0, when SCCM integration is en ...)
	NOT-FOR-US: Ivanti Workspace Control
CVE-2020-11532 (Zoho ManageEngine DataSecurity Plus prior to 6.0.1 uses default admin  ...)
	NOT-FOR-US: Zoho ManageEngine DataSecurity Plus
CVE-2020-11531 (The DataEngine Xnode Server application in Zoho ManageEngine DataSecur ...)
	NOT-FOR-US: Zoho ManageEngine DataSecurity Plus
CVE-2020-11530 (A blind SQL injection vulnerability is present in Chop Slider 3, a Wor ...)
	NOT-FOR-US: Chop Slider 3 WordPress plugin
CVE-2020-11529 (Common/Grav.php in Grav before 1.7 has an Open Redirect. This is parti ...)
	NOT-FOR-US: Grav CMS
CVE-2020-11528 (bit2spr 1992-06-07 has a stack-based buffer overflow (129-byte write)  ...)
	NOT-FOR-US: bit2spr
CVE-2020-11527 (In Zoho ManageEngine OpManager before 12.4.181, an unauthenticated rem ...)
	NOT-FOR-US: Zoho
CVE-2020-11526 (libfreerdp/core/update.c in FreeRDP versions &gt; 1.1 through 2.0.0-rc ...)
	{DLA-2356-1}
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2
	- freerdp <removed>
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-97jw-m5w5-xvf9
	NOTE: Fixed by: https://github.com/FreeRDP/FreeRDP/commit/192856cb59974ee4d7d3e72cbeafa676aa7565cf
	NOTE: https://github.com/FreeRDP/FreeRDP/issues/6012
CVE-2020-11525 (libfreerdp/cache/bitmap.c in FreeRDP versions &gt; 1.0 through 2.0.0-r ...)
	{DLA-2356-1}
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2
	- freerdp <removed>
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9755-fphh-gmjg
	NOTE: https://github.com/FreeRDP/FreeRDP/commit/0b6b92a25a77d533b8a92d6acc840a81e103684e
CVE-2020-11524 (libfreerdp/codec/interleaved.c in FreeRDP versions &gt; 1.0 through 2. ...)
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-cgw8-3mp2-p5qw
	NOTE: https://github.com/FreeRDP/FreeRDP/commit/7b1d4b49391b4512402840431757703a96946820
CVE-2020-11523 (libfreerdp/gdi/region.c in FreeRDP versions &gt; 1.0 through 2.0.0-rc4 ...)
	{DLA-2356-1}
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2
	- freerdp <removed>
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4qrh-8cp8-4x42
	NOTE: https://github.com/FreeRDP/FreeRDP/commit/ce21b9d7ecd967e0bc98ed31a6b3757848aa6c9e
CVE-2020-11522 (libfreerdp/gdi/gdi.c in FreeRDP &gt; 1.0 through 2.0.0-rc4 has an Out- ...)
	{DLA-2356-1}
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2
	- freerdp <removed>
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-48wx-7vgj-fffh
	NOTE: https://github.com/FreeRDP/FreeRDP/commit/907640a924fa7a9a99c80a48ac225e9d8e41548b
CVE-2020-11521 (libfreerdp/codec/planar.c in FreeRDP version &gt; 1.0 through 2.0.0-rc ...)
	{DLA-2356-1}
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2
	- freerdp <removed>
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5cwc-6wc9-255w
	NOTE: https://github.com/FreeRDP/FreeRDP/commit/17f547ae11835bb11baa3d045245dc1694866845
CVE-2020-11520 (The SDDisk2k.sys driver of WinMagic SecureDoc v8.5 and earlier allows  ...)
	NOT-FOR-US: WinMagic SecureDoc
CVE-2020-11519 (The SDDisk2k.sys driver of WinMagic SecureDoc v8.5 and earlier allows  ...)
	NOT-FOR-US: WinMagic SecureDoc
CVE-2020-11518 (Zoho ManageEngine ADSelfService Plus before 5815 allows unauthenticate ...)
	NOT-FOR-US: Zoho
CVE-2020-11517
	RESERVED
CVE-2020-11516 (Stored XSS in the Contact Form 7 Datepicker plugin through 2.6.0 for W ...)
	NOT-FOR-US: Contact Form 7 Datepicker plugin for WordPress
CVE-2020-11515 (The Rank Math plugin through 1.0.40.2 for WordPress allows unauthentic ...)
	NOT-FOR-US: Rank Math plugin for WordPress
CVE-2020-11514 (The Rank Math plugin through 1.0.40.2 for WordPress allows unauthentic ...)
	NOT-FOR-US: Rank Math plugin for WordPress
CVE-2020-11513
	RESERVED
CVE-2020-11512 (Stored XSS in the IMPress for IDX Broker WordPress plugin before 2.6.2 ...)
	NOT-FOR-US: IMPress for IDX Broker WordPress plugin
CVE-2020-11511 (The LearnPress plugin before 3.2.6.9 for WordPress allows remote attac ...)
	NOT-FOR-US: LearnPress plugin for WordPress
CVE-2020-11510
	RESERVED
	NOT-FOR-US: LearnPress plugin for WordPress
CVE-2020-11509 (An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for Wor ...)
	NOT-FOR-US: WP Lead Plus X plugin for WordPress
CVE-2020-11508 (An XSS vulnerability in the WP Lead Plus X plugin through 0.98 for Wor ...)
	NOT-FOR-US: WP Lead Plus X plugin for WordPress
CVE-2020-11507 (An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner 8.0. ...)
	NOT-FOR-US: Malwarebytes AdwCleaner
CVE-2020-11506 (An issue was discovered in GitLab 10.7.0 and later through 12.9.2. A W ...)
	[experimental] - gitlab 12.9.3+dfsg-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/04/14/critical-security-release-gitlab-12-dot-9-dot-3-released/
CVE-2020-11505 (An issue was discovered in GitLab Community Edition (CE) and Enterpris ...)
	- gitlab <not-affected> (Only affects GitLab EE 12.8.0 and later)
	NOTE: https://about.gitlab.com/releases/2020/04/14/critical-security-release-gitlab-12-dot-9-dot-3-released/
CVE-2020-11504
	RESERVED
CVE-2020-11503 (A heap-based buffer overflow in the awarrensmtp component of Sophos XG ...)
	NOT-FOR-US: Sophos
CVE-2020-11502
	RESERVED
CVE-2020-11500 (Zoom Client for Meetings through 4.6.9 uses the ECB mode of AES for vi ...)
	NOT-FOR-US: Zoom
CVE-2020-11499 (Firmware Analysis and Comparison Tool (FACT) 3 has Stored XSS when upd ...)
	NOT-FOR-US: Firmware Analysis and Comparison Tool
CVE-2020-11498 (Slack Nebula through 1.1.0 contains a relative path vulnerability that ...)
	NOT-FOR-US: Slack Nebula
CVE-2020-11497 (An issue was discovered in the NAB Transact extension 2.1.0 for the Wo ...)
	NOT-FOR-US: NAB Transact extension 2.1.0 for the WooCommerce plugin for WordPress
CVE-2020-11496 (Sprecher SPRECON-E firmware prior to 8.64b might allow local attackers ...)
	NOT-FOR-US: Sprecher SPRECON-E firmware
CVE-2020-11495
	REJECTED
CVE-2020-11494 (An issue was discovered in slc_bump in drivers/net/can/slcan.c in the  ...)
	{DSA-4698-1 DLA-2242-1 DLA-2241-1}
	- linux 5.5.17-1
	[buster] - linux 4.19.118-1
	NOTE: https://lore.kernel.org/netdev/20200401100639.20199-1-rpalethorpe@suse.com/
CVE-2020-11493 (In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9. ...)
	NOT-FOR-US: Foxit
CVE-2020-11492 (An issue was discovered in Docker Desktop through 2.2.0.5 on Windows.  ...)
	NOT-FOR-US: Docker Desktop on Windows
CVE-2020-11491 (Monitoring::Logs in Zen Load Balancer 3.10.1 allows remote authenticat ...)
	NOT-FOR-US: Zen Load Balancer
CVE-2020-11490 (Manage::Certificates in Zen Load Balancer 3.10.1 allows remote authent ...)
	NOT-FOR-US: Zen Load Balancer
CVE-2020-11489 (NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38 ...)
	NOT-FOR-US: NVIDIA DGX servers
CVE-2020-11488 (NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38 ...)
	NOT-FOR-US: NVIDIA DGX servers
CVE-2020-11487 (NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. ...)
	NOT-FOR-US: NVIDIA DGX servers
CVE-2020-11486 (NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38 ...)
	NOT-FOR-US: NVIDIA DGX servers
CVE-2020-11485 (NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38 ...)
	NOT-FOR-US: NVIDIA DGX servers
CVE-2020-11484 (NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38 ...)
	NOT-FOR-US: NVIDIA DGX servers
CVE-2020-11483 (NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38 ...)
	NOT-FOR-US: NVIDIA DGX servers
CVE-2020-11501 (GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The e ...)
	{DSA-4652-1}
	- gnutls28 3.6.13-2 (bug #955556)
	[stretch] - gnutls28 <not-affected> (Vulnerable code introduced later)
	[jessie] - gnutls28 <not-affected> (Vulnerable code introduced later)
	NOTE: https://gitlab.com/gnutls/gnutls/-/issues/960
	NOTE: https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-03-31
	NOTE: Fixed by: https://gitlab.com/gnutls/gnutls/-/commit/c01011c2d8533dbbbe754e49e256c109cb848d0d (3.6.13)
	NOTE: Broken-by: https://gitlab.com/gnutls/gnutls/-/commit/bcf4de0371efbdf0846388e2df0cb14b5db09954 (gnutls_3_6_3)
CVE-2020-11482
	RESERVED
CVE-2020-11481
	RESERVED
CVE-2020-11480
	RESERVED
CVE-2020-11479
	RESERVED
CVE-2020-11478
	RESERVED
CVE-2020-11477
	RESERVED
CVE-2020-11476 (Concrete5 before 8.5.3 allows Unrestricted Upload of File with Dangero ...)
	NOT-FOR-US: Concrete5
CVE-2020-11475
	RESERVED
CVE-2020-11474 (NCP Secure Enterprise Client before 10.15 r47589 allows a symbolic lin ...)
	NOT-FOR-US: NCP Secure Enterprise Client
CVE-2020-11473
	RESERVED
CVE-2020-11472
	RESERVED
CVE-2020-11471
	RESERVED
CVE-2020-11470 (Zoom Client for Meetings through 4.6.8 on macOS has the disable-librar ...)
	NOT-FOR-US: Zoom
CVE-2020-11469 (Zoom Client for Meetings through 4.6.8 on macOS copies runwithroot to  ...)
	NOT-FOR-US: Zoom
CVE-2020-11468
	RESERVED
CVE-2020-11467 (An issue was discovered in Deskpro before 2019.8.0. This product enabl ...)
	NOT-FOR-US: Deskpro
CVE-2020-11466 (An issue was discovered in Deskpro before 2019.8.0. The /api/tickets e ...)
	NOT-FOR-US: Deskpro
CVE-2020-11465 (An issue was discovered in Deskpro before 2019.8.0. The /api/apps/* en ...)
	NOT-FOR-US: Deskpro
CVE-2020-11464 (An issue was discovered in Deskpro before 2019.8.0. The /api/people en ...)
	NOT-FOR-US: Deskpro
CVE-2020-11463 (An issue was discovered in Deskpro before 2019.8.0. The /api/email_acc ...)
	NOT-FOR-US: Deskpro
CVE-2020-11462 (An issue was discovered in OpenVPN Access Server before 2.7.0 and 2.8. ...)
	NOT-FOR-US: OpenVPN Access Server
CVE-2020-11461
	RESERVED
CVE-2020-11460
	RESERVED
CVE-2020-11459
	RESERVED
CVE-2020-11458 (app/Model/feed.php in MISP before 2.4.124 allows administrators to cho ...)
	NOT-FOR-US: MISP
CVE-2020-11457 (pfSense before 2.4.5 has stored XSS in system_usermanager_addprivs.php ...)
	NOT-FOR-US: pfSense
CVE-2020-11456 (LimeSurvey before 4.1.12+200324 has stored XSS in application/views/ad ...)
	- limesurvey <itp> (bug #472802)
CVE-2020-11455 (LimeSurvey before 4.1.12+200324 contains a path traversal vulnerabilit ...)
	- limesurvey <itp> (bug #472802)
CVE-2020-11454 (Microstrategy Web 10.4 is vulnerable to Stored XSS in the HTML Contain ...)
	NOT-FOR-US: Microstrategy Web
CVE-2020-11453 (** DISPUTED ** Microstrategy Web 10.4 is vulnerable to Server-Side Req ...)
	NOT-FOR-US: Microstrategy Web
CVE-2020-11452 (Microstrategy Web 10.4 includes functionality to allow users to import ...)
	NOT-FOR-US: Microstrategy Web
CVE-2020-11451 (The Upload Visualization plugin in the Microstrategy Web 10.4 admin pa ...)
	NOT-FOR-US: Microstrategy Web
CVE-2020-11450 (Microstrategy Web 10.4 exposes the JVM configuration, CPU architecture ...)
	NOT-FOR-US: Microstrategy Web
CVE-2020-11449 (An issue was discovered on Technicolor TC7337 8.89.17 devices. An atta ...)
	NOT-FOR-US: Technicolor devices
CVE-2020-11448
	RESERVED
CVE-2020-11447
	RESERVED
CVE-2020-11446 (ESET Antivirus and Antispyware Module module 1553 through 1560 allows  ...)
	NOT-FOR-US: ESET
CVE-2020-11445 (TP-Link cloud cameras through 2020-02-09 allow remote attackers to byp ...)
	NOT-FOR-US: TP-Link
CVE-2020-11444 (Sonatype Nexus Repository Manager 3.x up to and including 3.21.2 has I ...)
	NOT-FOR-US: Sonatype Nexus Repository Manager
CVE-2020-11443 (The Zoom IT installer for Windows (ZoomInstallerFull.msi) prior to ver ...)
	NOT-FOR-US: Zoom
CVE-2020-11442
	RESERVED
CVE-2020-11441 (** DISPUTED ** phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated ...)
	- phpmyadmin <unfixed> (unimportant)
	[jessie] - phpmyadmin <not-affected> (The pma_error display code does not exist in this version)
	NOTE: https://github.com/phpmyadmin/phpmyadmin/issues/16056
	NOTE: Not considered a security issue
CVE-2020-11440 (httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no  ...)
	NOT-FOR-US: Wind River
CVE-2020-11439 (LibreHealth EMR v2.0.0 is affected by a Local File Inclusion issue all ...)
	NOT-FOR-US: LibreHealth EMR
CVE-2020-11438 (LibreHealth EMR v2.0.0 is affected by systemic CSRF. ...)
	NOT-FOR-US: LibreHealth EMR
CVE-2020-11437 (LibreHealth EMR v2.0.0 is affected by SQL injection allowing low-privi ...)
	NOT-FOR-US: LibreHealth EMR
CVE-2020-11436 (LibreHealth EMR v2.0.0 is vulnerable to XSS that results in the abilit ...)
	NOT-FOR-US: LibreHealth EMR
CVE-2020-11435
	RESERVED
CVE-2020-11434
	RESERVED
CVE-2020-11433
	RESERVED
CVE-2020-11432
	RESERVED
CVE-2020-11431 (The documentation component in i-net Clear Reports 16.0 to 19.2, HelpD ...)
	NOT-FOR-US: i-net
CVE-2020-11430
	RESERVED
CVE-2020-11429
	RESERVED
CVE-2020-11428
	RESERVED
CVE-2020-11427
	RESERVED
CVE-2020-11426
	RESERVED
CVE-2020-11425
	RESERVED
CVE-2020-11424
	RESERVED
CVE-2020-11423
	RESERVED
CVE-2020-11422
	RESERVED
CVE-2020-11421
	RESERVED
CVE-2020-11420 (UPS Adapter CS141 before 1.90 allows Directory Traversal. An attacker  ...)
	NOT-FOR-US: UPS Adapter CS141
CVE-2020-11419
	RESERVED
CVE-2020-11418
	RESERVED
CVE-2020-11417
	RESERVED
CVE-2020-11416 (JetBrains Space through 2020-04-22 allows stored XSS in Chats. ...)
	NOT-FOR-US: JetBrains Space
CVE-2020-11415 (An issue was discovered in Sonatype Nexus Repository Manager 2.x befor ...)
	NOT-FOR-US: Sonatype Nexus Repository Manager
CVE-2020-11414 (An issue was discovered in Progress Telerik UI for Silverlight before  ...)
	NOT-FOR-US: Progress Telerik UI
CVE-2020-11413
	REJECTED
CVE-2020-11412
	REJECTED
CVE-2020-11411
	REJECTED
CVE-2020-11410
	REJECTED
CVE-2020-11409
	REJECTED
CVE-2020-11408
	REJECTED
CVE-2020-11407
	REJECTED
CVE-2020-11406
	REJECTED
CVE-2020-11405
	REJECTED
CVE-2020-11404
	REJECTED
CVE-2020-11403
	REJECTED
CVE-2020-11402
	REJECTED
CVE-2020-11401
	REJECTED
CVE-2020-11400
	REJECTED
CVE-2020-11399
	REJECTED
CVE-2020-11398
	REJECTED
CVE-2020-11397
	REJECTED
CVE-2020-11396
	REJECTED
CVE-2020-11395
	REJECTED
CVE-2020-11394
	REJECTED
CVE-2020-11393
	REJECTED
CVE-2020-11392
	REJECTED
CVE-2020-11391
	REJECTED
CVE-2020-11390
	REJECTED
CVE-2020-11389
	REJECTED
CVE-2020-11388
	REJECTED
CVE-2020-11387
	REJECTED
CVE-2020-11386
	REJECTED
CVE-2020-11385
	REJECTED
CVE-2020-11384
	REJECTED
CVE-2020-11383
	REJECTED
CVE-2020-11382
	REJECTED
CVE-2020-11381
	REJECTED
CVE-2020-11380
	REJECTED
CVE-2020-11379
	REJECTED
CVE-2020-11378
	REJECTED
CVE-2020-11377
	REJECTED
CVE-2020-11376
	REJECTED
CVE-2020-11375
	REJECTED
CVE-2020-11374
	REJECTED
CVE-2020-11373
	REJECTED
CVE-2020-11372
	REJECTED
CVE-2020-11371
	REJECTED
CVE-2020-11370
	REJECTED
CVE-2020-11369
	REJECTED
CVE-2020-11368
	REJECTED
CVE-2020-11367
	REJECTED
CVE-2020-11366
	REJECTED
CVE-2020-11365
	REJECTED
CVE-2020-11364
	REJECTED
CVE-2020-11363
	REJECTED
CVE-2020-11362
	REJECTED
CVE-2020-11361
	REJECTED
CVE-2020-11360
	REJECTED
CVE-2020-11359
	REJECTED
CVE-2020-11358
	REJECTED
CVE-2020-11357
	REJECTED
CVE-2020-11356
	REJECTED
CVE-2020-11355
	REJECTED
CVE-2020-11354
	REJECTED
CVE-2020-11353
	REJECTED
CVE-2020-11352
	REJECTED
CVE-2020-11351
	REJECTED
CVE-2020-11350
	REJECTED
CVE-2020-11349
	REJECTED
CVE-2020-11348
	REJECTED
CVE-2020-11347
	REJECTED
CVE-2020-11346
	REJECTED
CVE-2020-11345
	REJECTED
CVE-2020-11344
	REJECTED
CVE-2020-11343
	REJECTED
CVE-2020-11342
	REJECTED
CVE-2020-11341
	REJECTED
CVE-2020-11340
	REJECTED
CVE-2020-11339
	REJECTED
CVE-2020-11338
	REJECTED
CVE-2020-11337
	REJECTED
CVE-2020-11336
	REJECTED
CVE-2020-11335
	REJECTED
CVE-2020-11334
	REJECTED
CVE-2020-11333
	REJECTED
CVE-2020-11332
	REJECTED
CVE-2020-11331
	REJECTED
CVE-2020-11330
	REJECTED
CVE-2020-11329
	REJECTED
CVE-2020-11328
	REJECTED
CVE-2020-11327
	REJECTED
CVE-2020-11326
	REJECTED
CVE-2020-11325
	REJECTED
CVE-2020-11324
	REJECTED
CVE-2020-11323
	REJECTED
CVE-2020-11322
	REJECTED
CVE-2020-11321
	REJECTED
CVE-2020-11320
	REJECTED
CVE-2020-11319
	REJECTED
CVE-2020-11318
	REJECTED
CVE-2020-11317
	REJECTED
CVE-2020-11316
	REJECTED
CVE-2020-11315
	REJECTED
CVE-2020-11314
	REJECTED
CVE-2020-11313
	REJECTED
CVE-2020-11312
	REJECTED
CVE-2020-11311
	RESERVED
CVE-2020-11310
	REJECTED
CVE-2020-11309 (Use after free in GPU driver while mapping the user memory to GPU memo ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11308 (Buffer overflow occurs when trying to convert ASCII string to Unicode  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11307 (Buffer overflow in modem due to improper array index check before copy ...)
	NOT-FOR-US: Snapdragon
CVE-2020-11306 (Possible integer overflow in RPMB counter due to lack of length check  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11305 (Integer overflow in boot due to improper length check on arguments rec ...)
	NOT-FOR-US: Snapdragon
CVE-2020-11304 (Possible out of bound read in DRM due to improper buffer length check. ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11303 (Accepting AMSDU frames with mismatched destination and source address  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11302
	REJECTED
CVE-2020-11301 (Improper authentication of un-encrypted plaintext Wi-Fi frames in an e ...)
	NOT-FOR-US: Qualcomm WIGIG chipsets
CVE-2020-11300
	REJECTED
CVE-2020-11299 (Buffer overflow can occur in video while playing the non-standard clip ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11298 (While waiting for a response to a callback or listener request, non-se ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11297 (Denial of service in WLAN module due to improper check of subtypes in  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11296 (Arithmetic overflow can happen while processing NOA IE due to improper ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11295 (Use after free in camera If the threadmanager is being cleaned up whil ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11294 (Out of bound write in logger due to prefix size is not validated while ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11293 (Out of bound read can happen in Widevine TA while copying data to buff ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11292 (Possible buffer overflow in voice service due to lack of input validat ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11291 (Possible buffer overflow while updating ikev2 parameters for delete pa ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11290 (Use after free condition in msm ioctl events due to race between the i ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11289 (Out of bound write can occur in TZ command handler due to lack of vali ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11288 (Out of bound write can occur in playready while processing command due ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11287 (Allowing RTT frames to be linked with non randomized MAC address by co ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11286 (An Untrusted Pointer Dereference can occur while doing USB control tra ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11285 (Buffer over-read while unpacking the RTCP packet we may read extra byt ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11284 (Locked memory can be unlocked and modified by non secure boot loader t ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11283 (A buffer overflow can occur when playing an MKV clip due to lack of in ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11282 (Improper access control when using mmap with the kgsl driver with a sp ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11281 (Allowing RTT frames to be linked with non randomized MAC address by co ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11280 (Denial of service while processing fine timing measurement request (FT ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11279 (Memory corruption while processing crafted SDES packets due to imprope ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11278 (Possible denial of service while handling host WMI command due to impr ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11277 (Possible race condition during async fastrpc session after sending RPC ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11276 (Possible buffer over read while processing P2P IE and NOA attribute of ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11275 (Possible buffer over-read while parsing quiet IE in Rx beacon frame du ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11274 (Denial of service in MODEM due to assert to the invalid configuration  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11273 (Histogram type KPI was teardown with the assumption of the existence o ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11272 (Before enqueuing a frame to the PE queue for further processing, an en ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11271 (Possible out of bounds while accessing global control elements due to  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11270 (Possible denial of service due to RTT responder consistently rejects a ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11269 (Possible memory corruption while processing EAPOL frames due to lack o ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11268 (Potential UE reset while decoding a crafted Sib1 or SIB1 that schedule ...)
	NOT-FOR-US: Snapdragon
CVE-2020-11267 (Stack out-of-bounds write occurs while setting up a cipher device if t ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11266 (Image address is dereferenced before validating its range which can ca ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11265 (Information disclosure issue due to lack of validation of pointer argu ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11264 (Improper authentication of Non-EAPOL/WAPI plaintext frames during four ...)
	NOT-FOR-US: Qualcomm WLAN Windows Host
CVE-2020-11263 (An integer overflow due to improper check performed after the address  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11262 (A race between command submission and destroying the context can cause ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11261 (Memory corruption due to improper check to return error when user appl ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11260 (An improper free of uninitialized memory can occur in DIAG services in ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11259 (Memory corruption due to lack of validation of pointer arguments passe ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11258 (Memory corruption due to lack of validation of pointer arguments passe ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11257 (Memory corruption due to lack of validation of pointer arguments passe ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11256 (Memory corruption due to lack of check of validation of pointer to buf ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11255 (Denial of service while processing RTCP packets containing multiple SD ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11254 (Memory corruption during buffer allocation due to dereferencing sessio ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11253 (Arbitrary memory write issue in video driver while setting the interna ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11252 (Trustzone initialization code will disable xPU`s when memory dumps are ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11251 (Out-of-bounds read vulnerability while accessing DTMF payload due to l ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11250 (Use after free due to race condition when reopening the device driver  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11249
	RESERVED
CVE-2020-11248
	RESERVED
CVE-2020-11247 (Out of bound memory read while unpacking data due to lack of offset le ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11246 (A double free condition can occur when the device moves to suspend mod ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11245 (Unintended reads and writes by NS EL2 in access control driver due to  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11244
	RESERVED
CVE-2020-11243 (RRC sends a connection establishment success to NAS even though connec ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11242 (User could gain access to secure memory due to incorrect argument into ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11241 (Out of bound read will happen if EAPOL Key length is less than expecte ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11240 (Memory corruption due to ioctl command size was incorrectly set to the ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11239 (Use after free issue when importing a DMA buffer by using the CPU addr ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11238 (Possible Buffer over-read in ARP/NS parsing due to lack of check of pa ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11237 (Memory crash when accessing histogram type KPI input received due to l ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11236 (Memory corruption due to invalid value of total dimension in the non-h ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11235 (Buffer overflow might occur while parsing unified command due to lack  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11234 (When sending a socket event message to a user application, invalid inf ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11233 (Time-of-check time-of-use race condition While processing partition en ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11232
	RESERVED
CVE-2020-11231 (Two threads call one or both functions concurrently leading to corrupt ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11230 (Potential arbitrary memory corruption when the qseecom driver updates  ...)
	NOT-FOR-US: Snapdragon
CVE-2020-11229
	RESERVED
CVE-2020-11228 (Part of RPM region was not protected from xblSec itself due to imprope ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11227 (Out of bound write while parsing RTT/TTY packet parsing due to lack of ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11226 (Out of bound memory read in Data modem while unpacking data due to lac ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11225 (Out of bound access in WLAN driver due to lack of validation of array  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11224
	RESERVED
CVE-2020-11223 (Out of bound in camera driver due to lack of check of validation of ar ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11222 (Buffer over read while processing MT SMS with maximum length due to im ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11221 (Usage of syscall by non-secure entity can allow extraction of secure Q ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11220 (While processing storage SCM commands there is a time of check or time ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11219
	RESERVED
CVE-2020-11218 (Denial of service in baseband when NW configures LTE betaOffset-RI-Ind ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11217 (A possible double free or invalid memory access in audio driver while  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11216 (Buffer over read can happen in video driver when playing clip with ato ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11215 (An out of bounds read can happen when processing VSA attribute due to  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11214 (Buffer over-read while processing NDL attribute if attribute length is ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11213 (Out of bound reads might occur in while processing Service descriptor  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11212 (Out of bounds reads while parsing NAN beacons attributes and OUIs due  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11211
	RESERVED
CVE-2020-11210 (Possible memory corruption in RPM region due to improper XPU configura ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11209 (Improper authorization in DSP process could allow unauthorized users t ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11208 (Out of Bound issue in DSP services while processing received arguments ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11207 (Buffer overflow in LibFastCV library due to improper size checks with  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11206 (Possible buffer overflow in Fastrpc while handling received parameters ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11205 (u'Possible integer overflow to heap overflow while processing command  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11204 (Possible memory corruption and information leakage in sub-system due t ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11203 (Stack overflow may occur if GSM/WCDMA broadcast config size received f ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11202 (Buffer overflow/underflow occurs when typecasting the buffer passed by ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11201 (Arbitrary access to DSP memory due to improper check in loaded library ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11200 (Buffer over-read while parsing RPS due to lack of check of input valid ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11199 (HLOS to access EL3 stack canary by just mapping imem region due to Imp ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11198 (Key material used for TZ diag buffer encryption and other data related ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11197 (Possible integer overflow can occur when stream info update is called  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11196 (u'Integer overflow to buffer overflow occurs while playback of ASF cli ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11195 (Out of bound write and read in TA while processing command from NS sid ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11194 (Possible out of bound access in TA while processing a command from NS  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11193 (u'Buffer over read can happen while parsing mkv clip due to improper t ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11192 (Out of bound write while parsing SDP string due to missing check on nu ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11191 (Out of bound read occurs while processing crafted SDP due to lack of c ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11190 (Buffer over-read can happen while parsing received SDP values due to l ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11189 (Buffer over-read can happen while parsing received SDP values due to l ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11188 (Buffer over-read can happen while parsing received SDP values due to l ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11187 (Possible memory corruption in BSI module due to improper validation of ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11186 (Modem will enter into busy mode in an infinite loop while parsing hist ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11185 (Out of bound issue in WLAN driver while processing vdev responses from ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11184 (u'Possible buffer overflow will occur in video while parsing mp4 clip  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11183 (A process can potentially cause a buffer overflow in the display servi ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11182 (Possible heap overflow while parsing NAL header due to lack of check o ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11181 (Out of bound access issue while handling cvp process control command d ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11180 (Out of bound access in computer vision control due to improper validat ...)
	NOT-FOR-US: Snapdragon
CVE-2020-11179 (Arbitrary read and write to kernel addresses by temporarily overwritin ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11178 (Trusted APPS to overwrite the CPZ memory of another use-case as TZ onl ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11177 (User can overwrite Security Code NV item without knowing current SPC d ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11176 (While processing server certificate from IPSec server, certificate val ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11175 (u'Use after free issue in Bluetooth transport driver when a method in  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11174 (u'Array index underflow issue in adsp driver due to improper check of  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11173 (u'Two threads running simultaneously from user space can lead to race  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11172 (u'fscanf reads a string from a file and stores its contents on a stati ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11171 (Buffer over-read can happen while parsing received SDP values due to l ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11170 (Out of bound memory access while playing music playbacks with crafted  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11169 (u'Buffer over-read while processing received L2CAP packet due to lack  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11168 (u'Null-pointer dereference can occur while accessing data buffer beyon ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11167 (Memory corruption while calculating L2CAP packet length in reassembly  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11166 (Potential out of bound read exception when UE receives unusually large ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11165 (Memory corruption due to buffer overflow while copying the message pro ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11164 (u'Third-party app may also call the broadcasts in Perfdump and cause p ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11163 (Possible buffer overflow while updating ikev2 parameters due to lack o ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11162 (u'Possible buffer overflow in MHI driver due to lack of input paramete ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11161 (Out-of-bounds memory access can occur while calculating alignment requ ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11160 (Resource leakage issue during dci client registration due to reference ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11159 (Buffer over-read can happen while processing WPA,RSN IE of beacon and  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11158 (u'Null pointer dereference in HP OfficeJet Pro 8210 jbig2 filter due t ...)
	NOT-FOR-US: Qualcomm
CVE-2020-11157 (u'Lack of handling unexpected control messages while encryption was in ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11156 (u'Buffer over-read issue in Bluetooth estack due to lack of check for  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11155 (u'Buffer overflow while processing PDU packet in bluetooth due to lack ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11154 (u'Buffer overflow while processing a crafted PDU data packet in blueto ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11153 (u'Out of bound memory access while processing GATT data received due t ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11152 (Race condition in HAL layer while processing callback objects received ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11151 (Race condition occurs while calling user space ioctl from two differen ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11150 (Out of bound memory access in camera driver due to improper validation ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11149 (Out of bound access due to usage of an out-of-range pointer offset in  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11148 (Use after free issue in HIDL while using callback to post event in Rx  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11147 (Use after free issue in audio modules while removing and freeing objec ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11146 (Out of bound write while copying data using IOCTL due to lack of check ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11145 (Divide by zero issue can happen while updating delta extension header  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11144 (Buffer over-read while UE process invalid DL ROHC packet for decompres ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11143 (Out of bound memory access during music playback with modified content ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11142
	RESERVED
CVE-2020-11141 (u'Buffer over-read issue in Bluetooth estack due to lack of check for  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11140 (Out of bound memory access during music playback with ALAC modified co ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11139 (Out of bound memory access while processing frames due to lack of chec ...)
	NOT-FOR-US: Snapdragon
CVE-2020-11138 (Uninitialized pointers accessed during music play back with incorrect  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11137 (Integer multiplication overflow resulting in lower buffer size allocat ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11136 (Buffer Over-read in audio driver while using malloc management functio ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11135 (u'Reachable assertion when wrong data size is returned by parser for a ...)
	NOT-FOR-US: Snapdragon
CVE-2020-11134 (Possible stack out of bound write might happen due to time bitmap leng ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11133 (u'Possible out of bound array write in rxdco cal utility due to lack o ...)
	NOT-FOR-US: Snapdragon
CVE-2020-11132 (u'Buffer over read in boot due to size check ignored before copying GU ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11131 (u'Possible buffer overflow in WMA message processing due to integer ov ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11130 (u'Possible buffer overflow in WIFI hal process due to copying data wit ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11129 (u'During the error occurrence in capture request, the buffer is freed  ...)
	NOT-FOR-US: Snapdragon
CVE-2020-11128 (u'Possible out of bound access while copying the mask file content int ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11127 (u'Integer overflow can cause a buffer overflow due to lack of table le ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11126 (Possible out of bound read while WLAN frame parsing due to lack of che ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11125 (u'Out of bound access can happen in MHI command process due to lack of ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11124 (u'Possible use-after-free while accessing diag client map table since  ...)
	NOT-FOR-US: Snapdragon
CVE-2020-11123 (u'information disclosure in gatekeeper trustzone implementation as the ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11122 (u'Null Pointer exception while playing crafted mkv file as data stream ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11121 (u'Possible buffer overflow in WIFI hal process due to usage of memcpy  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11120 (u'Calling thread may free the data buffer pointer that was passed to t ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11119 (Buffer over-read can happen when the buffer length received from respo ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11118 (u'Information exposure issues while processing IE header due to improp ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11117 (u'In the lbd service, an external user can issue a specially crafted d ...)
	NOT-FOR-US: Snapdragon
CVE-2020-11116 (u'Possible out of bound write while processing association response re ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11115 (u'Buffer over read occurs while processing information element from be ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-11114 (u'Bluetooth devices does not properly restrict the L2CAP payload lengt ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-5291 (Bubblewrap (bwrap) before version 0.4.1, if installed in setuid mode a ...)
	- bubblewrap 0.4.1-1 (low; bug #955441)
	[buster] - bubblewrap <not-affected> (Introduced in 0.4.0)
	[stretch] - bubblewrap <not-affected> (Introduced in 0.4.0)
	NOTE: https://github.com/containers/bubblewrap/security/advisories/GHSA-j2qp-rvxj-43vj
	NOTE: https://github.com/containers/bubblewrap/commit/1f7e2ad948c051054b683461885a0215f1806240
CVE-2020-11113 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
	{DLA-2179-1}
	- jackson-databind 2.11.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u2
	[stretch] - jackson-databind 2.8.6-1+deb9u7
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2670
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
CVE-2020-11112 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
	{DLA-2179-1}
	- jackson-databind 2.11.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u2
	[stretch] - jackson-databind 2.8.6-1+deb9u7
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2666
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
CVE-2020-11111 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
	{DLA-2179-1}
	- jackson-databind 2.11.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u2
	[stretch] - jackson-databind 2.8.6-1+deb9u7
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2664
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
CVE-2020-11110 (Grafana through 6.7.1 allows stored XSS due to insufficient input prot ...)
	- grafana <removed>
CVE-2020-11109
	RESERVED
CVE-2020-11108 (The Gravity updater in Pi-hole through 4.4 allows an authenticated adv ...)
	NOT-FOR-US: Pi-hole
CVE-2020-11107 (An issue was discovered in XAMPP before 7.2.29, 7.3.x before 7.3.16 ,  ...)
	NOT-FOR-US: XAMPP
CVE-2020-11106 (An issue was discovered in Responsive Filemanager through 9.14.0. In t ...)
	NOT-FOR-US: Responsive Filemanager
CVE-2020-11105 (An issue was discovered in USC iLab cereal through 1.3.0. It employs c ...)
	NOT-FOR-US: USC iLab cereal
CVE-2020-11104 (An issue was discovered in USC iLab cereal through 1.3.0. Serializatio ...)
	NOT-FOR-US: USC iLab cereal
CVE-2020-11103 (JsLink in Webswing before 2.6.12 LTS, and 2.7.x and 20.x before 20.1,  ...)
	NOT-FOR-US: Webswing
CVE-2020-11102 (hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying  ...)
	- qemu 1:4.2-4 (bug #956145)
	[buster] - qemu <not-affected> (Vulnerable code/Tulip NIC emulator added later)
	[stretch] - qemu <not-affected> (Vulnerable code/Tulip NIC emulator added later)
	[jessie] - qemu <not-affected> (Vulnerable code/Tulip NIC emulator added later)
	- qemu-kvm <not-affected> (Vulnerable code/Tulip NIC emulator added later)
	NOTE: https://www.openwall.com/lists/oss-security/2020/04/06/1
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=8ffb7265af64ec81748335ec8f20e7ab542c3850 (v5.0.0-rc1)
CVE-2020-11101
	RESERVED
CVE-2020-11100 (In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 ...)
	{DSA-4649-1}
	- haproxy 2.0.13-2
	[stretch] - haproxy <not-affected> (Vulnerable code introduced in 1.8)
	[jessie] - haproxy <not-affected> (Vulnerable code introduced in 1.8)
	NOTE: https://git.haproxy.org/?p=haproxy-2.1.git;a=commit;h=f17f86304f187b0f10ca6a8d46346afd9851a543
CVE-2020-11099 (In FreeRDP before version 2.1.2, there is an out of bounds read in lic ...)
	- freerdp2 2.1.2+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-977w-866x-4v5h
CVE-2020-11098 (In FreeRDP before version 2.1.2, there is an out-of-bound read in glyp ...)
	- freerdp2 2.1.2+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-jr57-f58x-hjmv
CVE-2020-11097 (In FreeRDP before version 2.1.2, an out of bounds read occurs resultin ...)
	- freerdp2 2.1.2+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c8x2-c3c9-9r3f
CVE-2020-11096 (In FreeRDP before version 2.1.2, there is a global OOB read in update_ ...)
	- freerdp2 2.1.2+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mjw7-3mq2-996x
CVE-2020-11095 (In FreeRDP before version 2.1.2, an out of bound reads occurs resultin ...)
	- freerdp2 2.1.2+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-563r-pvh7-4fw2
CVE-2020-11094 (The October CMS debugbar plugin before version 3.1.0 contains a featur ...)
	NOT-FOR-US: October CMS
CVE-2020-11093 (Hyperledger Indy Node is the server portion of a distributed ledger pu ...)
	NOT-FOR-US: Hyperledger Indy Node
CVE-2020-11092
	RESERVED
CVE-2020-11091 (In Weave Net before version 2.6.3, an attacker able to run a process a ...)
	NOT-FOR-US: Weave Net
CVE-2020-11090 (In Indy Node 1.12.2, there is an Uncontrolled Resource Consumption vul ...)
	NOT-FOR-US: Indy Node
CVE-2020-11089 (In FreeRDP before 2.1.0, there is an out-of-bound read in irp function ...)
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hfc7-c5gv-8c2h
CVE-2020-11088 (In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read  ...)
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-xh4f-fh87-43hp
CVE-2020-11087 (In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read  ...)
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-84vj-g73m-chw7
CVE-2020-11086 (In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read  ...)
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-fg8v-w34r-c974
CVE-2020-11085 (In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_rea ...)
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2j4w-v45m-95hf
CVE-2020-11084 (In iPear, the manual execution of the eval() function can lead to comm ...)
	NOT-FOR-US: iPear
CVE-2020-11083 (In October from version 1.0.319 and before version 1.0.466, a user wit ...)
	NOT-FOR-US: October CMS
CVE-2020-11082 (In Kaminari before 1.2.1, there is a vulnerability that would allow an ...)
	{DSA-5005-1 DLA-2763-1}
	- ruby-kaminari 1.0.1-6 (bug #961847)
	[jessie] - ruby-kaminari <no-dsa> (No reverse dependency)
	NOTE: https://github.com/kaminari/kaminari/security/advisories/GHSA-r5jw-62xg-j433
	NOTE: https://github.com/kaminari/kaminari/commit/8dd52a1aed3d2fa2835d836de23fc0d8c4ff5db8
CVE-2020-11081 (osquery before version 4.4.0 enables a privilege escalation vulnerabil ...)
	- osquery <itp> (bug #803502)
CVE-2020-11080 (In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS fra ...)
	{DSA-4696-1 DLA-2786-1}
	- nghttp2 1.41.0-1
	[buster] - nghttp2 <no-dsa> (Minor issue)
	- nodejs 10.21.0~dfsg-1 (bug #962145)
	[stretch] - nodejs <ignored> (Nodejs in stretch not covered by security support)
	[jessie] - nodejs <end-of-life> (Nodejs in jessie not covered by security support)
	NOTE: https://github.com/nghttp2/nghttp2/security/advisories/GHSA-q5wr-xfw9-q7xr
	NOTE: https://github.com/nghttp2/nghttp2/commit/336a98feb0d56b9ac54e12736b18785c27f75090 (v1.41.0)
	NOTE: https://github.com/nghttp2/nghttp2/commit/f8da73bd042f810f34d19f9eae02b46d870af394 (v1.41.0)
	NOTE: https://nodejs.org/en/blog/vulnerability/june-2020-security-releases/#http-2-large-settings-frame-dos-low-cve-2020-11080
CVE-2020-11079 (node-dns-sync (npm module dns-sync) through 0.2.0 allows execution of  ...)
	NOT-FOR-US: dns-sync nodejs module
CVE-2020-11078 (In httplib2 before version 0.18.0, an attacker controlling unescaped p ...)
	{DLA-2232-1}
	- python-httplib2 0.18.1-1
	[buster] - python-httplib2 <no-dsa> (Minor issue)
	[stretch] - python-httplib2 <no-dsa> (Minor issue)
	NOTE: https://github.com/httplib2/httplib2/security/advisories/GHSA-gg84-qgv9-w4pq
	NOTE: https://github.com/httplib2/httplib2/commit/a1457cc31f3206cf691d11d2bf34e98865873e9e
CVE-2020-11077 (In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a re ...)
	{DLA-2398-1}
	- puma 4.3.6-1 (bug #972102)
	[buster] - puma 3.12.0-2+deb10u2
	NOTE: https://github.com/puma/puma/security/advisories/GHSA-w64w-qqph-5gxm
CVE-2020-11076 (In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle a ...)
	{DLA-2398-1}
	- puma 4.3.6-1 (bug #972102)
	[buster] - puma 3.12.0-2+deb10u2
	NOTE: https://github.com/puma/puma/security/advisories/GHSA-x7jg-6pwg-fx5h
	NOTE: https://github.com/puma/puma/commit/f24d5521295a2152c286abb0a45a1e1e2bd275bd
CVE-2020-11075 (In Anchore Engine version 0.7.0, a specially crafted container image m ...)
	NOT-FOR-US: Anchore Engine
CVE-2020-11074 (In PrestaShop from version 1.5.3.0 and before version 1.7.6.6, there i ...)
	NOT-FOR-US: PrestaShop
CVE-2020-11073 (In Autoswitch Python Virtualenv before version 0.16.0, a user who ente ...)
	NOT-FOR-US: zsh-autoswitch-virtualenv
CVE-2020-11072 (In SLP Validate (npm package slp-validate) before version 1.2.1, users ...)
	NOT-FOR-US: Node slp-validate
CVE-2020-11071 (SLPJS (npm package slpjs) before version 0.27.2, has a vulnerability w ...)
	NOT-FOR-US: Node slpjs
CVE-2020-11070 (The SVG Sanitizer extension for TYPO3 has a cross-site scripting vulne ...)
	NOT-FOR-US: TYPO3
CVE-2020-11069 (In TYPO3 CMS 9.0.0 through 9.5.16 and 10.0.0 through 10.4.1, it has be ...)
	NOT-FOR-US: TYPO3
CVE-2020-11068 (In LoRaMac-node before 4.4.4, a reception buffer overflow can happen d ...)
	NOT-FOR-US: LoRaMac-node
CVE-2020-11067 (In TYPO3 CMS 9.0.0 through 9.5.16 and 10.0.0 through 10.4.1, it has be ...)
	NOT-FOR-US: TYPO3
CVE-2020-11066 (In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.17 and g ...)
	NOT-FOR-US: TYPO3
CVE-2020-11065 (In TYPO3 CMS greater than or equal to 9.5.12 and less than 9.5.17, and ...)
	NOT-FOR-US: TYPO3
CVE-2020-11064 (In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.17 and g ...)
	NOT-FOR-US: TYPO3
CVE-2020-11063 (In TYPO3 CMS versions 10.4.0 and 10.4.1, it has been discovered that t ...)
	NOT-FOR-US: TYPO3
CVE-2020-11062 (In GLPI after 0.68.1 and before 9.4.6, multiple reflexive XSS occur in ...)
	- glpi <removed> (unimportant)
	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-3xxh-f5p2-jg3h
	NOTE: https://github.com/glpi-project/glpi/commit/5e1c52c5e8a30ceb4e9572964da7ed89ddfb1aaf
	NOTE: Only supported behind an authenticated HTTP zone
CVE-2020-11061 (In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and  ...)
	{DLA-2353-1}
	- bacula 9.6.5-1
	[buster] - bacula 9.4.2-2+deb10u1
	- bareos <removed> (bug #968957)
	[buster] - bareos <no-dsa> (Minor issue; can be fixed via point release)
	[stretch] - bareos <no-dsa> (minor issue, low priority)
	NOTE: https://github.com/bareos/bareos/security/advisories/GHSA-mm45-cg35-54j4
	NOTE: https://bugs.bareos.org/view.php?id=1210
	NOTE: https://github.com/bareos/bareos/commit/86c6fa479a21a1464366babb74e6cf33770ed7ae (master)
	NOTE: https://www.bacula.org/git/cgit.cgi/bacula/commit/?id=f9472227317b8e1d26a781d042e0efdf432a633f (Release-9.6.4)
CVE-2020-11060 (In GLPI before 9.4.6, an attacker can execute system commands by abusi ...)
	- glpi <removed> (unimportant)
	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-cvvq-3fww-5v6f
	NOTE: https://github.com/glpi-project/glpi/commit/ad748d59c94da177a3ed25111c453902396f320c
	NOTE: Only supported behind an authenticated HTTP zone
CVE-2020-11059 (In AEgir greater than or equal to 21.7.0 and less than 21.10.1, aegir  ...)
	NOT-FOR-US: AEgir
CVE-2020-11058 (In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in  ...)
	{DLA-2356-1}
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-wjg2-2f82-466g
	NOTE: https://github.com/FreeRDP/FreeRDP/commit/3627aaf7d289315b614a584afb388f04abfb5bbf
	NOTE: https://github.com/FreeRDP/FreeRDP/issues/6011
CVE-2020-11057 (In XWiki Platform 7.2 through 11.10.2, registered users without script ...)
	NOT-FOR-US: XWiki
CVE-2020-11056 (In Sprout Forms before 3.9.0, there is a potential Server-Side Templat ...)
	NOT-FOR-US: Sprout Forms
CVE-2020-11055 (In BookStack greater than or equal to 0.18.0 and less than 0.29.2, the ...)
	NOT-FOR-US: BookStack
CVE-2020-11054 (In qutebrowser versions less than 1.11.1, reloading a page with certif ...)
	- qutebrowser 1.11.1.post1-1 (unimportant)
	NOTE: https://github.com/qutebrowser/qutebrowser/issues/5403
	NOTE: https://github.com/qutebrowser/qutebrowser/security/advisories/GHSA-4rcq-jv2f-898j
	NOTE: Depends on qtwebkit, which is not covered by security support
CVE-2020-11053 (In OAuth2 Proxy before 5.1.1, there is an open redirect vulnerability. ...)
	- oauth2-proxy <itp> (bug #982891)
CVE-2020-11052 (In Sorcery before 0.15.0, there is a brute force vulnerability when us ...)
	NOT-FOR-US: Sorcery
CVE-2020-11051 (In Wiki.js before 2.3.81, there is a stored XSS in the Markdown editor ...)
	NOT-FOR-US: Wiki.js
CVE-2020-11050 (In Java-WebSocket less than or equal to 1.4.1, there is an Improper Va ...)
	NOT-FOR-US: Java-WebSocket, different from src:websocket-api
CVE-2020-11049 (In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read o ...)
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-wwh7-r2r8-xjpr
	NOTE: Fixed with: https://github.com/FreeRDP/FreeRDP/pull/6019
	NOTE: https://github.com/FreeRDP/FreeRDP/issues/6008
CVE-2020-11048 (In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. ...)
	{DLA-2356-1}
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hv8w-f2hx-5gcv
	NOTE: Fixed by: https://github.com/FreeRDP/FreeRDP/commit/9301bfe730c66180263248b74353daa99f5a969b
	NOTE: https://github.com/FreeRDP/FreeRDP/issues/6007
CVE-2020-11047 (In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bounds read  ...)
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9fw6-m2q8-h5pw
	NOTE: Fixed by: https://github.com/FreeRDP/FreeRDP/commit/f5e73cc7c9cd973b516a618da877c87b80950b65
	NOTE: https://github.com/FreeRDP/FreeRDP/issues/6009
CVE-2020-11046 (In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds ...)
	{DLA-2356-1}
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hx48-wmmm-mr5q
	NOTE: Fixed by: https://github.com/FreeRDP/FreeRDP/commit/ed53cd148f43cbab905eaa0f5308c2bf3c48cc37
	NOTE: https://github.com/FreeRDP/FreeRDP/issues/6006
CVE-2020-11045 (In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read i ...)
	{DLA-2356-1}
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3x39-248q-f4q6
	NOTE: Fixed by: https://github.com/FreeRDP/FreeRDP/commit/f8890a645c221823ac133dbf991f8a65ae50d637
	NOTE: https://github.com/FreeRDP/FreeRDP/issues/6005
CVE-2020-11044 (In FreeRDP greater than 1.2 and before 2.0.0, a double free in update_ ...)
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-cgqh-p732-6x2w
	NOTE: Fixed by: https://github.com/FreeRDP/FreeRDP/commit/67c2aa52b2ae0341d469071d1bc8aab91f8d2ed8
	NOTE: https://github.com/FreeRDP/FreeRDP/issues/6013
CVE-2020-11043 (In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read ...)
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5mr4-28w3-rc84
CVE-2020-11042 (In FreeRDP greater than 1.1 and before 2.0.0, there is an out-of-bound ...)
	{DLA-2356-1}
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9jp6-5vf2-cx2q
	NOTE: Fixed by: https://github.com/FreeRDP/FreeRDP/commit/6b2bc41935e53b0034fe5948aeeab4f32e80f30f
	NOTE: https://github.com/FreeRDP/FreeRDP/issues/6010
CVE-2020-11041 (In FreeRDP less than or equal to 2.0.0, an outside controlled array in ...)
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w67c-26c4-2h9w
CVE-2020-11040 (In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data  ...)
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x4wq-m7c9-rjgr
CVE-2020-11039 (In FreeRDP less than or equal to 2.0.0, when using a manipulated serve ...)
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mx9p-f6q8-mqwq
CVE-2020-11038 (In FreeRDP less than or equal to 2.0.0, an Integer Overflow to Buffer  ...)
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-h25x-cqr6-fp6g
CVE-2020-11037 (In Wagtail before versions 2.7.2 and 2.8.2, a potential timing attack  ...)
	NOT-FOR-US: Wagtail
CVE-2020-11036 (In GLPI before version 9.4.6 there are multiple related stored XSS vul ...)
	- glpi <removed> (unimportant)
	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-3g3h-rwhr-7385
	NOTE: Only supported behind an authenticated HTTP zone
CVE-2020-11035 (In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens ...)
	- glpi <removed> (unimportant)
	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-w7q8-58qp-vmpf
	NOTE: Only supported behind an authenticated HTTP zone
CVE-2020-11034 (In GLPI before version 9.4.6, there is a vulnerability that allows byp ...)
	- glpi <removed> (unimportant)
	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-gxv6-xq9q-37hg
	NOTE: Only supported behind an authenticated HTTP zone
CVE-2020-11033 (In GLPI from version 9.1 and before version 9.4.6, any API user with R ...)
	- glpi <removed> (unimportant)
	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-rf54-3r4w-4h55
	NOTE: Only supported behind an authenticated HTTP zone
CVE-2020-11032 (In GLPI before version 9.4.6, there is a SQL injection vulnerability f ...)
	- glpi <removed> (unimportant)
	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-344w-34h9-wwhh
	NOTE: Only supported behind an authenticated HTTP zone
CVE-2020-11031 (In GLPI before version 9.5.0, the encryption algorithm used is insecur ...)
	- glpi <removed> (unimportant)
	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-7xwm-4vjr-jvqh
	NOTE: https://github.com/glpi-project/glpi/commit/f1ae6c8481e5c19a6f1801a5548cada45702e01a#diff-b5d0ee8c97c7abd7e3fa29b9a27d1780
	NOTE: Only supported behind an authenticated HTTP zone
CVE-2020-11030 (In affected versions of WordPress, a special payload can be crafted th ...)
	- wordpress 5.4.1+dfsg1-1 (bug #959391)
	[buster] - wordpress <not-affected> (Vulnerable code not present)
	[stretch] - wordpress <not-affected> (Vulnerable code not present)
	[jessie] - wordpress <not-affected> (Vulnerable code not present)
	NOTE: https://core.trac.wordpress.org/changeset/47636
	NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-vccm-6gmc-qhjh
	NOTE: https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates
	NOTE: Fixed by: https://github.com/WordPress/wordpress-develop/commit/ec05c8b897ef4ae77fc0cba576573e90a726a52f
CVE-2020-11029 (In affected versions of WordPress, a vulnerability in the stats() meth ...)
	{DSA-4677-1 DLA-2208-1}
	- wordpress 5.4.1+dfsg1-1 (bug #959391)
	NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-568w-8m88-8g2c
	NOTE: https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates
	NOTE: https://core.trac.wordpress.org/changeset/47637
	NOTE: https://github.com/WordPress/wordpress-develop/935ab39e8ee754735a553c74d41270df1164ae56 (master)
CVE-2020-11028 (In affected versions of WordPress, some private posts, which were prev ...)
	{DSA-4677-1 DLA-2208-1}
	- wordpress 5.4.1+dfsg1-1 (bug #959391)
	NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-xhx9-759f-6p2w
	NOTE: https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates
	NOTE: https://core.trac.wordpress.org/changeset/47635
	NOTE: https://github.com/WordPress/wordpress-develop/commit/8e11facb671932a6eefe0e7e4f3d63d39eef55b3
CVE-2020-11027 (In affected versions of WordPress, a password reset link emailed to a  ...)
	{DSA-4677-1 DLA-2208-1}
	- wordpress 5.4.1+dfsg1-1 (bug #959391)
	NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-ww7v-jg8c-q6jw
	NOTE: https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates
	NOTE: https://core.trac.wordpress.org/changeset/47634
	NOTE: https://github.com/WordPress/wordpress-develop/commit/4354d1fc5cd55a18bc24555b11db201d5eb87e0c (master)
CVE-2020-11026 (In affected versions of WordPress, files with a specially crafted name ...)
	{DSA-4677-1 DLA-2208-1}
	- wordpress 5.4.1+dfsg1-1 (bug #959391)
	NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-3gw2-4656-pfr2
	NOTE: https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates
	NOTE: https://core.trac.wordpress.org/changeset/47638
	NOTE: https://github.com/WordPress/wordpress-develop/commit/74d6f9613b96a2948f7675513b8b7f8224bfc386 (master)
CVE-2020-11025 (In affected versions of WordPress, a cross-site scripting (XSS) vulner ...)
	{DSA-4677-1}
	- wordpress 5.4.1+dfsg1-1 (bug #959391)
	[jessie] - wordpress <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-4mhg-j6fx-5g3c
	NOTE: https://wordpress.org/support/wordpress-version/version-5-4-1/#security-updates
	NOTE: https://core.trac.wordpress.org/changeset/47633
	NOTE: https://github.com/WordPress/wordpress-develop/commit/cfb690cb8efaee32d55b10a7771afb0f1f47aab3
CVE-2020-11024 (In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulnerable  ...)
	NOT-FOR-US: Moonlight iOS/tvOS
CVE-2020-11023 (In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, pa ...)
	{DSA-4693-1 DLA-2608-1}
	- jquery <removed>
	[buster] - jquery 3.3.1~dfsg-3+deb10u1
	[jessie] - jquery <not-affected> (Vulnerable code not present)
	- drupal7 <removed>
	[jessie] - drupal7 <not-affected> (Vulnerable code not embedded)
	- node-jquery 3.5.0+dfsg-2
	[buster] - node-jquery <no-dsa> (Minor issue)
	- otrs2 6.0.30-1
	[buster] - otrs2 <ignored> (Non-free not supported)
	[stretch] - otrs2 <ignored> (Non-free not supported)
	NOTE: https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6
	NOTE: https://www.drupal.org/sa-core-2020-002
	NOTE: https://otrs.com/release-notes/otrs-security-advisory-2020-14/
CVE-2020-11022 (In jQuery versions greater than or equal to 1.2 and before 3.5.0, pass ...)
	{DSA-4693-1 DLA-2608-1}
	- jquery <removed>
	[buster] - jquery 3.3.1~dfsg-3+deb10u1
	[jessie] - jquery <not-affected> (Vulnerable code not present)
	- node-jquery 3.5.0+dfsg-2
	[buster] - node-jquery <no-dsa> (Minor issue)
	- drupal7 <removed>
	[jessie] - drupal7 <not-affected> (Vulnerable code not embedded)
	- otrs2 6.0.30-1
	[buster] - otrs2 <ignored> (Non-free not supported)
	[stretch] - otrs2 <ignored> (Non-free not supported)
	NOTE: https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2
	NOTE: https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77
	NOTE: https://www.drupal.org/sa-core-2020-002
	NOTE: https://otrs.com/release-notes/otrs-security-advisory-2020-14/
CVE-2020-11021 (Actions Http-Client (NPM @actions/http-client) before version 1.0.8 ca ...)
	NOT-FOR-US: Actions Http-Client
CVE-2020-11020 (Faye (NPM, RubyGem) versions greater than 0.5.0 and before 1.0.4, 1.1. ...)
	- ruby-faye 1.4.0-1 (bug #959392)
	[buster] - ruby-faye <no-dsa> (Minor issue)
	NOTE: https://github.com/faye/faye/security/advisories/GHSA-qpg4-4w7w-2mq5
	NOTE: https://github.com/faye/faye/commit/65d297d341b607f3cb0b5fa6021a625a991cc30e
CVE-2020-11019 (In FreeRDP less than or equal to 2.0.0, when running with logger set t ...)
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-wvrr-2f4r-hjvh
CVE-2020-11018 (In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion ...)
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	[jessie] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8cvc-vcw7-6mfw
CVE-2020-11017 (In FreeRDP less than or equal to 2.0.0, by providing manipulated input ...)
	- freerdp2 2.1.1+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	[jessie] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5c8-fm29-q57c
CVE-2020-11016 (IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vuln ...)
	NOT-FOR-US: IntelMQ Manager
CVE-2020-11015
	RESERVED
CVE-2020-11014 (Electron-Cash-SLP before version 3.6.2 has a vulnerability. All token  ...)
	NOT-FOR-US: Electron-Cash-SLP
CVE-2020-11013 (Their is an information disclosure vulnerability in Helm from version  ...)
	- helm-kubernetes <itp> (bug #910799)
CVE-2020-11012 (MinIO versions before RELEASE.2020-04-23T00-58-49Z have an authenticat ...)
	NOT-FOR-US: MinIO
CVE-2020-11011 (In Phproject before version 1.7.8, there's a vulnerability which allow ...)
	NOT-FOR-US: Phproject
CVE-2020-11010 (In Tortoise ORM before versions 0.15.23 and 0.16.6, various forms of S ...)
	NOT-FOR-US: Tortoise ORM
CVE-2020-11009 (In Rundeck before version 3.2.6, authenticated users can craft a reque ...)
	NOT-FOR-US: Rundeck
CVE-2020-11008 (Affected versions of Git have a vulnerability whereby Git can be trick ...)
	{DSA-4659-1 DLA-2182-1}
	- git 1:2.26.2-1
	NOTE: https://lore.kernel.org/lkml/xmqq4kterq5s.fsf@gitster.c.googlers.com/
	NOTE: https://github.com/git/git/security/advisories/GHSA-hjc9-x69f-jqj7
	NOTE: Fixed by: https://git.kernel.org/pub/scm/git/git.git/commit/?id=a88dbd2f8c7fd8c1e2f63483da03bd6928e8791f
	NOTE: Fixed by: https://git.kernel.org/pub/scm/git/git.git/commit/?id=73aafe9bc27585554181c58871a25e6d0f58a3dc
	NOTE: Fixed by: https://git.kernel.org/pub/scm/git/git.git/commit/?id=24036686c4af84c9e84e486ef3debab6e6d8e6b5
	NOTE: Fixed by: https://git.kernel.org/pub/scm/git/git.git/commit/?id=8ba8ed568e2a3b75ee84c49ddffb026fde1a0a91
	NOTE: Fixed by: https://git.kernel.org/pub/scm/git/git.git/commit/?id=a2b26ffb1a81aa23dd14453f4db05d8fe24ee7cc
	NOTE: Fixed by: https://git.kernel.org/pub/scm/git/git.git/commit/?id=fe29a9b7b0236d3d45c254965580d6aff7fa8504
	NOTE: Fixed by: https://git.kernel.org/pub/scm/git/git.git/commit/?id=c44088ecc4b0722636e0a305f9608d3047197282
	NOTE: Fixed by: https://git.kernel.org/pub/scm/git/git.git/commit/?id=e7fab62b736cca3416660636e46f0be8386a5030
	NOTE: Fixed by: https://git.kernel.org/pub/scm/git/git.git/commit/?id=1a3609e402a062ef7b11f197fe96c28cabca132c
CVE-2020-11007 (In Shopizer before version 2.11.0, using API or Controller based versi ...)
	NOT-FOR-US: Shopizer
CVE-2020-11006 (In Shopizer before version 2.11.0, a script can be injected in various ...)
	NOT-FOR-US: Shopizer
CVE-2020-11005 (The WindowsHello open source library (NuGet HaemmerElectronics.SeppPen ...)
	NOT-FOR-US: WindowsHello
CVE-2020-11004 (SQL Injection was discovered in Admidio before version 3.3.13. The mai ...)
	NOT-FOR-US: Admidio
CVE-2020-11003 (Oasis before version 2.15.0 has a potential DNS rebinding or CSRF vuln ...)
	NOT-FOR-US: Oasis (not the same as src:oasis)
CVE-2020-11002 (dropwizard-validation before versions 2.0.3 and 1.3.21 has a remote co ...)
	NOT-FOR-US: dropwizard-validation
CVE-2020-11001 (In Wagtail before versions 2.8.1 and 2.7.2, a cross-site scripting (XS ...)
	NOT-FOR-US: Wagtail
CVE-2020-11000 (GreenBrowser before version 1.2 has a vulnerability where apps that re ...)
	NOT-FOR-US: GreenBrowser
CVE-2020-10999
	RESERVED
CVE-2020-10998
	RESERVED
CVE-2020-10997 (Percona XtraBackup before 2.4.20 unintentionally writes the command li ...)
	- percona-xtrabackup <not-affected> (Vulnerable code introduced later)
	NOTE: https://jira.percona.com/browse/PXB-2142
	NOTE: Introduced in: https://github.com/percona/percona-xtrabackup/commit/0b38ffc0f30f1b6d3ff7ed0f9cb3ab31a2ccad13 (percona-xtrabackup-2.4.11)
	NOTE: https://www.percona.com/blog/2020/04/16/cve-2020-10997-percona-xtrabackup-information-disclosure-of-command-line-arguments/
CVE-2020-10996 (An issue was discovered in Percona XtraDB Cluster before 5.7.28-31.41. ...)
	- percona-xtradb-cluster-5.5 <removed>
CVE-2020-10995 (PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not suffic ...)
	{DSA-4691-1}
	- pdns-recursor 4.3.1-1
	[jessie] - pdns-recursor <not-affected> (Vulnerable code added later)
	NOTE: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-01.html
	NOTE: https://www.openwall.com/lists/oss-security/2020/05/19/3
CVE-2020-10994 (In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multipl ...)
	- pillow 7.2.0-1 (unimportant)
	NOTE: https://github.com/python-pillow/Pillow/pull/4505
	NOTE: https://github.com/python-pillow/Pillow/pull/4538
	NOTE: Fixed in 7.1.0
	NOTE: Debian packages are built without JPEG2000 support
CVE-2020-10993 (Osmand through 2.0.0 allow XXE because of binary/BinaryMapIndexReader. ...)
	NOT-FOR-US: Osmand
CVE-2020-10992 (Azkaban through 3.84.0 allows XXE, related to validator/XmlValidatorMa ...)
	NOT-FOR-US: Azkaban
CVE-2020-10991 (Mulesoft APIkit through 1.3.0 allows XXE because of validation/RestXml ...)
	NOT-FOR-US: Mulesoft APIkit
CVE-2020-10990 (An XXE issue exists in Accenture Mercury before 1.12.28 because of the ...)
	NOT-FOR-US: Accenture Mercury
CVE-2020-10989 (An XSS issue in the /goform/WifiBasicSet endpoint of Tenda AC15 AC1900 ...)
	NOT-FOR-US: Tenda
CVE-2020-10988 (A hard-coded telnet credential in the tenda_login binary of Tenda AC15 ...)
	NOT-FOR-US: Tenda
CVE-2020-10987 (The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05 ...)
	NOT-FOR-US: Tenda
CVE-2020-10986 (A CSRF issue in the /goform/SysToolReboot endpoint of Tenda AC15 AC190 ...)
	NOT-FOR-US: Tenda
CVE-2020-10985 (Gambio GX before 4.0.1.0 allows XSS in admin/coupon_admin.php. ...)
	NOT-FOR-US: Gambio GX
CVE-2020-10984 (Gambio GX before 4.0.1.0 allows admin/admin.php CSRF. ...)
	NOT-FOR-US: Gambio GX
CVE-2020-10983 (Gambio GX before 4.0.1.0 allows SQL Injection in admin/mobile.php. ...)
	NOT-FOR-US: Gambio GX
CVE-2020-10982 (Gambio GX before 4.0.1.0 allows SQL Injection in admin/gv_mail.php. ...)
	NOT-FOR-US: Gambio GX
CVE-2020-10981 (GitLab EE/CE 9.0 to 12.9 allows a maintainer to modify other maintaine ...)
	[experimental] - gitlab 12.8.8-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
CVE-2020-10980 (GitLab EE/CE 8.0.rc1 to 12.9 is vulnerable to a blind SSRF in the FogB ...)
	[experimental] - gitlab 12.8.8-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
CVE-2020-10979 (GitLab EE/CE 11.10 to 12.9 is leaking information on restricted CI pip ...)
	[experimental] - gitlab 12.8.8-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
CVE-2020-10978 (GitLab EE/CE 8.11 to 12.9 is leaking information on Issues opened in a ...)
	[experimental] - gitlab 12.8.8-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
CVE-2020-10977 (GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when mov ...)
	[experimental] - gitlab 12.8.8-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
CVE-2020-10976 (GitLab EE/CE 8.17 to 12.9 is vulnerable to information leakage when qu ...)
	[experimental] - gitlab 12.8.8-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
CVE-2020-10975 (GitLab EE/CE 10.8 to 12.9 is leaking metadata and comments on vulnerab ...)
	[experimental] - gitlab 12.8.8-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
CVE-2020-10974 (An issue was discovered affecting a backup feature where a crafted POS ...)
	NOT-FOR-US: Wavlink
CVE-2020-10973 (An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink  ...)
	NOT-FOR-US: Wavlink
CVE-2020-10972 (An issue was discovered where a page is exposed that has the current a ...)
	NOT-FOR-US: Wavlink
CVE-2020-10971 (An issue was discovered on Wavlink Jetstream devices where a crafted P ...)
	NOT-FOR-US: Wavlink
CVE-2020-10970
	RESERVED
CVE-2020-10969 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
	{DLA-2179-1}
	- jackson-databind 2.11.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u2
	[stretch] - jackson-databind 2.8.6-1+deb9u7
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2642
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
CVE-2020-10968 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
	{DLA-2179-1}
	- jackson-databind 2.11.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u2
	[stretch] - jackson-databind 2.8.6-1+deb9u7
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2662
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
CVE-2020-10967 (In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash ...)
	{DSA-4690-1}
	- dovecot 1:2.3.10.1+dfsg1-1 (bug #960963)
	[stretch] - dovecot <not-affected> (Vulnerable code introduced in 2.3.0)
	[jessie] - dovecot <not-affected> (Vulnerable code introduced in 2.3.0)
	NOTE: https://www.openwall.com/lists/oss-security/2020/05/18/1
CVE-2020-35861 (An issue was discovered in the bumpalo crate before 3.2.1 for Rust. Th ...)
	- rust-bumpalo 3.2.1-1 (bug #955151)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0006.html
	NOTE: https://github.com/fitzgen/bumpalo/issues/69
CVE-2020-10966 (In the Password Reset Module in VESTA Control Panel through 0.9.8-25 a ...)
	NOT-FOR-US: VESTA Control Panel
CVE-2020-10965 (Teradici PCoIP Management Console 20.01.0 and 19.11.1 is vulnerable to ...)
	NOT-FOR-US: Teradici PCoIP Management Console
CVE-2020-10964 (Serendipity before 2.3.4 on Windows allows remote attackers to execute ...)
	- serendipity <removed>
CVE-2020-10963 (FrozenNode Laravel-Administrator through 5.0.12 allows unrestricted fi ...)
	NOT-FOR-US: FrozenNode Laravel-Administrator
CVE-2020-10962
	RESERVED
CVE-2020-10961
	RESERVED
CVE-2020-10960 (In MediaWiki before 1.34.1, users can add various Cascading Style Shee ...)
	{DSA-4651-1}
	- mediawiki 1:1.31.7-1
	[stretch] - mediawiki <not-affected> (Vulnerable code introduced later)
	NOTE: https://phabricator.wikimedia.org/T246602
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-March/093243.html
CVE-2020-10959 (resources/src/mediawiki.page.ready/ready.js in MediaWiki before 1.35 a ...)
	- mediawiki <not-affected> (Vulnerable code introduced later)
	NOTE: https://phabricator.wikimedia.org/T232932
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2020-March/093243.html
CVE-2020-10958 (In Dovecot before 2.3.10.1, a crafted SMTP/LMTP message triggers an un ...)
	{DSA-4690-1}
	- dovecot 1:2.3.10.1+dfsg1-1 (bug #960963)
	[stretch] - dovecot <not-affected> (Vulnerable code introduced in 2.3.0)
	[jessie] - dovecot <not-affected> (Vulnerable code introduced in 2.3.0)
	NOTE: https://www.openwall.com/lists/oss-security/2020/05/18/1
CVE-2020-10957 (In Dovecot before 2.3.10.1, unauthenticated sending of malformed param ...)
	{DSA-4690-1}
	- dovecot 1:2.3.10.1+dfsg1-1 (bug #960963)
	[stretch] - dovecot <not-affected> (Vulnerable code introduced in 2.3.0)
	[jessie] - dovecot <not-affected> (Vulnerable code introduced in 2.3.0)
	NOTE: https://www.openwall.com/lists/oss-security/2020/05/18/1
CVE-2020-10956 (GitLab 8.10 and later through 12.9 is vulnerable to an SSRF in a proje ...)
	[experimental] - gitlab 12.8.8-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
CVE-2020-10955 (GitLab EE/CE 11.1 through 12.9 is vulnerable to parameter tampering on ...)
	[experimental] - gitlab 12.8.8-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
CVE-2020-10954 (GitLab through 12.9 is affected by a potential DoS in repository archi ...)
	[experimental] - gitlab 12.8.8-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
CVE-2020-10953 (In GitLab EE 11.7 through 12.9, the NPM feature is vulnerable to a pat ...)
	- gitlab <not-affected> (Only affects GitLab EE 11.7 and later)
	NOTE: https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
CVE-2020-10952 (GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push doc ...)
	[experimental] - gitlab 12.8.8-1
	- gitlab 13.2.3-2
	NOTE: https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
CVE-2020-10951 (Western Digital My Cloud Home and ibi devices before 2.2.0 allow click ...)
	NOT-FOR-US: Western Digital My Cloud Home and ibi devices
CVE-2020-10950
	RESERVED
CVE-2020-10949
	RESERVED
CVE-2020-10948 (Jon Hedley AlienForm2 (typically installed as af.cgi or alienform.cgi) ...)
	NOT-FOR-US: Jon Hedley AlienForm2
CVE-2020-10947 (Mac Endpoint for Sophos Central before 9.9.6 and Mac Endpoint for Soph ...)
	NOT-FOR-US: Sophos
CVE-2020-10946 (Cross-site scripting (XSS) vulnerability allows remote attackers to in ...)
	- centreon-web <itp> (bug #913903)
CVE-2020-10945 (Centreon before 19.10.7 exposes Session IDs in server responses. ...)
	- centreon-web <itp> (bug #913903)
CVE-2020-10944 (HashiCorp Nomad and Nomad Enterprise up to 0.10.4 contained a cross-si ...)
	- nomad 0.10.5+dfsg1-1
	NOTE: https://github.com/hashicorp/nomad/issues/7468
CVE-2020-10943
	RESERVED
CVE-2020-10942 (In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net. ...)
	{DSA-4698-1 DSA-4667-1 DLA-2242-1 DLA-2241-1}
	- linux 5.5.13-1
	NOTE: https://git.kernel.org/linus/42d84c8490f9f0931786f1623191fcab397c3d64 (5.6-rc4)
CVE-2020-10941 (Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive inform ...)
	- mbedtls 2.16.5-1
	[buster] - mbedtls <no-dsa> (Minor issue)
	[stretch] - mbedtls <no-dsa> (Minor issue)
	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-02
CVE-2020-10940 (Local Privilege Escalation can occur in PHOENIX CONTACT PORTICO SERVER ...)
	NOT-FOR-US: PHOENIX CONTACT
CVE-2020-10939 (Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT thro ...)
	NOT-FOR-US: PHOENIX CONTACT
CVE-2020-10938 (GraphicsMagick before 1.3.35 has an integer overflow and resultant hea ...)
	{DSA-4675-1 DLA-2173-1}
	- graphicsmagick 1.4+really1.3.34-1
	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/95abc2b694ce
CVE-2020-10937 (An issue was discovered in IPFS (aka go-ipfs) 0.4.23. An attacker can  ...)
	- ipfs <itp> (bug #779893)
CVE-2020-10936 (Sympa before 6.2.56 allows privilege escalation. ...)
	{DSA-4818-1 DLA-2401-1}
	- sympa 6.2.40~dfsg-5 (bug #961491)
	NOTE: https://sympa-community.github.io/security/2020-002.html
	NOTE: Patch: https://github.com/sympa-community/sympa/releases/download/6.2.56/sympa-6.2.54-sa-2020-002-r2.patch
	NOTE: Patch for sympa-6.1.25: https://github.com/sympa-community/sympa/releases/download/6.2.56/sympa-6.1.25-sa-2020-002-r2.patch
	NOTE: https://sysdream.com/news/lab/2020-05-25-cve-2020-10936-sympa-privileges-escalation-to-root/
	NOTE: https://github.com/sympa-community/sympa/issues/943
CVE-2020-26932 (debian/sympa.postinst for the Debian Sympa package before 6.2.40~dfsg- ...)
	{DSA-4818-1 DLA-2401-1}
	- sympa 6.2.40~dfsg-7 (bug #971904)
	NOTE: Debian specific issue where sympa_newaliases-wrapper had loose permissions
	NOTE: (already suid root and word-executable) allowing to gain root privileges
	NOTE: without first to escalate to sympa user.
	NOTE: https://salsa.debian.org/sympa-team/sympa/-/merge_requests/1
CVE-2020-10935 (Zulip Server before 2.1.3 allows XSS via a Markdown link, with resulta ...)
	- zulip-server <itp> (bug #800052)
CVE-2020-10934 (Acyba AcyMailing before 6.9.2 mishandles file uploads by admins. ...)
	NOT-FOR-US: Acyba AcyMailing
CVE-2020-10933 (An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6 ...)
	{DSA-4721-1}
	- ruby2.7 2.7.1-1
	- ruby2.5 <removed>
	- ruby2.3 <not-affected> (Vulnerable code introduced in 2.5.0)
	- ruby2.1 <not-affected> (Vulnerable code introduced in 2.5.0)
	NOTE: https://www.ruby-lang.org/en/news/2020/03/31/heap-exposure-in-socket-cve-2020-10933/
	NOTE: Fixed by: https://github.com/ruby/ruby/commit/61b7f86248bd121be2e83768be71ef289e8e5b90
	NOTE: Introduced around https://github.com/ruby/ruby/commit/ba5eb6458a7e9a41ee76cfe45b84f997600681dc
	NOTE: and https://github.com/ruby/ruby/commit/ba5eb6458a7e9a41ee76cfe45b84f997600681dc
CVE-2020-10932 (An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before ...)
	- mbedtls 2.16.9-0.1 (bug #963159)
	[buster] - mbedtls <no-dsa> (Minor issue)
	[stretch] - mbedtls <no-dsa> (Minor issue)
	NOTE: https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.6-and-2.7.15-released
	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-04
CVE-2020-10930 (This vulnerability allows network-adjacent attackers to disclose sensi ...)
	NOT-FOR-US: Netgear
CVE-2020-10929 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
	NOT-FOR-US: Netgear
CVE-2020-10928 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
	NOT-FOR-US: Netgear
CVE-2020-10927 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
	NOT-FOR-US: Netgear
CVE-2020-10926 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
	NOT-FOR-US: Netgear
CVE-2020-10925 (This vulnerability allows network-adjacent attackers to compromise the ...)
	NOT-FOR-US: Netgear
CVE-2020-10924 (This vulnerability allows network-adjacent attackers to bypass authent ...)
	NOT-FOR-US: Netgear
CVE-2020-10923 (This vulnerability allows network-adjacent attackers to bypass authent ...)
	NOT-FOR-US: Netgear
CVE-2020-10922 (This vulnerability allows remote attackers to create a denial-of-servi ...)
	NOT-FOR-US: C-MORE HMI
CVE-2020-10921 (This vulnerability allows remote attackers to issue commands on affect ...)
	NOT-FOR-US: C-MORE HMI
CVE-2020-10920 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: C-MORE HMI
CVE-2020-10919 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: C-MORE HMI
CVE-2020-10918 (This vulnerability allows remote attackers to bypass authentication on ...)
	NOT-FOR-US: C-MORE HMI
CVE-2020-10917 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: NEC
CVE-2020-10916 (This vulnerability allows network-adjacent attackers to escalate privi ...)
	NOT-FOR-US: TP-Link
CVE-2020-10915 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: VEEAM One Agent
CVE-2020-10914 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: VEEAM One Agent
CVE-2020-10913 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10912 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10911 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10910 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10909 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10908 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10907 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-10906 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-10905 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10904 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10903 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10902 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10901 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10900 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-10899 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-10898 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10897 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10896 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10895 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10894 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10893 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10892 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10891 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10890 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10889 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-10888 (This vulnerability allows remote attackers to bypass authentication on ...)
	NOT-FOR-US: TP-Link
CVE-2020-10887 (This vulnerability allows a firewall bypass on affected installations  ...)
	NOT-FOR-US: TP-Link
CVE-2020-10886 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: TP-Link
CVE-2020-10885 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: TP-Link
CVE-2020-10884 (This vulnerability allows network-adjacent attackers execute arbitrary ...)
	NOT-FOR-US: TP-Link
CVE-2020-10883 (This vulnerability allows local attackers to escalate privileges on af ...)
	NOT-FOR-US: TP-Link
CVE-2020-10882 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
	NOT-FOR-US: TP-Link
CVE-2020-10881 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: TP-Link
CVE-2020-10880
	RESERVED
CVE-2020-10879 (rConfig before 3.9.5 allows command injection by sending a crafted GET ...)
	NOT-FOR-US: rConfig
CVE-2020-10878 (Perl before 5.30.3 has an integer overflow related to mishandling of a ...)
	- perl 5.30.3-1 (bug #962005)
	[buster] - perl 5.28.1-6+deb10u1
	[stretch] - perl 5.24.1-3+deb9u7
	NOTE: https://github.com/perl/perl5/commit/0a320d753fe7fca03df259a4dfd8e641e51edaa8 (v5.30.3)
	NOTE: https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c (v5.30.3)
CVE-2020-10877
	RESERVED
CVE-2020-10876 (The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlo ...)
	NOT-FOR-US: OKLOK
CVE-2020-10875 (Motorola FX9500 devices allow remote attackers to conduct absolute pat ...)
	NOT-FOR-US: Motorola devices
CVE-2020-10874 (Motorola FX9500 devices allow remote attackers to read database files. ...)
	NOT-FOR-US: Motorola devices
CVE-2020-10873
	RESERVED
CVE-2020-10872
	RESERVED
CVE-2020-10871 (** DISPUTED ** In OpenWrt LuCI git-20.x, remote unauthenticated attack ...)
	NOT-FOR-US: OpenWrt LuCI
CVE-2020-10870 (Zim through 0.72.1 creates temporary directories with predictable name ...)
	- zim 0.72.1-1 (unimportant; bug #954810)
	NOTE: https://github.com/zim-desktop-wiki/zim-desktop-wiki/issues/1028
	NOTE: Negligible security impact
CVE-2020-10869
	RESERVED
CVE-2020-10868 (An issue was discovered in Avast Antivirus before 20. The aswTask RPC  ...)
	NOT-FOR-US: Avast Antivirus
CVE-2020-10867 (An issue was discovered in Avast Antivirus before 20. The aswTask RPC  ...)
	NOT-FOR-US: Avast Antivirus
CVE-2020-10866 (An issue was discovered in Avast Antivirus before 20. The aswTask RPC  ...)
	NOT-FOR-US: Avast Antivirus
CVE-2020-10865 (An issue was discovered in Avast Antivirus before 20. The aswTask RPC  ...)
	NOT-FOR-US: Avast Antivirus
CVE-2020-10864 (An issue was discovered in Avast Antivirus before 20. The aswTask RPC  ...)
	NOT-FOR-US: Avast Antivirus
CVE-2020-10863 (An issue was discovered in Avast Antivirus before 20. The aswTask RPC  ...)
	NOT-FOR-US: Avast Antivirus
CVE-2020-10862 (An issue was discovered in Avast Antivirus before 20. The aswTask RPC  ...)
	NOT-FOR-US: Avast Antivirus
CVE-2020-10861 (An issue was discovered in Avast Antivirus before 20. The aswTask RPC  ...)
	NOT-FOR-US: Avast Antivirus
CVE-2020-10860 (An issue was discovered in Avast Antivirus before 20. An Arbitrary Mem ...)
	NOT-FOR-US: Avast Antivirus
CVE-2020-10859 (Zoho ManageEngine Desktop Central before 10.0.484 allows authenticated ...)
	NOT-FOR-US: Zoho
CVE-2020-10858 (Zulip Desktop before 5.0.0 allows attackers to perform recording via t ...)
	NOT-FOR-US: Zulip Desktop
CVE-2020-10857 (Zulip Desktop before 5.0.0 improperly uses shell.openExternal and shel ...)
	NOT-FOR-US: Zulip Desktop
CVE-2020-10856
	RESERVED
CVE-2020-10931 (Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial ...)
	- memcached 1.6.2-1 (bug #954808)
	[buster] - memcached <not-affected> (Introduced in 1.6)
	[stretch] - memcached <not-affected> (Introduced in 1.6)
	[jessie] - memcached <not-affected> (Introduced in 1.6)
	NOTE: https://github.com/memcached/memcached/issues/629
	NOTE: https://github.com/memcached/memcached/commit/02c6a2b62ddcb6fa4569a591d3461a156a636305
CVE-2020-10855 (An issue was discovered on Samsung mobile devices with P(9.0) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10854 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10853 (An issue was discovered on Samsung mobile devices with P(9.0) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10852 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10851 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10850 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10849 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10848 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10847 (An issue was discovered on Samsung mobile devices with P(9.0) (Galaxy  ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10846 (An issue was discovered on Samsung mobile devices with P(9.x) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10845 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10844 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10843 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10842 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10841 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10840 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10839 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10838 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10837 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10836 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10835 (An issue was discovered on Samsung mobile devices with any (before Feb ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10834 (An issue was discovered on Samsung mobile devices with P(9.0) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10833 (An issue was discovered on Samsung mobile devices with Q(10.0) softwar ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10832 (An issue was discovered on Samsung mobile devices with P(9.0) (Exynos  ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10831 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10830 (An issue was discovered on Samsung mobile devices with P(9.0) and Q(10 ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10829 (An issue was discovered on Samsung mobile devices with O(8.0), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2020-10828 (A stack-based buffer overflow in cvmd on Draytek Vigor3900, Vigor2960, ...)
	NOT-FOR-US: Draytek
CVE-2020-10827 (A stack-based buffer overflow in apmd on Draytek Vigor3900, Vigor2960, ...)
	NOT-FOR-US: Draytek
CVE-2020-10826 (/cgi-bin/activate.cgi on Draytek Vigor3900, Vigor2960, and Vigor300B d ...)
	NOT-FOR-US: Draytek
CVE-2020-10825 (A stack-based buffer overflow in /cgi-bin/activate.cgi while base64 de ...)
	NOT-FOR-US: Draytek
CVE-2020-10824 (A stack-based buffer overflow in /cgi-bin/activate.cgi through ticket  ...)
	NOT-FOR-US: Draytek
CVE-2020-10823 (A stack-based buffer overflow in /cgi-bin/activate.cgi through var par ...)
	NOT-FOR-US: Draytek
CVE-2020-10822
	RESERVED
CVE-2020-10821 (Nagios XI 5.6.11 allows XSS via the account/main.php theme parameter. ...)
	NOT-FOR-US: Nagios XI
CVE-2020-10820 (Nagios XI 5.6.11 allows XSS via the includes/components/ldap_ad_integr ...)
	NOT-FOR-US: Nagios XI
CVE-2020-10819 (Nagios XI 5.6.11 allows XSS via the includes/components/ldap_ad_integr ...)
	NOT-FOR-US: Nagios XI
CVE-2020-10818 (Artica Proxy 4.26 allows remote command execution for an authenticated ...)
	NOT-FOR-US: Artica Proxy
CVE-2020-10817 (The custom-searchable-data-entry-system (aka Custom Searchable Data En ...)
	NOT-FOR-US: custom-searchable-data-entry-system (aka Custom Searchable Data Entry System) plugin for WordPress
CVE-2020-10816 (Zoho ManageEngine Applications Manager 14780 and before allows a remot ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2020-10815
	RESERVED
CVE-2020-10814 (A buffer overflow vulnerability in Code::Blocks 17.12 allows an attack ...)
	NOT-FOR-US: Code::Blocks
CVE-2020-10813 (A buffer overflow vulnerability in FTPDMIN 0.96 allows attackers to cr ...)
	NOT-FOR-US: FTPDMIN
CVE-2020-10812 (An issue was discovered in HDF5 through 1.12.0. A NULL pointer derefer ...)
	- hdf5 <unfixed> (unimportant)
	NOTE: https://github.com/Loginsoft-Research/hdf5-reports/tree/master/Vuln_4
	NOTE: https://research.loginsoft.com/bugs/null-pointer-dereference-in-h5fquery-c-hdf5-1-13-0/
	NOTE: Negligible security impact, malicous scientific data has more issues than a crash...
CVE-2020-10811 (An issue was discovered in HDF5 through 1.12.0. A heap-based buffer ov ...)
	- hdf5 <unfixed> (unimportant)
	NOTE: https://github.com/Loginsoft-Research/hdf5-reports/tree/master/Vuln_2
	NOTE: https://research.loginsoft.com/bugs/heap-buffer-overflow-in-h5olayout-c-hdf5-1-13-0/
	NOTE: Negligible security impact, malicous scientific data has more issues than a crash...
CVE-2020-10810 (An issue was discovered in HDF5 through 1.12.0. A NULL pointer derefer ...)
	- hdf5 <unfixed> (unimportant)
	NOTE: https://github.com/Loginsoft-Research/hdf5-reports/tree/master/Vuln_3
	NOTE: https://research.loginsoft.com/bugs/null-pointer-dereference-in-h5ac-c-hdf5-1-13-0/
	NOTE: Negligible security impact, malicous scientific data has more issues than a crash...
CVE-2020-10809 (An issue was discovered in HDF5 through 1.12.0. A heap-based buffer ov ...)
	- hdf5 <unfixed> (unimportant)
	NOTE: https://github.com/Loginsoft-Research/hdf5-reports/tree/master/Vuln_1
	NOTE: https://research.loginsoft.com/bugs/heap-overflow-in-decompress-c-hdf5-1-13-0/
	NOTE: Negligible security impact, malicous scientific data has more issues than a crash...
CVE-2020-10808 (Vesta Control Panel (VestaCP) through 0.9.8-26 allows Command Injectio ...)
	NOT-FOR-US: Vesta Control Panel
CVE-2020-10807 (auth_svc in Caldera before 2.6.5 allows authentication bypass (for RES ...)
	NOT-FOR-US: Caldera
CVE-2020-10806 (eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before ...)
	NOT-FOR-US: eZ Publish Kernel
CVE-2020-10805
	RESERVED
CVE-2020-10804 (In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection v ...)
	- phpmyadmin 4:4.9.5+dfsg1-1 (bug #954667)
	[stretch] - phpmyadmin 4:4.6.6-4+deb9u1
	[jessie] - phpmyadmin <not-affected> (Vulnerable code not present)
	NOTE: Introduced-by: https://github.com/phpmyadmin/phpmyadmin/commit/56b43527196b0349ec2bea8ca711667e5aa75c65
	NOTE: Introduced-by: https://github.com/phpmyadmin/phpmyadmin/commit/d55abcd5ffa1ea8785f1217f5b7d78a8a54b8542
	NOTE: https://www.phpmyadmin.net/security/PMASA-2020-2/
	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/89fbcd7c39e6b3979cdb2f64aa4cd5f4db27eaad
	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/3258978c38bee8cb4b99f249dffac9c8aaea2d80
CVE-2020-10803 (In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection v ...)
	{DLA-2154-1}
	- phpmyadmin 4:4.9.5+dfsg1-1 (bug #954666)
	[stretch] - phpmyadmin 4:4.6.6-4+deb9u1
	NOTE: https://www.phpmyadmin.net/security/PMASA-2020-4/
	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/46a7aa7cd4ff2be0eeb23721fbf71567bebe69a5
	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/6b9b2601d8af916659cde8aefd3a6eaadd10284a
CVE-2020-10802 (In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection v ...)
	{DLA-2154-1}
	- phpmyadmin 4:4.9.5+dfsg1-1 (bug #954665)
	[stretch] - phpmyadmin 4:4.6.6-4+deb9u1
	NOTE: https://www.phpmyadmin.net/security/PMASA-2020-3/
	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/a8acd7a42cf743186528b0453f90aaa32bfefabe
CVE-2020-10801
	RESERVED
CVE-2020-10800 (lix through 15.8.7 allows man-in-the-middle attackers to execute arbit ...)
	NOT-FOR-US: lix node (different from src:lix)
CVE-2020-10799 (The svglib package through 0.9.3 for Python allows XXE attacks via an  ...)
	NOT-FOR-US: svglib
CVE-2020-10798
	RESERVED
CVE-2020-10797 (An XSS vulnerability resides in the hostname field of the diag_ping.ph ...)
	NOT-FOR-US: pfSense
CVE-2020-10796
	RESERVED
CVE-2020-10795 (Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to authenticated remote code ...)
	NOT-FOR-US: Gira TKS-IP-Gateway
CVE-2020-10794 (Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to unauthenticated path trav ...)
	NOT-FOR-US: Gira TKS-IP-Gateway
CVE-2020-10793 (CodeIgniter through 4.0.0 allows remote attackers to gain privileges v ...)
	- codeigniter <itp> (bug #471583)
CVE-2020-10792 (openITCOCKPIT through 3.7.2 allows remote attackers to configure the s ...)
	NOT-FOR-US: openITCOCKPIT
CVE-2020-10791 (app/Plugin/GrafanaModule/Controller/GrafanaConfigurationController.php ...)
	NOT-FOR-US: openITCOCKPIT
CVE-2020-10790 (openITCOCKPIT before 3.7.3 has unnecessary files (such as Lodash files ...)
	NOT-FOR-US: openITCOCKPIT
CVE-2020-10789 (openITCOCKPIT before 3.7.3 has a web-based terminal that allows attack ...)
	NOT-FOR-US: openITCOCKPIT
CVE-2020-10788 (openITCOCKPIT before 3.7.3 uses the 1fea123e07f730f76e661bced33a941523 ...)
	NOT-FOR-US: openITCOCKPIT
CVE-2020-10787 (An elevation of privilege in Vesta Control Panel through 0.9.8-26 allo ...)
	NOT-FOR-US: Vesta Control Panel
CVE-2020-10786 (A remote command execution in Vesta Control Panel through 0.9.8-26 all ...)
	NOT-FOR-US: Vesta Control Panel
CVE-2020-10785
	RESERVED
CVE-2020-10784
	RESERVED
CVE-2020-10783 (Red Hat CloudForms 4.7 and 5 is affected by a role-based privilege esc ...)
	NOT-FOR-US: Red Hat CloudForm
CVE-2020-10782 (An exposure of sensitive information flaw was found in Ansible version ...)
	NOT-FOR-US: Ansible Tower
CVE-2020-10781 (A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel ...)
	{DLA-2385-1}
	- linux 5.7.10-1
	[buster] - linux 4.19.146-1
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/18/1
	NOTE: https://git.kernel.org/linus/853eab68afc80f59f36bbdeb715e5c88c501e680
CVE-2020-10780 (Red Hat CloudForms 4.7 and 5 is affected by CSV Injection flaw, a craf ...)
	NOT-FOR-US: Red Hat CloudForm
CVE-2020-10779 (Red Hat CloudForms 4.7 and 5 leads to insecure direct object reference ...)
	NOT-FOR-US: Red Hat CloudForm
CVE-2020-10778 (In Red Hat CloudForms 4.7 and 5, the read only widgets can be edited b ...)
	NOT-FOR-US: Red Hat CloudForm
CVE-2020-10777 (A cross-site scripting flaw was found in Report Menu feature of Red Ha ...)
	NOT-FOR-US: Red Hat CloudForm
CVE-2020-10776 (A flaw was found in Keycloak before version 12.0.0, where it is possib ...)
	NOT-FOR-US: Keycloak
CVE-2020-10775 (An Open redirect vulnerability was found in ovirt-engine versions 4.4  ...)
	NOT-FOR-US: ovirt-engine
CVE-2020-10774 (A memory disclosure flaw was found in the Linux kernel's versions befo ...)
	- linux <not-affected> (Red Hat-specific patch)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1846964
CVE-2020-10773 (A stack information leak flaw was found in s390/s390x in the Linux ker ...)
	- linux 5.3.9-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	[jessie] - linux 3.16.81-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1846380
CVE-2020-10772 (An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Ha ...)
	- unbound <not-affected> (Red Hat specific regression in backport)
CVE-2020-10771 (A flaw was found in Infinispan version 10, where it is possible to per ...)
	NOT-FOR-US: Infinispan
CVE-2020-10770 (A flaw was found in Keycloak before 13.0.0, where it is possible to fo ...)
	NOT-FOR-US: Keycloak
CVE-2020-10769 (A buffer over-read flaw was found in RH kernel versions before 5.0 in  ...)
	- linux 4.19.20-1
	[stretch] - linux 4.9.161-1
	[jessie] - linux 3.16.68-1
	NOTE: https://git.kernel.org/linus/8f9c469348487844328e162db57112f7d347c49f
CVE-2020-10768 (A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() fun ...)
	{DLA-2323-1}
	- linux 5.7.6-1
	[buster] - linux 4.19.131-1
	[stretch] - linux 4.9.228-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/10/1
	NOTE: https://git.kernel.org/linus/4d8df8cbb9156b0a0ab3f802b80cb5db57acc0bf
CVE-2020-10767 (A flaw was found in the Linux kernel before 5.8-rc1 in the implementat ...)
	{DLA-2323-1}
	- linux 5.7.6-1
	[buster] - linux 4.19.131-1
	[stretch] - linux 4.9.228-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/10/1
	NOTE: https://git.kernel.org/linus/21998a351512eba4ed5969006f0c55882d995ada
CVE-2020-10766 (A logic bug flaw was found in Linux kernel before 5.8-rc1 in the imple ...)
	{DLA-2323-1}
	- linux 5.7.6-1
	[buster] - linux 4.19.131-1
	[stretch] - linux 4.9.228-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/10/1
	NOTE: https://git.kernel.org/linus/dbbe2ad02e9df26e372f38cc3e70dab9222c832e
CVE-2020-10765
	RESERVED
CVE-2020-10764
	RESERVED
CVE-2020-10763 (An information-disclosure flaw was found in the way Heketi before 10.1 ...)
	- heketi <itp> (bug #903384)
CVE-2020-10762 (An information-disclosure flaw was found in the way that gluster-block ...)
	NOT-FOR-US: gluster-block
CVE-2020-10761 (An assertion failure issue was found in the Network Block Device(NBD)  ...)
	- qemu 1:5.0-6
	[buster] - qemu <not-affected> (Vulnerable code introduced later)
	[stretch] - qemu <not-affected> (Vulnerable code introduced later)
	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
	NOTE: https://www.openwall.com/lists/oss-security/2020/06/09/1
	NOTE: Proposed upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg02031.html
	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=5c4fe018c025740fef4a0a4421e8162db0c3eefd
	NOTE: Introduced in: https://git.qemu.org/?p=qemu.git;a=commit;h=93676c88d7a5cd5971de94f9091eff8e9773b1af
CVE-2020-10760 (A use-after-free flaw was found in all samba LDAP server versions befo ...)
	{DLA-2463-1}
	- samba 2:4.12.5+dfsg-1
	[buster] - samba <postponed> (Minor issue, fix along in next DSA)
	NOTE: https://www.samba.org/samba/security/CVE-2020-10760.html
CVE-2020-10759 (A PGP signature bypass flaw was found in fwupd (all versions), which c ...)
	{DLA-2274-1}
	- fwupd 1.3.10-1 (bug #962517)
	[buster] - fwupd 1.2.13-1
	- libjcat 0.1.3-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1844316
	NOTE: https://github.com/justinsteven/advisories/blob/master/2020_fwupd_dangling_s3_bucket_and_CVE-2020-10759_signature_verification_bypass.md
	NOTE: Fixed by: https://github.com/fwupd/fwupd/commit/21f2d12fccef63b8aaa99ec53278ce18250b0444 (1.3.10)
	NOTE: Introduced with: https://github.com/fwupd/fwupd/commit/36a889034c3d34ae4ac4530ea7b6b16e82476fae (0.1.2)
	NOTE: https://github.com/hughsie/libjcat/commit/839b89f45a38b2373bf5836337a33f450aaab72e
CVE-2020-10758 (A vulnerability was found in Keycloak before 11.0.1 where DoS attack i ...)
	NOT-FOR-US: Keycloak
CVE-2020-10757 (A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the  ...)
	{DSA-4699-1 DSA-4698-1 DLA-2242-1}
	- linux 5.6.14-2
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.kernel.org/linus/5bfea2d9b17f1034a68147a8b03b9789af5700f9
CVE-2020-10756 (An out-of-bounds read vulnerability was found in the SLiRP networking  ...)
	{DSA-4728-1 DLA-2288-1}
	- libslirp 4.3.1-1
	- qemu 1:4.1-2
	- slirp4netns 1.0.1-1
	[buster] - slirp4netns <no-dsa> (Minor issue)
	NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed.
	NOTE: slirp4netns 1.0.1-1 switched to system libslirp, marking that version as fixed.
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1835986#c11
	NOTE: https://github.com/rootless-containers/slirp4netns/security/advisories/GHSA-96c5-v27g-58vf
CVE-2020-10755 (An insecure-credentials flaw was found in all openstack-cinder version ...)
	- cinder 2:16.1.0-1 (low)
	[buster] - cinder <no-dsa> (Minor issue)
	[stretch] - cinder <no-dsa> (Minor issue)
	[jessie] - cinder <end-of-life> (OpenStack component, not supported in jessie LTS)
	- python-os-brick 3.1.0-1 (low)
	[buster] - python-os-brick <no-dsa> (Minor issue)
	[stretch] - python-os-brick <no-dsa> (Minor issue)
	NOTE: https://bugs.launchpad.net/cinder/+bug/1823200
	NOTE: https://wiki.openstack.org/wiki/OSSN/OSSN-0086
CVE-2020-10754 (It was found that nmcli, a command line interface to NetworkManager di ...)
	- network-manager 1.24.2-1 (unimportant)
	NOTE: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/448
	NOTE: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/8affcc19b61fc3c516474ba075e61b82030feeb4
	NOTE: Only affects builds enabling ifcfg-rh settings plugin, source-wise only
	NOTE: affected but not the Debian binary builds (and is RedHat/Fedora specific
	NOTE: plugin).
CVE-2020-10753 (A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gate ...)
	{DLA-2735-1}
	- ceph 14.2.15-1 (bug #975300)
	[buster] - ceph <no-dsa> (Minor issue)
	[jessie] - ceph <no-dsa> (Minor issue)
	NOTE: https://github.com/ceph/ceph/pull/35773
	NOTE: Fix: https://github.com/ceph/ceph/commit/1524d3c0c5cb11775313ea1e2bb36a93257947f2
CVE-2020-10752 (A flaw was found in the OpenShift API Server, where it failed to suffi ...)
	NOT-FOR-US: OpenShift
CVE-2020-10751 (A flaw was found in the Linux kernels SELinux LSM hook implementation  ...)
	{DSA-4699-1 DSA-4698-1 DLA-2242-1 DLA-2241-1}
	- linux 5.6.14-1
	NOTE: https://git.kernel.org/linus/fb73974172ffaaf57a7c42f35424d9aece1a5af6
CVE-2020-10750 (Sensitive information written to a log file vulnerability was found in ...)
	NOT-FOR-US: Jaeger
CVE-2020-10749 (A vulnerability was found in all versions of containernetworking/plugi ...)
	- golang-github-containernetworking-plugins 0.8.6-1
	NOTE: https://github.com/containernetworking/plugins/pull/484
	NOTE: https://github.com/containernetworking/plugins/commit/219eb9e0464761c47383d239aba206da695e1a43
CVE-2020-10748 (A flaw was found in Keycloak's data filter, in version 10.0.1, where i ...)
	NOT-FOR-US: Keycloak
CVE-2020-10747
	REJECTED
CVE-2020-10746 (A flaw was found in Infinispan (org.infinispan:infinispan-server-runti ...)
	NOT-FOR-US: Infinispan
CVE-2020-10745 (A flaw was found in all Samba versions before 4.10.17, before 4.11.11  ...)
	{DLA-2463-1}
	- samba 2:4.12.5+dfsg-1
	[buster] - samba <postponed> (Minor issue, fix along in next DSA)
	NOTE: https://www.samba.org/samba/security/CVE-2020-10745.html
CVE-2020-10744 (An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansi ...)
	- ansible 2.9.13+dfsg-1 (bug #966660)
	[buster] - ansible <not-affected> (Incomplete fix not applied)
	[stretch] - ansible <not-affected> (Incomplete fix not applied)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1835566
	NOTE: https://github.com/ansible/ansible/commit/77d0effcc5b2da1ef23e4ba32986a9759c27c10d
	NOTE: https://github.com/ansible/ansible/commit/84afa8e90cd168ff13208c8eae3e533ce7e21e1f (v2.9.12)
	NOTE: CVE is for an incomplete fix of CVE-2020-1733
CVE-2020-10743 (It was discovered that OpenShift Container Platform's (OCP) distributi ...)
	- kibana <itp> (bug #700337)
CVE-2020-10742 (A flaw was found in the Linux kernel. An index buffer overflow during  ...)
	- linux 3.16.2-2
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1835127
CVE-2020-10741
	REJECTED
CVE-2020-10740 (A vulnerability was found in Wildfly in versions before 20.0.0.Final,  ...)
	- wildfly <itp> (bug #752018)
CVE-2020-10739 (Istio 1.4.x before 1.4.9 and Istio 1.5.x before 1.5.4 contain the foll ...)
	- envoyproxy <itp> (bug #987544)
CVE-2020-10738 (A flaw was found in Moodle versions 3.8 before 3.8.3, 3.7 before 3.7.6 ...)
	- moodle <removed>
CVE-2020-10737 (A race condition was found in the mkhomedir tool shipped with the oddj ...)
	- oddjob 0.34.6-1 (bug #960089)
	[buster] - oddjob <no-dsa> (Minor issue)
	[stretch] - oddjob <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1833042
	NOTE: https://pagure.io/oddjob/c/10b8aaa1564b723a005b53acc069df71313f4cac
CVE-2020-10736 (An authorization bypass vulnerability was found in Ceph versions 15.2. ...)
	- ceph <not-affected> (Vulnerable code introduced later)
	NOTE: https://ceph.io/releases/v15-2-2-octopus-released/
	NOTE: https://github.com/ceph/ceph/commit/c7e7009a690621aacd4ac2c70c6469f25d692868 (master)
	NOTE: https://github.com/ceph/ceph/commit/f2cf2ce1bd9a86462510a7a12afa4e528b615df2 (v15.2.2)
CVE-2020-10735
	RESERVED
CVE-2020-10734 (A vulnerability was found in keycloak in the way that the OIDC logout  ...)
	NOT-FOR-US: Keycloak
CVE-2020-10733 (The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided  ...)
	- postgresql-12 <not-affected> (Windows-specific)
	- postgresql-11 <not-affected> (Windows-specific)
	- postgresql-9.6 <not-affected> (Windows-specific)
	NOTE: https://www.postgresql.org/about/news/2038/
CVE-2020-10732 (A flaw was found in the Linux kernel's implementation of Userspace cor ...)
	{DSA-4699-1 DSA-4698-1 DLA-2242-1}
	- linux 5.6.14-2
	[jessie] - linux <ignored> (Does not affect supported architectures)
	NOTE: https://www.openwall.com/lists/oss-security/2020/05/06/1
	NOTE: https://git.kernel.org/linus/1d605416fb7175e1adf094251466caa52093b413
CVE-2020-10731 (A flaw was found in the nova_libvirt container provided by the Red Hat ...)
	NOT-FOR-US: Red Hat OpenStack platform
CVE-2020-10730 (A NULL pointer dereference, or possible use-after-free flaw was found  ...)
	{DSA-4884-1 DLA-2463-1}
	- ldb 2:2.1.4-1
	[stretch] - ldb <not-affected> (Vulnerable code introduced later)
	- samba 2:4.12.5+dfsg-1
	[buster] - samba <postponed> (Minor issue, fix along in next DSA)
	NOTE: https://www.samba.org/samba/security/CVE-2020-10730.html
	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14364
	NOTE: https://git.samba.org/?p=samba.git;a=commitdiff;h=9dd458956d7af1b4bbe505ba2ab72235e81c27d0 (for ldb)
CVE-2020-10729 (A flaw was found in the use of insufficiently random values in Ansible ...)
	{DSA-4950-1}
	- ansible 2.9.6+dfsg-1
	[jessie] - ansible <not-affected> (Vulnerable code introduced later, no variables template caching)
	NOTE: https://github.com/ansible/ansible/issues/34144
	NOTE: https://github.com/ansible/ansible/pull/67429/
	NOTE: https://github.com/ansible/ansible/commit/b38603c45ed3a53574ec2080fb3a24db38ab5bc6
	NOTE: Introduced in https://github.com/ansible/ansible/commit/87a9485b2f5a3188460f0a0219d2e0d990ce4e67 (2.0)
CVE-2020-10728
	RESERVED
	NOT-FOR-US: automationbroker/apb
CVE-2020-10727 (A flaw was found in ActiveMQ Artemis management API from version 2.7.0 ...)
	NOT-FOR-US: ApacheMQ Artemis
CVE-2020-10726 (A vulnerability was found in DPDK versions 19.11 and above. A maliciou ...)
	- dpdk 19.11.2-1 (bug #960936)
	[buster] - dpdk <not-affected> (Vulnerable code not present)
	[stretch] - dpdk <not-affected> (Vulnerable code not present)
CVE-2020-10725 (A flaw was found in DPDK version 19.11 and above that allows a malicio ...)
	- dpdk 19.11.2-1 (bug #960936)
	[buster] - dpdk <not-affected> (Vulnerable code not present)
	[stretch] - dpdk <not-affected> (Vulnerable code not present)
CVE-2020-10724 (A vulnerability was found in DPDK versions 18.11 and above. The vhost- ...)
	- dpdk 19.11.2-1 (bug #960936)
	[buster] - dpdk 18.11.6-1~deb10u2
	[stretch] - dpdk <not-affected> (Vulnerable code not present)
CVE-2020-10723 (A memory corruption issue was found in DPDK versions 17.05 and above.  ...)
	- dpdk 19.11.2-1 (bug #960936)
	[buster] - dpdk 18.11.6-1~deb10u2
	[stretch] - dpdk <not-affected> (Vulnerable code not present)
CVE-2020-10722 (A vulnerability was found in DPDK versions 18.05 and above. A missing  ...)
	{DSA-4688-1}
	- dpdk 19.11.2-1 (bug #960936)
CVE-2020-10721 (A flaw was found in the fabric8-maven-plugin 4.0.0 and later. When usi ...)
	NOT-FOR-US: fabric8-maven-plugin
CVE-2020-10720 (A flaw was found in the Linux kernel's implementation of GRO in versio ...)
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.184-1
	[jessie] - linux 3.16.76-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1781204
	NOTE: Fixed by: https://git.kernel.org/linus/a4270d6795b0580287453ea55974d948393e66ef
CVE-2020-10719 (A flaw was found in Undertow in versions before 2.1.1.Final, regarding ...)
	- undertow 2.1.1-1 (bug #969913)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1828459
	NOTE: https://issues.redhat.com/browse/UNDERTOW-1708 (not public)
	NOTE: most likely fixed by https://github.com/undertow-io/undertow/commit/bfc8fbd67f6b3dd96702b363f61cf805baf3c6cf
CVE-2020-10718 (A flaw was found in Wildfly before wildfly-embedded-13.0.0.Final, wher ...)
	- wildfly <itp> (bug #752018)
CVE-2020-10717 (A potential DoS flaw was found in the virtio-fs shared file system dae ...)
	- qemu 1:5.0-5 (bug #959746)
	[buster] - qemu <not-affected> (Vulnerable code introduced later)
	[stretch] - qemu <not-affected> (Vulnerable code introduced later)
	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
	NOTE: Introduced in: https://git.qemu.org/?p=qemu.git;a=commit;h=01a6dc95ec7f71eeff9963fe3cb03d85225fba3e (v5.0.0-rc0)
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg00143.html
CVE-2020-10716 (A flaw was found in Red Hat Satellite's Job Invocation, where the "Use ...)
	NOT-FOR-US: tfm-rubygem-foreman_ansible / Red Hat Satellite's Job Invocation
CVE-2020-10715 (A content spoofing vulnerability was found in the openshift/console 3. ...)
	NOT-FOR-US: Openshift Web Console
CVE-2020-10714 (A flaw was found in WildFly Elytron version 1.11.3.Final and before. W ...)
	NOT-FOR-US: WildFly Elytron
CVE-2020-10713 (A flaw was found in grub2, prior to version 2.06. An attacker may use  ...)
	{DSA-4735-1}
	- grub2 2.04-9
	[stretch] - grub2 <ignored> (No SecureBoot support in stretch)
	NOTE: https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/
	NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
	NOTE: https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=a4d3fbdff1e3ca8f87642af2ac8752c30c617a3e
CVE-2020-10712 (A flaw was found in OpenShift Container Platform version 4.1 and later ...)
	NOT-FOR-US: image registry operator in OpenShift Container Platform
CVE-2020-10711 (A NULL pointer dereference flaw was found in the Linux kernel's SELinu ...)
	{DSA-4699-1 DSA-4698-1 DLA-2242-1}
	- linux 5.6.14-1
	[jessie] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://www.openwall.com/lists/oss-security/2020/05/12/2
CVE-2020-10710
	RESERVED
	NOT-FOR-US: foreman-installer
CVE-2020-10709 (A security flaw was found in Ansible Tower when requesting an OAuth2 t ...)
	- ansible-awx <itp> (bug #908763)
	NOTE: https://github.com/ansible/awx/issues/6630
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1824033
CVE-2020-10708
	REJECTED
CVE-2020-10707
	REJECTED
CVE-2020-10706 (A flaw was found in OpenShift Container Platform where OAuth tokens ar ...)
	NOT-FOR-US: OpenShift
CVE-2020-10705 (A flaw was discovered in Undertow in versions before Undertow 2.1.1.Fi ...)
	- undertow 2.1.1-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1803241
	NOTE: https://github.com/undertow-io/undertow/commit/b53d4589c586e8bbdcc89ed60f32cd7977e9a4f4
CVE-2020-10704 (A flaw was found when using samba as an Active Directory Domain Contro ...)
	{DLA-2463-1}
	- samba 2:4.12.3+dfsg-2 (bug #960188)
	[buster] - samba <postponed> (Can be fixed along in future DSA)
	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14334
	NOTE: https://www.samba.org/samba/security/CVE-2020-10704.html
CVE-2020-10703 (A NULL pointer dereference was found in the libvirt API responsible in ...)
	- libvirt 6.0.0-2
	[buster] - libvirt <no-dsa> (Minor issue)
	[stretch] - libvirt <not-affected> (Vulnerable code introduced later)
	[jessie] - libvirt <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1790725
	NOTE: Introduced by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=5d5c732d748d644ec14626bce448e84bdc4bd93e (v3.10.0-rc1)
	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=dfff16a7c261f8d28e3abe60a47165f845fa952f (v6.0.0-rc1)
CVE-2020-10702 (A flaw was found in QEMU in the implementation of the Pointer Authenti ...)
	- qemu 1:4.2-5
	[buster] - qemu <not-affected> (Vulnerable code introduced later)
	[stretch] - qemu <not-affected> (Vulnerable code introduced later)
	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
	- qemu-kvm <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=de0b1bae6461f67243282555475f88b2384a1eb9 (v5.0.0-rc0)
CVE-2020-10701 (A missing authorization flaw was found in the libvirt API responsible  ...)
	- libvirt 6.0.0-7 (bug #955841)
	[buster] - libvirt <not-affected> (Vulnerable code introduced later)
	[stretch] - libvirt <not-affected> (Vulnerable code introduced later)
	[jessie] - libvirt <not-affected> (Vulnerable code introduced later)
	NOTE: Introduced in: https://libvirt.org/git/?p=libvirt.git;a=commit;h=95f5ac9ae52455e9da47afc95fa31c9456ac27ae (v5.10.0-rc1)
	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=4cc90c2e62df653e909ad31fd810224bf8bcf913 (v6.2.0-rc1)
CVE-2020-10700 (A use-after-free flaw was found in the way samba AD DC LDAP servers, h ...)
	- samba 2:4.12.3+dfsg-2 (bug #960189)
	[buster] - samba <not-affected> (Vulnerable code introduced later)
	[stretch] - samba <not-affected> (Vulnerable code introduced later)
	[jessie] - samba <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14331
	NOTE: https://www.samba.org/samba/security/CVE-2020-10700.html
CVE-2020-10699 (A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51  ...)
	- targetcli-fb <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/open-iscsi/targetcli-fb/issues/162
	NOTE: Introduced in: https://github.com/open-iscsi/targetcli-fb/commit/ad37f94ae72d0e3d5963ce182e2897c84af9c039 (v2.1.50)
	NOTE: Fixed by: https://github.com/open-iscsi/targetcli-fb/commit/6e4f39357a90a914d11bac21cc2d2b52c07c213d
CVE-2020-10698 (A flaw was found in Ansible Tower when running jobs. This flaw allows  ...)
	NOT-FOR-US: Ansible Tower
CVE-2020-10697 (A flaw was found in Ansible Tower when running Openshift. Tower runs a ...)
	NOT-FOR-US: Ansible Tower
CVE-2020-10696 (A path traversal flaw was found in Buildah in versions before 1.14.5.  ...)
	- golang-github-containers-buildah 1.11.6-2
	NOTE: https://github.com/containers/buildah/commit/c61925b8936e93a5e900f91b653a846f7ea3a9ed
CVE-2020-10695 (An insecure modification flaw in the /etc/passwd file was found in the ...)
	NOTE: Red Hat specific CVE assignment for openshift/redhat-sso-7 container
CVE-2020-10694
	RESERVED
CVE-2020-10693 (A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in  ...)
	- libhibernate-validator-java <unfixed> (bug #988946)
	[bullseye] - libhibernate-validator-java <no-dsa> (Minor issue)
	[buster] - libhibernate-validator-java <not-affected> (EL support added in 5.x)
	[stretch] - libhibernate-validator-java <not-affected> (EL support added in 5.x)
	[jessie] - libhibernate-validator-java <not-affected> (EL support added in 5.x)
	- libhibernate-validator4-java <not-affected> (EL support added in 5.x)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1805501
CVE-2020-10692
	RESERVED
CVE-2020-10691 (An archive traversal flaw was found in all ansible-engine versions 2.9 ...)
	- ansible 2.9.7+dfsg-1
	[buster] - ansible <not-affected> (Vulnerable code introduced later)
	[stretch] - ansible <not-affected> (Vulnerable code introduced later)
	[jessie] - ansible <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1817161
	NOTE: https://github.com/ansible/ansible/pull/68596
	NOTE: https://github.com/ansible/ansible/commit/b2551bb6943eec078066aa3a923e0bb3ed85abe8 (stable-2.9)
CVE-2020-10690 (There is a use-after-free in kernel versions before 5.5 due to a race  ...)
	{DLA-2241-1}
	- linux 5.4.8-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.228-1
	NOTE: Fixed by: https://git.kernel.org/linus/a33121e5487b424339636b25c35d3a180eaa5f5e
CVE-2020-10689 (A flaw was found in the Eclipse Che up to version 7.8.x, where it did  ...)
	NOT-FOR-US: Eclipse Che
CVE-2020-10688 (A cross-site scripting (XSS) flaw was found in RESTEasy in versions be ...)
	- resteasy <unfixed> (bug #970328)
	- resteasy3.0 <undetermined>
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1814974
	NOTE: https://github.com/quarkusio/quarkus/issues/7248
	NOTE: https://issues.redhat.com/browse/RESTEASY-2519 (restricted)
	NOTE: https://github.com/resteasy/Resteasy/pull/2320
	NOTE: https://github.com/resteasy/Resteasy/commit/3fe881cf945c06bdb16895fbc73bc620694d2ba7 (4.6.0.Final)
CVE-2020-10687 (A flaw was discovered in all versions of Undertow before Undertow 2.2. ...)
	- undertow 2.2.0-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1785049
	NOTE: https://issues.jboss.org/browse/UNDERTOW-1780
	NOTE: https://github.com/undertow-io/undertow/pull/951
	NOTE: https://github.com/undertow-io/undertow/commit/a18574a4da09449d855c0a7e58dfca3e9e2e488e (2.2.0.Final)
CVE-2020-10686 (A flaw was found in Keycloak version 8.0.2 and 9.0.0, and was fixed in ...)
	NOT-FOR-US: Keycloak
CVE-2020-10685 (A flaw was found in Ansible Engine affecting Ansible Engine versions 2 ...)
	{DSA-4950-1}
	- ansible 2.9.7+dfsg-1
	[jessie] - ansible <not-affected> (Vulnerable code introduced later, all decryption in-memory, no transparent file decryption)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1814627
	NOTE: https://github.com/ansible/ansible/pull/68433
	NOTE: https://github.com/ansible/ansible/commit/6452a82452f3a721233b50f62419598206442fd9
	NOTE: Introduced in https://github.com/ansible/ansible/commit/cdf6e3e4bf44fdab62c2e4ccd3f5fd67ea554548 (2.1)
CVE-2020-10684 (A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9. ...)
	{DSA-4950-1}
	- ansible 2.9.7+dfsg-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1815519
	NOTE: https://github.com/ansible/ansible/pull/68431
	NOTE: https://github.com/ansible/ansible/commit/a9d2ceafe429171c0e2ad007058b88bae57c74ce
CVE-2020-10683 (dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and Ext ...)
	{DLA-2191-1}
	- dom4j 2.1.3-1 (bug #958055)
	[buster] - dom4j <no-dsa> (Minor issue)
	[stretch] - dom4j <no-dsa> (Minor issue)
	NOTE: https://github.com/dom4j/dom4j/commit/1707bf3d898a8ada3b213acb0e3b38f16eaae73d (the fix?)
	NOTE: https://github.com/dom4j/dom4j/commit/a8228522a99a02146106672a34c104adbda5c658 (post-fix refactor?)
CVE-2020-10682 (The Filemanager in CMS Made Simple 2.2.13 allows remote code execution ...)
	NOT-FOR-US: CMS Made Simple
CVE-2020-10681 (The Filemanager in CMS Made Simple 2.2.13 has stored XSS via a .pxd fi ...)
	NOT-FOR-US: CMS Made Simple
CVE-2020-10680
	RESERVED
CVE-2020-10679
	RESERVED
CVE-2020-10678 (In Octopus Deploy before 2020.1.5, for customers running on-premises A ...)
	NOT-FOR-US: Octopus Deploy
CVE-2020-10677
	RESERVED
CVE-2020-10676
	RESERVED
CVE-2020-10675 (The Library API in buger jsonparser through 2019-12-04 allows attacker ...)
	- golang-github-buger-jsonparser 0.0~git20200322.0.f7e751e-1 (bug #954373)
	[buster] - golang-github-buger-jsonparser <no-dsa> (Minor issue)
	NOTE: https://github.com/buger/jsonparser/issues/188
	NOTE: https://github.com/buger/jsonparser/commit/91ac96899e492584984ded0c8f9a08f10b473717
CVE-2020-10673 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
	{DLA-2153-1}
	- jackson-databind 2.11.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u2
	[stretch] - jackson-databind 2.8.6-1+deb9u7
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2660
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
CVE-2020-10672 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
	{DLA-2153-1}
	- jackson-databind 2.11.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u2
	[stretch] - jackson-databind 2.8.6-1+deb9u7
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2659
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
CVE-2020-10671 (The Canon Oce Colorwave 500 4.0.0.0 printer's web application is missi ...)
	NOT-FOR-US: Canon
CVE-2020-10670 (The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 pri ...)
	NOT-FOR-US: Canon
CVE-2020-10669 (The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 pri ...)
	NOT-FOR-US: Canon
CVE-2020-10668 (The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 pri ...)
	NOT-FOR-US: Canon
CVE-2020-10667 (The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 pri ...)
	NOT-FOR-US: Canon
CVE-2020-10666 (The restapps (aka Rest Phone apps) module for Sangoma FreePBX and PBXa ...)
	NOT-FOR-US: FreePBX
CVE-2020-10674 (PerlSpeak through 2.01 allows attackers to execute arbitrary OS comman ...)
	- libperlspeak-perl <removed> (bug #954238)
	[jessie] - libperlspeak-perl <end-of-life> (Not supported in jessie LTS)
	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=132173
CVE-2020-10665 (Docker Desktop allows local privilege escalation to NT AUTHORITY\SYSTE ...)
	NOT-FOR-US: Docker Desktop on Windows
CVE-2020-10664 (The IGMP component in VxWorks 6.8.3 IPNET CVE patches created in 2019  ...)
	NOT-FOR-US: VxWorks
CVE-2020-10663 (The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9 ...)
	{DSA-4721-1 DLA-2192-1 DLA-2190-1}
	- ruby-json 2.3.0+dfsg-1
	[buster] - ruby-json 2.1.0+dfsg-2+deb10u1
	[stretch] - ruby-json 2.0.1+dfsg-3+deb9u1
	- ruby2.7 <not-affected> (Fixed before initial upload to Debian)
	- ruby2.5 <removed>
	- ruby2.3 <removed>
	[stretch] - ruby2.3 2.3.3-1+deb9u8
	- ruby2.1 <removed>
	NOTE: https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/
	NOTE: https://hackerone.com/reports/706934
	NOTE: https://github.com/ruby/ruby/commit/36e9ed7fef6eb2d14becf6c52452e4ab16e4bf01 (2.6.6)
	NOTE: https://github.com/ruby/ruby/commit/b379ecd8b6832dfcd5dad353b6bfd41701e2d678 (2.5.8)
CVE-2020-10662
	RESERVED
CVE-2020-10661 (HashiCorp Vault and Vault Enterprise versions 0.11.0 through 1.3.3 may ...)
	NOT-FOR-US: HashiCorp Vault
CVE-2020-10660 (HashiCorp Vault and Vault Enterprise versions 0.9.0 through 1.3.3 may, ...)
	NOT-FOR-US: HashiCorp Vault
CVE-2020-10659 (Entrust Entelligence Security Provider (ESP) before 10.0.60 on Windows ...)
	NOT-FOR-US: Entrust Entelligence Security Provider (ESP)
CVE-2020-10658 (The Proofpoint Insider Threat Management Server (formerly ObserveIT Se ...)
	NOT-FOR-US: Proofpoint Insider Threat Management Server
CVE-2020-10657 (The Proofpoint Insider Threat Management Server (formerly ObserveIT Se ...)
	NOT-FOR-US: Proofpoint Insider Threat Management Server
CVE-2020-10656 (The Proofpoint Insider Threat Management Server (formerly ObserveIT Se ...)
	NOT-FOR-US: Proofpoint Insider Threat Management Server
CVE-2020-10655 (The Proofpoint Insider Threat Management Server (formerly ObserveIT Se ...)
	NOT-FOR-US: Proofpoint Insider Threat Management Server
CVE-2020-10654 (Ping Identity PingID SSH before 4.0.14 contains a heap buffer overflow ...)
	NOT-FOR-US: Ping Identity PingID
CVE-2020-10653
	RESERVED
CVE-2020-10652
	RESERVED
CVE-2020-10651
	RESERVED
CVE-2020-10650
	RESERVED
CVE-2020-10649 (DevActSvc.exe in ASUS Device Activation before 1.0.7.0 for Windows 10  ...)
	NOT-FOR-US: ASUS Device Activation
CVE-2020-10648 (Das U-Boot through 2020.01 allows attackers to bypass verified boot re ...)
	- u-boot 2020.04+dfsg-1
	[buster] - u-boot <ignored> (Minor issue)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <ignored> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2020/03/18/5
	NOTE: https://labs.f-secure.com/advisories/das-u-boot-verified-boot-bypass/
	NOTE: https://lists.denx.de/pipermail/u-boot/2020-March/403409.html
CVE-2020-10647
	REJECTED
CVE-2020-10646 (Fuji Electric V-Server Lite all versions prior to 4.0.9.0 contains a h ...)
	NOT-FOR-US: Fuji Electric V-Server Lite
CVE-2020-10645
	RESERVED
CVE-2020-10644 (The affected product lacks proper validation of user-supplied data, wh ...)
	NOT-FOR-US: Inductive Automation Ignition
CVE-2020-10643 (An authenticated remote attacker could use specially crafted URLs to s ...)
	NOT-FOR-US: PI Vision
CVE-2020-10642 (In Rockwell Automation RSLinx Classic versions 4.11.00 and prior, an a ...)
	NOT-FOR-US: Rockwell
CVE-2020-10641 (An unprotected logging route may allow an attacker to write endless lo ...)
	NOT-FOR-US: Inductive Automation
CVE-2020-10640
	RESERVED
CVE-2020-10639 (Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and p ...)
	NOT-FOR-US: Eaton HMiSoft VU3
CVE-2020-10638 (Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Mult ...)
	NOT-FOR-US: Advantech WebAccess Node
CVE-2020-10637 (Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and p ...)
	NOT-FOR-US: Eaton HMiSoft VU3
CVE-2020-10636
	RESERVED
CVE-2020-10635
	RESERVED
CVE-2020-10634 (SAE IT-systems FW-50 Remote Telemetry Unit (RTU). A specially crafted  ...)
	NOT-FOR-US: SAE IT-systems FW-50 Remote Telemetry Unit
CVE-2020-10633 (A non-persistent XSS (cross-site scripting) vulnerability exists in eW ...)
	NOT-FOR-US: eWON Flexy and Cosy
CVE-2020-10632
	RESERVED
CVE-2020-10631 (An attacker could use a specially crafted URL to delete or read files  ...)
	NOT-FOR-US: WebAccess/NMS
CVE-2020-10630 (SAE IT-systems FW-50 Remote Telemetry Unit (RTU). The software does no ...)
	NOT-FOR-US: SAE IT-systems FW-50 Remote Telemetry Unit
CVE-2020-10629 (WebAccess/NMS (versions prior to 3.0.2) does not sanitize XML input. S ...)
	NOT-FOR-US: WebAccess/NMS
CVE-2020-10628 (ControlEdge PLC (R130.2, R140, R150, and R151) and RTU (R101, R110, R1 ...)
	NOT-FOR-US: ControlEdge PLC
CVE-2020-10627 (Insulet Omnipod Insulin Management System insulin pump product ID 1919 ...)
	NOT-FOR-US: Insulet Omnipod Insulin Management System
CVE-2020-10626 (In Fazecast jSerialComm, Version 2.2.2 and prior, an uncontrolled sear ...)
	NOT-FOR-US: Fazecast jSerialComm
CVE-2020-10625 (WebAccess/NMS (versions prior to 3.0.2) allows an unauthenticated remo ...)
	NOT-FOR-US: WebAccess/NMS
CVE-2020-10624 (ControlEdge PLC (R130.2, R140, R150, and R151) and RTU (R101, R110, R1 ...)
	NOT-FOR-US: ControlEdge PLC
CVE-2020-10623 (Multiple vulnerabilities could allow an attacker with low privileges t ...)
	NOT-FOR-US: WebAccess/NMS
CVE-2020-10622 (LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vu ...)
	NOT-FOR-US: LCDS LAquis SCADA
CVE-2020-10621 (Multiple issues exist that allow files to be uploaded and executed on  ...)
	NOT-FOR-US: WebAccess/NMS
CVE-2020-10620 (Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC communication d ...)
	NOT-FOR-US: Opto 22 SoftPAC Project
CVE-2020-10619 (An attacker could use a specially crafted URL to delete files outside  ...)
	NOT-FOR-US: WebAccess/NMS
CVE-2020-10618 (LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vu ...)
	NOT-FOR-US: LCDS LAquis SCADA
CVE-2020-10617 (There are multiple ways an unauthenticated attacker could perform SQL  ...)
	NOT-FOR-US: WebAccess/NMS
CVE-2020-10616 (Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC does not specif ...)
	NOT-FOR-US: Opto 22 SoftPAC Project
CVE-2020-10615 (Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41 ...)
	NOT-FOR-US: Triangle MicroWorks SCADA Data Gateway
CVE-2020-10614 (In OSIsoft PI System multiple products and versions, an authenticated  ...)
	NOT-FOR-US: OSIsoft PI System
CVE-2020-10613 (Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41 ...)
	NOT-FOR-US: Triangle MicroWorks SCADA Data Gateway
CVE-2020-10612 (Opto 22 SoftPAC Project Version 9.6 and prior. SoftPACAgent communicat ...)
	NOT-FOR-US: Opto 22 SoftPAC Project
CVE-2020-10611 (Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41 ...)
	NOT-FOR-US: Triangle MicroWorks SCADA Data Gateway
CVE-2020-10610 (In OSIsoft PI System multiple products and versions, a local attacker  ...)
	NOT-FOR-US: OSIsoft PI System
CVE-2020-10609 (Grundfos CIM 500 v06.16.00 stores plaintext credentials, which may all ...)
	NOT-FOR-US: Grundfos
CVE-2020-10608 (In OSIsoft PI System multiple products and versions, a local attacker  ...)
	NOT-FOR-US: OSIsoft PI System
CVE-2020-10607 (In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer ...)
	NOT-FOR-US: Advantech WebAccess
CVE-2020-10606 (In OSIsoft PI System multiple products and versions, a local attacker  ...)
	NOT-FOR-US: OSIsoft PI System
CVE-2020-10605 (Grundfos CIM 500 before v06.16.00 responds to unauthenticated requests ...)
	NOT-FOR-US: Grundfos CIM
CVE-2020-10604 (In OSIsoft PI System multiple products and versions, a remote, unauthe ...)
	NOT-FOR-US: OSIsoft PI System
CVE-2020-10603 (WebAccess/NMS (versions prior to 3.0.2) does not properly sanitize use ...)
	NOT-FOR-US: WebAccess/NMS
CVE-2020-10602 (In OSIsoft PI System multiple products and versions, an authenticated  ...)
	NOT-FOR-US: OSIsoft PI System
CVE-2020-10601 (VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module allow  ...)
	NOT-FOR-US: VISAM VBASE Editor
CVE-2020-10600 (An authenticated remote attacker could crash PI Archive Subsystem when ...)
	NOT-FOR-US: OSIsoft PI System
CVE-2020-10599 (VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may al ...)
	NOT-FOR-US: VISAM VBASE Editor
CVE-2020-10598 (In BD Pyxis MedStation ES System v1.6.1 and Pyxis Anesthesia (PAS) ES  ...)
	NOT-FOR-US: Pyxis
CVE-2020-10597 (Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Mul ...)
	NOT-FOR-US: Insulet
CVE-2020-10596 (OpenCart 3.0.3.2 allows remote authenticated users to conduct XSS atta ...)
	NOT-FOR-US: OpenCart
CVE-2020-10595 (pam-krb5 before 4.9 has a buffer overflow that might cause remote code ...)
	{DSA-4648-1 DLA-2166-1}
	- libpam-krb5 4.9-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/03/31/1
CVE-2020-10594 (An issue was discovered in drf-jwt 1.15.x before 1.15.1. It allows att ...)
	NOT-FOR-US: drf-jwt
CVE-2020-10593 (Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7  ...)
	- tor 0.4.2.7-1
	[buster] - tor <not-affected> (Only affects tor 0.4.0.1-alpha onwards)
	[stretch] - tor <not-affected> (Only affects tor 0.4.0.1-alpha onwards)
	[jessie] - tor <not-affected> (Only affects tor 0.4.0.1-alpha onwards)
	NOTE: https://blog.torproject.org/new-releases-03510-0419-0427
	NOTE: https://bugs.torproject.org/33619
CVE-2020-10592 (Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7  ...)
	{DSA-4644-1}
	- tor 0.4.2.7-1
	[stretch] - tor <end-of-life> (See DSA 4644)
	[jessie] - tor <end-of-life> (Not supported in jessie LTS)
	NOTE: https://blog.torproject.org/new-releases-03510-0419-0427
	NOTE: https://bugs.torproject.org/33120
CVE-2020-10591 (An issue was discovered in Walmart Labs Concord before 1.44.0. CORS Ac ...)
	NOT-FOR-US: Walmart Labs Concord
CVE-2020-10590 (Replicated Classic 2.x versions have an improperly secured API that ex ...)
	NOT-FOR-US: Replicated Classic
CVE-2020-10589 (v2rayL 2.1.3 allows local users to achieve root access because /etc/v2 ...)
	NOT-FOR-US: v2rayL
CVE-2020-10588 (v2rayL 2.1.3 allows local users to achieve root access because /etc/v2 ...)
	NOT-FOR-US: v2rayL
CVE-2020-10587 (antiX and MX Linux allow local users to achieve root access via "persi ...)
	NOT-FOR-US: antiX and MX Linux
CVE-2020-10586
	RESERVED
CVE-2020-10585
	RESERVED
CVE-2020-10584 (A directory traversal on the /admin/search_by.php script of Invigo Aut ...)
	NOT-FOR-US: Invigo Automatic Device Management (ADM)
CVE-2020-10583 (The /admin/admapi.php script of Invigo Automatic Device Management (AD ...)
	NOT-FOR-US: Invigo Automatic Device Management (ADM)
CVE-2020-10582 (A SQL injection on the /admin/display_errors.php script of Invigo Auto ...)
	NOT-FOR-US: Invigo Automatic Device Management (ADM)
CVE-2020-10581 (Multiple session validity check issues in several administration funct ...)
	NOT-FOR-US: Invigo Automatic Device Management (ADM)
CVE-2020-10580 (A command injection on the /admin/broadcast.php script of Invigo Autom ...)
	NOT-FOR-US: Invigo Automatic Device Management (ADM)
CVE-2020-10579 (A directory traversal on the /admin/sysmon.php script of Invigo Automa ...)
	NOT-FOR-US: Invigo Automatic Device Management (ADM)
CVE-2020-10578 (An arbitrary file read vulnerability exists in system/controller/backe ...)
	NOT-FOR-US: QCMS
CVE-2020-10577 (An issue was discovered in Janus through 0.9.1. janus.c has multiple c ...)
	- janus 0.9.2-1 (bug #954668)
	NOTE: https://github.com/meetecho/janus-gateway/pull/1990
CVE-2020-10576 (An issue was discovered in Janus through 0.9.1. plugins/janus_voicemai ...)
	- janus 0.9.1+20200313-1
	NOTE: https://github.com/meetecho/janus-gateway/pull/1993
CVE-2020-10575 (An issue was discovered in Janus through 0.9.1. plugins/janus_videocal ...)
	- janus 0.9.1+20200313-1
	NOTE: https://github.com/meetecho/janus-gateway/pull/1994
CVE-2020-10574 (An issue was discovered in Janus through 0.9.1. janus.c tries to use a ...)
	- janus 0.9.1+20200313-1
	NOTE: https://github.com/meetecho/janus-gateway/pull/1989
CVE-2020-10573 (An issue was discovered in Janus through 0.9.1. janus_audiobridge.c ha ...)
	- janus 0.9.1+20200313-1
	NOTE: https://github.com/meetecho/janus-gateway/pull/1988
CVE-2020-10572
	RESERVED
CVE-2020-10571 (An issue was discovered in psd-tools before 1.9.4. The Cython implemen ...)
	NOT-FOR-US: psd-tools
CVE-2020-10570 (The Telegram application through 5.12 for Android, when Show Popup is  ...)
	NOT-FOR-US: Telegram for Android
CVE-2020-10569 (** DISPUTED ** SysAid On-Premise 20.1.11, by default, allows the AJP p ...)
	NOT-FOR-US: SysAid On-Premise
CVE-2020-10568 (The sitepress-multilingual-cms (WPML) plugin before 4.3.7-b.2 for Word ...)
	NOT-FOR-US: sitepress-multilingual-cms (WPML) plugin for WordPress
CVE-2020-10567 (An issue was discovered in Responsive Filemanager through 9.14.0. In t ...)
	NOT-FOR-US: Responsive Filemanager
CVE-2020-10566 (grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-1 ...)
	NOT-FOR-US: FreeBSD
CVE-2020-10565 (grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-1 ...)
	NOT-FOR-US: FreeBSD
CVE-2020-10564 (An issue was discovered in the File Upload plugin before 4.13.0 for Wo ...)
	NOT-FOR-US: File Upload plugin for WordPress
CVE-2020-10563 (An issue was discovered in DEVOME GRR before 3.4.1c. frmcontactlist.ph ...)
	NOT-FOR-US: DEVOME GRR
CVE-2020-10562 (An issue was discovered in DEVOME GRR before 3.4.1c. admin_edit_room.p ...)
	NOT-FOR-US: DEVOME GRR
CVE-2020-10561 (An issue was discovered on Xiaomi Mi Jia ink-jet printer &lt; 3.4.6_01 ...)
	NOT-FOR-US: Xiaomi
CVE-2020-10560 (An issue was discovered in Open Source Social Network (OSSN) through 5 ...)
	NOT-FOR-US: Open Source Social Network (OSSN)
CVE-2020-10559
	RESERVED
CVE-2020-10558 (The driving interface of Tesla Model 3 vehicles in any release before  ...)
	NOT-FOR-US: driving interface of Tesla Model 3 vehicles
CVE-2020-10557 (An issue was discovered in AContent through 1.4. It allows the user to ...)
	NOT-FOR-US: AContent
CVE-2020-10556
	RESERVED
CVE-2020-10555
	RESERVED
CVE-2020-10554 (An issue was discovered in Psyprax beforee 3.2.2. Passwords used to en ...)
	NOT-FOR-US: Psyprax
CVE-2020-10553 (An issue was discovered in Psyprax before 3.2.2. The file %PROGRAMDATA ...)
	NOT-FOR-US: Psyprax
CVE-2020-10552 (An issue was discovered in Psyprax before 3.2.2. The Firebird database ...)
	NOT-FOR-US: Psyprax
CVE-2020-10551 (QQBrowser before 10.5.3870.400 installs a Windows service TsService.ex ...)
	NOT-FOR-US: QQBrowser
CVE-2020-10550
	RESERVED
CVE-2020-10549 (rConfig 3.9.4 and previous versions has unauthenticated snippets.inc.p ...)
	NOT-FOR-US: rConfig
CVE-2020-10548 (rConfig 3.9.4 and previous versions has unauthenticated devices.inc.ph ...)
	NOT-FOR-US: rConfig
CVE-2020-10547 (rConfig 3.9.4 and previous versions has unauthenticated compliancepoli ...)
	NOT-FOR-US: rConfig
CVE-2020-10546 (rConfig 3.9.4 and previous versions has unauthenticated compliancepoli ...)
	NOT-FOR-US: rConfig
CVE-2020-10545
	RESERVED
CVE-2020-10544 (An XSS issue was discovered in tooltip/tooltip.js in PrimeTek PrimeFac ...)
	NOT-FOR-US: PrimeTek PrimeFaces
CVE-2020-10543 (Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer over ...)
	- perl 5.30.3-1 (bug #962005)
	[buster] - perl 5.28.1-6+deb10u1
	[stretch] - perl 5.24.1-3+deb9u7
	NOTE: https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03ed (v5.30.3)
CVE-2020-10542
	RESERVED
CVE-2020-10541 (Zoho ManageEngine OpManager before 12.4.179 allows remote code executi ...)
	NOT-FOR-US: Zoho ManageEngine OpManager
CVE-2020-10540 (Untis WebUntis before 2020.9.6 allows CSRF for certain combinations of ...)
	NOT-FOR-US: Untis WebUntis
CVE-2020-10539 (An issue was discovered in Epikur before 20.1.1. The Epikur server con ...)
	NOT-FOR-US: Epikur
CVE-2020-10538 (An issue was discovered in Epikur before 20.1.1. It stores the secret  ...)
	NOT-FOR-US: Epikur
CVE-2020-10537 (An issue was discovered in Epikur before 20.1.1. A Glassfish 4.1 serve ...)
	NOT-FOR-US: Epikur
CVE-2020-10536
	RESERVED
CVE-2020-10534 (In the GlobalBlocking extension before 2020-03-10 for MediaWiki throug ...)
	NOT-FOR-US: MediaWiki extension
CVE-2020-10535 (GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows remote at ...)
	- gitlab <not-affected> (Only affects Gitlab 12.8.x)
	NOTE: https://about.gitlab.com/releases/2020/03/11/critical-security-release-gitlab-12-dot-8-dot-6-released/
CVE-2020-10533
	RESERVED
CVE-2020-10532 (The AD Helper component in WatchGuard Fireware before 5.8.5.10317 allo ...)
	NOT-FOR-US: AD Helper component in WatchGuard Fireware
CVE-2020-10531 (An issue was discovered in International Components for Unicode (ICU)  ...)
	{DSA-4646-1 DLA-2151-1}
	[experimental] - icu 66.1-2
	- icu 63.2-3 (bug #953747)
	NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=1044570 (not public)
	NOTE: Upstream ICU bug: https://unicode-org.atlassian.net/browse/ICU-20958 (private)
	NOTE: Fixed by: https://github.com/unicode-org/icu/commit/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca
	NOTE: https://github.com/unicode-org/icu/pull/971
CVE-2020-10530
	RESERVED
CVE-2020-10529
	RESERVED
CVE-2020-10528
	RESERVED
CVE-2020-10527
	RESERVED
CVE-2020-10526
	RESERVED
CVE-2020-10525
	RESERVED
CVE-2020-10524
	RESERVED
CVE-2020-10523
	RESERVED
CVE-2020-10522
	RESERVED
CVE-2020-10521
	RESERVED
CVE-2020-10520
	RESERVED
CVE-2020-10519 (A remote code execution vulnerability was identified in GitHub Enterpr ...)
	NOT-FOR-US: GitHub Enterprise Server
CVE-2020-10518 (A remote code execution vulnerability was identified in GitHub Enterpr ...)
	NOT-FOR-US: GitHub Enterprise Server
CVE-2020-10517 (An improper access control vulnerability was identified in GitHub Ente ...)
	NOT-FOR-US: GitHub Enterprise Server
CVE-2020-10516 (An improper access control vulnerability was identified in the GitHub  ...)
	NOT-FOR-US: GitHub Enterprise Server API
CVE-2020-10515 (STARFACE UCC Client before 6.7.1.204 on WIndows allows binary planting ...)
	NOT-FOR-US: STARFACE UCC Client
CVE-2020-10514 (iCatch DVR firmware before 20200103 do not validate function parameter ...)
	NOT-FOR-US: iCatch DVR
CVE-2020-10513 (The file management interface of iCatch DVR firmware before 20200103 c ...)
	NOT-FOR-US: iCatch DVR
CVE-2020-10512 (HGiga C&amp;Cmail CCMAILQ before olln-calendar-6.0-100.i386.rpm and CC ...)
	NOT-FOR-US: HGiga C&Cmail
CVE-2020-10511 (HGiga C&amp;Cmail CCMAILQ before olln-base-6.0-418.i386.rpm and CCMAIL ...)
	NOT-FOR-US: HGiga C&Cmail
CVE-2020-10510 (Sunnet eHRD, a human training and development management system, conta ...)
	NOT-FOR-US: Sunnet eHRD
CVE-2020-10509 (Sunnet eHRD, a human training and development management system, conta ...)
	NOT-FOR-US: Sunnet eHRD
CVE-2020-10508 (Sunnet eHRD, a human training and development management system, impro ...)
	NOT-FOR-US: Sunnet eHRD
CVE-2020-10507 (The School Manage System before 2020, developed by ALLE INFORMATION CO ...)
	NOT-FOR-US: The School Manage System
CVE-2020-10506 (The School Manage System before 2020, developed by ALLE INFORMATION CO ...)
	NOT-FOR-US: The School Manage System
CVE-2020-10505 (The School Manage System before 2020, developed by ALLE INFORMATION CO ...)
	NOT-FOR-US: The School Manage System
CVE-2020-10504 (CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Languag ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10503 (CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Langu ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10502 (CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Langu ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10501 (CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-La ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10500 (CSRF in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10499 (CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Langua ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10498 (CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Languag ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10497 (CSRF in admin/manage-categories.php in Chadha PHPKB Standard Multi-Lan ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10496 (CSRF in admin/edit-article.php in Chadha PHPKB Standard Multi-Language ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10495 (CSRF in admin/edit-template.php in Chadha PHPKB Standard Multi-Languag ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10494 (CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10493 (CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Languag ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10492 (CSRF in admin/manage-templates.php in Chadha PHPKB Standard Multi-Lang ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10491 (CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-La ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10490 (CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-La ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10489 (CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Langua ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10488 (CSRF in admin/manage-news.php in Chadha PHPKB Standard Multi-Language  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10487 (CSRF in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Langu ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10486 (CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Langu ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10485 (CSRF in admin/manage-articles.php in Chadha PHPKB Standard Multi-Langu ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10484 (CSRF in admin/add-field.php in Chadha PHPKB Standard Multi-Language 9  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10483 (CSRF in admin/ajax-hub.php in Chadha PHPKB Standard Multi-Language 9 a ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10482 (CSRF in admin/add-template.php in Chadha PHPKB Standard Multi-Language ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10481 (CSRF in admin/add-glossary.php in Chadha PHPKB Standard Multi-Language ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10480 (CSRF in admin/add-category.php in Chadha PHPKB Standard Multi-Language ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10479 (CSRF in admin/add-news.php in Chadha PHPKB Standard Multi-Language 9 a ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10478 (CSRF in admin/manage-settings.php in Chadha PHPKB Standard Multi-Langu ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10477 (Reflected XSS in admin/manage-news.php in Chadha PHPKB Standard Multi- ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10476 (Reflected XSS in admin/manage-glossary.php in Chadha PHPKB Standard Mu ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10475 (Reflected XSS in admin/manage-tickets.php in Chadha PHPKB Standard Mul ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10474 (Reflected XSS in admin/manage-comments.php in Chadha PHPKB Standard Mu ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10473 (Reflected XSS in admin/manage-categories.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10472 (Reflected XSS in admin/manage-templates.php in Chadha PHPKB Standard M ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10471 (Reflected XSS in admin/manage-articles.php in Chadha PHPKB Standard Mu ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10470 (Reflected XSS in admin/manage-fields.php in Chadha PHPKB Standard Mult ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10469 (Reflected XSS in admin/manage-departments.php in Chadha PHPKB Standard ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10468 (Reflected XSS in admin/edit-news.php in Chadha PHPKB Standard Multi-La ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10467 (Reflected XSS in admin/edit-comment.php in Chadha PHPKB Standard Multi ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10466 (Reflected XSS in admin/edit-glossary.php in Chadha PHPKB Standard Mult ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10465 (Reflected XSS in admin/edit-category.php in Chadha PHPKB Standard Mult ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10464 (Reflected XSS in admin/edit-article.php in Chadha PHPKB Standard Multi ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10463 (Reflected XSS in admin/edit-template.php in Chadha PHPKB Standard Mult ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10462 (Reflected XSS in admin/edit-field.php in Chadha PHPKB Standard Multi-L ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10461 (The way comments in article.php (vulnerable function in include/functi ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10460 (admin/include/operations.php (via admin/email-harvester.php) in Chadha ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10459 (Path Traversal in admin/assetmanager/assetmanager.php (vulnerable func ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10458 (Path Traversal in admin/imagepaster/operations.php in Chadha PHPKB Sta ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10457 (Path Traversal in admin/imagepaster/image-renaming.php in Chadha PHPKB ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10456 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10455 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10454 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10453 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10452 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10451 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10450 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10449 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10448 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10447 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10446 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10445 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10444 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10443 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10442 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10441 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10440 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10439 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10438 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10437 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10436 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10435 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10434 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10433 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10432 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10431 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10430 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10429 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10428 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10427 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10426 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10425 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10424 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10423 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10422 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10421 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10420 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10419 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10418 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10417 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10416 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10415 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10414 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10413 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10412 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10411 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10410 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10409 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10408 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10407 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10406 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10405 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10404 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10403 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10402 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10401 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10400 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10399 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10398 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10397 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10396 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10395 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10394 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10393 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10392 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10391 (The way URIs are handled in admin/header.php in Chadha PHPKB Standard  ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10390 (OS Command Injection in export.php (vulnerable function called from in ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10389 (admin/save-settings.php in Chadha PHPKB Standard Multi-Language 9 allo ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10388 (The way the Referer header in article.php is handled in Chadha PHPKB S ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10387 (Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-La ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10386 (admin/imagepaster/image-upload.php in Chadha PHPKB Standard Multi-Lang ...)
	NOT-FOR-US: Chadha PHPKB
CVE-2020-10385 (A stored cross-site scripting (XSS) vulnerability exists in the WPForm ...)
	NOT-FOR-US: WPForms Contact Form plugin for WordPress
CVE-2020-10384 (An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCON ...)
	NOT-FOR-US: MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software
CVE-2020-10383 (An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCON ...)
	NOT-FOR-US: MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software
CVE-2020-10382 (An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCON ...)
	NOT-FOR-US: MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software
CVE-2020-10381 (An issue was discovered in the MB CONNECT LINE mymbCONNECT24 and mbCON ...)
	NOT-FOR-US: MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 software
CVE-2020-10380 (RMySQL through 0.10.19 allows SQL Injection. ...)
	- rmysql 0.10.20-1
	[buster] - rmysql <no-dsa> (Minor issue)
	[jessie] - rmysql <no-dsa> (Minor issue)
	NOTE: Fixed by: https://github.com/r-dbi/RMySQL/commit/c2467c466684b4733a7b0df4689987e1f9dcfc32
	NOTE: Test: https://github.com/r-dbi/RMySQL/commit/6137ce887c1e36b278f11656a9a9fc1cae6a5f40
CVE-2020-10379 (In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/T ...)
	- pillow 7.2.0-1
	[buster] - pillow <not-affected> (Support for old-JPEG compressed TIFFs introduced in 6.0.0)
	[stretch] - pillow <not-affected> (Support for old-JPEG compressed TIFFs introduced in 6.0.0)
	[jessie] - pillow <not-affected> (Support for old-JPEG compressed TIFFs introduced in 6.0.0)
	NOTE: https://github.com/python-pillow/Pillow/pull/4538
	NOTE: https://github.com/python-pillow/Pillow/pull/4507
	NOTE: Fixed in 6.2.3 and 7.1.0
CVE-2020-10378 (In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds rea ...)
	- pillow 7.2.0-1
	[buster] - pillow 5.4.1-2+deb10u2
	[stretch] - pillow <not-affected> (Vulnerable code not present)
	[jessie] - pillow <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/python-pillow/Pillow/pull/4538
	NOTE: https://github.com/python-pillow/Pillow/pull/4506
	NOTE: https://github.com/python-pillow/Pillow/commit/124f4bb591e16212605d0e41c413ed53e242cba2 (Test)
	NOTE: Fixed by: https://github.com/python-pillow/Pillow/commit/6a83e4324738bb0452fbe8074a995b1c73f08de7
	NOTE: https://github.com/python-pillow/Pillow/commit/ada137eba5b605fd5aeff619c33bbf0e53af26ee (Test)
	NOTE: Fixed in 6.2.3 and 7.1.0
CVE-2020-10377 (A weak encryption vulnerability in Mitel MiVoice Connect Client before ...)
	NOT-FOR-US: Mitel
CVE-2020-10376 (Technicolor TC7337NET 08.89.17.23.03 devices allow remote attackers to ...)
	NOT-FOR-US: Technicolor
CVE-2020-10375 (An issue was discovered in New Media Smarty before 9.10. Passwords are ...)
	NOT-FOR-US: New Media Smarty
CVE-2020-10374 (A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG ...)
	NOT-FOR-US: PRTG Network Monitor
CVE-2020-10373
	RESERVED
CVE-2020-10372 (Ramp AltitudeCDN Altimeter before 2.4.0 allows authenticated Stored XS ...)
	NOT-FOR-US: Ramp AltitudeCDN Altimeter
CVE-2020-10371
	RESERVED
CVE-2020-10370
	RESERVED
CVE-2020-10369
	RESERVED
CVE-2020-10368
	RESERVED
CVE-2020-10367
	RESERVED
CVE-2020-10366 (LogicalDoc before 8.3.3 allows /servlet.gupld Directory Traversal, a d ...)
	NOT-FOR-US: LogicalDoc
CVE-2020-10365 (LogicalDoc before 8.3.3 allows SQL Injection. LogicalDoc populates the ...)
	NOT-FOR-US: LogicalDoc
CVE-2020-10364 (The SSH daemon on MikroTik routers through v6.44.3 could allow remote  ...)
	NOT-FOR-US: SSH daemon on MikroTik routers
CVE-2020-10363
	RESERVED
CVE-2020-10362
	RESERVED
CVE-2020-10361
	RESERVED
CVE-2020-10360
	RESERVED
CVE-2020-10359
	RESERVED
CVE-2020-10358
	RESERVED
CVE-2020-10357
	RESERVED
CVE-2020-10356
	RESERVED
CVE-2020-10355
	RESERVED
CVE-2020-10354
	RESERVED
CVE-2020-10353
	RESERVED
CVE-2020-10352
	RESERVED
CVE-2020-10351
	RESERVED
CVE-2020-10350
	RESERVED
CVE-2020-10349
	RESERVED
CVE-2020-10348
	RESERVED
CVE-2020-10347
	RESERVED
CVE-2020-10346
	RESERVED
CVE-2020-10345
	RESERVED
CVE-2020-10344
	RESERVED
CVE-2020-10343
	RESERVED
CVE-2020-10342
	RESERVED
CVE-2020-10341
	RESERVED
CVE-2020-10340
	RESERVED
CVE-2020-10339
	RESERVED
CVE-2020-10338
	RESERVED
CVE-2020-10337
	RESERVED
CVE-2020-10336
	RESERVED
CVE-2020-10335
	RESERVED
CVE-2020-10334
	RESERVED
CVE-2020-10333
	RESERVED
CVE-2020-10332
	RESERVED
CVE-2020-10331
	RESERVED
CVE-2020-10330
	RESERVED
CVE-2020-10329
	RESERVED
CVE-2020-10328
	RESERVED
CVE-2020-10327
	RESERVED
CVE-2020-10326
	RESERVED
CVE-2020-10325
	RESERVED
CVE-2020-10324
	RESERVED
CVE-2020-10323
	RESERVED
CVE-2020-10322
	RESERVED
CVE-2020-10321
	RESERVED
CVE-2020-10320
	RESERVED
CVE-2020-10319
	RESERVED
CVE-2020-10318
	RESERVED
CVE-2020-10317
	RESERVED
CVE-2020-10316
	RESERVED
CVE-2020-10315
	RESERVED
CVE-2020-10314
	RESERVED
CVE-2020-10313
	RESERVED
CVE-2020-10312
	RESERVED
CVE-2020-10311
	RESERVED
CVE-2020-10310
	RESERVED
CVE-2020-10309
	RESERVED
CVE-2020-10308
	RESERVED
CVE-2020-10307
	RESERVED
CVE-2020-10306
	RESERVED
CVE-2020-10305
	RESERVED
CVE-2020-10304
	RESERVED
CVE-2020-10303
	RESERVED
CVE-2020-10302
	RESERVED
CVE-2020-10301
	RESERVED
CVE-2020-10300
	RESERVED
CVE-2020-10299
	RESERVED
CVE-2020-10298
	RESERVED
CVE-2020-10297
	RESERVED
CVE-2020-10296
	RESERVED
CVE-2020-10295
	RESERVED
CVE-2020-10294
	RESERVED
CVE-2020-10293
	RESERVED
CVE-2020-10292 (Visual Components (owned by KUKA) is a robotic simulator that allows s ...)
	NOT-FOR-US: Visual Components
CVE-2020-10291 (Visual Components (owned by KUKA) is a robotic simulator that allows s ...)
	NOT-FOR-US: Visual Components
CVE-2020-10290 (Universal Robots controller execute URCaps (zip files containing Java- ...)
	NOT-FOR-US: Universal Robots controller
CVE-2020-10289 (Use of unsafe yaml load. Allows instantiation of arbitrary objects. Th ...)
	{DLA-2357-1}
	- ros-actionlib 1.13.1-4 (bug #968830)
	[buster] - ros-actionlib 1.11.15-1+deb10u1
	NOTE: https://github.com/ros/actionlib/pull/171
CVE-2020-10288 (IRC5 exposes an ftp server (port 21). Upon attempting to gain access y ...)
	NOT-FOR-US: ABB IRC5
CVE-2020-10287 (The IRC5 family with UAS service enabled comes by default with credent ...)
	NOT-FOR-US: ABB IRC5
CVE-2020-10286 (the main user account has restricted privileges but is in the sudoers  ...)
	NOT-FOR-US: xArm
CVE-2020-10285 (The authentication implementation on the xArm controller has very low  ...)
	NOT-FOR-US: xArm
CVE-2020-10284 (No authentication is required to control the robot inside the network, ...)
	NOT-FOR-US: xArm
CVE-2020-10283 (The Micro Air Vehicle Link (MAVLink) protocol presents authentication  ...)
	NOT-FOR-US: Micro Air Vehicle Link (MAVLink) protocol
CVE-2020-10282 (The Micro Air Vehicle Link (MAVLink) protocol presents no authenticati ...)
	NOT-FOR-US: Micro Air Vehicle Link (MAVLink) protocol
CVE-2020-10281 (This vulnerability applies to the Micro Air Vehicle Link (MAVLink) pro ...)
	NOT-FOR-US: Micro Air Vehicle Link (MAVLink) protocol
CVE-2020-10280 (The Apache server on port 80 that host the web interface is vulnerable ...)
	NOT-FOR-US: MiR
CVE-2020-10279 (MiR robot controllers (central computation unit) makes use of Ubuntu 1 ...)
	NOT-FOR-US: MiR
CVE-2020-10278 (The BIOS onboard MiR's Computer is not protected by password, therefor ...)
	NOT-FOR-US: MiR
CVE-2020-10277 (There is no mechanism in place to prevent a bad operator to boot from  ...)
	NOT-FOR-US: MiR
CVE-2020-10276 (The password for the safety PLC is the default and thus easy to find ( ...)
	NOT-FOR-US: Safety PLC
CVE-2020-10275 (The access tokens for the REST API are directly derived from the publi ...)
	NOT-FOR-US: MiR
CVE-2020-10274 (The access tokens for the REST API are directly derived (sha256 and ba ...)
	NOT-FOR-US: MiR
CVE-2020-10273 (MiR controllers across firmware versions 2.8.1.1 and before do not enc ...)
	NOT-FOR-US: MiR
CVE-2020-10272 (MiR100, MiR200 and other MiR robots use the Robot Operating System (RO ...)
	NOT-FOR-US: MiR
CVE-2020-10271 (MiR100, MiR200 and other MiR robots use the Robot Operating System (RO ...)
	NOT-FOR-US: MiR
CVE-2020-10270 (Out of the wired and wireless interfaces within MiR100, MiR200 and oth ...)
	NOT-FOR-US: MiR
CVE-2020-10269 (One of the wireless interfaces within MiR100, MiR200 and possibly (acc ...)
	NOT-FOR-US: MiR
CVE-2020-10268 (Critical services for operation can be terminated from windows task ma ...)
	NOT-FOR-US: Kuka
CVE-2020-10267 (Universal Robots control box CB 3.1 across firmware versions (tested o ...)
	NOT-FOR-US: Universal Robots control box CB
CVE-2020-10266 (UR+ (Universal Robots+) is a platform of hardware and software compone ...)
	NOT-FOR-US: Universal Robots+
CVE-2020-10265 (Universal Robots Robot Controllers Version CB2 SW Version 1.4 upwards, ...)
	NOT-FOR-US: Universal Robots+
CVE-2020-10264 (CB3 SW Version 3.3 and upwards, e-series SW Version 5.0 and upwards al ...)
	NOT-FOR-US: CB3 SW
CVE-2020-10263 (An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.52.4. Atta ...)
	NOT-FOR-US: XIAOMI
CVE-2020-10262 (An issue was discovered on XIAOMI XIAOAI speaker Pro LX06 1.58.10. Att ...)
	NOT-FOR-US: XIAOMI
CVE-2020-10261
	RESERVED
CVE-2020-10260
	RESERVED
CVE-2020-10259
	RESERVED
CVE-2020-10258
	RESERVED
CVE-2020-10257 (The ThemeREX Addons plugin before 2020-03-09 for WordPress lacks acces ...)
	NOT-FOR-US: ThemeREX Addons plugin for WordPress
CVE-2020-10256 (An issue was discovered in beta versions of the 1Password command-line ...)
	NOT-FOR-US: 1Password
CVE-2020-10255 (Modern DRAM chips (DDR4 and LPDDR4 after 2015) are affected by a vulne ...)
	NOT-FOR-US: Hardware vulnerabliity in DDR4 DRAM chips
CVE-2020-10254 (An issue was discovered in ownCloud before 10.4. An attacker can bypas ...)
	- owncloud <removed>
CVE-2020-10253
	RESERVED
CVE-2020-10252 (An issue was discovered in ownCloud before 10.4. Because of an SSRF is ...)
	- owncloud <removed>
CVE-2020-10251 (In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists withi ...)
	- imagemagick 8:6.9.11.24+dfsg-1 (low; bug #953741)
	[buster] - imagemagick <ignored> (Minor issue)
	[stretch] - imagemagick <not-affected> (Vulnerable code introduced later with HEIC image format support)
	[jessie] - imagemagick <not-affected> (Vulnerable code introduced later with HEIC image format support)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1859
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/868aad754ee599eb7153b84d610f2ecdf7b339f6
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/3456724dff047db5adb32f8cf70c903c1b7d16d4
CVE-2020-10250 (BWA DiREX-Pro 1.2181 devices allow remote attackers to execute arbitra ...)
	NOT-FOR-US: BWA DiREX-Pro devices
CVE-2020-10249 (BWA DiREX-Pro 1.2181 devices allow full path disclosure via an invalid ...)
	NOT-FOR-US: BWA DiREX-Pro devices
CVE-2020-10248 (BWA DiREX-Pro 1.2181 devices allow remote attackers to discover passwo ...)
	NOT-FOR-US: BWA DiREX-Pro devices
CVE-2020-10247 (MISP 2.4.122 has Persistent XSS in the sighting popover tool. This is  ...)
	NOT-FOR-US: MISP
CVE-2020-10246 (MISP 2.4.122 has reflected XSS via unsanitized URL parameters. This is ...)
	NOT-FOR-US: MISP
CVE-2020-10245 (CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control run ...)
	NOT-FOR-US: CODESYS
CVE-2020-10244 (JPaseto before 0.3.0 generates weak hashes when using v2.local tokens. ...)
	NOT-FOR-US: JPaseto
CVE-2020-10243 (An issue was discovered in Joomla! before 3.9.16. The lack of type cas ...)
	NOT-FOR-US: Joomla!
CVE-2020-10242 (An issue was discovered in Joomla! before 3.9.16. Inadequate handling  ...)
	NOT-FOR-US: Joomla!
CVE-2020-10241 (An issue was discovered in Joomla! before 3.9.16. Missing token checks ...)
	NOT-FOR-US: Joomla!
CVE-2020-10240 (An issue was discovered in Joomla! before 3.9.16. Missing length check ...)
	NOT-FOR-US: Joomla!
CVE-2020-10239 (An issue was discovered in Joomla! before 3.9.16. Incorrect Access Con ...)
	NOT-FOR-US: Joomla!
CVE-2020-10238 (An issue was discovered in Joomla! before 3.9.16. Various actions in c ...)
	NOT-FOR-US: Joomla!
CVE-2020-10237 (An issue was discovered in Froxlor through 0.10.15. The installer wrot ...)
	NOT-FOR-US: Froxlor
CVE-2020-10236 (An issue was discovered in Froxlor before 0.10.14. It created files wi ...)
	NOT-FOR-US: Froxlor
CVE-2020-10235 (An issue was discovered in Froxlor before 0.10.14. Remote attackers wi ...)
	NOT-FOR-US: Froxlor
CVE-2020-10234 (The AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 1 ...)
	NOT-FOR-US: IObit Advanced SystemCare
CVE-2020-10233 (In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a heap- ...)
	- sleuthkit <unfixed> (unimportant)
	NOTE: https://github.com/sleuthkit/sleuthkit/issues/1829
	NOTE: Crash in CLI tool, no security impact
CVE-2020-10232 (In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a stack ...)
	{DLA-2137-1}
	- sleuthkit 4.9.0+dfsg-2 (low; bug #953976)
	[buster] - sleuthkit 4.6.5-1+deb10u1
	[stretch] - sleuthkit <no-dsa> (Minor issue)
	NOTE: https://github.com/sleuthkit/sleuthkit/issues/1836
	NOTE: https://github.com/sleuthkit/sleuthkit/commit/459ae818fc8dae717549810150de4d191ce158f1
CVE-2020-10231 (TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_17 ...)
	NOT-FOR-US: TP-Link
CVE-2020-10230 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel (for CentOS 6 and 7) al ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2020-10229 (A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unw ...)
	NOT-FOR-US: vtecrm vtenext
CVE-2020-10228 (A file upload vulnerability in vtecrm vtenext 19 CE allows authenticat ...)
	NOT-FOR-US: vtecrm vtenext
CVE-2020-10227 (A cross-site scripting (XSS) vulnerability in the messages module of v ...)
	NOT-FOR-US: vtecrm vtenext
CVE-2020-10226
	RESERVED
CVE-2020-10225 (An unauthenticated file upload vulnerability has been identified in ad ...)
	NOT-FOR-US: PHPGurukul Job Portal
CVE-2020-10224 (An unauthenticated file upload vulnerability has been identified in ad ...)
	NOT-FOR-US: PHPGurukul Online Book Store
CVE-2020-10223 (npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to JBIG2Decode  ...)
	NOT-FOR-US: npdf.dll in Nitro Pro
CVE-2020-10222 (npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to Heap Corrupt ...)
	NOT-FOR-US: npdf.dll in Nitro Pro
CVE-2020-10221 (lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows re ...)
	NOT-FOR-US: rConfig
CVE-2020-10220 (An issue was discovered in rConfig through 3.9.4. The web interface is ...)
	NOT-FOR-US: rConfig
CVE-2020-10219
	RESERVED
CVE-2020-10218 (A Blind SQL Injection issue was discovered in Sapplica Sentrifugo 3.2  ...)
	NOT-FOR-US: Sapplica Sentrifugo
CVE-2020-10217
	RESERVED
CVE-2020-10216 (An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They all ...)
	NOT-FOR-US: D-Link
CVE-2020-10215 (An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They all ...)
	NOT-FOR-US: D-Link
CVE-2020-10214 (An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is ...)
	NOT-FOR-US: D-Link
CVE-2020-10213 (An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They all ...)
	NOT-FOR-US: D-Link
CVE-2020-10212 (upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via ...)
	NOT-FOR-US: Responsive FileManager
CVE-2020-10211 (A remote code execution vulnerability in UCB component of Mitel MiVoic ...)
	NOT-FOR-US: Mitel
CVE-2020-10210 (Because of hard-coded SSH keys for the root user in Amino Communicatio ...)
	NOT-FOR-US: Amino Communications
CVE-2020-10209 (Command Injection in the CPE WAN Management Protocol (CWMP) registrati ...)
	NOT-FOR-US: Amino Communications
CVE-2020-10208 (Command Injection in EntoneWebEngine in Amino Communications AK45x ser ...)
	NOT-FOR-US: Amino Communications
CVE-2020-10207 (Use of Hard-coded Credentials in EntoneWebEngine in Amino Communicatio ...)
	NOT-FOR-US: Amino Communications
CVE-2020-10206 (Use of a Hard-coded Password in VNCserver in Amino Communications AK45 ...)
	NOT-FOR-US: Amino Communications
CVE-2020-10205
	RESERVED
CVE-2020-10204 (Sonatype Nexus Repository before 3.21.2 allows Remote Code Execution. ...)
	NOT-FOR-US: Sonatype Nexus Repository
CVE-2020-10203 (Sonatype Nexus Repository before 3.21.2 allows XSS. ...)
	NOT-FOR-US: Sonatype Nexus Repository
CVE-2020-10202
	RESERVED
CVE-2020-10201
	RESERVED
CVE-2020-10200
	RESERVED
CVE-2020-10199 (Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue ...)
	NOT-FOR-US: Sonatype Nexus Repository
CVE-2020-10198
	RESERVED
CVE-2020-10197
	RESERVED
CVE-2020-10196 (An XSS vulnerability in the popup-builder plugin before 3.64.1 for Wor ...)
	NOT-FOR-US: popup-builder plugin for WordPress
CVE-2020-10195 (The popup-builder plugin before 3.64.1 for WordPress allows informatio ...)
	NOT-FOR-US: popup-builder plugin for WordPress
CVE-2020-10194 (cs/service/account/AutoCompleteGal.java in Zimbra zm-mailbox before 8. ...)
	NOT-FOR-US: Zimbra
CVE-2020-10193 (ESET Archive Support Module before 1294 allows virus-detection bypass  ...)
	NOT-FOR-US: ESET Archive Support Module
CVE-2020-10192 (An issue was discovered in Munkireport before 5.3.0.3923. An unauthent ...)
	NOT-FOR-US: Munkireport
CVE-2020-10191 (An issue was discovered in MunkiReport before 5.3.0. An authenticated  ...)
	NOT-FOR-US: Munkireport
CVE-2020-10190 (An issue was discovered in MunkiReport before 5.3.0. An authenticated  ...)
	NOT-FOR-US: Munkireport
CVE-2020-10189 (Zoho ManageEngine Desktop Central before 10.0.474 allows remote code e ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2020-10188 (utility.c in telnetd in netkit telnet through 0.17 allows remote attac ...)
	{DLA-2341-1 DLA-2176-1}
	- inetutils 2:1.9.4-12 (bug #956084)
	[buster] - inetutils 2:1.9.4-7+deb10u1
	- netkit-telnet 0.17-18woody2 (bug #953477)
	- netkit-telnet-ssl 0.17.17+0.1-2woody3 (bug #953478)
	NOTE: https://appgateresearch.blogspot.com/2020/02/bravestarr-fedora-31-netkit-telnetd_28.html
	NOTE: https://github.com/marado/netkit-telnet-ssl/issues/5
	NOTE: https://lists.gnu.org/archive/html/bug-inetutils/2020-04/msg00010.html
	NOTE: Patch in Fedora: https://src.fedoraproject.org/rpms/telnet/raw/master/f/telnet-0.17-overflow-exploit.patch
CVE-2020-10187 (Doorkeeper version 5.0.0 and later contains an information disclosure  ...)
	- ruby-doorkeeper 5.0.3-1 (bug #959903)
	[buster] - ruby-doorkeeper <not-affected> (Vulnerable code not present)
	[stretch] - ruby-doorkeeper <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/doorkeeper-gem/doorkeeper/commit/25d038022c2fcad45af5b73f9d003cf38ff491f6
	NOTE: https://github.com/doorkeeper-gem/doorkeeper/security/advisories/GHSA-j7vx-8mqj-cqp9
	NOTE: Introduced in https://github.com/doorkeeper-gem/doorkeeper/commit/4acc923dc77fa00928268136f54136d5a6a865dc (v5.0.0.rc1)
CVE-2020-10186
	RESERVED
CVE-2020-10185 (The sync endpoint in YubiKey Validation Server before 2.40 allows remo ...)
	{DLA-2141-1}
	- yubikey-val <removed>
	[buster] - yubikey-val <no-dsa> (Minor issue)
	[stretch] - yubikey-val <no-dsa> (Minor issue)
	NOTE: https://www.yubico.com/support/security-advisories/ysa-2020-01/
	NOTE: https://github.com/Yubico/yubikey-val/commit/d0e4db3245deb5ce0c8d7d26069c78071a140286
CVE-2020-10184 (The verify endpoint in YubiKey Validation Server before 2.40 does not  ...)
	{DLA-2141-1}
	- yubikey-val <removed>
	[buster] - yubikey-val <no-dsa> (Minor issue)
	[stretch] - yubikey-val <no-dsa> (Minor issue)
	NOTE: https://www.yubico.com/support/security-advisories/ysa-2020-01/
	NOTE: https://github.com/Yubico/yubikey-val/commit/d0e4db3245deb5ce0c8d7d26069c78071a140286
CVE-2020-10183
	RESERVED
CVE-2020-10182
	RESERVED
CVE-2020-10181 (goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4. ...)
	NOT-FOR-US: Sumavision Enhanced Multimedia Router
CVE-2020-10180 (The ESET AV parsing engine allows virus-detection bypass via a crafted ...)
	NOT-FOR-US: ESET AV parsing engine
CVE-2020-10179
	RESERVED
CVE-2020-10178
	REJECTED
CVE-2020-10177 (Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/Fli ...)
	{DLA-2317-1}
	- pillow 7.2.0-1
	[buster] - pillow 5.4.1-2+deb10u2
	NOTE: https://github.com/python-pillow/Pillow/pull/4503
	NOTE: https://github.com/python-pillow/Pillow/pull/4538
	NOTE: Fixed in 6.2.3 and 7.1.0
CVE-2020-10176 (ASSA ABLOY Yale WIPC-301W 2.x.2.29 through 2.x.2.43_p1 devices allow E ...)
	NOT-FOR-US: ASSA ABLOY Yale WIPC-301W
CVE-2020-10175
	REJECTED
CVE-2020-10174 (init_tmp in TeeJee.FileSystem.vala in Timeshift before 20.03 unsafely  ...)
	- timeshift 20.03+ds-1 (bug #953385)
	[buster] - timeshift 19.01+ds-2+deb10u1
	NOTE: https://www.openwall.com/lists/oss-security/2020/03/06/3
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1165802
	NOTE: https://github.com/teejee2008/timeshift/commit/335b3d5398079278b8f7094c77bfd148b315b462
CVE-2020-10173 (Comtrend VR-3033 DE11-416SSG-C01_R02.A2pvI042j1.d26m devices have Mult ...)
	NOT-FOR-US: Comtrend VR-3033 DE11-416SSG-C01_R02.A2pvI042j1.d26m devices
CVE-2020-10172
	RESERVED
CVE-2020-10171
	RESERVED
CVE-2020-10170
	RESERVED
CVE-2020-10169
	RESERVED
CVE-2020-10168
	RESERVED
CVE-2020-10167
	RESERVED
CVE-2020-10166
	RESERVED
CVE-2020-10165
	RESERVED
CVE-2020-10164
	RESERVED
CVE-2020-10163
	RESERVED
CVE-2020-10162
	RESERVED
CVE-2020-10161
	RESERVED
CVE-2020-10160
	RESERVED
CVE-2020-10159
	RESERVED
CVE-2020-10158
	RESERVED
CVE-2020-10157
	RESERVED
CVE-2020-10156
	RESERVED
CVE-2020-10155
	RESERVED
CVE-2020-10154
	RESERVED
CVE-2020-10153
	RESERVED
CVE-2020-10152
	RESERVED
CVE-2020-10151
	RESERVED
CVE-2020-10150
	RESERVED
CVE-2020-10149
	RESERVED
CVE-2020-10148 (The SolarWinds Orion API is vulnerable to an authentication bypass tha ...)
	NOT-FOR-US: SolarWinds
CVE-2020-10147
	RESERVED
CVE-2020-10146 (The Microsoft Teams online service contains a stored cross-site script ...)
	NOT-FOR-US: Microsoft Teams
CVE-2020-10145 (The Adobe ColdFusion installer fails to set a secure access-control li ...)
	NOT-FOR-US: Adobe
CVE-2020-10144
	RESERVED
CVE-2020-10143 (Macrium Reflect includes an OpenSSL component that specifies an OPENSS ...)
	NOT-FOR-US: Macrium Reflect
CVE-2020-10142
	RESERVED
CVE-2020-10141
	RESERVED
CVE-2020-10140 (Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramDa ...)
	NOT-FOR-US: Acronis
CVE-2020-10139 (Acronis True Image 2021 includes an OpenSSL component that specifies a ...)
	NOT-FOR-US: Acronis
CVE-2020-10138 (Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL comp ...)
	NOT-FOR-US: Acronis
CVE-2020-10137 (Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do n ...)
	NOT-FOR-US: Z-Wave devices
CVE-2020-10136 (Multiple products that implement the IP Encapsulation within IP standa ...)
	NOT-FOR-US: Cisco
CVE-2020-10135 (Legacy pairing and secure-connections pairing authentication in Blueto ...)
	NOTE: Bluetooth protocol issue
CVE-2020-10134 (Pairing in Bluetooth&#174; Core v5.2 and earlier may permit an unauthe ...)
	NOTE: Bluetooth protocol issue
CVE-2020-10133
	RESERVED
CVE-2020-10132
	RESERVED
CVE-2020-10131
	RESERVED
CVE-2020-10130
	RESERVED
CVE-2020-10129
	RESERVED
CVE-2020-10128
	RESERVED
CVE-2020-10127
	RESERVED
CVE-2020-10126 (NCR SelfServ ATMs running APTRA XFS 05.01.00 do not properly validate  ...)
	NOT-FOR-US: NCR SelfServ ATMs
CVE-2020-10125 (NCR SelfServ ATMs running APTRA XFS 04.02.01 and 05.01.00 implement 51 ...)
	NOT-FOR-US: NCR SelfServ ATMs
CVE-2020-10124 (NCR SelfServ ATMs running APTRA XFS 05.01.00 do not encrypt, authentic ...)
	NOT-FOR-US: NCR SelfServ ATMs
CVE-2020-10123 (The currency dispenser of NCR SelfSev ATMs running APTRA XFS 05.01.00  ...)
	NOT-FOR-US: NCR SelfServ ATMs
CVE-2020-10122 (cPanel before 84.0.20 allows a webmail or demo account to delete arbit ...)
	NOT-FOR-US: cPanel
CVE-2020-10121 (cPanel before 84.0.20 allows a demo account to achieve code execution  ...)
	NOT-FOR-US: cPanel
CVE-2020-10120 (cPanel before 84.0.20 allows resellers to achieve remote code executio ...)
	NOT-FOR-US: cPanel
CVE-2020-10119 (cPanel before 84.0.20 allows a demo account to achieve remote code exe ...)
	NOT-FOR-US: cPanel
CVE-2020-10118 (cPanel before 84.0.20 allows a demo account to modify files via Brandi ...)
	NOT-FOR-US: cPanel
CVE-2020-10117 (cPanel before 84.0.20 mishandles enforcement of demo checks in the Mar ...)
	NOT-FOR-US: cPanel
CVE-2020-10116 (cPanel before 84.0.20 allows attackers to bypass intended restrictions ...)
	NOT-FOR-US: cPanel
CVE-2020-10115 (cPanel before 84.0.20, when PowerDNS is used, allows arbitrary code ex ...)
	NOT-FOR-US: cPanel
CVE-2020-10114 (cPanel before 84.0.20 allows stored self-XSS via the HTML file editor  ...)
	NOT-FOR-US: cPanel
CVE-2020-10113 (cPanel before 84.0.20 allows self XSS via a temporary character-set sp ...)
	NOT-FOR-US: cPanel
CVE-2020-10112 (** DISPUTED ** Citrix Gateway 11.1, 12.0, and 12.1 allows Cache Poison ...)
	NOT-FOR-US: Citrix
CVE-2020-10111 (** DISPUTED ** Citrix Gateway 11.1, 12.0, and 12.1 has an Inconsistent ...)
	NOT-FOR-US: Citrix
CVE-2020-10110 (** DISPUTED ** Citrix Gateway 11.1, 12.0, and 12.1 allows Information  ...)
	NOT-FOR-US: Citrix
CVE-2020-10109 (In Twisted Web through 19.10.0, there was an HTTP request splitting vu ...)
	{DLA-2927-1 DLA-2145-1}
	- twisted 18.9.0-7 (bug #953950)
	[buster] - twisted <no-dsa> (Minor issue)
	NOTE: https://know.bishopfox.com/advisories/twisted-version-19.10.0#INOR
	NOTE: https://github.com/twisted/twisted/commit/4a7d22e490bb8ff836892cc99a1f54b85ccb0281
CVE-2020-10108 (In Twisted Web through 19.10.0, there was an HTTP request splitting vu ...)
	{DLA-2927-1 DLA-2145-1}
	- twisted 18.9.0-7 (bug #953950)
	[buster] - twisted <no-dsa> (Minor issue)
	NOTE: https://know.bishopfox.com/advisories/twisted-version-19.10.0#INOR
	NOTE: https://github.com/twisted/twisted/commit/4a7d22e490bb8ff836892cc99a1f54b85ccb0281
CVE-2020-10107 (PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XS ...)
	NOT-FOR-US: PHPGurukul Daily Expense Tracker System
CVE-2020-10106 (PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to SQL injec ...)
	NOT-FOR-US: PHPGurukul Daily Expense Tracker System
CVE-2020-10105 (An issue was discovered in Zammad 3.0 through 3.2. It returns source c ...)
	- zammad <itp> (bug #841355)
CVE-2020-10104 (An issue was discovered in Zammad 3.0 through 3.2. After authenticatio ...)
	- zammad <itp> (bug #841355)
CVE-2020-10103 (An XSS issue was discovered in Zammad 3.0 through 3.2. Malicious code  ...)
	- zammad <itp> (bug #841355)
CVE-2020-10102 (An issue was discovered in Zammad 3.0 through 3.2. The Forgot Password ...)
	- zammad <itp> (bug #841355)
CVE-2020-10101 (An issue was discovered in Zammad 3.0 through 3.2. The WebSocket serve ...)
	- zammad <itp> (bug #841355)
CVE-2020-10100 (An issue was discovered in Zammad 3.0 through 3.2. It allows for users ...)
	- zammad <itp> (bug #841355)
CVE-2020-10099 (An XSS issue was discovered in Zammad 3.0 through 3.2. Malicious code  ...)
	- zammad <itp> (bug #841355)
CVE-2020-10098 (An XSS issue was discovered in Zammad 3.0 through 3.2. Malicious code  ...)
	- zammad <itp> (bug #841355)
CVE-2020-10097 (An issue was discovered in Zammad 3.0 through 3.2. It may respond with ...)
	- zammad <itp> (bug #841355)
CVE-2020-10096 (An issue was discovered in Zammad 3.0 through 3.2. It does not prevent ...)
	- zammad <itp> (bug #841355)
CVE-2020-10095
	RESERVED
CVE-2020-10094 (A cross-site scripting (XSS) vulnerability in Lexmark CS31x before LW7 ...)
	NOT-FOR-US: Lexmark
CVE-2020-10093 (A cross-site scripting (XSS) vulnerability in Lexmark Pro910 series in ...)
	NOT-FOR-US: Lexmark
CVE-2020-10092 (GitLab 12.1 through 12.8.1 allows XSS. A cross-site scripting vulnerab ...)
	- gitlab <not-affected> (Only affects Gitlab 12.1 and later)
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-10091 (GitLab 9.3 through 12.8.1 allows XSS. A cross-site scripting vulnerabi ...)
	[experimental] - gitlab 12.6.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-10090 (GitLab 11.7 through 12.8.1 allows Information Disclosure. Under certai ...)
	[experimental] - gitlab 12.6.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-10089 (GitLab 8.11 through 12.8.1 allows a Denial of Service when using sever ...)
	[experimental] - gitlab 12.6.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-10088 (GitLab 12.5 through 12.8.1 has Insecure Permissions. Depending on part ...)
	- gitlab <not-affected> (Only affects Gitlab 12.5 and later)
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-10087 (GitLab before 12.8.2 allows Information Disclosure. Badge images were  ...)
	[experimental] - gitlab 12.6.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-10086 (GitLab 10.4 through 12.8.1 allows Directory Traversal. A particular en ...)
	[experimental] - gitlab 12.6.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-10085 (GitLab 12.3.5 through 12.8.1 allows Information Disclosure. A particul ...)
	- gitlab <not-affected> (Only affects Gitlab 12.3.5 and later)
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-10084 (GitLab EE 11.6 through 12.8.1 allows Information Disclosure. Sending a ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-10083 (GitLab 12.7 through 12.8.1 has Insecure Permissions. Under certain con ...)
	- gitlab <not-affected> (Only affects Gitlab 12.7 and later)
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-10082 (GitLab 12.2 through 12.8.1 allows Denial of Service. A denial of servi ...)
	- gitlab <not-affected> (Only affects Gitlab 12.2 and later)
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-10081 (GitLab before 12.8.2 has Incorrect Access Control. It was internally d ...)
	[experimental] - gitlab 12.6.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-10080 (GitLab 8.3 through 12.8.1 allows Information Disclosure. It was possib ...)
	[experimental] - gitlab 12.6.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-10079 (GitLab 7.10 through 12.8.1 has Incorrect Access Control. Under certain ...)
	[experimental] - gitlab 12.6.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-10078 (GitLab 12.1 through 12.8.1 allows XSS. The merge request submission fo ...)
	- gitlab <not-affected> (Only affects Gitlab 12.1 and later)
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-10077 (GitLab EE 3.0 through 12.8.1 allows SSRF. An internal investigation re ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-10076 (GitLab 12.1 through 12.8.1 allows XSS. A stored cross-site scripting v ...)
	- gitlab <not-affected> (Only affects Gitlab 12.1 and later)
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-10075 (GitLab 12.5 through 12.8.1 allows HTML Injection. A particular error h ...)
	- gitlab <not-affected> (Only affects Gitlab 12.5 and later)
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-10074 (GitLab 10.1 through 12.8.1 has Incorrect Access Control. A scenario wa ...)
	[experimental] - gitlab 12.6.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-10073 (GitLab EE 12.4.2 through 12.8.1 allows Denial of Service. It was inter ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-10072 (Improper Handling of Insufficient Permissions or Privileges in zephyr. ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10071 (The Zephyr MQTT parsing code performs insufficient checking of the len ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10070 (In the Zephyr Project MQTT code, improper bounds checking can result i ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10069 (Zephyr Bluetooth unchecked packet data results in denial of service. Z ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10068 (In the Zephyr project Bluetooth subsystem, certain duplicate and back- ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10067 (A malicious userspace application can cause a integer overflow and byp ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10066 (Incorrect Error Handling in Bluetooth HCI core. Zephyr versions &gt;=  ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10065 (Missing Size Checks in Bluetooth HCI over SPI. Zephyr versions &gt;= v ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10064 (Improper Input Frame Validation in ieee802154 Processing. Zephyr versi ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10063 (A remote adversary with the ability to send arbitrary CoAP packets to  ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10062 (An off-by-one error in the Zephyr project MQTT packet length decoder c ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10061 (Improper handling of the full-buffer case in the Zephyr Bluetooth impl ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10060 (In updatehub_probe, right after JSON parsing is complete, objects\[1]  ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10059 (The UpdateHub module disables DTLS peer checking, which allows for a m ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10058 (Multiple syscalls in the Kscan subsystem perform insufficient argument ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10057 (GeniXCMS 1.1.7 is vulnerable to user privilege escalation due to broke ...)
	NOT-FOR-US: GeniXCMS
CVE-2020-10056 (A vulnerability has been identified in License Management Utility (LMU ...)
	NOT-FOR-US: Siemens
CVE-2020-10055 (A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3 ...)
	NOT-FOR-US: Desigo
CVE-2020-10054 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
	NOT-FOR-US: Siemens
CVE-2020-10053 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
	NOT-FOR-US: Siemens
CVE-2020-10052 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
	NOT-FOR-US: Siemens
CVE-2020-10051 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
	NOT-FOR-US: Siemens
CVE-2020-10050 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
	NOT-FOR-US: Siemens
CVE-2020-10049 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
	NOT-FOR-US: Siemens
CVE-2020-10048 (A vulnerability has been identified in SIMATIC PCS 7 (All versions), S ...)
	NOT-FOR-US: Siemens
CVE-2020-10047
	RESERVED
CVE-2020-10046
	RESERVED
CVE-2020-10045 (A vulnerability has been identified in SICAM MMU (All versions &lt; V2 ...)
	NOT-FOR-US: Siemens
CVE-2020-10044 (A vulnerability has been identified in SICAM MMU (All versions &lt; V2 ...)
	NOT-FOR-US: Siemens
CVE-2020-10043 (A vulnerability has been identified in SICAM MMU (All versions &lt; V2 ...)
	NOT-FOR-US: Siemens
CVE-2020-10042 (A vulnerability has been identified in SICAM MMU (All versions &lt; V2 ...)
	NOT-FOR-US: Siemens
CVE-2020-10041 (A vulnerability has been identified in SICAM MMU (All versions &lt; V2 ...)
	NOT-FOR-US: Siemens
CVE-2020-10040 (A vulnerability has been identified in SICAM MMU (All versions &lt; V2 ...)
	NOT-FOR-US: Siemens
CVE-2020-10039 (A vulnerability has been identified in SICAM MMU (All versions &lt; V2 ...)
	NOT-FOR-US: Siemens
CVE-2020-10038 (A vulnerability has been identified in SICAM MMU (All versions &lt; V2 ...)
	NOT-FOR-US: Siemens
CVE-2020-10037 (A vulnerability has been identified in SICAM MMU (All versions &lt; V2 ...)
	NOT-FOR-US: Siemens
CVE-2020-10036
	RESERVED
CVE-2020-10035
	RESERVED
CVE-2020-10034
	RESERVED
CVE-2020-10033
	RESERVED
CVE-2020-10032
	RESERVED
CVE-2020-10031
	RESERVED
CVE-2020-10030 (An issue has been found in PowerDNS Recursor 4.1.0 up to and including ...)
	- pdns-recursor 4.3.1-1 (unimportant)
	NOTE: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-03.html
	NOTE: https://www.openwall.com/lists/oss-security/2020/05/19/3
	NOTE: Non exploitable on Linux
CVE-2020-10029 (The GNU C Library (aka glibc or libc6) before 2.32 could overflow an o ...)
	- glibc 2.30-1 (bug #953108)
	[buster] - glibc <no-dsa> (Minor issue)
	[stretch] - glibc <no-dsa> (Minor issue)
	[jessie] - glibc <no-dsa> (Minor issue)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25487
	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9333498794cde1d5cca518badf79533a24114b6f
	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c10acd40262486dac597001aecc20ad9d3bd0e4a
CVE-2020-9999 (A memory corruption issue was addressed with improved state management ...)
	NOT-FOR-US: Apple
CVE-2020-9998
	RESERVED
CVE-2020-9997 (An information disclosure issue was addressed with improved state mana ...)
	NOT-FOR-US: Apple
CVE-2020-9996 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2020-9995 (An issue existed in the parsing of URLs. This issue was addressed with ...)
	NOT-FOR-US: Apple
CVE-2020-9994 (A path handling issue was addressed with improved validation. This iss ...)
	NOT-FOR-US: Apple
CVE-2020-9993 (The issue was addressed with improved UI handling. This issue is fixed ...)
	NOT-FOR-US: Apple
CVE-2020-9992 (This issue was addressed by encrypting communications over the network ...)
	NOT-FOR-US: Apple
CVE-2020-9991 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: sqlite3 as used by Apple
	NOTE: No details available due to typical Apple intransparency
CVE-2020-9990 (A race condition was addressed with additional validation. This issue  ...)
	NOT-FOR-US: Apple
CVE-2020-9989 (The issue was addressed with improved deletion. This issue is fixed in ...)
	NOT-FOR-US: Apple
CVE-2020-9988 (The issue was addressed with improved deletion. This issue is fixed in ...)
	NOT-FOR-US: Apple
CVE-2020-9987 (An inconsistent user interface issue was addressed with improved state ...)
	NOT-FOR-US: Apple
CVE-2020-9986 (A file access issue existed with certain home folder files. This was a ...)
	NOT-FOR-US: Apple
CVE-2020-9985 (A buffer overflow issue was addressed with improved memory handling. T ...)
	NOT-FOR-US: Apple
CVE-2020-9984 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-9983 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	{DSA-4797-1}
	- webkit2gtk 2.30.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.30.3-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0008.html
CVE-2020-9982 (This issue was addressed with improved checks to prevent unauthorized  ...)
	NOT-FOR-US: Apple
CVE-2020-9981 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2020-9980 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-9979 (A trust issue was addressed by removing a legacy API. This issue is fi ...)
	NOT-FOR-US: Apple
CVE-2020-9978 (This issue was addressed with improved setting propagation. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-9977 (A validation issue existed in the entitlement verification. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-9976 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-9975 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2020-9974 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-9973 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-9972 (A buffer overflow issue was addressed with improved memory handling. T ...)
	NOT-FOR-US: Apple
CVE-2020-9971 (A logic issue was addressed with improved validation. This issue is fi ...)
	NOT-FOR-US: Apple
CVE-2020-9970
	RESERVED
CVE-2020-9969 (An access issue was addressed with additional sandbox restrictions. Th ...)
	NOT-FOR-US: Apple
CVE-2020-9968 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Apple
CVE-2020-9967 (Multiple memory corruption issues were addressed with improved input v ...)
	NOT-FOR-US: Apple
CVE-2020-9966 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-9965 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-9964 (A memory initialization issue was addressed with improved memory handl ...)
	NOT-FOR-US: Apple
CVE-2020-9963 (The issue was addressed with improved handling of icon caches. This is ...)
	NOT-FOR-US: Apple
CVE-2020-9962 (A buffer overflow was addressed with improved size validation. This is ...)
	NOT-FOR-US: Apple
CVE-2020-9961 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-9960 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-9959 (A lock screen issue allowed access to messages on a locked device. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-9958 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-9957
	RESERVED
CVE-2020-9956 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-9955 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-9954 (A buffer overflow issue was addressed with improved memory handling. T ...)
	NOT-FOR-US: Apple
CVE-2020-9953
	RESERVED
CVE-2020-9952 (An input validation issue was addressed with improved input validation ...)
	{DSA-4739-1}
	- webkit2gtk 2.28.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.3-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0008.html
CVE-2020-9951 (A use after free issue was addressed with improved memory management.  ...)
	{DSA-4797-1}
	- webkit2gtk 2.30.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.30.0-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0008.html
CVE-2020-9950 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2020-9949 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2020-9948 (A type confusion issue was addressed with improved memory handling. Th ...)
	{DSA-4797-1}
	- webkit2gtk 2.30.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.30.0-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0008.html
CVE-2020-9947 (A use after free issue was addressed with improved memory management.  ...)
	{DSA-4797-1}
	- webkit2gtk 2.30.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	- wpewebkit 2.30.0-1
	NOTE: https://webkitgtk.org/security/WSA-2021-0002.html
CVE-2020-9946 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2020-9945 (A spoofing issue existed in the handling of URLs. This issue was addre ...)
	NOT-FOR-US: Apple
CVE-2020-9944 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-9943 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-9942 (An inconsistent user interface issue was addressed with improved state ...)
	NOT-FOR-US: Apple
CVE-2020-9941 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2020-9940 (A buffer overflow issue was addressed with improved memory handling. T ...)
	NOT-FOR-US: Apple
CVE-2020-9939 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2020-9938 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-9937 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-9936 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-9935 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-9934 (An issue existed in the handling of environment variables. This issue  ...)
	NOT-FOR-US: Apple
CVE-2020-9933 (An authorization issue was addressed with improved state management. T ...)
	NOT-FOR-US: Apple
CVE-2020-9932 (A memory corruption issue was addressed with improved validation. This ...)
	NOT-FOR-US: Apple
CVE-2020-9931 (A denial of service issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-9930 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-9929 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2020-9928 (Multiple memory corruption issues were addressed with improved memory  ...)
	NOT-FOR-US: Apple
CVE-2020-9927 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-9926 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2020-9925 (A logic issue was addressed with improved state management. This issue ...)
	{DSA-4739-1}
	- webkit2gtk 2.28.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.4-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0007.html
CVE-2020-9924 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-9923 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2020-9922 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-9921 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2020-9920 (A path handling issue was addressed with improved validation. This iss ...)
	NOT-FOR-US: Apple
CVE-2020-9919 (A buffer overflow issue was addressed with improved memory handling. T ...)
	NOT-FOR-US: Apple
CVE-2020-9918 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-9917 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2020-9916 (A URL Unicode encoding issue was addressed with improved state managem ...)
	NOT-FOR-US: Apple
CVE-2020-9915 (An access issue existed in Content Security Policy. This issue was add ...)
	{DSA-4739-1}
	- webkit2gtk 2.28.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.4-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0007.html
CVE-2020-9914 (An input validation issue existed in Bluetooth. This issue was address ...)
	NOT-FOR-US: Apple
CVE-2020-9913 (This issue was addressed with improved data protection. This issue is  ...)
	NOT-FOR-US: Apple
CVE-2020-9912 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Safari
CVE-2020-9911 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Safari
CVE-2020-9910 (Multiple issues were addressed with improved logic. This issue is fixe ...)
	NOT-FOR-US: Safari
CVE-2020-9909 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-9908 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-9907 (A memory corruption issue was addressed by removing the vulnerable cod ...)
	NOT-FOR-US: Apple
CVE-2020-9906 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-9905 (A buffer overflow was addressed with improved bounds checking. This is ...)
	NOT-FOR-US: Apple
CVE-2020-9904 (A memory corruption issue was addressed with improved state management ...)
	NOT-FOR-US: Apple
CVE-2020-9903 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Safari
CVE-2020-9902 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-9901 (An issue existed within the path validation logic for symlinks. This i ...)
	NOT-FOR-US: Apple
CVE-2020-9900 (An issue existed within the path validation logic for symlinks. This i ...)
	NOT-FOR-US: Apple
CVE-2020-9899 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-9898 (This issue was addressed with improved entitlements. This issue is fix ...)
	NOT-FOR-US: Apple
CVE-2020-9897 (An out-of-bounds write was addressed with improved input validation. T ...)
	NOT-FOR-US: Apple
CVE-2020-9896
	RESERVED
CVE-2020-9895 (A use after free issue was addressed with improved memory management.  ...)
	{DSA-4739-1}
	- webkit2gtk 2.28.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.4-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0007.html
CVE-2020-9894 (An out-of-bounds read was addressed with improved input validation. Th ...)
	{DSA-4739-1}
	- webkit2gtk 2.28.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.4-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0007.html
CVE-2020-9893 (A use after free issue was addressed with improved memory management.  ...)
	{DSA-4739-1}
	- webkit2gtk 2.28.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.4-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0007.html
CVE-2020-9892 (Multiple memory corruption issues were addressed with improved state m ...)
	NOT-FOR-US: Apple
CVE-2020-9891 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-9890 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-9889 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-9888 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-9887 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-9886
	RESERVED
CVE-2020-9885 (An issue existed in the handling of iMessage tapbacks. The issue was r ...)
	NOT-FOR-US: Apple
CVE-2020-9884 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-9883 (A buffer overflow issue was addressed with improved memory handling. T ...)
	NOT-FOR-US: Apple
CVE-2020-9882 (A buffer overflow issue was addressed with improved memory handling. T ...)
	NOT-FOR-US: Apple
CVE-2020-9881 (A buffer overflow issue was addressed with improved memory handling. T ...)
	NOT-FOR-US: Apple
CVE-2020-9880 (A buffer overflow was addressed with improved bounds checking. This is ...)
	NOT-FOR-US: Apple
CVE-2020-9879 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-9878 (A buffer overflow issue was addressed with improved memory handling. T ...)
	NOT-FOR-US: Apple
CVE-2020-9877 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-9876 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-9875 (An integer overflow was addressed through improved input validation. T ...)
	NOT-FOR-US: Apple
CVE-2020-9874 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-9873 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-9872 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-9871 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-9870 (A logic issue was addressed with improved validation. This issue is fi ...)
	NOT-FOR-US: Apple
CVE-2020-9869 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2020-9868 (A certificate validation issue existed when processing administrator a ...)
	NOT-FOR-US: Apple
CVE-2020-9867
	RESERVED
CVE-2020-9866 (A buffer overflow was addressed with improved bounds checking. This is ...)
	NOT-FOR-US: Apple
CVE-2020-9865 (A memory corruption issue was addressed by removing the vulnerable cod ...)
	NOT-FOR-US: Apple
CVE-2020-9864 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Apple
CVE-2020-9863 (A memory initialization issue was addressed with improved memory handl ...)
	NOT-FOR-US: Apple
CVE-2020-9862 (A command injection issue existed in Web Inspector. This issue was add ...)
	{DSA-4739-1}
	- webkit2gtk 2.28.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.4-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0007.html
CVE-2020-9861 (A stack overflow issue existed in Swift for Linux. The issue was addre ...)
	NOT-FOR-US: Swift (different from src:swift)
CVE-2020-9860 (A custom URL scheme handling issue was addressed with improved input v ...)
	NOT-FOR-US: Apple
CVE-2020-9859 (A memory consumption issue was addressed with improved memory handling ...)
	NOT-FOR-US: Apple
CVE-2020-9858 (A dynamic library loading issue was addressed with improved path searc ...)
	NOT-FOR-US: Apple
CVE-2020-9857 (An issue existed in the parsing of URLs. This issue was addressed with ...)
	NOT-FOR-US: Safari
CVE-2020-9856 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2020-9855 (A validation issue existed in the handling of symlinks. This issue was ...)
	NOT-FOR-US: Apple
CVE-2020-9854 (A logic issue was addressed with improved validation. This issue is fi ...)
	NOT-FOR-US: Apple
CVE-2020-9853 (A memory corruption issue was addressed with improved validation. This ...)
	NOT-FOR-US: Apple
CVE-2020-9852 (An integer overflow was addressed through improved input validation. T ...)
	NOT-FOR-US: Apple
CVE-2020-9851 (An access issue was addressed with improved access restrictions. This  ...)
	NOT-FOR-US: Apple
CVE-2020-9850 (A logic issue was addressed with improved restrictions. This issue is  ...)
	{DSA-4724-1}
	- webkit2gtk 2.28.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.3-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0006.html
CVE-2020-9849 (An information disclosure issue was addressed with improved state mana ...)
	NOT-FOR-US: sqlite3 as used by Apple
	NOTE: No details available due to typical Apple intransparency
CVE-2020-9848 (An authorization issue was addressed with improved state management. T ...)
	NOT-FOR-US: Apple
CVE-2020-9847 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-9846
	RESERVED
CVE-2020-9845
	RESERVED
CVE-2020-9844 (A double free issue was addressed with improved memory management. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-9843 (An input validation issue was addressed with improved input validation ...)
	{DSA-4724-1}
	- webkit2gtk 2.28.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.3-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0006.html
CVE-2020-9842 (An entitlement parsing issue was addressed with improved parsing. This ...)
	NOT-FOR-US: Apple
CVE-2020-9841 (An integer overflow was addressed through improved input validation. T ...)
	NOT-FOR-US: Apple
CVE-2020-9840 (In SwiftNIO Extras before 1.4.1, a logic issue was addressed with impr ...)
	NOT-FOR-US: SwiftNIO Extras
CVE-2020-9839 (A race condition was addressed with improved state handling. This issu ...)
	NOT-FOR-US: Apple
CVE-2020-9838 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-9837 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-9836
	RESERVED
CVE-2020-9835 (An issue existed in the pausing of FaceTime video. The issue was resol ...)
	NOT-FOR-US: Apple
CVE-2020-9834 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-9833 (A memory initialization issue was addressed with improved memory handl ...)
	NOT-FOR-US: Apple
CVE-2020-9832 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-9831 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-9830 (A memory corruption issue was addressed with improved state management ...)
	NOT-FOR-US: Apple
CVE-2020-9829 (A validation issue was addressed with improved input sanitization. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-9828 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-9827 (A denial of service issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-9826 (A denial of service issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-9825 (An access issue was addressed with additional sandbox restrictions. Th ...)
	NOT-FOR-US: Apple
CVE-2020-9824 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Apple
CVE-2020-9823 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2020-9822 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-9821 (A memory corruption issue was addressed with improved state management ...)
	NOT-FOR-US: Apple
CVE-2020-9820 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Apple
CVE-2020-9819 (A memory consumption issue was addressed with improved memory handling ...)
	NOT-FOR-US: Apple
CVE-2020-9818 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-9817 (A permissions issue existed. This issue was addressed with improved pe ...)
	NOT-FOR-US: Apple
CVE-2020-9816 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-9815 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-9814 (A logic issue existed resulting in memory corruption. This was address ...)
	NOT-FOR-US: Apple
CVE-2020-9813 (A logic issue existed resulting in memory corruption. This was address ...)
	NOT-FOR-US: Apple
CVE-2020-9812 (An information disclosure issue was addressed with improved state mana ...)
	NOT-FOR-US: Apple
CVE-2020-9811 (An information disclosure issue was addressed with improved state mana ...)
	NOT-FOR-US: Apple
CVE-2020-9810 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Apple
CVE-2020-9809 (An information disclosure issue was addressed with improved state mana ...)
	NOT-FOR-US: Apple
CVE-2020-9808 (A memory corruption issue was addressed with improved state management ...)
	NOT-FOR-US: Apple
CVE-2020-9807 (A memory corruption issue was addressed with improved state management ...)
	{DSA-4724-1}
	- webkit2gtk 2.28.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.3-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0006.html
CVE-2020-9806 (A memory corruption issue was addressed with improved state management ...)
	{DSA-4724-1}
	- webkit2gtk 2.28.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.3-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0006.html
CVE-2020-9805 (A logic issue was addressed with improved restrictions. This issue is  ...)
	{DSA-4724-1}
	- webkit2gtk 2.28.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.3-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0006.html
CVE-2020-9804 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Apple
CVE-2020-9803 (A memory corruption issue was addressed with improved validation. This ...)
	{DSA-4724-1}
	- webkit2gtk 2.28.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.3-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0006.html
CVE-2020-9802 (A logic issue was addressed with improved restrictions. This issue is  ...)
	{DSA-4724-1}
	- webkit2gtk 2.28.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.3-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0006.html
CVE-2020-9801 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Apple
CVE-2020-9800 (A type confusion issue was addressed with improved memory handling. Th ...)
	NOT-FOR-US: Apple
CVE-2020-9799 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-9798
	RESERVED
CVE-2020-9797 (An information disclosure issue was addressed by removing the vulnerab ...)
	NOT-FOR-US: Apple
CVE-2020-9796 (A race condition was addressed with improved state handling. This issu ...)
	NOT-FOR-US: Apple
CVE-2020-9795 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2020-9794 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: sqlite3 as used by Apple
	NOTE: No details available due to typical Apple intransparency
CVE-2020-9793 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-9792 (A validation issue was addressed with improved input sanitization. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-9791 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-9790 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-9789 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-9788 (A validation issue was addressed with improved input sanitization. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-9787 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Apple
CVE-2020-9786 (This issue was addressed with improved checks This issue is fixed in m ...)
	NOT-FOR-US: Apple
CVE-2020-9785 (Multiple memory corruption issues were addressed with improved state m ...)
	NOT-FOR-US: Apple
CVE-2020-9784 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Apple Safari
CVE-2020-9783 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2020-9782 (A parsing issue in the handling of directory paths was addressed with  ...)
	NOT-FOR-US: Apple
CVE-2020-9781 (The issue was addressed by clearing website permission prompts after n ...)
	NOT-FOR-US: Apple
CVE-2020-9780 (The issue was resolved by clearing application previews when content i ...)
	NOT-FOR-US: Apple
CVE-2020-9779 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-9778
	RESERVED
CVE-2020-9777 (An issue existed in the selection of video file by Mail. The issue was ...)
	NOT-FOR-US: Apple
CVE-2020-9776 (This issue was addressed with a new entitlement. This issue is fixed i ...)
	NOT-FOR-US: Apple
CVE-2020-9775 (An issue existed in the handling of tabs displaying picture in picture ...)
	NOT-FOR-US: Apple
CVE-2020-9774 (An issue existed with Siri Suggestions access to encrypted data. The i ...)
	NOT-FOR-US: Apple
CVE-2020-9773 (The issue was addressed with improved handling of icon caches. This is ...)
	NOT-FOR-US: Apple
CVE-2020-9772 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Apple
CVE-2020-9771 (This issue was addressed with a new entitlement. This issue is fixed i ...)
	NOT-FOR-US: Apple
CVE-2020-9770 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-9769 (Multiple issues were addressed by updating to version 8.1.1850. This i ...)
	NOT-FOR-US: Apple
CVE-2020-9768 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2020-9767 (A vulnerability related to Dynamic-link Library (&#8220;DLL&#8221;) lo ...)
	NOT-FOR-US: Zoom
CVE-2020-10028 (Multiple syscalls with insufficient argument validation See NCC-ZEP-00 ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10027 (An attacker who has obtained code execution within a user thread is ab ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10026
	REJECTED
CVE-2020-10025
	REJECTED
CVE-2020-10024 (The arm platform-specific code uses a signed integer comparison when v ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10023 (The shell subsystem contains a buffer overflow, whereby an adversary w ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10022 (A malformed JSON payload that is received from an UpdateHub server may ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10021 (Out-of-bounds Write in the USB Mass Storage memoryWrite handler with u ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10020
	REJECTED
CVE-2020-10019 (USB DFU has a potential buffer overflow where the requested length (wL ...)
	NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2020-10018 (WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the  ...)
	{DSA-4641-1}
	- webkit2gtk 2.28.0-2
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.0-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0003.html
CVE-2020-10017 (An out-of-bounds write was addressed with improved input validation. T ...)
	NOT-FOR-US: Apple
CVE-2020-10016 (A memory corruption issue was addressed with improved state management ...)
	NOT-FOR-US: Apple
CVE-2020-10015 (An out-of-bounds write issue was addressed with improved bounds checki ...)
	NOT-FOR-US: Apple
CVE-2020-10014 (A parsing issue in the handling of directory paths was addressed with  ...)
	NOT-FOR-US: Apple
CVE-2020-10013 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-10012 (An access issue was addressed with improved access restrictions. This  ...)
	NOT-FOR-US: Apple
CVE-2020-10011 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-10010 (A path handling issue was addressed with improved validation. This iss ...)
	NOT-FOR-US: Apple
CVE-2020-10009 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-10008 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Apple
CVE-2020-10007 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-10006 (This issue was addressed with improved entitlements. This issue is fix ...)
	NOT-FOR-US: Apple
CVE-2020-10005 (A resource exhaustion issue was addressed with improved input validati ...)
	NOT-FOR-US: Apple
CVE-2020-10004 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-10003 (An issue existed within the path validation logic for symlinks. This i ...)
	NOT-FOR-US: Apple
CVE-2020-10002 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-10001 (An input validation issue was addressed with improved memory handling. ...)
	{DLA-2800-1}
	- cups 2.3.3op2-1
	[buster] - cups <no-dsa> (Minor issue)
	NOTE: https://github.com/OpenPrinting/cups/commit/efbea1742bd30f842fbbfb87a473e5c84f4162f9 (v2.3.3op2)
CVE-2020-10000
	RESERVED
CVE-2020-9766
	RESERVED
CVE-2020-9765
	RESERVED
CVE-2020-9764
	RESERVED
CVE-2020-9763
	RESERVED
CVE-2020-9762
	RESERVED
CVE-2020-9761 (An issue was discovered in UNCTAD ASYCUDA World 2001 through 2020. The ...)
	NOT-FOR-US: UNCTAD ASYCUDA World
CVE-2020-9760 (An issue was discovered in WeeChat before 2.7.1 (0.3.4 to 2.7 are affe ...)
	{DLA-2770-1 DLA-2157-1}
	- weechat 2.7.1-1
	[buster] - weechat <no-dsa> (Minor issue)
	NOTE: https://github.com/weechat/weechat/commit/694b5c9f874d7337cd2e03761e0de435275dd64d
CVE-2020-9759 (A Vulnerability of LG Electronic web OS TV Emulator could allow an att ...)
	{DLA-2770-1 DLA-2157-1}
	- weechat 2.7.1-1
	[buster] - weechat <no-dsa> (Minor issue)
	NOTE: https://github.com/weechat/weechat/commit/c827d6fa864e2c0b79cea640c45272e83703081e
CVE-2020-9758 (An issue was discovered in chat.php in LiveZilla Live Chat 8.0.1.3 (He ...)
	NOT-FOR-US: LiveZilla Live Chat
CVE-2020-9757 (The SEOmatic component before 3.3.0 for Craft CMS allows Server-Side T ...)
	NOT-FOR-US: Seomatic component for Craft CMS
CVE-2020-9756 (Patriot Viper RGB Driver 1.1 and prior exposes IOCTL and allows insuff ...)
	NOT-FOR-US: Patriot Viper RGB Driver
CVE-2020-9755
	RESERVED
CVE-2020-9754
	RESERVED
CVE-2020-9753 (Whale Browser Installer before 1.2.0.5 versions don't support signatur ...)
	NOT-FOR-US: Whale Browser
CVE-2020-9752 (Naver Cloud Explorer before 2.2.2.11 allows the attacker can move a lo ...)
	NOT-FOR-US: Naver Cloud Explorer
CVE-2020-9751 (Naver Cloud Explorer before 2.2.2.11 allows the system to download an  ...)
	NOT-FOR-US: Naver Cloud Explorer
CVE-2020-9750 (Adobe Animate version 20.5 (and earlier) is affected by an out-of-boun ...)
	NOT-FOR-US: Adobe
CVE-2020-9749 (Adobe Animate version 20.5 (and earlier) is affected by an out-of-boun ...)
	NOT-FOR-US: Adobe
CVE-2020-9748 (Adobe Animate version 20.5 (and earlier) is affected by a stack overfl ...)
	NOT-FOR-US: Adobe
CVE-2020-9747 (Adobe Animate version 20.5 (and earlier) is affected by a double free  ...)
	NOT-FOR-US: Adobe
CVE-2020-9746 (Adobe Flash Player version 32.0.0.433 (and earlier) are affected by an ...)
	NOT-FOR-US: Adobe Flash Plugin
CVE-2020-9745 (Adobe Media Encoder version 14.3.2 (and earlier versions) has an out-o ...)
	NOT-FOR-US: Adobe
CVE-2020-9744 (Adobe Media Encoder version 14.3.2 (and earlier versions) has an out-o ...)
	NOT-FOR-US: Adobe
CVE-2020-9743 (AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and be ...)
	NOT-FOR-US: Adobe AEM
CVE-2020-9742 (AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below) and 6.3.3.8 (and ...)
	NOT-FOR-US: Adobe AEM
CVE-2020-9741 (The AEM forms add-on for versions 6.5.5.0 (and below) and 6.4.8.2 (and ...)
	NOT-FOR-US: Adobe AEM
CVE-2020-9740 (AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and be ...)
	NOT-FOR-US: Adobe AEM
CVE-2020-9739 (Adobe Media Encoder version 14.3.2 (and earlier versions) has an out-o ...)
	NOT-FOR-US: Adobe
CVE-2020-9738 (AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and be ...)
	NOT-FOR-US: Adobe AEM
CVE-2020-9737 (AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and be ...)
	NOT-FOR-US: Adobe AEM
CVE-2020-9736 (AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and be ...)
	NOT-FOR-US: Adobe AEM
CVE-2020-9735 (AEM versions 6.5.5.0 (and below), 6.4.8.1 (and below), 6.3.3.8 (and be ...)
	NOT-FOR-US: Adobe AEM
CVE-2020-9734 (The AEM Forms add-on for versions 6.5.5.0 (and below) and 6.4.8.1 (and ...)
	NOT-FOR-US: Adobe AEM
CVE-2020-9733 (An AEM java servlet in AEM versions 6.5.5.0 (and below) and 6.4.8.1 (a ...)
	NOT-FOR-US: Adobe AEM
CVE-2020-9732 (The AEM Forms add-on for versions 6.5.5.0 (and below) and 6.4.8.2 (and ...)
	NOT-FOR-US: Adobe AEM
CVE-2020-9731 (A memory corruption vulnerability exists in InDesign 15.1.1 (and earli ...)
	NOT-FOR-US: Adobe
CVE-2020-9730 (A memory corruption vulnerability exists in InDesign 15.1.1 (and earli ...)
	NOT-FOR-US: Adobe
CVE-2020-9729 (A memory corruption vulnerability exists in InDesign 15.1.1 (and earli ...)
	NOT-FOR-US: Adobe
CVE-2020-9728 (A memory corruption vulnerability exists in InDesign 15.1.1 (and earli ...)
	NOT-FOR-US: Adobe
CVE-2020-9727 (A memory corruption vulnerability exists in InDesign 15.1.1 (and earli ...)
	NOT-FOR-US: Adobe
CVE-2020-9726 (Adobe FrameMaker version 2019.0.6 (and earlier versions) has an out-of ...)
	NOT-FOR-US: Adobe
CVE-2020-9725 (Adobe FrameMaker version 2019.0.6 (and earlier versions) lacks proper  ...)
	NOT-FOR-US: Adobe
CVE-2020-9724 (Adobe Lightroom versions 9.2.0.10 and earlier have an insecure library ...)
	NOT-FOR-US: Adobe
CVE-2020-9723 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9722 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9721 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9720 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9719 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9718 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9717 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9716 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9715 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9714 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9713
	RESERVED
CVE-2020-9712 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9711
	RESERVED
CVE-2020-9710 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9709
	RESERVED
CVE-2020-9708 (The resolveRepositoryPath function doesn't properly validate user inpu ...)
	NOT-FOR-US: Adobe
CVE-2020-9707 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9706 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9705 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9704 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9703 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9702 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9701 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9700 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9699 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9698 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9697 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9696 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9695
	RESERVED
CVE-2020-9694 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9693 (Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001 ...)
	NOT-FOR-US: Adobe
CVE-2020-9692 (Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a ...)
	NOT-FOR-US: Magento
CVE-2020-9691 (Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a ...)
	NOT-FOR-US: Magento
CVE-2020-9690 (Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a ...)
	NOT-FOR-US: Magento
CVE-2020-9689 (Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a ...)
	NOT-FOR-US: Magento
CVE-2020-9688 (Adobe Download Manager version 2.0.0.518 have a command injection vuln ...)
	NOT-FOR-US: Adobe
CVE-2020-9687 (Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an ...)
	NOT-FOR-US: Adobe
CVE-2020-9686 (Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an ...)
	NOT-FOR-US: Adobe
CVE-2020-9685 (Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an ...)
	NOT-FOR-US: Adobe
CVE-2020-9684 (Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an ...)
	NOT-FOR-US: Adobe
CVE-2020-9683 (Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an ...)
	NOT-FOR-US: Adobe
CVE-2020-9682 (Adobe Creative Cloud Desktop Application versions 5.1 and earlier have ...)
	NOT-FOR-US: Adobe
CVE-2020-9681 (Adobe Genuine Service version 6.6 (and earlier) is affected by an Unco ...)
	NOT-FOR-US: Adobe
CVE-2020-9680 (Adobe Prelude versions 9.0 and earlier have an out-of-bounds write vul ...)
	NOT-FOR-US: Adobe
CVE-2020-9679 (Adobe Prelude versions 9.0 and earlier have an out-of-bounds read vuln ...)
	NOT-FOR-US: Adobe
CVE-2020-9678 (Adobe Prelude versions 9.0 and earlier have an out-of-bounds write vul ...)
	NOT-FOR-US: Adobe
CVE-2020-9677 (Adobe Prelude versions 9.0 and earlier have an out-of-bounds read vuln ...)
	NOT-FOR-US: Adobe
CVE-2020-9676 (Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write v ...)
	NOT-FOR-US: Adobe
CVE-2020-9675 (Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds read vu ...)
	NOT-FOR-US: Adobe
CVE-2020-9674 (Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write v ...)
	NOT-FOR-US: Adobe
CVE-2020-9673 (Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2 ...)
	NOT-FOR-US: Adobe
CVE-2020-9672 (Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2 ...)
	NOT-FOR-US: Adobe
CVE-2020-9671 (Adobe Creative Cloud Desktop Application versions 5.1 and earlier have ...)
	NOT-FOR-US: Adobe
CVE-2020-9670 (Adobe Creative Cloud Desktop Application versions 5.1 and earlier have ...)
	NOT-FOR-US: Adobe
CVE-2020-9669 (Adobe Creative Cloud Desktop Application versions 5.1 and earlier have ...)
	NOT-FOR-US: Adobe
CVE-2020-9668 (Adobe Genuine Service version 6.6 (and earlier) is affected by an Impr ...)
	NOT-FOR-US: Adobe
CVE-2020-9667 (Adobe Genuine Service version 6.6 (and earlier) is affected by an Unco ...)
	NOT-FOR-US: Adobe
CVE-2020-9666 (Adobe Campaign Classic before 20.2 have an out-of-bounds read vulnerab ...)
	NOT-FOR-US: Adobe
CVE-2020-9665 (Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a  ...)
	NOT-FOR-US: Magento
CVE-2020-9664 (Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a  ...)
	NOT-FOR-US: Magento
CVE-2020-9663 (Adobe Reader Mobile versions 20.0.1 and earlier have a directory trave ...)
	NOT-FOR-US: Adobe
CVE-2020-9662 (Adobe After Effects versions 17.1 and earlier have an out-of-bounds wr ...)
	NOT-FOR-US: Adobe
CVE-2020-9661 (Adobe After Effects versions 17.1 and earlier have an out-of-bounds re ...)
	NOT-FOR-US: Adobe
CVE-2020-9660 (Adobe After Effects versions 17.1 and earlier have an out-of-bounds wr ...)
	NOT-FOR-US: Adobe
CVE-2020-9659 (Adobe Audition versions 13.0.6 and earlier have an out-of-bounds write ...)
	NOT-FOR-US: Adobe
CVE-2020-9658 (Adobe Audition versions 13.0.6 and earlier have an out-of-bounds write ...)
	NOT-FOR-US: Adobe
CVE-2020-9657 (Adobe Premiere Rush versions 1.5.12 and earlier have an out-of-bounds  ...)
	NOT-FOR-US: Adobe
CVE-2020-9656 (Adobe Premiere Rush versions 1.5.12 and earlier have an out-of-bounds  ...)
	NOT-FOR-US: Adobe
CVE-2020-9655 (Adobe Premiere Rush versions 1.5.12 and earlier have an out-of-bounds  ...)
	NOT-FOR-US: Adobe
CVE-2020-9654 (Adobe Premiere Pro versions 14.2 and earlier have an out-of-bounds wri ...)
	NOT-FOR-US: Adobe
CVE-2020-9653 (Adobe Premiere Pro versions 14.2 and earlier have an out-of-bounds wri ...)
	NOT-FOR-US: Adobe
CVE-2020-9652 (Adobe Premiere Pro versions 14.2 and earlier have an out-of-bounds rea ...)
	NOT-FOR-US: Adobe
CVE-2020-9651 (Adobe Experience Manager versions 6.5 and earlier have a cross-site sc ...)
	NOT-FOR-US: Adobe
CVE-2020-9650 (Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds wr ...)
	NOT-FOR-US: Adobe
CVE-2020-9649 (Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds re ...)
	NOT-FOR-US: Adobe
CVE-2020-9648 (Adobe Experience Manager versions 6.5 and earlier have a cross-site sc ...)
	NOT-FOR-US: Adobe
CVE-2020-9647 (Adobe Experience Manager versions 6.5 and earlier have a cross-site sc ...)
	NOT-FOR-US: Adobe
CVE-2020-9646 (Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds wr ...)
	NOT-FOR-US: Adobe
CVE-2020-9645 (Adobe Experience Manager versions 6.5 and earlier have a blind server- ...)
	NOT-FOR-US: Adobe
CVE-2020-9644 (Adobe Experience Manager versions 6.5 and earlier have a cross-site sc ...)
	NOT-FOR-US: Adobe
CVE-2020-9643 (Adobe Experience Manager versions 6.5 and earlier have a server-side r ...)
	NOT-FOR-US: Adobe
CVE-2020-9642 (Adobe Illustrator versions 24.1.2 and earlier have a buffer errors vul ...)
	NOT-FOR-US: Adobe
CVE-2020-9641 (Adobe Illustrator versions 24.1.2 and earlier have a memory corruption ...)
	NOT-FOR-US: Adobe
CVE-2020-9640 (Adobe Illustrator versions 24.1.2 and earlier have a memory corruption ...)
	NOT-FOR-US: Adobe
CVE-2020-9639 (Adobe Illustrator versions 24.1.2 and earlier have a memory corruption ...)
	NOT-FOR-US: Adobe
CVE-2020-9638 (Adobe After Effects versions 17.1 and earlier have a heap overflow vul ...)
	NOT-FOR-US: Adobe
CVE-2020-9637 (Adobe After Effects versions 17.1 and earlier have a heap overflow vul ...)
	NOT-FOR-US: Adobe
CVE-2020-9636 (Adobe Framemaker versions 2019.0.5 and below have a memory corruption  ...)
	NOT-FOR-US: Adobe
CVE-2020-9635 (Adobe Framemaker versions 2019.0.5 and below have an out-of-bounds wri ...)
	NOT-FOR-US: Adobe
CVE-2020-9634 (Adobe Framemaker versions 2019.0.5 and below have an out-of-bounds wri ...)
	NOT-FOR-US: Adobe
CVE-2020-9633 (Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash ...)
	NOT-FOR-US: Adobe
CVE-2020-9632 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
	NOT-FOR-US: Magento
CVE-2020-9631 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
	NOT-FOR-US: Magento
CVE-2020-9630 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
	NOT-FOR-US: Magento
CVE-2020-9629 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
	NOT-FOR-US: Adobe
CVE-2020-9628 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
	NOT-FOR-US: Adobe
CVE-2020-9627 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
	NOT-FOR-US: Adobe
CVE-2020-9626 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
	NOT-FOR-US: Adobe
CVE-2020-9625 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
	NOT-FOR-US: Adobe
CVE-2020-9624 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
	NOT-FOR-US: Adobe
CVE-2020-9623 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
	NOT-FOR-US: Adobe
CVE-2020-9622 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
	NOT-FOR-US: Adobe
CVE-2020-9621 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
	NOT-FOR-US: Adobe
CVE-2020-9620 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
	NOT-FOR-US: Adobe
CVE-2020-9619
	RESERVED
CVE-2020-9618 (Adobe Audition versions 13.0.5 and earlier have an out-of-bounds read  ...)
	NOT-FOR-US: Adobe
CVE-2020-9617 (Adobe Premiere Rush versions 1.5.8 and earlier have an out-of-bounds r ...)
	NOT-FOR-US: Adobe
CVE-2020-9616 (Adobe Premiere Pro versions 14.1 and earlier have an out-of-bounds rea ...)
	NOT-FOR-US: Adobe
CVE-2020-9615 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9614 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9613 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9612 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9611 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9610 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9609 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9608 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9607 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9606 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9605 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9604 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9603 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9602 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9601 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9600 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9599 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9598 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9597 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9596 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9595 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9594 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9593 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9592 (Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-9591 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
	NOT-FOR-US: Magento
CVE-2020-9590 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
	NOT-FOR-US: Adobe
CVE-2020-9589 (Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have ...)
	NOT-FOR-US: Adobe
CVE-2020-9588 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
	NOT-FOR-US: Magento
CVE-2020-9587 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
	NOT-FOR-US: Magento
CVE-2020-9586 (Adobe Character Animator versions 3.2 and earlier have a buffer overfl ...)
	NOT-FOR-US: Adobe
CVE-2020-9585 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
	NOT-FOR-US: Magento
CVE-2020-9584 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
	NOT-FOR-US: Magento
CVE-2020-9583 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
	NOT-FOR-US: Magento
CVE-2020-9582 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
	NOT-FOR-US: Magento
CVE-2020-9581 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
	NOT-FOR-US: Magento
CVE-2020-9580 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
	NOT-FOR-US: Magento
CVE-2020-9579 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
	NOT-FOR-US: Magento
CVE-2020-9578 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
	NOT-FOR-US: Magento
CVE-2020-9577 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
	NOT-FOR-US: Magento
CVE-2020-9576 (Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.1 ...)
	NOT-FOR-US: Magento
CVE-2020-9575 (Adobe Illustrator versions 24.1.2 and earlier have a memory corruption ...)
	NOT-FOR-US: Adobe
CVE-2020-9574 (Adobe Illustrator versions 24.0.2 and earlier have a memory corruption ...)
	NOT-FOR-US: Adobe
CVE-2020-9573 (Adobe Illustrator versions 24.0.2 and earlier have a memory corruption ...)
	NOT-FOR-US: Adobe
CVE-2020-9572 (Adobe Illustrator versions 24.0.2 and earlier have a memory corruption ...)
	NOT-FOR-US: Adobe
CVE-2020-9571 (Adobe Illustrator versions 24.0.2 and earlier have a memory corruption ...)
	NOT-FOR-US: Adobe
CVE-2020-9570 (Adobe Illustrator versions 24.0.2 and earlier have a memory corruption ...)
	NOT-FOR-US: Adobe
CVE-2020-9569 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
	NOT-FOR-US: Adobe
CVE-2020-9568 (Adobe Bridge versions 10.0.1 and earlier version have a memory corrupt ...)
	NOT-FOR-US: Adobe
CVE-2020-9567 (Adobe Bridge versions 10.0.1 and earlier version have an use after fre ...)
	NOT-FOR-US: Adobe
CVE-2020-9566 (Adobe Bridge versions 10.0.1 and earlier version have an use after fre ...)
	NOT-FOR-US: Adobe
CVE-2020-9565 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
	NOT-FOR-US: Adobe
CVE-2020-9564 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
	NOT-FOR-US: Adobe
CVE-2020-9563 (Adobe Bridge versions 10.0.1 and earlier version have a heap overflow  ...)
	NOT-FOR-US: Adobe
CVE-2020-9562 (Adobe Bridge versions 10.0.1 and earlier version have a heap overflow  ...)
	NOT-FOR-US: Adobe
CVE-2020-9561 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
	NOT-FOR-US: Adobe
CVE-2020-9560 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
	NOT-FOR-US: Adobe
CVE-2020-9559 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
	NOT-FOR-US: Adobe
CVE-2020-9558 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
	NOT-FOR-US: Adobe
CVE-2020-9557 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
	NOT-FOR-US: Adobe
CVE-2020-9556 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
	NOT-FOR-US: Adobe
CVE-2020-9555 (Adobe Bridge versions 10.0.1 and earlier version have a stack-based bu ...)
	NOT-FOR-US: Adobe
CVE-2020-9554 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
	NOT-FOR-US: Adobe
CVE-2020-9553 (Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds ...)
	NOT-FOR-US: Adobe
CVE-2020-9552 (Adobe Bridge versions 10.0 have a heap-based buffer overflow vulnerabi ...)
	NOT-FOR-US: Adobe
CVE-2020-9551 (Adobe Bridge versions 10.0 have an out-of-bounds write vulnerability.  ...)
	NOT-FOR-US: Adobe
CVE-2020-9550 (Rubetek SmartHome 2020 devices use unencrypted 433 MHz communication b ...)
	NOT-FOR-US: Rubetek SmartHome 2020 devices
CVE-2020-9549 (In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bou ...)
	{DLA-2134-1}
	- pdfresurrect 0.20-1 (unimportant; bug #952948)
	NOTE: https://github.com/enferex/pdfresurrect/issues/8
	NOTE: Crash in CLI tool, no security impact
CVE-2020-9548 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
	{DLA-2135-1}
	- jackson-databind 2.11.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u2
	[stretch] - jackson-databind 2.8.6-1+deb9u7
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2634
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
CVE-2020-9547 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
	{DLA-2135-1}
	- jackson-databind 2.11.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u2
	[stretch] - jackson-databind 2.8.6-1+deb9u7
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2634
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
CVE-2020-9546 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
	{DLA-2135-1}
	- jackson-databind 2.11.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u2
	[stretch] - jackson-databind 2.8.6-1+deb9u7
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2631
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
CVE-2020-9545 (Pale Moon 28.x before 28.8.4 has a segmentation fault related to modul ...)
	NOT-FOR-US: Pale Moon
CVE-2020-9544 (An issue was discovered on D-Link DSL-2640B E1 EU_1.01 devices. The ad ...)
	NOT-FOR-US: D-Link
CVE-2020-9543 (OpenStack Manila &lt;7.4.1, &gt;=8.0.0 &lt;8.1.1, and &gt;=9.0.0 &lt;9 ...)
	- manila 1:9.0.0-5 (bug #953581)
	[buster] - manila 1:7.0.0-1+deb10u1
	[stretch] - manila <no-dsa> (Minor issue)
	NOTE: https://bugs.launchpad.net/manila/+bug/1861485
	NOTE: https://security.openstack.org/ossa/OSSA-2020-002.html
CVE-2020-9542
	RESERVED
CVE-2020-9541
	RESERVED
CVE-2020-9540 (Sophos HitmanPro.Alert before build 861 allows local elevation of priv ...)
	NOT-FOR-US: Sophos
CVE-2020-9539
	RESERVED
CVE-2020-9538
	RESERVED
CVE-2020-9537
	RESERVED
CVE-2020-9536
	RESERVED
CVE-2020-9535 (fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overfl ...)
	NOT-FOR-US: D-Link
CVE-2020-9534 (fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overfl ...)
	NOT-FOR-US: D-Link
CVE-2020-9533
	RESERVED
CVE-2020-9532
	RESERVED
CVE-2020-9531 (An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. In t ...)
	NOT-FOR-US: Xiaomi
CVE-2020-9530 (An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. The  ...)
	NOT-FOR-US: Xiaomi
CVE-2020-9529 (Firmware developed by Shenzhen Hichip Vision Technology (V6 through V2 ...)
	NOT-FOR-US: Firmware developed by Shenzhen Hichip Vision Technology
CVE-2020-9528 (Firmware developed by Shenzhen Hichip Vision Technology (V6 through V2 ...)
	NOT-FOR-US: Firmware developed by Shenzhen Hichip Vision Technology
CVE-2020-9527 (Firmware developed by Shenzhen Hichip Vision Technology (V6 through V2 ...)
	NOT-FOR-US: Firmware developed by Shenzhen Hichip Vision Technology
CVE-2020-9526 (CS2 Network P2P through 3.x, as used in millions of Internet of Things ...)
	NOT-FOR-US: CS2 Network P2P
CVE-2020-9525 (CS2 Network P2P through 3.x, as used in millions of Internet of Things ...)
	NOT-FOR-US: CS2 Network P2P
CVE-2020-9524 (Cross Site scripting vulnerability on Micro Focus Enterprise Server an ...)
	NOT-FOR-US: Micro Focus
CVE-2020-9523 (Insufficiently protected credentials vulnerability on Micro Focus ente ...)
	NOT-FOR-US: Micro Focus
CVE-2020-9522 (Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Enter ...)
	NOT-FOR-US: Micro Focus
CVE-2020-9521 (An SQL injection vulnerability was discovered in Micro Focus Service M ...)
	NOT-FOR-US: Micro Focus
CVE-2020-9520 (A stored XSS vulnerability was discovered in Micro Focus Vibe, affecti ...)
	NOT-FOR-US: Micro Focus Vibe
CVE-2020-9519 (HTTP methods reveled in Web services vulnerability in Micro Focus Serv ...)
	NOT-FOR-US: Micro Focus
CVE-2020-9518 (Login filter can access configuration files vulnerability in Micro Foc ...)
	NOT-FOR-US: Micro Focus
CVE-2020-9517 (There is an improper restriction of rendered UI layers or frames vulne ...)
	NOT-FOR-US: Micro Focus
CVE-2020-9516
	RESERVED
CVE-2020-9515
	RESERVED
CVE-2020-9514 (An issue was discovered in the IMPress for IDX Broker plugin before 2. ...)
	NOT-FOR-US: IMPress for IDX Broker plugin for WordPress
CVE-2020-9513
	RESERVED
CVE-2020-9512
	RESERVED
CVE-2020-9511
	RESERVED
CVE-2020-9510
	RESERVED
CVE-2020-9509
	RESERVED
CVE-2020-9508
	RESERVED
CVE-2020-9507
	RESERVED
CVE-2020-9506
	RESERVED
CVE-2020-9505
	RESERVED
CVE-2020-9504
	RESERVED
CVE-2020-9503
	RESERVED
CVE-2020-9502 (Some Dahua products with Build time before December 2019 have Session  ...)
	NOT-FOR-US: Dahua
CVE-2020-9501 (Attackers can obtain Cloud Key information from the Dahua Web P2P cont ...)
	NOT-FOR-US: Dahua
CVE-2020-9500 (Some products of Dahua have Denial of Service vulnerabilities. After t ...)
	NOT-FOR-US: Dahua
CVE-2020-9499 (Some Dahua products have buffer overflow vulnerabilities. After the su ...)
	NOT-FOR-US: Dahua
CVE-2020-9498 (Apache Guacamole 1.1.0 and older may mishandle pointers involved inpro ...)
	{DLA-2435-1}
	- guacamole-server 1.3.0-1 (bug #964195)
	NOTE: https://www.openwall.com/lists/oss-security/2020/07/02/3
	NOTE: https://research.checkpoint.com/2020/apache-guacamole-rce/
	NOTE: Fixed by https://github.com/apache/guacamole-server/commit/a0e11dc81727528224d28466903454e1cb0266bb
CVE-2020-9497 (Apache Guacamole 1.1.0 and older do not properly validate datareceived ...)
	{DLA-2435-1}
	- guacamole-server 1.3.0-1 (bug #964195)
	NOTE: https://www.openwall.com/lists/oss-security/2020/07/02/2
	NOTE: https://research.checkpoint.com/2020/apache-guacamole-rce/
	NOTE: Fixed by https://github.com/apache/guacamole-server/commit/a0e11dc81727528224d28466903454e1cb0266bb
CVE-2020-9496 (XML-RPC request are vulnerable to unsafe deserialization and Cross-Sit ...)
	NOT-FOR-US: Apache OFBiz
CVE-2020-9495 (Apache Archiva login service before 2.2.5 is vulnerable to LDAP inject ...)
	NOT-FOR-US: Apache Archiva
CVE-2020-9494 (Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8. ...)
	{DSA-4710-1}
	- trafficserver 8.0.8+ds-1 (bug #963629)
	NOTE: https://github.com/apache/trafficserver/pull/6922
CVE-2020-9493 (A deserialization flaw was found in Apache Chainsaw versions prior to  ...)
	NOT-FOR-US: Apache Chainsaw
CVE-2020-9492 (In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alph ...)
	- hadoop <itp> (bug #793644)
CVE-2020-9491 (In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by  ...)
	NOT-FOR-US: Apache NiFi
CVE-2020-9490 (Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted valu ...)
	{DSA-4757-1}
	- apache2 2.4.46-1
	[stretch] - apache2 <ignored> (Too intrusive to backport)
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-9490
	NOTE: https://www.openwall.com/lists/oss-security/2020/08/07/4
	NOTE: https://svn.apache.org/r1880396
	NOTE: https://github.com/apache/httpd/commit/a61223e9cb906110f35ec144b93fee9eb80ad6e4
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=2030
CVE-2020-9489 (A carefully crafted or corrupt file may trigger a System.exit in Tika' ...)
	- tika <unfixed> (bug #984666)
	[bullseye] - tika <no-dsa> (Minor issue)
	[buster] - tika <no-dsa> (Minor issue)
	[jessie] - tika <ignored> (the fix is too invasive to backport)
	NOTE: https://www.openwall.com/lists/oss-security/2020/04/24/1
CVE-2020-9488 (Improper validation of certificate with host mismatch in Apache Log4j  ...)
	{DLA-2852-1}
	- apache-log4j2 2.13.3-1 (bug #959450)
	[buster] - apache-log4j2 2.15.0-1~deb10u1
	[jessie] - apache-log4j2 <no-dsa> (Minor issue; set mail.smtp.ssl.checkserveridentity to true to enable hostname verification)
	NOTE: https://www.openwall.com/lists/oss-security/2020/04/25/1
	NOTE: https://issues.apache.org/jira/browse/LOG4J2-2819
	NOTE: https://gitbox.apache.org/repos/asf?p=logging-log4j2.git;h=6851b5083ef9610bae320bf07e1f24d2aa08851b (release-2.x)
	NOTE: https://gitbox.apache.org/repos/asf?p=logging-log4j2.git;h=fb91a3d71e2f3dadad6fd1beb2ab857f44fe8bbb (master)
CVE-2020-9487 (In Apache NiFi 1.0.0 to 1.11.4, the NiFi download token (one-time pass ...)
	NOT-FOR-US: Apache NiFi
CVE-2020-9486 (In Apache NiFi 1.10.0 to 1.11.4, the NiFi stateless execution engine p ...)
	NOT-FOR-US: Apache NiFi
CVE-2020-9485 (An issue was found in Apache Airflow versions 1.10.10 and below. A sto ...)
	- airflow <itp> (bug #819700)
CVE-2020-9484 (When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to  ...)
	{DSA-4727-1 DLA-2279-1 DLA-2217-1 DLA-2209-1}
	- tomcat9 9.0.35-1 (bug #961209)
	- tomcat8 <removed>
	- tomcat7 <removed>
	[stretch] - tomcat7 <ignored> (No components in libservlet3.0-java binary package are affected)
	NOTE: https://github.com/apache/tomcat/commit/bb33048e3f9b4f2b70e4da2e6c4e34ca89023b1b (10.0.0-M5)
	NOTE: https://github.com/apache/tomcat/commit/3aa8f28db7efb311cdd1b6fe15a9cd3b167a2222 (9.0.35)
	NOTE: https://github.com/apache/tomcat/commit/ec08af18d0f9ddca3f2d800ef66fe7fd20afef2f (8.5.55)
	NOTE: https://github.com/apache/tomcat/commit/53e30390943c18fca0c9e57dbcc14f1c623cfd06 (7.0.104)
CVE-2020-9483 (**Resolved** When use H2/MySQL/TiDB as Apache SkyWalking storage, the  ...)
	NOT-FOR-US: Apache SkyWalking
CVE-2020-9482 (If NiFi Registry 0.1.0 to 0.5.0 uses an authentication mechanism other ...)
	NOT-FOR-US: Apache NiFi
CVE-2020-9481 (Apache ATS 6.0.0 to 6.2.3, 7.0.0 to 7.1.9, and 8.0.0 to 8.0.6 is vulne ...)
	{DSA-4672-1}
	- trafficserver 8.0.7+ds-1
	NOTE: https://lists.apache.org/thread.html/rcb8bae0b289d71d18a3220be256c1dfcc4d9ab49d2d6e07d1eac7c9d%40%3Cannounce.trafficserver.apache.org%3E
	NOTE: https://github.com/apache/trafficserver/commit/50441b39e6631389ef95c4133f06bbf94544879c
CVE-2020-9480 (In Apache Spark 2.4.5 and earlier, a standalone resource manager's mas ...)
	- apache-spark <itp> (bug #802194)
CVE-2020-9479 (When loading a UDF, a specially crafted zip file could allow files to  ...)
	NOT-FOR-US: Apache AsterixDB
CVE-2020-9478 (An issue was discovered in Rubrik 5.0.3-2296. An OS command injection  ...)
	NOT-FOR-US: Rubrik
CVE-2020-9477 (An issue was discovered on HUMAX HGA12R-02 BRGCAA 1.1.53 devices. A vu ...)
	NOT-FOR-US: HUMAX HGA12R-02 BRGCAA devices
CVE-2020-9476 (ARRIS TG1692A devices allow remote attackers to discover the administr ...)
	NOT-FOR-US: ARRIS TG1692A devices
CVE-2020-9475 (The S. Siedle &amp; Soehne SG 150-0 Smart Gateway before 1.2.4 allows  ...)
	NOT-FOR-US: S. Siedle & Soehne SG 150-0 Smart Gateway
CVE-2020-9474 (The S. Siedle &amp; Soehne SG 150-0 Smart Gateway before 1.2.4 allows  ...)
	NOT-FOR-US: S. Siedle & Soehne SG 150-0 Smart Gateway
CVE-2020-9473 (The S. Siedle &amp; Soehne SG 150-0 Smart Gateway before 1.2.4 has a p ...)
	NOT-FOR-US: S. Siedle & Soehne SG 150-0 Smart Gateway
CVE-2020-9472 (Umbraco CMS 8.5.3 allows an authenticated file upload (and consequentl ...)
	NOT-FOR-US: Umbraco CMS
CVE-2020-9471 (Umbraco Cloud 8.5.3 allows an authenticated file upload (and consequen ...)
	NOT-FOR-US: Umbraco
CVE-2020-9470 (An issue was discovered in Wing FTP Server 6.2.5 before February 2020. ...)
	NOT-FOR-US: Wing FTP Server
CVE-2020-9469
	RESERVED
CVE-2020-9468 (The Community plugin 2.9.e-beta for Piwigo allows users to set image i ...)
	- piwigo <removed>
CVE-2020-9467 (Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php reque ...)
	- piwigo <removed>
CVE-2020-9466 (The Export Users to CSV plugin through 1.4.2 for WordPress allows CSV  ...)
	NOT-FOR-US: Export Users to CSV plugin for WordPress
CVE-2020-9465 (An issue was discovered in EyesOfNetwork eonweb 5.1 through 5.3 before ...)
	NOT-FOR-US: EyesOfNetwork (EON)
CVE-2020-9464 (A Denial-of-Service vulnerability exists in BECKHOFF Ethernet TCP/IP B ...)
	NOT-FOR-US: BECKHOFF Ethernet TCP/IP Bus Coupler BK9000
CVE-2020-9463 (Centreon 19.10 allows remote authenticated users to execute arbitrary  ...)
	- centreon-web <itp> (bug #913903)
CVE-2020-9462 (An issue was discovered in all Athom Homey and Homey Pro devices up to ...)
	NOT-FOR-US: Athom
CVE-2020-9461 (Octech Oempro 4.7 through 4.11 allow stored XSS by an authenticated us ...)
	NOT-FOR-US: Octech Oempro
CVE-2020-9460 (Octech Oempro 4.7 through 4.11 allow XSS by an authenticated user. The ...)
	NOT-FOR-US: Octech Oempro
CVE-2020-9459 (Multiple Stored Cross-site scripting (XSS) vulnerabilities in the Webn ...)
	NOT-FOR-US: Webnus Modern Events Calendar Lite plugin for WordPress
CVE-2020-9458 (In the RegistrationMagic plugin through 4.6.0.3 for WordPress, the exp ...)
	NOT-FOR-US: RegistrationMagic plugin for WordPress
CVE-2020-9457 (The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remo ...)
	NOT-FOR-US: RegistrationMagic plugin for WordPress
CVE-2020-9456 (In the RegistrationMagic plugin through 4.6.0.3 for WordPress, the use ...)
	NOT-FOR-US: RegistrationMagic plugin for WordPress
CVE-2020-9455 (The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remo ...)
	NOT-FOR-US: RegistrationMagic plugin for WordPress
CVE-2020-9454 (A CSRF vulnerability in the RegistrationMagic plugin through 4.6.0.3 f ...)
	NOT-FOR-US: RegistrationMagic plugin for WordPress
CVE-2020-9453 (In Epson iProjection v2.30, the driver file EMP_MPAU.sys allows local  ...)
	NOT-FOR-US: Epson
CVE-2020-9452 (An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ra ...)
	NOT-FOR-US: Acronis
CVE-2020-9451 (An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ra ...)
	NOT-FOR-US: Acronis
CVE-2020-9450 (An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ra ...)
	NOT-FOR-US: Acronis
CVE-2020-9449 (An insecure random number generation vulnerability in BlaB! AX, BlaB!  ...)
	NOT-FOR-US: BlaB!
CVE-2020-9448
	RESERVED
CVE-2020-9447 (There is an XSS (cross-site scripting) vulnerability in GwtUpload 1.0. ...)
	NOT-FOR-US: GwtUpload
CVE-2020-9446
	RESERVED
CVE-2020-9445 (Zulip Server before 2.1.3 allows XSS via the modal_link feature in the ...)
	- zulip-server <itp> (bug #800052)
CVE-2020-9444 (Zulip Server before 2.1.3 allows reverse tabnabbing via the Markdown f ...)
	- zulip-server <itp> (bug #800052)
CVE-2020-9443 (Zulip Desktop before 4.0.3 loaded untrusted content in an Electron web ...)
	NOT-FOR-US: Zulip Desktop (different from itp'ed zulip-server)
CVE-2020-9442 (OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PRO ...)
	NOT-FOR-US: OpenVPN Connect on Windows
CVE-2020-9441
	RESERVED
CVE-2020-9440 (A cross-site scripting (XSS) vulnerability in the WSC plugin through 5 ...)
	NOT-FOR-US: CKEditor plugin
CVE-2020-9439 (Multiple cross-site scripting (XSS) vulnerabilities in Uncanny Owl Tin ...)
	NOT-FOR-US: Uncanny Owl Tin Canny LearnDash Reporting
CVE-2020-9438 (Tinxy Door Lock with firmware before 3.2 allow attackers to unlock a d ...)
	NOT-FOR-US: Tinxy Door Lock
CVE-2020-9437 (SecureAuth.aspx in SecureAuth IdP 9.3.0 suffers from a client-side tem ...)
	NOT-FOR-US: SecureAuth IdP
CVE-2020-9436 (PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G  ...)
	NOT-FOR-US: PHOENIX
CVE-2020-9435 (PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G  ...)
	NOT-FOR-US: PHOENIX
CVE-2020-9434 (openssl_x509_check_ip_asc in lua-openssl 0.7.7-1 mishandles X.509 cert ...)
	NOT-FOR-US: lua-openssl (different from lua-luaossl)
CVE-2020-9433 (openssl_x509_check_email in lua-openssl 0.7.7-1 mishandles X.509 certi ...)
	NOT-FOR-US: lua-openssl (different from lua-luaossl)
CVE-2020-9432 (openssl_x509_check_host in lua-openssl 0.7.7-1 mishandles X.509 certif ...)
	NOT-FOR-US: lua-openssl (different from lua-luaossl)
CVE-2020-9427 (OX Guard 2.10.3 and earlier allows SSRF. ...)
	NOT-FOR-US: OX Guard
CVE-2020-9426 (OX Guard 2.10.3 and earlier allows XSS. ...)
	NOT-FOR-US: OX Guard
CVE-2020-9425 (An issue was discovered in includes/head.inc.php in rConfig before 3.9 ...)
	NOT-FOR-US: rConfig
CVE-2020-9424
	RESERVED
CVE-2020-9423 (LogicalDoc before 8.3.3 could allow an attacker to upload arbitrary fi ...)
	NOT-FOR-US: LogicalDoc
CVE-2020-9422
	RESERVED
CVE-2020-9421
	RESERVED
CVE-2020-9420
	RESERVED
CVE-2020-9419
	RESERVED
CVE-2020-9431 (In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the  ...)
	{DLA-2547-1}
	- wireshark 3.2.2-1
	[buster] - wireshark 2.6.20-0+deb10u1
	[jessie] - wireshark <not-affected> (composite TVB handling added later)
	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-03.html
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16341
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=086003c9d616906e08bbeeab9c17b3aa4c6ff850
CVE-2020-9430 (In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the  ...)
	{DLA-2547-1}
	- wireshark 3.2.2-1
	[buster] - wireshark 2.6.20-0+deb10u1
	[jessie] - wireshark <not-affected> (Vulnerable code not present)
	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-04.html
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16368
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16383
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6b98dc63701b1da1cc7681cb383dabb0b7007d73
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=93d6b03a67953b82880cdbdcf0d30e2a3246d790
CVE-2020-9428 (In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the  ...)
	{DLA-2547-1}
	- wireshark 3.2.2-1 (low)
	[buster] - wireshark 2.6.20-0+deb10u1
	[jessie] - wireshark <not-affected> (Vulnerable code not present)
	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-05.html
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16397
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9fe2de783dbcbe74144678d60a4e3923367044b2
CVE-2020-9429 (In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This ...)
	- wireshark 3.2.2-1
	[buster] - wireshark <not-affected> (Vulnerable code not present)
	[stretch] - wireshark <not-affected> (Vulnerable code not present)
	[jessie] - wireshark <not-affected> (Vulnerable code not present)
	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-06.html
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16394
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=73c5fff899f253c44a72657048aec7db6edee571
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a2530f740d67d41908e84434bb5ec99480c2ac2e
CVE-2020-9418 (An untrusted search path vulnerability in the installer of PDFescape D ...)
	NOT-FOR-US: PDFescape
CVE-2020-9417 (The Transaction Insight reporting component of TIBCO Software Inc.'s T ...)
	NOT-FOR-US: TIBCO
CVE-2020-9416 (The Spotfire client component of TIBCO Software Inc.'s TIBCO Spotfire  ...)
	NOT-FOR-US: TIBCO
CVE-2020-9415 (The TIBCO Data Virtualization Server component of TIBCO Software Inc.' ...)
	NOT-FOR-US: TIBCO
CVE-2020-9414 (The MFT admin service component of TIBCO Software Inc.'s TIBCO Managed ...)
	NOT-FOR-US: TIBCO
CVE-2020-9413 (The MFT Browser file transfer client and MFT Browser admin client comp ...)
	NOT-FOR-US: TIBCO
CVE-2020-9412 (The file transfer component of TIBCO Software Inc.'s TIBCO Managed Fil ...)
	NOT-FOR-US: TIBCO
CVE-2020-9411 (The file transfer component of TIBCO Software Inc.'s TIBCO Managed Fil ...)
	NOT-FOR-US: TIBCO
CVE-2020-9410 (The report generator component of TIBCO Software Inc.'s TIBCO JasperRe ...)
	NOT-FOR-US: TIBCO
CVE-2020-9409 (The administrative UI component of TIBCO Software Inc.'s TIBCO JasperR ...)
	NOT-FOR-US: TIBCO
CVE-2020-9408 (The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire ...)
	NOT-FOR-US: TIBCO
CVE-2020-9407 (IBL Online Weather before 4.3.5a allows attackers to obtain sensitive  ...)
	NOT-FOR-US: IBL Online Weather
CVE-2020-9406 (IBL Online Weather before 4.3.5a allows unauthenticated eval injection ...)
	NOT-FOR-US: IBL Online Weather
CVE-2020-9405 (IBL Online Weather before 4.3.5a allows unauthenticated reflected XSS  ...)
	NOT-FOR-US: IBL Online Weather
CVE-2020-9404 (In PACTware before 4.1 SP6 and 5.x before 5.0.5.31, passwords are stor ...)
	NOT-FOR-US: PACTware
CVE-2020-9403 (In PACTware before 4.1 SP6 and 5.x before 5.0.5.31, passwords are stor ...)
	NOT-FOR-US: PACTware
CVE-2020-9402 (Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 al ...)
	- python-django 2:2.2.11-1 (low; bug #953102)
	[buster] - python-django 1:1.11.29-1~deb10u1
	[stretch] - python-django <postponed> (Can be fixed along in a future DSA)
	[jessie] - python-django <not-affected> (Vulnerable code introduced later)
	NOTE: https://www.openwall.com/lists/oss-security/2020/03/04/1
	NOTE: Introduced by: https://github.com/django/django/commit/fcf494b48fea7c0c55ea29721ba0b2d250351ff8
	NOTE: Fixed by: https://github.com/django/django/commit/fe886a3b58a93cfbe8864b485f93cb6d426cd1f2 (v2.2)
	NOTE: Fixed by: https://github.com/django/django/commit/02d97f3c9a88adc890047996e5606180bd1c6166 (v1.11)
CVE-2020-9401
	RESERVED
CVE-2020-9400
	RESERVED
CVE-2020-9399 (The Avast AV parsing engine allows virus-detection bypass via a crafte ...)
	NOT-FOR-US: Avast AV parsing engine
CVE-2020-9398 (ISPConfig before 3.1.15p3, when the undocumented reverse_proxy_panel_a ...)
	NOT-FOR-US: ISPConfig
CVE-2020-9397
	RESERVED
CVE-2020-9396
	RESERVED
CVE-2020-9395 (An issue was discovered on Realtek RTL8195AM, RTL8711AM, RTL8711AF, an ...)
	NOT-FOR-US: Realtek
CVE-2020-9394 (An issue was discovered in the pricing-table-by-supsystic plugin befor ...)
	NOT-FOR-US: pricing-table-by-supsystic plugin for WordPress
CVE-2020-9393 (An issue was discovered in the pricing-table-by-supsystic plugin befor ...)
	NOT-FOR-US: pricing-table-by-supsystic plugin for WordPress
CVE-2020-9392 (An issue was discovered in the pricing-table-by-supsystic plugin befor ...)
	NOT-FOR-US: pricing-table-by-supsystic plugin for WordPress
CVE-2020-9390 (SquaredUp allowed Stored XSS before version 4.6.0. A user was able to  ...)
	NOT-FOR-US: SquaredUp
CVE-2020-9389 (A username enumeration issue was discovered in SquaredUp before versio ...)
	NOT-FOR-US: SquaredUp
CVE-2020-9388 (CSRF protection was not present in SquaredUp before version 4.6.0. A C ...)
	NOT-FOR-US: SquaredUp
CVE-2020-9387 (In Mahara 19.04 before 19.04.5 and 19.10 before 19.10.3, account detai ...)
	- mahara <removed>
CVE-2020-9386 (In Mahara 18.10 before 18.10.5, 19.04 before 19.04.4, and 19.10 before ...)
	- mahara <removed>
CVE-2020-9391 (An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6  ...)
	- linux 5.5.13-1
	[buster] - linux <not-affected> (Vulnerable code not present)
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/dcde237319e626d1ec3c9d8b7613032f0fd4663a
CVE-2020-9385 (A NULL Pointer Dereference exists in libzint in Zint 2.7.1 because mul ...)
	- zint <not-affected> (Fixed with initial upload to archive)
CVE-2020-9384 (** DISPUTED ** An Insecure Direct Object Reference (IDOR) vulnerabilit ...)
	NOT-FOR-US: Subex
CVE-2020-9383 (An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fd ...)
	{DSA-4698-1 DLA-2242-1 DLA-2241-1}
	- linux 5.5.13-1
	[buster] - linux 4.19.118-1
	NOTE: https://git.kernel.org/linus/2e90ca68b0d2f5548804f22f0dd61145516171e3
CVE-2020-9382 (An issue was discovered in the Widgets extension through 1.4.0 for Med ...)
	NOT-FOR-US: Widgets extension for MediaWiki
CVE-2020-9381 (controllers/admin.js in Total.js CMS 13 allows remote attackers to exe ...)
	NOT-FOR-US: Total.js CMS
CVE-2020-9380 (IPTV Smarters WEB TV PLAYER through 2020-02-22 allows attackers to exe ...)
	NOT-FOR-US: IPTV Smarters WEB TV PLAYER
CVE-2020-9379 (The Software Development Kit of the MiContact Center Business with Sit ...)
	NOT-FOR-US: Mitel
CVE-2020-9378
	RESERVED
CVE-2020-9377 (** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-610 devices allow Remote Co ...)
	NOT-FOR-US: D-Link
CVE-2020-9376 (** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-610 devices allow Informati ...)
	NOT-FOR-US: D-Link
CVE-2020-9375 (TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows re ...)
	NOT-FOR-US: TP-Link
CVE-2020-9374 (On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vu ...)
	NOT-FOR-US: TP-Link
CVE-2020-9373
	RESERVED
CVE-2020-9372 (The Appointment Booking Calendar plugin before 1.3.35 for WordPress al ...)
	NOT-FOR-US: Appointment Booking Calendar plugin for WordPress
CVE-2020-9371 (Stored XSS exists in the Appointment Booking Calendar plugin before 1. ...)
	NOT-FOR-US: Appointment Booking Calendar plugin for WordPress
CVE-2020-9370 (HUMAX HGA12R-02 BRGCAA 1.1.53 devices allow Session Hijacking. ...)
	NOT-FOR-US: HUMAX HGA12R-02 BRGCAA devices
CVE-2020-9369 (Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial  ...)
	{DSA-4818-1}
	- sympa 6.2.40~dfsg-4 (low; bug #952428)
	[stretch] - sympa <not-affected> (Vulnerability introduced later in 6.2.38)
	[jessie] - sympa <not-affected> (Vulnerability introduced later in 6.2.38)
	NOTE: https://github.com/sympa-community/sympa/issues/886
	NOTE: https://sympa-community.github.io/security/2020-001.html
	NOTE: Upstream patch: https://github.com/sympa-community/sympa/releases/download/6.2.54/sympa-6.2.52-sa-2020-001.patch
CVE-2020-9368 (The Module Olea Gift On Order module through 5.0.8 for PrestaShop enab ...)
	NOT-FOR-US: Module Olea Gift On Order module for PrestaShop
CVE-2020-9367 (The MPS Agent in Zoho ManageEngine Desktop Central MSP build MSP build ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2020-9365 (An issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) re ...)
	- pure-ftpd 1.0.49-3 (bug #952471)
	[buster] - pure-ftpd <no-dsa> (Minor issue)
	[stretch] - pure-ftpd <no-dsa> (Minor issue)
	[jessie] - pure-ftpd <not-affected> (Vulnerable code does not exist)
	NOTE: https://github.com/jedisct1/pure-ftpd/commit/36c6d268cb190282a2c17106acfd31863121b
CVE-2020-9364 (An issue was discovered in helpers/mailer.php in the Creative Contact  ...)
	NOT-FOR-US: Creative Contact Form extension for Joomla!
CVE-2020-9363 (The Sophos AV parsing engine before 2020-01-14 allows virus-detection  ...)
	NOT-FOR-US: Sophos AV
CVE-2020-9362 (The Quick Heal AV parsing engine (November 2019) allows virus-detectio ...)
	NOT-FOR-US: Quick Heal AV parsing engine
CVE-2020-9366 (A buffer overflow was found in the way GNU Screen before 4.8.0 treated ...)
	- screen 4.8.0-1 (bug #950896)
	[buster] - screen <not-affected> (Vulnerable code introduced in v4.7.0)
	[stretch] - screen <not-affected> (Vulnerable code introduced in v4.7.0)
	[jessie] - screen <not-affected> (Vulnerable code introduced in v4.7.0)
	NOTE: https://lists.gnu.org/archive/html/screen-devel/2020-02/msg00007.html
	NOTE: https://www.openwall.com/lists/oss-security/2020/02/06/3
	NOTE: Fixed by: https://git.savannah.gnu.org/cgit/screen.git/commit/?id=68386dfb1fa33471372a8cd2e74686758a2f527b (v4.8.0)
	NOTE: Follow-up: https://git.savannah.gnu.org/cgit/screen.git/commit/?id=0dd53533e20d2948351a99ec5336fbc9b82b226a (v4.8.0)
	NOTE: Introduced due to: https://git.savannah.gnu.org/cgit/screen.git/commit/?id=c5db181b6e017cfccb8d7842ce140e59294d9f62 (v4.7.0)
CVE-2020-9361 (CryptoPro CSP through 5.0.0.10004 on 64-bit platforms allows local use ...)
	NOT-FOR-US: CryptoPro CSP
CVE-2020-9360
	RESERVED
CVE-2020-9359 (KDE Okular before 1.10.0 allows code execution via an action link in a ...)
	{DLA-2856-1 DLA-2159-1}
	- okular 4:19.12.3-2 (bug #954891)
	[buster] - okular 4:17.12.2-2.2+deb10u1
	NOTE: https://invent.kde.org/kde/okular/-/commit/6a93a033b4f9248b3cd4d04689b8391df754e244
	NOTE: https://kde.org/info/security/advisory-20200312-1.txt
	NOTE: https://sysdream.com/news/lab/2020-03-24-cve-2020-9359-okular-command-execution/ (PoC)
CVE-2020-9358
	RESERVED
CVE-2020-9357
	RESERVED
CVE-2020-9356
	RESERVED
CVE-2020-9354 (An issue was discovered in SmartClient 12.0. The Remote Procedure Call ...)
	NOT-FOR-US: SmartClient
CVE-2020-9353 (An issue was discovered in SmartClient 12.0. The Remote Procedure Call ...)
	NOT-FOR-US: SmartClient
CVE-2020-9352 (An issue was discovered in SmartClient 12.0. Unauthenticated exploitat ...)
	NOT-FOR-US: SmartClient
CVE-2020-9351 (An issue was discovered in SmartClient 12.0. If an unauthenticated att ...)
	NOT-FOR-US: SmartClient
CVE-2020-9350 (Graph Builder in SAS Visual Analytics 8.5 allows XSS via a graph templ ...)
	NOT-FOR-US: Graph Builder in SAS Visual Analytics
CVE-2020-9349 (The CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP with firmwar ...)
	NOT-FOR-US: CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP
CVE-2020-9348
	RESERVED
CVE-2020-9347 (** DISPUTED ** Zoho ManageEngine Password Manager Pro through 10.x has ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2020-9346 (Zoho ManageEngine Password Manager Pro 10.4 and prior has no protectio ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2020-9345 (An issue was discovered in signotec signoPAD-API/Web (formerly Websock ...)
	NOT-FOR-US: signoPAD-API/Web
CVE-2020-9344 (Subversion ALM for the enterprise before 8.8.2 allows reflected XSS at ...)
	NOT-FOR-US: Subversion ALM
CVE-2020-9343 (An issue was discovered in signotec signoPAD-API/Web (formerly Websock ...)
	NOT-FOR-US: signoPAD-API/Web
CVE-2020-9342 (The F-Secure AV parsing engine before 2020-02-05 allows virus-detectio ...)
	NOT-FOR-US: F-Secure AV parsing engine
CVE-2020-9341 (CandidATS 2.1.0 is vulnerable to CSRF that allows for an administrator ...)
	NOT-FOR-US: CandidATS
CVE-2020-9340 (fauzantrif eLection 2.0 has SQL Injection via the admin/ajax/op_kandid ...)
	NOT-FOR-US: fauzantrif eLection
CVE-2020-9339 (SOPlanning 1.45 allows XSS via the Name or Comment to status.php. ...)
	NOT-FOR-US: SOPlanning
CVE-2020-9338 (SOPlanning 1.45 allows XSS via the "Your SoPlanning url" field. ...)
	NOT-FOR-US: SOPlanning
CVE-2020-9337 (In GolfBuddy Course Manager 1.1, passwords are sent (with base64 encod ...)
	NOT-FOR-US: GolfBuddy Course Manager
CVE-2020-9336 (fauzantrif eLection 2.0 has XSS via the Admin Dashboard -&gt; Settings ...)
	NOT-FOR-US: fauzantrif eLection
CVE-2020-6816 (In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCD ...)
	{DSA-4643-1}
	- python-bleach 3.1.3-1 (bug #954236)
	[stretch] - python-bleach <ignored> (Requires invasive changes to address issue)
	[jessie] - python-bleach <ignored> (Requires invasive change to address issue)
	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1621692 (not public)
	NOTE: https://github.com/mozilla/bleach/security/advisories/GHSA-m6xf-fq7q-8743
	NOTE: https://github.com/mozilla/bleach/commit/175f67740e7951e1d80cefb7831e6c3e4efeb986
CVE-2020-6802 (In Mozilla Bleach before 3.11, a mutation XSS affects users calling bl ...)
	{DSA-4636-1}
	- python-bleach 3.1.1-1 (bug #951907)
	[stretch] - python-bleach <ignored> (Requires invasive changes to address issue)
	[jessie] - python-bleach <ignored> (Fix too invasive in jessie; uses external html5 parser)
	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1615315 (not public)
	NOTE: https://github.com/mozilla/bleach/security/advisories/GHSA-q65m-pv3f-wr5r
	NOTE: https://github.com/mozilla/bleach/commit/f77e0f6392177a06e46a49abd61a4d9f035e57fd
CVE-2020-9335 (Multiple stored XSS vulnerabilities exist in the 10Web Photo Gallery p ...)
	NOT-FOR-US: 10Web Photo Gallery plugin for WordPress
CVE-2020-9334 (A stored XSS vulnerability exists in the Envira Photo Gallery plugin t ...)
	NOT-FOR-US: Envira Photo Gallery plugin for WordPress
CVE-2020-9333
	RESERVED
CVE-2020-9332 (ftusbbus2.sys in FabulaTech USB for Remote Desktop through 2020-02-19  ...)
	NOT-FOR-US: FabulaTech
CVE-2020-9331 (CryptoPro CSP through 5.0.0.10004 on 32-bit platforms allows Local Pri ...)
	NOT-FOR-US: CryptoPro CSP
CVE-2020-9330 (Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not requ ...)
	NOT-FOR-US: Xerox
CVE-2020-9329 (Gogs through 0.11.91 allows attackers to violate the admin-specified r ...)
	NOT-FOR-US: Go Git Service
CVE-2020-9328
	RESERVED
CVE-2020-9327 (In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger  ...)
	- sqlite3 3.31.1-3 (bug #951835)
	[buster] - sqlite3 <not-affected> (Vulnerable code not present)
	[stretch] - sqlite3 <not-affected> (vulnerable code not present)
	[jessie] - sqlite3 <not-affected> (vulnerable code not present)
	NOTE: https://www.sqlite.org/cgi/src/info/4374860b29383380
	NOTE: https://www.sqlite.org/cgi/src/info/9d0d4ab95dc0c56e
	NOTE: https://www.sqlite.org/cgi/src/info/abc473fb8fb99900
	NOTE: https://github.com/sqlite/sqlite/commit/bf48ce49f7c25e5d4524de9fdc5c0d505218d06d
	NOTE: https://github.com/sqlite/sqlite/commit/78d1d225d87af40f5bdca57fa72f00b6ffaffa21
CVE-2020-9326 (BeyondTrust Privilege Management for Windows and Mac (aka PMWM; former ...)
	NOT-FOR-US: BeyondTrust Privilege Management for Windows and Mac
CVE-2020-9325 (Aquaforest TIFF Server 4.0 allows Unauthenticated Arbitrary File Downl ...)
	NOT-FOR-US: Aquaforest TIFF Server
CVE-2020-9324 (Aquaforest TIFF Server 4.0 allows Unauthenticated SMB Hash Capture via ...)
	NOT-FOR-US: Aquaforest TIFF Server
CVE-2020-9323 (Aquaforest TIFF Server 4.0 allows Unauthenticated File and Directory E ...)
	NOT-FOR-US: Aquaforest TIFF Server
CVE-2020-9322
	RESERVED
CVE-2020-9321 (configurationwatcher.go in Traefik 2.x before 2.1.4 and TraefikEE 2.0. ...)
	NOT-FOR-US: Traefik
CVE-2020-9320 (** DISPUTED ** Avira AV Engine before 8.3.54.138 allows virus-detectio ...)
	NOT-FOR-US: Avira
CVE-2020-9319
	RESERVED
CVE-2020-9318 (Red Gate SQL Monitor 9.0.13 through 9.2.14 allows an administrative us ...)
	NOT-FOR-US: Red Gate SQL Monitor
CVE-2020-9317
	RESERVED
CVE-2020-9316
	RESERVED
CVE-2020-9315 (** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7. ...)
	NOT-FOR-US: Oracle
CVE-2020-9314 (** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7. ...)
	NOT-FOR-US: Oracle
CVE-2020-9313
	RESERVED
CVE-2020-9312
	RESERVED
CVE-2020-9311 (In SilverStripe through 4.5, malicious users with a valid Silverstripe ...)
	NOT-FOR-US: SilverStripe
CVE-2020-9310
	REJECTED
CVE-2020-9309 (Silverstripe CMS through 4.5 can be susceptible to script execution fr ...)
	NOT-FOR-US: SilverStripe
CVE-2020-9308 (archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts ...)
	- libarchive 3.4.0-2 (bug #951759)
	[buster] - libarchive <not-affected> (rar5 support added in 3.4.0)
	[stretch] - libarchive <not-affected> (rar5 support added in 3.4.0)
	[jessie] - libarchive <not-affected> (rar5 support added in 3.4.0)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20459
	NOTE: https://github.com/libarchive/libarchive/pull/1326
	NOTE: https://github.com/libarchive/libarchive/commit/94821008d6eea81e315c5881cdf739202961040a
CVE-2020-9307 (Hirschmann OS2, RSP, and RSPE devices before HiOS 08.3.00 allow a deni ...)
	NOT-FOR-US: Hirschmann OS2, RSP, and RSPE devices
CVE-2020-9306 (Tesla SolarCity Solar Monitoring Gateway through 5.46.43 has a "Use of ...)
	NOT-FOR-US: Tesla SolarCity Solar Monitoring Gateway
CVE-2020-9305
	RESERVED
CVE-2020-9304
	RESERVED
CVE-2020-9303
	RESERVED
CVE-2020-9302
	RESERVED
CVE-2020-9301 (Nolan Ray from Apple Information Security identified a security vulner ...)
	NOT-FOR-US: Spinnaker
CVE-2020-9300 (The Access Control issues include allowing a regular user to view a re ...)
	NOT-FOR-US: Netflix dispatch
CVE-2020-9299 (There were XSS vulnerabilities discovered and reported in the Dispatch ...)
	NOT-FOR-US: Netflix dispatch
CVE-2020-9298 (The Spinnaker template resolution functionality is vulnerable to Serve ...)
	NOT-FOR-US: Spinnaker
CVE-2020-9297 (Netflix Titus, all versions prior to version v0.1.1-rc.274, uses Java  ...)
	NOT-FOR-US: Netflix Titus
CVE-2020-9296 (Netflix Titus uses Java Bean Validation (JSR 380) custom constraint va ...)
	NOT-FOR-US: Netflix Conductor
CVE-2020-9295
	RESERVED
CVE-2020-9294 (An improper authentication vulnerability in FortiMail 5.4.10, 6.0.7, 6 ...)
	NOT-FOR-US: FortiMail Fortiguard
CVE-2020-9293
	RESERVED
CVE-2020-9292 (An unquoted service path vulnerability in the FortiSIEM Windows Agent  ...)
	NOT-FOR-US: Fortiguard
CVE-2020-9291 (An Insecure Temporary File vulnerability in FortiClient for Windows 6. ...)
	NOT-FOR-US: Fortiguard / FortiClient for Windows
CVE-2020-9290 (An Unsafe Search Path vulnerability in FortiClient for Windows online  ...)
	NOT-FOR-US: Fortiguard
CVE-2020-9289 (Use of a hard-coded cryptographic key to encrypt password data in CLI  ...)
	NOT-FOR-US: Fortiguard
CVE-2020-9288 (An improper neutralization of input vulnerability in FortiWLC 8.5.1 al ...)
	NOT-FOR-US: Fortinet
CVE-2020-9287 (An Unsafe Search Path vulnerability in FortiClient EMS online installe ...)
	NOT-FOR-US: Fortiguard
CVE-2020-9286 (An improper authorization vulnerability in FortiADC may allow a remote ...)
	NOT-FOR-US: Fortiguard
CVE-2020-9285
	RESERVED
CVE-2020-9284
	RESERVED
CVE-2020-9283 (golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go a ...)
	{DLA-2455-1 DLA-2453-1 DLA-2402-1}
	- golang-go.crypto 1:0.0~git20200221.2aa609c-1 (bug #952462)
	[buster] - golang-go.crypto <no-dsa> (Minor issue)
	[jessie] - golang-go.crypto <no-dsa> (Minor issue)
	NOTE: https://github.com/golang/crypto/commit/bac4c82f69751a6dd76e702d54b3ceb88adab236
CVE-2020-9282 (In Mahara 18.10 before 18.10.5, 19.04 before 19.04.4, and 19.10 before ...)
	- mahara <removed>
CVE-2020-9281 (A cross-site scripting (XSS) vulnerability in the HTML Data Processor  ...)
	NOT-FOR-US: CKEditor plugin
CVE-2020-9280 (In SilverStripe through 4.5, files uploaded via Forms to folders migra ...)
	NOT-FOR-US: SilverStripe
CVE-2020-9279 (An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A har ...)
	NOT-FOR-US: D-Link
CVE-2020-9278 (An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. The d ...)
	NOT-FOR-US: D-Link
CVE-2020-9277 (An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. Authe ...)
	NOT-FOR-US: D-Link
CVE-2020-9276 (An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. The f ...)
	NOT-FOR-US: D-Link
CVE-2020-9275 (An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A cfm ...)
	NOT-FOR-US: D-Link
CVE-2020-9274 (An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer  ...)
	{DLA-2123-1}
	- pure-ftpd 1.0.49-4 (bug #952666)
	[buster] - pure-ftpd <no-dsa> (Minor issue)
	[stretch] - pure-ftpd <no-dsa> (Minor issue)
	NOTE: https://github.com/jedisct1/pure-ftpd/commit/8d0d42542e2cb7a56d645fbe4d0ef436e38bcefa
	NOTE: though the CVE description does not specifically say, the issue seems to be an
	NOTE: out-of-bounds memory read which may result in information disclosure;
	NOTE: probably not the end of the world, but it is made worse by use of the rather
	NOTE: unsafe strcmp() instead of strncmp() in the vulnerable functions
CVE-2020-9273 (In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interru ...)
	{DSA-4635-1 DLA-2115-2 DLA-2115-1}
	- proftpd-dfsg 1.3.6c-2 (bug #951800)
	NOTE: https://github.com/proftpd/proftpd/issues/903
	NOTE: https://github.com/proftpd/proftpd/commit/d388f7904d4c9a6d0ea54237b8b54a57c19d8d49 (master)
	NOTE: https://github.com/proftpd/proftpd/commit/f8047a1ed0e0eb15193f555c4cbbb281e705c5c3 (master)
	NOTE: https://github.com/proftpd/proftpd/commit/e845abc1bd86eebec7a0342fded908a1b0f1996b (1.3.6c)
	NOTE: https://github.com/proftpd/proftpd/commit/cd9036f4ef7a05c107f0ffcb19a018b20267c531 (1.3.6-branch)
CVE-2020-9272 (ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap ...)
	- proftpd-dfsg 1.3.6c-1 (unimportant)
	NOTE: https://github.com/proftpd/proftpd/issues/902
	NOTE: Debian does not build mod_cap and does not use the embedded libcap.
	NOTE: Sourcewise fixed in 1.3.6c by updating to the lastest libcap.
CVE-2020-9271 (ICE Hrm 26.2.0 is vulnerable to CSRF that leads to user creation via s ...)
	NOT-FOR-US: ICE Hrm
CVE-2020-9270 (ICE Hrm 26.2.0 is vulnerable to CSRF that leads to password reset via  ...)
	NOT-FOR-US: ICE Hrm
CVE-2020-9269 (SOPlanning 1.45 is vulnerable to authenticated SQL Injection that lead ...)
	NOT-FOR-US: SOPlanning
CVE-2020-9268 (SoPlanning 1.45 is vulnerable to SQL Injection in the OrderBy clause,  ...)
	NOT-FOR-US: SOPlanning
CVE-2020-9267 (SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitra ...)
	NOT-FOR-US: SOPlanning
CVE-2020-9266 (SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitra ...)
	NOT-FOR-US: SOPlanning
CVE-2020-9265 (phpMyChat-Plus 1.98 is vulnerable to multiple SQL injections against t ...)
	NOT-FOR-US: phpMyChat-Plus
CVE-2020-9264 (ESET Archive Support Module before 1296 allows virus-detection bypass  ...)
	NOT-FOR-US: ESET
CVE-2020-9263 (HUAWEI Mate 30 versions earlier than 10.1.0.150(C00E136R5P3) and HUAWE ...)
	NOT-FOR-US: Huawei
CVE-2020-9262 (HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have ...)
	NOT-FOR-US: HUAWEI
CVE-2020-9261 (HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have ...)
	NOT-FOR-US: HUAWEI
CVE-2020-9260 (HUAWEI P30 and HUAWEI P30 Pro smartphones with versions earlier than 1 ...)
	NOT-FOR-US: HUAWEI
CVE-2020-9259 (Huawei Honor V30 smartphones with versions earlier than 10.1.0.212(C00 ...)
	NOT-FOR-US: Huawei
CVE-2020-9258 (HUAWEI P30 smartphone with versions earlier than 10.1.0.135(C00E135R2P ...)
	NOT-FOR-US: HUAWEI
CVE-2020-9257 (HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E ...)
	NOT-FOR-US: Huawei
CVE-2020-9256 (Huawei Mate 30 Pro smartphones with versions earlier than 10.1.0.150(C ...)
	NOT-FOR-US: Huawei
CVE-2020-9255 (Huawei Honor 10 smartphones with versions earlier than 10.0.0.178(C00E ...)
	NOT-FOR-US: Huawei
CVE-2020-9254 (HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E ...)
	NOT-FOR-US: Huawei
CVE-2020-9253
	RESERVED
CVE-2020-9252 (HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8), HUAWEI M ...)
	NOT-FOR-US: Huawei
CVE-2020-9251 (HUAWEI Mate 20 smartphones with versions earlier than 10.1.0.160(C00E1 ...)
	NOT-FOR-US: Huawei
CVE-2020-9250
	RESERVED
CVE-2020-9249 (HUAWEI P30 smartphones with versions earlier than 10.1.0.160(C00E160R2 ...)
	NOT-FOR-US: Huawei
CVE-2020-9248 (Huawei FusionComput 8.0.0 have an improper authorization vulnerability ...)
	NOT-FOR-US: Huawei
CVE-2020-9247 (There is a buffer overflow vulnerability in several Huawei products. T ...)
	NOT-FOR-US: Huawei
CVE-2020-9246 (FusionCompute 8.0.0 has an information leak vulnerability. A module do ...)
	NOT-FOR-US: Huawei
CVE-2020-9245 (HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUA ...)
	NOT-FOR-US: Huawei
CVE-2020-9244 (HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8); ...)
	NOT-FOR-US: Huawei
CVE-2020-9243 (HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have ...)
	NOT-FOR-US: Huawei
CVE-2020-9242 (FusionCompute 8.0.0 have a command injection vulnerability. The softwa ...)
	NOT-FOR-US: Huawei
CVE-2020-9241 (Huawei 5G Mobile WiFi E6878-370 with versions of 10.0.3.1(H563SP1C00), ...)
	NOT-FOR-US: Huawei
CVE-2020-9240 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a buff ...)
	NOT-FOR-US: Huawei
CVE-2020-9239 (Huawei smartphones BLA-A09 versions 8.0.0.123(C212),versions earlier t ...)
	NOT-FOR-US: Huawei
CVE-2020-9238 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a buff ...)
	NOT-FOR-US: Huawei
CVE-2020-9237 (Huawei smartphone Taurus-AL00B with versions earlier than 10.1.0.126(C ...)
	NOT-FOR-US: Huawei
CVE-2020-9236
	RESERVED
CVE-2020-9235 (Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E ...)
	NOT-FOR-US: Huawei
CVE-2020-9234
	RESERVED
CVE-2020-9233 (FusionCompute 8.0.0 have an insufficient authentication vulnerability. ...)
	NOT-FOR-US: Huawei
CVE-2020-9232
	RESERVED
CVE-2020-9231
	RESERVED
CVE-2020-9230 (WS5800-10 version 10.0.3.25 has a denial of service vulnerability. Due ...)
	NOT-FOR-US: Huawei
CVE-2020-9229 (FusionCompute 8.0.0 has an information disclosure vulnerability. Due t ...)
	NOT-FOR-US: Huawei
CVE-2020-9228 (FusionCompute 8.0.0 has an information disclosure vulnerability. Due t ...)
	NOT-FOR-US: Huawei
CVE-2020-9227 (Huawei Smart Phones Moana-AL00B with versions earlier than 10.1.0.166  ...)
	NOT-FOR-US: Huawei
CVE-2020-9226 (HUAWEI P30 with versions earlier than 10.1.0.135(C00E135R2P11) have an ...)
	NOT-FOR-US: HUAWEI
CVE-2020-9225 (FusionSphere OpenStack 6.5.1 have an improper permissions management v ...)
	NOT-FOR-US: Huawei
CVE-2020-9224
	RESERVED
CVE-2020-9223 (There is a denial of service vulnerability in some Huawei smartphones. ...)
	NOT-FOR-US: Huawei
CVE-2020-9222
	RESERVED
CVE-2020-9221
	RESERVED
CVE-2020-9220
	RESERVED
CVE-2020-9219
	RESERVED
CVE-2020-9218
	RESERVED
CVE-2020-9217
	RESERVED
CVE-2020-9216
	RESERVED
CVE-2020-9215
	RESERVED
CVE-2020-9214
	RESERVED
CVE-2020-9213 (There is a denial of service vulnerability in some huawei products. In ...)
	NOT-FOR-US: Huawei
CVE-2020-9212 (There is a vulnerability in some version of USG9500 that the device im ...)
	NOT-FOR-US: Huawei
CVE-2020-9211
	RESERVED
CVE-2020-9210
	RESERVED
CVE-2020-9209 (There is a privilege escalation vulnerability in SMC2.0 product. Some  ...)
	NOT-FOR-US: Huawei
CVE-2020-9208 (There is an information leak vulnerability in iManager NetEco 6000 ver ...)
	NOT-FOR-US: Huawei
CVE-2020-9207 (There is an improper authentication vulnerability in some verisons of  ...)
	NOT-FOR-US: Huawei
CVE-2020-9206 (The eUDC660 product has a resource management vulnerability. An attack ...)
	NOT-FOR-US: Huawei
CVE-2020-9205 (There has a CSV injection vulnerability in ManageOne 8.0.1. An attacke ...)
	NOT-FOR-US: Huawei
CVE-2020-9204
	RESERVED
CVE-2020-9203 (There is a resource management errors vulnerability in Huawei P30. Loc ...)
	NOT-FOR-US: Huawei
CVE-2020-9202 (There is an information disclosure vulnerability in TE Mobile software ...)
	NOT-FOR-US: TE Mobile
CVE-2020-9201 (There is an out-of-bounds read vulnerability in some versions of NIP68 ...)
	NOT-FOR-US: Huawei
CVE-2020-9200 (There has a CSV injection vulnerability in iManager NetEco 6000 versio ...)
	NOT-FOR-US: Huawei
CVE-2020-9199 (B2368-22 V100R001C00;B2368-57 V100R001C00;B2368-66 V100R001C00 have a  ...)
	NOT-FOR-US: Huawei
CVE-2020-9198
	RESERVED
CVE-2020-9197
	RESERVED
CVE-2020-9196
	RESERVED
CVE-2020-9195
	RESERVED
CVE-2020-9194
	RESERVED
CVE-2020-9193
	RESERVED
CVE-2020-9192
	RESERVED
CVE-2020-9191
	RESERVED
CVE-2020-9190
	RESERVED
CVE-2020-9189
	RESERVED
CVE-2020-9188
	RESERVED
CVE-2020-9187
	RESERVED
CVE-2020-9186
	RESERVED
CVE-2020-9185
	RESERVED
CVE-2020-9184
	RESERVED
CVE-2020-9183
	RESERVED
CVE-2020-9182
	RESERVED
CVE-2020-9181
	RESERVED
CVE-2020-9180
	RESERVED
CVE-2020-9179
	RESERVED
CVE-2020-9178
	RESERVED
CVE-2020-9177
	RESERVED
CVE-2020-9176
	RESERVED
CVE-2020-9175
	RESERVED
CVE-2020-9174
	RESERVED
CVE-2020-9173
	RESERVED
CVE-2020-9172
	RESERVED
CVE-2020-9171
	RESERVED
CVE-2020-9170
	RESERVED
CVE-2020-9169
	RESERVED
CVE-2020-9168
	RESERVED
CVE-2020-9167
	RESERVED
CVE-2020-9166
	RESERVED
CVE-2020-9165
	RESERVED
CVE-2020-9164
	RESERVED
CVE-2020-9163
	RESERVED
CVE-2020-9162
	RESERVED
CVE-2020-9161
	RESERVED
CVE-2020-9160
	RESERVED
CVE-2020-9159
	RESERVED
CVE-2020-9158 (There is a Missing Cryptographic Step vulnerability in Huawei Smartpho ...)
	NOT-FOR-US: Huawei
CVE-2020-9157
	RESERVED
CVE-2020-9156
	RESERVED
CVE-2020-9155
	RESERVED
CVE-2020-9154
	RESERVED
CVE-2020-9153
	RESERVED
CVE-2020-9152
	RESERVED
CVE-2020-9151
	RESERVED
CVE-2020-9150
	RESERVED
CVE-2020-9149 (An application error verification vulnerability exists in a component  ...)
	NOT-FOR-US: Huawei
CVE-2020-9148 (An application bypass mechanism vulnerability exists in a component in ...)
	NOT-FOR-US: Huawei
CVE-2020-9147 (A memory buffer error vulnerability exists in a component interface of ...)
	NOT-FOR-US: Huawei
CVE-2020-9146 (A memory buffer error vulnerability exists in a component interface of ...)
	NOT-FOR-US: Huawei
CVE-2020-9145 (There is an Out-of-bounds Write vulnerability in some Huawei smartphon ...)
	NOT-FOR-US: Huawei
CVE-2020-9144 (There is a heap overflow vulnerability in some Huawei smartphone, atta ...)
	NOT-FOR-US: Huawei
CVE-2020-9143 (There is a missing authentication vulnerability in some Huawei smartph ...)
	NOT-FOR-US: Huawei
CVE-2020-9142 (There is a heap base buffer overflow vulnerability in some Huawei smar ...)
	NOT-FOR-US: Huawei
CVE-2020-9141 (There is a improper privilege management vulnerability in some Huawei  ...)
	NOT-FOR-US: Huawei
CVE-2020-9140 (There is a vulnerability with buffer access with incorrect length valu ...)
	NOT-FOR-US: Huawei
CVE-2020-9139 (There is a improper input validation vulnerability in some Huawei Smar ...)
	NOT-FOR-US: Huawei
CVE-2020-9138 (There is a heap-based buffer overflow vulnerability in some Huawei Sma ...)
	NOT-FOR-US: Huawei
CVE-2020-9137 (There is a privilege escalation vulnerability in some versions of Clou ...)
	NOT-FOR-US: Huawei
CVE-2020-9136
	RESERVED
CVE-2020-9135
	RESERVED
CVE-2020-9134
	RESERVED
CVE-2020-9133
	RESERVED
CVE-2020-9132
	RESERVED
CVE-2020-9131
	RESERVED
CVE-2020-9130
	RESERVED
CVE-2020-9129 (HUAWEI Mate 30 versions earlier than 10.1.0.159(C00E159R7P2) have a vu ...)
	NOT-FOR-US: Huawei
CVE-2020-9128 (FusionCompute versions 8.0.0 have an insecure encryption algorithm vul ...)
	NOT-FOR-US: Uawei FusionCompute
CVE-2020-9127 (Some Huawei products have a command injection vulnerability. Due to in ...)
	NOT-FOR-US: Huawei
CVE-2020-9126
	RESERVED
CVE-2020-9125 (There is an out-of-bound read vulnerability in huawei smartphone Mate  ...)
	NOT-FOR-US: Huawei
CVE-2020-9124 (There is a memory leak vulnerability in some versions of Huawei CloudE ...)
	NOT-FOR-US: Huawei
CVE-2020-9123 (HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versi ...)
	NOT-FOR-US: Huawei
CVE-2020-9122 (Some Huawei products have an insufficient input verification vulnerabi ...)
	NOT-FOR-US: Huawei
CVE-2020-9121
	RESERVED
CVE-2020-9120 (CloudEngine 1800V versions V100R019C10SPC500 has a resource management ...)
	NOT-FOR-US: Huawei
CVE-2020-9119 (There is a privilege escalation vulnerability on some Huawei smart pho ...)
	NOT-FOR-US: Huawei
CVE-2020-9118 (There is an insufficient integrity check vulnerability in Huawei Sound ...)
	NOT-FOR-US: Huawei
CVE-2020-9117 (HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and SydneyM ...)
	NOT-FOR-US: Huawei
CVE-2020-9116 (Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection ...)
	NOT-FOR-US: Huawei
CVE-2020-9115 (ManageOne versions 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B ...)
	NOT-FOR-US: Huawei
CVE-2020-9114 (FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a pri ...)
	NOT-FOR-US: Huawei
CVE-2020-9113 (HUAWEI Mate 20 versions earlier than 10.0.0.188(C00E74R3P8) have a buf ...)
	NOT-FOR-US: Huawei
CVE-2020-9112 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a priv ...)
	NOT-FOR-US: Huawei
CVE-2020-9111 (E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E ...)
	NOT-FOR-US: Huawei
CVE-2020-9110 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an inf ...)
	NOT-FOR-US: Huawei
CVE-2020-9109 (There is an information disclosure vulnerability in several smartphone ...)
	NOT-FOR-US: Huawei
CVE-2020-9108 (HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an o ...)
	NOT-FOR-US: Huawei
CVE-2020-9107 (HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an o ...)
	NOT-FOR-US: Huawei
CVE-2020-9106 (HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a pa ...)
	NOT-FOR-US: Huawei
CVE-2020-9105 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an ins ...)
	NOT-FOR-US: Huawei
CVE-2020-9104 (HUAWEI P30 smartphones with Versions earlier than 10.1.0.123(C431E22R2 ...)
	NOT-FOR-US: Huawei
CVE-2020-9103 (HUAWEI Mate 20 smartphones with 9.0.0.205(C00E205R2P1) have a logic er ...)
	NOT-FOR-US: Huawei
CVE-2020-9102 (There is a information leak vulnerability in some Huawei products, and ...)
	NOT-FOR-US: Huawei
CVE-2020-9101 (There is an out-of-bounds write vulnerability in some products. An una ...)
	NOT-FOR-US: Huawei
CVE-2020-9100 (Earlier than HiSuite 10.1.0.500 have a DLL hijacking vulnerability. Th ...)
	NOT-FOR-US: Huawei
CVE-2020-9099 (Huawei products IPS Module; NGFW Module; NIP6300; NIP6600; NIP6800; Se ...)
	NOT-FOR-US: Huawei
CVE-2020-9098 (Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an ...)
	NOT-FOR-US: Huawei
CVE-2020-9097
	RESERVED
CVE-2020-9096 (HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160(C00E1 ...)
	NOT-FOR-US: Huawei
CVE-2020-9095 (HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160(C00E16 ...)
	NOT-FOR-US: Huawei
CVE-2020-9094 (There is an out of bound read vulnerability in some verisons of Huawei ...)
	NOT-FOR-US: Huawei
CVE-2020-9093 (There is a use after free vulnerability in Taurus-AL00A versions 10.0. ...)
	NOT-FOR-US: Huawei
CVE-2020-9092 (HUAWEI Mate 20 versions earlier than 10.1.0.163(C00E160R3P8) have a Ja ...)
	NOT-FOR-US: Huawei
CVE-2020-9091 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an out ...)
	NOT-FOR-US: Huawei
CVE-2020-9090 (FusionAccess version 6.5.1 has an improper authorization vulnerability ...)
	NOT-FOR-US: Huawei
CVE-2020-9089
	RESERVED
CVE-2020-9088
	RESERVED
CVE-2020-9087 (Taurus-AL00A version 10.0.0.1(C00E1R1P1) has an out-of-bounds read vul ...)
	NOT-FOR-US: Huawei
CVE-2020-9086
	RESERVED
CVE-2020-9085
	RESERVED
CVE-2020-9084 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a use- ...)
	NOT-FOR-US: Taurus-AN00B
CVE-2020-9083 (HUAWEI Mate 20 smart phones with Versions earlier than 10.1.0.163(C00E ...)
	NOT-FOR-US: Huawei
CVE-2020-9082
	RESERVED
CVE-2020-9081
	RESERVED
CVE-2020-9080
	RESERVED
CVE-2020-9079 (FusionSphere OpenStack 8.0.0 have a protection mechanism failure vulne ...)
	NOT-FOR-US: Huawei
CVE-2020-9078 (FusionCompute 8.0.0 have local privilege escalation vulnerability. A l ...)
	NOT-FOR-US: Huawei
CVE-2020-9077 (HUAWEI P30 smart phones with versions earlier than 10.1.0.160(C00E160R ...)
	NOT-FOR-US: Huawei
CVE-2020-9076 (HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier ...)
	NOT-FOR-US: Huawei
CVE-2020-9075 (Huawei products Secospace USG6300;USG6300E with versions of V500R001C3 ...)
	NOT-FOR-US: Huawei
CVE-2020-9074 (Huawei Smartphones HONOR 20 PRO;Honor View 20;HONOR 20 have an imprope ...)
	NOT-FOR-US: Huawei
CVE-2020-9073 (Huawei P20 smartphones with versions earlier than 10.0.0.156(C00E156R1 ...)
	NOT-FOR-US: Huawei
CVE-2020-9072 (Huawei OSD product with versions earlier than OSD_uwp_9.0.32.0 have a  ...)
	NOT-FOR-US: Huawei
CVE-2020-9071 (There is a few bytes out-of-bounds read vulnerability in some Huawei p ...)
	NOT-FOR-US: Huawei
CVE-2020-9070 (Huawei smartphones Taurus-AL00B with versions earlier than 10.0.0.205( ...)
	NOT-FOR-US: Huawei
CVE-2020-9069 (There is an information leakage vulnerability in some Huawei products. ...)
	NOT-FOR-US: Huawei
CVE-2020-9068 (Huawei AR3200 products with versions of V200R007C00SPC900, V200R007C00 ...)
	NOT-FOR-US: Huawei
CVE-2020-9067 (There is a buffer overflow vulnerability in some Huawei products. The  ...)
	NOT-FOR-US: Huawei
CVE-2020-9066 (Huawei smartphones OxfordP-AN10B with versions earlier than 10.0.1.169 ...)
	NOT-FOR-US: Huawei
CVE-2020-9065 (Huawei smart phone Taurus-AL00B with versions earlier than 10.0.0.203( ...)
	NOT-FOR-US: Huawei
CVE-2020-9064 (Huawei smartphone Honor V30 with versions earlier than OxfordS-AN00A 1 ...)
	NOT-FOR-US: Huawei
CVE-2020-9063 (NCR SelfServ ATMs running APTRA XFS 05.01.00 or earlier do not authent ...)
	NOT-FOR-US: NCR SelfServ ATMs
CVE-2020-9062 (Diebold Nixdorf ProCash 2100xe USB ATMs running Wincor Probase version ...)
	NOT-FOR-US: Diebold Nixdorf ProCash 2100xe USB ATMs
CVE-2020-9061 (Z-Wave devices using Silicon Labs 500 and 700 series chipsets, includi ...)
	NOT-FOR-US: Z-Wave devices
CVE-2020-9060 (Z-Wave devices based on Silicon Labs 500 series chipsets using S2, inc ...)
	NOT-FOR-US: Z-Wave devices
CVE-2020-9059 (Z-Wave devices based on Silicon Labs 500 series chipsets using S0 auth ...)
	NOT-FOR-US: Z-Wave devices
CVE-2020-9058 (Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16  ...)
	NOT-FOR-US: Z-Wave devices
CVE-2020-9057 (Z-Wave devices based on Silicon Labs 100, 200, and 300 series chipsets ...)
	NOT-FOR-US: Z-Wave devices
CVE-2020-9056 (Periscope BuySpeed version 14.5 is vulnerable to stored cross-site scr ...)
	NOT-FOR-US: Periscope BuySpeed
CVE-2020-9055 (Versiant LYNX Customer Service Portal (CSP), version 3.5.2, is vulnera ...)
	NOT-FOR-US: Versiant LYNX Customer Service Portal
CVE-2020-9054 (Multiple ZyXEL network-attached storage (NAS) devices running firmware ...)
	NOT-FOR-US: ZyXEL
CVE-2020-9053
	REJECTED
CVE-2020-9052
	REJECTED
CVE-2020-9051
	REJECTED
CVE-2020-9050 (Path Traversal vulnerability exists in Metasys Reporting Engine (MRE)  ...)
	NOT-FOR-US: Metasys Reporting Engine (MRE) Web Services
CVE-2020-9049 (A vulnerability in specified versions of American Dynamics victor Web  ...)
	NOT-FOR-US: Sensormatic Electronics, LLC; a subsidiary of Johnson Controls
CVE-2020-9048 (A vulnerability in specified versions of American Dynamics victor Web  ...)
	NOT-FOR-US: Johnson Controls
CVE-2020-9047 (A vulnerability exists that could allow the execution of unauthorized  ...)
	NOT-FOR-US: exacqVision Web Service
CVE-2020-9046 (A vulnerability in all versions of Kantech EntraPass Editions could po ...)
	NOT-FOR-US: Kantech
CVE-2020-9045 (During installation or upgrade to Software House C&#8226;CURE 9000 v2. ...)
	NOT-FOR-US: Software House
CVE-2020-9044 (XXE vulnerability exists in the Metasys family of product Web Services ...)
	NOT-FOR-US: Johnson Controls
CVE-2020-9043 (The wpCentral plugin before 1.5.1 for WordPress allows disclosure of t ...)
	NOT-FOR-US: wpCentral plugin for WordPress
CVE-2020-9042 (In Couchbase Server 6.0, credentials cached by a browser can be used t ...)
	NOT-FOR-US: Couchbase
CVE-2020-9041 (In Couchbase Server 6.0.3 and Couchbase Sync Gateway through 2.7.0, th ...)
	NOT-FOR-US: Couchbase
CVE-2020-9040 (Couchbase Server Java SDK before 2.7.1.1 allows a potential attacker t ...)
	NOT-FOR-US: Couchbase
CVE-2020-9039 (Couchbase Server 4.0.0, 4.1.0, 4.1.1, 4.5.0, 4.5.1, 4.6.0 through 4.6. ...)
	NOT-FOR-US: Couchbase
CVE-2020-9038 (Joplin through 1.0.184 allows Arbitrary File Read via XSS. ...)
	NOT-FOR-US: Joplin
CVE-2020-9037
	RESERVED
CVE-2020-9036 (Jeedom through 4.0.38 allows XSS. ...)
	NOT-FOR-US: Jeedom
CVE-2020-9035
	RESERVED
CVE-2020-9355 (danfruehauf NetworkManager-ssh before 1.2.11 allows privilege escalati ...)
	{DSA-4637-1}
	- network-manager-ssh 1.2.11-1
	NOTE: https://github.com/danfruehauf/NetworkManager-ssh/pull/98
	NOTE: https://github.com/danfruehauf/NetworkManager-ssh/commit/5d88cd89795352b5df54cc0ebb6a0076b8c89ee4
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1803499
CVE-2020-9034 (Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65 ...)
	NOT-FOR-US: Symmetricom SyncServer
CVE-2020-9033 (Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65 ...)
	NOT-FOR-US: Symmetricom SyncServer
CVE-2020-9032 (Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65 ...)
	NOT-FOR-US: Symmetricom SyncServer
CVE-2020-9031 (Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65 ...)
	NOT-FOR-US: Symmetricom SyncServer
CVE-2020-9030 (Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65 ...)
	NOT-FOR-US: Symmetricom SyncServer
CVE-2020-9029 (Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65 ...)
	NOT-FOR-US: Symmetricom SyncServer
CVE-2020-9028 (Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65 ...)
	NOT-FOR-US: Symmetricom SyncServer
CVE-2020-9027 (ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection v ...)
	NOT-FOR-US: ELTEX devices
CVE-2020-9026 (ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection v ...)
	NOT-FOR-US: ELTEX devices
CVE-2020-9025 (Iteris Vantage Velocity Field Unit 2.4.2 devices have multiple stored  ...)
	NOT-FOR-US: Iteris Vantage Velocity Field Unit devices
CVE-2020-9024 (Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have world- ...)
	NOT-FOR-US: Iteris Vantage Velocity Field Unit devices
CVE-2020-9023 (Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have two us ...)
	NOT-FOR-US: Iteris Vantage Velocity Field Unit devices
CVE-2020-9022 (An issue was discovered on Xirrus XR520, XR620, XR2436, and XH2-120 de ...)
	NOT-FOR-US: Xirrus devices
CVE-2020-9021 (Post Oak AWAM Bluetooth Field Device 7400v2.08.21.2018, 7800SD.2015.1. ...)
	NOT-FOR-US: Post Oak AWAM Bluetooth Field Device
CVE-2020-9020 (Iteris Vantage Velocity Field Unit 2.3.1, 2.4.2, and 3.0 devices allow ...)
	NOT-FOR-US: Iteris Vantage Velocity Field Unit devices
CVE-2020-9019 (The WPJobBoard plugin 5.5.3 for WordPress allows Persistent XSS via th ...)
	NOT-FOR-US: WPJobBoard plugin for WordPress
CVE-2020-9018 (LiteCart through 2.2.1 allows admin/?app=users&amp;doc=edit_user CSRF  ...)
	NOT-FOR-US: LiteCart
CVE-2020-9017 (LiteCart through 2.2.1 allows CSV injection via a customer's profile. ...)
	NOT-FOR-US: LiteCart
CVE-2020-9016 (Dolibarr 11.0 allows XSS via the joinfiles, topic, or code parameter,  ...)
	- dolibarr <removed>
CVE-2020-9015 (** DISPUTED ** Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20 ...)
	NOT-FOR-US: Arista devices
CVE-2020-9014 (In Epson iProjection v2.30, the driver file (EMP_NSAU.sys) allows loca ...)
	NOT-FOR-US: Epson
CVE-2020-9013 (Arvato Skillpipe 3.0 allows attackers to bypass intended print restric ...)
	NOT-FOR-US: Arvato Skillpipe
CVE-2020-9012 (A cross-site scripting (XSS) vulnerability in the Import People functi ...)
	NOT-FOR-US: Gluu Identity Configuration
CVE-2020-9011
	RESERVED
CVE-2020-9010
	RESERVED
CVE-2020-9009
	RESERVED
CVE-2020-9008 (Stored Cross-site scripting (XSS) vulnerability in Blackboard Learn/Pe ...)
	NOT-FOR-US: Blackboard Learn/PeopleTool
CVE-2020-9007 (Codoforum 4.8.8 allows self-XSS via the title of a new topic. ...)
	NOT-FOR-US: Codoforum
CVE-2020-9006 (The Popup Builder plugin 2.2.8 through 2.6.7.6 for WordPress is vulner ...)
	NOT-FOR-US: Popup Builder plugin for WordPress
CVE-2020-9005 (meshsystem.dll in Valve Dota 2 through 2020-02-17 allows remote attack ...)
	NOT-FOR-US: Dota 2
CVE-2020-9004 (A remote authenticated authorization-bypass vulnerability in Wowza Str ...)
	NOT-FOR-US: Wowza Streaming Engine
CVE-2020-9003 (A stored XSS vulnerability exists in the Modula Image Gallery plugin b ...)
	NOT-FOR-US: Modula Image Gallery plugin for WordPress
CVE-2020-9002 (An issue was discovered in iPortalis iCS 7.1.13.0. An attacker can gai ...)
	NOT-FOR-US: iPortalis iCS
CVE-2020-9001
	REJECTED
CVE-2020-9000 (An issue was discovered in iPortalis iCS 7.1.13.0. Attackers can send  ...)
	NOT-FOR-US: iPortalis iCS
CVE-2020-8999
	REJECTED
CVE-2020-8998
	REJECTED
CVE-2020-8997 (Older generation Abbott FreeStyle Libre sensors allow remote attackers ...)
	NOT-FOR-US: Abbott FreeStyle Libre
CVE-2020-8996 (AnyShare Cloud 6.0.9 allows authenticated directory traversal to read  ...)
	NOT-FOR-US: AnyShare Cloud
CVE-2020-8995 (Programi Bilanc Build 007 Release 014 31.01.2020 supplies a .exe file  ...)
	NOT-FOR-US: Programi Bilanc
CVE-2020-8994 (An issue was discovered on XIAOMI AI speaker MDZ-25-DT 1.34.36, and 1. ...)
	NOT-FOR-US: XIAOMI AI speaker MDZ-25-DT
CVE-2020-8993
	RESERVED
CVE-2020-8992 (ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux k ...)
	- linux 5.5.13-1
	[buster] - linux 4.19.118-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://patchwork.ozlabs.org/patch/1236118/
CVE-2020-8991 (** DISPUTED ** vg_lookup in daemons/lvmetad/lvmetad-core.c in LVM2 2.0 ...)
	- lvm2 2.03.01-2
	[stretch] - lvm2 <no-dsa> (Minor issue)
	[jessie] - lvm2 <no-dsa> (Minor issue)
	NOTE: https://sourceware.org/git/?p=lvm2.git;a=commit;h=bcf9556b8fcd16ad8997f80cc92785f295c66701
	NOTE: 2.03.00 upstream removed lvmetad (and the still vulnerable code)
CVE-2020-8990 (Western Digital My Cloud Home before 3.6.0 and ibi before 3.6.0 allow  ...)
	NOT-FOR-US: Western Digital My Cloud Home
CVE-2020-8989 (In the Voatz application 2020-01-01 for Android, the amount of data tr ...)
	NOT-FOR-US: Voatz application for Android
CVE-2020-8988 (The Voatz application 2020-01-01 for Android allows only 100 million d ...)
	NOT-FOR-US: Voatz application for Android
CVE-2020-8987 (Avast AntiTrack before 1.5.1.172 and AVG Antitrack before 2.0.0.178 pr ...)
	NOT-FOR-US: Avast AntiTrack
CVE-2020-8986 (lib/NSSDropbox.php in ZendTo prior to 5.22-2 Beta failed to properly c ...)
	NOT-FOR-US: ZendTo
CVE-2020-8985 (ZendTo prior to 5.22-2 Beta allowed reflected XSS and CSRF via the unl ...)
	NOT-FOR-US: ZendTo
CVE-2020-8984 (lib/NSSDropbox.php in ZendTo prior to 5.22-2 Beta allowed IP address s ...)
	NOT-FOR-US: ZendTo
CVE-2020-8983 (An arbitrary file write issue exists in all versions of Citrix ShareFi ...)
	NOT-FOR-US: Citrix
CVE-2020-8982 (An unauthenticated arbitrary file read issue exists in all versions of ...)
	NOT-FOR-US: Citrix
CVE-2020-8981 (A cross-site scripting (XSS) vulnerability was discovered in the Sourc ...)
	NOT-FOR-US: Source Integration plugin for MantisBT
CVE-2020-8980
	RESERVED
CVE-2020-8979
	RESERVED
CVE-2020-8978
	RESERVED
CVE-2020-8977
	RESERVED
CVE-2020-8976
	RESERVED
CVE-2020-8975
	RESERVED
CVE-2020-8974
	RESERVED
CVE-2020-8973
	RESERVED
CVE-2020-8972
	RESERVED
CVE-2020-8971
	RESERVED
CVE-2020-8970
	RESERVED
CVE-2020-8969
	RESERVED
CVE-2020-8968 (Parallels Remote Application Server (RAS) allows a local attacker to r ...)
	NOT-FOR-US: Parallels Remote Application Server (RAS)
CVE-2020-8967 (There is an improper Neutralization of Special Elements used in an SQL ...)
	NOT-FOR-US: GESIO
CVE-2020-8966 (There is an Improper Neutralization of Script-Related HTML Tags in a W ...)
	- tikiwiki <removed>
CVE-2020-8965
	RESERVED
CVE-2020-8964 (TimeTools SC7105 1.0.007, SC9205 1.0.007, SC9705 1.0.007, SR7110 1.0.0 ...)
	NOT-FOR-US: TimeTools devices
CVE-2020-8963 (TimeTools SC7105 1.0.007, SC9205 1.0.007, SC9705 1.0.007, SR7110 1.0.0 ...)
	NOT-FOR-US: TimeTools devices
CVE-2020-8962 (A stack-based buffer overflow was found on the D-Link DIR-842 REVC wit ...)
	NOT-FOR-US: D-Link
CVE-2020-8961 (An issue was discovered in Avira Free-Antivirus before 15.0.2004.1825. ...)
	NOT-FOR-US: Avira
CVE-2020-8960 (Western Digital mycloud.com before Web Version 2.2.0-134 allows XSS. ...)
	NOT-FOR-US: Western Digital mycloud.com
CVE-2020-8959 (Western Digital WesternDigitalSSDDashboardSetup.exe before 3.0.2.0 all ...)
	NOT-FOR-US: Western Digital
CVE-2020-8958 (Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804R ...)
	NOT-FOR-US: Guangzhou
CVE-2020-8957
	RESERVED
CVE-2020-8956 (Pulse Secure Desktop Client 9.0Rx before 9.0R5 and 9.1Rx before 9.1R4  ...)
	NOT-FOR-US: Pulse Secure Pulse Secure Desktop Client
CVE-2020-8955 (irc_mode_channel_update in plugins/irc/irc-mode.c in WeeChat through 2 ...)
	{DLA-2770-1 DLA-2157-1}
	- weechat 2.7.1-1 (bug #951289)
	[buster] - weechat <no-dsa> (Minor issue)
	NOTE: https://github.com/weechat/weechat/commit/6f4f147d8e86adf9ad34a8ffd7e7f1f23a7e74da
CVE-2020-8954 (OpenSearch Web browser 1.0.4.9 allows Intent Scheme Hijacking.[a link  ...)
	NOT-FOR-US: OpenSearch Web browser
CVE-2020-8953 (OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication by ...)
	NOT-FOR-US: OpenVPN Access Server
CVE-2020-8952 (Fiserv Accurate Reconciliation 2.19.0, fixed in 3.0.0 or higher, allow ...)
	NOT-FOR-US: Fiserv Accurate Reconciliation
CVE-2020-8951 (Fiserv Accurate Reconciliation 2.19.0, fixed in 3.0.0 or higher, allow ...)
	NOT-FOR-US: Fiserv Accurate Reconciliation
CVE-2020-8950 (The AUEPLauncher service in Radeon AMD User Experience Program Launche ...)
	NOT-FOR-US: Radeon AMD User Experience Program Launcher
CVE-2020-8949 (Gocloud S2A_WL 4.2.7.16471, S2A 4.2.7.17278, S2A 4.3.0.15815, S2A 4.3. ...)
	NOT-FOR-US: Gocloud devices
CVE-2020-8948 (The Sierra Wireless Windows Mobile Broadband Driver Packages (MBDP) be ...)
	NOT-FOR-US: Sierra Wireless Windows Mobile Broadband Driver Packages (MBDP)
CVE-2020-8947 (functions_netflow.php in Artica Pandora FMS 7.0 allows remote attacker ...)
	NOT-FOR-US: Pandora FMS
CVE-2020-8946 (Netis WF2471 v1.2.30142 devices allow an authenticated attacker to exe ...)
	NOT-FOR-US: Netis devices
CVE-2020-8945 (The proglottis Go wrapper before 0.1.1 for the GPGME library has a use ...)
	- golang-github-proglottis-gpgme 0.1.1-1 (bug #951372)
	[buster] - golang-github-proglottis-gpgme <no-dsa> (Minor issue)
	NOTE: https://github.com/proglottis/gpgme/pull/23
CVE-2020-8944 (An arbitrary memory write vulnerability in Asylo versions up to 0.6.0  ...)
	NOT-FOR-US: Asylo
CVE-2020-8943 (An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 a ...)
	NOT-FOR-US: Asylo
CVE-2020-8942 (An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 a ...)
	NOT-FOR-US: Asylo
CVE-2020-8941 (An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 a ...)
	NOT-FOR-US: Asylo
CVE-2020-8940 (An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 a ...)
	NOT-FOR-US: Asylo
CVE-2020-8939 (An out of bounds read on the enc_untrusted_inet_ntop function allows a ...)
	NOT-FOR-US: Asylo
CVE-2020-8938 (An arbitrary memory overwrite vulnerability in Asylo versions up to 0. ...)
	NOT-FOR-US: Asylo
CVE-2020-8937 (An arbitrary memory overwrite vulnerability in Asylo versions up to 0. ...)
	NOT-FOR-US: Asylo
CVE-2020-8936 (An arbitrary memory overwrite vulnerability in Asylo versions up to 0. ...)
	NOT-FOR-US: Asylo
CVE-2020-8935 (An arbitrary memory overwrite vulnerability in Asylo versions up to 0. ...)
	NOT-FOR-US: Asylo
CVE-2020-8934
	RESERVED
CVE-2020-8933 (A vulnerability in Google Cloud Platform's guest-oslogin versions betw ...)
	- google-compute-image-packages <removed> (bug #987353)
	[buster] - google-compute-image-packages <ignored> (Minor issue)
	NOTE: https://cloud.google.com/compute/docs/security-bulletins#2020619
	NOTE: https://github.com/GoogleCloudPlatform/guest-oslogin/pull/29
CVE-2020-8932
	RESERVED
CVE-2020-8931
	RESERVED
CVE-2020-8930
	RESERVED
CVE-2020-8929 (A mis-handling of invalid unicode characters in the Java implementatio ...)
	NOT-FOR-US: Tink
CVE-2020-8928
	RESERVED
CVE-2020-8927 (A buffer overflow exists in the Brotli library versions prior to 1.0.8 ...)
	{DSA-4801-1 DLA-2476-1}
	- brotli 1.0.9-1
	NOTE: https://github.com/google/brotli/commit/223d80cfbec8fd346e32906c732c8ede21f0cea6
CVE-2020-8926
	RESERVED
CVE-2020-8925
	RESERVED
CVE-2020-8924
	RESERVED
CVE-2020-8923 (An improper HTML sanitization in Dart versions up to and including 2.7 ...)
	NOT-FOR-US: Dart (different from src:dart)
CVE-2020-8922
	RESERVED
CVE-2020-8921
	RESERVED
CVE-2020-8920 (An information leak vulnerability exists in Gerrit versions prior to 2 ...)
	- gerrit <itp> (bug #589436)
CVE-2020-8919 (An information leak vulnerability exists in Gerrit versions prior to 2 ...)
	- gerrit <itp> (bug #589436)
CVE-2020-8918 (An improperly initialized 'migrationAuth' value in Google's go-tpm TPM ...)
	NOT-FOR-US: go-tpm TPM1.2 library
CVE-2020-8917
	RESERVED
CVE-2020-8916 (A memory leak in Openthread's wpantund versions up to commit 0e5d1601f ...)
	NOT-FOR-US: wpantund
CVE-2020-8915
	RESERVED
CVE-2020-8914
	RESERVED
CVE-2020-8913 (A local, arbitrary code execution vulnerability exists in the SplitCom ...)
	NOT-FOR-US: Android's Play Core Library
CVE-2020-8912 (A vulnerability in the in-band key negotiation exists in the AWS S3 Cr ...)
	NOT-FOR-US: AWS S3 Crypto SDK for Go
CVE-2020-8911 (A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoL ...)
	NOT-FOR-US: AWS S3 Crypto SDK for Go
CVE-2020-8910 (A URL parsing issue in goog.uri of the Google Closure Library versions ...)
	NOT-FOR-US: Google Closure Library
CVE-2020-8909
	RESERVED
CVE-2020-8908 (A temp directory creation vulnerability exists in all versions of Guav ...)
	NOT-FOR-US: Google Guava
CVE-2020-8907 (A vulnerability in Google Cloud Platform's guest-oslogin versions betw ...)
	- google-compute-image-packages <removed> (bug #987353)
	[buster] - google-compute-image-packages <ignored> (Minor issue)
	NOTE: https://cloud.google.com/compute/docs/security-bulletins#2020619
	NOTE: https://github.com/GoogleCloudPlatform/guest-oslogin/pull/29
CVE-2020-8906
	RESERVED
CVE-2020-8905 (A buffer length validation vulnerability in Asylo versions prior to 0. ...)
	NOT-FOR-US: Asylo
CVE-2020-8904 (An arbitrary memory overwrite vulnerability in the trusted memory of A ...)
	NOT-FOR-US: Asylo
CVE-2020-8903 (A vulnerability in Google Cloud Platform's guest-oslogin versions betw ...)
	- google-compute-image-packages <removed> (bug #987353)
	[buster] - google-compute-image-packages <ignored> (Minor issue)
	NOTE: https://cloud.google.com/compute/docs/security-bulletins#2020619
	NOTE: https://github.com/GoogleCloudPlatform/guest-oslogin/pull/29
CVE-2020-8902 (Rendertron versions prior to 3.0.0 are are susceptible to a Server-Sid ...)
	NOT-FOR-US: Rendertron
CVE-2020-8901
	RESERVED
CVE-2020-8900
	RESERVED
CVE-2020-8899 (There is a buffer overwrite vulnerability in the Quram qmg library of  ...)
	NOT-FOR-US: Samsung
CVE-2020-8898
	RESERVED
CVE-2020-8897 (A weak robustness vulnerability exists in the AWS Encryption SDKs for  ...)
	NOT-FOR-US: AWS Encryption SDKs
CVE-2020-8896 (A Buffer Overflow vulnerability in the khcrypt implementation in Googl ...)
	NOT-FOR-US: Google Earth Pro
CVE-2020-8895 (Untrusted Search Path vulnerability in the windows installer of Google ...)
	NOT-FOR-US: windows installer of Google Earth Pro
CVE-2020-8894 (An issue was discovered in MISP before 2.4.121. ACLs for discussion th ...)
	NOT-FOR-US: MISP
CVE-2020-8893 (An issue was discovered in MISP before 2.4.121. The Galaxy view contai ...)
	NOT-FOR-US: MISP
CVE-2020-8892 (An issue was discovered in MISP before 2.4.121. It did not consider th ...)
	NOT-FOR-US: MISP
CVE-2020-8891 (An issue was discovered in MISP before 2.4.121. It did not canonicaliz ...)
	NOT-FOR-US: MISP
CVE-2020-8890 (An issue was discovered in MISP before 2.4.121. It mishandled time ske ...)
	NOT-FOR-US: MISP
CVE-2020-8889
	RESERVED
CVE-2020-8888
	RESERVED
CVE-2020-8887 (Telestream Tektronix Medius before 10.7.5 and Sentry before 10.7.5 hav ...)
	NOT-FOR-US: Telestream Tektronix Medius
CVE-2020-8886
	RESERVED
CVE-2020-8885
	RESERVED
CVE-2020-8884 (rcdsvc in the Proofpoint Insider Threat Management Windows Agent (form ...)
	NOT-FOR-US: Proofpoint Insider Threat Management Windows Agent
CVE-2020-8883 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit Studio Photo
CVE-2020-8882 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Studio Photo
CVE-2020-8881 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Studio Photo
CVE-2020-8880 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Studio Photo
CVE-2020-8879 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit Studio Photo
CVE-2020-8878 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Studio Photo
CVE-2020-8877 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit Studio Photo
CVE-2020-8876 (This vulnerability allows local attackers to disclose information on a ...)
	NOT-FOR-US: Parallels
CVE-2020-8875 (This vulnerability allows local attackers to escalate privileges on af ...)
	NOT-FOR-US: Parallels
CVE-2020-8874 (This vulnerability allows local attackers to escalate privileges on af ...)
	NOT-FOR-US: Parallels
CVE-2020-8873 (This vulnerability allows local attackers to escalate privileges on af ...)
	NOT-FOR-US: Parallels
CVE-2020-8872 (This vulnerability allows local attackers to disclose sensitive inform ...)
	NOT-FOR-US: Parallels
CVE-2020-8871 (This vulnerability allows local attackers to escalate privileges on af ...)
	NOT-FOR-US: Parallels
CVE-2020-8870 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2020-8869 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2020-8868 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Quest Foglight Evolve
CVE-2020-8867 (This vulnerability allows remote attackers to create a denial-of-servi ...)
	NOT-FOR-US: OPC Foundation UA .NET Standard
CVE-2020-8866 (This vulnerability allows remote attackers to create arbitrary files o ...)
	{DLA-2162-1}
	- php-horde-form 2.0.20-1 (bug #955020)
	[buster] - php-horde-form 2.0.18-3.1+deb10u1
	[stretch] - php-horde-form 2.0.15-1+deb9u2
	NOTE: https://lists.horde.org/archives/announce/2020/001288.html
	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-20-275/
	NOTE: https://github.com/horde/Form/commit/813f8e7e9479fad4546b89c569325ee9eef60b0f
CVE-2020-8865 (This vulnerability allows remote attackers to execute local PHP files  ...)
	{DLA-2175-1}
	- php-horde-trean 1.1.10-1 (bug #955019)
	[buster] - php-horde-trean 1.1.9-3+deb10u1
	[stretch] - php-horde-trean 1.1.7-1+deb9u1
	NOTE: https://lists.horde.org/archives/announce/2020/001286.html
	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-20-276/
	NOTE: https://github.com/horde/trean/commit/db0714a0c04d87bda9e2852f1b0d259fc281ca75
	NOTE: https://github.com/horde/trean/commit/055029f551501803d7e293a48316e2cf31307908
CVE-2020-8864 (This vulnerability allows network-adjacent attackers to bypass authent ...)
	NOT-FOR-US: D-Link
CVE-2020-8863 (This vulnerability allows network-adjacent attackers to bypass authent ...)
	NOT-FOR-US: D-Link
CVE-2020-8862 (This vulnerability allows network-adjacent attackers to bypass authent ...)
	NOT-FOR-US: D-Link
CVE-2020-8861 (This vulnerability allows network-adjacent attackers to bypass authent ...)
	NOT-FOR-US: D-Link
CVE-2020-8860 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Samsung Galaxy S10 Firmware
CVE-2020-8859 (This vulnerability allows remote attackers to create a denial-of-servi ...)
	NOT-FOR-US: elog
CVE-2020-8858 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Moxa
CVE-2020-8857 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-8856 (This vulnerability allows remote atackers to execute arbitrary code on ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-8855 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-8854 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-8853 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-8852 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-8851 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-8850 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-8849 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-8848 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-8847 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-8846 (This vulnerability allows remote atackers to execute arbitrary code on ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-8845 (This vulnerability allows remote atackers to execute arbitrary code on ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2020-8844 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2020-8843 (An issue was discovered in Istio 1.3 through 1.3.6. Under certain circ ...)
	NOT-FOR-US: Istio
CVE-2020-8842
	REJECTED
CVE-2020-8841 (An issue was discovered in TestLink 1.9.19. The relation_type paramete ...)
	NOT-FOR-US: TestLink
CVE-2020-8840 (FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean- ...)
	{DLA-2111-1}
	- jackson-databind 2.11.1-1
	[buster] - jackson-databind 2.9.8-3+deb10u2
	[stretch] - jackson-databind 2.8.6-1+deb9u7
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2620
	NOTE: https://github.com/FasterXML/jackson-databind/commit/914e7c9f2cb8ce66724bf26a72adc7e958992497
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
CVE-2020-8839 (Stored XSS was discovered on CHIYU BF-430 232/485 TCP/IP Converter dev ...)
	NOT-FOR-US: CHIYU BF-430 232/485 TCP/IP Converter devices
CVE-2020-8838 (An issue was discovered in Zoho ManageEngine AssetExplorer 6.5. During ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2020-8837
	RESERVED
CVE-2020-8836
	RESERVED
CVE-2020-8835 (In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/veri ...)
	- linux 5.5.13-2
	[buster] - linux <not-affected> (Vulnerable code introduced later)
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.kernel.org/linus/f2d67fec0b43edce8c416101cdc52e71145b5fef
	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-20-350/
CVE-2020-8834 (KVM in the Linux kernel on Power8 processors has a conflicting use of  ...)
	- linux 4.18.6-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://www.openwall.com/lists/oss-security/2020/04/06/2
CVE-2020-8833 (Time-of-check Time-of-use Race Condition vulnerability on crash report ...)
	NOT-FOR-US: Apport
CVE-2020-8832 (The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 (" ...)
	- linux 4.16.5-1
	[stretch] - linux <not-affected> (Vulnerable code not present, incomplete fix not applied)
	[jessie] - linux <not-affected> (No support for this hardware)
	NOTE: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1862840
	NOTE: The CVE is for an incomplete fix for CVE-2019-14615 which technically only
	NOTE: affects upstream versions (and downstreams) which applied the fix fo
	NOTE: CVE-2019-14615 which is bc8a76a152c5 ("drm/i915/gen9: Clear residual context
	NOTE: state on context switch"). But there is need to apply as well the prerequistite
	NOTE: d2b4b97933f5 ("drm/i915: Record the default hw state after reset upon load").
CVE-2020-8831 (Apport creates a world writable lock file with root ownership in the w ...)
	NOT-FOR-US: Apport
CVE-2020-8830 (CSRF in login.asp on Ruckus devices allows an attacker to access the p ...)
	NOT-FOR-US: Ruckus
CVE-2020-8829 (CSRF on Intelbras CIP 92200 devices allows an attacker to access the p ...)
	NOT-FOR-US: Intelbras
CVE-2020-8828 (As of v1.5.0, the default admin password is set to the argocd-server p ...)
	NOT-FOR-US: Argo
CVE-2020-8827 (As of v1.5.0, the Argo API does not implement anti-automation measures ...)
	NOT-FOR-US: Argo
CVE-2020-8826 (As of v1.5.0, the Argo web interface authentication system issued immu ...)
	NOT-FOR-US: Argo
CVE-2020-8825 (index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 allows store ...)
	NOT-FOR-US: Vanilla Forums
CVE-2020-8824 (Hitron CODA-4582U 7.1.1.30 devices allow XSS via a Managed Device name ...)
	NOT-FOR-US: Hitron devices
CVE-2020-8823 (htmlfile in lib/transport/htmlfile.js in SockJS before 0.3.0 is vulner ...)
	NOT-FOR-US: SockJS
CVE-2020-8822 (Digi TransPort WR21 5.2.2.3, WR44 5.1.6.4, and WR44v2 5.1.6.9 devices  ...)
	NOT-FOR-US: Digi TransPort
CVE-2020-8821 (An Improper Data Validation Vulnerability exists in Webmin 1.941 and e ...)
	- webmin <removed>
CVE-2020-8820 (An XSS Vulnerability exists in Webmin 1.941 and earlier affecting the  ...)
	- webmin <removed>
CVE-2020-8819 (An issue was discovered in the CardGate Payments plugin through 3.1.15 ...)
	NOT-FOR-US: CardGate Payments plugin for WooCommerce
CVE-2020-8818 (An issue was discovered in the CardGate Payments plugin through 2.0.30 ...)
	NOT-FOR-US: CardGate Payments plugin for Magento
CVE-2020-8817 (Dataiku DSS before 6.0.5 allows attackers write access to the project  ...)
	NOT-FOR-US: Dataiku
CVE-2020-8816 (Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by priv ...)
	NOT-FOR-US: Pi-hole
CVE-2020-8815 (Improper connection handling in the base connection handler in IKTeam  ...)
	NOT-FOR-US: BearFTP
CVE-2020-8814
	RESERVED
CVE-2020-8813 (graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute a ...)
	- cacti 1.2.10+ds1-1 (bug #951832)
	[buster] - cacti <no-dsa> (Minor issue)
	[stretch] - cacti <not-affected> (Vulnerable code not present)
	[jessie] - cacti <not-affected> (Vulnerable code not present)
	NOTE: https://gist.github.com/mhaskar/ebe6b74c32fd0f7e1eedf1aabfd44129
	NOTE: https://shells.systems/cacti-v1-2-8-authenticated-remote-code-execution-cve-2020-8813/
	NOTE: https://github.com/Cacti/cacti/issues/3285
	NOTE: https://github.com/Cacti/cacti/commit/fea919e8fe05bb730c802054661fd3a7ec029784
CVE-2020-8812 (** DISPUTED ** Bludit 3.10.0 allows Editor or Author roles to insert m ...)
	NOT-FOR-US: Bludit
CVE-2020-8811 (ajax/profile-picture-upload.php in Bludit 3.10.0 allows authenticated  ...)
	NOT-FOR-US: Bludit
CVE-2020-8810 (An issue was discovered in Gurux GXDLMS Director through 8.5.1905.1301 ...)
	NOT-FOR-US: Gurux
CVE-2020-8809 (Gurux GXDLMS Director prior to 8.5.1905.1301 downloads updates to add- ...)
	NOT-FOR-US: Gurux
CVE-2020-8808 (The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR ...)
	NOT-FOR-US: CORSAIR iCUE
CVE-2020-8807 (In Electric Coin Company Zcashd before 2.1.1-1, the time offset betwee ...)
	NOT-FOR-US: Electric Coin Company Zcashd
CVE-2020-8806 (Electric Coin Company Zcashd before 2.1.1-1 allows attackers to trigge ...)
	NOT-FOR-US: Electric Coin Company Zcashd
CVE-2020-8805
	RESERVED
CVE-2020-8804 (SuiteCRM through 7.11.10 allows SQL Injection via the SOAP API, the Em ...)
	NOT-FOR-US: SuiteCRM
CVE-2020-8803 (SuiteCRM through 7.11.11 allows Directory Traversal to include arbitra ...)
	NOT-FOR-US: SuiteCRM
CVE-2020-8802 (SuiteCRM through 7.11.11 has Incorrect Access Control via action_saveH ...)
	NOT-FOR-US: SuiteCRM
CVE-2020-8801 (SuiteCRM through 7.11.11 allows PHAR Deserialization. ...)
	NOT-FOR-US: SuiteCRM
CVE-2020-8800 (SuiteCRM through 7.11.11 allows EmailsControllerActionGetFromFields PH ...)
	NOT-FOR-US: SuiteCRM
CVE-2020-8799 (A Stored XSS vulnerability has been found in the administration page o ...)
	NOT-FOR-US: administration page of the WTI Like Post plugin for WordPress
CVE-2020-8798 (httpd in Juplink RX4-1500 v1.0.3-v1.0.5 allows remote attackers to cha ...)
	NOT-FOR-US: Juplink
CVE-2020-8797 (Juplink RX4-1500 v1.0.3 allows remote attackers to gain root access to ...)
	NOT-FOR-US: Juplink
CVE-2020-8796 (Biscom Secure File Transfer (SFT) before 5.1.1071 and 6.0.1xxx before  ...)
	NOT-FOR-US: Biscom Secure File Transfer (SFT)
CVE-2020-8795 (In GitLab Enterprise Edition (EE) 12.5.0 through 12.7.5, sharing a gro ...)
	- gitlab <not-affected> (Only affects EE version)
	NOTE: https://about.gitlab.com/releases/2020/02/13/critical-security-release-gitlab-12-dot-7-dot-6-released/
CVE-2020-8794 (OpenSMTPD before 6.6.4 allows remote code execution because of an out- ...)
	{DSA-4634-1}
	- opensmtpd 6.6.4p1-1 (bug #952453)
	NOTE: https://www.openwall.com/lists/oss-security/2020/02/24/5
	NOTE: https://poolp.org/posts/2020-01-30/opensmtpd-advisory-dissected/
	NOTE: https://www.openwall.com/lists/oss-security/2020/02/26/1
CVE-2020-8793 (OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g ...)
	- opensmtpd 6.6.4p1-1 (unimportant; bug #952453)
	[buster] - opensmtpd 6.0.3p1-5+deb10u4
	[stretch] - opensmtpd 6.0.2p1-2+deb9u3
	NOTE: https://www.openwall.com/lists/oss-security/2020/02/24/4
	NOTE: https://ftp.openbsd.org/pub/OpenBSD/patches/6.6/common/021_smtpd_envelope.patch.sig
	NOTE: https://poolp.org/posts/2020-01-30/opensmtpd-advisory-dissected/
	NOTE: Neutralised by kernel hardening
CVE-2020-8792 (The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlo ...)
	NOT-FOR-US: OKLOK
CVE-2020-8791 (The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlo ...)
	NOT-FOR-US: OKLOK
CVE-2020-8790 (The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlo ...)
	NOT-FOR-US: OKLOK
CVE-2020-8789 (Composr 10.0.30 allows Persistent XSS via a Usergroup name under the S ...)
	NOT-FOR-US: Composr
CVE-2020-8788 (Synaptive Medical ClearCanvas ImageServer 3.0 Alpha allows XSS (and HT ...)
	NOT-FOR-US: Synaptive Medical ClearCanvas ImageServer
CVE-2020-8787 (SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to ...)
	NOT-FOR-US: SuiteCRM
CVE-2020-8786 (SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to ...)
	NOT-FOR-US: SuiteCRM
CVE-2020-8785 (SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to ...)
	NOT-FOR-US: SuiteCRM
CVE-2020-8784 (SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to ...)
	NOT-FOR-US: SuiteCRM
CVE-2020-8783 (SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to ...)
	NOT-FOR-US: SuiteCRM
CVE-2020-8782 (Unauthenticated RPC server on ALEOS before 4.4.9, 4.9.5, and 4.14.0 al ...)
	NOT-FOR-US: ALEOS
CVE-2020-8781 (Lack of input sanitization in UpdateRebootMgr service of ALEOS 4.11 an ...)
	NOT-FOR-US: ALEOS
CVE-2020-8780
	RESERVED
CVE-2020-8779
	RESERVED
CVE-2020-8778 (Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 ( ...)
	NOT-FOR-US: Alfresco
CVE-2020-8777 (Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 ( ...)
	NOT-FOR-US: Alfresco
CVE-2020-8776 (Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 ( ...)
	NOT-FOR-US: Alfresco
CVE-2020-8775 (Pega Platform before version 8.2.6 is affected by a Stored Cross-Site  ...)
	NOT-FOR-US: Pega Platform
CVE-2020-8774 (Pega Platform before version 8.2.6 is affected by a Reflected Cross-Si ...)
	NOT-FOR-US: Pega Platform
CVE-2020-8773 (The Richtext Editor in Pega Platform before 8.2.6 is affected by a Sto ...)
	NOT-FOR-US: Pega Platform
CVE-2020-8772 (The InfiniteWP Client plugin before 1.9.4.5 for WordPress has a missin ...)
	NOT-FOR-US: InfiniteWP Client plugin for WordPress
CVE-2020-8771 (The Time Capsule plugin before 1.21.16 for WordPress has an authentica ...)
	NOT-FOR-US: Time Capsule plugin for WordPress
CVE-2020-8770
	RESERVED
CVE-2020-8769
	RESERVED
CVE-2020-8768 (An issue was discovered on Phoenix Contact Emalytics Controller ILC 20 ...)
	NOT-FOR-US: PHOENIX CONTACT Emalytics Controller ILC 2050 BI(L)
CVE-2020-8767 (Uncaught exception in the Intel(R) 50GbE IP Core for Intel(R) Quartus  ...)
	NOT-FOR-US: Intel
CVE-2020-8766 (Improper conditions check in the Intel(R) SGX DCAP software before ver ...)
	NOT-FOR-US: Intel
CVE-2020-8765 (Incorrect default permissions in the installer for the Intel(R) RealSe ...)
	NOT-FOR-US: Intel
CVE-2020-8764 (Improper access control in BIOS firmware for some Intel(R) Processors  ...)
	NOT-FOR-US: Intel
CVE-2020-8763 (Improper permissions in the installer for the Intel(R) RealSense(TM) D ...)
	NOT-FOR-US: Intel
CVE-2020-8762
	RESERVED
CVE-2020-8761 (Inadequate encryption strength in subsystem for Intel(R) CSME versions ...)
	NOT-FOR-US: Intel
CVE-2020-8760 (Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80 ...)
	NOT-FOR-US: Intel
CVE-2020-8759 (Improper access control in the installer for Intel(R) SSD DCT versions ...)
	NOT-FOR-US: Intel
CVE-2020-8758 (Improper buffer restrictions in network subsystem in provisioned Intel ...)
	NOT-FOR-US: Intel
CVE-2020-8757 (Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8. ...)
	NOT-FOR-US: Intel
CVE-2020-8756 (Improper input validation in subsystem for Intel(R) CSME versions befo ...)
	NOT-FOR-US: Intel
CVE-2020-8755 (Race condition in subsystem for Intel(R) CSME versions before 12.0.70  ...)
	NOT-FOR-US: Intel
CVE-2020-8754 (Out-of-bounds read in subsystem for Intel(R) AMT, Intel(R) ISM version ...)
	NOT-FOR-US: Intel
CVE-2020-8753 (Out-of-bounds read in DHCP subsystem for Intel(R) AMT, Intel(R) ISM ve ...)
	NOT-FOR-US: Intel
CVE-2020-8752 (Out-of-bounds write in IPv6 subsystem for Intel(R) AMT, Intel(R) ISM v ...)
	NOT-FOR-US: Intel
CVE-2020-8751 (Insufficient control flow management in subsystem for Intel(R) CSME ve ...)
	NOT-FOR-US: Intel
CVE-2020-8750 (Use after free in Kernel Mode Driver for Intel(R) TXE versions before  ...)
	NOT-FOR-US: Intel
CVE-2020-8749 (Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8. ...)
	NOT-FOR-US: Intel
CVE-2020-8748
	RESERVED
CVE-2020-8747 (Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8. ...)
	NOT-FOR-US: Intel
CVE-2020-8746 (Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80 ...)
	NOT-FOR-US: Intel
CVE-2020-8745 (Insufficient control flow management in subsystem for Intel(R) CSME ve ...)
	NOT-FOR-US: Intel
CVE-2020-8744 (Improper initialization in subsystem for Intel(R) CSME versions before ...)
	NOT-FOR-US: Intel
CVE-2020-8743 (Improper permissions in the installer for the Intel(R) Mailbox Interfa ...)
	NOT-FOR-US: Intel
CVE-2020-8742 (Improper input validation in the firmware for Intel(R) NUCs may allow  ...)
	NOT-FOR-US: Intel
CVE-2020-8741 (Improper permissions in the installer for the Intel(R) Thunderbolt(TM) ...)
	NOT-FOR-US: Intel
CVE-2020-8740 (Out of bounds write in Intel BIOS platform sample code for some Intel( ...)
	NOT-FOR-US: Intel
CVE-2020-8739 (Use of potentially dangerous function in Intel BIOS platform sample co ...)
	NOT-FOR-US: Intel
CVE-2020-8738 (Improper conditions check in Intel BIOS platform sample code for some  ...)
	NOT-FOR-US: Intel
CVE-2020-8737 (Improper buffer restrictions in the Intel(R) Stratix(R) 10 FPGA firmwa ...)
	NOT-FOR-US: Intel
CVE-2020-8736 (Improper access control in subsystem for the Intel(R) Computing Improv ...)
	NOT-FOR-US: Intel
CVE-2020-8735
	RESERVED
CVE-2020-8734 (Improper input validation in the firmware for Intel(R) Server Board M1 ...)
	NOT-FOR-US: Intel
CVE-2020-8733 (Improper buffer restrictions in the firmware for Intel(R) Server Board ...)
	NOT-FOR-US: Intel
CVE-2020-8732 (Heap-based buffer overflow in the firmware for some Intel(R) Server Bo ...)
	NOT-FOR-US: Intel
CVE-2020-8731 (Incorrect execution-assigned permissions in the file system for some I ...)
	NOT-FOR-US: Intel
CVE-2020-8730 (Heap-based overflow for some Intel(R) Server Boards, Server Systems an ...)
	NOT-FOR-US: Intel
CVE-2020-8729 (Buffer copy without checking size of input for some Intel(R) Server Bo ...)
	NOT-FOR-US: Intel
CVE-2020-8728
	RESERVED
CVE-2020-8727
	RESERVED
CVE-2020-8726
	RESERVED
CVE-2020-8725
	RESERVED
CVE-2020-8724
	RESERVED
CVE-2020-8723 (Cross-site scripting for some Intel(R) Server Boards, Server Systems a ...)
	NOT-FOR-US: Intel
CVE-2020-8722 (Buffer overflow in a subsystem for some Intel(R) Server Boards, Server ...)
	NOT-FOR-US: Intel
CVE-2020-8721 (Improper input validation for some Intel(R) Server Boards, Server Syst ...)
	NOT-FOR-US: Intel
CVE-2020-8720 (Buffer overflow in a subsystem for some Intel(R) Server Boards, Server ...)
	NOT-FOR-US: Intel
CVE-2020-8719 (Buffer overflow in subsystem for some Intel(R) Server Boards, Server S ...)
	NOT-FOR-US: Intel
CVE-2020-8718 (Buffer overflow in a subsystem for some Intel(R) Server Boards, Server ...)
	NOT-FOR-US: Intel
CVE-2020-8717 (Improper input validation in a subsystem for some Intel Server Boards, ...)
	NOT-FOR-US: Intel
CVE-2020-8716 (Improper access control for some Intel(R) Server Boards, Server System ...)
	NOT-FOR-US: Intel
CVE-2020-8715 (Invalid pointer for some Intel(R) Server Boards, Server Systems and Co ...)
	NOT-FOR-US: Intel
CVE-2020-8714 (Improper authentication for some Intel(R) Server Boards, Server System ...)
	NOT-FOR-US: Intel
CVE-2020-8713 (Improper authentication for some Intel(R) Server Boards, Server System ...)
	NOT-FOR-US: Intel
CVE-2020-8712 (Buffer overflow in a verification process for some Intel(R) Server Boa ...)
	NOT-FOR-US: Intel
CVE-2020-8711 (Improper access control in the bootloader for some Intel(R) Server Boa ...)
	NOT-FOR-US: Intel
CVE-2020-8710 (Buffer overflow in the bootloader for some Intel(R) Server Boards, Ser ...)
	NOT-FOR-US: Intel
CVE-2020-8709 (Improper authentication in socket services for some Intel(R) Server Bo ...)
	NOT-FOR-US: Intel
CVE-2020-8708 (Improper authentication for some Intel(R) Server Boards, Server System ...)
	NOT-FOR-US: Intel
CVE-2020-8707 (Buffer overflow in daemon for some Intel(R) Server Boards, Server Syst ...)
	NOT-FOR-US: Intel
CVE-2020-8706 (Buffer overflow in a daemon for some Intel(R) Server Boards, Server Sy ...)
	NOT-FOR-US: Intel
CVE-2020-8705 (Insecure default initialization of resource in Intel(R) Boot Guard in  ...)
	NOT-FOR-US: Intel
CVE-2020-8704 (Race condition in a subsystem in the Intel(R) LMS versions before 2039 ...)
	NOT-FOR-US: Intel
CVE-2020-8703 (Improper buffer restrictions in a subsystem in the Intel(R) CSME versi ...)
	NOT-FOR-US: Intel
CVE-2020-8702 (Uncontrolled search path element in the Intel(R) Processor Diagnostic  ...)
	NOT-FOR-US: Intel
CVE-2020-8701 (Incorrect default permissions in installer for the Intel(R) SSD Toolbo ...)
	NOT-FOR-US: Intel
CVE-2020-8700 (Improper input validation in the firmware for some Intel(R) Processors ...)
	NOT-FOR-US: Intel
CVE-2020-8699
	RESERVED
CVE-2020-8698 (Improper isolation of shared resources in some Intel(R) Processors may ...)
	{DLA-2546-1}
	- intel-microcode 3.20201110.1
	[buster] - intel-microcode 3.20201118.1~deb10u1
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html
CVE-2020-8697
	RESERVED
CVE-2020-8696 (Improper removal of sensitive information before storage or transfer i ...)
	{DLA-2546-1}
	- intel-microcode 3.20201110.1
	[buster] - intel-microcode 3.20201118.1~deb10u1
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html
CVE-2020-8695 (Observable discrepancy in the RAPL interface for some Intel(R) Process ...)
	{DLA-2546-1}
	- intel-microcode 3.20201110.1
	[buster] - intel-microcode 3.20201118.1~deb10u1
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html
CVE-2020-8694 (Insufficient access control in the Linux kernel driver for some Intel( ...)
	{DLA-2494-1 DLA-2483-1}
	- linux 5.9.9-1
	[buster] - linux 4.19.160-1
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html
	NOTE: https://git.kernel.org/linus/949dd0104c496fa7c14991a23c03c62e44637e71
CVE-2020-8693 (Improper buffer restrictions in the firmware of the Intel(R) Ethernet  ...)
	NOT-FOR-US: Intel drivers for Ethernet 700 series (apparently for Windows)
CVE-2020-8692 (Insufficient access control in the firmware of the Intel(R) Ethernet 7 ...)
	NOT-FOR-US: Intel drivers for Ethernet 700 series (apparently for Windows)
CVE-2020-8691 (A logic issue in the firmware of the Intel(R) Ethernet 700 Series Cont ...)
	NOT-FOR-US: Intel drivers for Ethernet 700 series (apparently for Windows)
CVE-2020-8690 (Protection mechanism failure in Intel(R) Ethernet 700 Series Controlle ...)
	NOT-FOR-US: Intel drivers for Ethernet 700 series (apparently for Windows)
CVE-2020-8689 (Improper buffer restrictions in the Intel(R) Wireless for Open Source  ...)
	- iwd 1.5-1
	[buster] - iwd <no-dsa> (Minor issue)
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00379.html
CVE-2020-8688 (Improper input validation in the Intel(R) RAID Web Console 3 for Windo ...)
	NOT-FOR-US: Intel
CVE-2020-8687 (Uncontrolled search path in the installer for Intel(R) RSTe Software R ...)
	NOT-FOR-US: Intel
CVE-2020-8686
	RESERVED
CVE-2020-8685 (Improper authentication in subsystem for Intel (R) LED Manager for NUC ...)
	NOT-FOR-US: Intel
CVE-2020-8684 (Improper access control in firmware for Intel(R) PAC with Arria(R) 10  ...)
	NOT-FOR-US: Intel
CVE-2020-8683 (Improper buffer restrictions in system driver for some Intel(R) Graphi ...)
	NOT-FOR-US: Intel
CVE-2020-8682 (Out of bounds read in system driver for some Intel(R) Graphics Drivers ...)
	NOT-FOR-US: Intel
CVE-2020-8681 (Out of bounds write in system driver for some Intel(R) Graphics Driver ...)
	NOT-FOR-US: Intel
CVE-2020-8680 (Race condition in some Intel(R) Graphics Drivers before version 15.40. ...)
	NOT-FOR-US: Intel
CVE-2020-8679 (Out-of-bounds write in Kernel Mode Driver for some Intel(R) Graphics D ...)
	NOT-FOR-US: Intel
CVE-2020-8678 (Improper access control for Intel(R) Graphics Drivers before version 1 ...)
	NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-8677 (Improper access control in the Intel(R) Visual Compute Accelerator 2,  ...)
	NOT-FOR-US: Intel
CVE-2020-8676 (Improper access control in the Intel(R) Visual Compute Accelerator 2,  ...)
	NOT-FOR-US: Intel
CVE-2020-8675 (Insufficient control flow management in firmware build and signing too ...)
	NOT-FOR-US: Intel
CVE-2020-8674 (Out-of-bounds read in DHCPv6 subsystem in Intel(R) AMT and Intel(R)ISM ...)
	NOT-FOR-US: Intel
CVE-2020-8673
	RESERVED
CVE-2020-8672 (Out of bound read in BIOS firmware for 8th, 9th Generation Intel(R) Co ...)
	NOT-FOR-US: Intel
CVE-2020-8671 (Insufficient control flow management in BIOS firmware 8th, 9th Generat ...)
	NOT-FOR-US: Intel
CVE-2020-8670 (Race condition in the firmware for some Intel(R) Processors may allow  ...)
	NOT-FOR-US: Intel
CVE-2020-8669 (Improper input validation in the Intel(R) Data Center Manager Console  ...)
	NOT-FOR-US: Intel
CVE-2020-8668
	RESERVED
CVE-2020-8667
	RESERVED
CVE-2020-8666
	RESERVED
CVE-2020-8665
	RESERVED
CVE-2020-8664 (CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS  ...)
	- envoyproxy <itp> (bug #987544)
CVE-2020-8663 (Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may exhaust file descr ...)
	- envoyproxy <itp> (bug #987544)
CVE-2020-8662
	RESERVED
CVE-2020-8661 (CNCF Envoy through 1.13.0 may consume excessive amounts of memory when ...)
	- envoyproxy <itp> (bug #987544)
CVE-2020-8660 (CNCF Envoy through 1.13.0 TLS inspector bypass. TLS inspector could ha ...)
	- envoyproxy <itp> (bug #987544)
CVE-2020-8659 (CNCF Envoy through 1.13.0 may consume excessive amounts of memory when ...)
	- envoyproxy <itp> (bug #987544)
CVE-2020-8658 (The BestWebSoft Htaccess plugin through 1.8.1 for WordPress allows wp- ...)
	NOT-FOR-US: BestWebSoft Htaccess plugin for WordPress
CVE-2020-8657 (An issue was discovered in EyesOfNetwork 5.3. The installation uses th ...)
	NOT-FOR-US: EyesOfNetwork (EON)
CVE-2020-8656 (An issue was discovered in EyesOfNetwork 5.3. The EyesOfNetwork API 2. ...)
	NOT-FOR-US: EyesOfNetwork (EON)
CVE-2020-8655 (An issue was discovered in EyesOfNetwork 5.3. The sudoers configuratio ...)
	NOT-FOR-US: EyesOfNetwork (EON)
CVE-2020-8654 (An issue was discovered in EyesOfNetwork 5.3. An authenticated web use ...)
	NOT-FOR-US: EyesOfNetwork (EON)
CVE-2020-8653
	RESERVED
CVE-2020-8652
	RESERVED
CVE-2020-8651
	RESERVED
CVE-2020-8650
	RESERVED
CVE-2020-8646
	RESERVED
CVE-2020-8645 (An issue was discovered in Simplejobscript.com SJS through 1.66. There ...)
	NOT-FOR-US: Simplejobscript.com SJS
CVE-2020-8644 (PlaySMS before 1.4.3 does not sanitize inputs from a malicious string. ...)
	NOT-FOR-US: PlaySMS
CVE-2020-8643
	RESERVED
CVE-2020-8642
	RESERVED
CVE-2020-8641 (Lotus Core CMS 1.0.1 allows authenticated Local File Inclusion of .php ...)
	NOT-FOR-US: Lotus Core CMS
CVE-2020-8649 (There is a use-after-free vulnerability in the Linux kernel through 5. ...)
	{DSA-4698-1 DLA-2242-1 DLA-2241-1}
	- linux 5.5.13-1
	[buster] - linux 4.19.118-1
	NOTE: https://git.kernel.org/linus/513dc792d6060d5ef572e43852683097a8420f56
CVE-2020-8648 (There is a use-after-free vulnerability in the Linux kernel through 5. ...)
	{DSA-4698-1 DLA-2242-1 DLA-2241-1}
	- linux 5.5.13-1
	[buster] - linux 4.19.118-1
	NOTE: https://git.kernel.org/linus/07e6124a1a46b4b5a9b3cacc0c306b50da87abf5
CVE-2020-8647 (There is a use-after-free vulnerability in the Linux kernel through 5. ...)
	{DSA-4698-1 DLA-2242-1 DLA-2241-1}
	- linux 5.5.13-1
	[buster] - linux 4.19.118-1
	NOTE: https://git.kernel.org/linus/513dc792d6060d5ef572e43852683097a8420f56
CVE-2020-8640
	RESERVED
CVE-2020-8639 (An unrestricted file upload vulnerability in keywordsImport.php in Tes ...)
	NOT-FOR-US: TestLink
CVE-2020-8638 (A SQL injection vulnerability in TestLink 1.9.20 allows attackers to e ...)
	NOT-FOR-US: TestLink
CVE-2020-8637 (A SQL injection vulnerability in TestLink 1.9.20 allows attackers to e ...)
	NOT-FOR-US: TestLink
CVE-2020-8636 (An issue was discovered in OpServices OpMon 9.3.2 that allows Remote C ...)
	NOT-FOR-US: OpServices OpMon
CVE-2020-8635 (Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure per ...)
	NOT-FOR-US: Wing FTP Server
CVE-2020-8634 (Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure per ...)
	NOT-FOR-US: Wing FTP Server
CVE-2020-8633 (An issue was discovered in Zimbra Collaboration Suite (ZCS) before 8.8 ...)
	NOT-FOR-US: Zimbra Collaboration Suite (ZCS)
CVE-2020-8632 (In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_ ...)
	{DLA-2113-1}
	- cloud-init 19.4-2 (bug #951363)
	[buster] - cloud-init <no-dsa> (Minor issue)
	[stretch] - cloud-init <no-dsa> (Minor issue)
	NOTE: https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1860795
	NOTE: https://github.com/canonical/cloud-init/pull/189
	NOTE: https://github.com/canonical/cloud-init/commit/42788bf24a1a0a5421a2d00a7f59b59e38ba1a14
CVE-2020-8631 (cloud-init through 19.4 relies on Mersenne Twister for a random passwo ...)
	{DLA-2113-1}
	- cloud-init 19.4-2 (bug #951362)
	[buster] - cloud-init <no-dsa> (Minor issue)
	[stretch] - cloud-init <no-dsa> (Minor issue)
	NOTE: https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1860795
	NOTE: https://github.com/canonical/cloud-init/pull/204
CVE-2020-8630
	REJECTED
CVE-2020-8629
	REJECTED
CVE-2020-8628
	REJECTED
CVE-2020-8627
	REJECTED
CVE-2020-8626
	REJECTED
CVE-2020-8625 (BIND servers are vulnerable if they are running an affected version an ...)
	{DSA-4857-1 DLA-2568-1}
	- bind9 1:9.16.12-1 (bug #983004)
	NOTE: https://kb.isc.org/v1/docs/cve-2020-8625
	NOTE: 9.11 branch: https://downloads.isc.org/isc/bind9/9.11.28/patches
	NOTE: 9.16 branch: https://downloads.isc.org/isc/bind9/9.16.12/patches
	NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/b04cb88462863d762093760ffcfe1946200e30f5
CVE-2020-8624 (In BIND 9.9.12 -&gt; 9.9.13, 9.10.7 -&gt; 9.10.8, 9.11.3 -&gt; 9.11.21 ...)
	{DSA-4752-1}
	- bind9 1:9.16.6-1 (bug #966497)
	[stretch] - bind9 <not-affected> (Vulnerable code (dns_ssu_mtypefromstring()) introduced later)
	NOTE: https://kb.isc.org/docs/cve-2020-8624
	NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/7630a64141a997b5247d9ad4a7dfff6ac6d9a485 (v9_16_6)
	NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/5bf457e89a3fdc355aad74140f5e010b42d1df82 (v9_16_6)
	NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/14aa0c5df65d28cf6aaf437151c6a008afb66fb1 (v9_16_6)
	NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/e4cccf9668c7adee4724a7649ec64685f82c8677 (v9_11_22)
	NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/393e8f643c02215fa4e6d4edf67be7d77085da0e (v9_11_22)
	NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/58e560beb50873c699f3431cf57e215dc645d7aa (v9_11_22)
CVE-2020-8623 (In BIND 9.10.0 -&gt; 9.11.21, 9.12.0 -&gt; 9.16.5, 9.17.0 -&gt; 9.17.3 ...)
	{DSA-4752-1 DLA-2355-1}
	- bind9 1:9.16.6-1
	NOTE: https://kb.isc.org/docs/cve-2020-8623
	NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/ac3862a5da95bb07b6cf748b0958175687a9de1d (v9_16_6)
	NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/8d807cc21655eaa6e6a08afafeec3682c0f3f2ab (v9_11_22)
CVE-2020-8622 (In BIND 9.0.0 -&gt; 9.11.21, 9.12.0 -&gt; 9.16.5, 9.17.0 -&gt; 9.17.3, ...)
	{DSA-4752-1 DLA-2355-1}
	- bind9 1:9.16.6-1
	NOTE: https://kb.isc.org/docs/cve-2020-8622
	NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/0eec632d6a5a474280017ec949d8a8014612f3b3 (v9_16_6)
	NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/6ed167ad0a647dff20c8cb08c944a7967df2d415 (v9_11_22)
CVE-2020-8621 (In BIND 9.14.0 -&gt; 9.16.5, 9.17.0 -&gt; 9.17.3, If a server is confi ...)
	- bind9 1:9.16.6-1
	[buster] - bind9 <not-affected> (Vulnerable code introduced in 9.14.x)
	[stretch] - bind9 <not-affected> (Vulnerable code introduced in 9.14.x)
	NOTE: https://kb.isc.org/docs/cve-2020-8621
	NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/81514ff925dfc6e0c293745e0fc8320a8af95586 (v9_16_6)
CVE-2020-8620 (In BIND 9.15.6 -&gt; 9.16.5, 9.17.0 -&gt; 9.17.3, An attacker who can  ...)
	- bind9 1:9.16.6-1
	[buster] - bind9 <not-affected> (Vulnerable code introduced later)
	[stretch] - bind9 <not-affected> (Vulnerable code introduced later)
	NOTE: https://kb.isc.org/docs/cve-2020-8620
	NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/9a372f2bce642545164d2b4408eb6c4e301acc5e (v9_16_6)
CVE-2020-8619 (In ISC BIND9 versions BIND 9.11.14 -&gt; 9.11.19, BIND 9.14.9 -&gt; 9. ...)
	{DSA-4752-1}
	- bind9 1:9.16.4-1
	[stretch] - bind9 <not-affected> (Vulnerable code introduced later)
	[jessie] - bind9 <not-affected> (Vulnerable code introduced later)
	NOTE: https://kb.isc.org/docs/cve-2020-8619
	NOTE: https://gitlab.isc.org/isc-projects/bind9/-/issues/1718
	NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/0854f631149848b64cc193979d0b0edf39159330 (v9_17_3)
	NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/90a7416d1599df7aa1cdfac33b2da9352eeec4b0 (v9_11_21)
CVE-2020-8618 (An attacker who is permitted to send zone data to a server via zone tr ...)
	- bind9 1:9.16.4-1
	[buster] - bind9 <not-affected> (Vulnerable code introduced later)
	[stretch] - bind9 <not-affected> (Vulnerable code introduced later)
	[jessie] - bind9 <not-affected> (Vulnerable code introduced later)
	NOTE: https://kb.isc.org/docs/cve-2020-8618
	NOTE: https://gitlab.isc.org/isc-projects/bind9/-/issues/1850
CVE-2020-8617 (Using a specially-crafted message, an attacker may potentially cause a ...)
	{DSA-4689-1 DLA-2227-1}
	- bind9 1:9.16.3-1 (bug #961939)
	NOTE: https://kb.isc.org/docs/cve-2020-8617
	NOTE: https://kb.isc.org/docs/cve-2020-8617-faq-and-supplemental-information
CVE-2020-8616 (A malicious actor who intentionally exploits this lack of effective li ...)
	{DSA-4689-1 DLA-2227-1}
	- bind9 1:9.16.3-1 (bug #961939)
	NOTE: https://kb.isc.org/docs/cve-2020-8616
CVE-2020-8615 (A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPres ...)
	NOT-FOR-US: Tutor LMS plugin for WordPress
CVE-2020-8614 (An issue was discovered on Askey AP4000W TDC_V1.01.003 devices. An att ...)
	NOT-FOR-US: Askey devices
CVE-2020-8613
	RESERVED
CVE-2020-8612 (In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2 ...)
	NOT-FOR-US: Progress MOVEit Transfer
CVE-2020-8611 (In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2 ...)
	NOT-FOR-US: Progress MOVEit Transfer
CVE-2020-8610
	RESERVED
CVE-2020-8609
	RESERVED
CVE-2020-8608 (In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf  ...)
	{DSA-4733-1 DLA-2551-1 DLA-2288-1 DLA-2144-1 DLA-2142-1}
	- libslirp 4.2.0-1
	- qemu 1:4.1-2
	- qemu-kvm <removed>
	- slirp 1:1.0.17-11
	[buster] - slirp 1:1.0.17-8+deb10u1
	- slirp4netns 1.0.1-1
	[buster] - slirp4netns <no-dsa> (Minor issue)
	NOTE: https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843
	NOTE: https://gitlab.freedesktop.org/slirp/libslirp/commit/30648c03b27fb8d9611b723184216cd3174b6775
	NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed.
	NOTE: slirp4netns 1.0.1-1 switched to system libslirp, marking that version as fixed.
	NOTE: https://github.com/rootless-containers/slirp4netns/security/advisories/GHSA-p3hx-89v2-4r99
CVE-2020-8607 (An input validation vulnerability found in multiple Trend Micro produc ...)
	NOT-FOR-US: Trend Micro
CVE-2020-8606 (A vulnerability in Trend Micro InterScan Web Security Virtual Applianc ...)
	NOT-FOR-US: Trend Micro
CVE-2020-8605 (A vulnerability in Trend Micro InterScan Web Security Virtual Applianc ...)
	NOT-FOR-US: Trend Micro
CVE-2020-8604 (A vulnerability in Trend Micro InterScan Web Security Virtual Applianc ...)
	NOT-FOR-US: Trend Micro
CVE-2020-8603 (A cross-site scripting vulnerability (XSS) in Trend Micro InterScan We ...)
	NOT-FOR-US: Trend Micro
CVE-2020-8602 (A vulnerability in the management consoles of Trend Micro Deep Securit ...)
	NOT-FOR-US: Trend Micro
CVE-2020-8601 (Trend Micro Vulnerability Protection 2.0 is affected by a vulnerabilit ...)
	NOT-FOR-US: Trend Micro
CVE-2020-8600 (Trend Micro Worry-Free Business Security (9.0, 9.5, 10.0) is affected  ...)
	NOT-FOR-US: Trend Micro
CVE-2020-8599 (Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnera ...)
	NOT-FOR-US: Trend Micro
CVE-2020-8598 (Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Sec ...)
	NOT-FOR-US: Trend Micro
CVE-2020-8597 (eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overf ...)
	{DSA-4632-1 DLA-2097-1}
	- lwip 2.1.2+dfsg1-5 (bug #951291)
	[buster] - lwip 2.0.3-3+deb10u1
	- ppp 2.4.8-1+1 (bug #950618)
	NOTE: http://git.savannah.nongnu.org/cgit/lwip.git/commit/?id=2ee3cbe69c6d2805e64e7cac2a1c1706e49ffd86
	NOTE: https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426
CVE-2020-8596 (participants-database.php in the Participants Database plugin 1.9.5.5  ...)
	NOT-FOR-US: Participants Database plugin for WordPress
CVE-2020-8595 (Istio versions 1.2.10 (End of Life) and prior, 1.3 through 1.3.7, and  ...)
	NOT-FOR-US: Istio
CVE-2020-8594 (The Ninja Forms plugin 3.4.22 for WordPress has Multiple Stored XSS vu ...)
	NOT-FOR-US: Ninja Forms plugin for WordPress
CVE-2020-8593
	RESERVED
CVE-2020-8592 (eG Manager 7.1.2 allows SQL Injection via the user parameter to com.eg ...)
	NOT-FOR-US: eG Manager
CVE-2020-8591 (eG Manager 7.1.2 allows authentication bypass via a com.egurkha.EgLogi ...)
	NOT-FOR-US: eG Manager
CVE-2020-8590 (Clustered Data ONTAP versions prior to 9.1P18 and 9.3P12 are susceptib ...)
	NOT-FOR-US: Clustered Data ONTAP
CVE-2020-8589 (Clustered Data ONTAP versions prior to 9.3P20 and 9.5P15 are susceptib ...)
	NOT-FOR-US: Clustered Data ONTAP
CVE-2020-8588 (Clustered Data ONTAP versions prior to 9.3P20 and 9.5P15 are susceptib ...)
	NOT-FOR-US: Clustered Data ONTAP
CVE-2020-8587 (OnCommand System Manager 9.x versions prior to 9.3P20 and 9.4 prior to ...)
	NOT-FOR-US: NetApp
CVE-2020-8586
	RESERVED
CVE-2020-8585 (OnCommand Unified Manager Core Package versions prior to 5.2.5 may dis ...)
	NOT-FOR-US: OnCommand Unified Manager Core Package
CVE-2020-8584 (Element OS versions prior to 1.8P1 and 12.2 are susceptible to a vulne ...)
	NOT-FOR-US: Element OS
CVE-2020-8583 (Element Software versions prior to 12.2 and HCI versions prior to 1.8P ...)
	NOT-FOR-US: HCI
CVE-2020-8582 (Element Software versions prior to 12.2 and HCI versions prior to 1.8P ...)
	NOT-FOR-US: HCI
CVE-2020-8581 (Clustered Data ONTAP versions prior to 9.3P20 and 9.5 are susceptible  ...)
	NOT-FOR-US: Clustered Data ONTAP
CVE-2020-8580 (SANtricity OS Controller Software versions 11.30 and higher are suscep ...)
	NOT-FOR-US: SANtricity OS Controller Software
CVE-2020-8579 (Clustered Data ONTAP versions 9.7 through 9.7P7 are susceptible to a v ...)
	NOT-FOR-US: Clustered Data ONTAP
CVE-2020-8578 (Clustered Data ONTAP versions prior to 9.3P20 are susceptible to a vul ...)
	NOT-FOR-US: Clustered Data ONTAP
CVE-2020-8577 (SANtricity OS Controller Software versions 11.50.1 and higher are susc ...)
	NOT-FOR-US: SANtricity OS Controller Software
CVE-2020-8576 (Clustered Data ONTAP versions prior to 9.3P19, 9.5P14, 9.6P9 and 9.7 a ...)
	NOT-FOR-US: ONTAP
CVE-2020-8575 (Active IQ Unified Manager for VMware vSphere and Windows versions prio ...)
	NOT-FOR-US: Active IQ Unified Manager
CVE-2020-8574 (Active IQ Unified Manager for Linux versions prior to 9.6 ship with th ...)
	NOT-FOR-US: Active IQ Unified Manager
CVE-2020-8573 (The NetApp HCI H610C, H615C and H610S Baseboard Management Controllers ...)
	NOT-FOR-US: NetApp
CVE-2020-8572 (Element OS prior to version 12.0 and Element HealthTools prior to vers ...)
	NOT-FOR-US: Element OS
CVE-2020-8571 (StorageGRID (formerly StorageGRID Webscale) versions 10.0.0 through 11 ...)
	NOT-FOR-US: StorageGRID
CVE-2020-8570 (Kubernetes Java client libraries in version 10.0.0 and versions prior  ...)
	NOT-FOR-US: Kubernetes Java client
CVE-2020-8569 (Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could pa ...)
	NOT-FOR-US: Kubernetes CSI Snapshotter
	NOTE: https://github.com/kubernetes-csi/external-snapshotter/issues/421
CVE-2020-8568 (Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16 allow ...)
	NOT-FOR-US: Kubernetes Secrets Store CSI Driver
CVE-2020-8567 (Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azur ...)
	NOT-FOR-US: Kubernetes Secrets Store CSI Driver
CVE-2020-8566 (In Kubernetes clusters using Ceph RBD as a storage provisioner, with l ...)
	- kubernetes 1.19.3-1 (bug #972341)
	NOTE: https://github.com/kubernetes/kubernetes/pull/95245
	NOTE: https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk
	NOTE: https://github.com/kubernetes/kubernetes/issues/95624
CVE-2020-8565 (In Kubernetes, if the logging level is set to at least 9, authorizatio ...)
	- kubernetes 1.20.0-1 (bug #972649)
	NOTE: https://github.com/kubernetes/kubernetes/pull/95316
	NOTE: https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk
	NOTE: https://github.com/kubernetes/kubernetes/issues/95623
CVE-2020-8564 (In Kubernetes clusters using a logging level of at least 4, processing ...)
	- kubernetes 1.19.3-1 (bug #972341)
	NOTE: https://github.com/kubernetes/kubernetes/pull/94712
	NOTE: https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk
	NOTE: https://github.com/kubernetes/kubernetes/issues/95622
CVE-2020-8563 (In Kubernetes clusters using VSphere as a cloud provider, with a loggi ...)
	- kubernetes <not-affected> (Only affects 19.x)
	NOTE: https://github.com/kubernetes/kubernetes/pull/95236
	NOTE: https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk
	NOTE: https://github.com/kubernetes/kubernetes/issues/95621
CVE-2020-8562 (As mitigations to a report from 2019 and CVE-2020-8555, Kubernetes att ...)
	- kubernetes <unfixed> (bug #990793)
	[bullseye] - kubernetes <not-affected> (Kubernetes in Bullseye only ships the client)
	NOTE: https://www.openwall.com/lists/oss-security/2021/05/04/8
	NOTE: Server components no longer built since 1.20.5+really1.20.2-1
CVE-2020-8561 (A security issue was discovered in Kubernetes where actors that contro ...)
	- kubernetes <unfixed>
	[bullseye] - kubernetes <not-affected> (Kubernetes in Bullseye only ships the client)
	NOTE: Server components no longer built since 1.20.5+really1.20.2-1
	NOTE: https://github.com/kubernetes/kubernetes/issues/104720
CVE-2020-8560
	RESERVED
CVE-2020-8559 (The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions pri ...)
	- kubernetes 1.18.5-1
	NOTE: https://www.openwall.com/lists/oss-security/2020/07/15/6
CVE-2020-8558 (The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17. ...)
	- kubernetes 1.18.5-1
	NOTE: Issue: https://github.com/kubernetes/kubernetes/issues/90259
	NOTE: Upstream fix: https://github.com/kubernetes/kubernetes/pull/91569
CVE-2020-8557 (The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17. ...)
	- kubernetes 1.18.5-1
	NOTE: https://github.com/kubernetes/kubernetes/issues/93032
	NOTE: https://github.com/kubernetes/kubernetes/pull/92916
CVE-2020-8556
	RESERVED
CVE-2020-8555 (The Kubernetes kube-controller-manager in versions v1.0-1.14, versions ...)
	- kubernetes 1.18.2-1
	NOTE: https://github.com/kubernetes/kubernetes/issues/91542
CVE-2020-8554 (Kubernetes API server in all versions allow an attacker who is able to ...)
	- kubernetes <unfixed> (bug #990793)
	[bullseye] - kubernetes <not-affected> (Kubernetes in Bullseye only ships the client)
	NOTE: https://www.openwall.com/lists/oss-security/2020/12/07/5
	NOTE: https://github.com/kubernetes/kubernetes/issues/97076
	NOTE: Server components no longer built since 1.20.5+really1.20.2-1
CVE-2020-8553 (The Kubernetes ingress-nginx component prior to version 0.28.0 allows  ...)
	NOT-FOR-US: Kubernetes ingress-nginx component
CVE-2020-8552 (The Kubernetes API server component in versions prior to 1.15.9, 1.16. ...)
	- kubernetes 1.17.4-1
	NOTE: https://github.com/kubernetes/kubernetes/issues/89378
CVE-2020-8551 (The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1. ...)
	- kubernetes 1.17.4-1
	NOTE: https://github.com/kubernetes/kubernetes/issues/89377
CVE-2020-8550
	RESERVED
CVE-2020-8549 (Stored XSS in the Strong Testimonials plugin before 2.40.1 for WordPre ...)
	NOT-FOR-US: Strong Testimonials plugin for WordPress
CVE-2020-8548 (massCode 1.0.0-alpha.6 allows XSS via crafted Markdown text, with resu ...)
	NOT-FOR-US: massCode
CVE-2020-8547 (phpList 3.5.0 allows type juggling for admin login bypass because == i ...)
	- phplist <itp> (bug #612288)
CVE-2020-8546
	RESERVED
CVE-2020-8545 (Global.py in AIL framework 2.8 allows path traversal. ...)
	NOT-FOR-US: AIL framework
CVE-2020-8544 (OX App Suite through 7.10.3 allows SSRF. ...)
	NOT-FOR-US: OX App Suite
CVE-2020-8543 (OX App Suite through 7.10.3 has Improper Input Validation. ...)
	NOT-FOR-US: OX App Suite
CVE-2020-8542 (OX App Suite through 7.10.3 allows XSS. ...)
	NOT-FOR-US: OX App Suite
CVE-2020-8541 (OX App Suite through 7.10.3 allows XXE attacks. ...)
	NOT-FOR-US: OX App Suite
CVE-2020-8540 (An XML external entity (XXE) vulnerability in Zoho ManageEngine Deskto ...)
	NOT-FOR-US: Zoho ManageEngine Desktop Central
CVE-2020-8539 (Kia Motors Head Unit with Software version: SOP.003.30.18.0703, SOP.00 ...)
	NOT-FOR-US: Kia Motors Head Unit with Software
CVE-2020-8538
	RESERVED
CVE-2020-8537
	RESERVED
CVE-2020-8536
	RESERVED
CVE-2020-8535
	RESERVED
CVE-2020-8534
	RESERVED
CVE-2020-8533
	RESERVED
CVE-2020-8532
	RESERVED
CVE-2020-8531
	RESERVED
CVE-2020-8530
	RESERVED
CVE-2020-8529
	RESERVED
CVE-2020-8528
	RESERVED
CVE-2020-8527
	RESERVED
CVE-2020-8526
	RESERVED
CVE-2020-8525
	RESERVED
CVE-2020-8524
	RESERVED
CVE-2020-8523
	RESERVED
CVE-2020-8522
	RESERVED
CVE-2020-8521 (SQL injection with start and length parameters in Records.php for phpz ...)
	NOT-FOR-US: phpzag
CVE-2020-8520 (SQL injection in order and column parameters in Records.php for phpzag ...)
	NOT-FOR-US: phpzag
CVE-2020-8519 (SQL injection with the search parameter in Records.php for phpzag live ...)
	NOT-FOR-US: phpzag
CVE-2020-8518 (Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary P ...)
	{DLA-2174-1}
	- php-horde-data 2.1.5-1 (bug #951537)
	[buster] - php-horde-data 2.1.4-5+deb10u1
	[stretch] - php-horde-data 2.1.4-3+deb9u1
	NOTE: https://lists.horde.org/archives/announce/2020/001285.html
	NOTE: https://github.com/horde/Data/commit/78ad0c2390176cdde7260a271bc6ddd86f4c9c0e
CVE-2020-8517 (An issue was discovered in Squid before 4.10. Due to incorrect input v ...)
	- squid 4.10-1 (unimportant)
	- squid3 <removed> (unimportant)
	NOTE: http://www.squid-cache.org/Advisories/SQUID-2020_3.txt
	NOTE: Squid 3.5: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-c62d2b43ad4962ea44aa0c5edb4cc99cb83a413d.patch
	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-6982f1187a26557e582172965e266f544ea562a5.patch
	NOTE: Debian binary packages are not build with --enable-external-acl-helpers="[...]LM_group[...".
CVE-2020-8516 (** DISPUTED ** The daemon in Tor through 0.4.1.8 and 0.4.2.x through 0 ...)
	- tor <unfixed> (unimportant)
	NOTE: Not considered a bug / explicit design choice by upstream
	NOTE: https://lists.torproject.org/pipermail/tor-dev/2020-February/014147.html
	NOTE: https://trac.torproject.org/projects/tor/ticket/33129
	NOTE: http://www.hackerfactor.com/blog/index.php?/archives/868-Deanonymizing-Tor-Circuits.html
CVE-2020-8515 (DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3. ...)
	NOT-FOR-US: DrayTek devices
CVE-2020-8514 (An issue was discovered in Rumpus 8.2.10 on macOS. By crafting a direc ...)
	NOT-FOR-US: Rumpus on macOS
CVE-2020-8513
	RESERVED
CVE-2020-8512 (In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webma ...)
	NOT-FOR-US: IceWarp Webmail Server
CVE-2020-8511 (In Artica Pandora FMS through 7.42, Web Admin users can execute arbitr ...)
	NOT-FOR-US: Artica Pandora FMS
CVE-2020-8510 (An issue was discovered in phpABook 0.9 Intermediate. On the login pag ...)
	NOT-FOR-US: phpABook
CVE-2020-8509 (Zoho ManageEngine Desktop Central before 10.0.483 allows unauthenticat ...)
	NOT-FOR-US: Zoho ManageEngine Desktop Central
CVE-2020-8508 (nsak64.sys in Norman Malware Cleaner 2.08.08 allows users to call arbi ...)
	NOT-FOR-US: Norman Malware Cleaner
CVE-2020-8507 (The Citytv Video application 4.08.0 for Android and 3.35 for iOS sends ...)
	NOT-FOR-US: Citytv Video application for Android and iOS
CVE-2020-8506 (The Global TV application 2.3.2 for Android and 4.7.5 for iOS sends Un ...)
	NOT-FOR-US: Global TV application for Android and iOS
CVE-2020-8505 (School Management Software PHP/mySQL through 2019-03-14 allows office_ ...)
	NOT-FOR-US: School Management Software PHP/mySQL
CVE-2020-8504 (School Management Software PHP/mySQL through 2019-03-14 allows office_ ...)
	NOT-FOR-US: School Management Software PHP/mySQL
CVE-2020-8503 (Biscom Secure File Transfer (SFT) 5.0.1050 through 5.1.1067 and 6.0.10 ...)
	NOT-FOR-US: Biscom Secure File Transfer (SFT)
CVE-2020-8502
	RESERVED
CVE-2020-8501
	RESERVED
CVE-2020-8500 (** DISPUTED ** In Artica Pandora FMS 7.42, Web Admin users can execute ...)
	NOT-FOR-US: Artica Pandora FMS
CVE-2020-8499
	RESERVED
CVE-2020-8498 (XSS exists in the shortcode functionality of the GistPress plugin befo ...)
	NOT-FOR-US: shortcode functionality of the GistPress plugin for WordPress
CVE-2020-8497 (In Artica Pandora FMS through 7.42, an unauthenticated attacker can re ...)
	NOT-FOR-US: Artica Pandora FMS
CVE-2020-8496 (In Kronos Web Time and Attendance (webTA) 4.1.x and later 4.x versions ...)
	NOT-FOR-US: Kronos Web Time and Attendance (webTA)
CVE-2020-8495 (In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions ...)
	NOT-FOR-US: Kronos Web Time and Attendance (webTA)
CVE-2020-8494 (In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions ...)
	NOT-FOR-US: Kronos Web Time and Attendance (webTA)
CVE-2020-8493 (A stored XSS vulnerability in Kronos Web Time and Attendance (webTA) a ...)
	NOT-FOR-US: Kronos Web Time and Attendance (webTA)
CVE-2020-8492 (Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7  ...)
	{DLA-2280-1}
	- python3.8 3.8.3~rc1-1
	- python3.7 <removed>
	[buster] - python3.7 3.7.3-2+deb10u2
	- python3.5 <removed>
	- python3.4 <removed>
	[jessie] - python3.4 <postponed> (Minor issue)
	- python2.7 2.7.18-2 (low; bug #970099)
	[buster] - python2.7 <no-dsa> (Minor issue)
	[stretch] - python2.7 <ignored> (Too destructive to backport. Though the patch is partly ready. https://salsa.debian.org/lts-team/packages/python2.7/-/blob/master/debian/patches/CVE-2020-8492.patch)
	[jessie] - python2.7 <no-dsa> (Minor issue)
	NOTE: https://bugs.python.org/issue39503
	NOTE: https://github.com/python/cpython/pull/18284
	NOTE: https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html
	NOTE: https://github.com/python/cpython/commit/0b297d4ff1c0e4480ad33acae793fbaf4bf015b4 (master)
	NOTE: https://github.com/python/cpython/commit/ea9e240aa02372440be8024acb110371f69c9d41 (3.8-branch)
	NOTE: https://github.com/python/cpython/commit/b57a73694e26e8b2391731b5ee0b1be59437388e (3.7-branch)
	NOTE: https://github.com/python/cpython/commit/69cdeeb93e0830004a495ed854022425b93b3f3e (3.6-branch)
CVE-2020-8491
	RESERVED
CVE-2020-8490
	RESERVED
CVE-2020-8489 (Insufficient protection of the inter-process communication functions i ...)
	NOT-FOR-US: ABB
CVE-2020-8488 (Insufficient protection of the inter-process communication functions i ...)
	NOT-FOR-US: ABB
CVE-2020-8487 (Insufficient protection of the inter-process communication functions i ...)
	NOT-FOR-US: ABB
CVE-2020-8486 (Insufficient protection of the inter-process communication functions i ...)
	NOT-FOR-US: ABB
CVE-2020-8485 (Insufficient protection of the inter-process communication functions i ...)
	NOT-FOR-US: ABB
CVE-2020-8484 (Insufficient protection of the inter-process communication functions i ...)
	NOT-FOR-US: ABB
CVE-2020-8483
	RESERVED
CVE-2020-8482 (Insecure storage of sensitive information in ABB Device Library Wizard ...)
	NOT-FOR-US: ABB
CVE-2020-8481 (For ABB products ABB Ability&#8482; System 800xA and related system ex ...)
	NOT-FOR-US: ABB
CVE-2020-8480
	RESERVED
CVE-2020-8479 (For the Central Licensing Server component used in ABB products ABB Ab ...)
	NOT-FOR-US: ABB
CVE-2020-8478 (Insufficient protection of the inter-process communication functions i ...)
	NOT-FOR-US: ABB
CVE-2020-8477 (The installations for ABB System 800xA Information Manager versions 5. ...)
	NOT-FOR-US: ABB
CVE-2020-8476 (For the Central Licensing Server component used in ABB products ABB Ab ...)
	NOT-FOR-US: ABB
CVE-2020-8475 (For the Central Licensing Server component used in ABB products ABB Ab ...)
	NOT-FOR-US: ABB
CVE-2020-8474 (Weak Registry permissions in ABB System 800xA Base allow low privilege ...)
	NOT-FOR-US: ABB
CVE-2020-8473 (Insufficient folder permissions used by system functions in ABB System ...)
	NOT-FOR-US: ABB
CVE-2020-8472 (Insufficient folder permissions used by system functions in ABB System ...)
	NOT-FOR-US: ABB
CVE-2020-8471 (For the Central Licensing Server component used in ABB products ABB Ab ...)
	NOT-FOR-US: ABB
CVE-2020-8470 (Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Sec ...)
	NOT-FOR-US: Trend Micro
CVE-2020-8469 (Trend Micro Password Manager for Windows version 5.0 is affected by a  ...)
	NOT-FOR-US: Trend Micro
CVE-2020-8468 (Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Sec ...)
	NOT-FOR-US: Trend Micro
CVE-2020-8467 (A migration tool component of Trend Micro Apex One (2019) and OfficeSc ...)
	NOT-FOR-US: Trend Micro
CVE-2020-8466 (A command injection vulnerability in Trend Micro InterScan Web Securit ...)
	NOT-FOR-US: Trend Micro
CVE-2020-8465 (A vulnerability in Trend Micro InterScan Web Security Virtual Applianc ...)
	NOT-FOR-US: Trend Micro
CVE-2020-8464 (A vulnerability in Trend Micro InterScan Web Security Virtual Applianc ...)
	NOT-FOR-US: Trend Micro
CVE-2020-8463 (A vulnerability in Trend Micro InterScan Web Security Virtual Applianc ...)
	NOT-FOR-US: Trend Micro
CVE-2020-8462 (A cross-site scripting (XSS) vulnerability in Trend Micro InterScan We ...)
	NOT-FOR-US: Trend Micro
CVE-2020-8461 (A CSRF protection bypass vulnerability in Trend Micro InterScan Web Se ...)
	NOT-FOR-US: Trend Micro
CVE-2020-8460
	RESERVED
CVE-2020-8459
	RESERVED
CVE-2020-8458
	RESERVED
CVE-2020-8457
	RESERVED
CVE-2020-8456
	RESERVED
CVE-2020-8455
	RESERVED
CVE-2020-8454
	RESERVED
CVE-2020-8453
	RESERVED
CVE-2020-8452
	RESERVED
CVE-2020-8451
	RESERVED
CVE-2020-8450 (An issue was discovered in Squid before 4.10. Due to incorrect buffer  ...)
	{DSA-4682-1 DLA-2278-1}
	- squid 4.10-1 (bug #950802)
	- squid3 <removed>
	NOTE: http://www.squid-cache.org/Advisories/SQUID-2020_1.txt
	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2020_1.patch (Squid 3.5)
	NOTE: http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_1.patch (Squid 4.8 and older)
	NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-b3a0719affab099c684f1cd62b79ab02816fa962.patch (Squid 4.9)
CVE-2020-8449 (An issue was discovered in Squid before 4.10. Due to incorrect input v ...)
	{DSA-4682-1 DLA-2278-1}
	- squid 4.10-1 (bug #950802)
	- squid3 <removed>
	NOTE: http://www.squid-cache.org/Advisories/SQUID-2020_1.txt
	NOTE: http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2020_1.patch (Squid 3.5)
	NOTE: http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_1.patch (Squid 4.8 and older)
	NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-b3a0719affab099c684f1cd62b79ab02816fa962.patch (Squid 4.9)
CVE-2020-8448 (In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for  ...)
	- ossec-hids <itp> (bug #361954)
CVE-2020-8447 (In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for  ...)
	- ossec-hids <itp> (bug #361954)
CVE-2020-8446 (In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for  ...)
	- ossec-hids <itp> (bug #361954)
CVE-2020-8445 (In OSSEC-HIDS 2.7 through 3.5.0, the OS_CleanMSG function in ossec-ana ...)
	- ossec-hids <itp> (bug #361954)
CVE-2020-8444 (In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for  ...)
	- ossec-hids <itp> (bug #361954)
CVE-2020-8443 (In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for  ...)
	- ossec-hids <itp> (bug #361954)
CVE-2020-8442 (In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for  ...)
	- ossec-hids <itp> (bug #361954)
CVE-2020-8441 (JYaml through 1.3 allows remote code execution during deserialization  ...)
	NOT-FOR-US: JYaml
CVE-2020-8440 (controllers/page_apply.php in Simplejobscript.com SJS through 1.66 is  ...)
	NOT-FOR-US: Simplejobscript.com SJS
CVE-2020-8439 (Monstra CMS through 3.0.4 allows remote authenticated users to take ov ...)
	NOT-FOR-US: Monstra CMS
CVE-2020-8438 (Ruckus ZoneFlex R500 104.0.0.0.1347 devices allow an authenticated att ...)
	NOT-FOR-US: Ruckus devices
CVE-2020-8437 (The bencoding parser in BitTorrent uTorrent through 3.5.5 (build 45505 ...)
	NOT-FOR-US: uTorrent
CVE-2020-8436 (XSS was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPre ...)
	NOT-FOR-US: RegistrationMagic plugin for WordPress
CVE-2020-8435 (An issue was discovered in the RegistrationMagic plugin 4.6.0.0 for Wo ...)
	NOT-FOR-US: RegistrationMagic plugin for WordPress
CVE-2020-8434 (Jenzabar JICS (aka Internet Campus Solution) before 9.0.1 Patch 3, 9.1 ...)
	NOT-FOR-US: Jenzabar JICS (aka Internet Campus Solution)
CVE-2020-8433
	RESERVED
CVE-2020-8432 (In Das U-Boot through 2020.01, a double free has been found in the cmd ...)
	- u-boot 2020.01+dfsg-2 (low)
	[buster] - u-boot <ignored> (Minor issue)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <ignored> (Minor issue)
	NOTE: https://lists.denx.de/pipermail/u-boot/2020-January/396799.html
	NOTE: https://lists.denx.de/pipermail/u-boot/2020-January/396853.html
CVE-2020-8431
	RESERVED
CVE-2020-8430 (Stormshield Network Security 310 3.7.10 devices have an auth/lang.html ...)
	NOT-FOR-US: Stormshield Network Security 310
CVE-2020-8429 (The Admin web application in Kinetica 7.0.9.2.20191118151947 does not  ...)
	NOT-FOR-US: Kinetica
CVE-2020-8427 (In Unitrends Backup before 10.4.1, an HTTP request parameter was not p ...)
	NOT-FOR-US: Kaseya Traverse
CVE-2020-8426 (The Elementor plugin before 2.8.5 for WordPress suffers from a reflect ...)
	NOT-FOR-US: Elementor plugin for WordPress
CVE-2020-8425 (Cups Easy (Purchase &amp; Inventory) 1.0 is vulnerable to CSRF that le ...)
	NOT-FOR-US: Cups Easy (Purchase & Inventory)
CVE-2020-8424 (Cups Easy (Purchase &amp; Inventory) 1.0 is vulnerable to CSRF that le ...)
	NOT-FOR-US: Cups Easy (Purchase & Inventory)
CVE-2020-8423 (A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmwa ...)
	NOT-FOR-US: TP-Link
CVE-2020-8422 (An authorization issue was discovered in the Credential Manager featur ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2020-8421 (An issue was discovered in Joomla! before 3.9.15. Inadequate escaping  ...)
	NOT-FOR-US: Joomla!
CVE-2020-8420 (An issue was discovered in Joomla! before 3.9.15. A missing CSRF token ...)
	NOT-FOR-US: Joomla!
CVE-2020-8419 (An issue was discovered in Joomla! before 3.9.15. Missing token checks ...)
	NOT-FOR-US: Joomla!
CVE-2020-8418
	RESERVED
CVE-2020-8417 (The Code Snippets plugin before 2.14.0 for WordPress allows CSRF becau ...)
	NOT-FOR-US: Code Snippets plugin for WordPress
CVE-2020-8416 (IKTeam BearFTP before 0.2.0 allows remote attackers to achieve denial  ...)
	NOT-FOR-US: BearFTP
CVE-2020-8415
	REJECTED
CVE-2020-8414
	REJECTED
CVE-2020-8413
	REJECTED
CVE-2020-8412
	REJECTED
CVE-2020-8411
	REJECTED
CVE-2020-8410
	REJECTED
CVE-2020-8409
	REJECTED
CVE-2020-8408
	REJECTED
CVE-2020-8407
	REJECTED
CVE-2020-8406
	REJECTED
CVE-2020-8405
	REJECTED
CVE-2020-8404
	REJECTED
CVE-2020-8403
	REJECTED
CVE-2020-8402
	REJECTED
CVE-2020-8401
	REJECTED
CVE-2020-8400
	REJECTED
CVE-2020-8399
	REJECTED
CVE-2020-8398
	REJECTED
CVE-2020-8397
	REJECTED
CVE-2020-8396
	REJECTED
CVE-2020-8395
	REJECTED
CVE-2020-8394
	REJECTED
CVE-2020-8393
	REJECTED
CVE-2020-8392
	REJECTED
CVE-2020-8391
	REJECTED
CVE-2020-8390
	REJECTED
CVE-2020-8389
	REJECTED
CVE-2020-8388
	REJECTED
CVE-2020-8387
	REJECTED
CVE-2020-8386
	REJECTED
CVE-2020-8385
	REJECTED
CVE-2020-8384
	REJECTED
CVE-2020-8383
	REJECTED
CVE-2020-8382
	REJECTED
CVE-2020-8381
	REJECTED
CVE-2020-8380
	REJECTED
CVE-2020-8379
	REJECTED
CVE-2020-8378
	REJECTED
CVE-2020-8377
	REJECTED
CVE-2020-8376
	REJECTED
CVE-2020-8375
	REJECTED
CVE-2020-8374
	REJECTED
CVE-2020-8373
	REJECTED
CVE-2020-8372
	REJECTED
CVE-2020-8371
	REJECTED
CVE-2020-8370
	REJECTED
CVE-2020-8369
	REJECTED
CVE-2020-8368
	REJECTED
CVE-2020-8367
	REJECTED
CVE-2020-8366
	REJECTED
CVE-2020-8365
	REJECTED
CVE-2020-8364
	REJECTED
CVE-2020-8363
	REJECTED
CVE-2020-8362
	REJECTED
CVE-2020-8361
	REJECTED
CVE-2020-8360
	REJECTED
CVE-2020-8359
	REJECTED
CVE-2020-8358
	REJECTED
CVE-2020-8357 (A denial of service vulnerability was reported in Lenovo PCManager, pr ...)
	NOT-FOR-US: Lenovo
CVE-2020-8356 (An internal product security audit of LXCO, prior to version 1.2.2, di ...)
	NOT-FOR-US: Lenovo
CVE-2020-8355 (An internal product security audit of Lenovo XClarity Administrator (L ...)
	NOT-FOR-US: Lenovo
CVE-2020-8354 (A potential vulnerability in the SMI callback function used in the Var ...)
	NOT-FOR-US: Lenovo
CVE-2020-8353 (Prior to August 10, 2020, some Lenovo Desktop and Workstation systems  ...)
	NOT-FOR-US: Lenovo
CVE-2020-8352 (In some Lenovo Desktop models, the Configuration Change Detection BIOS ...)
	NOT-FOR-US: Lenovo
CVE-2020-8351 (A privilege escalation vulnerability was reported in Lenovo PCManager  ...)
	NOT-FOR-US: Lenovo PCManager
CVE-2020-8350 (An authentication bypass vulnerability was reported in Lenovo ThinkPad ...)
	NOT-FOR-US: Lenovo
CVE-2020-8349 (An internal security review has identified an unauthenticated remote c ...)
	NOT-FOR-US: Lenovo
CVE-2020-8348 (A DOM-based cross-site scripting (XSS) vulnerability was reported in L ...)
	NOT-FOR-US: Lenovo
CVE-2020-8347 (A reflective cross-site scripting (XSS) vulnerability was reported in  ...)
	NOT-FOR-US: Lenovo
CVE-2020-8346 (A denial of service vulnerability was reported in the Lenovo Vantage c ...)
	NOT-FOR-US: Lenovo
CVE-2020-8345 (A DLL search path vulnerability was reported in the Lenovo HardwareSca ...)
	NOT-FOR-US: Lenovo
CVE-2020-8344
	REJECTED
CVE-2020-8343
	REJECTED
CVE-2020-8342 (A race condition vulnerability was reported in Lenovo System Update pr ...)
	NOT-FOR-US: Lenovo
CVE-2020-8341 (In Lenovo systems, SMM BIOS Write Protection is used to prevent writes ...)
	NOT-FOR-US: Lenovo
CVE-2020-8340 (A cross-site scripting (XSS) vulnerability was discovered in the legac ...)
	NOT-FOR-US: IBM
CVE-2020-8339 (A cross-site scripting inclusion (XSSI) vulnerability was reported in  ...)
	NOT-FOR-US: IBM
CVE-2020-8338 (A DLL search path vulnerability was reported in Lenovo Diagnostics pri ...)
	NOT-FOR-US: Lenovo
CVE-2020-8337 (An unquoted search path vulnerability was reported in versions prior t ...)
	NOT-FOR-US: Synaptics Smart Audio UWP app
CVE-2020-8336 (Lenovo implemented Intel CSME Anti-rollback ARB protections on some Th ...)
	NOT-FOR-US: Lenovo
CVE-2020-8335 (The BIOS tamper detection mechanism was not triggered in Lenovo ThinkP ...)
	NOT-FOR-US: Lenovo
CVE-2020-8334 (The BIOS tamper detection mechanism was not triggered in Lenovo ThinkP ...)
	NOT-FOR-US: Lenovo
CVE-2020-8333 (A potential vulnerability in the SMI callback function used in the EEP ...)
	NOT-FOR-US: Lenovo
CVE-2020-8332 (A potential vulnerability in the SMI callback function used in the leg ...)
	NOT-FOR-US: Lenovo
CVE-2020-8331
	REJECTED
CVE-2020-8330 (A denial of service vulnerability was reported in the firmware prior t ...)
	NOT-FOR-US: Lenovo
CVE-2020-8329 (A denial of service vulnerability was reported in the firmware prior t ...)
	NOT-FOR-US: Lenovo
CVE-2020-8328
	REJECTED
CVE-2020-8327 (A privilege escalation vulnerability was reported in LenovoBatteryGaug ...)
	NOT-FOR-US: Lenovo
CVE-2020-8326 (An unquoted service path vulnerability was reported in Lenovo Drivers  ...)
	NOT-FOR-US: Lenovo
CVE-2020-8325
	REJECTED
CVE-2020-8324 (A vulnerability was reported in LenovoAppScenarioPluginSystem for Leno ...)
	NOT-FOR-US: Lenovo
CVE-2020-8323 (A potential vulnerability in the SMI callback function used in the Leg ...)
	NOT-FOR-US: Lenovo
CVE-2020-8322 (A potential vulnerability in the SMI callback function used in the Leg ...)
	NOT-FOR-US: Lenovo
CVE-2020-8321 (A potential vulnerability in the SMI callback function used in the Sys ...)
	NOT-FOR-US: Lenovo
CVE-2020-8320 (An internal shell was included in BIOS image in some ThinkPad models t ...)
	NOT-FOR-US: Lenovo
CVE-2020-8319 (A privilege escalation vulnerability was reported in Lenovo System Int ...)
	NOT-FOR-US: Lenovo
CVE-2020-8318 (A privilege escalation vulnerability was reported in the LenovoSystemU ...)
	NOT-FOR-US: Lenovo
CVE-2020-8317 (A DLL search path vulnerability was reported in Lenovo Drivers Managem ...)
	NOT-FOR-US: Lenovo
CVE-2020-8316 (A vulnerability was reported in Lenovo Vantage prior to version 10.200 ...)
	NOT-FOR-US: Lenovo
CVE-2020-8428 (fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky u ...)
	{DSA-4698-1 DSA-4667-1 DLA-2242-1}
	- linux 5.4.19-1
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: Fixed by: https://git.kernel.org/linus/d0cb50185ae942b03c4327be322055d622dc79f6
CVE-2020-8315 (In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 thr ...)
	- python3.8 <not-affected> (Windows-specific)
	- python3.7 <not-affected> (Windows-specific)
	NOTE: https://bugs.python.org/issue39401
CVE-2020-8314
	RESERVED
CVE-2020-8313
	RESERVED
CVE-2020-8312
	RESERVED
CVE-2020-8311
	RESERVED
CVE-2020-8310
	RESERVED
CVE-2020-8309
	RESERVED
CVE-2020-8308
	RESERVED
CVE-2020-8307
	RESERVED
CVE-2020-8306
	RESERVED
CVE-2020-8305
	RESERVED
CVE-2020-8304
	RESERVED
CVE-2020-8303
	RESERVED
CVE-2020-8302
	RESERVED
CVE-2020-8301
	RESERVED
CVE-2020-8300 (Citrix ADC and Citrix/NetScaler Gateway before 13.0-82.41, 12.1-62.23, ...)
	NOT-FOR-US: Citrix
CVE-2020-8299 (Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-6 ...)
	NOT-FOR-US: Citrix
CVE-2020-8298 (fs-path node module before 0.0.25 is vulnerable to command injection b ...)
	NOT-FOR-US: Node fs-path
CVE-2020-8297 (Nextcloud Deck before 1.0.2 suffers from an insecure direct object ref ...)
	NOT-FOR-US: Nextcloud Deck
CVE-2020-8296 (Nextcloud Server prior to 20.0.0 stores passwords in a recoverable for ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8295 (A wrong check in Nextcloud Server 19 and prior allowed to perform a de ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8294 (A missing link validation in Nextcloud Server before 20.0.2, 19.0.5, 1 ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8293 (A missing input validation in Nextcloud Server before 20.0.2, 19.0.5,  ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8292 (Rocket.Chat server before 3.9.0 is vulnerable to a self cross-site scr ...)
	NOT-FOR-US: Rocket.Chat
CVE-2020-8291 (A link preview rendering issue in Rocket.Chat versions before 3.9 coul ...)
	NOT-FOR-US: Rocket.Chat
CVE-2020-8290 (Backblaze for Windows and Backblaze for macOS before 7.0.0.439 suffer  ...)
	NOT-FOR-US: Backblaze
CVE-2020-8289 (Backblaze for Windows before 7.0.1.433 and Backblaze for macOS before  ...)
	NOT-FOR-US: Backblaze
CVE-2020-8288 (The `specializedRendering` function in Rocket.Chat server before 3.9.2 ...)
	NOT-FOR-US: Rocket.Chat
CVE-2020-8287 (Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two co ...)
	{DSA-4826-1}
	- nodejs 12.20.1~dfsg-1 (bug #979364)
	[stretch] - nodejs <ignored> (Nodejs in stretch not covered by security support)
	NOTE: https://nodejs.org/en/blog/release/v10.23.1/
	NOTE: https://github.com/nodejs/node/commit/fc70ce08f5818a286fb5899a1bc3aff5965a745e (v10.23.1)
CVE-2020-8286 (curl 7.41.0 through 7.73.0 is vulnerable to an improper check for cert ...)
	{DSA-4881-1 DLA-2500-1}
	- curl 7.74.0-1 (bug #977161)
	NOTE: https://curl.se/docs/CVE-2020-8286.html
	NOTE: https://github.com/curl/curl/commit/d9d01672785b8ac04aab1abb6de95fe3072ae199 (curl-7_74_0)
CVE-2020-8285 (curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recu ...)
	{DSA-4881-1 DLA-2500-1}
	- curl 7.74.0-1 (bug #977162)
	NOTE: https://curl.se/docs/CVE-2020-8285.html
	NOTE: https://github.com/curl/curl/issues/6255
	NOTE: https://github.com/curl/curl/commit/69a358f2186e04cf44698b5100332cbf1ee7f01d (curl-7_74_0)
CVE-2020-8284 (A malicious server can use the FTP PASV response to trick curl 7.73.0  ...)
	{DSA-4881-1 DLA-2500-1}
	- curl 7.74.0-1 (bug #977163)
	NOTE: https://curl.se/docs/CVE-2020-8284.html
	NOTE: https://github.com/curl/curl/commit/ec9cc725d598ac77de7b6df8afeec292b3c8ad46 (curl-7_74_0)
CVE-2020-8283 (An authorised user on a Windows host running Citrix Universal Print Se ...)
	NOT-FOR-US: Citrix
CVE-2020-8282 (A security issue was found in EdgePower 24V/54V firmware v1.7.0 and ea ...)
	NOT-FOR-US: EdgePower 24V/54V firmware
CVE-2020-8281 (A missing file type check in Nextcloud Contacts 3.3.0 allows a malicio ...)
	NOT-FOR-US: Nextcloud Contacts
CVE-2020-8280 (A missing file type check in Nextcloud Contacts 3.4.0 allows a malicio ...)
	NOT-FOR-US: Nextcloud Contacts
CVE-2020-8279 (Missing validation of server certificates for out-going connections in ...)
	NOT-FOR-US: Nextcloud Social app
CVE-2020-8278 (Improper access control in Nextcloud Social app version 0.3.1 allowed  ...)
	NOT-FOR-US: Nextcloud Social app
CVE-2020-8277 (A Node.js application that allows an attacker to trigger a DNS request ...)
	- c-ares 1.17.1-1
	[buster] - c-ares <not-affected> (Introduced in 1.16)
	[stretch] - c-ares <not-affected> (Introduced in 1.16)
	NOTE: Originally reported for nodes, which bundles c-ares: https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/#denial-of-service-through-dns-request-cve-2020-8277
	NOTE: Fix in c-ares: https://github.com/c-ares/c-ares/commit/0d252eb3b2147179296a3bdb4ef97883c97c54d3
	NOTE: Introduced in https://github.com/c-ares/c-ares/commit/7d3591ee8a1a63e7748e68e6d880bd1763a32885
CVE-2020-8276 (The implementation of Brave Desktop's privacy-preserving analytics sys ...)
	- brave-browser <itp> (bug #864795)
CVE-2020-8275 (Citrix Secure Mail for Android before 20.11.0 suffers from improper ac ...)
	NOT-FOR-US: Citrix
CVE-2020-8274 (Citrix Secure Mail for Android before 20.11.0 suffers from Improper Co ...)
	NOT-FOR-US: Citrix
CVE-2020-8273 (Privilege escalation of an authenticated user to root in Citrix SD-WAN ...)
	NOT-FOR-US: Citrix SD-WAN center
CVE-2020-8272 (Authentication Bypass resulting in exposure of SD-WAN functionality in ...)
	NOT-FOR-US: Citrix SD-WAN Center
CVE-2020-8271 (Unauthenticated remote code execution with root privileges in Citrix S ...)
	NOT-FOR-US: Citrix SD-WAN Center
CVE-2020-8270 (An unprivileged Windows user on the VDA or an SMB user can perform arb ...)
	NOT-FOR-US: Citrix
CVE-2020-8269 (An unprivileged Windows user on the VDA can perform arbitrary command  ...)
	NOT-FOR-US: Citrix
CVE-2020-8268 (Prototype pollution vulnerability in json8-merge-patch npm package &lt ...)
	NOT-FOR-US: Node json8-merge-patch
CVE-2020-8267 (A security issue was found in UniFi Protect controller v1.14.10 and ea ...)
	NOT-FOR-US: UniFi Protect controller
CVE-2020-8266
	RESERVED
CVE-2020-8265 (Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerab ...)
	{DSA-4826-1}
	- nodejs 12.20.1~dfsg-1 (bug #979364)
	[stretch] - nodejs <ignored> (Nodejs in stretch not covered by security support)
	NOTE: https://nodejs.org/en/blog/release/v10.23.1/
	NOTE: https://github.com/nodejs/node/commit/7f178663ebffc82c9f8a5a1b6bf2da0c263a30ed (v10.23.1)
CVE-2020-8264 (In actionpack gem &gt;= 6.0.0, a possible XSS vulnerability exists whe ...)
	- rails 2:6.0.3.4+dfsg-1 (bug #971988)
	[buster] - rails <not-affected> (Vulnerable code not present)
	[stretch] - rails <not-affected> (Vulnerable code not present)
	NOTE: https://groups.google.com/g/rubyonrails-security/c/yQzUVfv42jk/m/oJWw-xhNAQAJ
CVE-2020-8263 (A vulnerability in the authenticated user web interface of Pulse Conne ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2020-8262 (A vulnerability in the Pulse Connect Secure / Pulse Policy Secure belo ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure / Pulse Policy Secure
CVE-2020-8261 (A vulnerability in the Pulse Connect Secure / Pulse Policy Secure &lt; ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure / Pulse Policy Secure
CVE-2020-8260 (A vulnerability in the Pulse Connect Secure &lt; 9.1R9 admin web inter ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2020-8259 (Insufficient protection of the server-side encryption keys in Nextclou ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8258 (Improper privilege management on services run by Citrix Gateway Plug-i ...)
	NOT-FOR-US: Citrix
CVE-2020-8257 (Improper privilege management on services run by Citrix Gateway Plug-i ...)
	NOT-FOR-US: Citrix
CVE-2020-8256 (A vulnerability in the Pulse Connect Secure &lt; 9.1R8.2 admin web int ...)
	NOT-FOR-US: Pulse Connect Secure
CVE-2020-8255 (A vulnerability in the Pulse Connect Secure &lt; 9.1R9 admin web inter ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2020-8254 (A vulnerability in the Pulse Secure Desktop Client &lt; 9.1R9 has Remo ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure Desktop Client
CVE-2020-8253 (Improper authentication in Citrix XenMobile Server 10.12 before RP2, C ...)
	NOT-FOR-US: Citrix
CVE-2020-8252 (The implementation of realpath in libuv &lt; 10.22.1, &lt; 12.18.4, an ...)
	- libuv1 1.39.0-1 (unimportant)
	[stretch] - libuv1 <not-affected> (Vulnerable code introduced later)
	NOTE: https://hackerone.com/reports/965914
	NOTE: https://nodejs.org/en/blog/vulnerability/september-2020-security-releases/#fs-realpath-native-on-may-cause-buffer-overflow-medium-cve-2020-8252
	NOTE: Debian's version of nodejs uses the shared system library of libuv1 instead
	NOTE: of the bundled one.
	NOTE: https://github.com/libuv/libuv/issues/2965
	NOTE: Introduced by: https://github.com/libuv/libuv/commit/b56d279b172fbe78dee2fb1d29cae9c9c5c6d1c4 (v1.24.0)
	NOTE: Fixed by: https://github.com/libuv/libuv/commit/0e6e8620496dff0eb285589ef1e37a7f407f3ddd (v1.39.0)
	NOTE: Broken path in uv__fs_realpath() only taken when libuv1 build in
	NOTE: pre-POSIX.2008 mode (defined(_POSIX_VERSION) && _POSIX_VERSION < 200809L).
CVE-2020-8251 (Node.js &lt; 14.11.0 is vulnerable to HTTP denial of service (DoS) att ...)
	- nodejs <not-affected> (Only affects 14.x series)
	NOTE: https://nodejs.org/en/blog/vulnerability/september-2020-security-releases/#denial-of-service-by-resource-exhaustion-cwe-400-due-to-unfinished-http-1-1-requests-critical-cve-2020-8251
CVE-2020-8250 (A vulnerability in the Pulse Secure Desktop Client (Linux) &lt; 9.1R9  ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure Desktop Client
CVE-2020-8249 (A vulnerability in the Pulse Secure Desktop Client (Linux) &lt; 9.1R9  ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure Desktop Client
CVE-2020-8248 (A vulnerability in the Pulse Secure Desktop Client (Linux) &lt; 9.1R9  ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure Desktop Client
CVE-2020-8247 (Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and N ...)
	NOT-FOR-US: Citrix
CVE-2020-8246 (Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and N ...)
	NOT-FOR-US: Citrix
CVE-2020-8245 (Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before ...)
	NOT-FOR-US: Citrix
CVE-2020-8244 (A buffer over-read vulnerability exists in bl &lt;4.0.3, &lt;3.0.1, &l ...)
	{DLA-2698-1}
	- node-bl 4.0.3-1 (bug #969309)
	[buster] - node-bl 1.1.2-1+deb10u1
	NOTE: https://hackerone.com/reports/966347
	NOTE: https://github.com/rvagg/bl/commit/d3e240e3b8ba4048d3c76ef5fb9dd1f8872d3190
CVE-2020-8243 (A vulnerability in the Pulse Connect Secure &lt; 9.1R8.2 admin web int ...)
	NOT-FOR-US: Pulse Connect Secure
CVE-2020-8242 (Unsanitized user input in ExpressionEngine &lt;= 5.4.0 control panel m ...)
	NOT-FOR-US: ExpressionEngine
CVE-2020-8241 (A vulnerability in the Pulse Secure Desktop Client &lt; 9.1R9 could al ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure Desktop Client
CVE-2020-8240 (A vulnerability in the Pulse Secure Desktop Client &lt; 9.1R9 allows a ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure Desktop Client
CVE-2020-8239 (A vulnerability in the Pulse Secure Desktop Client &lt; 9.1R9 is vulne ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure Desktop Client
CVE-2020-8238 (A vulnerability in the authenticated user web interface of Pulse Conne ...)
	NOT-FOR-US: Pulse Connect Secure
CVE-2020-8237 (Prototype pollution in json-bigint npm package &lt; 1.0.0 may lead to  ...)
	NOT-FOR-US: Node json-bigint
CVE-2020-8236 (A wrong configuration in Nextcloud Server 19.0.1 incorrectly made the  ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8235 (Missing access control in Nextcloud Deck 1.0.4 caused an insecure dire ...)
	NOT-FOR-US: Nextcloud Deck
CVE-2020-8234 (A vulnerability exists in The EdgeMax EdgeSwitch firmware &lt;v1.9.1 w ...)
	NOT-FOR-US: EdgeMax EdgeSwitch firmware
CVE-2020-8233 (A command injection vulnerability exists in EdgeSwitch firmware &lt;v1 ...)
	NOT-FOR-US: Edgeswitch
CVE-2020-8232 (An information disclosure vulnerability exists in EdgeMax EdgeSwitch f ...)
	NOT-FOR-US: Edgeswitch
CVE-2020-8231 (Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can us ...)
	{DSA-4881-1 DLA-2382-1}
	- curl 7.72.0-1 (bug #968831)
	NOTE: https://curl.haxx.se/docs/CVE-2020-8231.html
	NOTE: https://github.com/curl/curl/pull/5824
	NOTE: https://github.com/curl/curl/commit/3c9e021f86872baae412a427e807fbfa2f3e8
CVE-2020-8230 (A memory corruption vulnerability exists in NextCloud Desktop Client v ...)
	- nextcloud-desktop <not-affected> (Windows-specific)
CVE-2020-8229 (A memory leak in the OCUtil.dll library used by Nextcloud Desktop Clie ...)
	- nextcloud-desktop <not-affected> (Windows-specific)
	NOTE: https://nextcloud.com/security/advisory/?id=NC-SA-2020-034
	NOTE: Windows-specific code in shell_integration/windows/OCUtil
	NOTE: https://hackerone.com/reports/588562
CVE-2020-8228 (A missing rate limit in the Preferred Providers app 1.7.0 allowed an a ...)
	NOT-FOR-US: Preferred Providers app
CVE-2020-8227 (Missing sanitization of a server response in Nextcloud Desktop Client  ...)
	- nextcloud-desktop 3.0.1-1
	[buster] - nextcloud-desktop <no-dsa> (Minor issue)
	NOTE: https://nextcloud.com/security/advisory/?id=NC-SA-2020-032
	NOTE: https://hackerone.com/reports/685552
CVE-2020-8226 (A vulnerability exists in phpBB &lt;v3.2.10 and &lt;v3.3.1 which allow ...)
	NOT-FOR-US: phpBB
CVE-2020-8225 (A cleartext storage of sensitive information in Nextcloud Desktop Clie ...)
	- nextcloud-desktop 3.0.1-1
	[buster] - nextcloud-desktop <no-dsa> (Minor issue)
	NOTE: https://nextcloud.com/security/advisory/?id=NC-SA-2020-031
CVE-2020-8224 (A code injection in Nextcloud Desktop Client 2.6.4 allowed to load arb ...)
	- nextcloud-desktop <not-affected> (Windows-specific)
	NOTE: https://nextcloud.com/security/advisory/?id=NC-SA-2020-030
	NOTE: https://hackerone.com/reports/622170
CVE-2020-8223 (A logic error in Nextcloud Server 19.0.0 caused a privilege escalation ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8222 (A path traversal vulnerability exists in Pulse Connect Secure &lt;9.1R ...)
	NOT-FOR-US: Pulse
CVE-2020-8221 (A path traversal vulnerability exists in Pulse Connect Secure &lt;9.1R ...)
	NOT-FOR-US: Pulse
CVE-2020-8220 (A denial of service vulnerability exists in Pulse Connect Secure &lt;9 ...)
	NOT-FOR-US: Pulse
CVE-2020-8219 (An insufficient permission check vulnerability exists in Pulse Connect ...)
	NOT-FOR-US: Pulse
CVE-2020-8218 (A code injection vulnerability exists in Pulse Connect Secure &lt;9.1R ...)
	NOT-FOR-US: Pulse
CVE-2020-8217 (A cross site scripting (XSS) vulnerability in Pulse Connect Secure &lt ...)
	NOT-FOR-US: Pulse
CVE-2020-8216 (An information disclosure vulnerability in meeting of Pulse Connect Se ...)
	NOT-FOR-US: Pulse
CVE-2020-8215 (A buffer overflow is present in canvas version &lt;= 1.6.9, which coul ...)
	NOT-FOR-US: Node canvas
CVE-2020-8214 (A path traversal vulnerability in servey version &lt; 3 allows an atta ...)
	NOT-FOR-US: servey
CVE-2020-8213 (An information exposure vulnerability exists in UniFi Protect before v ...)
	NOT-FOR-US: UniFi Protect
CVE-2020-8212 (Improper access control in Citrix XenMobile Server 10.12 before RP3, C ...)
	NOT-FOR-US: Citrix
CVE-2020-8211 (Improper input validation in Citrix XenMobile Server 10.12 before RP3, ...)
	NOT-FOR-US: Citrix
CVE-2020-8210 (Insufficient protection of secrets in Citrix XenMobile Server 10.12 be ...)
	NOT-FOR-US: Citrix
CVE-2020-8209 (Improper access control in Citrix XenMobile Server 10.12 before RP2, C ...)
	NOT-FOR-US: Citrix
CVE-2020-8208 (Improper input validation in Citrix XenMobile Server 10.12 before RP1, ...)
	NOT-FOR-US: Citrix
CVE-2020-8207 (Improper access control in Citrix Workspace app for Windows 1912 CU1 a ...)
	NOT-FOR-US: Citrix
CVE-2020-8206 (An improper authentication vulnerability exists in Pulse Connect Secur ...)
	NOT-FOR-US: Pulse
CVE-2020-8205 (The uppy npm package &lt; 1.13.2 and &lt; 2.0.0-alpha.5 is vulnerable  ...)
	NOT-FOR-US: Node uppy
CVE-2020-8204 (A cross site scripting (XSS) vulnerability exists in Pulse Connect Sec ...)
	NOT-FOR-US: Pulse
CVE-2020-8203 (Prototype pollution attack when using _.zipObjectDeep in lodash before ...)
	- node-lodash 4.17.19+dfsg-1 (bug #965283)
	[buster] - node-lodash <no-dsa> (Minor issue; can be fixed via point release)
	[stretch] - node-lodash <end-of-life> (Nodejs in stretch not covered by security support)
	NOTE: https://hackerone.com/reports/712065
CVE-2020-8202 (Improper check of inputs in Nextcloud Preferred Providers app v1.6.0 a ...)
	NOT-FOR-US: Nextcloud Preferred Providers app
CVE-2020-8201 (Node.js &lt; 12.18.4 and &lt; 14.11 can be exploited to perform HTTP d ...)
	- nodejs 12.18.4~dfsg-1
	[buster] - nodejs <not-affected> (Only affects 12.x and later)
	[stretch] - nodejs <not-affected> (Only affects 12.x and later)
	NOTE: https://nodejs.org/en/blog/vulnerability/september-2020-security-releases/#http-request-smuggling-due-to-cr-to-hyphen-conversion-high-cve-2020-8201
CVE-2020-8200 (Improper authentication in Citrix StoreFront Server &lt; 1912.0.1000 a ...)
	NOT-FOR-US: Citrix
CVE-2020-8199 (Improper access control in Citrix ADC Gateway Linux client versions be ...)
	NOT-FOR-US: Citrix
CVE-2020-8198 (Improper input validation in Citrix ADC and Citrix Gateway versions be ...)
	NOT-FOR-US: Citrix
CVE-2020-8197 (Privilege escalation vulnerability on Citrix ADC and Citrix Gateway ve ...)
	NOT-FOR-US: Citrix
CVE-2020-8196 (Improper access control in Citrix ADC and Citrix Gateway versions befo ...)
	NOT-FOR-US: Citrix
CVE-2020-8195 (Improper input validation in Citrix ADC and Citrix Gateway versions be ...)
	NOT-FOR-US: Citrix
CVE-2020-8194 (Reflected code injection in Citrix ADC and Citrix Gateway versions bef ...)
	NOT-FOR-US: Citrix
CVE-2020-8193 (Improper access control in Citrix ADC and Citrix Gateway versions befo ...)
	NOT-FOR-US: Citrix
CVE-2020-8192 (A denial of service vulnerability exists in Fastify v2.14.1 and v3.0.0 ...)
	NOT-FOR-US: Node fastify
CVE-2020-8191 (Improper input validation in Citrix ADC and Citrix Gateway versions be ...)
	NOT-FOR-US: Citrix
CVE-2020-8190 (Incorrect file permissions in Citrix ADC and Citrix Gateway before ver ...)
	NOT-FOR-US: Citrix
CVE-2020-8189 (A cross-site scripting error in Nextcloud Desktop client 2.6.4 allowed ...)
	- nextcloud-desktop 3.0.1-1
	[buster] - nextcloud-desktop <no-dsa> (Minor issue)
	NOTE: https://nextcloud.com/security/advisory/?id=NC-SA-2020-027
CVE-2020-8188 (We have recently released new version of UniFi Protect firmware v1.13. ...)
	NOT-FOR-US: UniFi Protect
CVE-2020-8187 (Improper input validation in Citrix ADC and Citrix Gateway versions be ...)
	NOT-FOR-US: Citrix
CVE-2020-8186 (A command injection vulnerability in the `devcert` module may lead to  ...)
	NOT-FOR-US: Node devcert
CVE-2020-8185 (A denial of service vulnerability exists in Rails &lt;6.0.3.2 that all ...)
	[experimental] - rails 6.0.3.2+dfsg-1 (bug #964081)
	- rails <not-affected> (Introduced in rails 6.x)
	NOTE: https://groups.google.com/g/rubyonrails-security/c/pAe9EV8gbM0
CVE-2020-8184 (A reliance on cookies without validation/integrity check security vuln ...)
	{DLA-2275-1}
	- ruby-rack 2.1.1-6 (bug #963477)
	[buster] - ruby-rack <no-dsa> (Minor issue)
	NOTE: https://hackerone.com/reports/895727
	NOTE: Fixed by: https://github.com/rack/rack/commit/1f5763de6a9fe515ff84992b343d63c88104654c
CVE-2020-8183 (A logic error in Nextcloud Server 19.0.0 caused a plaintext storage of ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8182 (Improper access control in Nextcloud Deck 0.8.0 allowed an attacker to ...)
	NOT-FOR-US: Nextcloud Deck
CVE-2020-8181 (A missing file type check in Nextcloud Contacts 3.2.0 allowed a malici ...)
	NOT-FOR-US: Nextcloud Contacts
CVE-2020-8180 (A too lax check in Nextcloud Talk 6.0.4, 7.0.2 and 8.0.7 allowed a cod ...)
	NOT-FOR-US: Nextcloud Talk
CVE-2020-8179 (Improper access control in Nextcloud Deck 1.0.0 allowed an attacker to ...)
	NOT-FOR-US: Nextcloud Deck
CVE-2020-8178 (Insufficient input validation in npm package `jison` &lt;= 0.4.18 may  ...)
	- node-jison <not-affected> (Vulnerable code not included in Debian source)
	NOTE: https://hackerone.com/reports/690010
	NOTE: ports/ is stripped/excluded in the src:node-jison source package.
CVE-2020-8177 (curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of na ...)
	{DSA-4881-1 DLA-2295-1}
	- curl 7.72.0-1 (bug #965281)
	NOTE: https://curl.haxx.se/docs/CVE-2020-8177.html
	NOTE: https://github.com/curl/curl/commit/8236aba58542c5f89f1d41ca09d84579efb05e22 (7.71.0)
CVE-2020-8176 (A cross-site scripting vulnerability exists in koa-shopify-auth v3.1.6 ...)
	NOT-FOR-US: koa-shopify-auth
CVE-2020-8175 (Uncontrolled resource consumption in `jpeg-js` before 0.4.0 may allow  ...)
	NOT-FOR-US: Node jimp
CVE-2020-8174 (napi_get_value_string_*() allows various kinds of memory corruption in ...)
	{DSA-4696-1}
	- nodejs 10.21.0~dfsg-1 (bug #962145)
	[stretch] - nodejs <ignored> (Nodejs in stretch not covered by security support)
	[jessie] - nodejs <end-of-life> (Nodejs in jessie not covered by security support)
	NOTE: https://nodejs.org/en/blog/vulnerability/june-2020-security-releases/#napi_get_value_string_-allows-various-kinds-of-memory-corruption-high-cve-2020-8174
CVE-2020-8173 (A too small set of random characters being used for encryption in Next ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8172 (TLS session reuse can lead to host certificate verification bypass in  ...)
	- nodejs <not-affected> (Only affects 12.x and later)
	NOTE: https://nodejs.org/en/blog/vulnerability/june-2020-security-releases/#tls-session-reuse-can-lead-to-host-certificate-verification-bypass-high-cve-2020-8172
CVE-2020-8171 (We have recently released new version of AirMax AirOS firmware v6.3.0  ...)
	NOT-FOR-US: AirMax AirOS
CVE-2020-8170 (We have recently released new version of AirMax AirOS firmware v6.3.0  ...)
	NOT-FOR-US: AirMax AirOS
CVE-2020-8169 (curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure  ...)
	{DSA-4881-1}
	- curl 7.72.0-1 (bug #965280)
	[stretch] - curl <not-affected> (Vulnerable code introduced later)
	[jessie] - curl <not-affected> (Vulnerable code introduced later)
	NOTE: https://curl.haxx.se/docs/CVE-2020-8169.html
	NOTE: https://github.com/curl/curl/commit/600a8cded447cd7118ed50142c576567c0cf5158 (7.71.0)
CVE-2020-8168 (We have recently released new version of AirMax AirOS firmware v6.3.0  ...)
	NOT-FOR-US: AirMax AirOS
CVE-2020-8167 (A CSRF vulnerability exists in rails &lt;= 6.0.3 rails-ujs module that ...)
	{DSA-4766-1}
	- rails 2:5.2.4.3+dfsg-1
	[stretch] - rails <not-affected> (Vulnerable code introduced later)
	[jessie] - rails <not-affected> (Vulnerable code introduced later)
	NOTE: https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released
	NOTE: https://github.com/rails/rails/commit/fbc7bec074b5ef9ae22f79ca5d9bafec7b276dd3 (5.2)
CVE-2020-8166 (A CSRF forgery vulnerability exists in rails &lt; 5.2.5, rails &lt; 6. ...)
	{DSA-4766-1}
	- rails 2:5.2.4.3+dfsg-1
	[stretch] - rails <not-affected> (Vulnerable code introduced later)
	[jessie] - rails <not-affected> (Vulnerable code introduced later)
	NOTE: https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released
	NOTE: https://github.com/rails/rails/commit/d124f19287f4892c72ca54da728a781591c6fca1 (5.2)
	NOTE: per-form CSRF token introduced in 5.x: https://github.com/rails/rails/commit/3e98819e20bc113343d4d4c0df614865ad5a9d3a
CVE-2020-8165 (A deserialization of untrusted data vulnernerability exists in rails & ...)
	{DSA-4766-1 DLA-2282-1 DLA-2251-1}
	- rails 2:5.2.4.3+dfsg-1
	NOTE: https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released
	NOTE: https://github.com/rails/rails/commit/f7e077f85e61fc0b7381963eda0ceb0e457546b5 (MemCache backend) (5.2)
	NOTE: https://github.com/rails/rails/commit/467e3399c9007996c03ffe3212689d48dd25ae99 (Redis backend) (5.2)
	NOTE: Redis backend introduced in 5.2: https://github.com/rails/rails/commit/9f8ec3535247ac41a9c92e84ddc7a3b771bc318b
CVE-2020-8164 (A deserialization of untrusted data vulnerability exists in rails &lt; ...)
	{DSA-4766-1 DLA-2282-1 DLA-2251-1}
	[experimental] - rails 2:6.0.3.1+dfsg-1
	- rails 2:5.2.4.3+dfsg-1
	NOTE: https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released
	NOTE: https://github.com/rails/rails/commit/7a3ee4fea90b7555f8d09c6c05c15fe7ab5a06ec (5.2)
CVE-2020-8163 (The is a code injection vulnerability in versions of Rails prior to 5. ...)
	{DLA-2282-1}
	- rails 2:5.2.0+dfsg-2
	NOTE: https://weblog.rubyonrails.org/2020/5/15/Rails-4-2-11-2-has-been-released/
	NOTE: https://weblog.rubyonrails.org/2020/5/16/rails-4-2-11-3-has-been-released/
	NOTE: https://groups.google.com/forum/#!topic/rubyonrails-security/hWuKcHyoKh0
	NOTE: https://github.com/rails/rails/commit/4c46a15e0a7815ca9e4cd7c7fda042eb8c1b7724 (4.2.11.2)
	NOTE: Follow-up needed due to breaking change: https://github.com/rails/rails/issues/39301
	NOTE: https://github.com/rails/rails/commit/1f3db0ad793441a0c00e85d56228fc80aafbe6c1 (4.2.11.3)
	NOTE: Follow-up #2:
	NOTE: https://github.com/rails/rails/commit/0ecaaf76d1b79cf2717cdac754e55b4114ad6599 (4-2-stable)
	NOTE: For rails 5.0 the issue is fixed in >= 5.0.1
CVE-2020-8162 (A client side enforcement of server side security vulnerability exists ...)
	{DSA-4766-1}
	- rails 2:5.2.4.3+dfsg-1
	[stretch] - rails <not-affected> (Vulnerable code introduced later)
	[jessie] - rails <not-affected> (Vulnerable code introduced later)
	NOTE: https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released
	NOTE: https://github.com/rails/rails/commit/e8df5648515a0e8324d3b3c4bdb7bde6802cd8be (5.2)
CVE-2020-8161 (A directory traversal vulnerability exists in rack &lt; 2.2.0 that all ...)
	{DLA-2275-1 DLA-2216-1}
	- ruby-rack 2.1.1-5
	[buster] - ruby-rack <no-dsa> (Minor issue; can be fixed via point release)
	NOTE: https://groups.google.com/forum/#!msg/rubyonrails-security/IOO1vNZTzPA/Ylzi1UYLAAAJ
	NOTE: Fixed by: https://github.com/rack/rack/commit/dddb7ad18ed79ca6ab06ccc417a169fde451246e
	NOTE: Required followup: https://github.com/rack/rack/commit/e7ba1b0557d3ad97af1ef113bbeb5f27417983fa
	NOTE: Test: https://github.com/rack/rack/commit/775c836bdd25b63340399fea739532d746860a94
CVE-2020-8160 (MendixSSO &lt;= 2.1.1 contains endpoints that make use of the openid h ...)
	NOT-FOR-US: MendixSSO
CVE-2020-8159 (There is a vulnerability in actionpack_page-caching gem &lt; v1.2.1 th ...)
	{DLA-2719-1}
	- ruby-actionpack-page-caching 1.2.2-1 (bug #960680)
	[buster] - ruby-actionpack-page-caching <no-dsa> (Minor issue)
	NOTE: https://groups.google.com/forum/#!topic/rubyonrails-security/CFRVkEytdP8
	NOTE: https://github.com/rails/actionpack-page_caching/commit/127da70a559bed4fc573fdb4a6d498a7d5815ce2 (v1.2.1)
	NOTE: https://github.com/rails/actionpack-page_caching/commit/bf4aab113f90a0c5182009709d5115a1d5772608 (v1.2.2)
CVE-2020-8158 (Prototype pollution vulnerability in the TypeORM package &lt; 0.2.25 m ...)
	NOT-FOR-US: TypeORM
CVE-2020-8157 (UniFi Cloud Key firmware &lt;= v1.1.10 for Cloud Key gen2 and Cloud Ke ...)
	NOT-FOR-US: UniFi Cloud Key
CVE-2020-8156 (A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed ...)
	NOT-FOR-US: Nextcloud Mail
CVE-2020-8155 (An outdated 3rd party library in the Files PDF viewer for Nextcloud Se ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8154 (An Insecure direct object reference vulnerability in Nextcloud Server  ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8153 (Improper access control in Groupfolders app 4.0.3 allowed to delete hi ...)
	NOT-FOR-US: Nextcloud Groupfolders app
CVE-2020-8152 (Insufficient protection of the server-side encryption keys in Nextclou ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8151 (There is a possible information disclosure issue in Active Resource &l ...)
	- rails <not-affected> (Vulnerable code splitted out upstream before initial upload to Debian)
	NOTE: ActiveResource was extracted to a separate gem in starting in the 4.0 rails
	NOTE: release as it was not widely used.
CVE-2020-8150 (A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker t ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8149 (Lack of output sanitization allowed an attack to execute arbitrary she ...)
	NOT-FOR-US: Node logkitty
CVE-2020-8148 (UniFi Cloud Key firmware &lt; 1.1.6 contains a vulnerability that enab ...)
	NOT-FOR-US: UniFi Cloud Key firmware
CVE-2020-8147 (Flaw in input validation in npm package utils-extend version 1.0.8 and ...)
	NOT-FOR-US: Node utils-extend
CVE-2020-8146 (In UniFi Video v3.10.1 (for Windows 7/8/10 x64) there is a Local Privi ...)
	NOT-FOR-US: UniFi
CVE-2020-8145 (The UniFi Video Server (Windows) web interface configuration restore f ...)
	NOT-FOR-US: UniFi
CVE-2020-8144 (The UniFi Video Server v3.9.3 and prior (for Windows 7/8/10 x64) web i ...)
	NOT-FOR-US: UniFi
CVE-2020-8143 (An Open Redirect vulnerability was discovered in Revive Adserver versi ...)
	NOT-FOR-US: Revive Adserver
CVE-2020-8142 (A security restriction bypass vulnerability has been discovered in Rev ...)
	NOT-FOR-US: Revive Adserver
CVE-2020-8141 (The dot package v1.1.2 uses Function() to compile templates. This can  ...)
	- node-dot 1.1.3+ds-1
	[buster] - node-dot 1.1.1-1+deb10u1
	NOTE: https://hackerone.com/reports/390929
CVE-2020-8140 (A code injection in Nextcloud Desktop Client 2.6.2 for macOS allowed t ...)
	- nextcloud-desktop <not-affected> (MacOS-specific)
CVE-2020-8139 (A missing access control check in Nextcloud Server &lt; 18.0.1, &lt; 1 ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8138 (A missing check for IPv4 nested inside IPv6 in Nextcloud server &lt; 1 ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8137 (Code injection vulnerability in blamer 1.0.0 and earlier may result in ...)
	NOT-FOR-US: Node blamer
CVE-2020-8136 (Prototype pollution vulnerability in fastify-multipart &lt; 1.0.5 allo ...)
	NOT-FOR-US: Node fastify-multipart
CVE-2020-8135 (The uppy npm package &lt; 1.9.3 is vulnerable to a Server-Side Request ...)
	NOT-FOR-US: Node uppy
CVE-2020-8134 (Server-side request forgery (SSRF) vulnerability in Ghost CMS &lt; 3.1 ...)
	NOT-FOR-US: Ghost CMS
CVE-2020-8133 (A wrong generation of the passphrase for the encrypted block in Nextcl ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8132 (Lack of input validation in pdf-image npm package version &lt;= 2.0.0  ...)
	NOT-FOR-US: Node pdf-image package
CVE-2020-8131 (Arbitrary filesystem write vulnerability in Yarn before 1.22.0 allows  ...)
	- node-yarnpkg 1.22.4-2 (bug #952912)
	[buster] - node-yarnpkg <no-dsa> (Minor issue)
	NOTE: https://hackerone.com/reports/730239
	NOTE: https://github.com/yarnpkg/yarn/pull/7831
CVE-2020-8130 (There is an OS command injection vulnerability in Ruby Rake &lt; 12.3. ...)
	{DLA-2120-1}
	- rake 12.3.3-1
	[buster] - rake 12.3.1-3+deb10u1
	[stretch] - rake 10.5.0-2+deb9u1
	NOTE: https://hackerone.com/reports/651518
	NOTE: Fixed by: https://github.com/ruby/rake/commit/5b8f8fc41a5d7d7d6a5d767e48464c60884d3aee (v12.3.3)
CVE-2020-8129 (An unintended require vulnerability in script-manager npm package vers ...)
	NOT-FOR-US: script-manager nodejs module
CVE-2020-8128 (An unintended require and server-side request forgery vulnerabilities  ...)
	NOT-FOR-US: jsreport
CVE-2020-8127 (Insufficient validation in cross-origin communication (postMessage) in ...)
	NOT-FOR-US: reveal.js
CVE-2020-8126 (A privilege escalation in the EdgeSwitch prior to version 1.7.1, an CG ...)
	NOT-FOR-US: Ubiquiti Networks EdgeSwitch
CVE-2020-8125 (Flaw in input validation in npm package klona version 1.1.0 and earlie ...)
	NOT-FOR-US: klona node module
CVE-2020-8124 (Insufficient validation and sanitization of user input exists in url-p ...)
	- node-url-parse 1.4.7-1
	[buster] - node-url-parse 1.2.0-2+deb10u1
	[stretch] - node-url-parse <ignored> (Nodejs in stretch not covered by security support)
	NOTE: https://github.com/unshiftio/url-parse/commit/3ecd256f127c3ada36a84d9b8dd3ebd14316274b
	NOTE: https://hackerone.com/reports/496293
CVE-2020-8123 (A denial of service exists in strapi v3.0.0-beta.18.3 and earlier that ...)
	NOT-FOR-US: strapi
CVE-2020-8122 (A missing check in Nextcloud Server 14.0.3 could give recipient the po ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8121 (A bug in Nextcloud Server 14.0.4 could expose more data in reshared li ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8120 (A reflected Cross-Site Scripting vulnerability in Nextcloud Server 16. ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8119 (Improper authorization in Nextcloud server 17.0.0 causes leaking of pr ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8118 (An authenticated server-side request forgery in Nextcloud server 16.0. ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8117 (Improper preservation of permissions in Nextcloud Server 14.0.3 causes ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2020-8116 (Prototype pollution vulnerability in dot-prop npm package versions bef ...)
	- node-dot-prop 5.2.0-1
	[buster] - node-dot-prop 4.1.1-1+deb10u1
	NOTE: https://hackerone.com/reports/719856
	NOTE: https://github.com/sindresorhus/dot-prop/commit/3039c8c07f6fdaa8b595ec869ae0895686a7a0f2
CVE-2020-8115 (A reflected XSS vulnerability has been discovered in the publicly acce ...)
	NOT-FOR-US: Revive Adserver
CVE-2020-8114 (GitLab EE 8.9 and later through 12.7.2 has Insecure Permission ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
CVE-2020-8113 (GitLab 10.7 and later through 12.7.2 has Incorrect Access Control. ...)
	[experimental] - gitlab 12.6.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
CVE-2020-8112 (opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through ...)
	{DSA-4882-1 DLA-2277-1 DLA-2089-1}
	- openjpeg2 2.4.0-1 (bug #950184)
	NOTE: https://github.com/uclouvain/openjpeg/issues/1231
	NOTE: https://github.com/rouault/openjpeg/commit/05f9b91e60debda0e83977e5e63b2e66486f7074 (v2.4.0)
CVE-2020-8111
	REJECTED
CVE-2020-8110 (A vulnerability has been discovered in the ceva_emu.cvd module that re ...)
	NOT-FOR-US: Bitdefender
CVE-2020-8109 (A vulnerability has been discovered in the ace.xmd parser that results ...)
	NOT-FOR-US: Bitdefender
CVE-2020-8108 (Improper Authentication vulnerability in Bitdefender Endpoint Security ...)
	NOT-FOR-US: Bitdefender
CVE-2020-8107 (A Process Control vulnerability in ProductAgentUI.exe as used in Bitde ...)
	NOT-FOR-US: Bitdefender
CVE-2020-8106
	REJECTED
CVE-2020-8105 (OS Command Injection vulnerability in the wirelessConnect handler of A ...)
	NOT-FOR-US: Abode iota All-In-One Security Kit
CVE-2020-8104
	RESERVED
CVE-2020-8103 (A vulnerability in the improper handling of symbolic links in Bitdefen ...)
	NOT-FOR-US: Bitdefender Antivirus Free
CVE-2020-8102 (Improper Input Validation vulnerability in the Safepay browser compone ...)
	NOT-FOR-US: Safepay
CVE-2020-8101 (Improper Neutralization of Special Elements used in a Command ('Comman ...)
	NOT-FOR-US: Bitdefender
CVE-2020-8100 (Improper Input Validation vulnerability in the cevakrnl.rv0 module as  ...)
	NOT-FOR-US: Bitdefender
CVE-2020-8099 (A vulnerability in the improper handling of junctions in Bitdefender A ...)
	NOT-FOR-US: Bitdefender Antivirus Free
CVE-2020-8098
	RESERVED
CVE-2020-8097 (An improper authentication vulnerability in Bitdefender Endpoint Secur ...)
	NOT-FOR-US: Bitdefender
CVE-2020-8096 (Untrusted Search Path vulnerability in Bitdefender High-Level Antimalw ...)
	NOT-FOR-US: Bitdefender
CVE-2020-8095 (A vulnerability in the improper handling of junctions before deletion  ...)
	NOT-FOR-US: Bitdefender Total Security
CVE-2020-8094
	RESERVED
CVE-2020-8093 (A vulnerability in the AntivirusforMac binary as used in Bitdefender A ...)
	NOT-FOR-US: Bitdefender Antivirus for Mac
CVE-2020-8092 (A privilege escalation vulnerability in BDLDaemon as used in Bitdefend ...)
	NOT-FOR-US: Bitdefender Antivirus for Mac
CVE-2020-8091 (svg.swf in TYPO3 6.2.0 to 6.2.38 ELTS and 7.0.0 to 7.1.0 could allow a ...)
	NOT-FOR-US: TYPO3
CVE-2020-8090 (The Username field in the Storage Service settings of A1 WLAN Box ADB  ...)
	NOT-FOR-US: A1 WLAN Box ADB VV2220v2 devices
CVE-2020-8089 (Piwigo 2.10.1 is affected by stored XSS via the Group Name Field to th ...)
	- piwigo <removed>
CVE-2020-8088 (panel_login.php in UseBB 1.0.12 allows type juggling for login bypass  ...)
	NOT-FOR-US: UseBB
CVE-2020-8087 (SMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA devices allow remote comma ...)
	NOT-FOR-US: SMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA devices
CVE-2020-8086 (The mod_auth_ldap and mod_auth_ldap2 Community Modules through 2020-01 ...)
	{DSA-4612-1}
	- prosody-modules 0.0~hg20200128.09e7e880e056+dfsg-1
	NOTE: https://hg.prosody.im/prosody-modules/rev/f2b29183ef08
	NOTE: https://prosody.im/security/advisory_20200128/
CVE-2020-8085
	RESERVED
CVE-2020-8084
	RESERVED
CVE-2020-8083
	RESERVED
CVE-2020-8082
	RESERVED
CVE-2020-8081
	RESERVED
CVE-2020-8080
	RESERVED
CVE-2020-8079
	RESERVED
CVE-2020-8078
	RESERVED
CVE-2020-8077
	RESERVED
CVE-2020-8076
	RESERVED
CVE-2020-8075
	RESERVED
CVE-2020-8074
	RESERVED
CVE-2020-8073
	RESERVED
CVE-2020-8072
	RESERVED
CVE-2020-8071
	RESERVED
CVE-2020-8070
	RESERVED
CVE-2020-8069
	RESERVED
CVE-2020-8068
	RESERVED
CVE-2020-8067
	RESERVED
CVE-2020-8066
	RESERVED
CVE-2020-8065
	RESERVED
CVE-2020-8064
	RESERVED
CVE-2020-8063
	RESERVED
CVE-2020-8062
	RESERVED
CVE-2020-8061
	RESERVED
CVE-2020-8060
	RESERVED
CVE-2020-8059
	RESERVED
CVE-2020-8058
	RESERVED
CVE-2020-8057
	RESERVED
CVE-2020-8056
	RESERVED
CVE-2020-8055
	RESERVED
CVE-2020-8054
	RESERVED
CVE-2020-8053
	RESERVED
CVE-2020-8052
	RESERVED
CVE-2020-8051
	RESERVED
CVE-2020-8050
	RESERVED
CVE-2020-8049
	RESERVED
CVE-2020-8048
	RESERVED
CVE-2020-8047
	RESERVED
CVE-2020-8046
	RESERVED
CVE-2020-8045
	RESERVED
CVE-2020-8044
	RESERVED
CVE-2020-8043
	RESERVED
CVE-2020-8042
	RESERVED
CVE-2020-8041
	RESERVED
CVE-2020-8040
	RESERVED
CVE-2020-8039
	RESERVED
CVE-2020-8038
	RESERVED
CVE-2020-8037 (The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a l ...)
	{DLA-2444-1}
	- tcpdump 4.9.3-7 (unimportant; bug #973877)
	[buster] - tcpdump 4.9.3-1~deb10u2
	NOTE: https://github.com/the-tcpdump-group/tcpdump/commit/32027e199368dad9508965aae8cd8de5b6ab5231
CVE-2020-8036 (The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SO ...)
	- tcpdump <not-affected> (Vulnerable code and support for SOME/IP protocol added later)
	NOTE: https://github.com/the-tcpdump-group/tcpdump/commit/e2256b4f2506102be2c6f7976f84f0d607c53d43
CVE-2020-8035 (The image view functionality in Horde Groupware Webmail Edition before ...)
	{DLA-2230-1}
	- php-horde 5.2.23+debian0-1 (bug #963809)
	[buster] - php-horde 5.2.20+debian0-1+deb10u2
	[stretch] - php-horde 5.2.13+debian0-1+deb9u2
	NOTE: https://github.com/horde/base/commit/64127fe3c2b9843c9760218e59dae9731cc56bdf
	NOTE: https://lists.horde.org/archives/announce/2020/001290.html
CVE-2020-8034 (Gollem before 3.0.13, as used in Horde Groupware Webmail Edition 5.2.2 ...)
	{DLA-2229-1}
	- php-horde-gollem 3.0.12-6 (bug #961649)
	[buster] - php-horde-gollem 3.0.12-3+deb10u1
	[stretch] - php-horde-gollem 3.0.10-1+deb9u1
	NOTE: https://lists.horde.org/archives/announce/2020/001289.html
	NOTE: https://github.com/horde/gollem/commit/a73bef1aef27d4cbfc7b939c2a81dea69aabb083
CVE-2020-8033 (Ruckus R500 3.4.2.0.384 devices allow XSS via the index.asp Device Nam ...)
	NOT-FOR-US: Ruckus
CVE-2020-8032 (A Insecure Temporary File vulnerability in the packaging of cyrus-sasl ...)
	- cyrus-sasl2 <not-affected> (openSUSE specific packaging issue)
CVE-2020-8031 (A Improper Neutralization of Input During Web Page Generation ('Cross- ...)
	- open-build-service <unfixed> (bug #983576)
	[stretch] - open-build-service <postponed> (Minor issue, XSS in web app)
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1178880
CVE-2020-8030 (A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform ...)
	NOT-FOR-US: SuSE CaaS
CVE-2020-8029 (A Incorrect Permission Assignment for Critical Resource vulnerability  ...)
	NOT-FOR-US: SuSE CaaS
CVE-2020-8028 (A Improper Access Control vulnerability in the configuration of salt o ...)
	NOT-FOR-US: Salt configuration in SUSE Server Manager
CVE-2020-8027 (A Insecure Temporary File vulnerability in openldap2 of SUSE Linux Ent ...)
	NOT-FOR-US: SAP
CVE-2020-8026 (A Incorrect Default Permissions vulnerability in the packaging of inn  ...)
	- inn2 <not-affected> (inews has correct ownership in Debian)
CVE-2020-8025 (A Incorrect Execution-Assigned Permissions vulnerability in the permis ...)
	NOT-FOR-US: SAP
CVE-2020-8024 (A Incorrect Default Permissions vulnerability in the packaging of hyla ...)
	- hylafax <not-affected> (SuSE-specific packaging issue)
CVE-2020-8023 (A acceptance of Extraneous Untrusted Data With Trusted Data vulnerabil ...)
	NOT-FOR-US: SAP
CVE-2020-8022 (A Incorrect Default Permissions vulnerability in the packaging of tomc ...)
	NOT-FOR-US: SAP
CVE-2020-8021 (a Improper Access Control vulnerability in of Open Build Service allow ...)
	{DLA-2545-1}
	- open-build-service <unfixed> (bug #983576)
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1171649
	NOTE: https://github.com/openSUSE/open-build-service/commit/7323c904f86ba9e04065c23422d06c03647589fb
CVE-2020-8020 (A Improper Neutralization of Input During Web Page Generation vulnerab ...)
	{DLA-2545-1}
	- open-build-service <unfixed> (bug #983576)
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1171439
	NOTE: https://github.com/openSUSE/open-build-service/commit/7cc32c8e2ff7290698e101d9a80a9dc29a5500fb
CVE-2020-8019 (A UNIX Symbolic Link (Symlink) Following vulnerability in the packagin ...)
	NOT-FOR-US: SAP
CVE-2020-8018 (A Incorrect Default Permissions vulnerability in the SLES15-SP1-CHOST- ...)
	NOT-FOR-US: Some SLES images
CVE-2020-8017 (A Race Condition Enabling Link Following vulnerability in the cron job ...)
	NOT-FOR-US: SuSE packaging of TexLive
CVE-2020-8016 (A Race Condition Enabling Link Following vulnerability in the packagin ...)
	NOT-FOR-US: SuSE packaging of TexLive
CVE-2020-8015 (A UNIX Symbolic Link (Symlink) Following vulnerability in the packagin ...)
	NOT-FOR-US: SuSE packaging of TexLive
CVE-2020-8014 (A UNIX Symbolic Link (Symlink) Following vulnerability in the packagin ...)
	- kopanocore <not-affected> (SuSE-specific packaging issue)
CVE-2020-8013 (A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of S ...)
	NOT-FOR-US: chkstat
CVE-2020-8012 (CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9 ...)
	NOT-FOR-US: CA Unified Infrastructure Management (Nimsoft/UIM)
CVE-2020-8011 (CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9 ...)
	NOT-FOR-US: CA Unified Infrastructure Management (Nimsoft/UIM)
CVE-2020-8010 (CA Unified Infrastructure Management (Nimsoft/UIM) 20.1, 20.3.x, and 9 ...)
	NOT-FOR-US: CA Unified Infrastructure Management (Nimsoft/UIM)
CVE-2020-8009 (AVB MOTU devices through 2020-01-22 allow /.. Directory Traversal, as  ...)
	NOT-FOR-US: AVB MOTU devices
CVE-2020-8008
	RESERVED
CVE-2020-8007
	RESERVED
CVE-2020-8006
	RESERVED
CVE-2020-8005
	RESERVED
CVE-2020-8004 (STMicroelectronics STM32F1 devices have Incorrect Access Control. ...)
	NOT-FOR-US: STMicroelectronics STM32F1 devices
CVE-2020-8003 (A double-free vulnerability in vrend_renderer.c in virglrenderer throu ...)
	- virglrenderer 0.8.2-1 (bug #949954)
	[buster] - virglrenderer <no-dsa> (Minor issue)
	NOTE: https://gitlab.freedesktop.org/virgl/virglrenderer/commit/522b610a826f6de58c560cbb38fa8dfc65ae3c42
CVE-2020-8002 (A NULL pointer dereference in vrend_renderer.c in virglrenderer throug ...)
	- virglrenderer 0.8.2-1 (bug #949954)
	[buster] - virglrenderer <no-dsa> (Minor issue)
	NOTE: https://gitlab.freedesktop.org/virgl/virglrenderer/commit/63bcca251f093d83da7e290ab4bbd38ae69089b5
CVE-2020-8001 (The Intellian Aptus application 1.0.2 for Android has a hardcoded pass ...)
	NOT-FOR-US: Intellian Aptus application for Android
CVE-2020-8000 (Intellian Aptus Web 1.24 has a hardcoded password of 12345678 for the  ...)
	NOT-FOR-US: Intellian Aptus Web
CVE-2020-7999 (The Intellian Aptus application 1.0.2 for Android has hardcoded values ...)
	NOT-FOR-US: Intellian Aptus application for Android
CVE-2020-7998 (An arbitrary file upload vulnerability has been discovered in the Supe ...)
	NOT-FOR-US: Super File Explorer app for iOS
CVE-2020-7997 (ASUS WRT-AC66U 3 RT 3.0.0.4.372_67 devices allow XSS via the Client Na ...)
	NOT-FOR-US: ASUS WRT-AC66U 3 RT 3.0.0.4.372_67 devices
CVE-2020-7996 (htdocs/user/passwordforgotten.php in Dolibarr 10.0.6 allows XSS via th ...)
	- dolibarr <removed>
CVE-2020-7995 (The htdocs/index.php?mainmenu=home login page in Dolibarr 10.0.6 allow ...)
	- dolibarr <removed>
CVE-2020-7994 (Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 10.0.6 ...)
	- dolibarr <removed>
CVE-2020-7993 (Prototype 1.6.0.1 allows remote authenticated users to forge ticket cr ...)
	NOT-FOR-US: Prototype node module
CVE-2020-7992
	RESERVED
CVE-2020-7991 (Adive Framework 2.0.8 has admin/config CSRF to change the Administrato ...)
	NOT-FOR-US: Adive Framework
CVE-2020-7990 (Adive Framework 2.0.8 has admin/user/add userName XSS. ...)
	NOT-FOR-US: Adive Framework
CVE-2020-7989 (Adive Framework 2.0.8 has admin/user/add userUsername XSS. ...)
	NOT-FOR-US: Adive Framework
CVE-2020-7988 (An issue was discovered in tools/pass-change/result.php in phpIPAM 1.4 ...)
	NOT-FOR-US: phpIPAM
CVE-2020-7987
	RESERVED
CVE-2020-7986
	RESERVED
CVE-2020-7985
	RESERVED
CVE-2020-7984 (SolarWinds N-central before 12.1 SP1 HF5 and 12.2 before SP1 HF2 allow ...)
	NOT-FOR-US: SolarWinds
CVE-2020-7983 (A CSRF issue in login.asp on Ruckus R500 3.4.2.0.384 devices allows re ...)
	NOT-FOR-US: Ruckus
CVE-2020-7982 (An issue was discovered in OpenWrt 18.06.0 to 18.06.6 and 19.07.0, and ...)
	NOT-FOR-US: OpenWrt
CVE-2020-7981 (sql.rb in Geocoder before 1.6.1 allows Boolean-based SQL injection whe ...)
	- ruby-geocoder 1.5.1-3 (bug #949870)
	NOTE: https://github.com/alexreisner/geocoder/commit/dcdc3d8675411edce3965941a2ca7c441ca48613
CVE-2020-7980 (Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary  ...)
	NOT-FOR-US: Intellian Aptus Web
CVE-2020-7979 (GitLab EE 8.9 and later through 12.7.2 has Insecure Permission ...)
	- gitlab <not-affected> (Only affects Gitlab EE 12.0 and later)
	NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
CVE-2020-7978 (GitLab EE 12.6 and later through 12.7.2 allows Denial of Service. ...)
	- gitlab <not-affected> (Only affects Gitlab EE 12.6 and later)
	NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
CVE-2020-7977 (GitLab EE 8.8 and later through 12.7.2 has Insecure Permissions. ...)
	- gitlab <not-affected> (Only affects Gitlab EE 8.8 and later)
	NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
CVE-2020-7976 (GitLab EE 12.4 and later through 12.7.2 has Incorrect Access Control. ...)
	- gitlab <not-affected> (Only affects Gitlab EE 12.4 and later)
	NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
CVE-2020-7975
	REJECTED
CVE-2020-7974 (GitLab EE 10.1 through 12.7.2 allows Information Disclosure. ...)
	- gitlab <not-affected> (Only affects Gitlab EE 10.1 and later)
	NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
CVE-2020-7973 (GitLab through 12.7.2 allows XSS. ...)
	[experimental] - gitlab 12.6.7-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
CVE-2020-7972 (GitLab EE 12.2 has Insecure Permissions (issue 2 of 2). ...)
	- gitlab <not-affected> (Only affects Gitlab EE 12.0 and later)
	NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
CVE-2020-7971 (GitLab EE 11.0 and later through 12.7.2 allows XSS. ...)
	- gitlab <not-affected> (Only affects Gitlab EE 11.0 and later)
	NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
CVE-2020-7970
	RESERVED
CVE-2020-7969 (GitLab EE 8.0 and later through 12.7.2 allows Information Disclosure. ...)
	- gitlab <not-affected> (Only affects Gitlab EE 8.0 and later)
	NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
CVE-2020-7968 (GitLab EE 8.0 through 12.7.2 has Incorrect Access Control. ...)
	[experimental] - gitlab 12.6.7-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
CVE-2020-7967 (GitLab EE 8.0 through 12.7.2 has Insecure Permissions (issue 1 of 2). ...)
	- gitlab <not-affected> (ONly affects Gitlab EE 12.0 and later)
	NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
CVE-2020-7966 (GitLab EE 11.11 and later through 12.7.2 allows Directory Traversal. ...)
	- gitlab <not-affected> (Only affects Gitlab EE 11.11 and later)
	NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
CVE-2020-7965 (flaskparser.py in Webargs 5.x through 5.5.2 doesn't check that the Con ...)
	NOT-FOR-US: webargs
CVE-2020-7964 (An issue was discovered in Mirumee Saleor 2.x before 2.9.1. Incorrect  ...)
	NOT-FOR-US: Mirumee Saleor
CVE-2020-7963
	RESERVED
CVE-2020-7962 (An issue was discovered in One Identity Password Manager 5.8. An attac ...)
	NOT-FOR-US: One Identity Password Manager
CVE-2020-7961 (Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE  ...)
	NOT-FOR-US: Liferay Portal
CVE-2020-7960
	RESERVED
CVE-2020-7959 (LabVantage LIMS 8.3 does not properly maintain the confidentiality of  ...)
	NOT-FOR-US: LabVantage LIMS
CVE-2020-7958 (An issue was discovered on OnePlus 7 Pro devices before 10.0.3.GM21BA. ...)
	NOT-FOR-US: OnePlus 7 Pro devices
CVE-2020-7957 (The IMAP and LMTP components in Dovecot 2.3.9 before 2.3.9.3 mishandle ...)
	- dovecot <not-affected> (Only affects 2.3.9)
	NOTE: https://www.openwall.com/lists/oss-security/2020/02/12/2
CVE-2020-7956 (HashiCorp Nomad and Nomad Enterprise up to 0.10.2 incorrectly validate ...)
	- nomad 0.10.3+dfsg1-1
	NOTE: https://github.com/hashicorp/nomad/issues/7003
CVE-2020-7955 (HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uni ...)
	- consul 1.7.0+dfsg1-1 (bug #950736)
	[buster] - consul <no-dsa> (Minor issue)
	NOTE: https://github.com/hashicorp/consul/issues/7160
	NOTE: Fixed in 1.6.3.
CVE-2020-7954 (An issue was discovered in OpServices OpMon 9.3.2. Starting from the a ...)
	NOT-FOR-US: OpServices OpMon
CVE-2020-7953 (An issue was discovered in OpServices OpMon 9.3.2. Without authenticat ...)
	NOT-FOR-US: OpServices OpMon
CVE-2020-7952 (rendersystemdx9.dll in Valve Dota 2 before 7.23f allows remote attacke ...)
	NOT-FOR-US: rendersystemdx9.dll in Valve Dota 2
CVE-2020-7951 (meshsystem.dll in Valve Dota 2 before 7.23e allows remote attackers to ...)
	NOT-FOR-US: Dota 2
CVE-2020-7950 (meshsystem.dll in Valve Dota 2 before 7.23f allows remote attackers to ...)
	NOT-FOR-US: Dota 2
CVE-2020-7949 (schemasystem.dll in Valve Dota 2 before 7.23f allows remote attackers  ...)
	NOT-FOR-US: Dota 2
CVE-2020-7948 (An issue was discovered in the Login by Auth0 plugin before 4.0.0 for  ...)
	NOT-FOR-US: Login by Auth0 plugin for WordPress
CVE-2020-7947 (An issue was discovered in the Login by Auth0 plugin before 4.0.0 for  ...)
	NOT-FOR-US: Login by Auth0 plugin for WordPress
CVE-2020-7946
	RESERVED
CVE-2020-7945 (Local registry credentials were included directly in the CD4PE deploym ...)
	NOT-FOR-US: Puppet Enterprise
CVE-2020-7944 (In Continuous Delivery for Puppet Enterprise (CD4PE) before 3.4.0, cha ...)
	NOT-FOR-US: Puppet Enterprise
CVE-2020-7943 (Puppet Server and PuppetDB provide useful performance and debugging in ...)
	- puppet <not-affected> (Doesn't affect Puppet masters (passenger-based) in Debian)
	- puppetdb <unfixed> (low)
	[buster] - puppetdb <no-dsa> (Minor issue)
	NOTE: https://puppet.com/security/cve/CVE-2020-7943/
	NOTE: https://github.com/puppetlabs/puppet_metrics_dashboard/pull/92
CVE-2020-7942 (Previously, Puppet operated on a model that a node with a valid certif ...)
	- puppet <unfixed> (unimportant)
	NOTE: This CVE assignment is for switching the default setting of strict_hostname_checking,
	NOTE: the option is available in older Puppet releases (such as 4.8 from Stretch)
	NOTE: https://puppet.com/security/cve/CVE-2020-7942/
CVE-2020-7941 (A privilege escalation issue in plone.app.contenttypes in Plone 4.3 th ...)
	NOT-FOR-US: Plone
CVE-2020-7940 (Missing password strength checks on some forms in Plone 4.3 through 5. ...)
	NOT-FOR-US: Plone
CVE-2020-7939 (SQL Injection in DTML or in connection objects in Plone 4.0 through 5. ...)
	NOT-FOR-US: Plone
CVE-2020-7938 (plone.restapi in Plone 5.2.0 through 5.2.1 allows users with a certain ...)
	NOT-FOR-US: Plone
CVE-2020-7937 (An XSS issue in the title field in Plone 5.0 through 5.2.1 allows user ...)
	NOT-FOR-US: Plone
CVE-2020-7936 (An open redirect on the login form (and possibly other places) in Plon ...)
	NOT-FOR-US: Plone
CVE-2020-7935 (Artica Pandora FMS through 7.42 is vulnerable to remote PHP code execu ...)
	NOT-FOR-US: Artica Pandora FMS
CVE-2020-7934 (In LifeRay Portal CE 7.1.0 through 7.2.1 GA2, the First Name, Middle N ...)
	NOT-FOR-US: LifeRay Portal
CVE-2020-7933
	RESERVED
CVE-2020-7932 (OMERO.web before 5.6.3 optionally allows sensitive data elements (e.g. ...)
	NOT-FOR-US: OMERO
CVE-2020-7931 (In JFrog Artifactory 5.x and 6.x, insecure FreeMarker template process ...)
	NOT-FOR-US: JFrog Artifactory
CVE-2020-7930
	RESERVED
CVE-2020-7929 (A user authorized to perform database queries may trigger denial of se ...)
	- mongodb <removed>
	[stretch] - mongodb <end-of-life> (https://lists.debian.org/debian-lts/2020/11/msg00058.html)
	NOTE: https://jira.mongodb.org/browse/SERVER-51083
CVE-2020-7928 (A user authorized to perform database queries may trigger a read overr ...)
	- mongodb <removed>
	[stretch] - mongodb <not-affected> (Vulnerable code introduced later)
	NOTE: https://jira.mongodb.org/browse/SERVER-49404
	NOTE: https://github.com/mongodb/mongo/commit/e10ce2e779cd17c9ba217c49740cffd2bef72694 (v3.6.20, SSPL)
	NOTE: Introduced by: https://github.com/mongodb/mongo/commit/5b8b1ca6364342d5a1bf21ec6c707edfae0f3555 (v3.5.5)
CVE-2020-7927 (Specially crafted API calls may allow an authenticated user who holds  ...)
	NOT-FOR-US: MongoDB Ops Manager
CVE-2020-7926 (A user authorized to perform database queries may cause denial of serv ...)
	- mongodb <removed>
	[stretch] - mongodb <postponed> (Minor issue, authenticated DoS)
	NOTE: https://jira.mongodb.org/browse/SERVER-50170
	NOTE: https://github.com/mongodb/mongo/commit/859ec65c84f201e7aa687865633a2fa34e318174 (v4.4.1, SSPL)
CVE-2020-7925 (Incorrect validation of user input in the role name parser may lead to ...)
	- mongodb <removed>
	[stretch] - mongodb <not-affected> (Vulnerable code introduced later)
	NOTE: https://jira.mongodb.org/browse/SERVER-49142
	NOTE: https://github.com/mongodb/mongo/commit/8fbd1af03310704de68c22163900636f58f7eba8 (v3.6.19)
	NOTE: Introduced by: https://github.com/mongodb/mongo/commit/3ca76fd569c94de72c4daf6eef27fbf9bf51233b (v3.6.18)
CVE-2020-7924 (Usage of specific command line parameter in MongoDB Tools which was or ...)
	- mongo-tools <unfixed> (bug #988021)
	[buster] - mongo-tools <no-dsa> (Minor issue)
	[stretch] - mongo-tools <no-dsa> (Minor issue)
	NOTE: https://jira.mongodb.org/browse/TOOLS-2587
CVE-2020-7923 (A user authorized to perform database queries may cause denial of serv ...)
	{DLA-2344-1}
	- mongodb <removed>
	NOTE: https://jira.mongodb.org/browse/SERVER-47773
CVE-2020-7922 (X.509 certificates generated by the MongoDB Enterprise Kubernetes Oper ...)
	NOT-FOR-US: MongoDB Enterprise
CVE-2020-7921 (Improper serialization of internal state in the authorization subsyste ...)
	- mongodb <removed>
	[stretch] - mongodb <no-dsa> (Minor issue)
	[jessie] - mongodb <no-dsa> (Minor issue)
	NOTE: https://jira.mongodb.org/browse/SERVER-45472
CVE-2020-7920 (pmm-server in Percona Monitoring and Management (PMM) 2.2.x before 2.2 ...)
	NOT-FOR-US: Percona Monitoring and Management (PMM)
CVE-2020-7919 (Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte  ...)
	{DSA-4848-1}
	- golang-1.14 1.14~rc1-1
	- golang-1.13 1.13.7-1
	- golang-1.11 <removed>
	- golang-1.8 <removed>
	[stretch] - golang-1.8 <not-affected> (cryptobyte stuff introduced in golang-1.10)
	- golang-1.7 <removed>
	[stretch] - golang-1.7 <not-affected> (cryptobyte stuff introduced in golang-1.10)
	- golang <removed>
	NOTE: https://github.com/golang/go/issues/36837
	NOTE: https://github.com/golang/go/commit/b13ce14c4a6aa59b7b041ad2b6eed2d23e15b574 (master)
	NOTE: https://github.com/golang/go/issues/36838 (Go 1.13)
	NOTE: https://github.com/golang/go/commit/f938e06d0623d0e1de202575d16f1e126741f6e0 (go1.13.7)
CVE-2020-7918 (An insecure direct object reference in webmail in totemo totemomail 7. ...)
	NOT-FOR-US: totemo totemomail
CVE-2020-7917
	RESERVED
CVE-2020-7916 (be_teacher in class-lp-admin-ajax.php in the LearnPress plugin 3.2.6.5 ...)
	NOT-FOR-US: LearnPress plugin for WordPress
CVE-2020-7915 (An issue was discovered on Eaton 5P 850 devices. The Ubicacion SAI fie ...)
	NOT-FOR-US: Eaton devices
CVE-2020-7914 (In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfigur ...)
	- intellij-idea <itp> (bug #747616)
CVE-2020-7913 (JetBrains YouTrack 2019.2 before 2019.2.59309 was vulnerable to XSS vi ...)
	NOT-FOR-US: JetBrains
CVE-2020-7912 (In JetBrains YouTrack before 2019.2.59309, SMTP/Jabber settings could  ...)
	NOT-FOR-US: JetBrains
CVE-2020-7911 (In JetBrains TeamCity before 2019.2, several user-level pages were vul ...)
	NOT-FOR-US: JetBrains
CVE-2020-7910 (JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack ...)
	NOT-FOR-US: JetBrains
CVE-2020-7909 (In JetBrains TeamCity before 2019.1.5, some server-stored passwords co ...)
	NOT-FOR-US: JetBrains
CVE-2020-7908 (In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible ...)
	NOT-FOR-US: JetBrains
CVE-2020-7907 (In the JetBrains Scala plugin before 2019.2.1, some artefact dependenc ...)
	NOT-FOR-US: JetBrains Scala plugin
CVE-2020-7906 (In JetBrains Rider versions 2019.3 EAP2 through 2019.3 EAP7, there wer ...)
	NOT-FOR-US: JetBrains
CVE-2020-7905 (Ports listened to by JetBrains IntelliJ IDEA before 2019.3 were expose ...)
	- intellij-idea <itp> (bug #747616)
CVE-2020-7904 (In JetBrains IntelliJ IDEA before 2019.3, some Maven repositories were ...)
	- intellij-idea <itp> (bug #747616)
CVE-2020-7903
	RESERVED
CVE-2020-7902
	RESERVED
CVE-2020-7901
	RESERVED
CVE-2020-7900
	RESERVED
CVE-2020-7899
	RESERVED
CVE-2020-7898
	RESERVED
CVE-2020-7897
	RESERVED
CVE-2020-7896
	RESERVED
CVE-2020-7895
	RESERVED
CVE-2020-7894
	RESERVED
CVE-2020-7893
	RESERVED
CVE-2020-7892
	RESERVED
CVE-2020-7891
	RESERVED
CVE-2020-7890
	RESERVED
CVE-2020-7889
	RESERVED
CVE-2020-7888
	RESERVED
CVE-2020-7887
	RESERVED
CVE-2020-7886
	RESERVED
CVE-2020-7885
	RESERVED
CVE-2020-7884
	RESERVED
CVE-2020-7883 (Printchaser v2.2021.804.1 and earlier versions contain a vulnerability ...)
	NOT-FOR-US: Printchaser
CVE-2020-7882 (Using the parameter of getPFXFolderList function, attackers can see th ...)
	NOT-FOR-US: anySign
CVE-2020-7881 (The vulnerability function is enabled when the streamer service relate ...)
	NOT-FOR-US: AfreecaTV
CVE-2020-7880 (The vulnerabilty was discovered in ActiveX module related to NeoRS rem ...)
	NOT-FOR-US: duozone NeoRS remote support
CVE-2020-7879 (This issue was discovered when the ipTIME C200 IP Camera was synchroni ...)
	NOT-FOR-US: ipTIME C200 IP Camera
CVE-2020-7878 (An arbitrary file download and execution vulnerability was found in th ...)
	NOT-FOR-US: VideoOffice
CVE-2020-7877 (A buffer overflow issue was discovered in ZOOK solution(remote adminis ...)
	NOT-FOR-US: ZOOK
CVE-2020-7876
	RESERVED
CVE-2020-7875 (DEXT5 Upload 5.0.0.117 and earlier versions contain a vulnerability, w ...)
	NOT-FOR-US: DEXT5 Upload
CVE-2020-7874 (Download of code without integrity check vulnerability in NEXACRO14 Ru ...)
	NOT-FOR-US: NEXACRO14 Runtime ActiveX control of tobesoft
CVE-2020-7873 (Download of code without integrity check vulnerability in ActiveX cont ...)
	NOT-FOR-US: Younglimwon
CVE-2020-7872 (DaviewIndy v8.98.7.0 and earlier versions have a Integer overflow vuln ...)
	NOT-FOR-US: DaviewIndy
CVE-2020-7871 (A vulnerability of Helpcom could allow an unauthenticated attacker to  ...)
	NOT-FOR-US: Cnesty Helpcom
CVE-2020-7870 (A memory corruption vulnerability exists when ezPDF improperly handles ...)
	NOT-FOR-US: ezPDF
CVE-2020-7869 (An improper input validation vulnerability of ZOOK software (remote ad ...)
	NOT-FOR-US: ZOOK software
CVE-2020-7868 (A remote code execution vulnerability exists in helpUS(remote administ ...)
	NOT-FOR-US: helpUS(remote administration tool)
CVE-2020-7867 (An improper input validation vulnerability in Helpu solution could all ...)
	NOT-FOR-US: Helpu
CVE-2020-7866 (When using XPLATFORM 9.2.2.270 or earlier versions ActiveX component,  ...)
	NOT-FOR-US: XPLATFORM
CVE-2020-7865 (A vulnerability(improper input validation) in the ExECM CoreB2B soluti ...)
	NOT-FOR-US: ExECM CoreB2B
CVE-2020-7864 (Parameter manipulation can bypass authentication to cause file upload  ...)
	NOT-FOR-US: Raonwiz DEXT5Editor
CVE-2020-7863 (A vulnerability in File Transfer Solution of Raonwiz could allow arbit ...)
	NOT-FOR-US: Raonwiz
CVE-2020-7862 (A vulnerability in agent program of HelpU remote control solution coul ...)
	NOT-FOR-US: HelpU remote control solution
CVE-2020-7861 (AnySupport (Remote support solution) before 2019.3.21.0 allows directo ...)
	NOT-FOR-US: AnySupport
CVE-2020-7860 (UnEGG v0.5 and eariler versions have a Integer overflow vulnerability, ...)
	NOT-FOR-US: UnEgg
CVE-2020-7859
	REJECTED
CVE-2020-7858 (There is a directory traversing vulnerability in the download page url ...)
	NOT-FOR-US: AquaNPlayer
CVE-2020-7857 (A vulnerability of XPlatform could allow an unauthenticated attacker t ...)
	NOT-FOR-US: XPlatform
CVE-2020-7856 (A vulnerability of Helpcom could allow an unauthenticated attacker to  ...)
	NOT-FOR-US: Helpcom
CVE-2020-7855
	RESERVED
CVE-2020-7854
	RESERVED
CVE-2020-7853 (An outbound read/write vulnerability exists in XPLATFORM that does not ...)
	NOT-FOR-US: XPLATFORM
CVE-2020-7852 (DaviewIndy has a Heap-based overflow vulnerability, triggered when the ...)
	NOT-FOR-US: DaviewIndy
CVE-2020-7851 (Innorix Web-Based File Transfer Solution versuibs prior to and includi ...)
	NOT-FOR-US: Innorix
CVE-2020-7850 (NBBDownloader.ocx ActiveX Control in Groupware contains a vulnerabilit ...)
	NOT-FOR-US: NBBDownloader.ocx ActiveX Control in Groupware
CVE-2020-7849 (A vulnerability of uPrism.io CURIX(Video conferecing solution) could a ...)
	NOT-FOR-US: uPrism.io CURIX
CVE-2020-7848 (The EFM ipTIME C200 IP Camera is affected by a Command Injection vulne ...)
	NOT-FOR-US: EFM ipTIME C200 IP Camera
CVE-2020-7847 (The ipTIME NAS product allows an arbitrary file upload vulnerability i ...)
	NOT-FOR-US: ipTIME NAS product
CVE-2020-7846 (Helpcom before v10.0 contains a file download and execution vulnerabil ...)
	NOT-FOR-US: Helpcom
CVE-2020-7845 (Spamsniper 5.0 ~ 5.2.7 contain a stack-based buffer overflow vulnerabi ...)
	NOT-FOR-US: Spamsniper
CVE-2020-7844
	RESERVED
CVE-2020-7843
	RESERVED
CVE-2020-7842 (Improper Input validation vulnerability exists in Netis Korea D'live A ...)
	NOT-FOR-US: Netis Korea D'live AP
CVE-2020-7841 (Improper input validation vulnerability exists in TOBESOFT XPLATFORM w ...)
	NOT-FOR-US: TOBESOFT XPLATFORM
CVE-2020-7840
	RESERVED
CVE-2020-7839 (In MaEPSBroker 2.5.0.31 and prior, a command injection vulnerability c ...)
	NOT-FOR-US: MaEPSBroker
CVE-2020-7838 (A arbitrary code execution vulnerability exists in the way that the St ...)
	NOT-FOR-US: Smilegate STOVE Client
CVE-2020-7837 (An issue was discovered in ML Report Program. There is a stack-based b ...)
	NOT-FOR-US: ML Report Program
CVE-2020-7836 (VOICEYE WSActiveBridgeES versions prior to 2.1.0.3 contains a stack-ba ...)
	NOT-FOR-US: VOICEYE WSActiveBridgeES
CVE-2020-7835
	RESERVED
CVE-2020-7834
	RESERVED
CVE-2020-7833
	RESERVED
CVE-2020-7832 (A vulnerability (improper input validation) in the DEXT5 Upload soluti ...)
	NOT-FOR-US: DEXT5 Upload
CVE-2020-7831 (A vulnerability in the web-based contract management service interface ...)
	NOT-FOR-US: Inogard Ebiz4u
CVE-2020-7830 (RAONWIZ v2018.0.2.50 and earlier versions contains a vulnerability tha ...)
	NOT-FOR-US: RAONWIZ
CVE-2020-7829 (DaviewIndy 8.98.4 and earlier version contain Heap-based overflow vuln ...)
	NOT-FOR-US: DaviewIndy
CVE-2020-7828 (DaviewIndy 8.98.4 and earlier version contain Heap-based overflow vuln ...)
	NOT-FOR-US: DaviewIndy
CVE-2020-7827 (DaviewIndy 8.98.7 and earlier version contain Use-After-Free vulnerabi ...)
	NOT-FOR-US: DaviewIndy
CVE-2020-7826 (EyeSurfer BflyInstallerX.ocx v1.0.0.16 and earlier versions contain a  ...)
	NOT-FOR-US: EyeSurfer BflyInstallerX.ocx
CVE-2020-7825 (A vulnerability exists that could allow the execution of operating sys ...)
	NOT-FOR-US: MiPlatform
CVE-2020-7824 (A vulnerability in the web-based management interface of iPECS could a ...)
	NOT-FOR-US: iPECS
CVE-2020-7823 (DaviewIndy has a Memory corruption vulnerability, triggered when the u ...)
	NOT-FOR-US: DaviewIndy
CVE-2020-7822 (DaviewIndy has a Heap-based overflow vulnerability, triggered when the ...)
	NOT-FOR-US: DaviewIndy
CVE-2020-7821 (Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a  ...)
	NOT-FOR-US: Nexacro14/17 ExtCommonApiV13 Library
CVE-2020-7820 (Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a  ...)
	NOT-FOR-US: Nexacro14/17 ExtCommonApiV13 Library
CVE-2020-7819 (A SQL-Injection vulnerability in the nTracker USB Enterprise(secure US ...)
	NOT-FOR-US: nTracker USB Enterprise
CVE-2020-7818 (DaviewIndy 8.98.9 and earlier has a Heap-based overflow vulnerability, ...)
	NOT-FOR-US: Daview
CVE-2020-7817 (MyBrowserPlus downloads the files needed to run the program through th ...)
	NOT-FOR-US: MyBrowserPlus
CVE-2020-7816 (A vulnerability in the JPEG image parsing module in DaView Indy, DaVa+ ...)
	NOT-FOR-US: DaView
CVE-2020-7815 (XPLATFORM v9.2.260 and eariler versions contain a vulnerability that c ...)
	NOT-FOR-US: XPLATFORM
CVE-2020-7814 (RAONWIZ v2018.0.2.50 and eariler versions contains a vulnerability tha ...)
	NOT-FOR-US: RAONWIZ
CVE-2020-7813 (Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prio ...)
	NOT-FOR-US: Kaoni
CVE-2020-7812 (Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prio ...)
	NOT-FOR-US: Kaoni ezHTTPTrans
CVE-2020-7811 (Samsung Update 3.0.2.0 ~ 3.0.32.0 has a vulnerability that allows priv ...)
	NOT-FOR-US: Samsung
CVE-2020-7810 (hslogin2.dll ActiveX Control in Groupware contains a vulnerability tha ...)
	NOT-FOR-US: hslogin2.dll ActiveX Control in Groupware
CVE-2020-7809 (ALSong 3.46 and earlier version contain a Document Object Model (DOM)  ...)
	NOT-FOR-US: ALSong
CVE-2020-7808 (In RAONWIZ K Upload v2018.0.2.51 and prior, automatic update processin ...)
	NOT-FOR-US: RAONWIZ K Upload
CVE-2020-7807 (A vulnerability that can hijack a DLL file that is loaded during produ ...)
	NOT-FOR-US: LG
CVE-2020-7806 (Tobesoft Xplatform 9.2.2.250 and earlier version have an arbitrary cod ...)
	NOT-FOR-US: Tobesoft Xplatform
CVE-2020-7805 (An issue was discovered on KT Slim egg IML500 (R7283, R8112, R8424) an ...)
	NOT-FOR-US: KT Slim egg IML500 wifi devices
CVE-2020-7804 (ActiveX Control(HShell.dll) in Handy Groupware 1.7.3.1 for Windows 7,  ...)
	NOT-FOR-US: Handy Groupware
CVE-2020-7803 (IMGTech Co,Ltd ZInsX.ocx ActiveX Control in Zoneplayer 2.0.1.3, versio ...)
	NOT-FOR-US: Zoneplayer
CVE-2020-7802 (The Synergy Systems &amp; Solutions (SSS) HUSKY RTU 6049-E70, with fir ...)
	NOT-FOR-US: Synergy Systems & Solutions (SSS)
CVE-2020-7801 (The Synergy Systems &amp; Solutions (SSS) HUSKY RTU 6049-E70, with fir ...)
	NOT-FOR-US: Synergy Systems & Solutions (SSS)
CVE-2020-7800 (The Synergy Systems &amp; Solutions (SSS) HUSKY RTU 6049-E70, with fir ...)
	NOT-FOR-US: Synergy Systems & Solutions (SSS)
CVE-2020-7799 (An issue was discovered in FusionAuth before 1.11.0. An authenticated  ...)
	NOT-FOR-US: FusionAuth
CVE-2020-7798
	RESERVED
CVE-2020-7797
	RESERVED
CVE-2020-7796 (Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 allows SSRF whe ...)
	NOT-FOR-US: Zimbra Collaboration Suite (ZCS)
CVE-2020-7795
	RESERVED
CVE-2020-7794 (This affects all versions of package buns. The injection point is loca ...)
	NOT-FOR-US: Node buns
CVE-2020-7793 (The package ua-parser-js before 0.7.23 are vulnerable to Regular Expre ...)
	- node-ua-parser-js 0.7.23+ds-1
	[buster] - node-ua-parser-js <no-dsa> (Minor issue)
	NOTE: https://snyk.io/vuln/SNYK-JS-UAPARSERJS-1023599
	NOTE: https://github.com/faisalman/ua-parser-js/commit/6d1f26df051ba681463ef109d36c9cf0f7e32b18 (0.7.23)
CVE-2020-7792 (This affects all versions of package mout. The deepFillIn function can ...)
	NOT-FOR-US: Node mout
CVE-2020-7791 (This affects the package i18n before 2.1.15. Vulnerability arises out  ...)
	NOT-FOR-US: i18n module for asp.net
CVE-2020-7790 (This affects the package spatie/browsershot from 0.0.0. By specifying  ...)
	NOT-FOR-US: spatie/browsershot
CVE-2020-7789 (This affects the package node-notifier before 9.0.0. It allows an atta ...)
	NOT-FOR-US: Node node-notifier
CVE-2020-7788 (This affects the package ini before 1.3.6. If an attacker submits a ma ...)
	{DLA-2503-1}
	- node-ini 2.0.0-1 (bug #977718)
	[buster] - node-ini 1.3.5-1+deb10u1
	NOTE: https://snyk.io/vuln/SNYK-JS-INI-1048974
	NOTE: https://github.com/npm/ini/commit/56d2805e07ccd94e2ba0984ac9240ff02d44b6f1 (v1.3.6)
CVE-2020-7787 (This affects all versions of package react-adal. It is possible for a  ...)
	NOT-FOR-US: Node react-adal
CVE-2020-7786 (This affects all versions of package macfromip. The injection point is ...)
	NOT-FOR-US: Node macfromip
CVE-2020-7785 (This affects all versions of package node-ps. The injection point is l ...)
	NOT-FOR-US: Noed node-ps
CVE-2020-7784 (This affects all versions of package ts-process-promises. The injectio ...)
	NOT-FOR-US: Node ts-process-promises
CVE-2020-7783
	RESERVED
CVE-2020-7782 (This affects all versions of package spritesheet-js. It depends on a v ...)
	NOT-FOR-US: Node spritesheet-js
CVE-2020-7781 (This affects the package connection-tester before 0.2.1. The injection ...)
	NOT-FOR-US: Node connection-tester
CVE-2020-7780 (This affects the package com.softwaremill.akka-http-session:core_2.13  ...)
	NOT-FOR-US: om.softwaremill.akka-http-session:core_2.13
CVE-2020-7779 (All versions of package djvalidator are vulnerable to Regular Expressi ...)
	NOT-FOR-US: Node djvalidator
CVE-2020-7778 (This affects the package systeminformation before 4.30.2. The attacker ...)
	NOT-FOR-US: Node systeminformation
CVE-2020-7777 (This affects all versions of package jsen. If an attacker can control  ...)
	NOT-FOR-US: Node jsen
CVE-2020-7776 (This affects the package phpoffice/phpspreadsheet from 0.0.0. The libr ...)
	NOT-FOR-US: phpoffice/phpspreadsheet
CVE-2020-7775 (This affects all versions of package freediskspace. The vulnerability  ...)
	NOT-FOR-US: Node freediskspace
CVE-2020-7774 (This affects the package y18n before 3.2.2, 4.0.1 and 5.0.5. PoC by po ...)
	- node-y18n 4.0.0-3 (bug #976390)
	[buster] - node-y18n 3.2.1-2+deb10u1
	[stretch] - node-y18n <no-dsa> (Minor issue)
	NOTE: https://snyk.io/vuln/SNYK-JS-Y18N-1021887
	NOTE: https://github.com/yargs/y18n/issues/96
	NOTE: https://github.com/yargs/y18n/pull/108
CVE-2020-7773 (This affects the package markdown-it-highlightjs before 3.3.1. It is p ...)
	NOT-FOR-US: Node markdown-it-highlightjs
CVE-2020-7772 (This affects the package doc-path before 2.1.2. ...)
	NOT-FOR-US: Node doc-path
CVE-2020-7771 (The package asciitable.js before 1.0.3 are vulnerable to Prototype Pol ...)
	NOT-FOR-US: Node asciitable.js
CVE-2020-7770 (This affects the package json8 before 1.0.3. The function adds in the  ...)
	NOT-FOR-US: Node json8
CVE-2020-7769 (This affects the package nodemailer before 6.4.16. Use of crafted reci ...)
	- node-nodemailer 6.4.16-1
	NOTE: https://snyk.io/vuln/SNYK-JS-NODEMAILER-1038834
	NOTE: https://github.com/nodemailer/nodemailer/commit/ba31c64c910d884579875c52d57ac45acc47aa54
CVE-2020-7768 (The package grpc before 1.24.4; the package @grpc/grpc-js before 1.1.8 ...)
	NOT-FOR-US: Node grpc
CVE-2020-7767 (All versions of package express-validators are vulnerable to Regular E ...)
	NOT-FOR-US: Node express-validators
CVE-2020-7766 (This affects all versions of package json-ptr. The issue occurs in the ...)
	NOT-FOR-US: Node json-ptr
CVE-2020-7765 (This affects the package @firebase/util before 0.3.4. This vulnerabili ...)
	NOT-FOR-US: Node firebase/util
CVE-2020-7764 (This affects the package find-my-way before 2.2.5, from 3.0.0 and befo ...)
	NOT-FOR-US: Node find-my-way
CVE-2020-7763 (This affects the package phantom-html-to-pdf before 0.6.1. ...)
	NOT-FOR-US: Node phantom-html-to-pdf
CVE-2020-7762 (This affects the package jsreport-chrome-pdf before 1.10.0. ...)
	NOT-FOR-US: Node jsreport-chrome-pdf
CVE-2020-7761 (This affects the package @absolunet/kafe before 3.2.10. It allows caus ...)
	NOT-FOR-US: @absolunet/kafe
CVE-2020-7760 (This affects the package codemirror before 5.58.2; the package org.apa ...)
	{DSA-4789-1}
	- codemirror-js 5.58.2+~cs0.23.101-1
	[stretch] - codemirror-js <not-affected> (Vulnerable code added later)
	NOTE: https://snyk.io/vuln/SNYK-JS-CODEMIRROR-1016937
	NOTE: https://github.com/codemirror/CodeMirror/commit/55d0333907117c9231ffdf555ae8824705993bbb
CVE-2020-7759 (The package pimcore/pimcore from 6.7.2 and before 6.8.3 are vulnerable ...)
	NOT-FOR-US: pimcore
CVE-2020-7758 (This affects versions of package browserless-chrome before 1.40.2-chro ...)
	NOT-FOR-US: Node browserless-chrome
CVE-2020-7757 (This affects all versions of package droppy. It is possible to travers ...)
	NOT-FOR-US: droppy
CVE-2020-7756
	RESERVED
CVE-2020-7755 (All versions of package dat.gui are vulnerable to Regular Expression D ...)
	NOT-FOR-US: dat.GUI
CVE-2020-7754 (This affects the package npm-user-validate before 1.0.1. The regex tha ...)
	NOT-FOR-US: npm-user-validate
CVE-2020-7753 (All versions of package trim are vulnerable to Regular Expression Deni ...)
	NOT-FOR-US: Node trim
CVE-2020-7752 (This affects the package systeminformation before 4.27.11. This packag ...)
	NOT-FOR-US: Node systeminformation
CVE-2020-7751 (pathval before version 1.1.1 is vulnerable to prototype pollution. ...)
	- node-pathval 1.1.0-4 (bug #972895)
	[buster] - node-pathval 1.1.0-3+deb10u1
	NOTE: https://snyk.io/vuln/SNYK-JS-PATHVAL-596926
	NOTE: https://github.com/chaijs/pathval/pull/58
CVE-2020-7750 (This affects the package scratch-svg-renderer before 0.2.0-prerelease. ...)
	NOT-FOR-US: scratch-svg-renderer nodejs module
CVE-2020-7749 (This affects all versions of package osm-static-maps. User input given ...)
	NOT-FOR-US: osm-static-maps nodejs module
CVE-2020-7748 (This affects the package @tsed/core before 5.65.7. This vulnerability  ...)
	NOT-FOR-US: Ts.ED
CVE-2020-7747 (This affects all versions of package lightning-server. It is possible  ...)
	NOT-FOR-US: lightning-server nodejs module
CVE-2020-7746 (This affects the package chart.js before 2.9.4. The options parameter  ...)
	- node-chart.js 2.9.4+dfsg+~cs2.10.1-1
	[buster] - node-chart.js <ignored> (Minor issue; intrusive to backport)
	NOTE: https://snyk.io/vuln/SNYK-JS-CHARTJS-1018716
	NOTE: https://github.com/chartjs/Chart.js/pull/7920
CVE-2020-7745 (This affects the package MintegralAdSDK before 6.6.0.0. The SDK distri ...)
	NOT-FOR-US: MintegralAdSDK
CVE-2020-7744 (This affects all versions of package com.mintegral.msdk:alphab. The An ...)
	NOT-FOR-US: com.mintegral.msdk:alphab
CVE-2020-7743 (The package mathjs before 7.5.1 are vulnerable to Prototype Pollution  ...)
	NOT-FOR-US: Node mathjs
CVE-2020-7742 (This affects the package simpl-schema before 1.10.2. ...)
	NOT-FOR-US: Node simpl-schema
CVE-2020-7741 (This affects the package hellojs before 1.18.6. The code get the param ...)
	NOT-FOR-US: hello.js
CVE-2020-7740 (This affects all versions of package node-pdf-generator. Due to lack o ...)
	NOT-FOR-US: Node pdf-generator
CVE-2020-7739 (This affects all versions of package phantomjs-seo. It is possible for ...)
	NOT-FOR-US: Node phantomjs-seo
CVE-2020-7738 (All versions of package shiba are vulnerable to Arbitrary Code Executi ...)
	NOT-FOR-US: Node shiba
CVE-2020-7737 (All versions of package safetydance are vulnerable to Prototype Pollut ...)
	NOT-FOR-US: Node safetydance
CVE-2020-7736 (The package bmoor before 0.8.12 are vulnerable to Prototype Pollution  ...)
	NOT-FOR-US: Node bmoor
CVE-2020-7735 (The package ng-packagr before 10.1.1 are vulnerable to Command Injecti ...)
	NOT-FOR-US: ng-packagr
CVE-2020-7734 (All versions of package cabot are vulnerable to Cross-site Scripting ( ...)
	NOT-FOR-US: cabot
CVE-2020-7733 (The package ua-parser-js before 0.7.22 are vulnerable to Regular Expre ...)
	- node-ua-parser-js <not-affected> (No affected version present in the archive, introduced after 0.7.14 and fixed in 0.7.22)
	NOTE: https://github.com/faisalman/ua-parser-js/commit/233d3bae22a795153a7e6638887ce159c63e557d
	NOTE: https://snyk.io/vuln/SNYK-JS-UAPARSERJS-610226
CVE-2020-7732
	RESERVED
CVE-2020-7731 (This affects all versions of package github.com/russellhaering/gosaml2 ...)
	- golang-github-russellhaering-gosaml2 <itp> (bug #948190)
	NOTE: https://github.com/russellhaering/gosaml2/issues/59
	NOTE: https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMRUSSELLHAERINGGOSAML2-608302
CVE-2020-7730 (The package bestzip before 2.1.7 are vulnerable to Command Injection v ...)
	NOT-FOR-US: bestzip nodejs module
CVE-2020-7729 (The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execut ...)
	{DLA-2368-1}
	- grunt 1.3.0-1 (bug #969668)
	[buster] - grunt 1.0.1-8+deb10u1
	NOTE: https://github.com/gruntjs/grunt/commit/e350cea1724eb3476464561a380fb6a64e61e4e7
	NOTE: https://snyk.io/vuln/SNYK-JS-GRUNT-597546
CVE-2020-7728
	RESERVED
CVE-2020-7727 (All versions of package gedi are vulnerable to Prototype Pollution via ...)
	NOT-FOR-US: Node gedi
CVE-2020-7726 (All versions of package safe-object2 are vulnerable to Prototype Pollu ...)
	NOT-FOR-US: Node safe-object2
CVE-2020-7725 (All versions of package worksmith are vulnerable to Prototype Pollutio ...)
	NOT-FOR-US: Node worksmith
CVE-2020-7724 (All versions of package tiny-conf are vulnerable to Prototype Pollutio ...)
	NOT-FOR-US: Node tiny-conf
CVE-2020-7723 (All versions of package promisehelpers are vulnerable to Prototype Pol ...)
	NOT-FOR-US: Node promisehelpers
CVE-2020-7722 (All versions of package nodee-utils are vulnerable to Prototype Pollut ...)
	NOT-FOR-US: Node nodee-utils
CVE-2020-7721 (All versions of package node-oojs are vulnerable to Prototype Pollutio ...)
	NOT-FOR-US: Node node-oojs
CVE-2020-7720 (The package node-forge before 0.10.0 is vulnerable to Prototype Pollut ...)
	- node-node-forge 0.10.0~dfsg-1 (bug #969669)
	[buster] - node-node-forge <no-dsa> (Minor issue)
	NOTE: https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677
	NOTE: https://github.com/digitalbazaar/forge/commit/6a1e3ef74f6eb345bcff1b82184201d1e28b6756
CVE-2020-7719 (Versions of package locutus before 2.0.12 are vulnerable to prototype  ...)
	NOT-FOR-US: Node locutus
CVE-2020-7718 (All versions of package gammautils are vulnerable to Prototype Polluti ...)
	NOT-FOR-US: Node gammautils
CVE-2020-7717 (All versions of package dot-notes are vulnerable to Prototype Pollutio ...)
	NOT-FOR-US: Node dot-notes
CVE-2020-7716 (All versions of package deeps are vulnerable to Prototype Pollution vi ...)
	NOT-FOR-US: Node deeps
CVE-2020-7715 (All versions of package deep-get-set are vulnerable to Prototype Pollu ...)
	NOT-FOR-US: Node deep-get-set
CVE-2020-7714 (All versions of package confucious are vulnerable to Prototype Polluti ...)
	NOT-FOR-US: Node confucious
CVE-2020-7713 (All versions of package arr-flatten-unflatten are vulnerable to Protot ...)
	NOT-FOR-US: Node arr-flatten-unflatten
CVE-2020-7712 (This affects the package json before 10.0.0. It is possible to inject  ...)
	NOT-FOR-US: Node json
CVE-2020-7711 (This affects all versions of package github.com/russellhaering/goxmlds ...)
	- golang-github-russellhaering-goxmldsig 1.1.1-1 (bug #968928)
	[bullseye] - golang-github-russellhaering-goxmldsig <no-dsa> (Minor issue)
	[buster] - golang-github-russellhaering-goxmldsig <no-dsa> (Minor issue)
	NOTE: https://github.com/russellhaering/goxmldsig/issues/48
	NOTE: https://github.com/russellhaering/goxmldsig/commit/fb23e0af61c023e3a6dae8ad30dbd0f04d8a4d8f
CVE-2020-7710 (This affects all versions of package safe-eval. It is possible for an  ...)
	NOT-FOR-US: Node safe-eval
CVE-2020-7709 (This affects the package json-pointer before 0.6.1. Multiple reference ...)
	NOT-FOR-US: Node json-pointer
CVE-2020-7708 (The package irrelon-path before 4.7.0; the package @irrelon/path befor ...)
	NOT-FOR-US: Node irrelon-path
CVE-2020-7707 (The package property-expr before 2.0.3 are vulnerable to Prototype Pol ...)
	NOT-FOR-US: Node property-expr
CVE-2020-7706 (The package connie-lang before 0.1.1 are vulnerable to Prototype Pollu ...)
	NOT-FOR-US: Node connie-lang
CVE-2020-7705 (This affects the package MintegralAdSDK from 0.0.0. The SDK distribute ...)
	NOT-FOR-US: MintegralAdSDK
CVE-2020-7704 (The package linux-cmdline before 1.0.1 are vulnerable to Prototype Pol ...)
	NOT-FOR-US: Node linux-cmdline
CVE-2020-7703 (All versions of package nis-utils are vulnerable to Prototype Pollutio ...)
	NOT-FOR-US: Node nis-utils
CVE-2020-7702 (All versions of package templ8 are vulnerable to Prototype Pollution v ...)
	NOT-FOR-US: templ8
CVE-2020-7701 (madlib-object-utils before 0.1.7 is vulnerable to Prototype Pollution  ...)
	NOT-FOR-US: Node madlib-object-utils
CVE-2020-7700 (All versions of phpjs are vulnerable to Prototype Pollution via parse_ ...)
	NOT-FOR-US: phpjs
CVE-2020-7699 (This affects the package express-fileupload before 1.1.8. If the parse ...)
	NOT-FOR-US: express-fileupload
CVE-2020-7698 (This affects the package Gerapy from 0 and before 0.9.3. The input bei ...)
	NOT-FOR-US: Gerapy
CVE-2020-7697 (This affects all versions of package mock2easy. a malicious user could ...)
	NOT-FOR-US: mock2easy nodejs module
CVE-2020-7696 (This affects all versions of package react-native-fast-image. When an  ...)
	NOT-FOR-US: react-native-fast-image nodejs module
CVE-2020-7695 (Uvicorn before 0.11.7 is vulnerable to HTTP response splitting. CRLF s ...)
	- python-uvicorn 0.13.3-1 (bug #969275)
	[buster] - python-uvicorn <no-dsa> (Minor issue)
	NOTE: https://snyk.io/vuln/SNYK-PYTHON-UVICORN-570471
	NOTE: https://github.com/encode/uvicorn/issues/719
CVE-2020-7694 (This affects all versions of package uvicorn. The request logger provi ...)
	- python-uvicorn 0.13.3-1 (bug #969276)
	[buster] - python-uvicorn <no-dsa> (Minor issue)
	NOTE: https://snyk.io/vuln/SNYK-PYTHON-UVICORN-575560
	NOTE: https://github.com/encode/uvicorn/issues/723
CVE-2020-7693 (Incorrect handling of Upgrade header with the value websocket leads in ...)
	- node-socks <itp> (bug #922921)
CVE-2020-7692 (PKCE support is not implemented in accordance with the RFC for OAuth 2 ...)
	- google-oauth-client-java 1.28.0-2 (bug #988944)
	NOTE: https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-575276
	NOTE: https://github.com/googleapis/google-oauth-java-client/issues/469
	NOTE: https://github.com/googleapis/google-oauth-java-client/commit/13433cd7dd06267fc261f0b1d4764f8e3432c824
CVE-2020-7691 (In all versions of the package jspdf, it is possible to use &lt;&lt;sc ...)
	NOT-FOR-US: jspdf
CVE-2020-7690 (All affected versions &lt;2.0.0 of package jspdf are vulnerable to Cro ...)
	NOT-FOR-US: jspdf
CVE-2020-7689 (Data is truncated wrong when its length is greater than 255 bytes. ...)
	NOT-FOR-US: Node bcrypt
CVE-2020-7688 (The issue occurs because tagName user input is formatted inside the ex ...)
	NOT-FOR-US: Node mversion
CVE-2020-7687 (This affects all versions of package fast-http. There is no path sanit ...)
	NOT-FOR-US: Node fast-http
CVE-2020-7686 (This affects all versions of package rollup-plugin-dev-server. There i ...)
	NOT-FOR-US: Node rollup-plugin-dev-server
CVE-2020-7685 (This affects all versions of package UmbracoForms. When using the defa ...)
	NOT-FOR-US: UmbracoForms
CVE-2020-7684 (This affects all versions of package rollup-plugin-serve. There is no  ...)
	NOT-FOR-US: Node rollup-plugin-server
CVE-2020-7683 (This affects all versions of package rollup-plugin-server. There is no ...)
	NOT-FOR-US: Node rollup-plugin-server
CVE-2020-7682 (This affects all versions of package marked-tree. There is no path san ...)
	NOT-FOR-US: Node marked-tree
CVE-2020-7681 (This affects all versions of package marscode. There is no path saniti ...)
	NOT-FOR-US: Node marscode
CVE-2020-7680 (docsify prior to 4.11.4 is susceptible to Cross-site Scripting (XSS).  ...)
	NOT-FOR-US: docsify
CVE-2020-7679 (In all versions of package casperjs, the mergeObjects utility function ...)
	NOT-FOR-US: Node casperjs
CVE-2020-7678
	RESERVED
CVE-2020-7677
	RESERVED
CVE-2020-7676 (angular.js prior to 1.8.0 allows cross site scripting. The regex-based ...)
	- angular.js 1.8.0-1
	[buster] - angular.js <no-dsa> (Minor issue; can be fixed via point release)
	[stretch] - angular.js <ignored> (Nodejs in stretch not covered by security support)
	[jessie] - angular.js <no-dsa> (Minor issue, low usage of 2014-era Nodejs)
	NOTE: https://github.com/angular/angular.js/pull/17028
	NOTE: https://snyk.io/vuln/SNYK-JS-ANGULAR-570058
CVE-2020-7675 (cd-messenger through 2.7.26 is vulnerable to Arbitrary Code Execution. ...)
	NOT-FOR-US: Node cd-messenger
CVE-2020-7674 (access-policy through 3.1.0 is vulnerable to Arbitrary Code Execution. ...)
	NOT-FOR-US: Node access-policy
CVE-2020-7673 (node-extend through 0.2.0 is vulnerable to Arbitrary Code Execution. U ...)
	- node-extend <not-affected> (Vulnerable code not present)
	NOTE: Debian's node-extend is a different package(fork?) which doesn't eval()
CVE-2020-7672 (mosc through 1.0.0 is vulnerable to Arbitrary Code Execution. User inp ...)
	NOT-FOR-US: Node mosc
CVE-2020-7671 (goliath through 1.0.6 allows request smuggling attacks where goliath i ...)
	NOT-FOR-US: Ruby gem goliath
CVE-2020-7670 (agoo prior to 2.14.0 allows request smuggling attacks where agoo is us ...)
	NOT-FOR-US: Ruby gem agoo
CVE-2020-7669 (This affects all versions of package github.com/u-root/u-root/pkg/taru ...)
	NOT-FOR-US: github.com/u-root/u-root/pkg/tarutil Go package
CVE-2020-7668 (In all versions of the package github.com/unknwon/cae/tz, the ExtractT ...)
	- golang-github-unknwon-cae <removed> (bug #967956)
	NOTE: https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMUNKNWONCAETZ-570384
CVE-2020-7667 (In package github.com/sassoftware/go-rpmutils/cpio before version 0.1. ...)
	NOT-FOR-US: github.com/sassoftware/go-rpmutils/cpio go module
CVE-2020-7666 (This affects all versions of package github.com/u-root/u-root/pkg/cpio ...)
	NOT-FOR-US: github.com/u-root/u-root/pkg/cpio Go package
CVE-2020-7665 (This affects all versions of package github.com/u-root/u-root/pkg/uzip ...)
	NOT-FOR-US: github.com/u-root/u-root/pkg/uzip Go package
CVE-2020-7664 (In all versions of the package github.com/unknwon/cae/zip, the Extract ...)
	- golang-github-unknwon-cae <removed> (bug #967955)
	NOTE: https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMUNKNWONCAEZIP-570383
CVE-2020-7663 (websocket-extensions ruby module prior to 0.1.5 allows Denial of Servi ...)
	{DLA-2334-1}
	- ruby-websocket-extensions 0.1.5-1 (bug #964274)
	[buster] - ruby-websocket-extensions 0.1.2-1+deb10u1
	NOTE: https://github.com/faye/websocket-extensions-ruby/security/advisories/GHSA-g6wq-qcwm-j5g2
	NOTE: https://github.com/faye/websocket-extensions-ruby/commit/aa156a439da681361ed6f53f1a8131892418838b
CVE-2020-7662 (websocket-extensions npm module prior to 0.1.4 allows Denial of Servic ...)
	NOT-FOR-US: Node websocket-extensions
CVE-2020-7661 (all versions of url-regex are vulnerable to Regular Expression Denial  ...)
	NOT-FOR-US: Node url-regex
CVE-2020-7660 (serialize-javascript prior to 3.1.0 allows remote attackers to inject  ...)
	NOT-FOR-US: serialize-javascript Node package
CVE-2020-7659 (reel through 0.6.1 allows Request Smuggling attacks due to incorrect C ...)
	- reel <removed>
	[stretch] - reel <end-of-life> (Not supported in Stretch LTS)
	NOTE: https://snyk.io/vuln/SNYK-RUBY-REEL-569135
CVE-2020-7658 (meinheld prior to 1.0.2 is vulnerable to HTTP Request Smuggling. HTTP  ...)
	NOT-FOR-US: meinheld
CVE-2020-7657
	RESERVED
CVE-2020-7656 (jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load ...)
	- jquery 2.2.4+dfsg-1
	[jessie] - jquery <ignored> (Too intrusive to backport)
	NOTE: https://snyk.io/vuln/SNYK-JS-JQUERY-569619
	NOTE: See debian-lts discussion starting at: https://lists.debian.org/debian-lts/2020/06/msg00025.html
CVE-2020-7655 (netius prior to 1.17.58 is vulnerable to HTTP Request Smuggling. HTTP  ...)
	NOT-FOR-US: netius
CVE-2020-7654 (All versions of snyk-broker before 4.73.1 are vulnerable to Informatio ...)
	NOT-FOR-US: snyk-broker
CVE-2020-7653 (All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary  ...)
	NOT-FOR-US: snyk-broker
CVE-2020-7652 (All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary  ...)
	NOT-FOR-US: snyk-broker
CVE-2020-7651 (All versions of snyk-broker before 4.79.0 are vulnerable to Arbitrary  ...)
	NOT-FOR-US: snyk-broker
CVE-2020-7650 (All versions of snyk-broker after 4.72.0 including and before 4.73.1 a ...)
	NOT-FOR-US: snyk-broker
CVE-2020-7649
	RESERVED
CVE-2020-7648 (All versions of snyk-broker before 4.72.2 are vulnerable to Arbitrary  ...)
	NOT-FOR-US: snyk-broker
CVE-2020-7647 (All versions before 1.6.7 and all versions after 2.0.0 inclusive and b ...)
	NOT-FOR-US: jooby
CVE-2020-7646 (curlrequest through 1.0.1 allows reading any file by populating the fi ...)
	NOT-FOR-US: Noed curlrequest
CVE-2020-7645 (All versions of chrome-launcher allow execution of arbitrary commands, ...)
	NOT-FOR-US: Node chrome-launcher
CVE-2020-7644 (fun-map through 3.3.1 is vulnerable to Prototype Pollution. The functi ...)
	NOT-FOR-US: Node fun-map
CVE-2020-7643 (paypal-adaptive through 0.4.2 manipulation of JavaScript objects resul ...)
	NOT-FOR-US: Node paypal-adaptive
CVE-2020-7642 (lazysizes through 5.2.0 allows execution of malicious JavaScript. The  ...)
	NOT-FOR-US: Node lazysizes
CVE-2020-7641
	RESERVED
CVE-2020-7640 (pixl-class prior to 1.0.3 allows execution of arbitrary commands. The  ...)
	NOT-FOR-US: Node pixl-class
CVE-2020-7639 (eivindfjeldstad-dot below 1.0.3 is vulnerable to Prototype Pollution.T ...)
	NOT-FOR-US: Node eivindfjeldstad-dot
CVE-2020-7638 (confinit through 0.3.0 is vulnerable to Prototype Pollution.The 'setDe ...)
	NOT-FOR-US: Node confinit
CVE-2020-7637 (class-transformer before 0.3.1 allow attackers to perform Prototype Po ...)
	NOT-FOR-US: Node class-transformer
CVE-2020-7636 (adb-driver through 0.1.8 is vulnerable to Command Injection.It allows  ...)
	NOT-FOR-US: Node adb-driver
CVE-2020-7635 (compass-compile through 0.0.1 is vulnerable to Command Injection.It al ...)
	NOT-FOR-US: Node compass-compile
CVE-2020-7634 (heroku-addonpool through 0.1.15 is vulnerable to Command Injection. ...)
	NOT-FOR-US: Node heroku-addonpool
CVE-2020-7633 (apiconnect-cli-plugins through 6.0.1 is vulnerable to Command Injectio ...)
	NOT-FOR-US: Node apiconnect-cli-plugins
CVE-2020-7632 (node-mpv through 1.4.3 is vulnerable to Command Injection. It allows e ...)
	NOT-FOR-US: Node node-mpv
CVE-2020-7631 (diskusage-ng through 0.2.4 is vulnerable to Command Injection.It allow ...)
	NOT-FOR-US: Node diskusage-ng
CVE-2020-7630 (git-add-remote through 1.0.0 is vulnerable to Command Injection. It al ...)
	NOT-FOR-US: git-add-remote node module
CVE-2020-7629 (install-package through 0.4.0 is vulnerable to Command Injection. It a ...)
	NOT-FOR-US: install-package node module
CVE-2020-7628 (umount through 1.1.6 is vulnerable to Command Injection. The argument  ...)
	NOT-FOR-US: install-package node module
CVE-2020-7627 (node-key-sender through 1.0.11 is vulnerable to Command Injection. It  ...)
	NOT-FOR-US: node-key-sender node module
CVE-2020-7626 (karma-mojo through 1.0.1 is vulnerable to Command Injection. It allows ...)
	NOT-FOR-US: karma-mojo node module
CVE-2020-7625 (op-browser through 1.0.6 is vulnerable to Command Injection. It allows ...)
	NOT-FOR-US: op-browser node module
CVE-2020-7624 (effect through 1.0.4 is vulnerable to Command Injection. It allows exe ...)
	NOT-FOR-US: effect node module
CVE-2020-7623 (jscover through 1.0.0 is vulnerable to Command Injection. It allows ex ...)
	NOT-FOR-US: Node jscover
CVE-2020-7622 (This affects the package io.jooby:jooby-netty before 1.6.9, from 2.0.0 ...)
	NOT-FOR-US: Jooby
CVE-2020-7621 (strong-nginx-controller through 1.0.2 is vulnerable to Command Injecti ...)
	NOT-FOR-US: Node strong-nginx-controller
CVE-2020-7620 (pomelo-monitor through 0.3.7 is vulnerable to Command Injection.It all ...)
	NOT-FOR-US: Node pomelo-monitor
CVE-2020-7619 (get-git-data through 1.3.1 is vulnerable to Command Injection. It is p ...)
	NOT-FOR-US: get-git-data node module
CVE-2020-7618 (sds through 3.2.0 is vulnerable to Prototype Pollution.The library cou ...)
	NOT-FOR-US: Node sds
CVE-2020-7617 (ini-parser through 0.0.2 is vulnerable to Prototype Pollution.The libr ...)
	NOT-FOR-US: Node ini-parser
CVE-2020-7616 (express-mock-middleware through 0.0.6 is vulnerable to Prototype Pollu ...)
	NOT-FOR-US: Node express-mock-middleware
CVE-2020-7615 (fsa through 0.5.1 is vulnerable to Command Injection. The first argume ...)
	NOT-FOR-US: Node fsa
CVE-2020-7614 (npm-programmatic through 0.0.12 is vulnerable to Command Injection.The ...)
	NOT-FOR-US: npm-programmatic
CVE-2020-7613 (clamscan through 1.2.0 is vulnerable to Command Injection. It is possi ...)
	NOT-FOR-US: Node clamscan
CVE-2020-7612
	REJECTED
CVE-2020-7611 (All versions of io.micronaut:micronaut-http-client before 1.2.11 and a ...)
	NOT-FOR-US: io.micronaut:micronaut-http-client
CVE-2020-7610 (All versions of bson before 1.1.4 are vulnerable to Deserialization of ...)
	[experimental] - node-mongodb 3.5.5+~cs11.12.19-1
	- node-mongodb 3.5.6+~cs11.12.19-1
	[buster] - node-mongodb 3.1.13+~3.1.11-2+deb10u1
	NOTE: Fixed in js-bson v1.1.4 included in 3.5.5+~cs11.12.19
	NOTE: https://snyk.io/vuln/SNYK-JS-BSON-561052
	NOTE: https://github.com/mongodb/js-bson/commit/3809c1313a7b2a8001065f0271199df9fa3d16a8
CVE-2020-7609 (node-rules including 3.0.0 and prior to 5.0.0 allows injection of arbi ...)
	NOT-FOR-US: Node node-rules
CVE-2020-7608 (yargs-parser could be tricked into adding or modifying properties of O ...)
	- node-yargs-parser 18.1.1-1
	[buster] - node-yargs-parser 11.1.1-1+deb10u1
	[stretch] - node-yargs-parser <ignored> (Nodejs in stretch not covered by security support)
	NOTE: https://snyk.io/vuln/SNYK-JS-YARGSPARSER-560381
	NOTE: https://github.com/yargs/yargs-parser/commit/63810ca1ae1a24b08293a4d971e70e058c7a41e2
	NOTE: https://gist.github.com/Kirill89/dcd8100d010896157a36624119439832
CVE-2020-7607 (gulp-styledocco through 0.0.3 allows execution of arbitrary commands.  ...)
	NOT-FOR-US: Node gulp-styledocco
CVE-2020-7606 (docker-compose-remote-api through 0.1.4 allows execution of arbitrary  ...)
	NOT-FOR-US: Node docker-compose-remote-api
CVE-2020-7605 (gulp-tape through 1.0.0 allows execution of arbitrary commands. It is  ...)
	NOT-FOR-US: Node gulp-tape
CVE-2020-7604 (pulverizr through 0.7.0 allows execution of arbitrary commands. Within ...)
	NOT-FOR-US: Node pulverizr
CVE-2020-7603 (closure-compiler-stream through 0.1.15 allows execution of arbitrary c ...)
	NOT-FOR-US: closure-compiler-stream
CVE-2020-7602 (node-prompt-here through 1.0.1 allows execution of arbitrary commands. ...)
	NOT-FOR-US: Node node-prompt-here
CVE-2020-7601 (gulp-scss-lint through 1.0.0 allows execution of arbitrary commands. I ...)
	NOT-FOR-US: Node gulp-scss-lint
CVE-2020-7600 (querymen prior to 2.1.4 allows modification of object properties. The  ...)
	NOT-FOR-US: querymen nodejs module
CVE-2020-7599 (All versions of com.gradle.plugin-publish before 0.11.0 are vulnerable ...)
	NOT-FOR-US: com.gradle.plugin-publish
CVE-2020-7598 (minimist before 1.2.2 could be tricked into adding or modifying proper ...)
	- node-minimist 1.2.5-1 (bug #953762)
	[buster] - node-minimist 1.2.0-1+deb10u1
	[stretch] - node-minimist <ignored> (Nodejs in stretch not covered by security support)
	NOTE: https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
	NOTE: POC: https://gist.github.com/Kirill89/47feb345b09bf081317f08dd43403a8a
	NOTE: Fixed by: https://github.com/substack/minimist/commit/63e7ed05aa4b1889ec2f3b196426db4500cbda94
CVE-2020-7597 (codecov-node npm module before 3.6.5 allows remote attackers to execut ...)
	NOT-FOR-US: codecov-node nodejs module
CVE-2020-7596 (Codecov npm module before 3.6.2 allows remote attackers to execute arb ...)
	NOT-FOR-US: Codecov npm module
CVE-2020-7595 (xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infini ...)
	{DLA-2369-1}
	- libxml2 2.9.10+dfsg-2.1 (bug #949582)
	[buster] - libxml2 2.9.4+dfsg1-7+deb10u1
	[jessie] - libxml2 <no-dsa> (Minor issue)
	NOTE: https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c8907645d2e155f0d89d4d9895ac5112b5
CVE-2020-7594 (MultiTech Conduit MTCDT-LVW2-24XX 1.4.17-ocea-13592 devices allow remo ...)
	NOT-FOR-US: MultiTech Conduit MTCDT-LVW2-24XX devices
CVE-2020-7593 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
	NOT-FOR-US: Siemens
CVE-2020-7592 (A vulnerability has been identified in SIMATIC HMI Basic Panels 1st Ge ...)
	NOT-FOR-US: Siemens
CVE-2020-7591 (A vulnerability has been identified in SIPORT MP (All versions &lt; 3. ...)
	NOT-FOR-US: Siemens
CVE-2020-7590 (A vulnerability has been identified in DCA Vantage Analyzer (All versi ...)
	NOT-FOR-US: DCA Vantage Analyzer
CVE-2020-7589 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
	NOT-FOR-US: Siemens
CVE-2020-7588 (A vulnerability has been identified in Opcenter Execution Discrete (Al ...)
	NOT-FOR-US: Siemens
CVE-2020-7587 (A vulnerability has been identified in Opcenter Execution Discrete (Al ...)
	NOT-FOR-US: Siemens
CVE-2020-7586 (A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier  ...)
	NOT-FOR-US: Siemens
CVE-2020-7585 (A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier  ...)
	NOT-FOR-US: Siemens
CVE-2020-7584 (A vulnerability has been identified in SIMATIC S7-200 SMART CPU family ...)
	NOT-FOR-US: Siemens
CVE-2020-7583 (A vulnerability has been identified in Automation License Manager 5 (A ...)
	NOT-FOR-US: Siemens
CVE-2020-7582
	RESERVED
CVE-2020-7581 (A vulnerability has been identified in Opcenter Execution Discrete (Al ...)
	NOT-FOR-US: Siemens
CVE-2020-7580 (A vulnerability has been identified in SIMATIC Automation Tool (All ve ...)
	NOT-FOR-US: Siemens
CVE-2020-7579 (A vulnerability has been identified in Spectrum Power&#8482; 5 (All ve ...)
	NOT-FOR-US: Siemens
CVE-2020-7578 (A vulnerability has been identified in Camstar Enterprise Platform (Al ...)
	NOT-FOR-US: Siemens
CVE-2020-7577 (A vulnerability has been identified in Camstar Enterprise Platform (Al ...)
	NOT-FOR-US: Siemens
CVE-2020-7576 (A vulnerability has been identified in Camstar Enterprise Platform (Al ...)
	NOT-FOR-US: Siemens
CVE-2020-7575 (A vulnerability has been identified in Climatix POL908 (BACnet/IP modu ...)
	NOT-FOR-US: Climatix
CVE-2020-7574 (A vulnerability has been identified in Climatix POL908 (BACnet/IP modu ...)
	NOT-FOR-US: Climatix
CVE-2020-7573 (A CWE-284 Improper Access Control vulnerability exists in EcoStruxure  ...)
	NOT-FOR-US: EcoStruxure Building Operation WebReports
CVE-2020-7572 (A CWE-611 Improper Restriction of XML External Entity Reference vulner ...)
	NOT-FOR-US: EcoStruxure Building Operation WebReports
CVE-2020-7571 (A CWE-79 Multiple Improper Neutralization of Input During Web Page Gen ...)
	NOT-FOR-US: EcoStruxure Building Operation WebReports
CVE-2020-7570 (A CWE-79 Improper Neutralization of Input During Web Page Generation ( ...)
	NOT-FOR-US: EcoStruxure Building Operation WebReports
CVE-2020-7569 (A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerabilit ...)
	NOT-FOR-US: EcoStruxure Building Operation WebReports
CVE-2020-7568 (A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor  ...)
	NOT-FOR-US: Modicon
CVE-2020-7567 (A CWE-311: Missing Encryption of Sensitive Data vulnerability exists i ...)
	NOT-FOR-US: Modicon
CVE-2020-7566 (A CWE-334: Small Space of Random Values vulnerability exists in Modico ...)
	NOT-FOR-US: Modicon
CVE-2020-7565 (A CWE-326: Inadequate Encryption Strength vulnerability exists in Modi ...)
	NOT-FOR-US: Modicon
CVE-2020-7564 (A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer ...)
	NOT-FOR-US: Modicon
CVE-2020-7563 (A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server  ...)
	NOT-FOR-US: Modicon
CVE-2020-7562 (A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server o ...)
	NOT-FOR-US: Modicon
CVE-2020-7561 (A CWE-284: Improper Access Control vulnerability exists in Easergy T30 ...)
	NOT-FOR-US: Easergy
CVE-2020-7560 (A CWE-123: Write-what-where Condition vulnerability exists in EcoStrux ...)
	NOT-FOR-US: EcoStruxure Control Expert
CVE-2020-7559 (A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer ...)
	NOT-FOR-US: EcoStruxure Control Expert
CVE-2020-7558 (A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition  ...)
	NOT-FOR-US: IGSS Definition (Def.exe)
CVE-2020-7557 (A CWE-125 Out-of-bounds Read vulnerability exists in IGSS Definition ( ...)
	NOT-FOR-US: IGSS Definition (Def.exe)
CVE-2020-7556 (A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition  ...)
	NOT-FOR-US: IGSS Definition (Def.exe)
CVE-2020-7555 (A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition  ...)
	NOT-FOR-US: IGSS Definition (Def.exe)
CVE-2020-7554 (A CWE-119 Improper Restriction of Operations within the Bounds of a Me ...)
	NOT-FOR-US: IGSS Definition (Def.exe)
CVE-2020-7553 (A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition  ...)
	NOT-FOR-US: IGSS Definition (Def.exe)
CVE-2020-7552 (A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition ...)
	NOT-FOR-US: IGSS Definition (Def.exe)
CVE-2020-7551 (A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition ...)
	NOT-FOR-US: IGSS Definition (Def.exe)
CVE-2020-7550 (A CWE-119 Improper Restriction of Operations within the Bounds of a Me ...)
	NOT-FOR-US: IGSS Definition (Def.exe)
CVE-2020-7549 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...)
	NOT-FOR-US: Modicon
CVE-2020-7548 (A CWE-330 - Use of Insufficiently Random Values vulnerability exists i ...)
	NOT-FOR-US: Schneider
CVE-2020-7547 (A CWE-284: Improper Access Control vulnerability exists in EcoStruxure ...)
	NOT-FOR-US: Schneider
CVE-2020-7546 (A CWE-79: Improper Neutralization of Input During Web Page Generation  ...)
	NOT-FOR-US: Schneider
CVE-2020-7545 (A CWE-284:Improper Access Control vulnerability exists in EcoStruxure& ...)
	NOT-FOR-US: Schneider
CVE-2020-7544 (A CWE-269 Improper Privilege Management vulnerability exists in EcoStr ...)
	NOT-FOR-US: EcoStruxure Operator Terminal Expert runtime
CVE-2020-7543 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...)
	NOT-FOR-US: Modicon
CVE-2020-7542 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...)
	NOT-FOR-US: Modicon
CVE-2020-7541 (A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in  ...)
	NOT-FOR-US: Modicon
CVE-2020-7540 (A CWE-306: Missing Authentication for Critical Function vulnerability  ...)
	NOT-FOR-US: Modicon
CVE-2020-7539 (A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnera ...)
	NOT-FOR-US: Modicon
CVE-2020-7538 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...)
	NOT-FOR-US: EcoStruxure Control Expert
CVE-2020-7537 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...)
	NOT-FOR-US: Modicon
CVE-2020-7536 (A CWE-754:Improper Check for Unusual or Exceptional Conditions vulnera ...)
	NOT-FOR-US: Modicon
CVE-2020-7535 (A CWE-22: Improper Limitation of a Pathname to a Restricted Directory  ...)
	NOT-FOR-US: Modicon
CVE-2020-7534 (A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists on t ...)
	NOT-FOR-US: Schneider Electric
CVE-2020-7533 (A CWE-255: Credentials Management vulnerability exists in Web Server o ...)
	NOT-FOR-US: Modicon
CVE-2020-7532 (A CWE-502 Deserialization of Untrusted Data vulnerability exists in SC ...)
	NOT-FOR-US: SCADAPack x70 Security Administrator
CVE-2020-7531 (A CWE-284 Improper Access Control vulnerability exists in SCADAPack 7x ...)
	NOT-FOR-US: SCADAPack 7x Remote Connect
CVE-2020-7530 (A CWE-285 Improper Authorization vulnerability exists in SCADAPack 7x  ...)
	NOT-FOR-US: SCADAPack 7x Remote Connect
CVE-2020-7529 (A CWE-22 Improper Limitation of a Pathname to a Restricted Directory ( ...)
	NOT-FOR-US: SCADAPack 7x Remote Connect
CVE-2020-7528 (A CWE-502 Deserialization of Untrusted Data vulnerability exists in SC ...)
	NOT-FOR-US: SCADAPack 7x Remote Connect
CVE-2020-7527 (Incorrect Default Permission vulnerability exists in SoMove (V2.8.1) a ...)
	NOT-FOR-US: Schneider
CVE-2020-7526 (Improper Input Validation vulnerability exists in PowerChute Business  ...)
	NOT-FOR-US: Schneider
CVE-2020-7525 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
	NOT-FOR-US: Schneider
CVE-2020-7524 (Out-of-bounds Write vulnerability exists in Modicon M218 Logic Control ...)
	NOT-FOR-US: Schneider
CVE-2020-7523 (Improper Privilege Management vulnerability exists in Schneider Electr ...)
	NOT-FOR-US: Schneider
CVE-2020-7522 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
	NOT-FOR-US: Schneider
CVE-2020-7521 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
	NOT-FOR-US: Schneider
CVE-2020-7520 (A CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnera ...)
	NOT-FOR-US: Schneider
CVE-2020-7519 (A CWE-521: Weak Password Requirements vulnerability exists in Easergy  ...)
	NOT-FOR-US: Schneider
CVE-2020-7518 (A CWE-20: Improper input validation vulnerability exists in Easergy Bu ...)
	NOT-FOR-US: Schneider
CVE-2020-7517 (A CWE-312: Cleartext Storage of Sensitive Information vulnerability ex ...)
	NOT-FOR-US: Schneider
CVE-2020-7516 (A CWE-316: Cleartext Storage of Sensitive Information in Memory vulner ...)
	NOT-FOR-US: Schneider
CVE-2020-7515 (A CWE-321: Use of hard-coded cryptographic key stored in cleartext vul ...)
	NOT-FOR-US: Schneider
CVE-2020-7514 (A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerabil ...)
	NOT-FOR-US: Schneider
CVE-2020-7513 (A CWE-312: Cleartext Storage of Sensitive Information vulnerability ex ...)
	NOT-FOR-US: Schneider
CVE-2020-7512 (A CWE-1103: Use of Platform-Dependent Third Party Components with vuln ...)
	NOT-FOR-US: Easergy T300
CVE-2020-7511 (A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerabil ...)
	NOT-FOR-US: Easergy T300
CVE-2020-7510 (A CWE-200: Information Exposure vulnerability exists in Easergy T300 ( ...)
	NOT-FOR-US: Easergy T300
CVE-2020-7509 (A CWE-269: Improper privilege management (write) vulnerability exists  ...)
	NOT-FOR-US: Easergy T300
CVE-2020-7508 (A CWE-307 Improper Restriction of Excessive Authentication Attempts vu ...)
	NOT-FOR-US: Easergy T300
CVE-2020-7507 (A CWE-400: Uncontrolled Resource Consumption vulnerability exists in E ...)
	NOT-FOR-US: Easergy T300
CVE-2020-7506 (A CWE-200: Information Exposure vulnerability exists in Easergy T300,  ...)
	NOT-FOR-US: Easergy T300
CVE-2020-7505 (A CWE-494 Download of Code Without Integrity Check vulnerability exist ...)
	NOT-FOR-US: Easergy T300
CVE-2020-7504 (A CWE-20: Improper Input Validation vulnerability exists in Easergy T3 ...)
	NOT-FOR-US: Easergy T300
CVE-2020-7503 (A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists in E ...)
	NOT-FOR-US: Easergy T300
CVE-2020-7502 (A CWE-787: Out-of-bounds Write vulnerability exists in Modicon M218 Lo ...)
	NOT-FOR-US: Modicon
CVE-2020-7501 (A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo ...)
	NOT-FOR-US: Schneider
CVE-2020-7500 (A CWE-89:Improper Neutralization of Special Elements used in an SQL Co ...)
	NOT-FOR-US: Schneider
CVE-2020-7499 (A CWE-863: Incorrect Authorization vulnerability exists in U.motion Se ...)
	NOT-FOR-US: Schneider
CVE-2020-7498 (A CWE-798: Use of Hard-coded Credentials vulnerability exists in the U ...)
	NOT-FOR-US: Schneider
CVE-2020-7497 (A CWE-22: Improper Limitation of a Pathname to a Restricted Directory  ...)
	NOT-FOR-US: Schneider
CVE-2020-7496 (A CWE-88: Argument Injection or Modification vulnerability exists in E ...)
	NOT-FOR-US: Schneider
CVE-2020-7495 (A CWE-22: Improper Limitation of a Pathname to a Restricted Directory  ...)
	NOT-FOR-US: Schneider
CVE-2020-7494 (A CWE-22: Improper Limitation of a Pathname to a Restricted Directory  ...)
	NOT-FOR-US: Schneider
CVE-2020-7493 (A CWE-89: Improper Neutralization of Special Elements used in an SQL C ...)
	NOT-FOR-US: Schneider
CVE-2020-7492 (A CWE-521: Weak Password Requirements vulnerability exists in the GP-P ...)
	NOT-FOR-US: Schneider
CVE-2020-7491 (**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy debug port account in ...)
	NOT-FOR-US: Schneider
CVE-2020-7490 (A CWE-426: Untrusted Search Path vulnerability exists in Vijeo Designe ...)
	NOT-FOR-US: Schneider
CVE-2020-7489 (A CWE-74: Improper Neutralization of Special Elements in Output Used b ...)
	NOT-FOR-US: Schneider
CVE-2020-7488 (A CWE-319: Cleartext Transmission of Sensitive Information vulnerabili ...)
	NOT-FOR-US: Schneider
CVE-2020-7487 (A CWE-345: Insufficient Verification of Data Authenticity vulnerabilit ...)
	NOT-FOR-US: Schneider
CVE-2020-7486 (**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause TC ...)
	NOT-FOR-US: Schneider Electric
CVE-2020-7485 (**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in th ...)
	NOT-FOR-US: Schneider Electric
CVE-2020-7484 (**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability with the forme ...)
	NOT-FOR-US: Schneider Electric
CVE-2020-7483 (**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause ce ...)
	NOT-FOR-US: Schneider Electric
CVE-2020-7482 (A CWE-79:Improper Neutralization of Input During Web Page Generation ( ...)
	NOT-FOR-US: Andover Continuum
CVE-2020-7481 (A CWE-79:Improper Neutralization of Input During Web Page Generation ( ...)
	NOT-FOR-US: Andover Continuum
CVE-2020-7480 (A CWE-94: Improper Control of Generation of Code ('Code Injection') vu ...)
	NOT-FOR-US: Andover Continuum
CVE-2020-7479 (A CWE-306: Missing Authentication for Critical Function vulnerability  ...)
	NOT-FOR-US: IGSS
CVE-2020-7478 (A CWE-22: Improper Limitation of a Pathname to a Restricted Directory  ...)
	NOT-FOR-US: IGSS
CVE-2020-7477 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...)
	NOT-FOR-US: Quantum Ethernet Network module
CVE-2020-7476 (A CWE-426: Untrusted Search Path vulnerability exists in ZigBee Instal ...)
	NOT-FOR-US: ZigBee Installation Kit
CVE-2020-7475 (A CWE-74: Improper Neutralization of Special Elements in Output Used b ...)
	NOT-FOR-US: EcoStruxure Control Expert
CVE-2020-7474 (A CWE-427: Uncontrolled Search Path Element vulnerability exists in Pr ...)
	NOT-FOR-US: ProSoft Configurator
CVE-2020-7473 (In certain situations, all versions of Citrix ShareFile StorageZones ( ...)
	NOT-FOR-US: Citrix
CVE-2020-7472 (An authorization bypass and PHP local-file-include vulnerability in th ...)
	NOT-FOR-US: SugarCRM
CVE-2020-7471 (Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 al ...)
	{DSA-4629-1}
	- python-django 2:2.2.10-1 (bug #950581)
	[jessie] - python-django <not-affected> (Vulnerable code introduced in Django ~1.9)
	NOTE: https://www.djangoproject.com/weblog/2020/feb/03/security-releases/
	NOTE: https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136 (master)
	NOTE: https://github.com/django/django/commit/505826b469b16ab36693360da9e11fd13213421b (3.0.3)
	NOTE: https://github.com/django/django/commit/c67a368c16e4680b324b4f385398d638db4d8147 (2.2.10)
	NOTE: https://github.com/django/django/commit/001b0634cd309e372edb6d7d95d083d02b8e37bd (1.11.28)
CVE-2020-7470 (Sonoff TH 10 and 16 devices with firmware 6.6.0.21 allows XSS via the  ...)
	NOT-FOR-US: Sonoff TH 10 and 16 devices
CVE-2020-7469 (In FreeBSD 12.2-STABLE before r367402, 11.4-STABLE before r368202, 12. ...)
	- kfreebsd-10 <unfixed> (unimportant)
CVE-2020-7468 (In FreeBSD 12.2-STABLE before r365772, 11.4-STABLE before r365773, 12. ...)
	NOT-FOR-US: FreeBSD ftpd
CVE-2020-7467 (In FreeBSD 12.2-STABLE before r365767, 11.4-STABLE before r365769, 12. ...)
	NOT-FOR-US: FreeBSD
CVE-2020-7466 (The PPP implementation of MPD before 5.9 allows a remote attacker who  ...)
	NOT-FOR-US: MPD (FreeBSD PPP daemon)
CVE-2020-7465 (The L2TP implementation of MPD before 5.9 allows a remote attacker who ...)
	NOT-FOR-US: MPD (FreeBSD PPP daemon)
CVE-2020-7464 (In FreeBSD 12.2-STABLE before r365730, 11.4-STABLE before r365738, 12. ...)
	- kfreebsd-10 <unfixed> (unimportant)
CVE-2020-7463 (In FreeBSD 12.1-STABLE before r364644, 11.4-STABLE before r364651, 12. ...)
	- kfreebsd-10 <unfixed> (unimportant)
CVE-2020-7462 (In 11.4-PRERELEASE before r360733 and 11.3-RELEASE before p13, imprope ...)
	- kfreebsd-10 <unfixed> (unimportant)
CVE-2020-7461 (In FreeBSD 12.1-STABLE before r365010, 11.4-STABLE before r365011, 12. ...)
	NOT-FOR-US: FreeBSD
CVE-2020-7460 (In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-ST ...)
	NOT-FOR-US: FreeBSD
CVE-2020-7459 (In FreeBSD 12.1-STABLE before r362166, 12.1-RELEASE before p8, 11.4-ST ...)
	- kfreebsd-10 <unfixed> (unimportant)
	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-20:21.usb_net.asc
CVE-2020-7458 (In FreeBSD 12.1-STABLE before r362281, 11.4-STABLE before r362281, and ...)
	NOT-FOR-US: FreeBSD
CVE-2020-7457 (In FreeBSD 12.1-STABLE before r359565, 12.1-RELEASE before p7, 11.4-ST ...)
	NOT-FOR-US: FreeBSD
CVE-2020-7456 (In FreeBSD 12.1-STABLE before r361918, 12.1-RELEASE before p6, 11.4-ST ...)
	- kfreebsd-10 <unfixed> (unimportant)
	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-20:17.usb.asc
CVE-2020-7455 (In FreeBSD 12.1-STABLE before r360973, 12.1-RELEASE before p5, 11.4-ST ...)
	NOT-FOR-US: FreeBSD
CVE-2020-7454 (In FreeBSD 12.1-STABLE before r360971, 12.1-RELEASE before p5, 11.4-ST ...)
	NOT-FOR-US: FreeBSD
CVE-2020-7453 (In FreeBSD 12.1-STABLE before r359021, 12.1-RELEASE before 12.1-RELEAS ...)
	- kfreebsd-10 <unfixed> (unimportant)
	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-20:08.jail.asc
CVE-2020-7452 (In FreeBSD 12.1-STABLE before r357490, 12.1-RELEASE before 12.1-RELEAS ...)
	- kfreebsd-10 <unfixed> (unimportant)
	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-20:07.epair.asc
CVE-2020-7451 (In FreeBSD 12.1-STABLE before r358739, 12.1-RELEASE before 12.1-RELEAS ...)
	NOT-FOR-US: FreeBSD
CVE-2020-7450 (In FreeBSD 12.1-STABLE before r357213, 12.1-RELEASE before 12.1-RELEAS ...)
	NOT-FOR-US: FreeBSD
CVE-2020-7449
	RESERVED
CVE-2020-7448
	RESERVED
CVE-2020-7447
	RESERVED
CVE-2020-7446
	RESERVED
CVE-2020-7445
	RESERVED
CVE-2020-7444
	RESERVED
CVE-2020-7443
	RESERVED
CVE-2020-7442
	RESERVED
CVE-2020-7441
	RESERVED
CVE-2020-7440
	RESERVED
CVE-2020-7439
	RESERVED
CVE-2020-7438
	RESERVED
CVE-2020-7437
	RESERVED
CVE-2020-7436
	RESERVED
CVE-2020-7435
	RESERVED
CVE-2020-7434
	RESERVED
CVE-2020-7433
	RESERVED
CVE-2020-7432
	RESERVED
CVE-2020-7431
	RESERVED
CVE-2020-7430
	RESERVED
CVE-2020-7429
	RESERVED
CVE-2020-7428
	RESERVED
CVE-2020-7427
	RESERVED
CVE-2020-7426
	RESERVED
CVE-2020-7425
	RESERVED
CVE-2020-7424
	RESERVED
CVE-2020-7423
	RESERVED
CVE-2020-7422
	RESERVED
CVE-2020-7421
	RESERVED
CVE-2020-7420
	RESERVED
CVE-2020-7419
	RESERVED
CVE-2020-7418
	RESERVED
CVE-2020-7417
	RESERVED
CVE-2020-7416
	RESERVED
CVE-2020-7415
	RESERVED
CVE-2020-7414
	RESERVED
CVE-2020-7413
	RESERVED
CVE-2020-7412
	RESERVED
CVE-2020-7411
	RESERVED
CVE-2020-7410
	RESERVED
CVE-2020-7409
	RESERVED
CVE-2020-7408
	RESERVED
CVE-2020-7407
	RESERVED
CVE-2020-7406
	RESERVED
CVE-2020-7405
	RESERVED
CVE-2020-7404
	RESERVED
CVE-2020-7403
	RESERVED
CVE-2020-7402
	RESERVED
CVE-2020-7401
	RESERVED
CVE-2020-7400
	RESERVED
CVE-2020-7399
	RESERVED
CVE-2020-7398
	RESERVED
CVE-2020-7397
	RESERVED
CVE-2020-7396
	RESERVED
CVE-2020-7395
	RESERVED
CVE-2020-7394
	RESERVED
CVE-2020-7393
	RESERVED
CVE-2020-7392
	RESERVED
CVE-2020-7391
	RESERVED
CVE-2020-7390 (Sage X3 Stored XSS Vulnerability on &#8216;Edit&#8217; Page of User Pr ...)
	NOT-FOR-US: Sage X3
CVE-2020-7389 (Sage X3 System CHAINE Variable Script Command Injection. An authentica ...)
	NOT-FOR-US: Sage X3
CVE-2020-7388 (Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in Ad ...)
	NOT-FOR-US: Sage X3
CVE-2020-7387 (Sage X3 Installation Pathname Disclosure. A specially crafted packet c ...)
	NOT-FOR-US: Sage X3
CVE-2020-7386
	RESERVED
CVE-2020-7385 (By launching the drb_remote_codeexec exploit, a Metasploit Framework u ...)
	NOT-FOR-US: Rapid7
CVE-2020-7384 (Rapid7's Metasploit msfvenom framework handles APK files in a way that ...)
	NOT-FOR-US: Rapid7
CVE-2020-7383 (A SQL Injection issue in Rapid7 Nexpose version prior to 6.6.49 that m ...)
	NOT-FOR-US: Rapid7 Nexpose
CVE-2020-7382 (Rapid7 Nexpose installer version prior to 6.6.40 contains an Unquoted  ...)
	NOT-FOR-US: Rapid7 Nexpose installer
CVE-2020-7381 (In Rapid7 Nexpose installer versions prior to 6.6.40, the Nexpose inst ...)
	NOT-FOR-US: Rapid7 Nexpose installer
CVE-2020-7380
	RESERVED
CVE-2020-7379
	RESERVED
CVE-2020-7378 (CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an  ...)
	NOT-FOR-US: CRIXP OpenCRX
CVE-2020-7377 (The Metasploit Framework module "auxiliary/admin/http/telpho10_credent ...)
	NOT-FOR-US: Metasploit Framework module
CVE-2020-7376 (The Metasploit Framework module "post/osx/gather/enum_osx module" is a ...)
	NOT-FOR-US: Metasploit Framework module
CVE-2020-7375
	RESERVED
CVE-2020-7374 (Documalis Free PDF Editor version 5.7.2.26 and Documalis Free PDF Scan ...)
	NOT-FOR-US: Documalis Free PDF Editor
CVE-2020-7373 (vBulletin 5.5.4 through 5.6.2 allows remote command execution via craf ...)
	NOT-FOR-US: vBulletin
CVE-2020-7372
	RESERVED
CVE-2020-7371 (User Interface (UI) Misrepresentation of Critical Information vulnerab ...)
	NOT-FOR-US: Yandex Browser
CVE-2020-7370 (User Interface (UI) Misrepresentation of Critical Information vulnerab ...)
	NOT-FOR-US: Danyil Vasilenko's Bolt Browser
CVE-2020-7369 (User Interface (UI) Misrepresentation of Critical Information vulnerab ...)
	NOT-FOR-US: Yandex Browser
CVE-2020-7368
	RESERVED
CVE-2020-7367
	RESERVED
CVE-2020-7366
	RESERVED
CVE-2020-7365
	RESERVED
CVE-2020-7364 (User Interface (UI) Misrepresentation of Critical Information vulnerab ...)
	NOT-FOR-US: UCWeb's UC Browser
CVE-2020-7363 (User Interface (UI) Misrepresentation of Critical Information vulnerab ...)
	NOT-FOR-US: UCWeb's UC Browser
CVE-2020-7362
	RESERVED
CVE-2020-7361 (The EasyCorp ZenTao Pro application suffers from an OS command injecti ...)
	NOT-FOR-US: EasyCorp ZenTao Pro application
CVE-2020-7360 (An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartCo ...)
	NOT-FOR-US: SmartControl
CVE-2020-7359
	RESERVED
CVE-2020-7358 (In AppSpider installer versions prior to 7.2.126, the AppSpider instal ...)
	NOT-FOR-US: AppSpider installer
CVE-2020-7357 (Cayin CMS suffers from an authenticated OS semi-blind command injectio ...)
	NOT-FOR-US: Cayin CMS
CVE-2020-7356 (CAYIN xPost suffers from an unauthenticated SQL Injection vulnerabilit ...)
	NOT-FOR-US: CAYIN xPost
CVE-2020-7355 (Cross-site Scripting (XSS) vulnerability in the 'notes' field of a dis ...)
	NOT-FOR-US: Metasploit Pro
CVE-2020-7354 (Cross-site Scripting (XSS) vulnerability in the 'host' field of a disc ...)
	NOT-FOR-US: Metasploit Pro
CVE-2020-7353
	RESERVED
CVE-2020-7352 (The GalaxyClientService component of GOG Galaxy runs with elevated SYS ...)
	NOT-FOR-US: GOG Galaxy
CVE-2020-7351 (An OS Command Injection vulnerability in the endpoint_devicemap.php co ...)
	NOT-FOR-US: Fonality Trixbox Community Edition
CVE-2020-7350 (Rapid7 Metasploit Framework versions before 5.0.85 suffers from an ins ...)
	NOT-FOR-US: Rapid7 Metasploit Framework
CVE-2020-7349
	RESERVED
CVE-2020-7348
	RESERVED
CVE-2020-7347
	RESERVED
CVE-2020-7346 (Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP ...)
	NOT-FOR-US: McAfee
CVE-2020-7345
	RESERVED
CVE-2020-7344
	RESERVED
CVE-2020-7343 (Missing Authorization vulnerability in McAfee Agent (MA) for Windows p ...)
	NOT-FOR-US: McAfee
CVE-2020-7342
	RESERVED
CVE-2020-7341
	RESERVED
CVE-2020-7340
	RESERVED
CVE-2020-7339 (Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAf ...)
	NOT-FOR-US: McAfee
CVE-2020-7338
	RESERVED
CVE-2020-7337 (Incorrect Permission Assignment for Critical Resource vulnerability in ...)
	NOT-FOR-US: McAfee
CVE-2020-7336 (Cross Site Request Forgery vulnerability in McAfee Network Security Ma ...)
	NOT-FOR-US: McAfee
CVE-2020-7335 (Privilege Escalation vulnerability in Microsoft Windows client McAfee  ...)
	NOT-FOR-US: McAfee
CVE-2020-7334 (Improper privilege assignment vulnerability in the installer McAfee Ap ...)
	NOT-FOR-US: McAfee
CVE-2020-7333 (Cross site scripting vulnerability in the firewall ePO extension of Mc ...)
	NOT-FOR-US: McAfee
CVE-2020-7332 (Cross Site Request Forgery vulnerability in the firewall ePO extension ...)
	NOT-FOR-US: McAfee
CVE-2020-7331 (Unquoted service executable path in McAfee Endpoint Security (ENS) pri ...)
	NOT-FOR-US: McAfee
CVE-2020-7330 (Privilege Escalation vulnerability in McAfee Total Protection (MTP) tr ...)
	NOT-FOR-US: McAfee
CVE-2020-7329 (Server-side request forgery vulnerability in the ePO extension in McAf ...)
	NOT-FOR-US: McAfee
CVE-2020-7328 (External entity attack vulnerability in the ePO extension in McAfee MV ...)
	NOT-FOR-US: McAfee
CVE-2020-7327 (Improperly implemented security check in McAfee MVISION Endpoint Detec ...)
	NOT-FOR-US: McAfee
CVE-2020-7326 (Improperly implemented security check in McAfee Active Response (MAR)  ...)
	NOT-FOR-US: McAfee
CVE-2020-7325 (Privilege Escalation vulnerability in McAfee MVISION Endpoint prior to ...)
	NOT-FOR-US: McAfee
CVE-2020-7324 (Improper Access Control vulnerability in McAfee MVISION Endpoint prior ...)
	NOT-FOR-US: McAfee
CVE-2020-7323 (Authentication Protection Bypass vulnerability in McAfee Endpoint Secu ...)
	NOT-FOR-US: McAfee
CVE-2020-7322 (Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) ...)
	NOT-FOR-US: McAfee
CVE-2020-7321
	RESERVED
CVE-2020-7320 (Protection Mechanism Failure vulnerability in McAfee Endpoint Security ...)
	NOT-FOR-US: McAfee
CVE-2020-7319 (Improper Access Control vulnerability in McAfee Endpoint Security (ENS ...)
	NOT-FOR-US: McAfee
CVE-2020-7318 (Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO ...)
	NOT-FOR-US: McAfee
CVE-2020-7317 (Cross-Site Scripting vulnerability in McAfee ePolicy Orchistrator (ePO ...)
	NOT-FOR-US: McAfee
CVE-2020-7316 (Unquoted service path vulnerability in McAfee File and Removable Media ...)
	NOT-FOR-US: McAfee
CVE-2020-7315 (DLL Injection Vulnerability in McAfee Agent (MA) for Windows prior to  ...)
	NOT-FOR-US: McAfee
CVE-2020-7314 (Privilege Escalation Vulnerability in the installer in McAfee Data Exc ...)
	NOT-FOR-US: McAfee
CVE-2020-7313
	RESERVED
CVE-2020-7312 (DLL Search Order Hijacking Vulnerability in the installer in McAfee Ag ...)
	NOT-FOR-US: McAfee
CVE-2020-7311 (Privilege Escalation vulnerability in the installer in McAfee Agent (M ...)
	NOT-FOR-US: McAfee
CVE-2020-7310 (Privilege Escalation vulnerability in the installer in McAfee McAfee T ...)
	NOT-FOR-US: McAfee
CVE-2020-7309 (Cross Site Scripting vulnerability in ePO extension in McAfee Applicat ...)
	NOT-FOR-US: McAfee
CVE-2020-7308 (Cleartext Transmission of Sensitive Information between McAfee Endpoin ...)
	NOT-FOR-US: McAfee
CVE-2020-7307 (Unprotected Storage of Credentials vulnerability in McAfee Data Loss P ...)
	NOT-FOR-US: McAfee
CVE-2020-7306 (Unprotected Storage of Credentials vulnerability in McAfee Data Loss P ...)
	NOT-FOR-US: McAfee
CVE-2020-7305 (Privilege escalation vulnerability in McAfee Data Loss Prevention (DLP ...)
	NOT-FOR-US: McAfee
CVE-2020-7304 (Cross site request forgery vulnerability in McAfee Data Loss Preventio ...)
	NOT-FOR-US: McAfee
CVE-2020-7303 (Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP ...)
	NOT-FOR-US: McAfee
CVE-2020-7302 (Unrestricted Upload of File with Dangerous Type in McAfee Data Loss Pr ...)
	NOT-FOR-US: McAfee
CVE-2020-7301 (Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP ...)
	NOT-FOR-US: McAfee
CVE-2020-7300 (Improper Authorization vulnerability in McAfee Data Loss Prevention (D ...)
	NOT-FOR-US: McAfee
CVE-2020-7299 (Cleartext Storage of Sensitive Information in Memory vulnerability in  ...)
	NOT-FOR-US: McAfee
CVE-2020-7298 (Unexpected behavior violation in McAfee Total Protection (MTP) prior t ...)
	NOT-FOR-US: McAfee
CVE-2020-7297 (Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior t ...)
	NOT-FOR-US: McAfee
CVE-2020-7296 (Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior t ...)
	NOT-FOR-US: McAfee
CVE-2020-7295 (Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior t ...)
	NOT-FOR-US: McAfee
CVE-2020-7294 (Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior t ...)
	NOT-FOR-US: McAfee
CVE-2020-7293 (Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior t ...)
	NOT-FOR-US: McAfee
CVE-2020-7292 (Inappropriate Encoding for output context vulnerability in McAfee Web  ...)
	NOT-FOR-US: McAfee
CVE-2020-7291 (Privilege Escalation vulnerability in McAfee Active Response (MAR) for ...)
	NOT-FOR-US: McAfee
CVE-2020-7290 (Privilege Escalation vulnerability in McAfee Active Response (MAR) for ...)
	NOT-FOR-US: McAfee
CVE-2020-7289 (Privilege Escalation vulnerability in McAfee Active Response (MAR) for ...)
	NOT-FOR-US: McAfee
CVE-2020-7288 (Privilege Escalation vulnerability in McAfee Exploit Detection and Res ...)
	NOT-FOR-US: McAfee
CVE-2020-7287 (Privilege Escalation vulnerability in McAfee Exploit Detection and Res ...)
	NOT-FOR-US: McAfee
CVE-2020-7286 (Privilege Escalation vulnerability in McAfee Exploit Detection and Res ...)
	NOT-FOR-US: McAfee
CVE-2020-7285 (Privilege Escalation vulnerability in McAfee MVISION Endpoint prior to ...)
	NOT-FOR-US: McAfee
CVE-2020-7284 (Exposure of Sensitive Information in McAfee Network Security Managemen ...)
	NOT-FOR-US: McAfee
CVE-2020-7283 (Privilege Escalation vulnerability in McAfee Total Protection (MTP) be ...)
	NOT-FOR-US: McAfee
CVE-2020-7282 (Privilege Escalation vulnerability in McAfee Total Protection (MTP) be ...)
	NOT-FOR-US: McAfee
CVE-2020-7281 (Privilege Escalation vulnerability in McAfee Total Protection (MTP) pr ...)
	NOT-FOR-US: McAfee
CVE-2020-7280 (Privilege Escalation vulnerability during daily DAT updates when using ...)
	NOT-FOR-US: McAfee
CVE-2020-7279 (DLL Search Order Hijacking Vulnerability in the installer component of ...)
	NOT-FOR-US: McAfee
CVE-2020-7278 (Exploiting incorrectly configured access control security levels vulne ...)
	NOT-FOR-US: McAfee
CVE-2020-7277 (Protection mechanism failure in all processes in McAfee Endpoint Secur ...)
	NOT-FOR-US: McAfee
CVE-2020-7276 (Authentication bypass vulnerability in MfeUpgradeTool in McAfee Endpoi ...)
	NOT-FOR-US: McAfee
CVE-2020-7275 (Accessing, modifying or executing executable files vulnerability in th ...)
	NOT-FOR-US: McAfee
CVE-2020-7274 (Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Se ...)
	NOT-FOR-US: McAfee
CVE-2020-7273 (Accessing functionality not properly constrained by ACLs vulnerability ...)
	NOT-FOR-US: McAfee
CVE-2020-7272
	RESERVED
CVE-2020-7271
	RESERVED
CVE-2020-7270 (Exposure of Sensitive Information in the web interface in McAfee Advan ...)
	NOT-FOR-US: McAfee
CVE-2020-7269 (Exposure of Sensitive Information in the web interface in McAfee Advan ...)
	NOT-FOR-US: McAfee
CVE-2020-7268 (Path Traversal vulnerability in McAfee McAfee Email Gateway (MEG) prio ...)
	NOT-FOR-US: McAfee
CVE-2020-7267 (Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE ...)
	NOT-FOR-US: McAfee
CVE-2020-7266 (Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE ...)
	NOT-FOR-US: McAfee
CVE-2020-7265 (Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) f ...)
	NOT-FOR-US: McAfee
CVE-2020-7264 (Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) f ...)
	NOT-FOR-US: McAfee
CVE-2020-7263 (Improper access control vulnerability in ESconfigTool.exe in McAfee En ...)
	NOT-FOR-US: ENS for Windows
CVE-2020-7262 (Improper Access Control vulnerability in McAfee Advanced Threat Defens ...)
	NOT-FOR-US: McAfee
CVE-2020-7261 (Buffer Overflow via Environment Variables vulnerability in AMSI compon ...)
	NOT-FOR-US: McAfee
CVE-2020-7260 (DLL Side Loading vulnerability in the installer for McAfee Application ...)
	NOT-FOR-US: McAfee
CVE-2020-7259 (Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoi ...)
	NOT-FOR-US: McAfee
CVE-2020-7258 (Cross site scripting vulnerability in McAfee Network Security Manageme ...)
	NOT-FOR-US: McAfee
CVE-2020-7257 (Privilege escalation vulnerability in McAfee Endpoint Security (ENS) f ...)
	NOT-FOR-US: McAfee
CVE-2020-7256 (Cross site scripting vulnerability in McAfee Network Security Manageme ...)
	NOT-FOR-US: McAfee
CVE-2020-7255 (Privilege escalation vulnerability in the administrative user interfac ...)
	NOT-FOR-US: McAfee
CVE-2020-7254 (Privilege Escalation vulnerability in the command line interface in Mc ...)
	NOT-FOR-US: McAfee
CVE-2020-7253 (Improper access control vulnerability in masvc.exe in McAfee Agent (MA ...)
	NOT-FOR-US: McAfee
CVE-2020-7252 (Unquoted service executable path in DXL Broker in McAfee Data eXchange ...)
	NOT-FOR-US: McAfee
CVE-2020-7251 (Improper access control vulnerability in Configuration Tool in McAfee  ...)
	NOT-FOR-US: McAfee
CVE-2020-7250 (Symbolic link manipulation vulnerability in McAfee Endpoint Security ( ...)
	NOT-FOR-US: McAfee
CVE-2020-7249 (SMC D3G0804W 3.5.2.5-LAT_GA devices allow XSS via the SSID field on th ...)
	NOT-FOR-US: SMC D3G0804W devices
CVE-2020-7248 (libubox in OpenWrt before 18.06.7 and 19.x before 19.07.1 has a tagged ...)
	NOT-FOR-US: libubox in OpenWrt
CVE-2020-XXXX [opensmtpd DoS via opportunistic TLS downgrade]
	- opensmtpd 6.6.2p1-1 (bug #950121)
	[buster] - opensmtpd 6.0.3p1-5+deb10u3
	[stretch] - opensmtpd 6.0.2p1-2+deb9u2
	NOTE: https://ftp.openbsd.org/pub/OpenBSD/patches/6.6/common/018_smtpd_tls.patch.sig
CVE-2020-7247 (smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6 ...)
	{DSA-4611-1}
	- opensmtpd 6.6.2p1-1 (bug #950121)
	NOTE: https://www.openwall.com/lists/oss-security/2020/01/28/3
	NOTE: Fixed by: https://github.com/OpenSMTPD/OpenSMTPD/commit/2afab2297347342f81fa31a75bbbf7dbee614fda
	NOTE: https://ftp.openbsd.org/pub/OpenBSD/patches/6.6/common/019_smtpd_exec.patch.sig
	NOTE: The issue is exploitable after switching "to new grammar", which is included
	NOTE: in portable sync commit:
	NOTE: https://github.com/OpenSMTPD/OpenSMTPD/commit/be6ef06cba9484d008d9f057e6b25d863cf278ff (opensmtpd-6.4.0)
CVE-2020-7246 (A remote code execution (RCE) vulnerability exists in qdPM 9.1 and ear ...)
	NOT-FOR-US: qdPM
CVE-2020-7245 (Incorrect username validation in the registration process of CTFd v2.0 ...)
	NOT-FOR-US: CTFd
CVE-2020-7244 (Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated admi ...)
	NOT-FOR-US: Comtech Stampede FX-1010 devices
CVE-2020-7243 (Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated admi ...)
	NOT-FOR-US: Comtech Stampede FX-1010 devices
CVE-2020-7242 (Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated admi ...)
	NOT-FOR-US: Comtech Stampede FX-1010 devices
CVE-2020-7241 (The WP Database Backup plugin through 5.5 for WordPress stores downloa ...)
	NOT-FOR-US: WP Database Backup plugin for WordPress
CVE-2020-7240 (** DISPUTED ** Meinberg Lantime M300 and M1000 devices allow attackers ...)
	NOT-FOR-US: Meinberg Lantime M300 and M1000 devices
CVE-2020-7239 (The conversation-watson plugin before 0.8.21 for WordPress has a DOM-b ...)
	NOT-FOR-US: conversation-watson plugin for WordPress
CVE-2020-7238 (Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles ...)
	{DSA-4885-1 DLA-2364-1 DLA-2110-1 DLA-2109-1}
	- netty 1:4.1.45-1 (bug #950967)
	- netty-3.9 <removed>
	[stretch] - netty-3.9 <not-affected> (Incomplete fix for CVE-2019-16869 was not applied)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1796225
	NOTE: https://github.com/jdordonezn/CVE-2020-72381/issues/1
	NOTE: Issue exists because of incomplete fix for CVE-2019-16869.
	NOTE: https://github.com/netty/netty/issues/9861#issuecomment-582307539 (same fix as CVE-2019-20445)
CVE-2020-7237 (Cacti 1.2.8 allows Remote Code Execution (by privileged users) via she ...)
	- cacti 1.2.9+ds1-1 (bug #949997)
	[buster] - cacti 1.2.2+ds1-2+deb10u3
	[stretch] - cacti <no-dsa> (Minor issue)
	[jessie] - cacti <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/Cacti/cacti/issues/3201
	NOTE: https://github.com/Cacti/cacti/commit/5010719dbd160198be3e07bb994cf237e3af1308
CVE-2020-7236 (UHP UHP-100 3.4.1.15, 3.4.2.4, and 3.4.3 devices allow XSS via cw2?td= ...)
	NOT-FOR-US: UHP UHP-100 devices
CVE-2020-7235 (UHP UHP-100 3.4.1.15, 3.4.2.4, and 3.4.3 devices allow XSS via cB3?ta= ...)
	NOT-FOR-US: UHP UHP-100 devices
CVE-2020-7234 (Ruckus ZoneFlex R310 104.0.0.0.1347 devices allow Stored XSS via the S ...)
	NOT-FOR-US: Ruckus ZoneFlex R310 devices
CVE-2020-7233 (KMS Controls BAC-A1616BC BACnet devices have a cleartext password of s ...)
	NOT-FOR-US: KMS Controls BAC-A1616BC BACnet devices
CVE-2020-7232 (Evoko Home devices 1.31 through 1.37 allow remote attackers to obtain  ...)
	NOT-FOR-US: Evoko Home devices
CVE-2020-7231 (Evoko Home 1.31 devices provide different error messages for failed lo ...)
	NOT-FOR-US: Evoko Home devices
CVE-2020-7230
	RESERVED
CVE-2020-7229 (An issue was discovered in Simplejobscript.com SJS before 1.65. There  ...)
	NOT-FOR-US: Simplejobscript.com SJS
CVE-2020-7228 (The Calculated Fields Form plugin through 1.0.353 for WordPress suffer ...)
	NOT-FOR-US: Calculated Fields Form plugin for WordPress
CVE-2020-7227 (Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosur ...)
	NOT-FOR-US: Westermo MRD-315 devices
CVE-2020-7226 (CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and  ...)
	NOT-FOR-US: cryptacular
CVE-2020-7225
	RESERVED
CVE-2020-7224 (The Aviatrix OpenVPN client through 2.5.7 on Linux, macOS, and Windows ...)
	NOT-FOR-US: Aviatrix OpenVPN client
CVE-2020-7223
	RESERVED
CVE-2020-7222 (An issue was discovered in Amcrest Web Server 2.520.AC00.18.R 2017-06- ...)
	NOT-FOR-US: Amcrest Web Server
CVE-2020-7221 (mysql_install_db in MariaDB 10.4.7 through 10.4.11 allows privilege es ...)
	- mariadb-10.3 <not-affected> (Only affects MariaDB 10.4.7 through 10.4.11)
	- mariadb-10.1 <not-affected> (Only affects MariaDB 10.4.7 through 10.4.11)
CVE-2020-7220 (HashiCorp Vault Enterprise 0.11.0 through 1.3.1 fails, in certain circ ...)
	NOT-FOR-US: HashiCorp Vault
CVE-2020-7219 (HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services a ...)
	- consul 1.7.0+dfsg1-1 (bug #950736)
	[buster] - consul <no-dsa> (Minor issue)
	NOTE: https://github.com/hashicorp/consul/issues/7159
	NOTE: Fixed in 1.6.3.
CVE-2020-7218 (HashiCorp Nomad and Nonad Enterprise up to 0.10.2 HTTP/RPC services al ...)
	- nomad 0.10.3+dfsg1-1
	NOTE: https://github.com/hashicorp/nomad/issues/7002
CVE-2020-7217 (An ni_dhcp4_fsm_process_dhcp4_packet memory leak in openSUSE wicked 0. ...)
	NOT-FOR-US: openSUSE wicked
CVE-2020-7216 (An ni_dhcp4_parse_response memory leak in openSUSE wicked 0.6.55 and e ...)
	NOT-FOR-US: openSUSE wicked
CVE-2020-7215 (An issue was discovered in Gallagher Command Centre 7.x before 7.90.99 ...)
	NOT-FOR-US: Gallagher Command Centre
CVE-2020-7214
	RESERVED
CVE-2020-7213 (Parallels 13 uses cleartext HTTP as part of the update process, allowi ...)
	NOT-FOR-US: Parallels
CVE-2020-7212 (The _encode_invalid_chars function in util/url.py in the urllib3 libra ...)
	- python-urllib3 1.25.8-1
	[buster] - python-urllib3 <not-affected> (Vulnerable code introduced later)
	[stretch] - python-urllib3 <not-affected> (Vulnerable code introduced later)
	[jessie] - python-urllib3 <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/urllib3/urllib3/pull/1787
	NOTE: Introduced by: https://github.com/urllib3/urllib3/commit/a74c9cfbaed9f811e7563cfc3dce894928e0221a (1.25.2)
	NOTE: Fixed by: https://github.com/urllib3/urllib3/commit/a2697e7c6b275f05879b60f593c5854a816489f0 (1.25.8)
CVE-2020-7211 (tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\  ...)
	- libslirp <unfixed> (unimportant)
	NOTE: https://bugs.launchpad.net/qemu/+bug/1812451
	NOTE: https://gitlab.freedesktop.org/slirp/libslirp/commit/14ec36e107a8c9af7d0a80c3571fe39b291ff1d4
CVE-2020-7210 (Umbraco CMS 8.2.2 allows CSRF to enable/disable or delete user account ...)
	NOT-FOR-US: Umbraco CMS
CVE-2020-7209 (LinuxKI v6.0-1 and earlier is vulnerable to an remote code execution w ...)
	NOT-FOR-US: LinuxKI
CVE-2020-7208 (LinuxKI v6.0-1 and earlier is vulnerable to an XSS which is resolved i ...)
	NOT-FOR-US: LinuxKI
CVE-2020-7207 (A local elevation of privilege using physical access security vulnerab ...)
	NOT-FOR-US: HPE
CVE-2020-7206 (HP nagios plugin for iLO (nagios-plugins-hpilo v1.50 and earlier) has  ...)
	NOT-FOR-US: HP nagios plugin for iLO
CVE-2020-7205 (A potential security vulnerability has been identified in HPE Intellig ...)
	NOT-FOR-US: HPE
CVE-2020-7204
	RESERVED
CVE-2020-7203 (A potential security vulnerability has been identified in HPE iLO Ampl ...)
	NOT-FOR-US: HPE
CVE-2020-7202 (A potential security vulnerability has been identified in HPE Integrat ...)
	NOT-FOR-US: HPE
CVE-2020-7201 (A potential security vulnerability has been identified in the HPE Stor ...)
	NOT-FOR-US: HPE
CVE-2020-7200 (A potential security vulnerability has been identified in HPE Systems  ...)
	NOT-FOR-US: HPE
CVE-2020-7199 (A security vulnerability has been identified in the HPE Edgeline Infra ...)
	NOT-FOR-US: HPE
CVE-2020-7198 (There is a remote escalation of privilege possible for a malicious use ...)
	NOT-FOR-US: HPE
CVE-2020-7197 (SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreSe ...)
	NOT-FOR-US: HPE
CVE-2020-7196 (The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Co ...)
	NOT-FOR-US: HPE
CVE-2020-7195 (A iccselectrules expression language injection remote code execution v ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7194 (A perfaddormoddevicemonitor expression language injection remote code  ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7193 (A ictexpertcsvdownload expression language injection remote code execu ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7192 (A devicethresholdconfig expression language injection remote code exec ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7191 (A devsoftsel expression language injection remote code execution vulne ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7190 (A deviceselect expression language injection remote code execution vul ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7189 (A faultflasheventselectfact expression language injectionremote code e ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7188 (A userselectpagingcontent expression language injection remote code ex ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7187 (A reportpage index expression language injection remote code execution ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7186 (A powershellconfigcontent expression language injection remote code ex ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7185 (A tvxlanlegend expression language injection remote code execution vul ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7184 (A viewbatchtaskresultdetailfact expression language injection remote c ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7183 (A forwardredirect expression language injection remote code execution  ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7182 (A sshconfig expression language injection remote code execution vulner ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7181 (A smsrulesdownload expression language injection remote code execution ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7180 (A ictexpertdownload expression language injection remote code executio ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7179 (A thirdpartyperfselecttask expression language injection remote code e ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7178 (A mediaforaction expression language injection remote code execution v ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7177 (A wmiconfigcontent expression language injection remote code execution ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7176 (A viewtaskresultdetailfact expression language injection remote code e ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7175 (A iccselectdymicparam expression language injection remote code execut ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7174 (A soapconfigcontent expression language injection remote code executio ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7173 (A actionselectcontent expression language injection remote code execut ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7172 (A templateselect expression language injection remote code execution v ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7171 (A guidatadetail expression language injection remote code execution vu ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7170 (A select expression language injection remote code execution vulnerabi ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7169 (A ictexpertcsvdownload expression language injection remote code execu ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7168 (A selectusergroup expression language injection remote code execution  ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7167 (A quicktemplateselect expression language injection remote code execut ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7166 (A operatorgrouptreeselectcontent expression language injection remote  ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7165 (A iccselectcommand expression language injection remote code execution ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7164 (A operationselect expression language injection remote code execution  ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7163 (A navigationto expression language injection remote code execution vul ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7162 (A operatorgroupselectcontent expression language injection remote code ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7161 (A reporttaskselect expression language injection remote code execution ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7160 (A iccselectdeviceseries expression language injection remote code exec ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7159 (A customtemplateselect expression language injection remote code execu ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7158 (A perfselecttask expression language injection remote code execution v ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7157 (A selviewnavcontent expression language injection remote code executio ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7156 (A faultinfo_content expression language injection remote code executio ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7155 (A select expression language injection remote code execution vulnerabi ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7154 (A ifviewselectpage expression language injection remote code execution ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7153 (A iccselectdevtype expression language injection remote code execution ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7152 (A faultparasset expression language injection remote code execution vu ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7151 (A faulttrapgroupselect expression language injection remote code execu ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7150 (A faultstatchoosefaulttype expression language injection remote code e ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7149 (A ictexpertcsvdownload expression language injection remote code execu ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7148 (A deployselectsoftware expression language injection remote code execu ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7147 (A deployselectbootrom expression language injection remote code execut ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7146 (A devgroupselect expression language injection remote code execution v ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7145 (A chooseperfview expression language injection remote code execution v ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7144 (A comparefilesresult expression language injection remote code executi ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7143 (A faultdevparasset expression language injection remote code execution ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7142 (A eventinfo_content expression language injection remote code executio ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7141 (A adddevicetoview expression language injection remote code execution  ...)
	NOT-FOR-US: HPE Intelligent Management Center (iMC)
CVE-2020-7140 (A security vulnerability in HPE IceWall SSO Dfw and Dgfw (Domain Gatew ...)
	NOT-FOR-US: HPE
CVE-2020-7139 (Potential remote access security vulnerabilities have been identified  ...)
	NOT-FOR-US: HPE
CVE-2020-7138 (Potential remote code execution security vulnerabilities have been ide ...)
	NOT-FOR-US: HPE
CVE-2020-7137 (A validation issue in HPE Superdome Flex's RMC component may allow loc ...)
	NOT-FOR-US: HPE
CVE-2020-7136 (A security vulnerability in HPE Smart Update Manager (SUM) prior to ve ...)
	NOT-FOR-US: HPE Smart Update Manager (SUM)
CVE-2020-7135 (A potential security vulnerability has been identified in the disk dri ...)
	NOT-FOR-US: HPE
CVE-2020-7134 (A remote access to sensitive data vulnerability was discovered in HPE  ...)
	NOT-FOR-US: HPE
CVE-2020-7133 (A unauthorized remote access vulnerability was discovered in HPE IOT + ...)
	NOT-FOR-US: HPE
CVE-2020-7132 (A potential security vulnerability has been identified in HPE Onboard  ...)
	NOT-FOR-US: HPE
CVE-2020-7131 (This document describes a security vulnerability in Blade Maintenance  ...)
	NOT-FOR-US: HPE
CVE-2020-7130 (HPE OneView Global Dashboard (OVGD) 1.9 has a remote information discl ...)
	NOT-FOR-US: HPE
CVE-2020-7129 (A remote execution of arbitrary commands vulnerability was discovered  ...)
	NOT-FOR-US: Aruba
CVE-2020-7128 (A remote unauthenticated arbitrary code execution vulnerability was di ...)
	NOT-FOR-US: Aruba
CVE-2020-7127 (A remote unauthenticated arbitrary code execution vulnerability was di ...)
	NOT-FOR-US: Aruba
CVE-2020-7126 (A remote server-side request forgery (ssrf) vulnerability was discover ...)
	NOT-FOR-US: Aruba
CVE-2020-7125 (A remote escalation of privilege vulnerability was discovered in Aruba ...)
	NOT-FOR-US: Aruba
CVE-2020-7124 (A remote unauthorized access vulnerability was discovered in Aruba Air ...)
	NOT-FOR-US: Aruba
CVE-2020-7123 (A local escalation of privilege vulnerability was discovered in Aruba  ...)
	NOT-FOR-US: Aruba
CVE-2020-7122 (Two memory corruption vulnerabilities in the Aruba CX Switches Series  ...)
	NOT-FOR-US: Aruba
CVE-2020-7121 (Two memory corruption vulnerabilities in the Aruba CX Switches Series  ...)
	NOT-FOR-US: Aruba
CVE-2020-7120 (A local authenticated buffer overflow vulnerability was discovered in  ...)
	NOT-FOR-US: Aruba
CVE-2020-7119 (A vulnerability exists in the Aruba Analytics and Location Engine (ALE ...)
	NOT-FOR-US: Aruba
CVE-2020-7118
	RESERVED
CVE-2020-7117 (The ClearPass Policy Manager WebUI administrative interface has an aut ...)
	NOT-FOR-US: ClearPass Policy Manager WebUI
CVE-2020-7116 (The ClearPass Policy Manager WebUI administrative interface has an aut ...)
	NOT-FOR-US: ClearPass Policy Manager WebUI
CVE-2020-7115 (The ClearPass Policy Manager web interface is affected by a vulnerabil ...)
	NOT-FOR-US: ClearPass Policy Manager
CVE-2020-7114 (A vulnerability exists allowing attackers, when present in the same ne ...)
	NOT-FOR-US: ClearPass
CVE-2020-7113 (A vulnerability was found when an attacker, while communicating with t ...)
	NOT-FOR-US: ClearPass
CVE-2020-7112
	RESERVED
CVE-2020-7111 (A server side injection vulnerability exists which could allow an auth ...)
	NOT-FOR-US: ClearPass
CVE-2020-7110 (ClearPass is vulnerable to Stored Cross Site Scripting by allowing a m ...)
	NOT-FOR-US: ClearPass
CVE-2020-7109 (The Elementor Page Builder plugin before 2.8.4 for WordPress does not  ...)
	NOT-FOR-US: Elementor Page Builder plugin for WordPress
CVE-2020-7108 (The LearnDash LMS plugin before 3.1.2 for WordPress allows XSS via the ...)
	NOT-FOR-US: LearnDash LMS plugin for WordPress
CVE-2020-7107 (The Ultimate FAQ plugin before 1.8.30 for WordPress allows XSS via Dis ...)
	NOT-FOR-US: Ultimate FAQ plugin for WordPress
CVE-2020-7106 (Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.p ...)
	{DLA-2069-1}
	- cacti 1.2.9+ds1-1 (bug #949996)
	[buster] - cacti 1.2.2+ds1-2+deb10u3
	[stretch] - cacti <postponed> (can be fixed along with more important issues)
	NOTE: https://github.com/Cacti/cacti/issues/3191
	NOTE: https://github.com/Cacti/cacti/commit/4cbb045e03ee20a2bd09094a201a925fbb8a39d9
	NOTE: https://github.com/Cacti/cacti/commit/47a000b5aba4af16967e249b25f25397506e3464
	NOTE: https://github.com/Cacti/cacti/commit/b1c70e19466a6e69284e24cde437b55ccc454bee
CVE-2020-7105 (async.c and dict.c in libhiredis.a in hiredis through 0.14.0 allow a N ...)
	{DLA-2083-1}
	- hiredis 0.14.0-5 (bug #949995)
	[buster] - hiredis <no-dsa> (Minor issue)
	[stretch] - hiredis <no-dsa> (Minor issue)
	NOTE: https://github.com/redis/hiredis/pull/754
	NOTE: https://github.com/redis/hiredis/pull/756
CVE-2020-7104 (The chained-quiz plugin 1.1.8.1 for WordPress has reflected XSS via th ...)
	NOT-FOR-US: chained-quiz plugin for WordPress
CVE-2020-7103
	RESERVED
CVE-2020-7102
	RESERVED
CVE-2020-7101
	RESERVED
CVE-2020-7100
	RESERVED
CVE-2020-7099
	RESERVED
CVE-2020-7098
	RESERVED
CVE-2020-7097
	RESERVED
CVE-2020-7096
	RESERVED
CVE-2020-7095
	RESERVED
CVE-2020-7094
	RESERVED
CVE-2020-7093
	RESERVED
CVE-2020-7092
	RESERVED
CVE-2020-7091
	RESERVED
CVE-2020-7090
	RESERVED
CVE-2020-7089
	RESERVED
CVE-2020-7088
	RESERVED
CVE-2020-7087
	RESERVED
CVE-2020-7086
	RESERVED
CVE-2020-7085 (A heap overflow vulnerability in the Autodesk FBX-SDK versions 2019.2  ...)
	NOT-FOR-US: Autodesk
CVE-2020-7084 (A NULL pointer dereference vulnerability in the Autodesk FBX-SDK versi ...)
	NOT-FOR-US: Autodesk
CVE-2020-7083 (An intager overflow vulnerability in the Autodesk FBX-SDK versions 201 ...)
	NOT-FOR-US: Autodesk
CVE-2020-7082 (A use-after-free vulnerability in the Autodesk FBX-SDK versions 2019.0 ...)
	NOT-FOR-US: Autodesk
CVE-2020-7081 (A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 ...)
	NOT-FOR-US: Autodesk
CVE-2020-7080 (A buffer overflow vulnerability in the Autodesk FBX-SDK versions 2019. ...)
	NOT-FOR-US: Autodesk
CVE-2020-7079 (An improper signature validation vulnerability in Autodesk Dynamo BIM  ...)
	NOT-FOR-US: Autodesk
CVE-2020-7078
	RESERVED
CVE-2020-7077
	RESERVED
CVE-2020-7076
	RESERVED
CVE-2020-7075
	RESERVED
CVE-2020-7074
	RESERVED
CVE-2020-7073
	RESERVED
CVE-2020-7072
	RESERVED
CVE-2020-7071 (In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when ...)
	{DSA-4856-1 DLA-2708-1}
	- php8.0 8.0.1-1
	- php7.4 7.4.14-1
	- php7.3 <removed>
	- php7.0 <removed>
	NOTE: Fixed in PHP 8.0.1, 7.4.14, 7.3.26
	NOTE: PHP Bug: https://bugs.php.net/77423
CVE-2020-7070 (In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below ...)
	{DSA-4856-1 DLA-2397-1}
	- php7.4 7.4.11-1
	- php7.3 <removed>
	- php7.0 <removed>
	NOTE: Fixed in PHP 7.4.11, 7.3.23, 7.2.34
	NOTE: PHP Bug: https://bugs.php.net/79699
	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=6559fe912661ca5ce5f0eeeb591d928451428ed0
CVE-2020-7069 (In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below ...)
	{DSA-4856-1}
	- php7.4 7.4.11-1
	- php7.3 <removed>
	- php7.0 <not-affected> (Affected code not present)
	NOTE: Fixed in PHP 7.4.11, 7.3.23, 7.2.34
	NOTE: PHP Bug: https://bugs.php.net/79601
	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=0216630ea2815a5789a24279a1211ac398d4de79
CVE-2020-7068 (In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below ...)
	{DSA-4856-1 DLA-2345-1}
	- php7.4 7.4.9-1
	- php7.3 <removed>
	- php7.0 <removed>
	NOTE: Fixed in PHP 7.4.9, 7.3.21, 7.2.33
	NOTE: PHP Bug: https://bugs.php.net/79797
	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=7355ab81763a3d6a04ac11660e6a16d58838d187
CVE-2020-7067 (In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below ...)
	{DSA-4719-1 DSA-4717-1 DLA-2188-1}
	- php7.4 7.4.5-1 (unimportant)
	- php7.3 <removed> (unimportant)
	- php7.0 <removed> (unimportant)
	- php5 <removed> (unimportant)
	NOTE: Fixed in PHP 7.4.5, 7.3.17
	NOTE: PHP Bug: https://bugs.php.net/79465
	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=9d6bf8221b05f86ce5875832f0f646c4c1f218be
	NOTE: This only affects builds which enable EDBDIC
CVE-2020-7066 (In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below ...)
	{DSA-4719-1 DSA-4717-1 DLA-2188-1}
	- php7.4 7.4.5-1
	- php7.3 <removed>
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in PHP 7.4.4, 7.3.16, 7.2.29
	NOTE: PHP Bug: https://bugs.php.net/79329
	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=0d139c5b94a5f485a66901919e51faddb0371c43
CVE-2020-7065 (In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using  ...)
	{DSA-4719-1}
	- php7.4 7.4.5-1
	- php7.3 <removed>
	- php7.0 <not-affected> (Vulnerable code introduced later)
	- php5 <not-affected> (Vulnerable code introduced later)
	NOTE: Fixed in PHP 7.4.4, 7.3.16
	NOTE: PHP Bug: https://bugs.php.net/79371
	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=1fdffd1c55d771ca22ae217784ab75fce592ad38
CVE-2020-7064 (In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below  ...)
	{DSA-4719-1 DSA-4717-1 DLA-2188-1}
	- php7.4 7.4.5-1
	- php7.3 <removed>
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in PHP 7.4.4, 7.3.16, 7.2.29
	NOTE: PHP Bug: https://bugs.php.net/79282
	NOTE: https://git.php.net/?p=php-src.git;a=commit;h=25238bdf6005b85ab844aa2b743b589dfce9f0d2
CVE-2020-7063 (In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below ...)
	{DSA-4719-1 DSA-4717-1 DLA-2160-1}
	- php7.4 7.4.3-1
	- php7.3 7.3.15-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in PHP 7.4.3, 7.3.15, 7.2.28
	NOTE: PHP Bug: https://bugs.php.net/79082
CVE-2020-7062 (In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below ...)
	{DSA-4719-1 DSA-4717-1 DLA-2160-1}
	- php7.4 7.4.3-1
	- php7.3 7.3.15-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in PHP 7.4.3, 7.3.15, 7.2.28
	NOTE: PHP Bug: https://bugs.php.net/79221
CVE-2020-7061 (In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extrac ...)
	- php7.4 <not-affected> (Windows specific issue)
	- php7.3 <not-affected> (Windows specific issue)
	- php7.0 <not-affected> (Windows specific issue)
	- php5 <not-affected> (Windows specific issue)
	NOTE: Fixed in PHP 7.4.3, 7.3.15
	NOTE: PHP Bug: https://bugs.php.net/79171
CVE-2020-7060 (When using certain mbstring functions to convert multibyte encodings,  ...)
	{DSA-4628-1 DSA-4626-1 DLA-2124-1}
	- php7.4 7.4.2-7
	- php7.3 7.3.15-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in PHP 7.4.2, 7.3.14, 7.2.27
	NOTE: PHP Bug: https://bugs.php.net/79037
CVE-2020-7059 (When using fgetss() function to read data with stripping tags, in PHP  ...)
	{DSA-4628-1 DSA-4626-1 DLA-2124-1}
	- php7.4 7.4.2-7
	- php7.3 7.3.15-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in PHP 7.4.2, 7.3.14, 7.2.27
	NOTE: PHP Bug: https://bugs.php.net/79099
CVE-2020-7058 (** DISPUTED ** data_input.php in Cacti 1.2.8 allows remote code execut ...)
	- cacti <unfixed> (unimportant)
	NOTE: https://github.com/Cacti/cacti/issues/3186
	NOTE: Properly configured in there is no security impact, cf.
	NOTE: https://github.com/Cacti/cacti/issues/3186#issuecomment-574444803
CVE-2020-7057 (Hikvision DVR DS-7204HGHI-F1 V4.0.1 build 180903 Web Version sends a d ...)
	NOT-FOR-US: Hikvision
CVE-2020-7056
	RESERVED
CVE-2020-7055 (An issue was discovered in Elementor 2.7.4. Arbitrary file upload is p ...)
	NOT-FOR-US: Elementor
CVE-2020-7054 (MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c in li ...)
	NOT-FOR-US: libIEC61850
CVE-2020-7053 (In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm t ...)
	- linux 5.2.6-1
	[buster] - linux 4.19.98-1
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://lore.kernel.org/stable/20200114183937.12224-1-tyhicks@canonical.com/
CVE-2020-7052 (CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow unco ...)
	NOT-FOR-US: CODESYS
CVE-2020-7051 (Codologic Codoforum through 4.8.4 allows stored XSS in the login area. ...)
	NOT-FOR-US: Codoforum
CVE-2020-7050 (Codologic Codoforum through 4.8.4 allows a DOM-based XSS. While creati ...)
	NOT-FOR-US: Codoforum
CVE-2020-7049 (Nozomi Networks OS before 19.0.4 allows /#/network?tab=network_node_li ...)
	NOT-FOR-US: Nozomi Networks OS
CVE-2020-7048 (The WordPress plugin, WP Database Reset through 3.1, contains a flaw t ...)
	NOT-FOR-US: Wordpress plugin
CVE-2020-7047 (The WordPress plugin, WP Database Reset through 3.1, contains a flaw t ...)
	NOT-FOR-US: Wordpress plugin
CVE-2020-7046 (lib-smtp in submission-login and lmtp in Dovecot 2.3.9 before 2.3.9.3  ...)
	- dovecot <not-affected> (Only affects 2.3.9)
	NOTE: https://www.openwall.com/lists/oss-security/2020/02/12/1
CVE-2020-7045 (In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. Thi ...)
	{DLA-2547-1}
	- wireshark 3.2.0-1
	[buster] - wireshark 2.6.20-0+deb10u1
	[jessie] - wireshark <not-affected> (Doesn't support request-respone tracking in affected code passage, yet)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16258
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=01f261de41f4dd3233ef578e5c0ffb9c25c7d14d
	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-02.html
CVE-2020-7044 (In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. This ...)
	- wireshark 3.2.1-1
	[buster] - wireshark <not-affected> (Vulnerable code not present)
	[stretch] - wireshark <not-affected> (Vulnerable code not present)
	[jessie] - wireshark <not-affected> (Vulnerable code not present)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16324
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f90a3720b73ca140403315126e2a478c4f70ca03
	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-01.html
CVE-2020-7043 (An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL  ...)
	- openfortivpn 1.12.0-1 (unimportant)
	NOTE: https://github.com/adrienverge/openfortivpn/issues/536
	NOTE: https://github.com/adrienverge/openfortivpn/commit/6328a070ddaab16faaf008cb9a8a62439c30f2a8
	NOTE: No version of openfortivpn was shipped with OpenSSL < 1.0.2, marking as unimportant
CVE-2020-7042 (An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL  ...)
	- openfortivpn 1.12.0-1
	[buster] - openfortivpn <no-dsa> (Minor issue)
	NOTE: https://github.com/adrienverge/openfortivpn/issues/536
	NOTE: https://github.com/adrienverge/openfortivpn/commit/9eee997d599a89492281fc7ffdd79d88cd61afc3
CVE-2020-7041 (An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL  ...)
	- openfortivpn 1.12.0-1
	[buster] - openfortivpn <no-dsa> (Minor issue)
	NOTE: https://github.com/adrienverge/openfortivpn/issues/536
	NOTE: https://github.com/adrienverge/openfortivpn/commit/60660e00b80bad0fadcf39aee86f6f8756c94f91
CVE-2020-7040 (storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBack ...)
	{DLA-2095-1}
	- storebackup 3.2.1-2 (bug #949393)
	[buster] - storebackup 3.2.1-2~deb10u1
	[stretch] - storebackup 3.2.1-2~deb9u1
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1156767
	NOTE: https://www.openwall.com/lists/oss-security/2020/01/20/3
	NOTE: SuSE provided patch: https://www.openwall.com/lists/oss-security/2020/01/20/3/1
CVE-2020-7039 (tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, misman ...)
	{DSA-4616-1 DLA-2551-1 DLA-2090-1 DLA-2076-1}
	- libslirp 4.1.0-2 (bug #949084)
	- qemu 1:4.1-2
	- qemu-kvm <removed>
	- slirp 1:1.0.17-10 (bug #949085)
	[buster] - slirp 1:1.0.17-8+deb10u1
	NOTE: https://www.openwall.com/lists/oss-security/2020/01/16/2
	NOTE: https://gitlab.freedesktop.org/slirp/libslirp/commit/2655fffed7a9e765bcb4701dd876e9dab975f289
	NOTE: https://gitlab.freedesktop.org/slirp/libslirp/commit/ce131029d6d4a405cb7d3ac6716d03e58fb4a5d9
	NOTE: https://gitlab.freedesktop.org/slirp/libslirp/commit/82ebe9c370a0e2970fb5695aa19aa5214a6a1c80
	NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed.
	NOTE: https://github.com/rootless-containers/slirp4netns/security/advisories/GHSA-vjwg-42w7-w64h
CVE-2020-7038 (A vulnerability was discovered in Management component of Avaya Equino ...)
	NOT-FOR-US: Avaya Equinox Conferencing
CVE-2020-7037 (An XML External Entities (XXE) vulnerability in Media Server component ...)
	NOT-FOR-US: Avaya Equinox Conferencing
CVE-2020-7036 (An XML External Entities (XXE)vulnerability in Callback Assist could a ...)
	NOT-FOR-US: Callback Assist
CVE-2020-7035 (An XML External Entities (XXE)vulnerability in the web-based user inte ...)
	NOT-FOR-US: Avaya Aura Orchestration Designer
CVE-2020-7034 (A command injection vulnerability in Avaya Session Border Controller f ...)
	NOT-FOR-US: Avaya Session Border Controller for Enterprise
CVE-2020-7033 (A Cross Site Scripting (XSS) Vulnerability on the Unified Portal Clien ...)
	NOT-FOR-US: Avaya
CVE-2020-7032 (An XML external entity (XXE) vulnerability in Avaya WebLM admin interf ...)
	NOT-FOR-US: Avaya
CVE-2020-7031
	REJECTED
CVE-2020-7030 (A sensitive information disclosure vulnerability was discovered in the ...)
	NOT-FOR-US: IP Office
CVE-2020-7029 (A Cross-Site Request Forgery (CSRF) vulnerability was discovered in th ...)
	NOT-FOR-US: Avaya
CVE-2020-7028
	RESERVED
CVE-2020-7027
	RESERVED
CVE-2020-7026
	RESERVED
CVE-2020-7025
	RESERVED
CVE-2020-7024
	RESERVED
CVE-2020-7023
	RESERVED
CVE-2020-7022
	RESERVED
CVE-2020-7021 (Elasticsearch versions before 7.10.0 and 6.8.14 have an information di ...)
	- elasticsearch <removed>
CVE-2020-7020 (Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disc ...)
	- elasticsearch <removed>
CVE-2020-7019 (In Elasticsearch before 7.9.0 and 6.8.12 a field disclosure flaw was f ...)
	- elasticsearch <removed>
CVE-2020-7018 (Elastic Enterprise Search before 7.9.0 contain a credential exposure f ...)
	- elasticsearch <removed>
CVE-2020-7017 (In Kibana versions before 6.8.11 and 7.8.1 the region map visualizatio ...)
	- kibana <itp> (bug #700337)
CVE-2020-7016 (Kibana versions before 6.8.11 and 7.8.1 contain a denial of service (D ...)
	- kibana <itp> (bug #700337)
CVE-2020-7015 (Kibana versions before 6.8.9 and 7.7.0 contains a stored XSS flaw in t ...)
	- kibana <itp> (bug #700337)
CVE-2020-7014 (The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch ve ...)
	- elasticsearch <removed>
CVE-2020-7013 (Kibana versions before 6.8.9 and 7.7.0 contain a prototype pollution f ...)
	- kibana <itp> (bug #700337)
CVE-2020-7012 (Kibana versions 6.7.0 to 6.8.8 and 7.0.0 to 7.6.2 contain a prototype  ...)
	- kibana <itp> (bug #700337)
CVE-2020-7011 (Elastic App Search versions before 7.7.0 contain a cross site scriptin ...)
	- elasticsearch <removed>
CVE-2020-7010 (Elastic Cloud on Kubernetes (ECK) versions prior to 1.1.0 generate pas ...)
	NOT-FOR-US: Elastic Cloud
CVE-2020-7009 (Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2  ...)
	- elasticsearch <removed>
CVE-2020-7008 (VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may al ...)
	NOT-FOR-US: VISAM VBASE Editor
CVE-2020-7007 (In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the attacker  ...)
	NOT-FOR-US: Moxa
CVE-2020-7006 (Systech Corporation NDS-5000 Terminal Server, NDS/5008 (8 Port, RJ45), ...)
	NOT-FOR-US: Systech Corporation
CVE-2020-7005 (In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected produ ...)
	NOT-FOR-US: Honeywell
CVE-2020-7004 (VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may al ...)
	NOT-FOR-US: VISAM VBASE Editor
CVE-2020-7003 (In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpre ...)
	NOT-FOR-US: Moxa
CVE-2020-7002 (Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior.  ...)
	NOT-FOR-US: McAfee
CVE-2020-7001 (In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected  ...)
	NOT-FOR-US: Moxa
CVE-2020-7000 (VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may al ...)
	NOT-FOR-US: VISAM VBASE Editor
CVE-2020-6999 (In Moxa EDS-G516E Series firmware, Version 5.2 or lower, some of the p ...)
	NOT-FOR-US: Moxa
CVE-2020-6998
	RESERVED
CVE-2020-6997 (In Moxa EDS-G516E Series firmware, Version 5.2 or lower, sensitive inf ...)
	NOT-FOR-US: Moxa
CVE-2020-6996 (Triangle MicroWorks DNP3 Outstation LibrariesDNP3 Outstation .NET Prot ...)
	NOT-FOR-US: Triangle MicroWorks
CVE-2020-6995 (In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 ser ...)
	NOT-FOR-US: Moxa
CVE-2020-6994 (A buffer overflow vulnerability was found in some devices of Hirschman ...)
	NOT-FOR-US: Hirschmann Automation and Control HiOS and HiSecOS
CVE-2020-6993 (In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 ser ...)
	NOT-FOR-US: Moxa
CVE-2020-6992 (A local privilege escalation vulnerability has been identified in the  ...)
	NOT-FOR-US: GE Digital
CVE-2020-6991 (In Moxa EDS-G516E Series firmware, Version 5.2 or lower, weak password ...)
	NOT-FOR-US: Moxa
CVE-2020-6990 (Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and p ...)
	NOT-FOR-US: Rockwell
CVE-2020-6989 (In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 ser ...)
	NOT-FOR-US: Moxa
CVE-2020-6988 (Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and p ...)
	NOT-FOR-US: Rockwell
CVE-2020-6987 (In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 ser ...)
	NOT-FOR-US: Moxa
CVE-2020-6986 (In all versions of Omron PLC CJ Series, an attacker can send a series  ...)
	NOT-FOR-US: Omron
CVE-2020-6985 (In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 ser ...)
	NOT-FOR-US: Moxa
CVE-2020-6984 (Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and p ...)
	NOT-FOR-US: Rockwell
CVE-2020-6983 (In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 ser ...)
	NOT-FOR-US: Moxa
CVE-2020-6982 (In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injecti ...)
	NOT-FOR-US: Honeywell
CVE-2020-6981 (In Moxa EDS-G516E Series firmware, Version 5.2 or lower, an attacker m ...)
	NOT-FOR-US: Moxa
CVE-2020-6980 (Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and p ...)
	NOT-FOR-US: Rockwell
CVE-2020-6979 (In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected  ...)
	NOT-FOR-US: Moxa
CVE-2020-6978 (In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected produ ...)
	NOT-FOR-US: Honeywell
CVE-2020-6977 (A restricted desktop environment escape vulnerability exists in the Ki ...)
	NOT-FOR-US: GE
CVE-2020-6976 (Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior.  ...)
	NOT-FOR-US: Delta Industrial Automation CNCSoft ScreenEditor
CVE-2020-6975 (Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (820 ...)
	NOT-FOR-US: Digi International ConnectPort LTS 32 MEI
CVE-2020-6974 (Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a pa ...)
	NOT-FOR-US: Honeywell
CVE-2020-6973 (Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (820 ...)
	NOT-FOR-US: Digi International ConnectPort LTS 32 MEI
CVE-2020-6972 (In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell F ...)
	NOT-FOR-US: Honeywell
CVE-2020-6971 (In Emerson ValveLink v12.0.264 to v13.4.118, a vulnerability in the Va ...)
	NOT-FOR-US: Emerson
CVE-2020-6970 (A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA ...)
	NOT-FOR-US: Emerson OpenEnterprise SCADA Server
CVE-2020-6969 (It is possible to unmask credentials and other sensitive information o ...)
	NOT-FOR-US: AutomationDirect
CVE-2020-6968 (Honeywell INNCOM INNControl 3 allows workstation users to escalate app ...)
	NOT-FOR-US: Honeywell
CVE-2020-6967 (In Rockwell Automation all versions of FactoryTalk Diagnostics softwar ...)
	NOT-FOR-US: Rockwell
CVE-2020-6966 (In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetr ...)
	NOT-FOR-US: ApexPro Telemetry Server
CVE-2020-6965 (In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetr ...)
	NOT-FOR-US: ApexPro Telemetry Server
CVE-2020-6964 (In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetr ...)
	NOT-FOR-US: ApexPro Telemetry Server
CVE-2020-6963 (In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetr ...)
	NOT-FOR-US: ApexPro Telemetry Server
CVE-2020-6962 (In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemet ...)
	NOT-FOR-US: ApexPro Telemetry Server
CVE-2020-6961 (In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemet ...)
	NOT-FOR-US: ApexPro Telemetry Server
CVE-2020-6960 (The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prio ...)
	NOT-FOR-US: Honeywell
CVE-2020-6959 (The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prio ...)
	NOT-FOR-US: Honeywell
CVE-2020-6958 (An XXE vulnerability in JnlpSupport in Yet Another Java Service Wrappe ...)
	NOT-FOR-US: Yet Another Java Service Wrapper (YAJSW)
CVE-2020-6957
	RESERVED
CVE-2020-6956 (PCS DEXICON 3.4.1 allows XSS via the loginName parameter in login_acti ...)
	NOT-FOR-US: PCS DEXICON
CVE-2020-6955 (An issue was discovered on Cayin SMP-PRO4 devices. They allow image_pr ...)
	NOT-FOR-US: Cayin SMP-PRO4 devices
CVE-2020-6954 (An issue was discovered on Cayin SMP-PRO4 devices. A user can discover ...)
	NOT-FOR-US: Cayin SMP-PRO4 devices
CVE-2020-6953
	RESERVED
CVE-2020-6952
	RESERVED
CVE-2020-6951
	RESERVED
CVE-2020-6950 (Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers  ...)
	- mojarra <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741
CVE-2020-6949 (A privilege escalation issue was discovered in the postUser function i ...)
	NOT-FOR-US: HashBrown CMS
CVE-2020-6948 (A remote code execution issue was discovered in HashBrown CMS through  ...)
	NOT-FOR-US: HashBrown CMS
CVE-2020-6947
	RESERVED
CVE-2020-6946
	RESERVED
CVE-2020-6945
	RESERVED
CVE-2020-6944
	RESERVED
CVE-2020-6943
	RESERVED
CVE-2020-6942
	RESERVED
CVE-2020-6941
	RESERVED
CVE-2020-6940
	RESERVED
CVE-2020-6939 (Tableau Server installations configured with Site-Specific SAML that a ...)
	NOT-FOR-US: Tableau Server
CVE-2020-6938 (A sensitive information disclosure vulnerability in Tableau Server 10. ...)
	NOT-FOR-US: Tableau Server
CVE-2020-6937 (A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, ...)
	NOT-FOR-US: MuleSoft
CVE-2020-6936
	RESERVED
CVE-2020-6935
	RESERVED
CVE-2020-6934
	RESERVED
CVE-2020-6933 (An improper input validation vulnerability in the UEM Core of BlackBer ...)
	NOT-FOR-US: BlackBerry
CVE-2020-6932 (An information disclosure and remote code execution vulnerability in t ...)
	NOT-FOR-US: BlackBerry QNX Software Development Platform
CVE-2020-6931 (HP Print and Scan Doctor may potentially be vulnerable to local elevat ...)
	NOT-FOR-US: HP
CVE-2020-6930
	RESERVED
CVE-2020-6929
	RESERVED
CVE-2020-6928
	RESERVED
CVE-2020-6927
	RESERVED
CVE-2020-6926
	RESERVED
CVE-2020-6925
	RESERVED
CVE-2020-6924
	RESERVED
CVE-2020-6923
	RESERVED
CVE-2020-6922 (Potential security vulnerabilities including compromise of integrity,  ...)
	NOT-FOR-US: HP
CVE-2020-6921 (Potential security vulnerabilities including compromise of integrity,  ...)
	NOT-FOR-US: HP
CVE-2020-6920 (Potential security vulnerabilities including compromise of integrity,  ...)
	NOT-FOR-US: HP
CVE-2020-6919 (Potential security vulnerabilities including compromise of integrity,  ...)
	NOT-FOR-US: HP
CVE-2020-6918 (Potential security vulnerabilities including compromise of integrity,  ...)
	NOT-FOR-US: HP
CVE-2020-6917 (Potential security vulnerabilities including compromise of integrity,  ...)
	NOT-FOR-US: HP
CVE-2020-6916
	RESERVED
CVE-2020-6915
	RESERVED
CVE-2020-6914
	RESERVED
CVE-2020-6913
	RESERVED
CVE-2020-6912
	RESERVED
CVE-2020-6911
	REJECTED
CVE-2020-6910
	REJECTED
CVE-2020-6909
	REJECTED
CVE-2020-6908
	REJECTED
CVE-2020-6907
	REJECTED
CVE-2020-6906
	REJECTED
CVE-2020-6905
	REJECTED
CVE-2020-6904
	REJECTED
CVE-2020-6903
	REJECTED
CVE-2020-6902
	REJECTED
CVE-2020-6901
	REJECTED
CVE-2020-6900
	REJECTED
CVE-2020-6899
	REJECTED
CVE-2020-6898
	REJECTED
CVE-2020-6897
	REJECTED
CVE-2020-6896
	REJECTED
CVE-2020-6895
	REJECTED
CVE-2020-6894
	REJECTED
CVE-2020-6893
	REJECTED
CVE-2020-6892
	REJECTED
CVE-2020-6891
	REJECTED
CVE-2020-6890
	REJECTED
CVE-2020-6889
	REJECTED
CVE-2020-6888
	REJECTED
CVE-2020-6887
	REJECTED
CVE-2020-6886
	REJECTED
CVE-2020-6885
	REJECTED
CVE-2020-6884
	REJECTED
CVE-2020-6883
	REJECTED
CVE-2020-6882 (ZTE E8810/E8820/E8822 series routers have an information leak vulnerab ...)
	NOT-FOR-US: ZTE
CVE-2020-6881 (ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, w ...)
	NOT-FOR-US: ZTE
CVE-2020-6880 (A ZXELINK wireless controller has a SQL injection vulnerability. A rem ...)
	NOT-FOR-US: ZXELINK
CVE-2020-6879 (Some ZTE devices have input verification vulnerabilities. The devices  ...)
	NOT-FOR-US: ZTE
CVE-2020-6878
	REJECTED
CVE-2020-6877 (A ZTE product is impacted by an information leak vulnerability. An att ...)
	NOT-FOR-US: ZTE
CVE-2020-6876 (A ZTE product is impacted by an XSS vulnerability. The vulnerability i ...)
	NOT-FOR-US: ZTE
CVE-2020-6875 (A ZTE product is impacted by the improper access control vulnerability ...)
	NOT-FOR-US: ZTE
CVE-2020-6874 (A ZTE product is impacted by the cryptographic issues vulnerability. T ...)
	NOT-FOR-US: ZTE
CVE-2020-6873 (A ZTE product has a DoS vulnerability. Because the equipment couldn&#8 ...)
	NOT-FOR-US: ZTE
CVE-2020-6872 (The server management software module of ZTE has a storage XSS vulnera ...)
	NOT-FOR-US: ZTE
CVE-2020-6871 (The server management software module of ZTE has an authentication iss ...)
	NOT-FOR-US: ZTE
CVE-2020-6870 (The version V12.17.20T115 of ZTE U31R20 product is impacted by a desig ...)
	NOT-FOR-US: ZTE
CVE-2020-6869 (All versions up to 10.06 of ZTEMarket APK are impacted by an informati ...)
	NOT-FOR-US: ZTE
CVE-2020-6868 (There is an input validation vulnerability in a PON terminal product o ...)
	NOT-FOR-US: ZTE
CVE-2020-6867 (ZTE's SDON controller is impacted by the resource management error vul ...)
	NOT-FOR-US: ZTE
CVE-2020-6866 (A ZTE product is impacted by a resource management error vulnerability ...)
	NOT-FOR-US: ZTE
CVE-2020-6865 (ZTE SDN controller platform is impacted by an information leakage vuln ...)
	NOT-FOR-US: ZTE
CVE-2020-6864 (ZTE E8820V3 router product is impacted by an information leak vulnerab ...)
	NOT-FOR-US: ZTE
CVE-2020-6863 (ZTE E8820V3 router product is impacted by a permission and access cont ...)
	NOT-FOR-US: ZTE
CVE-2020-6862 (V6.0.10P2T2 and V6.0.10P2T5 of F6x2W product are impacted by Informati ...)
	NOT-FOR-US: ZTE F6x2W
CVE-2020-6861 (A flawed protocol design in the Ledger Monero app before 1.5.1 for Led ...)
	NOT-FOR-US: Ledger Monero app
CVE-2020-6860 (libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hd ...)
	- libmysofa 1.0~dfsg0-1 (bug #949325)
	[buster] - libmysofa <no-dsa> (Minor issue)
	NOTE: https://github.com/hoene/libmysofa/issues/96
	NOTE: https://github.com/hoene/libmysofa/commit/c31120a4ddfe3fc705cfdd74da7e884e1866da85
CVE-2020-6859 (Multiple Insecure Direct Object Reference vulnerabilities in includes/ ...)
	NOT-FOR-US: Ultimate Member plugin for WordPress
CVE-2020-6858 (Hotels Styx through 1.0.0.beta8 allows HTTP response splitting due to  ...)
	NOT-FOR-US: Hotels Styx
CVE-2020-6857 (CarbonFTP v1.4 uses insecure proprietary password encryption with a ha ...)
	NOT-FOR-US: CarbonFTP
CVE-2020-6856 (An XML External Entity (XEE) vulnerability exists in the JOC Cockpit c ...)
	NOT-FOR-US: JOC Cockpit component of SOS JobScheduler
CVE-2020-6855 (A large or infinite loop vulnerability in the JOC Cockpit component of ...)
	NOT-FOR-US: JOC Cockpit component of SOS JobScheduler
CVE-2020-6854 (A cross-site scripting (XSS) vulnerability in the JOC Cockpit componen ...)
	NOT-FOR-US: JOC Cockpit, different from src:cockpit
CVE-2020-6853
	RESERVED
CVE-2020-6852 (CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP with firmware 3. ...)
	NOT-FOR-US: CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP
CVE-2020-6851 (OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl ...)
	{DSA-4882-1 DLA-2277-1 DLA-2081-1}
	- openjpeg2 2.4.0-1 (bug #950000)
	NOTE: https://github.com/uclouvain/openjpeg/issues/1228
	NOTE: https://github.com/uclouvain/openjpeg/commit/024b8407392cb0b82b04b58ed256094ed5799e04 (v2.4.0)
CVE-2020-6850 (Utilities.php in the miniorange-saml-20-single-sign-on plugin before 4 ...)
	NOT-FOR-US: miniorange-saml-20-single-sign-on plugin for WordPress
CVE-2020-6849 (The marketo-forms-and-tracking plugin through 1.0.2 for WordPress allo ...)
	NOT-FOR-US: marketo-forms-and-tracking plugin for WordPress
CVE-2020-6848 (Axper Vision II 4 devices allow XSS via the DEVICE_NAME (aka Device Na ...)
	NOT-FOR-US: Axper Vision II 4 devices
CVE-2020-6847 (OpenTrade through 0.2.0 has a DOM-based XSS vulnerability that is exec ...)
	NOT-FOR-US: OpenTrade
CVE-2020-6846
	RESERVED
CVE-2020-6845 (An issue was discovered in TopManage OLK 2020. As there is no ReadOnly ...)
	NOT-FOR-US: TopManage
CVE-2020-6844 (In TopManage OLK 2020, login CSRF can be chained with another vulnerab ...)
	NOT-FOR-US: TopManage
CVE-2020-6843 (Zoho ManageEngine ServiceDesk Plus 11.0 Build 11007 allows XSS. This i ...)
	NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
CVE-2020-6842 (D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated ...)
	NOT-FOR-US: D-Link
CVE-2020-6841 (D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to  ...)
	NOT-FOR-US: D-Link
CVE-2020-6840 (In mruby 2.1.0, there is a use-after-free in hash_slice in mrbgems/mru ...)
	- mruby <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/mruby/mruby/issues/4927
	NOTE: Introduced by: https://github.com/mruby/mruby/commit/694089fafe4eae36c379a3d918d540eb0c4b8661
	NOTE: Fixed by: https://github.com/mruby/mruby/commit/fc8fb41451b07b3fda0726ba80e88e509ad02452
CVE-2020-6839 (In mruby 2.1.0, there is a stack-based buffer overflow in mrb_str_len_ ...)
	- mruby <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/mruby/mruby/issues/4929
	NOTE: Introduced by: https://github.com/mruby/mruby/commit/2532e625edc2457447369e36e2ecf7882d872ef9
	NOTE: Fixed by: https://github.com/mruby/mruby/commit/2124b9b4c95e66e63b1eb26a8dab49753b82fd6c
CVE-2020-6838 (In mruby 2.1.0, there is a use-after-free in hash_values_at in mrbgems ...)
	- mruby <not-affected> (Vulnerable code not present)
	NOTE: Introduced by: https://github.com/mruby/mruby/commit/694089fafe4eae36c379a3d918d540eb0c4b8661
	NOTE: https://github.com/mruby/mruby/issues/4926
	NOTE: https://github.com/mruby/mruby/commit/fc8fb41451b07b3fda0726ba80e88e509ad02452
	NOTE: https://github.com/mruby/mruby/commit/70e574689664c10ed2c47581999cc2ce3e3c5afb
	NOTE: https://github.com/mruby/mruby/commit/2742ded32fe18f88833d76b297f5c2170b6880c3
CVE-2020-6837
	RESERVED
CVE-2020-6836 (grammar-parser.jison in the hot-formula-parser package before 3.0.1 fo ...)
	NOT-FOR-US: hot-formula-parser Node package
CVE-2020-6835 (An issue was discovered in Bftpd before 5.4. There is a heap-based off ...)
	- bftpd <itp> (bug #640469)
CVE-2020-6834
	RESERVED
CVE-2020-6833 (An issue was discovered in GitLab EE 11.3 and later. A GitLab Workhors ...)
	- gitlab <not-affected> (Only affects Gitlab EE 11.3 and later)
	NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
CVE-2020-6832 (An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0 throug ...)
	- gitlab <not-affected> (Only affects GitLab EE 8.9.0 and later)
	NOTE: https://about.gitlab.com/releases/2020/01/13/critical-security-release-gitlab-12-dot-6-dot-4-released/
CVE-2020-6831 (A buffer overflow could occur when parsing and validating SCTP chunks  ...)
	{DSA-4714-1 DSA-4683-1 DSA-4678-1 DLA-2206-1 DLA-2205-1}
	- firefox 76.0-1
	- firefox-esr 68.8.0esr-1
	- thunderbird 1:68.8.0-1
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/#CVE-2020-6831
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-17/#CVE-2020-6831
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-18/#CVE-2020-6831
CVE-2020-6830 (For native-to-JS bridging, the app requires a unique token to be passe ...)
	- firefox <not-affected> (Firefox on iOS)
CVE-2020-6829 (When performing EC scalar point multiplication, the wNAF point multipl ...)
	{DLA-2388-1}
	- firefox 80.0-1
	- nss 2:3.55-1
	[buster] - nss <no-dsa> (Minor issue)
	NOTE: https://hg.mozilla.org/projects/nss/rev/e55ab3145546ae3cf1333b43956a974675d2d25c
	NOTE: https://hg.mozilla.org/projects/nss/rev/3f022d5eca5d3cd0e366a825a5681953d76299d0
	NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.55_release_notes
	NOTE: Issue relates to CVE-2020-12400 and resolved in the same commits.
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-36/#CVE-2020-6829
CVE-2020-6828 (A malicious Android application could craft an Intent that would have  ...)
	- firefox-esr <not-affected> (Android-specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/#CVE-2020-6828
CVE-2020-6827 (When following a link that opened an intent://-schemed URL, causing a  ...)
	- firefox-esr <not-affected> (Android-specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/#CVE-2020-6827
CVE-2020-6826 (Mozilla developers Tyson Smith, Bob Clary, and Alexandru Michis report ...)
	- firefox 75.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6826
CVE-2020-6825 (Mozilla developers and community members Tyson Smith and Christian Hol ...)
	{DSA-4656-1 DSA-4655-1 DLA-2172-1 DLA-2170-1}
	- firefox 75.0-1
	- firefox-esr 68.7.0esr-1
	- thunderbird 1:68.7.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-14/#CVE-2020-6825
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/#CVE-2020-6825
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6825
CVE-2020-6824 (Initially, a user opens a Private Browsing Window and generates a pass ...)
	- firefox 75.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6824
CVE-2020-6823 (A malicious extension could have called &lt;code&gt;browser.identity.l ...)
	- firefox 75.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6823
CVE-2020-6822 (On 32-bit builds, an out of bounds write could have occurred when proc ...)
	{DSA-4656-1 DSA-4655-1 DLA-2172-1 DLA-2170-1}
	- firefox 75.0-1
	- firefox-esr 68.7.0esr-1
	- thunderbird 1:68.7.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-14/#CVE-2020-6822
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/#CVE-2020-6822
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6822
CVE-2020-6821 (When reading from areas partially or fully outside the source resource ...)
	{DSA-4656-1 DSA-4655-1 DLA-2172-1 DLA-2170-1}
	- firefox 75.0-1
	- firefox-esr 68.7.0esr-1
	- thunderbird 1:68.7.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-14/#CVE-2020-6821
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/#CVE-2020-6821
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6821
CVE-2020-6820 (Under certain conditions, when handling a ReadableStream, a race condi ...)
	{DSA-4656-1 DSA-4653-1 DLA-2172-1 DLA-2170-1}
	- firefox 74.0.1-1
	- firefox-esr 68.6.1esr-1
	- thunderbird 1:68.7.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/#CVE-2020-6820
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-14/#CVE-2020-6820
CVE-2020-6819 (Under certain conditions, when running the nsDocShell destructor, a ra ...)
	{DSA-4656-1 DSA-4653-1 DLA-2172-1 DLA-2170-1}
	- firefox 74.0.1-1
	- firefox-esr 68.6.1esr-1
	- thunderbird 1:68.7.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/#CVE-2020-6819
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-14/#CVE-2020-6819
CVE-2020-6818
	RESERVED
CVE-2020-6817 [Regular expression denial of service]
	RESERVED
	{DLA-2167-1}
	- python-bleach 3.1.4-1 (bug #955388)
	[buster] - python-bleach <no-dsa> (Minor issue; some regression potential)
	[stretch] - python-bleach <no-dsa> (Minor issue; some regression potential)
	NOTE: https://github.com/mozilla/bleach/security/advisories/GHSA-vqhp-cxgc-6wmm
	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1623633
	NOTE: https://github.com/mozilla/bleach/commit/d6018f2539d271963c3e7f54f36ef11900363c69
	NOTE: https://github.com/mozilla/bleach/commit/6e74a5027b57055cdaeb040343d32934121392a7
	NOTE: Regression report: https://github.com/mozilla/bleach/pull/530
CVE-2020-6815 (Mozilla developers reported memory safety and script safety bugs prese ...)
	- firefox 74.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2020-6815
CVE-2020-6814 (Mozilla developers reported memory safety bugs present in Firefox and  ...)
	{DSA-4642-1 DSA-4639-1 DLA-2150-1 DLA-2140-1}
	- firefox 74.0-1
	- firefox-esr 68.6.0esr-1
	- thunderbird 1:68.6.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-10/#CVE-2020-6814
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-09/#CVE-2020-6814
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2020-6814
CVE-2020-6813 (When protecting CSS blocks with the nonce feature of Content Security  ...)
	- firefox 74.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2020-6813
CVE-2020-6812 (The first time AirPods are connected to an iPhone, they become named a ...)
	{DSA-4642-1 DSA-4639-1 DLA-2150-1 DLA-2140-1}
	- firefox 74.0-1
	- firefox-esr 68.6.0esr-1
	- thunderbird 1:68.6.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-10/#CVE-2020-6812
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-09/#CVE-2020-6812
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2020-6812
CVE-2020-6811 (The 'Copy as cURL' feature of Devtools' network tab did not properly e ...)
	{DSA-4642-1 DSA-4639-1 DLA-2150-1 DLA-2140-1}
	- firefox 74.0-1
	- firefox-esr 68.6.0esr-1
	- thunderbird 1:68.6.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-10/#CVE-2020-6811
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-09/#CVE-2020-6811
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2020-6811
CVE-2020-6810 (After a website had entered fullscreen mode, it could have used a prev ...)
	- firefox 74.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2020-6810
CVE-2020-6809 (When a Web Extension had the all-urls permission and made a fetch requ ...)
	- firefox 74.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2020-6809
CVE-2020-6808 (When a JavaScript URL (javascript:) is evaluated and the result is a s ...)
	- firefox 74.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2020-6808
CVE-2020-6807 (When a device was changed while a stream was about to be destroyed, th ...)
	{DSA-4642-1 DSA-4639-1 DLA-2150-1 DLA-2140-1}
	- firefox 74.0-1
	- firefox-esr 68.6.0esr-1
	- thunderbird 1:68.6.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-10/#CVE-2020-6807
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-09/#CVE-2020-6807
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2020-6807
CVE-2020-6806 (By carefully crafting promise resolutions, it was possible to cause an ...)
	{DSA-4642-1 DSA-4639-1 DLA-2150-1 DLA-2140-1}
	- firefox 74.0-1
	- firefox-esr 68.6.0esr-1
	- thunderbird 1:68.6.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-10/#CVE-2020-6806
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-09/#CVE-2020-6806
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2020-6806
CVE-2020-6805 (When removing data about an origin whose tab was recently closed, a us ...)
	{DSA-4642-1 DSA-4639-1 DLA-2150-1 DLA-2140-1}
	- firefox 74.0-1
	- firefox-esr 68.6.0esr-1
	- thunderbird 1:68.6.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-10/#CVE-2020-6805
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-09/#CVE-2020-6805
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2020-6805
CVE-2020-6804 (A reflected XSS vulnerability exists within the gateway, allowing an a ...)
	NOT-FOR-US: Mozilla IOT
CVE-2020-6803 (An open redirect is present on the gateway's login page, which could c ...)
	NOT-FOR-US: Mozilla IOT
CVE-2020-6801 (Mozilla developers reported memory safety bugs present in Firefox 72.  ...)
	- firefox 73.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6801
CVE-2020-6800 (Mozilla developers and community members reported memory safety bugs p ...)
	{DSA-4625-1 DSA-4620-1 DLA-2104-1 DLA-2102-1}
	- firefox 73.0-1
	- firefox-esr 68.5.0esr-1
	- thunderbird 1:68.5.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6800
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6800
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6800
CVE-2020-6799 (Command line arguments could have been injected during Firefox invocat ...)
	- firefox <not-affected> (Only affects Windows)
	- firefox-esr <not-affected> (Only affects Windows)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6799
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6799
CVE-2020-6798 (If a template tag was used in a select tag, the parser could be confus ...)
	{DSA-4625-1 DSA-4620-1 DLA-2104-1 DLA-2102-1}
	- firefox 73.0-1
	- firefox-esr 68.5.0esr-1
	- thunderbird 1:68.5.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6798
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6798
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6798
CVE-2020-6797 (By downloading a file with the .fileloc extension, a semi-privileged e ...)
	- firefox <not-affected> (Only affects Mac OSX)
	- firefox-esr <not-affected> (Only affects Mac OSX)
	- thunderbird <not-affected> (Only affects Mac OSX)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6797
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6797
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6797
CVE-2020-6796 (A content process could have modified shared memory relating to crash  ...)
	{DSA-4620-1 DLA-2102-1}
	- firefox 73.0-1
	- firefox-esr 68.5.0esr-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-05/#CVE-2020-6796
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-06/#CVE-2020-6796
CVE-2020-6795 (When processing a message that contains multiple S/MIME signatures, a  ...)
	{DSA-4625-1 DLA-2104-1}
	- thunderbird 1:68.5.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6795
CVE-2020-6794 (If a user saved passwords before Thunderbird 60 and then later set a m ...)
	{DSA-4625-1 DLA-2104-1}
	- thunderbird 1:68.5.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6794
CVE-2020-6793 (When processing an email message with an ill-formed envelope, Thunderb ...)
	{DSA-4625-1 DLA-2104-1}
	- thunderbird 1:68.5.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6793
CVE-2020-6792 (When deriving an identifier for an email message, uninitialized memory ...)
	{DSA-4625-1 DLA-2104-1}
	- thunderbird 1:68.5.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-07/#CVE-2020-6792
CVE-2020-6791
	RESERVED
CVE-2020-6790 (Calling an executable through an Uncontrolled Search Path Element in t ...)
	NOT-FOR-US: Bosch
CVE-2020-6789 (Loading a DLL through an Uncontrolled Search Path Element in the Bosch ...)
	NOT-FOR-US: Bosch
CVE-2020-6788 (Loading a DLL through an Uncontrolled Search Path Element in the Bosch ...)
	NOT-FOR-US: Bosch
CVE-2020-6787 (Loading a DLL through an Uncontrolled Search Path Element in the Bosch ...)
	NOT-FOR-US: Bosch
CVE-2020-6786 (Loading a DLL through an Uncontrolled Search Path Element in the Bosch ...)
	NOT-FOR-US: Bosch
CVE-2020-6785 (Loading a DLL through an Uncontrolled Search Path Element in Bosch BVM ...)
	NOT-FOR-US: Bosch
CVE-2020-6784
	RESERVED
CVE-2020-6783
	RESERVED
CVE-2020-6782
	RESERVED
CVE-2020-6781 (Improper certificate validation for certain connections in the Bosch S ...)
	NOT-FOR-US: Bosch Smart Home System App for iOS
CVE-2020-6780 (Use of Password Hash With Insufficient Computational Effort in the dat ...)
	NOT-FOR-US: Bosch
CVE-2020-6779 (Use of Hard-coded Credentials in the database of Bosch FSM-2500 server ...)
	NOT-FOR-US: Bosch
CVE-2020-6778
	RESERVED
CVE-2020-6777 (A vulnerability in the web-based management interface of Bosch PRAESID ...)
	NOT-FOR-US: Bosch
CVE-2020-6776 (A vulnerability in the web-based management interface of Bosch PRAESID ...)
	NOT-FOR-US: Bosch
CVE-2020-6775
	RESERVED
CVE-2020-6774 (Improper Access Control in the Kiosk Mode functionality of Bosch Recor ...)
	NOT-FOR-US: Bosch
CVE-2020-6773
	RESERVED
CVE-2020-6772
	RESERVED
CVE-2020-6771 (Loading a DLL through an Uncontrolled Search Path Element in Bosch IP  ...)
	NOT-FOR-US: Bosch
CVE-2020-6770 (Deserialization of Untrusted Data in the BVMS Mobile Video Service (BV ...)
	NOT-FOR-US: BVMS Mobile Video Service (BVMS MVS)
CVE-2020-6769 (Missing Authentication for Critical Function in the Bosch Video Stream ...)
	NOT-FOR-US: Bosch
CVE-2020-6768 (A path traversal vulnerability in the Bosch Video Management System (B ...)
	NOT-FOR-US: Bosch
CVE-2020-6767 (A path traversal vulnerability in the Bosch Video Management System (B ...)
	NOT-FOR-US: Bosch
CVE-2020-6766
	RESERVED
CVE-2020-6765 (D-Link DSL-GS225 J1 AU_1.0.4 devices allow an admin to execute OS comm ...)
	NOT-FOR-US: D-Link
CVE-2020-6764
	REJECTED
CVE-2020-6763
	RESERVED
CVE-2020-6762
	RESERVED
CVE-2020-6761
	RESERVED
CVE-2020-6760 (Schmid ZI 620 V400 VPN 090 routers allow an attacker to execute OS com ...)
	NOT-FOR-US: Schmid ZI 620 V400 VPN 090 routers
CVE-2020-6759
	RESERVED
CVE-2020-6758 (A cross-site scripting (XSS) vulnerability in Option/optionsAll.php in ...)
	NOT-FOR-US: Rasilient PixelStor
CVE-2020-6757 (contentHostProperties.php in Rasilient PixelStor 5000 K:4.0.1580-20150 ...)
	NOT-FOR-US: Rasilient PixelStor
CVE-2020-6756 (languageOptions.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 (K ...)
	NOT-FOR-US: Rasilient PixelStor
CVE-2020-6755
	RESERVED
CVE-2020-6754 (dotCMS before 5.2.4 is vulnerable to directory traversal, leading to i ...)
	NOT-FOR-US: dotCMS
CVE-2020-6753 (The Login by Auth0 plugin before 4.0.0 for WordPress allows stored XSS ...)
	NOT-FOR-US: Login by Auth0 plugin for WordPress
CVE-2020-6752 (In OMERO before 5.6.1, group owners can access members' data in other  ...)
	NOT-FOR-US: OMERO
CVE-2020-6751
	RESERVED
CVE-2020-6750 (GSocketClient in GNOME GLib through 2.62.4 may occasionally connect di ...)
	- glib2.0 2.62.5-1 (bug #948554)
	[buster] - glib2.0 <not-affected> (Vulnerable code introduced later, regreession from 2.60.0)
	[stretch] - glib2.0 <not-affected> (Vulnerable code introduced later, regreession from 2.60.0)
	[jessie] - glib2.0 <not-affected> (Vulnerable code introduced later, regreession from 2.60.0)
	NOTE: https://gitlab.gnome.org/GNOME/glib/issues/1989
CVE-2020-6749
	REJECTED
CVE-2020-6748
	REJECTED
CVE-2020-6747
	REJECTED
CVE-2020-6746
	REJECTED
CVE-2020-6745
	REJECTED
CVE-2020-6744
	REJECTED
CVE-2020-6743
	REJECTED
CVE-2020-6742
	REJECTED
CVE-2020-6741
	REJECTED
CVE-2020-6740
	REJECTED
CVE-2020-6739
	REJECTED
CVE-2020-6738
	REJECTED
CVE-2020-6737
	REJECTED
CVE-2020-6736
	REJECTED
CVE-2020-6735
	REJECTED
CVE-2020-6734
	REJECTED
CVE-2020-6733
	REJECTED
CVE-2020-6732
	REJECTED
CVE-2020-6731
	REJECTED
CVE-2020-6730
	REJECTED
CVE-2020-6729
	REJECTED
CVE-2020-6728
	REJECTED
CVE-2020-6727
	REJECTED
CVE-2020-6726
	REJECTED
CVE-2020-6725
	REJECTED
CVE-2020-6724
	REJECTED
CVE-2020-6723
	REJECTED
CVE-2020-6722
	REJECTED
CVE-2020-6721
	REJECTED
CVE-2020-6720
	REJECTED
CVE-2020-6719
	REJECTED
CVE-2020-6718
	REJECTED
CVE-2020-6717
	REJECTED
CVE-2020-6716
	REJECTED
CVE-2020-6715
	REJECTED
CVE-2020-6714
	REJECTED
CVE-2020-6713
	REJECTED
CVE-2020-6712
	REJECTED
CVE-2020-6711
	REJECTED
CVE-2020-6710
	REJECTED
CVE-2020-6709
	REJECTED
CVE-2020-6708
	REJECTED
CVE-2020-6707
	REJECTED
CVE-2020-6706
	REJECTED
CVE-2020-6705
	REJECTED
CVE-2020-6704
	REJECTED
CVE-2020-6703
	REJECTED
CVE-2020-6702
	REJECTED
CVE-2020-6701
	REJECTED
CVE-2020-6700
	REJECTED
CVE-2020-6699
	REJECTED
CVE-2020-6698
	REJECTED
CVE-2020-6697
	REJECTED
CVE-2020-6696
	REJECTED
CVE-2020-6695
	REJECTED
CVE-2020-6694
	REJECTED
CVE-2020-6693
	REJECTED
CVE-2020-6692
	REJECTED
CVE-2020-6691
	REJECTED
CVE-2020-6690
	REJECTED
CVE-2020-6689
	REJECTED
CVE-2020-6688
	REJECTED
CVE-2020-6687
	REJECTED
CVE-2020-6686
	REJECTED
CVE-2020-6685
	REJECTED
CVE-2020-6684
	REJECTED
CVE-2020-6683
	REJECTED
CVE-2020-6682
	REJECTED
CVE-2020-6681
	REJECTED
CVE-2020-6680
	REJECTED
CVE-2020-6679
	REJECTED
CVE-2020-6678
	REJECTED
CVE-2020-6677
	REJECTED
CVE-2020-6676
	REJECTED
CVE-2020-6675
	REJECTED
CVE-2020-6674
	REJECTED
CVE-2020-6673
	REJECTED
CVE-2020-6672
	REJECTED
CVE-2020-6671
	REJECTED
CVE-2020-6670
	REJECTED
CVE-2020-6669
	REJECTED
CVE-2020-6668
	REJECTED
CVE-2020-6667
	REJECTED
CVE-2020-6666
	REJECTED
CVE-2020-6665
	REJECTED
CVE-2020-6664
	REJECTED
CVE-2020-6663
	REJECTED
CVE-2020-6662
	REJECTED
CVE-2020-6661
	REJECTED
CVE-2020-6660
	REJECTED
CVE-2020-6659
	RESERVED
CVE-2020-6658
	RESERVED
CVE-2020-6657
	RESERVED
CVE-2020-6656 (Eaton's easySoft software v7.xx prior to v7.22 are susceptible to file ...)
	NOT-FOR-US: Eaton
CVE-2020-6655 (The Eaton's easySoft software v7.xx prior to v7.22 are susceptible to  ...)
	NOT-FOR-US: Eaton
CVE-2020-6654 (A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configu ...)
	NOT-FOR-US: Eaton
CVE-2020-6653 (Eaton's Secure connect mobile app v1.7.3 &amp; prior stores the user l ...)
	NOT-FOR-US: Eaton
CVE-2020-6652 (Incorrect Privilege Assignment vulnerability in Eaton's Intelligent Po ...)
	NOT-FOR-US: Eaton
CVE-2020-6651 (Improper Input Validation in Eaton's Intelligent Power Manager (IPM) v ...)
	NOT-FOR-US: Eaton
CVE-2020-6650 (UPS companion software v1.05 &amp; Prior is affected by &#8216;Eval In ...)
	NOT-FOR-US: UPS companion software
CVE-2020-6649 (An insufficient session expiration vulnerability in FortiNet's FortiIs ...)
	NOT-FOR-US: Fortinet
CVE-2020-6648 (A cleartext storage of sensitive information vulnerability in FortiOS  ...)
	NOT-FOR-US: Fortiguard FortiOS
CVE-2020-6647 (An improper neutralization of input vulnerability in the dashboard of  ...)
	NOT-FOR-US: Fortiguard
CVE-2020-6646 (An improper neutralization of input vulnerability in FortiWeb allows a ...)
	NOT-FOR-US: Fortiguard
CVE-2020-6645
	RESERVED
CVE-2020-6644 (An insufficient session expiration vulnerability in FortiDeceptor 3.0. ...)
	NOT-FOR-US: Fortiguard
CVE-2020-6643 (An improper neutralization of input vulnerability in the URL Descripti ...)
	NOT-FOR-US: Fortinet
CVE-2020-6642
	RESERVED
CVE-2020-6641 (Two authorization bypass through user-controlled key vulnerabilities i ...)
	NOT-FOR-US: FortiGuard
CVE-2020-6640 (An improper neutralization of input vulnerability in the Admin Profile ...)
	NOT-FOR-US: Fortiguard
CVE-2020-6639
	RESERVED
CVE-2020-6638 (Grin through 2.1.1 has Insufficient Validation. ...)
	NOT-FOR-US: Grin
CVE-2020-6637 (openSIS Community Edition version 7.3 is vulnerable to SQL injection v ...)
	NOT-FOR-US: openSIS
CVE-2020-6636
	RESERVED
CVE-2020-6635
	RESERVED
CVE-2020-6634
	RESERVED
CVE-2020-6633
	RESERVED
CVE-2020-6632 (In PrestaShop 1.7.6.2, XSS can occur during addition or removal of a Q ...)
	NOT-FOR-US: PrestaShop
CVE-2020-6631 (An issue was discovered in GPAC version 0.8.0. There is a NULL pointer ...)
	- gpac 1.0.1+dfsg1-2 (bug #972053)
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	[jessie] - gpac <postponed> (Minor issue, clean crash, MP42TS not shipped, incomplete patch)
	- ccextractor 0.93+ds2-1 (bug #994746)
	[bullseye] - ccextractor <no-dsa> (Minor issue)
	[buster] - ccextractor <no-dsa> (Minor issue)
	NOTE: https://github.com/gpac/gpac/issues/1378
	NOTE: https://github.com/gpac/gpac/commit/c7e46e948ebe2d4a532539c7e714cdf655b84521
	NOTE: fix considered "ugly" by upstream and introduces abort(3)-based DoS
CVE-2020-6630 (An issue was discovered in GPAC version 0.8.0. There is a NULL pointer ...)
	- gpac 1.0.1+dfsg1-2 (bug #972053)
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	[jessie] - gpac <postponed> (Minor issue, clean crash, MP42TS not shipped, incomplete patch)
	- ccextractor 0.93+ds2-1 (bug #994746)
	[bullseye] - ccextractor <no-dsa> (Minor issue)
	[buster] - ccextractor <no-dsa> (Minor issue)
	NOTE: https://github.com/gpac/gpac/issues/1377
	NOTE: https://github.com/gpac/gpac/commit/c7e46e948ebe2d4a532539c7e714cdf655b84521
	NOTE: fix considered "ugly" by upstream and introduces abort(3)-based DoS
CVE-2020-6629 (Ming (aka libming) 0.4.8 has z NULL pointer dereference in the functio ...)
	- ming <removed>
	NOTE: https://github.com/libming/libming/issues/190
CVE-2020-6628 (Ming (aka libming) 0.4.8 has a heap-based buffer over-read in the func ...)
	- ming <removed>
	NOTE: https://github.com/libming/libming/issues/191
CVE-2020-6627
	RESERVED
CVE-2020-6626
	RESERVED
CVE-2020-6625 (jhead through 3.04 has a heap-based buffer over-read in Get32s when ca ...)
	- jhead <unfixed> (unimportant)
	NOTE: https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1858746
	NOTE: Crash in CLI tool, no security impact
CVE-2020-6624 (jhead through 3.04 has a heap-based buffer over-read in process_DQT in ...)
	- jhead <unfixed> (unimportant)
	NOTE: https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1858744
	NOTE: Crash in CLI tool, no security impact
CVE-2020-6623 (stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff ...)
	- libstb <unfixed> (unimportant; bug #949560)
	NOTE: https://github.com/nothings/stb/issues/865
	NOTE: stb_truetype.h explicitly marked as unsuitable for untrusted files
CVE-2020-6622 (stb stb_truetype.h through 1.22 has a heap-based buffer over-read in s ...)
	- libstb <unfixed> (unimportant; bug #949559)
	NOTE: https://github.com/nothings/stb/issues/869
	NOTE: stb_truetype.h explicitly marked as unsuitable for untrusted files
CVE-2020-6621 (stb stb_truetype.h through 1.22 has a heap-based buffer over-read in t ...)
	- libstb <unfixed> (unimportant; bug #949558)
	NOTE: https://github.com/nothings/stb/issues/867
	NOTE: stb_truetype.h explicitly marked as unsuitable for untrusted files
CVE-2020-6620 (stb stb_truetype.h through 1.22 has a heap-based buffer over-read in s ...)
	- libstb <unfixed> (unimportant; bug #949557)
	NOTE: https://github.com/nothings/stb/issues/868
	NOTE: stb_truetype.h explicitly marked as unsuitable for untrusted files
CVE-2020-6619 (stb stb_truetype.h through 1.22 has an assertion failure in stbtt__buf ...)
	- libstb <unfixed> (unimportant; bug #949556)
	NOTE: https://github.com/nothings/stb/issues/863
	NOTE: stb_truetype.h explicitly marked as unsuitable for untrusted files
CVE-2020-6618 (stb stb_truetype.h through 1.22 has a heap-based buffer over-read in s ...)
	- libstb <unfixed> (unimportant; bug #949555)
	NOTE: https://github.com/nothings/stb/issues/866
	NOTE: stb_truetype.h explicitly marked as unsuitable for untrusted files
CVE-2020-6617 (stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff ...)
	- libstb <unfixed> (unimportant; bug #949554)
	NOTE: https://github.com/nothings/stb/issues/867
	NOTE: stb_truetype.h explicitly marked as unsuitable for untrusted files
CVE-2020-6616 (Some Broadcom chips mishandle Bluetooth random-number generation becau ...)
	NOT-FOR-US: Broadcom
CVE-2020-6615 (GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dyna ...)
	- libredwg <itp> (bug #595191)
CVE-2020-6614 (GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read  ...)
	- libredwg <itp> (bug #595191)
CVE-2020-6613 (GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_searc ...)
	- libredwg <itp> (bug #595191)
CVE-2020-6612 (GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_comp ...)
	- libredwg <itp> (bug #595191)
CVE-2020-6611 (GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_own ...)
	- libredwg <itp> (bug #595191)
CVE-2020-6610 (GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation i ...)
	- libredwg <itp> (bug #595191)
CVE-2020-6609 (GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_page ...)
	- libredwg <itp> (bug #595191)
CVE-2020-6608
	RESERVED
CVE-2020-6607
	RESERVED
CVE-2020-6606
	RESERVED
CVE-2020-6605
	RESERVED
CVE-2020-6604
	RESERVED
CVE-2020-6603
	RESERVED
CVE-2020-6602
	RESERVED
CVE-2020-6601
	RESERVED
CVE-2020-6600
	RESERVED
CVE-2020-6599
	RESERVED
CVE-2020-6598
	RESERVED
CVE-2020-6597
	RESERVED
CVE-2020-6596
	RESERVED
CVE-2020-6595
	RESERVED
CVE-2020-6594
	RESERVED
CVE-2020-6593
	RESERVED
CVE-2020-6592
	RESERVED
CVE-2020-6591
	RESERVED
CVE-2020-6590 (Forcepoint Web Security Content Gateway versions prior to 8.5.4 improp ...)
	NOT-FOR-US: Forcepoint Web Security Content Gateway
CVE-2020-6589
	RESERVED
CVE-2020-6588
	RESERVED
CVE-2020-6587
	RESERVED
CVE-2020-6586 (Nagios Log Server 2.1.3 allows XSS by visiting /profile and entering a ...)
	NOT-FOR-US: Nagios Log Server
CVE-2020-6585 (Nagios Log Server 2.1.3 has CSRF. ...)
	NOT-FOR-US: Nagios Log Server
CVE-2020-6584 (Nagios Log Server 2.1.3 has Incorrect Access Control. ...)
	NOT-FOR-US: Nagios Log Server
CVE-2020-6583 (BigProf Online Invoicing System (OIS) through 2.6 has XSS that can be  ...)
	NOT-FOR-US: BigProf Online Invoicing System (OIS)
CVE-2020-6582 (Nagios NRPE 3.2.1 has a Heap-Based Buffer Overflow, as demonstrated by ...)
	- nagios-nrpe 4.0.0-1
	[buster] - nagios-nrpe <no-dsa> (Minor issue)
	[stretch] - nagios-nrpe <no-dsa> (Minor issue)
	[jessie] - nagios-nrpe <no-dsa> (Minor issue)
	NOTE: https://herolab.usd.de/security-advisories/usd-2020-0001/
	NOTE: https://github.com/NagiosEnterprises/nrpe/commit/b84f9b8c9d290dd02e139df8dad1c3eb690c1213
	NOTE: https://github.com/NagiosEnterprises/nrpe/commit/8e3bea4e1b1937e395a182729762aa8894e8649e
	NOTE: https://github.com/NagiosEnterprises/nrpe/commit/0db345444d0dcb3e37cca1bcbb0027dcbb764197 (part validating incoming buffer size)
CVE-2020-6581 (Nagios NRPE 3.2.1 has Insufficient Filtering because, for example, nas ...)
	- nagios-nrpe 4.0.0-1
	[buster] - nagios-nrpe <no-dsa> (Minor issue)
	[stretch] - nagios-nrpe <no-dsa> (Minor issue)
	[jessie] - nagios-nrpe <not-affected> (Vulnerable code introduced later)
	NOTE: https://herolab.usd.de/security-advisories/usd-2020-0002/
	NOTE: https://github.com/NagiosEnterprises/nrpe/commit/0db345444d0dcb3e37cca1bcbb0027dcbb764197 (part for proper processing of nasty_metachars)
CVE-2020-6580
	RESERVED
CVE-2020-6579 (Cross-site scripting (XSS) vulnerability in mailhive/cloudbeez/cloudlo ...)
	NOT-FOR-US: MailBeez plugin for ZenCart
CVE-2020-6578 (Zen Cart 1.5.6d allows reflected XSS via the main_page parameter to in ...)
	NOT-FOR-US: Zen Cart
CVE-2020-6577 (The IT-Recht Kanzlei plugin in Zen Cart 1.5.6c (German edition) allows ...)
	NOT-FOR-US: IT-Recht Kanzlei plugin in Zen Cart
CVE-2020-6576 (Use after free in offscreen canvas in Google Chrome prior to 85.0.4183 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6575 (Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote  ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6574 (Insufficient policy enforcement in installer in Google Chrome on OS X  ...)
	- chromium <not-affected> (debian package disables the installer)
CVE-2020-6573 (Use after free in video in Google Chrome on Android prior to 85.0.4183 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6572 (Use after free in Media in Google Chrome prior to 81.0.4044.92 allowed ...)
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6571 (Insufficient data validation in Omnibox in Google Chrome prior to 85.0 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6570 (Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 a ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6569 (Integer overflow in WebUSB in Google Chrome prior to 85.0.4183.83 allo ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6568 (Insufficient policy enforcement in intent handling in Google Chrome on ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6567 (Insufficient validation of untrusted input in command line handling in ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6566 (Insufficient policy enforcement in media in Google Chrome prior to 85. ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6565 (Inappropriate implementation in Omnibox in Google Chrome on iOS prior  ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6564 (Inappropriate implementation in permissions in Google Chrome prior to  ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6563 (Insufficient policy enforcement in intent handling in Google Chrome on ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6562 (Insufficient policy enforcement in Blink in Google Chrome prior to 85. ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6561 (Inappropriate implementation in Content Security Policy in Google Chro ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6560 (Insufficient policy enforcement in autofill in Google Chrome prior to  ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6559 (Use after free in presentation API in Google Chrome prior to 85.0.4183 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6558 (Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prio ...)
	- chromium <not-affected> (ios specific)
CVE-2020-6557 (Inappropriate implementation in networking in Google Chrome prior to 8 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6556 (Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.414 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6555 (Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 al ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6554 (Use after free in extensions in Google Chrome prior to 84.0.4147.125 a ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6553 (Use after free in offline mode in Google Chrome on iOS prior to 84.0.4 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6552 (Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowe ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6551 (Use after free in WebXR in Google Chrome prior to 84.0.4147.125 allowe ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6550 (Use after free in IndexedDB in Google Chrome prior to 84.0.4147.125 al ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6549 (Use after free in media in Google Chrome prior to 84.0.4147.125 allowe ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6548 (Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.125 a ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6547 (Incorrect security UI in media in Google Chrome prior to 84.0.4147.125 ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6546 (Inappropriate implementation in installer in Google Chrome prior to 84 ...)
	- chromium <not-affected> (debian package disables the installer)
CVE-2020-6545 (Use after free in audio in Google Chrome prior to 84.0.4147.125 allowe ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6544 (Use after free in media in Google Chrome prior to 84.0.4147.125 allowe ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6543 (Use after free in task scheduling in Google Chrome prior to 84.0.4147. ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6542 (Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowe ...)
	{DSA-4824-1}
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6541 (Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allow ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.105-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6540 (Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105 allowe ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.105-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6539 (Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed  ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.105-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6538 (Inappropriate implementation in WebView in Google Chrome on Android pr ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.105-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6537 (Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.105-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6536 (Incorrect security UI in PWAs in Google Chrome prior to 84.0.4147.89 a ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6535 (Insufficient data validation in WebUI in Google Chrome prior to 84.0.4 ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6534 (Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89  ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6533 (Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a  ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6532 (Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.105-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6531 (Side-channel information leakage in scroll to text in Google Chrome pr ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6530 (Out of bounds memory access in developer tools in Google Chrome prior  ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6529 (Inappropriate implementation in WebRTC in Google Chrome prior to 84.0. ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6528 (Incorrect security UI in basic auth in Google Chrome on iOS prior to 8 ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6527 (Insufficient policy enforcement in CSP in Google Chrome prior to 84.0. ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6526 (Inappropriate implementation in iframe sandbox in Google Chrome prior  ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6525 (Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 al ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6524 (Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.8 ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6523 (Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 all ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6522 (Inappropriate implementation in external protocol handlers in Google C ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6521 (Side-channel information leakage in autofill in Google Chrome prior to ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6520 (Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6519 (Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a  ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6518 (Use after free in developer tools in Google Chrome prior to 84.0.4147. ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6517 (Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6516 (Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6515 (Use after free in tab strip in Google Chrome prior to 84.0.4147.89 all ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6514 (Inappropriate implementation in WebRTC in Google Chrome prior to 84.0. ...)
	{DSA-4824-1 DSA-4740-1 DSA-4736-1 DLA-2310-1 DLA-2297-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
	- firefox 79.0-1
	- firefox-esr 68.11.0esr-1
	- thunderbird 1:68.11.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-6514
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-32/#CVE-2020-6514
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-33/#CVE-2020-6514
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-35/#CVE-2020-6514
CVE-2020-6513 (Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89  ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6512 (Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a  ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6511 (Information leak in content security policy in Google Chrome prior to  ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6510 (Heap buffer overflow in background fetch in Google Chrome prior to 84. ...)
	{DSA-4824-1}
	[experimental] - chromium 84.0.4147.89-1
	- chromium 87.0.4280.88-0.1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6509 (Use after free in extensions in Google Chrome prior to 83.0.4103.116 a ...)
	{DSA-4714-1}
	- chromium 83.0.4103.116-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6508
	RESERVED
CVE-2020-6507 (Out of bounds write in V8 in Google Chrome prior to 83.0.4103.106 allo ...)
	{DSA-4714-1}
	- chromium 83.0.4103.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6506 (Insufficient policy enforcement in WebView in Google Chrome on Android ...)
	{DSA-4714-1}
	- chromium 83.0.4103.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6505 (Use after free in speech in Google Chrome prior to 83.0.4103.106 allow ...)
	{DSA-4714-1}
	- chromium 83.0.4103.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6504 (Insufficient policy enforcement in notifications in Google Chrome prio ...)
	{DSA-4500-1}
	- chromium 74.0.3729.108-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6503 (Inappropriate implementation in accessibility in Google Chrome prior t ...)
	{DSA-4500-1}
	- chromium 74.0.3729.108-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6502 (Incorrect implementation in permissions in Google Chrome prior to 80.0 ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6501 (Insufficient policy enforcement in CSP in Google Chrome prior to 80.0. ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6500 (Inappropriate implementation in interstitials in Google Chrome prior t ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6499 (Inappropriate implementation in AppCache in Google Chrome prior to 80. ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6498 (Incorrect implementation in user interface in Google Chrome on iOS pri ...)
	{DSA-4714-1}
	- chromium 83.0.4103.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6497 (Insufficient policy enforcement in Omnibox in Google Chrome on iOS pri ...)
	{DSA-4714-1}
	- chromium 83.0.4103.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6496 (Use after free in payments in Google Chrome on MacOS prior to 83.0.410 ...)
	{DSA-4714-1}
	- chromium 83.0.4103.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6495 (Insufficient policy enforcement in developer tools in Google Chrome pr ...)
	{DSA-4714-1}
	- chromium 83.0.4103.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6494 (Incorrect security UI in payments in Google Chrome on Android prior to ...)
	{DSA-4714-1}
	- chromium 83.0.4103.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6493 (Use after free in WebAuthentication in Google Chrome prior to 83.0.410 ...)
	{DSA-4714-1}
	- chromium 83.0.4103.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6492 (Use after free in ANGLE in Google Chrome prior to 83.0.4103.97 allowed ...)
	{DSA-4714-1}
	- chromium 83.0.4103.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6491 (Insufficient data validation in site information in Google Chrome prio ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6490 (Insufficient data validation in loader in Google Chrome prior to 83.0. ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6489 (Inappropriate implementation in developer tools in Google Chrome prior ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6488 (Insufficient policy enforcement in downloads in Google Chrome prior to ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6487 (Insufficient policy enforcement in downloads in Google Chrome prior to ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6486 (Insufficient policy enforcement in navigations in Google Chrome prior  ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6485 (Insufficient data validation in media router in Google Chrome prior to ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6484 (Insufficient data validation in ChromeDriver in Google Chrome prior to ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6483 (Insufficient policy enforcement in payments in Google Chrome prior to  ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6482 (Insufficient policy enforcement in developer tools in Google Chrome pr ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6481 (Insufficient policy enforcement in URL formatting in Google Chrome pri ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6480 (Insufficient policy enforcement in enterprise in Google Chrome prior t ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6479 (Inappropriate implementation in sharing in Google Chrome prior to 83.0 ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6478 (Inappropriate implementation in full screen in Google Chrome prior to  ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6477 (Inappropriate implementation in installer in Google Chrome on OS X pri ...)
	- chromium <not-affected> (Only affects installer)
CVE-2020-6476 (Insufficient policy enforcement in tab strip in Google Chrome prior to ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6475 (Incorrect implementation in full screen in Google Chrome prior to 83.0 ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6474 (Use after free in Blink in Google Chrome prior to 83.0.4103.61 allowed ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6473 (Insufficient policy enforcement in Blink in Google Chrome prior to 83. ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6472 (Insufficient policy enforcement in developer tools in Google Chrome pr ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6471 (Insufficient policy enforcement in developer tools in Google Chrome pr ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6470 (Insufficient validation of untrusted input in clipboard in Google Chro ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6469 (Insufficient policy enforcement in developer tools in Google Chrome pr ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6468 (Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a  ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6467 (Use after free in WebRTC in Google Chrome prior to 83.0.4103.61 allowe ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6466 (Use after free in media in Google Chrome prior to 83.0.4103.61 allowed ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6465 (Use after free in reader mode in Google Chrome on Android prior to 83. ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6464 (Type confusion in Blink in Google Chrome prior to 81.0.4044.138 allowe ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6463 (Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowe ...)
	{DSA-4740-1 DSA-4736-1 DSA-4714-1 DLA-2310-1 DLA-2297-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
	- firefox 79.0-1
	- firefox-esr 68.11.0esr-1
	- thunderbird 1:68.11.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-6463
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-32/#CVE-2020-6463
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-33/#CVE-2020-6463
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-35/#CVE-2020-6463
CVE-2020-6462 (Use after free in task scheduling in Google Chrome prior to 81.0.4044. ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6461 (Use after free in storage in Google Chrome prior to 81.0.4044.129 allo ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6460 (Insufficient data validation in URL formatting in Google Chrome prior  ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6459 (Use after free in payments in Google Chrome prior to 81.0.4044.122 all ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6458 (Out of bounds read and write in PDFium in Google Chrome prior to 81.0. ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6457 (Use after free in speech recognizer in Google Chrome prior to 81.0.404 ...)
	{DSA-4714-1}
	- chromium 83.0.4103.83-1 (bug #958450)
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6456 (Insufficient validation of untrusted input in clipboard in Google Chro ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6455 (Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 al ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6454 (Use after free in extensions in Google Chrome prior to 81.0.4044.92 al ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6453 (Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987 ...)
	{DSA-4654-1}
	- chromium 80.0.3987.162-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6452 (Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162  ...)
	{DSA-4654-1}
	- chromium 80.0.3987.162-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6451 (Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 all ...)
	{DSA-4654-1}
	- chromium 80.0.3987.162-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6450 (Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 all ...)
	{DSA-4654-1}
	- chromium 80.0.3987.162-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6449 (Use after free in audio in Google Chrome prior to 80.0.3987.149 allowe ...)
	{DSA-4645-1}
	- chromium 80.0.3987.149-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6448 (Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a  ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6447 (Inappropriate implementation in developer tools in Google Chrome prior ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6446 (Insufficient policy enforcement in trusted types in Google Chrome prio ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6445 (Insufficient policy enforcement in trusted types in Google Chrome prio ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6444 (Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 all ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6443 (Insufficient data validation in developer tools in Google Chrome prior ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6442 (Inappropriate implementation in cache in Google Chrome prior to 81.0.4 ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6441 (Insufficient policy enforcement in omnibox in Google Chrome prior to 8 ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6440 (Inappropriate implementation in extensions in Google Chrome prior to 8 ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6439 (Insufficient policy enforcement in navigations in Google Chrome prior  ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6438 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6437 (Inappropriate implementation in WebView in Google Chrome prior to 81.0 ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6436 (Use after free in window management in Google Chrome prior to 81.0.404 ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6435 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6434 (Use after free in devtools in Google Chrome prior to 81.0.4044.92 allo ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6433 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6432 (Insufficient policy enforcement in navigations in Google Chrome prior  ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6431 (Insufficient policy enforcement in full screen in Google Chrome prior  ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6430 (Type Confusion in V8 in Google Chrome prior to 81.0.4044.92 allowed a  ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6429 (Use after free in audio in Google Chrome prior to 80.0.3987.149 allowe ...)
	{DSA-4645-1}
	- chromium 80.0.3987.149-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6428 (Use after free in audio in Google Chrome prior to 80.0.3987.149 allowe ...)
	{DSA-4645-1}
	- chromium 80.0.3987.149-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6427 (Use after free in audio in Google Chrome prior to 80.0.3987.149 allowe ...)
	{DSA-4645-1}
	- chromium 80.0.3987.149-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6426 (Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987 ...)
	{DSA-4645-1}
	- chromium 80.0.3987.149-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6425 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
	{DSA-4645-1}
	- chromium 80.0.3987.149-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6424 (Use after free in media in Google Chrome prior to 80.0.3987.149 allowe ...)
	{DSA-4645-1}
	- chromium 80.0.3987.149-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6423 (Use after free in audio in Google Chrome prior to 81.0.4044.92 allowed ...)
	{DSA-4714-1}
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6422 (Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowe ...)
	{DSA-4645-1}
	- chromium 80.0.3987.149-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6421
	RESERVED
CVE-2020-6420 (Insufficient policy enforcement in media in Google Chrome prior to 80. ...)
	{DSA-4638-1}
	- chromium 80.0.3987.132-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6419 (Out of bounds write in V8 in Google Chrome prior to 81.0.4044.92 allow ...)
	- chromium 81.0.4044.92-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6418 (Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a ...)
	{DSA-4638-1}
	- chromium 80.0.3987.122-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6417 (Inappropriate implementation in installer in Google Chrome prior to 80 ...)
	- chromium <not-affected> (debian package does not support the chromium installer)
CVE-2020-6416 (Insufficient data validation in streams in Google Chrome prior to 80.0 ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6415 (Inappropriate implementation in JavaScript in Google Chrome prior to 8 ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6414 (Insufficient policy enforcement in Safe Browsing in Google Chrome prio ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6413 (Inappropriate implementation in Blink in Google Chrome prior to 80.0.3 ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6412 (Insufficient validation of untrusted input in Omnibox in Google Chrome ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6411 (Insufficient validation of untrusted input in Omnibox in Google Chrome ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6410 (Insufficient policy enforcement in navigation in Google Chrome prior t ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6409 (Inappropriate implementation in Omnibox in Google Chrome prior to 80.0 ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6408 (Insufficient policy enforcement in CORS in Google Chrome prior to 80.0 ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6407 (Out of bounds memory access in streams in Google Chrome prior to 80.0. ...)
	{DSA-4638-1}
	- chromium 80.0.3987.122-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6406 (Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6405 (Out of bounds read in SQLite in Google Chrome prior to 80.0.3987.87 al ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6404 (Inappropriate implementation in Blink in Google Chrome prior to 80.0.3 ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6403 (Incorrect implementation in Omnibox in Google Chrome on iOS prior to 8 ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6402 (Insufficient policy enforcement in downloads in Google Chrome on OS X  ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6401 (Insufficient validation of untrusted input in Omnibox in Google Chrome ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6400 (Inappropriate implementation in CORS in Google Chrome prior to 80.0.39 ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6399 (Insufficient policy enforcement in AppCache in Google Chrome prior to  ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6398 (Use of uninitialized data in PDFium in Google Chrome prior to 80.0.398 ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6397 (Inappropriate implementation in sharing in Google Chrome prior to 80.0 ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6396 (Inappropriate implementation in Skia in Google Chrome prior to 80.0.39 ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6395 (Out of bounds read in JavaScript in Google Chrome prior to 80.0.3987.8 ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6394 (Insufficient policy enforcement in Blink in Google Chrome prior to 80. ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6393 (Insufficient policy enforcement in Blink in Google Chrome prior to 80. ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6392 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6391 (Insufficient validation of untrusted input in Blink in Google Chrome p ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6390 (Out of bounds memory access in streams in Google Chrome prior to 80.0. ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6389 (Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 a ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6388 (Out of bounds access in WebAudio in Google Chrome prior to 80.0.3987.8 ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6387 (Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 a ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6386 (Use after free in speech in Google Chrome prior to 80.0.3987.116 allow ...)
	{DSA-4638-1}
	- chromium 80.0.3987.116-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6385 (Insufficient policy enforcement in storage in Google Chrome prior to 8 ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6384 (Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 all ...)
	{DSA-4638-1}
	- chromium 80.0.3987.116-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6383 (Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a ...)
	{DSA-4638-1}
	- chromium 80.0.3987.116-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6382 (Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 al ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6381 (Integer overflow in JavaScript in Google Chrome on ChromeOS and Androi ...)
	{DSA-4638-1}
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6380 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
	{DSA-4606-1}
	- chromium 79.0.3945.130-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6379 (Use after free in V8 in Google Chrome prior to 79.0.3945.130 allowed a ...)
	{DSA-4606-1}
	- chromium 79.0.3945.130-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6378 (Use after free in speech in Google Chrome prior to 79.0.3945.130 allow ...)
	{DSA-4606-1}
	- chromium 79.0.3945.130-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6377 (Use after free in audio in Google Chrome prior to 79.0.3945.117 allowe ...)
	{DSA-4606-1}
	- chromium 79.0.3945.130-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2020-6376 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6375 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6374 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6373 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6372 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6371 (User enumeration vulnerability can be exploited to get a list of user  ...)
	NOT-FOR-US: SAP
CVE-2020-6370 (SAP NetWeaver Design Time Repository (DTR), versions - 7.11, 7.30, 7.3 ...)
	NOT-FOR-US: SAP
CVE-2020-6369 (SAP Solution Manager and SAP Focused Run (update provided in WILY_INTR ...)
	NOT-FOR-US: SAP
CVE-2020-6368 (SAP Business Planning and Consolidation, versions - 750, 751, 752, 753 ...)
	NOT-FOR-US: SAP
CVE-2020-6367 (There is a reflected cross site scripting vulnerability in SAP NetWeav ...)
	NOT-FOR-US: SAP
CVE-2020-6366 (SAP NetWeaver (Compare Systems) versions - 7.20, 7.30, 7.40, 7.50, doe ...)
	NOT-FOR-US: SAP
CVE-2020-6365 (SAP NetWeaver AS Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40,  ...)
	NOT-FOR-US: SAP
CVE-2020-6364 (SAP Solution Manager and SAP Focused Run (update provided in WILY_INTR ...)
	NOT-FOR-US: SAP
CVE-2020-6363 (SAP Commerce Cloud, versions - 1808, 1811, 1905, 2005, exposes several ...)
	NOT-FOR-US: SAP
CVE-2020-6362 (SAP Banking Services version 500, use an incorrect authorization objec ...)
	NOT-FOR-US: SAP
CVE-2020-6361 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6360 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6359 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6358 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6357 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6356 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6355 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6354 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6353 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6352 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6351 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6350 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6349 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6348 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6347 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6346 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6345 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6344 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6343 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6342 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6341 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6340 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6339 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6338 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6337 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6336 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6335 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6334 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6333 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6332 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6331 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6330 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6329 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6328 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6327 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6326 (SAP NetWeaver (Knowledge Management), version-7.30,7.31,7.40,7.50, all ...)
	NOT-FOR-US: SAP
CVE-2020-6325
	RESERVED
CVE-2020-6324 (SAP Netweaver AS ABAP(BSP Test Application sbspext_table), version-700 ...)
	NOT-FOR-US: SAP
CVE-2020-6323 (SAP NetWeaver Enterprise Portal (Fiori Framework Page) versions - 7.50 ...)
	NOT-FOR-US: SAP
CVE-2020-6322 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6321 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6320 (SAP Marketing (Servlet), version-130,140,150, allows an authenticated  ...)
	NOT-FOR-US: SAP
CVE-2020-6319 (SAP NetWeaver Application Server Java, versions - 7.10, 7.11, 7.20, 7. ...)
	NOT-FOR-US: SAP
CVE-2020-6318 (A Remote Code Execution vulnerability exists in the SAP NetWeaver (ABA ...)
	NOT-FOR-US: SAP
CVE-2020-6317 (In certain situations, an attacker with regular user credentials and l ...)
	NOT-FOR-US: SAP
CVE-2020-6316 (SAP ERP and SAP S/4 HANA allows an authenticated user to see cost reco ...)
	NOT-FOR-US: SAP
CVE-2020-6315 (SAP 3D Visual Enterprise Viewer, version 9, allows an attacker to send ...)
	NOT-FOR-US: SAP
CVE-2020-6314 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
	NOT-FOR-US: SAP
CVE-2020-6313 (SAP NetWeaver Application Server JAVA(XML Forms) versions 7.30, 7.31,  ...)
	NOT-FOR-US: SAP
CVE-2020-6312 (SAP BusinessObjects Business Intelligence Platform (Web Intelligence H ...)
	NOT-FOR-US: SAP
CVE-2020-6311 (Banking services from SAP 9.0 (Bank Analyzer), version - 500, and SAP  ...)
	NOT-FOR-US: SAP
CVE-2020-6310 (Improper access control in SOA Configuration Trace component in SAP Ne ...)
	NOT-FOR-US: SAP
CVE-2020-6309 (SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7. ...)
	NOT-FOR-US: SAP
CVE-2020-6308 (SAP BusinessObjects Business Intelligence Platform (Web Services) vers ...)
	NOT-FOR-US: SAP
CVE-2020-6307 (Automated Note Search Tool (update provided in SAP Basis 7.0, 7.01, 7. ...)
	NOT-FOR-US: SAP
CVE-2020-6306 (Missing authorization check in a transaction within SAP Leasing (updat ...)
	NOT-FOR-US: SAP
CVE-2020-6305 (PI Rest Adapter of SAP Process Integration (update provided in SAP_XIA ...)
	NOT-FOR-US: SAP
CVE-2020-6304 (Improper input validation in SAP NetWeaver Internet Communication Mana ...)
	NOT-FOR-US: SAP
CVE-2020-6303 (SAP Disclosure Management, before version 10.1, does not validate user ...)
	NOT-FOR-US: SAP
CVE-2020-6302 (SAP Commerce versions 6.7, 1808, 1811, 1905, 2005 contains the jSessio ...)
	NOT-FOR-US: SAP
CVE-2020-6301 (SAP ERP (HCM Travel Management), versions - 600, 602, 603, 604, 605, 6 ...)
	NOT-FOR-US: SAP
CVE-2020-6300 (SAP Business Objects Business Intelligence Platform (Central Managemen ...)
	NOT-FOR-US: SAP
CVE-2020-6299 (SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 740, 750, 75 ...)
	NOT-FOR-US: SAP
CVE-2020-6298 (SAP Banking Services (Generic Market Data), versions - 400, 450, 500,  ...)
	NOT-FOR-US: SAP
CVE-2020-6297 (Under certain conditions the upgrade of SAP Data Hub 2.7 to SAP Data I ...)
	NOT-FOR-US: SAP
CVE-2020-6296 (SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 700, 701, 70 ...)
	NOT-FOR-US: SAP
CVE-2020-6295 (Under certain conditions the SAP Adaptive Server Enterprise, version 1 ...)
	NOT-FOR-US: SAP
CVE-2020-6294 (Xvfb of SAP Business Objects Business Intelligence Platform, versions  ...)
	NOT-FOR-US: SAP
CVE-2020-6293 (SAP NetWeaver (Knowledge Management), versions - 7.30, 7.31, 7.40, 7.5 ...)
	NOT-FOR-US: SAP
CVE-2020-6292 (Logout mechanism in SAP Disclosure Management, version 10.1, does not  ...)
	NOT-FOR-US: SAP
CVE-2020-6291 (SAP Disclosure Management, version 10.1, session mechanism does not ha ...)
	NOT-FOR-US: SAP
CVE-2020-6290 (SAP Disclosure Management, version 10.1, is vulnerable to Session Fixa ...)
	NOT-FOR-US: SAP
CVE-2020-6289 (SAP Disclosure Management, version 10.1, had insufficient protection a ...)
	NOT-FOR-US: SAP
CVE-2020-6288 (SAP Business Objects Business Intelligence Platform (Web Intelligence  ...)
	NOT-FOR-US: SAP
CVE-2020-6287 (SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31 ...)
	NOT-FOR-US: SAP
CVE-2020-6286 (The insufficient input path validation of certain parameter in the web ...)
	NOT-FOR-US: SAP
CVE-2020-6285 (SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) (versions- 7.10, 7.11 ...)
	NOT-FOR-US: SAP
CVE-2020-6284 (SAP NetWeaver (Knowledge Management), versions - 7.30, 7.31, 7.40, 7.5 ...)
	NOT-FOR-US: SAP
CVE-2020-6283 (SAP Fiori Launchpad does not sufficiently encode user controlled input ...)
	NOT-FOR-US: SAP
CVE-2020-6282 (SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE), versions 7.10, 7.11 ...)
	NOT-FOR-US: SAP
CVE-2020-6281 (SAP Business Objects Business Intelligence Platform (BI Launchpad), ve ...)
	NOT-FOR-US: SAP
CVE-2020-6280 (SAP NetWeaver (ABAP Server) and ABAP Platform, versions 731, 740, 750, ...)
	NOT-FOR-US: SAP
CVE-2020-6279
	REJECTED
CVE-2020-6278 (SAP Business Objects Business Intelligence Platform (BI Launchpad and  ...)
	NOT-FOR-US: SAP
CVE-2020-6277
	RESERVED
CVE-2020-6276 (SAP Business Objects Business Intelligence Platform (bipodata), versio ...)
	NOT-FOR-US: SAP
CVE-2020-6275 (SAP Netweaver AS ABAP, versions 700, 701, 702, 710, 711, 730, 731, 740 ...)
	NOT-FOR-US: SAP
CVE-2020-6274
	RESERVED
CVE-2020-6273 (SAP S/4 HANA (Fiori UI for General Ledger Accounting), versions 103, 1 ...)
	NOT-FOR-US: SAP
CVE-2020-6272 (SAP Commerce Cloud versions - 1808, 1811, 1905, 2005, does not suffici ...)
	NOT-FOR-US: SAP
CVE-2020-6271 (SAP Solution Manager (Problem Context Manager), version 7.2, does not  ...)
	NOT-FOR-US: SAP
CVE-2020-6270 (SAP NetWeaver AS ABAP (Banking Services), versions - 710, 711, 740, 75 ...)
	NOT-FOR-US: SAP
CVE-2020-6269 (Under certain conditions SAP Business Objects Business Intelligence Pl ...)
	NOT-FOR-US: SAP
CVE-2020-6268 (Statutory Reporting for Insurance Companies in SAP ERP (EA-FINSERV ver ...)
	NOT-FOR-US: SAP
CVE-2020-6267 (Some sensitive cookies in SAP Disclosure Management, version 10.1, are ...)
	NOT-FOR-US: SAP
CVE-2020-6266 (SAP Fiori for SAP S/4HANA, versions - 100, 200, 300, 400, allows an at ...)
	NOT-FOR-US: SAP
CVE-2020-6265 (SAP Commerce, versions - 6.7, 1808, 1811, 1905, and SAP Commerce (Data ...)
	NOT-FOR-US: SAP
CVE-2020-6264 (SAP Commerce, versions - 6.7, 1808, 1811, 1905, may allow an attacker  ...)
	NOT-FOR-US: SAP
CVE-2020-6263 (Standalone clients connecting to SAP NetWeaver AS Java via P4 Protocol ...)
	NOT-FOR-US: SAP
CVE-2020-6262 (Service Data Download in SAP Application Server ABAP (ST-PI, before ve ...)
	NOT-FOR-US: SAP
CVE-2020-6261 (SAP Solution Manager (Trace Analysis), version 7.20, allows an attacke ...)
	NOT-FOR-US: SAP
CVE-2020-6260 (SAP Solution Manager (Trace Analysis), version 7.20, allows an attacke ...)
	NOT-FOR-US: SAP
CVE-2020-6259 (Under certain conditions SAP Adaptive Server Enterprise, versions 15.7 ...)
	NOT-FOR-US: SAP
CVE-2020-6258 (SAP Identity Management, version 8.0, does not perform necessary autho ...)
	NOT-FOR-US: SAP
CVE-2020-6257 (SAP Business Objects Business Intelligence Platform (CMC and BI Launch ...)
	NOT-FOR-US: SAP
CVE-2020-6256 (SAP Master Data Governance, versions - 748, 749, 750, 751, 752, 800, 8 ...)
	NOT-FOR-US: SAP
CVE-2020-6255
	RESERVED
CVE-2020-6254 (SAP Enterprise Threat Detection, versions 1.0, 2.0, does not sufficien ...)
	NOT-FOR-US: SAP
CVE-2020-6253 (Under certain conditions, SAP Adaptive Server Enterprise (Web Services ...)
	NOT-FOR-US: SAP
CVE-2020-6252 (Under certain conditions SAP Adaptive Server Enterprise (Cockpit), ver ...)
	NOT-FOR-US: SAP
CVE-2020-6251 (Under certain conditions or error scenarios SAP Business Objects Busin ...)
	NOT-FOR-US: SAP
CVE-2020-6250 (SAP Adaptive Server Enterprise, version 16.0, allows an authenticated  ...)
	NOT-FOR-US: SAP
CVE-2020-6249 (The use of an admin backend report within SAP Master Data Governance,  ...)
	NOT-FOR-US: SAP
CVE-2020-6248 (SAP Adaptive Server Enterprise (Backup Server), version 16.0, does not ...)
	NOT-FOR-US: SAP
CVE-2020-6247 (SAP Business Objects Business Intelligence Platform, version 4.2, allo ...)
	NOT-FOR-US: SAP
CVE-2020-6246 (SAP NetWeaver AS ABAP Business Server Pages Test Application SBSPEXT_T ...)
	NOT-FOR-US: SAP
CVE-2020-6245 (SAP Business Objects Business Intelligence Platform, version 4.2, allo ...)
	NOT-FOR-US: SAP
CVE-2020-6244 (SAP Business Client, version 7.0, allows an attacker after a successfu ...)
	NOT-FOR-US: SAP
CVE-2020-6243 (Under certain conditions, SAP Adaptive Server Enterprise (XP Server on ...)
	NOT-FOR-US: SAP
CVE-2020-6242 (SAP Business Objects Business Intelligence Platform (Live Data Connect ...)
	NOT-FOR-US: SAP
CVE-2020-6241 (SAP Adaptive Server Enterprise, version 16.0, allows an authenticated  ...)
	NOT-FOR-US: SAP
CVE-2020-6240 (SAP NetWeaver AS ABAP (Web Dynpro ABAP), versions (SAP_UI 750, 752, 75 ...)
	NOT-FOR-US: SAP
CVE-2020-6239 (Under certain conditions SAP Business One (Backup service), versions 9 ...)
	NOT-FOR-US: SAP
CVE-2020-6238 (SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process  ...)
	NOT-FOR-US: SAP
CVE-2020-6237 (Under certain conditions, SAP Business Objects Business Intelligence P ...)
	NOT-FOR-US: SAP
CVE-2020-6236 (SAP Landscape Management, version 3.0, and SAP Adaptive Extensions, ve ...)
	NOT-FOR-US: SAP
CVE-2020-6235 (SAP Solution Manager (Diagnostics Agent), version 7.2, does not perfor ...)
	NOT-FOR-US: SAP
CVE-2020-6234 (SAP Host Agent, version 7.21, allows an attacker with admin privileges ...)
	NOT-FOR-US: SAP
CVE-2020-6233 (SAP S/4 HANA (Financial Products Subledger and Banking Services), vers ...)
	NOT-FOR-US: SAP
CVE-2020-6232 (SAP Commerce, versions 1811, 1905, does not perform necessary authoriz ...)
	NOT-FOR-US: SAP
CVE-2020-6231 (SAP Business Objects Business Intelligence Platform (Web Intelligence  ...)
	NOT-FOR-US: SAP
CVE-2020-6230 (SAP OrientDB, version 3.0, allows an authenticated attacker with scrip ...)
	NOT-FOR-US: SAP
CVE-2020-6229 (SAP NetWeaver AS ABAP (Business Server Pages application CRM_BSP_FRAME ...)
	NOT-FOR-US: SAP
CVE-2020-6228 (SAP Business Client, versions 6.5, 7.0, does not perform necessary int ...)
	NOT-FOR-US: SAP
CVE-2020-6227 (SAP Business Objects Business Intelligence Platform (CMS / Auditing is ...)
	NOT-FOR-US: SAP
CVE-2020-6226 (SAP Business Objects Business Intelligence Platform (Web Intelligence  ...)
	NOT-FOR-US: SAP
CVE-2020-6225 (SAP NetWeaver (Knowledge Management), versions (KMC-CM - 7.00, 7.01, 7 ...)
	NOT-FOR-US: SAP
CVE-2020-6224 (SAP NetWeaver AS Java (HTTP Service), versions 7.10, 7.11, 7.20, 7.30, ...)
	NOT-FOR-US: SAP
CVE-2020-6223 (The open document of SAP Business Objects Business Intelligence Platfo ...)
	NOT-FOR-US: SAP
CVE-2020-6222 (SAP Business Objects Business Intelligence Platform (Web Intelligence  ...)
	NOT-FOR-US: SAP
CVE-2020-6221 (Web Intelligence HTML interface in SAP Business Objects Business Intel ...)
	NOT-FOR-US: SAP
CVE-2020-6220
	RESERVED
CVE-2020-6219 (SAP Business Objects Business Intelligence Platform (CrystalReports We ...)
	NOT-FOR-US: SAP
CVE-2020-6218 (Admin tools and Query Builder in SAP Business Objects Business Intelli ...)
	NOT-FOR-US: SAP
CVE-2020-6217 (SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, ver ...)
	NOT-FOR-US: SAP
CVE-2020-6216 (SAP Business Objects Business Intelligence Platform (BI Launchpad), ve ...)
	NOT-FOR-US: SAP
CVE-2020-6215 (SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, ver ...)
	NOT-FOR-US: SAP
CVE-2020-6214 (SAP S/4HANA (Financial Products Subledger), version 100, uses an incor ...)
	NOT-FOR-US: SAP
CVE-2020-6213 (SAP NetWeaver AS ABAP Business Server Pages Test Application SBSPEXT_P ...)
	NOT-FOR-US: SAP
CVE-2020-6212 (Egypt localized withholding tax reports Clearing of Liabilities and Re ...)
	NOT-FOR-US: SAP
CVE-2020-6211 (SAP Business Objects Business Intelligence Platform (AdminTools), vers ...)
	NOT-FOR-US: SAP
CVE-2020-6210 (SAP Fiori Launchpad, versions- 753, 754, does not sufficiently encode  ...)
	NOT-FOR-US: SAP
CVE-2020-6209 (SAP Disclosure Management, version 10.1, does not perform necessary au ...)
	NOT-FOR-US: SAP
CVE-2020-6208 (SAP Business Objects Business Intelligence Platform (Crystal Reports), ...)
	NOT-FOR-US: SAP
CVE-2020-6207 (SAP Solution Manager (User Experience Monitoring), version- 7.2, due t ...)
	NOT-FOR-US: SAP
CVE-2020-6206 (SAP Cloud Platform Integration for Data Services, version 1.0, allows  ...)
	NOT-FOR-US: SAP
CVE-2020-6205 (SAP NetWeaver AS ABAP Business Server Pages (Smart Forms), SAP_BASIS v ...)
	NOT-FOR-US: SAP
CVE-2020-6204 (The selection query in SAP Treasury and Risk Management (Transaction M ...)
	NOT-FOR-US: SAP
CVE-2020-6203 (SAP NetWeaver UDDI Server (Services Registry), versions- 7.10, 7.11, 7 ...)
	NOT-FOR-US: SAP
CVE-2020-6202 (SAP NetWeaver Application Server Java (User Management Engine), versio ...)
	NOT-FOR-US: SAP
CVE-2020-6201 (The SAP Commerce (Testweb Extension), versions- 6.6, 6.7, 1808, 1811,  ...)
	NOT-FOR-US: SAP
CVE-2020-6200 (The SAP Commerce (SmartEdit Extension), versions- 6.6, 6.7, 1808, 1811 ...)
	NOT-FOR-US: SAP
CVE-2020-6199 (The view FIMENAV_COMPCERT in SAP ERP (MENA Certificate Management), EA ...)
	NOT-FOR-US: SAP
CVE-2020-6198 (SAP Solution Manager (Diagnostics Agent), version 720, allows unencryp ...)
	NOT-FOR-US: SAP
CVE-2020-6197 (SAP Enable Now, before version 1908, does not invalidate session token ...)
	NOT-FOR-US: SAP
CVE-2020-6196 (SAP BusinessObjects Mobile (MobileBIService), version 4.2, allows an a ...)
	NOT-FOR-US: SAP
CVE-2020-6195 (SAP Business Objects Business Intelligence Platform (CMC), version 4.1 ...)
	NOT-FOR-US: SAP
CVE-2020-6194
	RESERVED
CVE-2020-6193 (SAP NetWeaver (Knowledge Management ICE Service), versions 7.30, 7.31, ...)
	NOT-FOR-US: SAP
CVE-2020-6192 (SAP Landscape Management, version 3.0, allows an attacker with admin p ...)
	NOT-FOR-US: SAP
CVE-2020-6191 (SAP Landscape Management, version 3.0, allows an attacker with admin p ...)
	NOT-FOR-US: SAP
CVE-2020-6190 (Certain vulnerable endpoints in SAP NetWeaver AS Java (Heap Dump Appli ...)
	NOT-FOR-US: SAP
CVE-2020-6189 (Certain settings page(s) in SAP Business Objects Business Intelligence ...)
	NOT-FOR-US: SAP
CVE-2020-6188 (VAT Pro-Rata reports in SAP ERP (SAP_APPL versions 600, 602, 603, 604, ...)
	NOT-FOR-US: SAP
CVE-2020-6187 (SAP NetWeaver (Guided Procedures), versions 7.10, 7.11, 7.20, 7.30, 7. ...)
	NOT-FOR-US: SAP
CVE-2020-6186 (SAP Host Agent, version 7.21, allows an attacker to cause a slowdown i ...)
	NOT-FOR-US: SAP
CVE-2020-6185 (Under certain conditions ABAP Online Community in SAP NetWeaver (SAP_B ...)
	NOT-FOR-US: SAP
CVE-2020-6184 (Under certain conditions, ABAP Online Community in SAP NetWeaver (SAP_ ...)
	NOT-FOR-US: SAP
CVE-2020-6183 (SAP Host Agent, version 7.21, allows an unprivileged user to read the  ...)
	NOT-FOR-US: SAP
CVE-2020-6182
	RESERVED
CVE-2020-6181 (Under some circumstances the SAML SSO implementation in the SAP NetWea ...)
	NOT-FOR-US: SAP
CVE-2020-6180
	RESERVED
CVE-2020-6179
	RESERVED
CVE-2020-6178 (SAP Enable Now, before version 1911, sends the Session ID cookie value ...)
	NOT-FOR-US: SAP
CVE-2020-6177 (SAP Mobile Platform, version 3.0, does not sufficiently validate an XM ...)
	NOT-FOR-US: SAP
CVE-2020-6176
	RESERVED
CVE-2020-6175 (Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missin ...)
	NOT-FOR-US: Citrix
CVE-2020-6174 (TUF (aka The Update Framework) through 0.12.1 has Improper Verificatio ...)
	- python-tuf <itp> (bug #934151)
CVE-2020-6173 (TUF (aka The Update Framework) 0.7.2 through 0.12.1 allows Uncontrolle ...)
	- python-tuf <itp> (bug #934151)
CVE-2020-6172
	RESERVED
CVE-2020-6171 (A cross-site scripting (XSS) vulnerability in the index page of the CL ...)
	NOT-FOR-US: Clink Office
CVE-2020-6170 (An authentication bypass vulnerability on Genexis Platinum-4410 v2.1 P ...)
	NOT-FOR-US: Genexis
CVE-2020-6169
	RESERVED
CVE-2020-6168 (A flaw in the WordPress plugin, Minimal Coming Soon &amp; Maintenance  ...)
	NOT-FOR-US: WordPress plugin
CVE-2020-6167 (A flaw in the WordPress plugin, Minimal Coming Soon &amp; Maintenance  ...)
	NOT-FOR-US: WordPress plugin
CVE-2020-6166 (A flaw in the WordPress plugin, Minimal Coming Soon &amp; Maintenance  ...)
	NOT-FOR-US: WordPress plugin
CVE-2020-6165 (SilverStripe 4.5.0 allows attackers to read certain records that shoul ...)
	NOT-FOR-US: SilverStripe
CVE-2020-6164 (In SilverStripe through 4.5.0, a specific URL path configured by defau ...)
	NOT-FOR-US: SilverStripe
CVE-2020-6163 (The WikibaseMediaInfo extension 1.35 for MediaWiki allows XSS because  ...)
	NOT-FOR-US: WikibaseMediaInfo MediaWiki extension
CVE-2020-6162 (An issue was discovered in Bftpd 5.3. Under certain circumstances, an  ...)
	- bftpd <itp> (bug #640469)
CVE-2020-6161
	RESERVED
CVE-2020-6160
	RESERVED
CVE-2020-6159 (URLs using &#8220;javascript:&#8221; have the protocol removed when pa ...)
	NOT-FOR-US: Opera
CVE-2020-6158
	RESERVED
CVE-2020-6157 (Opera Touch for iOS before version 2.4.5 is vulnerable to an address b ...)
	NOT-FOR-US: Opera Touch for iOS
CVE-2020-6156 (A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the s ...)
	NOT-FOR-US: Pixar OpenUSD
CVE-2020-6155 (A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 while  ...)
	NOT-FOR-US: Pixar OpenUSD
CVE-2020-6154
	RESERVED
CVE-2020-6153
	REJECTED
CVE-2020-6152 (A code execution vulnerability exists in the DICOM parse_dicom_meta_in ...)
	NOT-FOR-US: Accusoft
CVE-2020-6151 (A memory corruption vulnerability exists in the TIFF handle_COMPRESSIO ...)
	NOT-FOR-US: Accusoft
CVE-2020-6150 (A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the s ...)
	NOT-FOR-US: Pixar OpenUSD
CVE-2020-6149 (A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the s ...)
	NOT-FOR-US: Pixar OpenUSD
CVE-2020-6148 (A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the s ...)
	NOT-FOR-US: Pixar OpenUSD
CVE-2020-6147 (A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the s ...)
	NOT-FOR-US: Pixar OpenUSD
CVE-2020-6146 (An exploitable code execution vulnerability exists in the rendering fu ...)
	NOT-FOR-US: Nitro Pro
CVE-2020-6145 (An SQL injection vulnerability exists in the frappe.desk.reportview.ge ...)
	NOT-FOR-US: ERPNext
CVE-2020-6144 (A remote code execution vulnerability exists in the install functional ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6143 (A remote code execution vulnerability exists in the install functional ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6142 (A remote code execution vulnerability exists in the Modules.php functi ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6141 (An exploitable SQL injection vulnerability exists in the login functio ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6140 (SQL injection vulnerability exists in the password reset functionality ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6139 (SQL injection vulnerability exists in the password reset functionality ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6138 (SQL injection vulnerability exists in the password reset functionality ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6137 (SQL injection vulnerability exists in the password reset functionality ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6136 (An exploitable SQL injection vulnerability exists in the DownloadWindo ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6135 (An exploitable SQL injection vulnerability exists in the Validator.php ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6134 (SQL injection vulnerabilities exist in the ID parameters of OS4Ed open ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6133 (SQL injection vulnerabilities exist in the ID parameters of OS4Ed open ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6132 (SQL injection vulnerability exists in the ID parameters of OS4Ed openS ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6131 (SQL injection vulnerabilities exist in the course_period_id parameters ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6130 (SQL injection vulnerabilities exist in the course_period_id parameters ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6129 (SQL injection vulnerabilities exist in the course_period_id parameters ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6128 (SQL injection vulnerability exists in the CoursePeriodModal.php page o ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6127 (SQL injection vulnerability exists in the CoursePeriodModal.php page o ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6126 (SQL injection vulnerability exists in the CoursePeriodModal.php page o ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6125 (An exploitable SQL injection vulnerability exists in the GetSchool.php ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6124 (An exploitable sql injection vulnerability exists in the email paramet ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6123 (An exploitable sql injection vulnerability exists in the email paramet ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6122 (SQL injection vulnerability exists in the CheckDuplicateStudent.php pa ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6121 (SQL injection vulnerabilities exist in the CheckDuplicateStudent.php p ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6120 (SQL injection vulnerability exists in the CheckDuplicateStudent.php pa ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6119 (SQL injection vulnerabilities exist in the CheckDuplicateStudent.php p ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6118 (SQL injection vulnerabilities exist in the CheckDuplicateStudent.php p ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6117 (SQL injection vulnerabilities exist in the CheckDuplicateStudent.php p ...)
	NOT-FOR-US: OS4Ed openSIS
CVE-2020-6116 (An arbitrary code execution vulnerability exists in the rendering func ...)
	NOT-FOR-US: Nitro Pro
CVE-2020-6115 (An exploitable vulnerability exists in the cross-reference table repai ...)
	NOT-FOR-US: Nitro Pro
CVE-2020-6114 (An exploitable SQL injection vulnerability exists in the Admin Reports ...)
	NOT-FOR-US: Glacies IceHRM
CVE-2020-6113 (An exploitable vulnerability exists in the object stream parsing funct ...)
	NOT-FOR-US: Nitro Pro
CVE-2020-6112 (An exploitable code execution vulnerability exists in the JPEG2000 Str ...)
	NOT-FOR-US: Nitro Pro
CVE-2020-6111 (An exploitable denial-of-service vulnerability exists in the IPv4 func ...)
	NOT-FOR-US: Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems
CVE-2020-6110 (An exploitable partial path traversal vulnerability exists in the way  ...)
	NOT-FOR-US: Zoom
CVE-2020-6109 (An exploitable path traversal vulnerability exists in the Zoom client, ...)
	NOT-FOR-US: Zoom
CVE-2020-6108 (An exploitable code execution vulnerability exists in the fsck_chk_orp ...)
	- f2fs-tools 1.14.0-1 (bug #973380)
	[buster] - f2fs-tools <no-dsa> (Minor issue)
	[stretch] - f2fs-tools <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1050
CVE-2020-6107 (An exploitable information disclosure vulnerability exists in the dev_ ...)
	- f2fs-tools 1.14.0-1 (bug #973380)
	[buster] - f2fs-tools <no-dsa> (Minor issue)
	[stretch] - f2fs-tools <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1049
CVE-2020-6106 (An exploitable information disclosure vulnerability exists in the init ...)
	- f2fs-tools 1.14.0-1 (bug #973380)
	[buster] - f2fs-tools <no-dsa> (Minor issue)
	[stretch] - f2fs-tools <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1048
CVE-2020-6105 (An exploitable code execution vulnerability exists in the multiple dev ...)
	- f2fs-tools 1.14.0-1 (bug #973380)
	[buster] - f2fs-tools <no-dsa> (Minor issue)
	[stretch] - f2fs-tools <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1047
CVE-2020-6104 (An exploitable information disclosure vulnerability exists in the get_ ...)
	- f2fs-tools 1.14.0-1 (bug #973380)
	[buster] - f2fs-tools <no-dsa> (Minor issue)
	[stretch] - f2fs-tools <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1046
CVE-2020-6103 (An exploitable code execution vulnerability exists in the Shader funct ...)
	NOT-FOR-US: AMD Radeon DirectX 11 Driver atidxx64.dll
CVE-2020-6102 (An exploitable code execution vulnerability exists in the Shader funct ...)
	NOT-FOR-US: AMD Radeon DirectX 11 Driver atidxx64.dll
CVE-2020-6101 (An exploitable code execution vulnerability exists in the Shader funct ...)
	NOT-FOR-US: AMD Radeon DirectX 11 Driver atidxx64.dll
CVE-2020-6100 (An exploitable memory corruption vulnerability exists in AMD atidxx64. ...)
	NOT-FOR-US: AMD
CVE-2020-6099
	RESERVED
CVE-2020-6098 (An exploitable denial of service vulnerability exists in the freeDiame ...)
	- freediameter 1.2.1-8 (bug #985088)
	[buster] - freediameter 1.2.1-7+deb10u1
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1030
	NOTE: Possible fix: http://www.freediameter.net/trac/changeset/19ab8ac08a361642e7f9ec9f2657202c6f8ef9ee/freeDiameter?old=edfb2b662b91af94b2fccc48b11eec904ccab370
CVE-2020-6097 (An exploitable denial of service vulnerability exists in the atftpd da ...)
	{DLA-2820-1}
	- atftp 0.7.git20120829-3.2 (bug #970066)
	[buster] - atftp 0.7.git20120829-3.2~deb10u1
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1029
	NOTE: https://sourceforge.net/u/peterkaestle/atftp/ci/96409ef3b9ca061f9527cfaafa778105cf15d994/
CVE-2020-6096 (An exploitable signed comparison vulnerability exists in the ARMv7 mem ...)
	- glibc 2.31-2 (low; bug #961452)
	[buster] - glibc <no-dsa> (Minor issue)
	[stretch] - glibc <no-dsa> (Minor issue)
	[jessie] - glibc <not-affected> (Vulnerable code not present)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25620
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019
	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=beea361050728138b82c57dda0c4810402d342b9
	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=79a4fa341b8a89cb03f84564fd72abaa1a2db394
CVE-2020-6095 (An exploitable denial of service vulnerability exists in the GstRTSPAu ...)
	- gst-rtsp-server1.0 1.16.2-3 (low)
	[buster] - gst-rtsp-server1.0 <no-dsa> (Minor issue)
	[stretch] - gst-rtsp-server1.0 <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1018
	NOTE: https://gitlab.freedesktop.org/gstreamer/gst-rtsp-server/-/commit/44ccca3086dd81081d72ca0b21d0ecdde962fb1a
CVE-2020-6094 (An exploitable code execution vulnerability exists in the TIFF fillinr ...)
	NOT-FOR-US: Accusoft ImageGear
CVE-2020-6093 (An exploitable information disclosure vulnerability exists in the way  ...)
	NOT-FOR-US: Nitro Pro
CVE-2020-6092 (An exploitable code execution vulnerability exists in the way Nitro Pr ...)
	NOT-FOR-US: Nitro Pro
CVE-2020-6091 (An exploitable authentication bypass vulnerability exists in the ESPON ...)
	NOT-FOR-US: EPSON
CVE-2020-6090 (An exploitable code execution vulnerability exists in the Web-Based Ma ...)
	NOT-FOR-US: WAGO
CVE-2020-6089 (An exploitable code execution vulnerability exists in the ANI file for ...)
	NOT-FOR-US: Leadtools
CVE-2020-6088 (An exploitable denial of service vulnerability exists in the ENIP Requ ...)
	NOT-FOR-US: Allen-Bradley Flex IO
CVE-2020-6087 (An exploitable denial of service vulnerability exists in the ENIP Requ ...)
	NOT-FOR-US: Allen-Bradley Flex IO
CVE-2020-6086 (An exploitable denial of service vulnerability exists in the ENIP Requ ...)
	NOT-FOR-US: Allen-Bradley Flex IO
CVE-2020-6085 (An exploitable denial of service vulnerability exists in the ENIP Requ ...)
	NOT-FOR-US: Allen-Bradley Flex IO
CVE-2020-6084 (An exploitable denial of service vulnerability exists in the ENIP Requ ...)
	NOT-FOR-US: Allen-Bradley Flex IO
CVE-2020-6083 (An exploitable denial of service vulnerability exists in the ENIP Requ ...)
	NOT-FOR-US: Allen-Bradley Flex IO
CVE-2020-6082 (An exploitable out-of-bounds write vulnerability exists in the ico_rea ...)
	NOT-FOR-US: Accusoft
CVE-2020-6081 (An exploitable code execution vulnerability exists in the PLC_Task fun ...)
	NOT-FOR-US: 3S-Smart Software Solutions GmbH CODESYS Runtime
CVE-2020-6080 (An exploitable denial-of-service vulnerability exists in the resource  ...)
	{DSA-4671-1}
	- libmicrodns <removed>
	- vlc 3.0.8-4
	[jessie] - vlc <end-of-life> (Not supported in jessie LTS)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1002
	NOTE: These were addressed on the source level in 3.0.9, but 3.0.8-4 disables the plugin
CVE-2020-6079 (An exploitable denial-of-service vulnerability exists in the resource  ...)
	{DSA-4671-1}
	- libmicrodns <removed>
	- vlc 3.0.8-4
	[jessie] - vlc <end-of-life> (Not supported in jessie LTS)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1002
	NOTE: These were addressed on the source level in 3.0.9, but 3.0.8-4 disables the plugin
CVE-2020-6078 (An exploitable denial-of-service vulnerability exists in the message-p ...)
	{DSA-4671-1}
	- libmicrodns <removed>
	- vlc 3.0.8-4
	[jessie] - vlc <end-of-life> (Not supported in jessie LTS)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1001
	NOTE: These were addressed on the source level in 3.0.9, but 3.0.8-4 disables the plugin
CVE-2020-6077 (An exploitable denial-of-service vulnerability exists in the message-p ...)
	{DSA-4671-1}
	- libmicrodns <removed>
	- vlc 3.0.8-4
	[jessie] - vlc <end-of-life> (Not supported in jessie LTS)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1000
	NOTE: These were addressed on the source level in 3.0.9, but 3.0.8-4 disables the plugin
CVE-2020-6076 (An exploitable out-of-bounds write vulnerability exists in the igcore1 ...)
	NOT-FOR-US: Accusoft
CVE-2020-6075 (An exploitable out-of-bounds write vulnerability exists in the store_d ...)
	NOT-FOR-US: Accusoft
CVE-2020-6074 (An exploitable code execution vulnerability exists in the PDF parser o ...)
	NOT-FOR-US: Nitro Pro
CVE-2020-6073 (An exploitable denial-of-service vulnerability exists in the TXT recor ...)
	{DSA-4671-1}
	- libmicrodns <removed>
	- vlc 3.0.8-4
	[jessie] - vlc <end-of-life> (Not supported in jessie LTS)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-0996
	NOTE: These were addressed on the source level in 3.0.9, but 3.0.8-4 disables the plugin
CVE-2020-6072 (An exploitable code execution vulnerability exists in the label-parsin ...)
	{DSA-4671-1}
	- libmicrodns <removed>
	- vlc 3.0.8-4
	[jessie] - vlc <end-of-life> (Not supported in jessie LTS)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-0995
	NOTE: These were addressed on the source level in 3.0.9, but 3.0.8-4 disables the plugin
CVE-2020-6071 (An exploitable denial-of-service vulnerability exists in the resource  ...)
	{DSA-4671-1}
	- libmicrodns <removed>
	- vlc 3.0.8-4
	[jessie] - vlc <end-of-life> (Not supported in jessie LTS)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-0994
	NOTE: These were addressed on the source level in 3.0.9, but 3.0.8-4 disables the plugin
CVE-2020-6070 (An exploitable code execution vulnerability exists in the file system  ...)
	- f2fs-tools 1.14.0-1 (bug #970941)
	[buster] - f2fs-tools <no-dsa> (Minor issue)
	[stretch] - f2fs-tools <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-0988
CVE-2020-6069 (An exploitable out-of-bounds write vulnerability exists in the igcore1 ...)
	NOT-FOR-US: Accusoft ImageGear
CVE-2020-6068 (An exploitable out-of-bounds write vulnerability exists in the igcore1 ...)
	NOT-FOR-US: Accusoft ImageGear
CVE-2020-6067 (An exploitable out-of-bounds write vulnerability exists in the igcore1 ...)
	NOT-FOR-US: Accusoft ImageGear
CVE-2020-6066 (An exploitable out-of-bounds write vulnerability exists in the igcore1 ...)
	NOT-FOR-US: Accusoft ImageGear
CVE-2020-6065 (An exploitable out-of-bounds write vulnerability exists in the bmp_par ...)
	NOT-FOR-US: Accusoft ImageGear
CVE-2020-6064 (An exploitable out-of-bounds write vulnerability exists in the uncompr ...)
	NOT-FOR-US: Accusoft ImageGear
CVE-2020-6063 (An exploitable out-of-bounds write vulnerability exists in the uncompr ...)
	NOT-FOR-US: Accusoft ImageGear
CVE-2020-6062 (An exploitable denial-of-service vulnerability exists in the way CoTUR ...)
	{DSA-4711-1}
	- coturn 4.5.1.1-1.2 (bug #951876)
	[jessie] - coturn <not-affected> (Vulnerable code introduced later)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-0985
	NOTE: https://github.com/coturn/coturn/commit/e09bcd9f7af5b32c81b37f51835b384b5a7d03a8
CVE-2020-6061 (An exploitable heap out-of-bounds read vulnerability exists in the way ...)
	{DSA-4711-1}
	- coturn 4.5.1.1-1.2 (bug #951876)
	[jessie] - coturn <not-affected> (Vulnerable code introduced later)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-0984
	NOTE: https://github.com/coturn/coturn/commit/51a7c2b9bf924890c7a3ff4db9c4976c5a93340a
CVE-2020-6060 (A stack buffer overflow vulnerability exists in the way MiniSNMPD vers ...)
	NOT-FOR-US: MiniSNMPD
CVE-2020-6059 (An exploitable out of bounds read vulnerability exists in the way Mini ...)
	NOT-FOR-US: MiniSNMPD
CVE-2020-6058 (An exploitable out-of-bounds read vulnerability exists in the way Mini ...)
	NOT-FOR-US: MiniSNMPD
CVE-2020-6057
	RESERVED
CVE-2020-6056
	RESERVED
CVE-2020-6055
	RESERVED
CVE-2020-6054
	RESERVED
CVE-2020-6053
	RESERVED
CVE-2020-6052
	RESERVED
CVE-2020-6051
	RESERVED
CVE-2020-6050
	RESERVED
CVE-2020-6049
	RESERVED
CVE-2020-6048
	RESERVED
CVE-2020-6047
	RESERVED
CVE-2020-6046
	RESERVED
CVE-2020-6045
	RESERVED
CVE-2020-6044
	RESERVED
CVE-2020-6043
	RESERVED
CVE-2020-6042
	RESERVED
CVE-2020-6041
	RESERVED
CVE-2020-6040
	RESERVED
CVE-2020-6039
	RESERVED
CVE-2020-6038
	RESERVED
CVE-2020-6037
	RESERVED
CVE-2020-6036
	RESERVED
CVE-2020-6035
	RESERVED
CVE-2020-6034
	RESERVED
CVE-2020-6033
	RESERVED
CVE-2020-6032
	RESERVED
CVE-2020-6031
	RESERVED
CVE-2020-6030
	RESERVED
CVE-2020-6029
	RESERVED
CVE-2020-6028
	RESERVED
CVE-2020-6027
	RESERVED
CVE-2020-6026
	RESERVED
CVE-2020-6025
	RESERVED
CVE-2020-6024 (Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R8 ...)
	NOT-FOR-US: Check Point SmartConsole
CVE-2020-6023 (Check Point ZoneAlarm before version 15.8.139.18543 allows a local act ...)
	NOT-FOR-US: Check Point ZoneAlarm
CVE-2020-6022 (Check Point ZoneAlarm before version 15.8.139.18543 allows a local act ...)
	NOT-FOR-US: Check Point ZoneAlarm
CVE-2020-6021 (Check Point Endpoint Security Client for Windows before version E84.20 ...)
	NOT-FOR-US: Check Point Endpoint Security Client for Windows
CVE-2020-6020 (Check Point Security Management's Internal CA web management before Ju ...)
	NOT-FOR-US: Check Point
CVE-2020-6019 (Valve's Game Networking Sockets prior to version v1.2.0 improperly han ...)
	NOT-FOR-US: Valve's Game Networking Sockets
CVE-2020-6018 (Valve's Game Networking Sockets prior to version v1.2.0 improperly han ...)
	NOT-FOR-US: Valve's Game Networking Sockets
CVE-2020-6017 (Valve's Game Networking Sockets prior to version v1.2.0 improperly han ...)
	NOT-FOR-US: Valve's Game Networking Sockets
CVE-2020-6016 (Valve's Game Networking Sockets prior to version v1.2.0 improperly han ...)
	NOT-FOR-US: Valve's Game Networking Sockets
CVE-2020-6015 (Check Point Endpoint Security for Windows before E84.10 can reach deni ...)
	NOT-FOR-US: Check Point Endpoint Security Client
CVE-2020-6014 (Check Point Endpoint Security Client for Windows, with Anti-Bot or Thr ...)
	NOT-FOR-US: Check Point Endpoint Security Client
CVE-2020-6013 (ZoneAlarm Firewall and Antivirus products before version 15.8.109.1843 ...)
	NOT-FOR-US: ZoneAlarm
CVE-2020-6012 (ZoneAlarm Anti-Ransomware before version 1.0.713 copies files for the  ...)
	NOT-FOR-US: ZoneAlarm
CVE-2020-6011
	RESERVED
CVE-2020-6010 (LearnPress Wordpress plugin version prior and including 3.2.6.7 is vul ...)
	NOT-FOR-US: LearnPress Wordpress plugin
CVE-2020-6009 (LearnDash Wordpress plugin version below 3.1.6 is vulnerable to Unauth ...)
	NOT-FOR-US: LearnDash Wordpress plugin
CVE-2020-6008 (LifterLMS Wordpress plugin version below 3.37.15 is vulnerable to arbi ...)
	NOT-FOR-US: LifterLMS Wordpress plugin
CVE-2020-6007 (Philips Hue Bridge model 2.X prior to and including version 1935144020 ...)
	NOT-FOR-US: Philips Hue Bridge model
CVE-2020-6006
	REJECTED
CVE-2020-6005
	REJECTED
CVE-2020-6004
	REJECTED
CVE-2020-6003
	REJECTED
CVE-2020-6002
	REJECTED
CVE-2020-6001
	REJECTED
CVE-2020-6000
	REJECTED
CVE-2020-5999
	REJECTED
CVE-2020-5998
	REJECTED
CVE-2020-5997
	REJECTED
CVE-2020-5996
	REJECTED
CVE-2020-5995
	REJECTED
CVE-2020-5994
	REJECTED
CVE-2020-5993
	REJECTED
CVE-2020-5992 (NVIDIA GeForce NOW application software on Windows, all versions prior ...)
	NOT-FOR-US: NVIDIA GeForce NOW application software
CVE-2020-5991 (NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a vulnerab ...)
	[experimental] - nvidia-cuda-toolkit 11.1.1-1
	- nvidia-cuda-toolkit 11.1.1-2 (bug #973543)
	[buster] - nvidia-cuda-toolkit <ignored> (Non-free not supported)
	[stretch] - nvidia-cuda-toolkit <ignored> (Non-free not supported)
	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5094
CVE-2020-5990 (NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a ...)
	NOT-FOR-US: NVIDIA GeForce Experience
CVE-2020-5989 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
	NOT-FOR-US: NVIDIA Virtual GPU Manager
CVE-2020-5988 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
	NOT-FOR-US: NVIDIA Virtual GPU Manager
CVE-2020-5987 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
	NOT-FOR-US: NVIDIA Virtual GPU Manager
CVE-2020-5986 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
	NOT-FOR-US: NVIDIA Virtual GPU Manager
CVE-2020-5985 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
	NOT-FOR-US: NVIDIA Virtual GPU Manager
CVE-2020-5984 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
	NOT-FOR-US: NVIDIA Virtual GPU Manager
CVE-2020-5983 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
	NOT-FOR-US: NVIDIA Virtual GPU Manager
CVE-2020-5982 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
	NOT-FOR-US: NVIDIA Windows GPU Display Driver
CVE-2020-5981 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
	NOT-FOR-US: NVIDIA Windows GPU Display Driver
CVE-2020-5980 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
	NOT-FOR-US: NVIDIA Windows GPU Display Driver
CVE-2020-5979 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
	NOT-FOR-US: NVIDIA Windows GPU Display Driver
CVE-2020-5978 (NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a ...)
	NOT-FOR-US: NVIDIA GeForce Experience
CVE-2020-5977 (NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a ...)
	NOT-FOR-US: NVIDIA GeForce Experience
CVE-2020-5976 (NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) and vers ...)
	NOT-FOR-US: NVIDIA GeForce NOW
CVE-2020-5975 (NVIDIA GeForce NOW, versions prior to 2.0.23 on Windows and macOS, con ...)
	NOT-FOR-US: NVIDIA GeForce NOW
CVE-2020-5974 (NVIDIA JetPack SDK, version 4.2 and 4.3, contains a vulnerability in i ...)
	NOT-FOR-US: NVIDIA
CVE-2020-5973 (NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerabili ...)
	NOT-FOR-US: NVIDIA Virtual GPU Manager
CVE-2020-5972 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
	NOT-FOR-US: NVIDIA Virtual GPU Manager
CVE-2020-5971 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
	NOT-FOR-US: NVIDIA Virtual GPU Manager
CVE-2020-5970 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
	NOT-FOR-US: NVIDIA Virtual GPU Manager
CVE-2020-5969 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
	NOT-FOR-US: NVIDIA Virtual GPU Manager
CVE-2020-5968 (NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin ...)
	NOT-FOR-US: NVIDIA Virtual GPU Manager
CVE-2020-5967 (NVIDIA Linux GPU Display Driver, all versions, contains a vulnerabilit ...)
	- nvidia-graphics-drivers 440.100-1 (bug #963766)
	[buster] - nvidia-graphics-drivers 418.152.00-1
	[stretch] - nvidia-graphics-drivers 390.138-1
	[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
	- nvidia-graphics-drivers-legacy-390xx 390.138-1 (bug #963908)
	[buster] - nvidia-graphics-drivers-legacy-390xx 390.138-1~deb10u1
	- nvidia-graphics-drivers-legacy-340xx <unfixed>
	[buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340)
	[stretch] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340)
	- nvidia-graphics-drivers-legacy-304xx <unfixed>
	[stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
	[jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
	- nvidia-graphics-drivers-tesla-440 440.95.01-1
	- nvidia-graphics-drivers-tesla-418 418.152.00-1
	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5031/kw/Security%20Bulletin
CVE-2020-5966 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
	NOT-FOR-US: NVIDIA Windows GPU Display Driver
CVE-2020-5965 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
	NOT-FOR-US: NVIDIA Windows GPU Display Driver
CVE-2020-5964 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
	NOT-FOR-US: NVIDIA Windows GPU Display Driver
CVE-2020-5963 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
	- nvidia-graphics-drivers 440.100-1 (bug #963766)
	[buster] - nvidia-graphics-drivers 418.152.00-1
	[stretch] - nvidia-graphics-drivers 390.138-1
	[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
	- nvidia-graphics-drivers-legacy-390xx 390.138-1 (bug #963908)
	[buster] - nvidia-graphics-drivers-legacy-390xx 390.138-1~deb10u1
	- nvidia-graphics-drivers-legacy-340xx <unfixed>
	[buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340)
	[stretch] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340)
	- nvidia-graphics-drivers-legacy-304xx <unfixed>
	[stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
	[jessie] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
	- nvidia-graphics-drivers-tesla-440 440.95.01-1
	- nvidia-graphics-drivers-tesla-418 418.152.00-1
	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5031/kw/Security%20Bulletin
CVE-2020-5962 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
	NOT-FOR-US: NVIDIA Windows GPU Display Driver
CVE-2020-5961 (NVIDIA vGPU graphics driver for guest OS contains a vulnerability in w ...)
	NOT-FOR-US: NVIDIA vGPU graphics driver for guest OS
CVE-2020-5960 (NVIDIA Virtual GPU Manager contains a vulnerability in the kernel modu ...)
	NOT-FOR-US: NVIDIA Virtual GPU Manager
CVE-2020-5959 (NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in  ...)
	NOT-FOR-US: NVIDIA Virtual GPU Manager
CVE-2020-5958 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
	NOT-FOR-US: NVIDIA Windows GPU Display Driver
CVE-2020-5957 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
	NOT-FOR-US: Nvidia driver for Windows
CVE-2020-5956 (An issue was discovered in SdLegacySmm in Insyde InsydeH2O with kernel ...)
	NOT-FOR-US: Insyde
CVE-2020-5955 (An issue was discovered in Int15MicrocodeSmm in Insyde InsydeH2O befor ...)
	NOT-FOR-US: Int15MicrocodeSmm
CVE-2020-5954
	RESERVED
CVE-2020-5953 (A vulnerability exists in System Management Interrupt (SWSMI) handler  ...)
	NOT-FOR-US: Insyde
CVE-2020-5952
	RESERVED
CVE-2020-5951
	RESERVED
CVE-2020-5950 (On BIG-IP 14.1.0-14.1.2.6, undisclosed endpoints in iControl REST allo ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5949 (On BIG-IP versions 14.0.0-14.0.1 and 13.1.0-13.1.3.4, certain traffic  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5948 (On BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7,  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5947 (In versions 16.0.0-16.0.0.1 and 15.1.0-15.1.1, on specific BIG-IP plat ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5946 (In BIG-IP Advanced WAF and FPS versions 16.0.0-16.0.0.1, 15.1.0-15.1.0 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5945 (In BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5944 (In BIG-IQ 7.1.0, accessing the DoS Summary events and DNS Overview pag ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5943 (In versions 14.1.0-14.1.0.1 and 14.1.2.5-14.1.2.7, when a BIG-IP objec ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5942 (In BIG-IP PEM versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5941 (On BIG-IP versions 16.0.0-16.0.0.1 and 15.1.0-15.1.0.5, using the RESO ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5940 (In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.3, a s ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5939 (In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.3, 15.0.0-15.0.1.3, 14.1.0- ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5938 (On BIG-IP 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5937 (On BIG-IP AFM 15.1.0-15.1.0.5, the Traffic Management Microkernel (TMM ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5936 (On BIG-IP LTM 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, and 1 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5935 (On BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Con ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5934 (On BIG-IP APM 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, w ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5933 (On versions 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0- ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5932 (On BIG-IP ASM 15.1.0-15.1.0.5, a cross-site scripting (XSS) vulnerabil ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5931 (On BIG-IP 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5930 (In BIG-IP 15.0.0-15.1.0.4, 14.1.0-14.1.2.7, 13.1.0-13.1.3.3, 12.1.0-12 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5929 (In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, B ...)
	NOT-FOR-US: F5
CVE-2020-5928 (In versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0- ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5927 (In versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, and 14.1.0-14.1.2.6, BIG ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5926 (In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, and 14.1.0-14.1.2 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5925 (In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6,  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5924 (In BIG-IP APM versions 12.1.0-12.1.5.1 and 11.6.1-11.6.5.2, RADIUS aut ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5923 (In BIG-IP versions 15.0.0-15.1.0.4, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3,  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5922 (In BIG-IP versions 15.0.0-15.1.0.4, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3,  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5921 (in BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6,  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5920 (In versions 15.0.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0- ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5919 (In versions 15.1.0-15.1.0.4, rendering of certain session variables by ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5918 (In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3,  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5917 (In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3,  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5916 (In BIG-IP versions 15.1.0-15.1.0.4 and 15.0.0-15.0.1.3 the Certificate ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5915 (In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3,  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5914 (In BIG-IP ASM versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5913 (In versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0- ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5912 (In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3,  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5911 (In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller  ...)
	NOT-FOR-US: NGINX Controller
CVE-2020-5910 (In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic  ...)
	NOT-FOR-US: NGINX Controller
CVE-2020-5909 (In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the co ...)
	NOT-FOR-US: NGINX Controller
CVE-2020-5908 (In versions bundled with BIG-IP APM 12.1.0-12.1.5 and 11.6.1-11.6.5.2, ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5907 (In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3,  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5906 (In versions 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, the ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5905 (In version 11.6.1-11.6.5.2 of the BIG-IP system Configuration utility  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5904 (In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3,  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5903 (In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3,  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5902 (In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3,  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5901 (In NGINX Controller 3.3.0-3.4.0, undisclosed API endpoints may allow f ...)
	NOT-FOR-US: NGINX Controller
CVE-2020-5900 (In versions 3.0.0-3.4.0, 2.0.0-2.9.0, and 1.0.1, there is insufficient ...)
	NOT-FOR-US: NGINX Controller
CVE-2020-5899 (In NGINX Controller 3.0.0-3.4.0, recovery code required to change a us ...)
	NOT-FOR-US: NGINX Controller
CVE-2020-5898 (In versions 7.1.5-7.1.9, BIG-IP Edge Client Windows Stonewall driver d ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5897 (In versions 7.1.5-7.1.9, there is use-after-free memory vulnerability  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5896 (On versions 7.1.5-7.1.9, the BIG-IP Edge Client's Windows Installer Se ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5895 (On NGINX Controller versions 3.1.0-3.3.0, AVRD uses world-readable and ...)
	NOT-FOR-US: NGINX Controller
CVE-2020-5894 (On versions 3.0.0-3.3.0, the NGINX Controller webserver does not inval ...)
	NOT-FOR-US: NGINX Controller
CVE-2020-5893 (In versions 7.1.5-7.1.8, when a user connects to a VPN using BIG-IP Ed ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5892 (In versions 7.1.5-7.1.8, the BIG-IP Edge Client components in BIG-IP A ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5891 (On BIG-IP 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, undis ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5890 (On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0- ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5889 (On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, in  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5888 (On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5887 (On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5886 (On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12. ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5885 (On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12. ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5884 (On versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.4, 13.1.0-13.1.3.3, 12.1.0- ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5883 (On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 14.0.0-14.0.1, and 13.1.0-13 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5882 (On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5881 (On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, whe ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5880 (Om BIG-IP 15.0.0-15.0.1.3 and 14.1.0-14.1.2.3, the restjavad process m ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5879 (On BIG-IP ASM 11.6.1-11.6.5.1, under certain configurations, the BIG-I ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5878 (On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.3, Tra ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5877 (On BIG-IP 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5876 (On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5875 (On BIG-IP 15.0.0-15.0.1 and 14.1.0-14.1.2.3, under certain conditions, ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5874 (On BIG-IP APM 15.0.0-15.0.1.2, 14.1.0-14.1.2.3, and 14.0.0-14.0.1, in  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5873 (On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.1, 12.1.0-12.1 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5872 (On BIG-IP 14.1.0-14.1.2.3, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0- ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5871 (On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial o ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5870 (In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization mechanis ...)
	NOT-FOR-US: F5
CVE-2020-5869 (In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization is not s ...)
	NOT-FOR-US: F5
CVE-2020-5868 (In BIG-IQ 6.0.0-7.0.0, a remote access vulnerability has been discover ...)
	NOT-FOR-US: F5
CVE-2020-5867 (In versions prior to 3.3.0, the NGINX Controller Agent installer scrip ...)
	NOT-FOR-US: NGINX Controller
CVE-2020-5866 (In versions of NGINX Controller prior to 3.3.0, the helper.sh script,  ...)
	NOT-FOR-US: NGINX Controller
CVE-2020-5865 (In versions prior to 3.3.0, the NGINX Controller is configured to comm ...)
	NOT-FOR-US: NGINX Controller
CVE-2020-5864 (In versions of NGINX Controller prior to 3.2.0, communication between  ...)
	NOT-FOR-US: NGINX Controller
CVE-2020-5863 (In NGINX Controller versions prior to 3.2.0, an unauthenticated attack ...)
	NOT-FOR-US: NGINX Controller
CVE-2020-5862 (On BIG-IP 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.2, under ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5861 (On BIG-IP 12.1.0-12.1.5, the TMM process may produce a core file in so ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5860 (On BIG-IP 15.0.0-15.1.0.2, 14.1.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5859 (On BIG-IP 15.1.0.1, specially formatted HTTP/3 messages may cause TMM  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5858 (On BIG-IP 15.0.0-15.0.1.2, 14.1.0-14.1.2.2, 13.1.0-13.1.3.2, 12.1.0-12 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5857 (On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5856 (On BIG-IP 15.0.0-15.0.1.1 and 14.1.0-14.1.2.2, while processing specif ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5855 (When the Windows Logon Integration feature is configured for all versi ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5854 (On BIG-IP 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5853 (In BIG-IP APM portal access on versions 15.0.0-15.1.0, 14.0.0-14.1.2.3 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5852 (Undisclosed traffic patterns received may cause a disruption of servic ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5851 (On impacted versions and platforms the Trusted Platform Module (TPM) s ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2020-5850
	RESERVED
CVE-2020-5849 (Unraid 6.8.0 allows authentication bypass. ...)
	NOT-FOR-US: Unraid
CVE-2020-5848
	RESERVED
CVE-2020-5847 (Unraid through 6.8.0 allows Remote Code Execution. ...)
	NOT-FOR-US: Unraid
CVE-2020-5846 (An insecure file upload and code execution issue was discovered in Ahs ...)
	NOT-FOR-US: Ahsay Cloud Backup Suite
CVE-2020-5845
	RESERVED
CVE-2020-5844 (index.php?sec=godmode/extensions&amp;sec2=extensions/files_repo in Pan ...)
	NOT-FOR-US: Pandora FMS
CVE-2020-5843 (Codoforum 4.8.3 allows XSS in the admin dashboard via a category to th ...)
	NOT-FOR-US: Codoforum
CVE-2020-5842 (Codoforum 4.8.3 allows XSS in the user registration page: via the user ...)
	NOT-FOR-US: Codoforum
CVE-2020-5841 (An issue was discovered in OpServices OpMon 9.3.1-1. Using password ch ...)
	NOT-FOR-US: OpServices OpMon
CVE-2020-5840 (An issue was discovered in HashBrown CMS before 1.3.2. Server/Entity/R ...)
	NOT-FOR-US: HashBrown CMS
CVE-2020-5839 (Symantec Endpoint Detection And Response, prior to 4.4, may be suscept ...)
	NOT-FOR-US: Symantec
CVE-2020-5838 (Symantec IT Analytics, prior to 2.9.1, may be susceptible to a cross-s ...)
	NOT-FOR-US: Symantec
CVE-2020-5837 (Symantec Endpoint Protection, prior to 14.3, may not respect file perm ...)
	NOT-FOR-US: Symantec
CVE-2020-5836 (Symantec Endpoint Protection, prior to 14.3, can potentially reset the ...)
	NOT-FOR-US: Symantec
CVE-2020-5835 (Symantec Endpoint Protection Manager, prior to 14.3, has a race condit ...)
	NOT-FOR-US: Symantec
CVE-2020-5834 (Symantec Endpoint Protection Manager, prior to 14.3, may be susceptibl ...)
	NOT-FOR-US: Symantec
CVE-2020-5833 (Symantec Endpoint Protection Manager, prior to 14.3, may be susceptibl ...)
	NOT-FOR-US: Symantec
CVE-2020-5832 (Symantec Data Center Security Manager Component, prior to 6.8.2 (aka 6 ...)
	NOT-FOR-US: Symantec
CVE-2020-5831 (Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, ma ...)
	NOT-FOR-US: Symantec Endpoint Protection Manager (SEPM)
CVE-2020-5830 (Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, ma ...)
	NOT-FOR-US: Symantec Endpoint Protection Manager (SEPM)
CVE-2020-5829 (Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, ma ...)
	NOT-FOR-US: Symantec Endpoint Protection Manager (SEPM)
CVE-2020-5828 (Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, ma ...)
	NOT-FOR-US: Symantec Endpoint Protection Manager (SEPM)
CVE-2020-5827 (Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, ma ...)
	NOT-FOR-US: Symantec Endpoint Protection Manager (SEPM)
CVE-2020-5826 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...)
	NOT-FOR-US: Symantec
CVE-2020-5825 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...)
	NOT-FOR-US: Symantec
CVE-2020-5824 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...)
	NOT-FOR-US: Symantec
CVE-2020-5823 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...)
	NOT-FOR-US: Symantec
CVE-2020-5822 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...)
	NOT-FOR-US: Symantec
CVE-2020-5821 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...)
	NOT-FOR-US: Symantec
CVE-2020-5820 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...)
	NOT-FOR-US: Symantec
CVE-2020-5819
	RESERVED
CVE-2020-5818
	RESERVED
CVE-2020-5817
	RESERVED
CVE-2020-5816
	RESERVED
CVE-2020-5815
	RESERVED
CVE-2020-5814
	RESERVED
CVE-2020-5813
	RESERVED
CVE-2020-5812 (Nessus AMI versions 8.12.0 and earlier were found to either not valida ...)
	NOT-FOR-US: Nessus
CVE-2020-5811 (An authenticated path traversal vulnerability exists during package in ...)
	NOT-FOR-US: Umbraco CMS
CVE-2020-5810 (A stored XSS vulnerability exists in Umbraco CMS &lt;= 8.9.1 or curren ...)
	NOT-FOR-US: Umbraco CMS
CVE-2020-5809 (A stored XSS vulnerability exists in Umbraco CMS &lt;= 8.9.1 or curren ...)
	NOT-FOR-US: Umbraco CMS
CVE-2020-5808 (In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could po ...)
	NOT-FOR-US: Tenable
CVE-2020-5807 (An unauthenticated remote attacker can send data to RsvcHost.exe liste ...)
	NOT-FOR-US: FactoryTalk Diagnostics
CVE-2020-5806 (An attacker-controlled memory allocation size can be passed to the C++ ...)
	NOT-FOR-US: FactoryTalk
CVE-2020-5805 (In Marvell QConvergeConsole GUI &lt;= 5.5.0.74, credentials are stored ...)
	NOT-FOR-US: Marvell QConvergeConsole GUI
CVE-2020-5804 (Marvell QConvergeConsole GUI &lt;= 5.5.0.74 is affected by a path trav ...)
	NOT-FOR-US: Marvell QConvergeConsole GUI
CVE-2020-5803 (Relative Path Traversal in Marvell QConvergeConsole GUI 5.5.0.74 allow ...)
	NOT-FOR-US: Marvell QConvergeConsole GUI
CVE-2020-5802 (An attacker-controlled memory allocation size can be passed to the C++ ...)
	NOT-FOR-US: FactoryTalk
CVE-2020-5801 (An attacker can craft and send an OpenNamespace message to port 4241 w ...)
	NOT-FOR-US: FactoryTalk
CVE-2020-5800 (The Eat Spray Love mobile app for both iOS and Android contains logic  ...)
	NOT-FOR-US: Eat Spray Love mobile app
CVE-2020-5799 (The Eat Spray Love mobile app for both iOS and Android contains a back ...)
	NOT-FOR-US: Eat Spray Love mobile app
CVE-2020-5798 (inSync Client installer for macOS versions v6.8.0 and prior could allo ...)
	NOT-FOR-US: inSync Client installer for macOS
CVE-2020-5797 (UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180 ...)
	NOT-FOR-US: TP-Link
CVE-2020-5796 (Improper preservation of permissions in Nagios XI 5.7.4 allows a local ...)
	NOT-FOR-US: Nagios XI
CVE-2020-5795 (UNIX Symbolic Link (Symlink) Following in TP-Link Archer A7(US)_V5_200 ...)
	NOT-FOR-US: TP-Link
CVE-2020-5794 (A vulnerability in Nessus Network Monitor versions 5.11.0, 5.11.1, and ...)
	NOT-FOR-US: Nessus
CVE-2020-5793 (A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows &a ...)
	NOT-FOR-US: Nessus
CVE-2020-5792 (Improper neutralization of argument delimiters in a command in Nagios  ...)
	NOT-FOR-US: Nagios XI
CVE-2020-5791 (Improper neutralization of special elements used in an OS command in N ...)
	NOT-FOR-US: Nagios XI
CVE-2020-5790 (Cross-site request forgery in Nagios XI 5.7.3 allows a remote attacker ...)
	NOT-FOR-US: Nagios XI
CVE-2020-5789 (Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows ...)
	NOT-FOR-US: Teltonika
CVE-2020-5788 (Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows ...)
	NOT-FOR-US: Teltonika
CVE-2020-5787 (Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows ...)
	NOT-FOR-US: Teltonika
CVE-2020-5786 (Cross-site request forgery in Teltonika firmware TRB2_R_00.02.04.3 all ...)
	NOT-FOR-US: Teltonika
CVE-2020-5785 (Insufficient output sanitization in Teltonika firmware TRB2_R_00.02.04 ...)
	NOT-FOR-US: Teltonika
CVE-2020-5784 (Server-Side Request Forgery in Teltonika firmware TRB2_R_00.02.04.3 al ...)
	NOT-FOR-US: Teltonika
CVE-2020-5783 (In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does n ...)
	NOT-FOR-US: IgniteNet HeliOS GLinq
CVE-2020-5782 (In IgniteNet HeliOS GLinq v2.2.1 r2961, if a user logs in and sets the ...)
	NOT-FOR-US: IgniteNet HeliOS GLinq
CVE-2020-5781 (In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is ...)
	NOT-FOR-US: IgniteNet HeliOS GLinq
CVE-2020-5780 (Missing Authentication for Critical Function in Icegram Email Subscrib ...)
	NOT-FOR-US: Icegram Email Subscribers & Newsletters Plugin for WordPress
CVE-2020-5779 (A flaw in Trading Technologies Messaging 7.1.28.3 (ttmd.exe) relates t ...)
	NOT-FOR-US: Trading Technologies Messaging
CVE-2020-5778 (A flaw exists in Trading Technologies Messaging 7.1.28.3 (ttmd.exe) du ...)
	NOT-FOR-US: Trading Technologies Messaging
CVE-2020-5777 (MAGMI versions prior to 0.7.24 are vulnerable to a remote authenticati ...)
	NOT-FOR-US: MAGMI
CVE-2020-5776 (Currently, all versions of MAGMI are vulnerable to CSRF due to the lac ...)
	NOT-FOR-US: MAGMI
CVE-2020-5775 (Server-Side Request Forgery in Canvas LMS 2020-07-29 allows a remote,  ...)
	NOT-FOR-US: Canvas LMS
CVE-2020-5774 (Nessus versions 8.11.0 and earlier were found to maintain sessions lon ...)
	NOT-FOR-US: Nessus
CVE-2020-5773 (Improper Access Control in Teltonika firmware TRB2_R_00.02.04.01 allow ...)
	NOT-FOR-US: Teltonika firmware
CVE-2020-5772 (Improper Input Validation in Teltonika firmware TRB2_R_00.02.04.01 all ...)
	NOT-FOR-US: Teltonika firmware
CVE-2020-5771 (Improper Input Validation in Teltonika firmware TRB2_R_00.02.04.01 all ...)
	NOT-FOR-US: Teltonika firmware
CVE-2020-5770 (Cross-site request forgery in Teltonika firmware TRB2_R_00.02.04.01 al ...)
	NOT-FOR-US: Teltonika firmware
CVE-2020-5769 (Insufficient output sanitization in Teltonika firmware TRB2_R_00.02.02 ...)
	NOT-FOR-US: Teltonika
CVE-2020-5768 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
	NOT-FOR-US: Icegram Email Subscribers & Newsletters Plugin for WordPress
CVE-2020-5767 (Cross-site request forgery in Icegram Email Subscribers &amp; Newslett ...)
	NOT-FOR-US: Icegram Email Subscribers & Newsletters Plugin for WordPress
CVE-2020-5766 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
	NOT-FOR-US: Wordpress plugin
CVE-2020-5765 (Nessus 8.10.0 and earlier were found to contain a Stored XSS vulnerabi ...)
	NOT-FOR-US: Nessus
CVE-2020-5764 (MX Player Android App versions prior to v1.24.5, are vulnerable to a d ...)
	NOT-FOR-US: MX Player Android App
CVE-2020-5763 (Grandstream HT800 series firmware version 1.0.17.5 and below contain a ...)
	NOT-FOR-US: Grandstream
CVE-2020-5762 (Grandstream HT800 series firmware version 1.0.17.5 and below is vulner ...)
	NOT-FOR-US: Grandstream
CVE-2020-5761 (Grandstream HT800 series firmware version 1.0.17.5 and below is vulner ...)
	NOT-FOR-US: Grandstream
CVE-2020-5760 (Grandstream HT800 series firmware version 1.0.17.5 and below is vulner ...)
	NOT-FOR-US: Grandstream
CVE-2020-5759 (Grandstream UCM6200 series firmware version 1.0.20.23 and below is vul ...)
	NOT-FOR-US: Grandstream
CVE-2020-5758 (Grandstream UCM6200 series firmware version 1.0.20.23 and below is vul ...)
	NOT-FOR-US: Grandstream
CVE-2020-5757 (Grandstream UCM6200 series firmware version 1.0.20.23 and below is vul ...)
	NOT-FOR-US: Grandstream
CVE-2020-5756 (Grandstream GWN7000 firmware version 1.0.9.4 and below allows authenti ...)
	NOT-FOR-US: Grandstream
CVE-2020-5755 (Webroot endpoint agents prior to version v9.0.28.48 did not protect th ...)
	NOT-FOR-US: Webroot
CVE-2020-5754 (Webroot endpoint agents prior to version v9.0.28.48 allows remote atta ...)
	NOT-FOR-US: Webroot
CVE-2020-5753 (Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and u ...)
	NOT-FOR-US: Signal Private Messenger (Android and iOS version)
CVE-2020-5752 (Relative path traversal in Druva inSync Windows Client 6.6.3 allows a  ...)
	NOT-FOR-US: Druva inSync Windows Client
CVE-2020-5751 (Insufficient output sanitization in TCExam 14.2.2 allows a remote, aut ...)
	NOT-FOR-US: TCExam
CVE-2020-5750 (Insufficient output sanitization in TCExam 14.2.2 allows a remote, una ...)
	NOT-FOR-US: TCExam
CVE-2020-5749 (Insufficient output sanitization in TCExam 14.2.2 allows a remote, aut ...)
	NOT-FOR-US: TCExam
CVE-2020-5748 (Insufficient output sanitization in TCExam 14.2.2 allows a remote, una ...)
	NOT-FOR-US: TCExam
CVE-2020-5747 (Insufficient output sanitization in TCExam 14.2.2 allows a remote, aut ...)
	NOT-FOR-US: TCExam
CVE-2020-5746 (Insufficient output sanitization in TCExam 14.2.2 allows a remote, aut ...)
	NOT-FOR-US: TCExam
CVE-2020-5745 (Cross-site request forgery in TCExam 14.2.2 allows a remote attacker t ...)
	NOT-FOR-US: TCExam
CVE-2020-5744 (Relative Path Traversal in TCExam 14.2.2 allows a remote, authenticate ...)
	NOT-FOR-US: TCExam
CVE-2020-5743 (Improper Control of Resource Identifiers in TCExam 14.2.2 allows a rem ...)
	NOT-FOR-US: TCExam
CVE-2020-5742 (Improper Access Control in Plex Media Server prior to June 15, 2020 al ...)
	NOT-FOR-US: Plex Media Server
CVE-2020-5741 (Deserialization of Untrusted Data in Plex Media Server on Windows allo ...)
	NOT-FOR-US: Plex Media Server on Windows
CVE-2020-5740 (Improper Input Validation in Plex Media Server on Windows allows a loc ...)
	NOT-FOR-US: Plex Media Server
CVE-2020-5739 (Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable  ...)
	NOT-FOR-US: Grandstream
CVE-2020-5738 (Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable  ...)
	NOT-FOR-US: Grandstream
CVE-2020-5737 (Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated re ...)
	NOT-FOR-US: Tenable.Sc
CVE-2020-5736 (Amcrest cameras and NVR are vulnerable to a null pointer dereference o ...)
	NOT-FOR-US: Amcrest
CVE-2020-5735 (Amcrest cameras and NVR are vulnerable to a stack-based buffer overflo ...)
	NOT-FOR-US: Amcrest
CVE-2020-5734 (Classic buffer overflow in SolarWinds Dameware allows a remote, unauth ...)
	NOT-FOR-US: SolarWinds
CVE-2020-5733 (In OpenMRS 2.9 and prior, the export functionality of the Data Exchang ...)
	NOT-FOR-US: OpenMRS
CVE-2020-5732 (In OpenMRS 2.9 and prior, he import functionality of the Data Exchange ...)
	NOT-FOR-US: OpenMRS
CVE-2020-5731 (In OpenMRS 2.9 and prior, the app parameter for the ActiveVisit's page ...)
	NOT-FOR-US: OpenMRS
CVE-2020-5730 (In OpenMRS 2.9 and prior, the sessionLocation parameter for the login  ...)
	NOT-FOR-US: OpenMRS
CVE-2020-5729 (In OpenMRS 2.9 and prior, the UI Framework Error Page reflects arbitra ...)
	NOT-FOR-US: OpenMRS
CVE-2020-5728 (OpenMRS 2.9 and prior copies "Referrer" header values into an html ele ...)
	NOT-FOR-US: OpenMRS
CVE-2020-5727 (Authentication bypass using an alternate path or channel in SimpliSafe ...)
	NOT-FOR-US: SimpliSafe
CVE-2020-5726 (The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQ ...)
	NOT-FOR-US: Grandstream
CVE-2020-5725 (The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQ ...)
	NOT-FOR-US: Grandstream
CVE-2020-5724 (The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQ ...)
	NOT-FOR-US: Grandstream
CVE-2020-5723 (The UCM6200 series 1.0.20.22 and below stores unencrypted user passwor ...)
	NOT-FOR-US: UCM6200
CVE-2020-5722 (The HTTP interface of the Grandstream UCM6200 series is vulnerable to  ...)
	NOT-FOR-US: Grandstream
CVE-2020-5721 (MikroTik WinBox 3.22 and below stores the user's cleartext password in ...)
	NOT-FOR-US: MikroTik
CVE-2020-5720 (MikroTik WinBox before 3.21 is vulnerable to a path traversal vulnerab ...)
	NOT-FOR-US: MikroTik WinBox
CVE-2020-5719
	RESERVED
CVE-2020-5718
	RESERVED
CVE-2020-5717
	RESERVED
CVE-2020-5716
	RESERVED
CVE-2020-5715
	RESERVED
CVE-2020-5714
	RESERVED
CVE-2020-5713
	RESERVED
CVE-2020-5712
	RESERVED
CVE-2020-5711
	RESERVED
CVE-2020-5710
	RESERVED
CVE-2020-5709
	RESERVED
CVE-2020-5708
	RESERVED
CVE-2020-5707
	RESERVED
CVE-2020-5706
	RESERVED
CVE-2020-5705
	RESERVED
CVE-2020-5704
	RESERVED
CVE-2020-5703
	RESERVED
CVE-2020-5702
	RESERVED
CVE-2020-5701
	RESERVED
CVE-2020-5700
	RESERVED
CVE-2020-5699
	RESERVED
CVE-2020-5698
	RESERVED
CVE-2020-5697
	RESERVED
CVE-2020-5696
	RESERVED
CVE-2020-5695
	RESERVED
CVE-2020-5694
	RESERVED
CVE-2020-5693
	RESERVED
CVE-2020-5692
	RESERVED
CVE-2020-5691
	RESERVED
CVE-2020-5690
	RESERVED
CVE-2020-5689
	RESERVED
CVE-2020-5688
	RESERVED
CVE-2020-5687
	RESERVED
CVE-2020-5686 (Incorrect implementation of authentication algorithm issue in UNIVERGE ...)
	NOT-FOR-US: UNIVERGE
CVE-2020-5685 (UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 al ...)
	NOT-FOR-US: UNIVERGE
CVE-2020-5684 (iSM client versions from V5.1 prior to V12.1 running on NEC Storage Ma ...)
	NOT-FOR-US: iSM client
CVE-2020-5683 (Directory traversal vulnerability in GROWI versions prior to v4.2.3 (v ...)
	NOT-FOR-US: GROWI
CVE-2020-5682 (Improper input validation in GROWI versions prior to v4.2.3 (v4.2 Seri ...)
	NOT-FOR-US: GROWI
CVE-2020-5681 (Untrusted search path vulnerability in self-extracting files created b ...)
	NOT-FOR-US: EpsonNet SetupManager
CVE-2020-5680 (Improper input validation vulnerability in EC-CUBE versions from 3.0.5 ...)
	NOT-FOR-US: EC-CUBE
CVE-2020-5679 (Improper restriction of rendered UI layers or frames in EC-CUBE versio ...)
	NOT-FOR-US: EC-CUBE
CVE-2020-5678 (Stored cross-site scripting vulnerability in GROWI v3.8.1 and earlier  ...)
	NOT-FOR-US: GROWI
CVE-2020-5677 (Reflected cross-site scripting vulnerability in GROWI v4.0.0 and earli ...)
	NOT-FOR-US: GROWI
CVE-2020-5676 (GROWI v4.1.3 and earlier allow remote attackers to obtain information  ...)
	NOT-FOR-US: GROWI
CVE-2020-5675 (Out-of-bounds read vulnerability in GT21 model of GOT2000 series (GT21 ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5674 (Untrusted search path vulnerability in the installers of multiple SEIK ...)
	NOT-FOR-US: SEIKO EPSON products
CVE-2020-5673
	RESERVED
CVE-2020-5672
	RESERVED
CVE-2020-5671
	RESERVED
CVE-2020-5670
	RESERVED
CVE-2020-5669 (Cross-site scripting vulnerability in Movable Type Movable Type Premiu ...)
	- movabletype-opensource <removed>
CVE-2020-5668 (Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series  ...)
	NOT-FOR-US: Mitsubishi Electric
CVE-2020-5667 (Studyplus App for Android v6.3.7 and earlier and Studyplus App for iOS ...)
	NOT-FOR-US: Studyplus
CVE-2020-5666 (Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series  ...)
	NOT-FOR-US: Mitsubishi Electric
CVE-2020-5665 (Improper check or handling of exceptional conditions in MELSEC iQ-F se ...)
	NOT-FOR-US: Mitsubishi Electric
CVE-2020-5664 (Deserialization of untrusted data vulnerability in XooNIps 3.49 and ea ...)
	NOT-FOR-US: XooNIps
CVE-2020-5663 (Stored cross-site scripting vulnerability in XooNIps 3.49 and earlier  ...)
	NOT-FOR-US: XooNIps
CVE-2020-5662 (Reflected cross-site scripting vulnerability in XooNIps 3.49 and earli ...)
	NOT-FOR-US: XooNIps
CVE-2020-5661
	RESERVED
CVE-2020-5660
	RESERVED
CVE-2020-5659 (SQL injection vulnerability in the XooNIps 3.49 and earlier allows rem ...)
	NOT-FOR-US: XooNIps
CVE-2020-5658 (Resource Management Errors vulnerability in TCP/IP function included i ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5657 (Improper neutralization of argument delimiters in a command ('Argument ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5656 (Improper access control vulnerability in TCP/IP function included in t ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5655 (NULL pointer dereferences vulnerability in TCP/IP function included in ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5654 (Session fixation vulnerability in TCP/IP function included in the firm ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5653 (Buffer overflow vulnerability in TCP/IP function included in the firmw ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5652 (Uncontrolled resource consumption vulnerability in Ethernet Port on ME ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5651 (SQL injection vulnerability in Simple Download Monitor 3.8.8 and earli ...)
	NOT-FOR-US: Simple Download Monitor
CVE-2020-5650 (Cross-site scripting vulnerability in Simple Download Monitor 3.8.8 an ...)
	NOT-FOR-US: Simple Download Monitor
CVE-2020-5649 (Resource management error vulnerability in TCP/IP function included in ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5648 (Improper neutralization of argument delimiters in a command ('Argument ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5647 (Improper access control vulnerability in TCP/IP function included in t ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5646 (NULL pointer dereferences vulnerability in TCP/IP function included in ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5645 (Session fixation vulnerability in TCP/IP function included in the firm ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5644 (Buffer overflow vulnerability in TCP/IP function included in the firmw ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5643 (Improper input validation vulnerability in Cybozu Garoon 5.0.0 to 5.0. ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2020-5642 (Cross-site request forgery (CSRF) vulnerability in Live Chat - Live su ...)
	NOT-FOR-US: Live Chat
CVE-2020-5641 (Cross-site request forgery (CSRF) vulnerability in GS108Ev3 firmware v ...)
	NOT-FOR-US: GS108Ev3 firmware
CVE-2020-5640 (Local file inclusion vulnerability in OneThird CMS v1.96c and earlier  ...)
	NOT-FOR-US: OneThird CMS
CVE-2020-5639 (Directory traversal vulnerability in FileZen versions from V3.0.0 to V ...)
	NOT-FOR-US: FileZen
CVE-2020-5638 (Cross-site scripting vulnerability in desknet's NEO (desknet's NEO Sma ...)
	NOT-FOR-US: desknet's NEO
CVE-2020-5637 (Improper validation of integrity check value vulnerability in Aterm SA ...)
	NOT-FOR-US: Aterm SA3500G firmware
CVE-2020-5636 (Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker ...)
	NOT-FOR-US: Aterm SA3500G firmware
CVE-2020-5635 (Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker ...)
	NOT-FOR-US: Aterm SA3500G firmware
CVE-2020-5634 (ELECOM LAN routers (WRC-2533GST2 firmware versions prior to v1.14, WRC ...)
	NOT-FOR-US: ELECOM LAN routers
CVE-2020-5633 (Multiple NEC products (Express5800/T110j, Express5800/T110j-S, Express ...)
	NOT-FOR-US: NEC
CVE-2020-5632 (InfoCage SiteShell series (Host type SiteShell for IIS V1.4, V1.5, and ...)
	NOT-FOR-US: InfoCage SiteShell
CVE-2020-5631 (Stored cross-site scripting vulnerability in CMONOS.JP ver2.0.20191009 ...)
	NOT-FOR-US: CMONOS.JP
CVE-2020-5630
	RESERVED
CVE-2020-5629 (UNIQLO App for Android versions 7.3.3 and earlier allows remote attack ...)
	NOT-FOR-US: UNIQLO App for Android
CVE-2020-5628 (UNIQLO App for Android versions 7.3.3 and earlier allows remote attack ...)
	NOT-FOR-US: UNIQLO App for Android
CVE-2020-5627 (Yodobashi App for Android versions 1.8.7 and earlier allows remote att ...)
	NOT-FOR-US: Yodobashi App for Android
CVE-2020-5626 (Logstorage version 8.0.0 and earlier, and ELC Analytics version 3.0.0  ...)
	NOT-FOR-US: Logstorage
CVE-2020-5625 (Cross-site scripting vulnerability in XooNIps 3.48 and earlier allows  ...)
	NOT-FOR-US: XooNIps
CVE-2020-5624 (SQL injection vulnerability in the XooNIps 3.48 and earlier allows rem ...)
	NOT-FOR-US: XooNIps
CVE-2020-5623 (NITORI App for Android versions 6.0.4 and earlier and NITORI App for i ...)
	NOT-FOR-US: NITORI App for Android and iOS
CVE-2020-5622 (Shadankun Server Security Type (excluding normal blocking method types ...)
	NOT-FOR-US: Shadankun Server Security Type
CVE-2020-5621 (Cross-site request forgery (CSRF) vulnerability in NETGEAR switching h ...)
	NOT-FOR-US: Netgear
CVE-2020-5620 (Cross-site scripting vulnerability in Exment prior to v3.6.0 allows re ...)
	NOT-FOR-US: Exment
CVE-2020-5619 (Cross-site scripting vulnerability in Exment prior to v3.6.0 allows re ...)
	NOT-FOR-US: Exment
CVE-2020-5618
	RESERVED
CVE-2020-5617 (Privilege escalation vulnerability in SKYSEA Client View Ver.12.200.12 ...)
	NOT-FOR-US: SKYSEA Client View
CVE-2020-5616 ([Calendar01], [Calendar02], [PKOBO-News01], [PKOBO-vote01], [Telop01], ...)
	NOT-FOR-US: Calendar01
CVE-2020-5615 (Cross-site request forgery (CSRF) vulnerability in [Calendar01] free e ...)
	NOT-FOR-US: Calendar01
CVE-2020-5614 (Directory traversal vulnerability in KonaWiki 3.1.0 and earlier allows ...)
	NOT-FOR-US: KonaWiki
CVE-2020-5613 (Cross-site scripting vulnerability in KonaWiki 3.1.0 and earlier allow ...)
	NOT-FOR-US: KonaWiki
CVE-2020-5612 (Cross-site scripting vulnerability in KonaWiki 2.2.0 and earlier allow ...)
	NOT-FOR-US: KonaWiki
CVE-2020-5611 (Cross-site request forgery (CSRF) vulnerability in Social Sharing Plug ...)
	NOT-FOR-US: Social Sharing Plugin for WordPress
CVE-2020-5610 (Global TechStream (GTS) for TOYOTA dealers version 15.10.032 and earli ...)
	NOT-FOR-US: Global TechStream (GTS) for TOYOTA dealers
CVE-2020-5609 (Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (incl ...)
	NOT-FOR-US: Yokogawa CAMS
CVE-2020-5608 (CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 t ...)
	NOT-FOR-US: Yokogawa CAMS
CVE-2020-5607 (Open redirect vulnerability in SHIRASAGI v1.13.1 and earlier allows re ...)
	NOT-FOR-US: SHIRASAGI
CVE-2020-5606 (Cross-site scripting vulnerability in WHR-G54S firmware 1.43 and earli ...)
	NOT-FOR-US: WHR-G54S firmware
CVE-2020-5605 (Directory traversal vulnerability in WHR-G54S firmware 1.43 and earlie ...)
	NOT-FOR-US: WHR-G54S firmware
CVE-2020-5604 (Android App 'Mercari' (Japan version) prior to version 3.52.0 allows a ...)
	NOT-FOR-US: Mercari
CVE-2020-5603 (Uncontrolled resource consumption vulnerability in Mitsubishi Electori ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5602 (Mitsubishi Electoric FA Engineering Software (CPU Module Logging Confi ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5601 (Chrome Extension for e-Tax Reception System Ver1.0.0.0 allows remote a ...)
	NOT-FOR-US: Chrome Extension for e-Tax Reception System
CVE-2020-5600 (TCP/IP function included in the firmware of Mitsubishi Electric GOT200 ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5599 (TCP/IP function included in the firmware of Mitsubishi Electric GOT200 ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5598 (TCP/IP function included in the firmware of Mitsubishi Electric GOT200 ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5597 (TCP/IP function included in the firmware of Mitsubishi Electric GOT200 ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5596 (TCP/IP function included in the firmware of Mitsubishi Electric GOT200 ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5595 (TCP/IP function included in the firmware of Mitsubishi Electric GOT200 ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5594 (Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L, and FX series CPU modules ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5593 (Zenphoto versions prior to 1.5.7 allows an attacker to conduct PHP cod ...)
	NOT-FOR-US: Zenphoto
CVE-2020-5592 (Cross-site scripting vulnerability in Zenphoto versions prior to 1.5.7 ...)
	NOT-FOR-US: Zenphoto
CVE-2020-5591 (XACK DNS 1.11.0 to 1.11.4, 1.10.0 to 1.10.8, 1.8.0 to 1.8.23, 1.7.0 to ...)
	NOT-FOR-US: XACK DNS
CVE-2020-5590 (Directory traversal vulnerability in EC-CUBE 3.0.0 to 3.0.18 and 4.0.0 ...)
	NOT-FOR-US: EC-CUBE
CVE-2020-5589 (SONY Wireless Headphones WF-1000X, WF-SP700N, WH-1000XM2, WH-1000XM3,  ...)
	NOT-FOR-US: SONY
CVE-2020-5588 (Path traversal vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows at ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2020-5587 (Cybozu Garoon 4.0.0 to 5.0.1 allow remote authenticated attackers to o ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2020-5586 (Cross-site scripting vulnerability in Cybozu Garoon 4.10.3 to 5.0.1 al ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2020-5585 (Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 all ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2020-5584 (Cybozu Garoon 4.0.0 to 5.0.1 allow remote attackers to obtain unintend ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2020-5583 (Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to  ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2020-5582 (Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to  ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2020-5581 (Path traversal vulnerability in Cybozu Garoon 4.0.0 to 5.0.1 allows re ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2020-5580 (Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to  ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2020-5579 (SQL injection vulnerability in the Paid Memberships versions prior to  ...)
	NOT-FOR-US: Paid Memberships
CVE-2020-5578
	RESERVED
CVE-2020-5577 (Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movabl ...)
	- movabletype-opensource <removed>
CVE-2020-5576 (Cross-site request forgery (CSRF) vulnerability in Movable Type series ...)
	- movabletype-opensource <removed>
CVE-2020-5575 (Cross-site scripting vulnerability in Movable Type series (Movable Typ ...)
	- movabletype-opensource <removed>
CVE-2020-5574 (HTML attribute value injection vulnerability in Movable Type series (M ...)
	- movabletype-opensource <removed>
CVE-2020-5573 (Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attack ...)
	NOT-FOR-US: Android App 'kintone mobile for Android'
CVE-2020-5572 (Android App 'Mailwise for Android' 1.0.0 to 1.0.1 allows an attacker t ...)
	NOT-FOR-US: Android App 'Mailwise for Android'
CVE-2020-5571 (SHARP AQUOS series (AQUOS SH-M02 build number 01.00.05 and earlier, AQ ...)
	NOT-FOR-US: SHARP AQUOS
CVE-2020-5570 (Cross-site scripting vulnerability in Sales Force Assistant version 11 ...)
	NOT-FOR-US: Sales Force Assistant
CVE-2020-5569 (An unquoted search path vulnerability exists in HDD Password tool (for ...)
	NOT-FOR-US: HDD Password tool (CANVIO)
CVE-2020-5568 (Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 5.0.0 all ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2020-5567 (Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2020-5566 (Improper authorization vulnerability in Cybozu Garoon 4.0.0 to 4.10.3  ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2020-5565 (Improper input validation vulnerability in Cybozu Garoon 4.0.0 to 4.10 ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2020-5564 (Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 al ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2020-5563 (Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2020-5562 (Server-side request forgery (SSRF) vulnerability in Cybozu Garoon 4.6. ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2020-5561 (Keijiban Tsumiki v1.15 allows remote attackers to execute arbitrary OS ...)
	NOT-FOR-US: Keijiban Tsumiki
CVE-2020-5560 (WL-Enq 1.11 and 1.12 allows remote attackers to execute arbitrary OS c ...)
	NOT-FOR-US: WL-Enq
CVE-2020-5559 (Cross-site scripting vulnerability in WL-Enq 1.11 and 1.12 allows remo ...)
	NOT-FOR-US: WL-Enq
CVE-2020-5558 (CuteNews 2.0.1 allows remote authenticated attackers to execute arbitr ...)
	NOT-FOR-US: CuteNews
CVE-2020-5557 (Cross-site scripting vulnerability in CuteNews 2.0.1 allows remote att ...)
	NOT-FOR-US: CuteNews
CVE-2020-5556 (Shihonkanri Plus GOOUT Ver1.5.8 and Ver2.2.10 allows remote attackers  ...)
	NOT-FOR-US: Shihonkanri Plus GOOUT
CVE-2020-5555 (Shihonkanri Plus GOOUT Ver1.5.8 and Ver2.2.10 allows remote attackers  ...)
	NOT-FOR-US: Shihonkanri Plus GOOUT
CVE-2020-5554 (Directory traversal vulnerability in Shihonkanri Plus GOOUT Ver1.5.8 a ...)
	NOT-FOR-US: Shihonkanri Plus GOOUT
CVE-2020-5553 (mailform version 1.04 allows remote attackers to execute arbitrary PHP ...)
	NOT-FOR-US: mailform
CVE-2020-5552 (Cross-site scripting vulnerability in mailform version 1.04 allows rem ...)
	NOT-FOR-US: mailform
CVE-2020-5551 (Toyota 2017 Model Year DCU (Display Control Unit) allows an unauthenti ...)
	NOT-FOR-US: Toyota
CVE-2020-5550 (Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earli ...)
	NOT-FOR-US: EasyBlocks
CVE-2020-5549 (Cross-site request forgery (CSRF) vulnerability in EasyBlocks IPv6 Ver ...)
	NOT-FOR-US: EasyBlocks
CVE-2020-5548 (Yamaha LTE VoIP Router(NVR700W firmware Rev.15.00.15 and earlier), Yam ...)
	NOT-FOR-US: Yamaha
CVE-2020-5547 (Resource Management Errors vulnerability in TCP function included in t ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5546 (Improper Neutralization of Argument Delimiters in a Command ('Argument ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5545 (TCP function included in the firmware of Mitsubishi Electric MELQIC IU ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5544 (Null Pointer Dereference vulnerability in TCP function included in the ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5543 (TCP function included in the firmware of Mitsubishi Electric MELQIC IU ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5542 (Buffer error vulnerability in TCP function included in the firmware of ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5541 (Open redirect vulnerability in CyberMail Ver.6.x and Ver.7.x allows re ...)
	NOT-FOR-US: CyberMail
CVE-2020-5540 (Cross-site scripting vulnerability in CyberMail Ver.6.x and Ver.7.x al ...)
	NOT-FOR-US: CyberMail
CVE-2020-5539 (GRANDIT Ver.1.6, Ver.2.0, Ver.2.1, Ver.2.2, Ver.2.3, and Ver.3.0 do no ...)
	NOT-FOR-US: GRANDIT
CVE-2020-5538 (Improper Access Control in PALLET CONTROL Ver. 6.3 and earlier allows  ...)
	NOT-FOR-US: PALLET CONTROL
CVE-2020-5537 (Cybozu Desktop for Windows 2.0.23 to 2.2.40 allows remote code executi ...)
	NOT-FOR-US: Cybozu
CVE-2020-5536 (OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacke ...)
	NOT-FOR-US: OpenBlocks IoT VX2
CVE-2020-5535 (OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacke ...)
	NOT-FOR-US: OpenBlocks IoT VX2
CVE-2020-5534 (Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated a ...)
	NOT-FOR-US: Aterm WG2600HS firmware
CVE-2020-5533 (Cross-site scripting vulnerability in Aterm WG2600HS firmware Ver1.3.2 ...)
	NOT-FOR-US: Aterm WG2600HS firmware
CVE-2020-5532 (ilbo App (ilbo App for Android prior to version 1.1.8 and ilbo App for ...)
	NOT-FOR-US: ilbo App
CVE-2020-5531 (Mitsubishi Electric MELSEC C Controller Module and MELIPC Series MI500 ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5530 (Cross-site request forgery (CSRF) vulnerability in Easy Property Listi ...)
	NOT-FOR-US: Easy Property Listings plugin for WordPress
CVE-2020-5529 (HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. Html ...)
	{DLA-2326-1}
	- htmlunit <removed>
	NOTE: https://github.com/HtmlUnit/htmlunit/commit/934390fefcd2cd58e6d86f2bc19d811ae17bfa28
CVE-2020-5528 (Cross-site scripting vulnerability in Movable Type series (Movable Typ ...)
	- movabletype-opensource <removed>
CVE-2020-5527 (When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC  ...)
	NOT-FOR-US: Mitsubishi
CVE-2020-5526 (The AWMS Mobile App for Android 2.0.0 to 2.0.5 and for iOS 2.0.0 to 2. ...)
	NOT-FOR-US: AWMS Mobile App for Android and iOS
CVE-2020-5525 (Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG120 ...)
	NOT-FOR-US: Aterm series firmware
CVE-2020-5524 (Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG120 ...)
	NOT-FOR-US: Aterm series firmware
CVE-2020-5523 (Android App 'MyPallete' and some of the Android banking applications b ...)
	NOT-FOR-US: MyPallete
CVE-2020-5522 (The kantan netprint App for Android 2.0.3 and earlier does not verify  ...)
	NOT-FOR-US: kantan netprint App for Android
CVE-2020-5521 (The kantan netprint App for iOS 2.0.2 and earlier does not verify X.50 ...)
	NOT-FOR-US: kantan netprint App for iOS
CVE-2020-5520 (The netprint App for iOS 3.2.3 and earlier does not verify X.509 certi ...)
	NOT-FOR-US: netprint App for iOS
CVE-2020-5519 (The WebAdmin Console in OpenLiteSpeed before v1.6.5 does not strictly  ...)
	NOT-FOR-US: OpenLiteSpeed
CVE-2020-5518
	RESERVED
CVE-2020-5517 (CSRF in the /login URI in BlueOnyx 5209R allows an attacker to access  ...)
	NOT-FOR-US: BlueOnyx
CVE-2020-5516
	RESERVED
CVE-2020-5515 (Gila CMS 1.11.8 allows /admin/sql?query= SQL Injection. ...)
	NOT-FOR-US: Gila CMS
CVE-2020-5514 (Gila CMS 1.11.8 allows Unrestricted Upload of a File with a Dangerous  ...)
	NOT-FOR-US: Gila CMS
CVE-2020-5513 (Gila CMS 1.11.8 allows /cm/delete?t=../ Directory Traversal. ...)
	NOT-FOR-US: Gila CMS
CVE-2020-5512 (Gila CMS 1.11.8 allows /admin/media?path=../ Path Traversal. ...)
	NOT-FOR-US: Gila CMS
CVE-2020-5511 (PHPGurukul Small CRM v2.0 was found vulnerable to authentication bypas ...)
	NOT-FOR-US: PHPGurukul Small CRM
CVE-2020-5510 (PHPGurukul Hostel Management System v2.0 allows SQL injection via the  ...)
	NOT-FOR-US: PHPGurukul Hostel Management System
CVE-2020-5509 (PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an ...)
	NOT-FOR-US: PHPGurukul Car Rental Project
CVE-2020-5508
	RESERVED
CVE-2020-5507
	RESERVED
CVE-2020-5506
	RESERVED
CVE-2020-5505 (Freelancy v1.0.0 allows remote command execution via the "file":"data: ...)
	NOT-FOR-US: Freelancy
CVE-2020-5504 (In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists  ...)
	{DLA-2060-1}
	- phpmyadmin 4:4.9.4+dfsg1-1 (bug #948718)
	[stretch] - phpmyadmin 4:4.6.6-4+deb9u1
	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/c86acbf3ed49f69cf38b31879886dd5eb86b6983
	NOTE: https://gist.github.com/ibennetch/4c1b701f4b766e4dd5556e8e26200b6b
	NOTE: https://www.phpmyadmin.net/security/PMASA-2020-1/
CVE-2020-5503
	RESERVED
CVE-2020-5502 (phpBB 3.2.8 allows a CSRF attack that can approve pending group member ...)
	NOT-FOR-US: phpBB
CVE-2020-5501 (phpBB 3.2.8 allows a CSRF attack that can modify a group avatar. ...)
	NOT-FOR-US: phpBB
CVE-2020-5500
	RESERVED
CVE-2020-5499 (Baidu Rust SGX SDK through 1.0.8 has an enclave ID race. There are non ...)
	NOT-FOR-US: Baidu Rust SGX SDK
CVE-2020-5498
	REJECTED
CVE-2020-5497 (The OpenID Connect reference implementation for MITREid Connect throug ...)
	NOT-FOR-US: MITREid Connect
CVE-2020-5496 (FontForge 20190801 has a heap-based buffer overflow in the Type2NotDef ...)
	- fontforge 1:20201107~dfsg-1 (bug #948231)
	[buster] - fontforge <no-dsa> (Minor issue)
	[stretch] - fontforge <no-dsa> (Minor issue)
	[jessie] - fontforge <no-dsa> (Minor issue)
	NOTE: https://github.com/fontforge/fontforge/issues/4085
CVE-2020-5495
	REJECTED
CVE-2020-5494
	REJECTED
CVE-2020-5493
	REJECTED
CVE-2020-5492
	REJECTED
CVE-2020-5491
	REJECTED
CVE-2020-5490
	REJECTED
CVE-2020-5489
	REJECTED
CVE-2020-5488
	REJECTED
CVE-2020-5487
	REJECTED
CVE-2020-5486
	REJECTED
CVE-2020-5485
	REJECTED
CVE-2020-5484
	REJECTED
CVE-2020-5483
	REJECTED
CVE-2020-5482
	REJECTED
CVE-2020-5481
	REJECTED
CVE-2020-5480
	REJECTED
CVE-2020-5479
	REJECTED
CVE-2020-5478
	REJECTED
CVE-2020-5477
	REJECTED
CVE-2020-5476
	REJECTED
CVE-2020-5475
	REJECTED
CVE-2020-5474
	REJECTED
CVE-2020-5473
	REJECTED
CVE-2020-5472
	REJECTED
CVE-2020-5471
	REJECTED
CVE-2020-5470
	REJECTED
CVE-2020-5469
	REJECTED
CVE-2020-5468
	REJECTED
CVE-2020-5467
	REJECTED
CVE-2020-5466
	REJECTED
CVE-2020-5465
	REJECTED
CVE-2020-5464
	REJECTED
CVE-2020-5463
	REJECTED
CVE-2020-5462
	REJECTED
CVE-2020-5461
	REJECTED
CVE-2020-5460
	REJECTED
CVE-2020-5459
	REJECTED
CVE-2020-5458
	REJECTED
CVE-2020-5457
	REJECTED
CVE-2020-5456
	REJECTED
CVE-2020-5455
	REJECTED
CVE-2020-5454
	REJECTED
CVE-2020-5453
	REJECTED
CVE-2020-5452
	REJECTED
CVE-2020-5451
	REJECTED
CVE-2020-5450
	REJECTED
CVE-2020-5449
	REJECTED
CVE-2020-5448
	REJECTED
CVE-2020-5447
	REJECTED
CVE-2020-5446
	REJECTED
CVE-2020-5445
	REJECTED
CVE-2020-5444
	REJECTED
CVE-2020-5443
	REJECTED
CVE-2020-5442
	REJECTED
CVE-2020-5441
	REJECTED
CVE-2020-5440
	REJECTED
CVE-2020-5439
	REJECTED
CVE-2020-5438
	REJECTED
CVE-2020-5437
	REJECTED
CVE-2020-5436
	REJECTED
CVE-2020-5435
	REJECTED
CVE-2020-5434
	REJECTED
CVE-2020-5433
	REJECTED
CVE-2020-5432
	REJECTED
CVE-2020-5431
	REJECTED
CVE-2020-5430
	REJECTED
CVE-2020-5429
	REJECTED
CVE-2020-5428 (In applications using Spring Cloud Task 2.2.4.RELEASE and below, may b ...)
	NOT-FOR-US: VMware
CVE-2020-5427 (In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5 ...)
	NOT-FOR-US: VMware
CVE-2020-5426 (Scheduler for TAS prior to version 1.4.0 was permitting plaintext tran ...)
	NOT-FOR-US: VMware
CVE-2020-5425 (Single Sign-On for Vmware Tanzu all versions prior to 1.11.3 ,1.12.x v ...)
	NOT-FOR-US: VMware
CVE-2020-5424
	REJECTED
CVE-2020-5423 (CAPI (Cloud Controller) versions prior to 1.101.0 are vulnerable to a  ...)
	NOT-FOR-US: Cloud Foundry
CVE-2020-5422 (BOSH System Metrics Server releases prior to 0.1.0 exposed the UAA pas ...)
	NOT-FOR-US: BOSH System Metrics Server
CVE-2020-5421 (In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5. ...)
	- libspring-java 4.3.30-1 (bug #973381)
	[buster] - libspring-java <no-dsa> (Minor issue)
	[stretch] - libspring-java <ignored> (Minor issue, no known patch)
	NOTE: https://tanzu.vmware.com/security/cve-2020-5421
	NOTE: https://github.com/spring-projects/spring-framework/issues/26821 (patch unidentifiable)
CVE-2020-5420 (Cloud Foundry Routing (Gorouter) versions prior to 0.206.0 allow a mal ...)
	NOT-FOR-US: Cloud Foundry
CVE-2020-5419 (RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific ...)
	- rabbitmq-server <not-affected> (Windows-specific vulnerability)
CVE-2020-5418 (Cloud Foundry CAPI (Cloud Controller) versions prior to 1.98.0 allow a ...)
	NOT-FOR-US: Cloud Foundry
CVE-2020-5417 (Cloud Foundry CAPI (Cloud Controller), versions prior to 1.97.0, when  ...)
	NOT-FOR-US: Cloud Foundry
CVE-2020-5416 (Cloud Foundry Routing (Gorouter), versions prior to 0.204.0, when used ...)
	NOT-FOR-US: Cloud Foundry
CVE-2020-5415 (Concourse, versions prior to 6.3.1 and 6.4.1, in installations which u ...)
	NOT-FOR-US: Councourse
CVE-2020-5414 (VMware Tanzu Application Service for VMs (2.7.x versions prior to 2.7. ...)
	NOT-FOR-US: VMware
CVE-2020-5413 (Spring Integration framework provides Kryo Codec implementations as an ...)
	NOT-FOR-US: VMware
CVE-2020-5412 (Spring Cloud Netflix, versions 2.2.x prior to 2.2.4, versions 2.1.x pr ...)
	NOT-FOR-US: Spring Cloud Netflix
CVE-2020-5411 (When configured to enable default typing, Jackson contained a deserial ...)
	NOT-FOR-US: spring-batch
CVE-2020-5410 (Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x pri ...)
	NOT-FOR-US: Spring Cloud Config
CVE-2020-5409 (Pivotal Concourse, most versions prior to 6.0.0, allows redirects to u ...)
	NOT-FOR-US: Pivotal
CVE-2020-5408 (Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5 ...)
	- libspring-security-2.0-java <removed>
	[jessie] - libspring-security-2.0-java <not-affected> (Vulnerable code introduced later)
CVE-2020-5407 (Spring Security versions 5.2.x prior to 5.2.4 and 5.3.x prior to 5.3.2 ...)
	- libspring-security-2.0-java <removed>
	[jessie] - libspring-security-2.0-java <not-affected> (Vulnerable code introduced later)
CVE-2020-5406 (VMware Tanzu Application Service for VMs, 2.6.x versions prior to 2.6. ...)
	NOT-FOR-US: VMware
CVE-2020-5405 (Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x pri ...)
	NOT-FOR-US: Spring Cloud Config
CVE-2020-5404 (The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and  ...)
	NOT-FOR-US: Reactor Netty, different from src:netty
CVE-2020-5403 (Reactor Netty HttpServer, versions 0.9.3 and 0.9.4, is exposed to a UR ...)
	NOT-FOR-US: Reactor Netty, different from src:netty
CVE-2020-5402 (In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability  ...)
	NOT-FOR-US: Cloud Foundry
CVE-2020-5401 (Cloud Foundry Routing Release, versions prior to 0.197.0, contains GoR ...)
	NOT-FOR-US: Cloud Foundry
CVE-2020-5400 (Cloud Foundry Cloud Controller (CAPI), versions prior to 1.91.0, logs  ...)
	NOT-FOR-US: Cloud Foundry
CVE-2020-5399 (Cloud Foundry CredHub, versions prior to 2.5.10, connects to a MySQL d ...)
	NOT-FOR-US: Cloud Foundry CredHub
CVE-2020-5398 (In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x pri ...)
	- libspring-java <not-affected> (Vulnerable code not present)
	NOTE: https://pivotal.io/security/cve-2020-5398
	NOTE: https://github.com/spring-projects/spring-framework/issues/24220
	NOTE: https://github.com/spring-projects/spring-framework/commit/41f40c6c229d3b4f768718f1ec229d8f0ad76d76
	NOTE: https://github.com/spring-projects/spring-framework/commit/956ffe68587c8d5f21135b5ce4650af0c2dea933
CVE-2020-5397 (Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF ...)
	- libspring-java <not-affected> (Only affects 5.2.x)
	NOTE: https://pivotal.io/security/cve-2020-5397
	NOTE: https://github.com/spring-projects/spring-framework/issues/24327
	NOTE: https://github.com/spring-projects/spring-framework/commit/bc7d01048579430b4b2df668178809b63d3f1929
CVE-2020-5396 (VMware GemFire versions prior to 9.10.0, 9.9.2, 9.8.7, and 9.7.6, and  ...)
	NOT-FOR-US: VMware
CVE-2020-5395 (FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd. ...)
	- fontforge 1:20201107~dfsg-1 (bug #948231)
	[buster] - fontforge <no-dsa> (Minor issue)
	[stretch] - fontforge <no-dsa> (Minor issue)
	[jessie] - fontforge <no-dsa> (Minor issue)
	NOTE: https://github.com/fontforge/fontforge/issues/4084
	NOTE: https://github.com/fontforge/fontforge/commit/048a91e2682c1a8936ae34dbc7bd70291ec05410
	NOTE: Additional patch required (to not open up CVE-2020-25690):
	NOTE: https://github.com/fontforge/fontforge/commit/b96273acc691ac8a36c6a8dd4de8e6edd7eaae59
CVE-2020-5394
	RESERVED
CVE-2020-5393 (In Appspace On-Prem through 7.1.3, an adversary can steal a session to ...)
	NOT-FOR-US: Appspace On-Prem
CVE-2020-5392 (A stored cross-site scripting (XSS) vulnerability exists in the Auth0  ...)
	NOT-FOR-US: Auth0 plugin for WordPress
CVE-2020-5391 (Cross-site request forgery (CSRF) vulnerabilities exist in the Auth0 p ...)
	NOT-FOR-US: Auth0 plugin for WordPress
CVE-2020-5390 (PySAML2 before 5.0.0 does not check that the signature in a SAML docum ...)
	{DSA-4630-1 DLA-2119-1}
	- python-pysaml2 4.5.0-7 (bug #949322)
	NOTE: https://github.com/IdentityPython/pysaml2/commit/5e9d5acbcd8ae45c4e736ac521fd2df5b1c62e25 (v5.0.0)
CVE-2020-5389 (Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC)  ...)
	NOT-FOR-US: Dell
CVE-2020-5388 (Dell Inspiron 15 7579 2-in-1 BIOS versions prior to 1.31.0 contain an  ...)
	NOT-FOR-US: Dell
CVE-2020-5387 (Dell XPS 13 9370 BIOS versions prior to 1.13.1 contains an Improper Ex ...)
	NOT-FOR-US: Dell
CVE-2020-5386 (Dell EMC ECS, versions prior to 3.5, contains an Exposure of Resource  ...)
	NOT-FOR-US: EMC
CVE-2020-5385 (Dell Encryption versions prior to 10.8 and Dell Endpoint Security Suit ...)
	NOT-FOR-US: Dell
CVE-2020-5384 (Authentication Bypass Vulnerability RSA MFA Agent 2.0 for Microsoft Wi ...)
	NOT-FOR-US: RSA MFA Agent
CVE-2020-5383 (Dell EMC Isilon OneFS version 8.2.2 and Dell EMC PowerScale OneFS vers ...)
	NOT-FOR-US: EMC
CVE-2020-5382
	RESERVED
CVE-2020-5381
	RESERVED
CVE-2020-5380
	RESERVED
CVE-2020-5379 (Dell Inspiron 7352 BIOS versions prior to A12 contain a UEFI BIOS Boot ...)
	NOT-FOR-US: Dell
CVE-2020-5378 (Dell G7 17 7790 BIOS versions prior to 1.13.2 contain a UEFI BIOS Boot ...)
	NOT-FOR-US: Dell
CVE-2020-5377 (Dell EMC OpenManage Server Administrator (OMSA) versions 9.4 and prior ...)
	NOT-FOR-US: EMC
CVE-2020-5376 (Dell Inspiron 7347 BIOS versions prior to A13 contain a UEFI BIOS Boot ...)
	NOT-FOR-US: Dell
CVE-2020-5375
	RESERVED
CVE-2020-5374 (Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC)  ...)
	NOT-FOR-US: EMC
CVE-2020-5373 (Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC)  ...)
	NOT-FOR-US: EMC
CVE-2020-5372 (Dell EMC PowerStore versions prior to 1.0.1.0.5.002 contain a vulnerab ...)
	NOT-FOR-US: EMC
CVE-2020-5371 (Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerSca ...)
	NOT-FOR-US: EMC
CVE-2020-5370 (Dell EMC OpenManage Enterprise (OME) versions prior to 3.4 contain an  ...)
	NOT-FOR-US: EMC
CVE-2020-5369 (Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerSca ...)
	NOT-FOR-US: EMC
CVE-2020-5368 (Dell EMC VxRail versions 4.7.410 and 4.7.411 contain an improper authe ...)
	NOT-FOR-US: EMC
CVE-2020-5367 (Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC U ...)
	NOT-FOR-US: Dell EMC
CVE-2020-5366 (Dell EMC iDRAC9 versions prior to 4.20.20.20 contain a Path Traversal  ...)
	NOT-FOR-US: EMC
CVE-2020-5365 (Dell EMC Isilon versions 8.2.2 and earlier contain a remotesupport vul ...)
	NOT-FOR-US: EMC
CVE-2020-5364 (Dell EMC Isilon OneFS versions 8.2.2 and earlier contain an SNMPv2 vul ...)
	NOT-FOR-US: EMC
CVE-2020-5363 (Select Dell Client Consumer and Commercial platforms include an issue  ...)
	NOT-FOR-US: Dell
CVE-2020-5362 (Dell Client Consumer and Commercial platforms include an improper auth ...)
	NOT-FOR-US: Dell
CVE-2020-5361 (Select Dell Client Commercial and Consumer platforms support a BIOS pa ...)
	NOT-FOR-US: Dell
CVE-2020-5360 (Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable  ...)
	NOT-FOR-US: Dell
CVE-2020-5359 (Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable  ...)
	NOT-FOR-US: Dell
CVE-2020-5358 (Dell Encryption versions prior to 10.7 and Dell Endpoint Security Suit ...)
	NOT-FOR-US: Dell Encryption
CVE-2020-5357 (Dell Dock Firmware Update Utilities for Dell Client Consumer and Comme ...)
	NOT-FOR-US: Dell
CVE-2020-5356 (Dell PowerProtect Data Manager (PPDM) versions prior to 19.4 and Dell  ...)
	NOT-FOR-US: Dell
CVE-2020-5355
	RESERVED
CVE-2020-5354
	RESERVED
CVE-2020-5353 (The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerSca ...)
	NOT-FOR-US: EMC
CVE-2020-5352 (Dell EMC Data Protection Advisor 6.4, 6.5 and 18.1 contain an OS comma ...)
	NOT-FOR-US: EMC
CVE-2020-5351 (Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an ...)
	NOT-FOR-US: EMC
CVE-2020-5350 (Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2,  ...)
	NOT-FOR-US: EMC
CVE-2020-5349 (Dell EMC Networking S4100 and S5200 Series Switches manufactured prior ...)
	NOT-FOR-US: EMC
CVE-2020-5348 (Dell Latitude 7202 Rugged Tablet BIOS versions prior to A28 contain a  ...)
	NOT-FOR-US: Dell
CVE-2020-5347 (Dell EMC Isilon OneFS versions 8.2.2 and earlier contain a denial of s ...)
	NOT-FOR-US: Dell EMC Isilon OneFS
CVE-2020-5346 (RSA Authentication Manager versions prior to 8.4 P11 contain a stored  ...)
	NOT-FOR-US: RSA Authentication Manager
CVE-2020-5345 (Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC U ...)
	NOT-FOR-US: Dell EMC
CVE-2020-5344 (Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70. ...)
	NOT-FOR-US: EMC
CVE-2020-5343 (Dell Client platforms restored using a Dell OS recovery image download ...)
	NOT-FOR-US: Dell
CVE-2020-5342 (Dell Digital Delivery versions prior to 3.5.2015 contain an incorrect  ...)
	NOT-FOR-US: Dell
CVE-2020-5341 (Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server ...)
	NOT-FOR-US: EMC
CVE-2020-5340 (RSA Authentication Manager versions prior to 8.4 P10 contain a stored  ...)
	NOT-FOR-US: RSA Authentication Manager
CVE-2020-5339 (RSA Authentication Manager versions prior to 8.4 P10 contain a stored  ...)
	NOT-FOR-US: RSA Authentication Manager
CVE-2020-5338
	RESERVED
CVE-2020-5337 (RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL redirect ...)
	NOT-FOR-US: RSA
CVE-2020-5336 (RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL injectio ...)
	NOT-FOR-US: RSA
CVE-2020-5335 (RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contain a cross-site r ...)
	NOT-FOR-US: RSA
CVE-2020-5334 (RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contains a Document Ob ...)
	NOT-FOR-US: RSA
CVE-2020-5333 (RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an authorizati ...)
	NOT-FOR-US: RSA
CVE-2020-5332 (RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain a command inje ...)
	NOT-FOR-US: RSA
CVE-2020-5331 (RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an information ...)
	NOT-FOR-US: RSA
CVE-2020-5330 (Dell EMC Networking X-Series firmware versions 3.0.1.2 and older, Dell ...)
	NOT-FOR-US: EMC
CVE-2020-5329 (Dell EMC Avamar Server contains an open redirect vulnerability. A remo ...)
	NOT-FOR-US: EMC
CVE-2020-5328 (Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized  ...)
	NOT-FOR-US: EMC
CVE-2020-5327 (Dell Security Management Server versions prior to 10.2.10 contain a Ja ...)
	NOT-FOR-US: Dell
CVE-2020-5326 (Affected Dell Client platforms contain a BIOS Setup configuration auth ...)
	NOT-FOR-US: Dell
CVE-2020-5325
	RESERVED
CVE-2020-5324 (Dell Client Consumer and Commercial Platforms contain an Arbitrary Fil ...)
	NOT-FOR-US: Dell
CVE-2020-5323 (Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenMan ...)
	NOT-FOR-US: EMC
CVE-2020-5322 (Dell EMC OpenManage Enterprise-Modular (OME-M) versions prior to 1.10. ...)
	NOT-FOR-US: EMC
CVE-2020-5321 (Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenMan ...)
	NOT-FOR-US: EMC
CVE-2020-5320 (Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenMan ...)
	NOT-FOR-US: EMC
CVE-2020-5319 (Dell EMC Unity, Dell EMC Unity XT, and Dell EMC UnityVSA versions prio ...)
	NOT-FOR-US: EMC
CVE-2020-5318 (Dell EMC Isilon OneFS versions 8.1.2, 8.1.0.4, 8.1.0.3, and 8.0.0.7 co ...)
	NOT-FOR-US: EMC
CVE-2020-5317 (Dell EMC ECS versions prior to 3.4.0.1 contain an XSS vulnerability. A ...)
	NOT-FOR-US: EMC
CVE-2020-5316 (Dell SupportAssist for Business PCs versions 2.0, 2.0.1, 2.0.2, 2.1, 2 ...)
	NOT-FOR-US: Dell
CVE-2020-5315 (Dell EMC Repository Manager (DRM) version 3.2 contains a plain-text pa ...)
	NOT-FOR-US: EMC
CVE-2020-5314
	RESERVED
CVE-2020-5313 (libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overfl ...)
	{DSA-4631-1 DLA-2057-1}
	- pillow 7.0.0-1 (bug #948224)
	NOTE: https://github.com/python-pillow/Pillow/commit/a09acd0decd8a87ccce939d5ff65dab59e7d365b (6.2.2)
CVE-2020-5312 (libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer  ...)
	{DSA-4631-1 DLA-2057-1}
	- pillow 7.0.0-1 (bug #948224)
	NOTE: https://github.com/python-pillow/Pillow/commit/93b22b846e0269ee9594ff71a72bec02d2bea8fd (6.2.2)
CVE-2020-5311 (libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer ove ...)
	- pillow 7.0.0-1 (bug #948224)
	[buster] - pillow 5.4.1-2+deb10u1
	[stretch] - pillow <not-affected> (Vulnerable code not present)
	[jessie] - pillow <not-affected> (The vulnerable code was introduced later)
	NOTE: https://github.com/python-pillow/Pillow/commit/a79b65c47c7dc6fe623aadf09aa6192fc54548f3 (6.2.2)
CVE-2020-5310 (libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding int ...)
	- pillow 7.0.0-1 (bug #948224)
	[buster] - pillow <not-affected> (Vulnerability introduced later)
	[stretch] - pillow <not-affected> (Vulnerable code not present)
	[jessie] - pillow <not-affected> (The vulnerable code was introduced later)
	NOTE: Introduced by: https://github.com/python-pillow/Pillow/commit/f0436a4ddc954541fa10a531e2d9ea0c5ae2065d (5.3.0)
	NOTE: and https://github.com/python-pillow/Pillow/commit/e91b851fdc1c914419543f485bdbaa010790719f (6.0.0)
	NOTE: Fixed by: https://github.com/python-pillow/Pillow/commit/4e2def2539ec13e53a82e06c4b3daf00454100c4 (6.2.2)
CVE-2020-5309
	RESERVED
CVE-2020-5308 (PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to XSS, ...)
	NOT-FOR-US: PHPGurukul Dairy Farm Shop Management System
CVE-2020-5307 (PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL  ...)
	NOT-FOR-US: PHPGurukul Dairy Farm Shop Management System
CVE-2020-5306 (Codoforum 4.8.3 allows XSS via a post using parameters display name, t ...)
	NOT-FOR-US: Codoforum
CVE-2020-5305 (Codoforum 4.8.3 allows XSS in the admin dashboard via a name field of  ...)
	NOT-FOR-US: Codoforum
CVE-2020-5304 (The dashboard in WhiteSource Application Vulnerability Management (AVM ...)
	NOT-FOR-US: WhiteSource Application Vulnerability Management (AVM)
CVE-2020-5303 (Tendermint before versions 0.33.3, 0.32.10, and 0.31.12 has a denial-o ...)
	NOT-FOR-US: Tendermint
CVE-2020-5302 (MH-WikiBot (an IRC Bot for interacting with the Miraheze API), had a b ...)
	NOT-FOR-US: MH-WikiBot
CVE-2020-5301 (SimpleSAMLphp versions before 1.18.6 contain an information disclosure ...)
	- simplesamlphp <not-affected> (Windows-only issue)
CVE-2020-5300 (In Hydra (an OAuth2 Server and OpenID Certified&#8482; OpenID Connect  ...)
	NOT-FOR-US: ORY Hydra
CVE-2020-5299 (In OctoberCMS (october/october composer package) versions from 1.0.319 ...)
	NOT-FOR-US: OctoberCMS
CVE-2020-5298 (In OctoberCMS (october/october composer package) versions from 1.0.319 ...)
	NOT-FOR-US: OctoberCMS
CVE-2020-5297 (In OctoberCMS (october/october composer package) versions from 1.0.319 ...)
	NOT-FOR-US: OctoberCMS
CVE-2020-5296 (In OctoberCMS (october/october composer package) versions from 1.0.319 ...)
	NOT-FOR-US: OctoberCMS
CVE-2020-5295 (In OctoberCMS (october/october composer package) versions from 1.0.319 ...)
	NOT-FOR-US: OctoberCMS
CVE-2020-5294 (PrestaShop module ps_facetedsearch versions before 2.1.0 has a reflect ...)
	NOT-FOR-US: PrestaShop
CVE-2020-5293 (In PrestaShop between versions 1.7.0.0 and 1.7.6.5, there are improper ...)
	NOT-FOR-US: PrestaShop
CVE-2020-5292 (Leantime before versions 2.0.15 and 2.1-beta3 has a SQL Injection vuln ...)
	NOT-FOR-US: Leantime
CVE-2020-5290 (In RedpwnCTF before version 2.3, there is a session fixation vulnerabi ...)
	NOT-FOR-US: RedpwnCTF
CVE-2020-5289 (In Elide before 4.5.14, it is possible for an adversary to "guess and  ...)
	NOT-FOR-US: Elide
CVE-2020-5288 ("In PrestaShop between versions 1.7.0.0 and 1.7.6.5, there is improper ...)
	NOT-FOR-US: PrestaShop
CVE-2020-5287 (In PrestaShop between versions 1.5.5.0 and 1.7.6.5, there is improper  ...)
	NOT-FOR-US: PrestaShop
CVE-2020-5286 (In PrestaShop between versions 1.7.4.0 and 1.7.6.5, there is a reflect ...)
	NOT-FOR-US: PrestaShop
CVE-2020-5285 (In PrestaShop between versions 1.7.6.0 and 1.7.6.5, there is a reflect ...)
	NOT-FOR-US: PrestaShop
CVE-2020-5284 (Next.js versions before 9.3.2 have a directory traversal vulnerability ...)
	NOT-FOR-US: next.js
CVE-2020-5283 (ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS ...)
	- viewvc <removed>
	[buster] - viewvc <no-dsa> (Minor issue)
	[stretch] - viewvc <no-dsa> (Minor issue)
	[jessie] - viewvc <no-dsa> (Minor issue)
	NOTE: https://github.com/viewvc/viewvc/security/advisories/GHSA-xpxf-fvqv-7mfg
	NOTE: https://github.com/viewvc/viewvc/commit/ad0f966e9a997b17d853a6972ea283d4dcd70fa8
	NOTE: https://github.com/viewvc/viewvc/issues/211
CVE-2020-5282 (In Nick Chan Bot before version 1.0.0-beta there is a vulnerability in ...)
	NOT-FOR-US: Nick Chan Bot
CVE-2020-5281 (In Perun before version 3.9.1, VO or group manager can modify configur ...)
	NOT-FOR-US: Perun
CVE-2020-5280 (http4s before versions 0.18.26, 0.20.20, and 0.21.2 has a local file i ...)
	NOT-FOR-US: http4s
CVE-2020-5279 (In PrestaShop between versions 1.5.0.0 and 1.7.6.5, there are improper ...)
	NOT-FOR-US: PrestaShop
CVE-2020-5278 (In PrestaShop between versions 1.5.4.0 and 1.7.6.5, there is a reflect ...)
	NOT-FOR-US: PrestaShop
CVE-2020-5277 (PrestaShop module ps_facetedsearch versions before 3.5.0 has a reflect ...)
	NOT-FOR-US: PrestaShop
CVE-2020-5276 (In PrestaShop between versions 1.7.1.0 and 1.7.6.5, there is a reflect ...)
	NOT-FOR-US: PrestaShop
CVE-2020-5275 (In symfony/security-http before versions 4.4.7 and 5.0.7, when a `Fire ...)
	- symfony 4.4.8-1 (bug #961415)
	[buster] - symfony <not-affected> (Introduced in 4.4.0)
	[stretch] - symfony <not-affected> (Introduced in 4.4.0)
	[jessie] - symfony <not-affected> (Introduced in 4.4.0)
	NOTE: https://symfony.com/blog/cve-2020-5275-all-access-control-rules-are-required-when-a-firewall-uses-the-unanimous-strategy
	NOTE: https://github.com/symfony/symfony/commit/c935e4a3fba6cc2ab463a6ca382858068d63cebf
CVE-2020-5274 (In Symfony before versions 5.0.5 and 4.4.5, some properties of the Exc ...)
	- symfony 4.4.8-1 (bug #961415)
	[buster] - symfony <not-affected> (Introduced in 4.4.0)
	[stretch] - symfony <not-affected> (Introduced in 4.4.0)
	[jessie] - symfony <not-affected> (Introduced in 4.4.0)
	NOTE: https://symfony.com/blog/cve-2020-5274-fix-exception-message-escaping-rendered-by-errorhandler
	NOTE: https://github.com/symfony/symfony/commit/cf80224589ac05402d4f72f5ddf80900ec94d5ad
	NOTE: https://github.com/symfony/symfony/commit/629d21b800a15dc649fb0ae9ed7cd9211e7e45db
CVE-2020-5273 (In PrestaShop module ps_linklist versions before 3.1.0, there is a sto ...)
	NOT-FOR-US: PrestaShop
CVE-2020-5272 (In PrestaShop between versions 1.5.5.0 and 1.7.6.5, there is a reflect ...)
	NOT-FOR-US: PrestaShop
CVE-2020-5271 (In PrestaShop between versions 1.6.0.0 and 1.7.6.5, there is a reflect ...)
	NOT-FOR-US: PrestaShop
CVE-2020-5270 (In PrestaShop between versions 1.7.6.0 and 1.7.6.5, there is an open r ...)
	NOT-FOR-US: PrestaShop
CVE-2020-5269 (In PrestaShop between versions 1.7.6.1 and 1.7.6.5, there is a reflect ...)
	NOT-FOR-US: PrestaShop
CVE-2020-5268 (In Saml2 Authentication Services for ASP.NET versions before 1.0.2, an ...)
	NOT-FOR-US: Saml2 Authentication Services for ASP.NET
CVE-2020-5267 (In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible ...)
	{DLA-2149-1}
	- rails 2:5.2.4.1+dfsg-2 (bug #954304)
	[buster] - rails 2:5.2.2.1+dfsg-1+deb10u1
	[stretch] - rails 2:4.2.7.1-1+deb9u2
	NOTE: https://www.openwall.com/lists/oss-security/2020/03/19/1
	NOTE: https://github.com/rails/rails/commit/033a738817abd6e446e1b320cb7d1a5c15224e9a (master)
CVE-2020-5266 (In the ps_link module for PrestaShop before version 3.1.0, there is a  ...)
	NOT-FOR-US: PrestaShop
CVE-2020-5265 (In PrestaShop between versions 1.7.6.1 and 1.7.6.5, there is a reflect ...)
	NOT-FOR-US: PrestaShop
CVE-2020-5264 (In PrestaShop before version 1.7.6.5, there is a reflected XSS while r ...)
	NOT-FOR-US: PrestaShop
CVE-2020-5263 (auth0.js (NPM package auth0-js) greater than version 8.0.0 and before  ...)
	NOT-FOR-US: Node auth0-js
CVE-2020-5262 (In EasyBuild before version 4.1.2, the GitHub Personal Access Token (P ...)
	NOT-FOR-US: EasyBuild
CVE-2020-5261 (Saml2 Authentication services for ASP.NET (NuGet package Sustainsys.Sa ...)
	NOT-FOR-US: ASP.NET
CVE-2020-5260 (Affected versions of Git have a vulnerability whereby Git can be trick ...)
	{DSA-4657-1 DLA-2177-1}
	- git 1:2.26.1-1
	NOTE: https://lore.kernel.org/lkml/xmqqy2qy7xn8.fsf@gitster.c.googlers.com/
	NOTE: Fixed by: https://git.kernel.org/pub/scm/git/git.git/commit/?id=9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b
	NOTE: Additional/nice-to-have: https://git.kernel.org/pub/scm/git/git.git/commit/?id=17f1c0b8c7e447aa62f85dc355bb48133d2812f2
	NOTE: Additional/nice-to-have: https://git.kernel.org/pub/scm/git/git.git/commit/?id=c716fe4bd917e013bf376a678b3a924447777b2d
	NOTE: Additional/nice-to-have: https://git.kernel.org/pub/scm/git/git.git/commit/?id=07259e74ec1237c836874342c65650bdee8a3993
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=2021
	NOTE: https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q
CVE-2020-5259 (In affected versions of dojox (NPM package), the jqMix method is vulne ...)
	{DLA-2139-1}
	- dojo 1.15.3+dfsg1-1 (bug #953587)
	[buster] - dojo 1.14.2+dfsg1-1+deb10u2
	NOTE: https://github.com/dojo/dojox/security/advisories/GHSA-3hw5-q855-g6cw
	NOTE: https://github.com/dojo/dojox/commit/47d1b302b5b23d94e875b77b9b9a8c4f5622c9da
CVE-2020-5258 (In affected versions of dojo (NPM package), the deepCopy method is vul ...)
	{DLA-2139-1}
	- dojo 1.15.3+dfsg1-1 (bug #953585)
	[buster] - dojo 1.14.2+dfsg1-1+deb10u2
	NOTE: https://github.com/dojo/dojo/security/advisories/GHSA-jxfh-8wgv-vfr2
	NOTE: https://github.com/dojo/dojo/commit/20a00afb68f5587946dc76fbeaa68c39bda2171d
CVE-2020-5257 (In Administrate (rubygem) before version 0.13.0, when sorting by attri ...)
	NOT-FOR-US: Administrate ruby gem
CVE-2020-5256 (BookStack before version 0.25.5 has a vulnerability where a user could ...)
	NOT-FOR-US: BookStack
CVE-2020-5255 (In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not ...)
	- symfony 4.4.8-1 (bug #961415)
	[buster] - symfony <not-affected> (Introduced in 4.4.0)
	[stretch] - symfony <not-affected> (Introduced in 4.4.0)
	[jessie] - symfony <not-affected> (Introduced in 4.4.0)
	NOTE: https://symfony.com/blog/cve-2020-5255-prevent-cache-poisoning-via-a-response-content-type-header
	NOTE: https://github.com/symfony/symfony/commit/dca343442e6a954f96a2609e7b4e9c21ed6d74e6
CVE-2020-5254 (In NetHack before 3.6.6, some out-of-bound values for the hilite_statu ...)
	- nethack 3.6.6-1 (bug #953978)
	[buster] - nethack <no-dsa> (Minor issue)
	[stretch] - nethack <not-affected> (Vulnerable code introduced in 3.6.1)
	[jessie] - nethack <not-affected> (Vulnerable code introduced in 3.6.1)
	NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-2ch6-6r8h-m2p9
	NOTE: https://nethack.org/security/CVE-2020-5254.html
	NOTE: Fixed with: https://github.com/NetHack/NetHack/commit/abdd3254ae06dd1fbcff637c4c631783d5ed9741 (NetHack-3.6.6_Released)
	NOTE: Introduced with: https://github.com/NetHack/NetHack/commit/f8211f69f2008609b59fe4c9ba341ff1fa520825 (NetHack-3.6.1_RC01)
CVE-2020-5253 (NetHack before version 3.6.0 allowed malicious use of escaping of char ...)
	- nethack 3.6.0-1
	[jessie] - nethack <end-of-life> (Not supported in jessie LTS)
	NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-2c7p-3fj4-223m
	NOTE: https://github.com/NetHack/NetHack/commit/612755bfb5c412079795c68ba392df5d93874ed8
CVE-2020-5252 (The command-line "safety" package for Python has a potential security  ...)
	NOT-FOR-US: safety Python module
CVE-2020-5251 (In parser-server before version 4.1.0, you can fetch all the users obj ...)
	NOT-FOR-US: parser-server
CVE-2020-5250 (In PrestaShop before version 1.7.6.4, when a customer edits their addr ...)
	NOT-FOR-US: PrestaShop
CVE-2020-5249 (In Puma (RubyGem) before 4.3.3 and 3.12.4, if an application using Pum ...)
	- puma 3.12.4-1 (bug #953122)
	[buster] - puma 3.12.0-2+deb10u2
	[stretch] - puma <not-affected> (early_hint feature added in later version)
	NOTE: https://github.com/puma/puma/security/advisories/GHSA-33vf-4xgg-9r58
	NOTE: https://github.com/puma/puma/commit/c22712fc93284a45a93f9ad7023888f3a65524f3
CVE-2020-5248 (GLPI before before version 9.4.6 has a vulnerability involving a defau ...)
	- glpi <removed> (unimportant)
	NOTE: Only supported behind an authenticated HTTP zone
	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-j222-j9mf-h6j9
	NOTE: https://github.com/glpi-project/glpi/commit/efd14468c92c4da43333aa9735e65fd20cbc7c6c
CVE-2020-5247 (In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application us ...)
	- puma 3.12.4-1 (bug #952766)
	[buster] - puma 3.12.0-2+deb10u2
	[stretch] - puma <no-dsa> (intrusive to backport)
	NOTE: https://github.com/puma/puma/security/advisories/GHSA-84j7-475p-hp8v
	NOTE: https://github.com/puma/puma/commit/1b17e85a06183cd169b41ca719928c26d44a6e03 (3.12.3)
	NOTE: https://github.com/puma/puma/commit/694feafcd4fdcea786a0730701dad933f7547bea (4.3.2)
CVE-2020-5246 (Traccar GPS Tracking System before version 4.9 has a LDAP injection vu ...)
	NOT-FOR-US: Traccar GPS Tracking System
CVE-2020-5245 (Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary cod ...)
	NOT-FOR-US: Dropwizard-Validation
CVE-2020-5244 (In BuddyPress before 5.1.2, requests to a certain REST API endpoint ca ...)
	NOT-FOR-US: BuddyPress
CVE-2020-5243 (uap-core before 0.7.3 is vulnerable to a denial of service attack when ...)
	- uap-core 1:0.8.0-1 (bug #952649)
	[buster] - uap-core <no-dsa> (Minor issue)
	NOTE: https://github.com/ua-parser/uap-core/security/advisories/GHSA-cmcx-xhr8-3w9p
	NOTE: https://github.com/ua-parser/uap-core/commit/a679b131697e7371f0441f4799940779efa2f27e
	NOTE: https://github.com/ua-parser/uap-core/commit/dd279cff09546dbd4174bd05d29c0e90c2cffa7c
	NOTE: https://github.com/ua-parser/uap-core/commit/7d92a383440c9742ec878273c90a4dcf8446f9af
	NOTE: https://github.com/ua-parser/uap-core/commit/e9a1c74dae9ecd4aa6385bd34ef6c7243f89b537
CVE-2020-5242 (openHAB before 2.5.2 allow a remote attacker to use REST calls to inst ...)
	NOT-FOR-US: openHAB
CVE-2020-5241 (matestack-ui-core (RubyGem) before 0.7.4 is vulnerable to XSS/Script i ...)
	NOT-FOR-US: matestack-ui-core Ruby gem
CVE-2020-5240 (In wagtail-2fa before 1.4.1, any user with access to the CMS can view  ...)
	NOT-FOR-US: wagtail-2fa
CVE-2020-5239 (In Mailu before version 1.7, an authenticated user can exploit a vulne ...)
	NOT-FOR-US: Mailu
CVE-2020-5238 (The table extension in GitHub Flavored Markdown before version 0.29.0. ...)
	- cmark-gfm 0.29.0.gfm.2-1 (bug #965984)
	[bullseye] - cmark-gfm <no-dsa> (Minor issue)
	[buster] - cmark-gfm <no-dsa> (Minor issue)
	- python-cmarkgfm <unfixed> (bug #965983)
	[bullseye] - python-cmarkgfm <no-dsa> (Minor issue)
	[buster] - python-cmarkgfm <no-dsa> (Minor issue)
	- ruby-commonmarker 0.21.0-1 (bug #965981)
	[buster] - ruby-commonmarker <no-dsa> (Minor issue)
	- haskell-cmark-gfm 0.2.1+ds1-1 (bug #965982)
	[buster] - haskell-cmark-gfm <no-dsa> (Minor issue)
	- r-cran-commonmark <unfixed> (bug #965980)
	[bullseye] - r-cran-commonmark <no-dsa> (Minor issue)
	[buster] - r-cran-commonmark <no-dsa> (Minor issue)
	NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-7gc6-9qr5-hc85
	NOTE: https://github.com/github/cmark-gfm/commit/85d895289c5ab67f988ca659493a64abb5fec7b4
	NOTE: haskell-cmark-gfm switched to src:cmark-gfm in 0.2.1+ds1-1, marking that as fixed (despite cmark-gfm not fixed yet)
CVE-2020-5237 (Multiple relative path traversal vulnerabilities in the oneup/uploader ...)
	NOT-FOR-US: oneup/uploader-bundle
CVE-2020-5236 (Waitress version 1.4.2 allows a DOS attack When waitress receives a he ...)
	- waitress <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/Pylons/waitress/security/advisories/GHSA-73m2-3pwg-5fgc
	NOTE: Introduced in: https://github.com/Pylons/waitress/commit/0bf98dadd8cae23830cb365cc6cb9cedd7f98db0 (v1.4.2)
	NOTE: https://github.com/Pylons/waitress/commit/6e46f9e3f014d64dd7d1e258eaf626e39870ee1f (v1.4.3)
CVE-2020-5235 (There is a potentially exploitable out of memory condition In Nanopb b ...)
	- nanopb <not-affected> (Fixed before initial upload to Debian)
	NOTE: https://github.com/nanopb/nanopb/security/advisories/GHSA-gcx3-7m76-287p
	NOTE: https://github.com/nanopb/nanopb/commit/45582f1f97f49e2abfdba1463d1e1027682d9856
	NOTE: https://github.com/nanopb/nanopb/commit/7b396821ddd06df8e39143f16e1dc0a4645b89a3
	NOTE: https://github.com/nanopb/nanopb/commit/aa9d0d1ca78d6adec3adfeecf3a706c7f9df81f2
CVE-2020-5234 (MessagePack for C# and Unity before version 1.9.11 and 2.1.90 has a vu ...)
	NOT-FOR-US: MessagePack for C#
CVE-2020-5233 (OAuth2 Proxy before 5.0 has an open redirect vulnerability. Authentica ...)
	- oauth2-proxy <itp> (bug #982891)
CVE-2020-5232 (A user who owns an ENS domain can set a trapdoor, allowing them to tra ...)
	NOT-FOR-US: Ethereum
CVE-2020-5231 (In Opencast before 7.6 and 8.1, users with the role ROLE_COURSE_ADMIN  ...)
	NOT-FOR-US: Opencast
CVE-2020-5230 (Opencast before 8.1 and 7.6 allows almost arbitrary identifiers for me ...)
	NOT-FOR-US: Opencast
CVE-2020-5229 (Opencast before 8.1 stores passwords using the rather outdated and cry ...)
	NOT-FOR-US: Opencast
CVE-2020-5228 (Opencast before 8.1 and 7.6 allows unauthorized public access to all m ...)
	NOT-FOR-US: Opencast
CVE-2020-5227 (Feedgen (python feedgen) before 0.9.0 is susceptible to XML Denial of  ...)
	NOT-FOR-US: Feedgen
CVE-2020-5226 (Cross-site scripting in SimpleSAMLphp before version 1.18.4. The www/e ...)
	- simplesamlphp 1.18.4-1
	[buster] - simplesamlphp <not-affected> (Vulnerable code introduced later)
	[stretch] - simplesamlphp <not-affected> (Vulnerable code introduced later)
	[jessie] - simplesamlphp <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/simplesamlphp/simplesamlphp/security/advisories/GHSA-mj9p-v2r8-wf8w
	NOTE: https://simplesamlphp.org/security/202001-01
CVE-2020-5225 (Log injection in SimpleSAMLphp before version 1.18.4. The www/errorepo ...)
	- simplesamlphp 1.18.4-1 (low)
	[buster] - simplesamlphp <no-dsa> (Minor issue)
	[stretch] - simplesamlphp <no-dsa> (Minor issue)
	[jessie] - simplesamlphp <no-dsa> (Minor issue)
	NOTE: https://github.com/simplesamlphp/simplesamlphp/security/advisories/GHSA-6gc6-m364-85ww
	NOTE: https://simplesamlphp.org/security/202001-02
CVE-2020-5224 (In Django User Sessions (django-user-sessions) before 1.7.1, the views ...)
	NOT-FOR-US: Django User Sessions (django-user-sessions)
CVE-2020-5223 (In PrivateBin versions 1.2.0 before 1.2.2, and 1.3.0 before 1.3.2, a p ...)
	NOT-FOR-US: PrivateBin
CVE-2020-5222 (Opencast before 7.6 and 8.1 enables a remember-me cookie based on a ha ...)
	NOT-FOR-US: Opencast
CVE-2020-5221 (In uftpd before 2.11, it is possible for an unauthenticated user to pe ...)
	NOT-FOR-US: uftpd
CVE-2020-5220 (Sylius ResourceBundle accepts and uses any serialisation groups to be  ...)
	NOT-FOR-US: Sylius
CVE-2020-5219 (Angular Expressions before version 1.0.1 has a remote code execution v ...)
	NOT-FOR-US: Angular Expressions
CVE-2020-5218 (Affected versions of Sylius give attackers the ability to switch chann ...)
	NOT-FOR-US: Sylius
CVE-2020-5217 (In Secure Headers (RubyGem secure_headers), a directive injection vuln ...)
	- ruby-secure-headers 6.3.1-1 (bug #949999)
	[buster] - ruby-secure-headers <no-dsa> (Minor issue)
	NOTE: https://github.com/twitter/secure_headers/security/advisories/GHSA-xq52-rv6w-397c
	NOTE: https://github.com/twitter/secure_headers/commit/936a160e3e9659737a9f9eafce13eea36b5c9fa3
	NOTE: https://github.com/twitter/secure_headers/issues/418
	NOTE: https://github.com/twitter/secure_headers/pull/421
CVE-2020-5216 (In Secure Headers (RubyGem secure_headers), a directive injection vuln ...)
	- ruby-secure-headers 6.3.1-1 (bug #949998)
	[buster] - ruby-secure-headers <no-dsa> (Minor issue)
	NOTE: https://github.com/twitter/secure_headers/security/advisories/GHSA-w978-rmpf-qmwg
	NOTE: https://github.com/twitter/secure_headers/commit/301695706f6a70517c2a90c6ef9b32178440a2d0
CVE-2020-5215 (In TensorFlow before 1.15.2 and 2.0.1, converting a string (from Pytho ...)
	- tensorflow <itp> (bug #804612)
CVE-2020-5214 (In NetHack before 3.6.5, detecting an unknown configuration file optio ...)
	- nethack 3.6.6-1 (unimportant)
	NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-p8fw-rq89-xqx6
	NOTE: Negligible security impact
CVE-2020-5213 (In NetHack before 3.6.5, too long of a value for the SYMBOL configurat ...)
	- nethack 3.6.6-1 (unimportant)
	NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-rr25-4v34-pr7v
	NOTE: Negligible security impact
CVE-2020-5212 (In NetHack before 3.6.5, an extremely long value for the MENUCOLOR con ...)
	- nethack 3.6.6-1 (unimportant)
	NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-g89f-m829-4m56
	NOTE: Negligible security impact
CVE-2020-5211 (In NetHack before 3.6.5, an invalid extended command in value for the  ...)
	- nethack 3.6.6-1 (unimportant)
	NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-r788-4jf4-r9f7
	NOTE: Negligible security impact
CVE-2020-5210 (In NetHack before 3.6.5, an invalid argument to the -w command line op ...)
	- nethack 3.6.6-1 (unimportant)
	NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-v5pg-hpjg-9rpp
	NOTE: https://github.com/NetHack/NetHack/commit/f3def5c0b999478da2d0a8f0b6a7c370a2065f77
	NOTE: Negligible security impact
CVE-2020-5209 (In NetHack before 3.6.5, unknown options starting with -de and -i can  ...)
	- nethack 3.6.6-1 (unimportant)
	NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-fw72-r8xm-45p8
	NOTE: https://github.com/NetHack/NetHack/commit/f3def5c0b999478da2d0a8f0b6a7c370a2065f77
	NOTE: Negligible security impact
CVE-2020-5208 (It's been found that multiple functions in ipmitool before 1.8.19 negl ...)
	{DLA-2699-1 DLA-2098-1}
	- ipmitool 1.8.18-10.1 (bug #950761)
	[buster] - ipmitool 1.8.18-6+deb10u1
	NOTE: https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp
	NOTE: https://github.com/ipmitool/ipmitool/commit/e824c23316ae50beb7f7488f2055ac65e8b341f2
	NOTE: https://github.com/ipmitool/ipmitool/commit/840fb1cbb4fb365cb9797300e3374d4faefcdb10
	NOTE: https://github.com/ipmitool/ipmitool/commit/41d7026946fafbd4d1ec0bcaca3ea30a6e8eed22
	NOTE: https://github.com/ipmitool/ipmitool/commit/9452be87181a6e83cfcc768b3ed8321763db50e4
	NOTE: https://github.com/ipmitool/ipmitool/commit/d45572d71e70840e0d4c50bf48218492b79c1a10
	NOTE: https://github.com/ipmitool/ipmitool/commit/7ccea283dd62a05a320c1921e3d8d71a87772637
CVE-2020-5207 (In Ktor before 1.3.0, request smuggling is possible when running behin ...)
	NOT-FOR-US: Ktor
CVE-2020-5206 (In Opencast before 7.6 and 8.1, using a remember-me cookie with an arb ...)
	NOT-FOR-US: Opencast
CVE-2020-5205 (In Pow (Hex package) before 1.0.16, the use of Plug.Session in Pow.Plu ...)
	NOT-FOR-US: Pow
CVE-2020-5204 (In uftpd before 2.11, there is a buffer overflow vulnerability in hand ...)
	NOT-FOR-US: uftpd
CVE-2020-5203 (In Fat-Free Framework 3.7.1, attackers can achieve arbitrary code exec ...)
	NOT-FOR-US: Fat-Free Framework
CVE-2020-5202 (apt-cacher-ng through 3.3 allows local users to obtain sensitive infor ...)
	- apt-cacher-ng 3.3.1-1
	[buster] - apt-cacher-ng 3.2.1-1
	[stretch] - apt-cacher-ng <no-dsa> (Minor issue)
	[jessie] - apt-cacher-ng <no-dsa> (Minor issue)
	NOTE: https://salsa.debian.org/blade/apt-cacher-ng/commit/3b91874b0c099b0ded1a94f1784fe1265082efbc
CVE-2020-5201
	RESERVED
CVE-2020-5200
	RESERVED
CVE-2020-5199
	RESERVED
CVE-2020-5198
	RESERVED
CVE-2020-5197 (An issue was discovered in GitLab Community Edition (CE) and Enterpris ...)
	[experimental] - gitlab 12.6.2-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2020/01/02/security-release-gitlab-12-6-2-released/
CVE-2020-5196 (Cerberus FTP Server Enterprise Edition prior to versions 11.0.3 and 10 ...)
	NOT-FOR-US: Cerberus FTP Server Enterprise Edition
CVE-2020-5195 (Reflected XSS through an IMG element in Cerberus FTP Server prior to v ...)
	NOT-FOR-US: Cerberus FTP Server
CVE-2020-5194 (The zip API endpoint in Cerberus FTP Server 8 allows an authenticated  ...)
	NOT-FOR-US: Cerberus FTP Server
CVE-2020-5193 (PHPGurukul Hospital Management System in PHP v4.0 suffers from multipl ...)
	NOT-FOR-US: PHPGurukul Hospital Management System
CVE-2020-5192 (PHPGurukul Hospital Management System in PHP v4.0 suffers from multipl ...)
	NOT-FOR-US: PHPGurukul Hospital Management System
CVE-2020-5191 (PHPGurukul Hospital Management System in PHP v4.0 suffers from multipl ...)
	NOT-FOR-US: PHPGurukul Hospital Management System
CVE-2020-5190
	RESERVED
CVE-2020-5189
	RESERVED
CVE-2020-5188 (DNN (formerly DotNetNuke) through 9.4.4 has Insecure Permissions. ...)
	NOT-FOR-US: DNN
CVE-2020-5187 (DNN (formerly DotNetNuke) through 9.4.4 allows Path Traversal (issue 2 ...)
	NOT-FOR-US: DNN
CVE-2020-5186 (DNN (formerly DotNetNuke) through 9.4.4 allows XSS (issue 1 of 2). ...)
	NOT-FOR-US: DNN
CVE-2020-5185
	RESERVED
CVE-2020-5184
	RESERVED
CVE-2020-5183 (FTPGetter Professional 5.97.0.223 is vulnerable to a memory corruption ...)
	NOT-FOR-US: FTPGetter Professional
CVE-2020-5182 (The J-BusinessDirectory extension before 5.2.9 for Joomla! allows Reve ...)
	NOT-FOR-US: J-BusinessDirectory extension for Joomla!
CVE-2020-5181
	RESERVED
CVE-2020-5180 (Viscosity 1.8.2 on Windows and macOS allows an unprivileged user to se ...)
	NOT-FOR-US: Viscosity on Widnows and macOS
CVE-2020-5179 (Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated admi ...)
	NOT-FOR-US: Comtech Stampede FX-1010 7.4.3 devices
CVE-2020-5178
	RESERVED
CVE-2020-5177
	RESERVED
CVE-2020-5176
	RESERVED
CVE-2020-5175
	RESERVED
CVE-2020-5174
	RESERVED
CVE-2020-5173
	RESERVED
CVE-2020-5172
	RESERVED
CVE-2020-5171
	RESERVED
CVE-2020-5170
	RESERVED
CVE-2020-5169
	RESERVED
CVE-2020-5168
	RESERVED
CVE-2020-5167
	RESERVED
CVE-2020-5166
	RESERVED
CVE-2020-5165
	RESERVED
CVE-2020-5164
	RESERVED
CVE-2020-5163
	RESERVED
CVE-2020-5162
	RESERVED
CVE-2020-5161
	RESERVED
CVE-2020-5160
	RESERVED
CVE-2020-5159
	RESERVED
CVE-2020-5158
	RESERVED
CVE-2020-5157
	RESERVED
CVE-2020-5156
	RESERVED
CVE-2020-5155
	RESERVED
CVE-2020-5154
	RESERVED
CVE-2020-5153
	RESERVED
CVE-2020-5152
	RESERVED
CVE-2020-5151
	RESERVED
CVE-2020-5150
	RESERVED
CVE-2020-5149
	RESERVED
CVE-2020-5148 (SonicWall SSO-agent default configuration uses NetAPI to probe the ass ...)
	NOT-FOR-US: SonicWall
CVE-2020-5147 (SonicWall NetExtender Windows client vulnerable to unquoted service pa ...)
	NOT-FOR-US: SonicWall
CVE-2020-5146 (A vulnerability in SonicWall SMA100 appliance allow an authenticated m ...)
	NOT-FOR-US: SonicWall
CVE-2020-5145 (SonicWall Global VPN client version 4.10.4.0314 and earlier have an in ...)
	NOT-FOR-US: SonicWall
CVE-2020-5144 (SonicWall Global VPN client version 4.10.4.0314 and earlier allows unp ...)
	NOT-FOR-US: SonicWall
CVE-2020-5143 (SonicOS SSLVPN login page allows a remote unauthenticated attacker to  ...)
	NOT-FOR-US: SonicOS SSLVPN
CVE-2020-5142 (A stored cross-site scripting (XSS) vulnerability exists in the SonicO ...)
	NOT-FOR-US: SonicOS SSLVPN
CVE-2020-5141 (A vulnerability in SonicOS allows a remote unauthenticated attacker to ...)
	NOT-FOR-US: SonicOS
CVE-2020-5140 (A vulnerability in SonicOS allows a remote unauthenticated attacker to ...)
	NOT-FOR-US: SonicOS
CVE-2020-5139 (A vulnerability in SonicOS SSLVPN service allows a remote unauthentica ...)
	NOT-FOR-US: SonicOS
CVE-2020-5138 (A Heap Overflow vulnerability in the SonicOS allows a remote unauthent ...)
	NOT-FOR-US: SonicOS
CVE-2020-5137 (A buffer overflow vulnerability in SonicOS allows a remote unauthentic ...)
	NOT-FOR-US: SonicOS
CVE-2020-5136 (A buffer overflow vulnerability in SonicOS allows an authenticated att ...)
	NOT-FOR-US: SonicOS
CVE-2020-5135 (A buffer overflow vulnerability in SonicOS allows a remote attacker to ...)
	NOT-FOR-US: SonicOS
CVE-2020-5134 (A vulnerability in SonicOS allows an authenticated attacker to cause o ...)
	NOT-FOR-US: SonicOS
CVE-2020-5133 (A vulnerability in SonicOS allows a remote unauthenticated attacker to ...)
	NOT-FOR-US: SonicOS
CVE-2020-5132 (SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misc ...)
	NOT-FOR-US: SonicWall
CVE-2020-5131 (SonicWall NetExtender Windows client vulnerable to arbitrary file writ ...)
	NOT-FOR-US: SonicWall NetExtender Windows client
CVE-2020-5130 (SonicOS SSLVPN LDAP login request allows remote attackers to cause ext ...)
	NOT-FOR-US: SonicOS SSLVPN / SonicWall
CVE-2020-5129 (A vulnerability in the SonicWall SMA1000 HTTP Extraweb server allows a ...)
	NOT-FOR-US: SonicWall
CVE-2020-5128
	REJECTED
CVE-2020-5127
	REJECTED
CVE-2020-5126
	REJECTED
CVE-2020-5125
	REJECTED
CVE-2020-5124
	REJECTED
CVE-2020-5123
	REJECTED
CVE-2020-5122
	REJECTED
CVE-2020-5121
	REJECTED
CVE-2020-5120
	REJECTED
CVE-2020-5119
	REJECTED
CVE-2020-5118
	REJECTED
CVE-2020-5117
	REJECTED
CVE-2020-5116
	REJECTED
CVE-2020-5115
	REJECTED
CVE-2020-5114
	REJECTED
CVE-2020-5113
	REJECTED
CVE-2020-5112
	REJECTED
CVE-2020-5111
	REJECTED
CVE-2020-5110
	REJECTED
CVE-2020-5109
	REJECTED
CVE-2020-5108
	REJECTED
CVE-2020-5107
	REJECTED
CVE-2020-5106
	REJECTED
CVE-2020-5105
	REJECTED
CVE-2020-5104
	REJECTED
CVE-2020-5103
	REJECTED
CVE-2020-5102
	REJECTED
CVE-2020-5101
	REJECTED
CVE-2020-5100
	REJECTED
CVE-2020-5099
	REJECTED
CVE-2020-5098
	REJECTED
CVE-2020-5097
	REJECTED
CVE-2020-5096
	REJECTED
CVE-2020-5095
	REJECTED
CVE-2020-5094
	REJECTED
CVE-2020-5093
	REJECTED
CVE-2020-5092
	REJECTED
CVE-2020-5091
	REJECTED
CVE-2020-5090
	REJECTED
CVE-2020-5089
	REJECTED
CVE-2020-5088
	REJECTED
CVE-2020-5087
	REJECTED
CVE-2020-5086
	REJECTED
CVE-2020-5085
	REJECTED
CVE-2020-5084
	REJECTED
CVE-2020-5083
	REJECTED
CVE-2020-5082
	REJECTED
CVE-2020-5081
	REJECTED
CVE-2020-5080
	REJECTED
CVE-2020-5079
	REJECTED
CVE-2020-5078
	REJECTED
CVE-2020-5077
	REJECTED
CVE-2020-5076
	REJECTED
CVE-2020-5075
	REJECTED
CVE-2020-5074
	REJECTED
CVE-2020-5073
	REJECTED
CVE-2020-5072
	REJECTED
CVE-2020-5071
	REJECTED
CVE-2020-5070
	REJECTED
CVE-2020-5069
	REJECTED
CVE-2020-5068
	REJECTED
CVE-2020-5067
	REJECTED
CVE-2020-5066
	REJECTED
CVE-2020-5065
	REJECTED
CVE-2020-5064
	REJECTED
CVE-2020-5063
	REJECTED
CVE-2020-5062
	REJECTED
CVE-2020-5061
	REJECTED
CVE-2020-5060
	REJECTED
CVE-2020-5059
	REJECTED
CVE-2020-5058
	REJECTED
CVE-2020-5057
	REJECTED
CVE-2020-5056
	REJECTED
CVE-2020-5055
	REJECTED
CVE-2020-5054
	REJECTED
CVE-2020-5053
	REJECTED
CVE-2020-5052
	REJECTED
CVE-2020-5051
	REJECTED
CVE-2020-5050
	REJECTED
CVE-2020-5049
	REJECTED
CVE-2020-5048
	REJECTED
CVE-2020-5047
	REJECTED
CVE-2020-5046
	REJECTED
CVE-2020-5045
	REJECTED
CVE-2020-5044
	REJECTED
CVE-2020-5043
	REJECTED
CVE-2020-5042
	REJECTED
CVE-2020-5041
	REJECTED
CVE-2020-5040
	REJECTED
CVE-2020-5039
	REJECTED
CVE-2020-5038
	REJECTED
CVE-2020-5037
	REJECTED
CVE-2020-5036
	REJECTED
CVE-2020-5035
	RESERVED
CVE-2020-5034
	RESERVED
CVE-2020-5033
	RESERVED
CVE-2020-5032 (IBM QRadar SIEM 7.3 and 7.4 in some configurations may be vulnerable t ...)
	NOT-FOR-US: IBM
CVE-2020-5031 (IBM Jazz Foundation and IBM Engineering products are vulnerable to cro ...)
	NOT-FOR-US: IBM
CVE-2020-5030 (IBM Jazz Foundation and IBM Engineering products are vulnerable to cro ...)
	NOT-FOR-US: IBM
CVE-2020-5029
	RESERVED
CVE-2020-5028
	RESERVED
CVE-2020-5027
	RESERVED
CVE-2020-5026
	RESERVED
CVE-2020-5025 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
	NOT-FOR-US: IBM
CVE-2020-5024 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
	NOT-FOR-US: IBM
CVE-2020-5023 (IBM Spectrum Protect Plus 10.1.0 through 10.1.7 could allow a remote u ...)
	NOT-FOR-US: IBM
CVE-2020-5022 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow unauthentica ...)
	NOT-FOR-US: IBM
CVE-2020-5021 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 does not invalidate se ...)
	NOT-FOR-US: IBM
CVE-2020-5020 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 could allow a remote a ...)
	NOT-FOR-US: IBM
CVE-2020-5019 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 is vulnerable to HTTP  ...)
	NOT-FOR-US: IBM
CVE-2020-5018 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may include sensitive  ...)
	NOT-FOR-US: IBM
CVE-2020-5017 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow a local user ...)
	NOT-FOR-US: IBM
CVE-2020-5016 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a  ...)
	NOT-FOR-US: IBM
CVE-2020-5015 (IBM Elastic Storage System 6.0.0 through 6.0.1.2 and IBM Elastic Stora ...)
	NOT-FOR-US: IBM
CVE-2020-5014 (IBM DataPower Gateway V10 and V2018 could allow a local attacker with  ...)
	NOT-FOR-US: IBM
CVE-2020-5013 (IBM QRadar SIEM 7.3 and 7.4 may vulnerable to a XML External Entity In ...)
	NOT-FOR-US: IBM
CVE-2020-5012
	RESERVED
CVE-2020-5011
	RESERVED
CVE-2020-5010
	RESERVED
CVE-2020-5009
	RESERVED
CVE-2020-5008 (IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through ...)
	NOT-FOR-US: IBM
CVE-2020-5007
	RESERVED
CVE-2020-5006
	RESERVED
CVE-2020-5005
	RESERVED
CVE-2020-5004 (IBM Jazz Foundation products are vulnerable to cross-site scripting. T ...)
	NOT-FOR-US: IBM
CVE-2020-5003 (IBM Financial Transaction Manager 3.2.4 is vulnerable to an XML Extern ...)
	NOT-FOR-US: IBM
CVE-2020-5002
	RESERVED
CVE-2020-5001
	RESERVED
CVE-2020-5000 (IBM Financial Transaction Manager 3.0.2 and 3.2.4 is vulnerable to cro ...)
	NOT-FOR-US: IBM
CVE-2020-4999
	RESERVED
CVE-2020-4998
	RESERVED
CVE-2020-4997 (IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scr ...)
	NOT-FOR-US: IBM
CVE-2020-4996 (IBM Security Identity Governance and Intelligence 5.2.6 could allow a  ...)
	NOT-FOR-US: IBM
CVE-2020-4995 (IBM Security Identity Governance and Intelligence 5.2.6 does not inval ...)
	NOT-FOR-US: IBM
CVE-2020-4994
	RESERVED
CVE-2020-4993 (IBM QRadar SIEM 7.3 and 7.4 when decompressing or verifying signature  ...)
	NOT-FOR-US: IBM
CVE-2020-4992 (IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.16 is vulnerable to  ...)
	NOT-FOR-US: IBM
CVE-2020-4991
	RESERVED
CVE-2020-4990 (IBM Security Guardium 11.2 is vulnerable to SQL injection. A remote at ...)
	NOT-FOR-US: IBM
CVE-2020-4989
	RESERVED
CVE-2020-4988 (Loopback 8.0.0 contains a vulnerability that could allow an attacker t ...)
	NOT-FOR-US: IBM
CVE-2020-4987 (The IBM FlashSystem 900 user management GUI is vulnerable to stored cr ...)
	NOT-FOR-US: IBM
CVE-2020-4986
	RESERVED
CVE-2020-4985 (IBM Planning Analytics Local 2.0 could allow an attacker to obtain sen ...)
	NOT-FOR-US: IBM
CVE-2020-4984
	RESERVED
CVE-2020-4983 (IBM Spectrum LSF 10.1 and IBM Spectrum LSF Suite 10.2 could allow a us ...)
	NOT-FOR-US: IBM
CVE-2020-4982
	RESERVED
CVE-2020-4981 (IBM Spectrum Scale 5.0.4.1 through 5.1.0.3 could allow a local privile ...)
	NOT-FOR-US: IBM
CVE-2020-4980 (IBM QRadar SIEM 7.3 and 7.4 uses less secure methods for protecting da ...)
	NOT-FOR-US: IBM
CVE-2020-4979 (IBM QRadar SIEM 7.3 and 7.4 is vulnerable to insecure inter-deployment ...)
	NOT-FOR-US: IBM
CVE-2020-4978
	RESERVED
CVE-2020-4977 (IBM Engineering Lifecycle Optimization - Publishing is vulnerable to s ...)
	NOT-FOR-US: IBM
CVE-2020-4976 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
	NOT-FOR-US: IBM
CVE-2020-4975 (IBM Engineering products are vulnerable to cross-site scripting. This  ...)
	NOT-FOR-US: IBM
CVE-2020-4974 (IBM Jazz Foundation products are vulnerable to server side request for ...)
	NOT-FOR-US: IBM
CVE-2020-4973
	RESERVED
CVE-2020-4972
	RESERVED
CVE-2020-4971
	RESERVED
CVE-2020-4970
	RESERVED
CVE-2020-4969 (IBM Security Identity Governance and Intelligence 5.2.6 could allow a  ...)
	NOT-FOR-US: IBM
CVE-2020-4968 (IBM Security Identity Governance and Intelligence 5.2.6 uses weaker th ...)
	NOT-FOR-US: IBM
CVE-2020-4967 (IBM Cloud Pak for Security (CP4S) 1.3.0.1 could disclose sensitive inf ...)
	NOT-FOR-US: IBM
CVE-2020-4966 (IBM Security Identity Governance and Intelligence 5.2.6 does not set t ...)
	NOT-FOR-US: IBM
CVE-2020-4965 (IBM Jazz Team Server products use weaker than expected cryptographic a ...)
	NOT-FOR-US: IBM
CVE-2020-4964 (IBM Jazz Team Server products contain an undisclosed vulnerability tha ...)
	NOT-FOR-US: IBM
CVE-2020-4963
	RESERVED
CVE-2020-4962
	RESERVED
CVE-2020-4961
	RESERVED
CVE-2020-4960
	RESERVED
CVE-2020-4959
	RESERVED
CVE-2020-4958 (IBM Security Identity Governance and Intelligence 5.2.6 does not perfo ...)
	NOT-FOR-US: IBM
CVE-2020-4957
	RESERVED
CVE-2020-4956 (IBM Spectrum Protect Operations Center 7.1 and 8.1 is vulnerable to a  ...)
	NOT-FOR-US: IBM
CVE-2020-4955 (IBM Spectrum Protect Operations Center 7.1 and 8.1could allow a remote ...)
	NOT-FOR-US: IBM
CVE-2020-4954 (IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remot ...)
	NOT-FOR-US: IBM
CVE-2020-4953 (IBM Planning Analytics 2.0 could allow a remote authenticated attacker ...)
	NOT-FOR-US: IBM
CVE-2020-4952 (IBM Security Guardium 11.2 could allow an authenticated user to gain r ...)
	NOT-FOR-US: IBM
CVE-2020-4951 (IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser ...)
	NOT-FOR-US: IBM
CVE-2020-4950
	RESERVED
CVE-2020-4949 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable  ...)
	NOT-FOR-US: IBM
CVE-2020-4948
	RESERVED
CVE-2020-4947
	RESERVED
CVE-2020-4946
	RESERVED
CVE-2020-4945 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 ...)
	NOT-FOR-US: IBM
CVE-2020-4944 (IBM UrbanCode Deploy (UCD) 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0 ...)
	NOT-FOR-US: IBM
CVE-2020-4943
	RESERVED
CVE-2020-4942 (IBM Curam Social Program Management 7.0.9 and 7.0.11 is vulnerable to  ...)
	NOT-FOR-US: IBM
CVE-2020-4941 (IBM Edge 4.2 could reveal sensitive version information about the serv ...)
	NOT-FOR-US: IBM
CVE-2020-4940
	RESERVED
CVE-2020-4939
	RESERVED
CVE-2020-4938 (IBM MQ Appliance 9.1 and 9.2 is vulnerable to cross-site request forge ...)
	NOT-FOR-US: IBM
CVE-2020-4937 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.2 u ...)
	NOT-FOR-US: IBM
CVE-2020-4936
	RESERVED
CVE-2020-4935 (IBM Datacap Fastdoc Capture (IBM Datacap Navigator 9.1.7 ) is vulnerab ...)
	NOT-FOR-US: IBM
CVE-2020-4934 (IBM Content Navigator 3.0.CD could allow a remote attacker to traverse ...)
	NOT-FOR-US: IBM
CVE-2020-4933 (IBM Jazz Reporting Service 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerabl ...)
	NOT-FOR-US: IBM
CVE-2020-4932 (IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a ...)
	NOT-FOR-US: IBM
CVE-2020-4931 (IBM MQ 9.1 LTS, 9.2 LTS, and 9.1 CD AMQP Channels could allow an authe ...)
	NOT-FOR-US: IBM
CVE-2020-4930
	RESERVED
CVE-2020-4929 (IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. Thi ...)
	NOT-FOR-US: IBM
CVE-2020-4928 (IBM Cloud Pak System 2.3 could allow a local privileged attacker to up ...)
	NOT-FOR-US: IBM
CVE-2020-4927
	RESERVED
CVE-2020-4926
	RESERVED
CVE-2020-4925
	RESERVED
CVE-2020-4924
	RESERVED
CVE-2020-4923
	RESERVED
CVE-2020-4922
	RESERVED
CVE-2020-4921 (IBM Security Guardium 10.6 and 11.2 is vulnerable to SQL injection. A  ...)
	NOT-FOR-US: IBM
CVE-2020-4920 (IBM Jazz Team Server products are vulnerable to stored cross-site scri ...)
	NOT-FOR-US: IBM
CVE-2020-4919 (IBM Cloud Pak System 2.3 has insufficient logout controls which could  ...)
	NOT-FOR-US: IBM
CVE-2020-4918 (IBM Cloud Pak System 2.3 could allow l local privileged user to disclo ...)
	NOT-FOR-US: IBM
CVE-2020-4917 (IBM Cloud Pak System 2.3 is vulnerable to cross-site request forgery w ...)
	NOT-FOR-US: IBM
CVE-2020-4916 (IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This v ...)
	NOT-FOR-US: IBM
CVE-2020-4915
	RESERVED
CVE-2020-4914
	RESERVED
CVE-2020-4913 (IBM Cloud Pak System 2.3 could reveal credential information in the HT ...)
	NOT-FOR-US: IBM
CVE-2020-4912 (IBM Cloud Pak System 2.3 Self Service Console could allow a privilege  ...)
	NOT-FOR-US: IBM
CVE-2020-4911
	RESERVED
CVE-2020-4910 (IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This v ...)
	NOT-FOR-US: IBM
CVE-2020-4909 (IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This v ...)
	NOT-FOR-US: IBM
CVE-2020-4908 (IBM Financial Transaction Manager for SWIFT Services for Multiplatform ...)
	NOT-FOR-US: IBM
CVE-2020-4907 (IBM Financial Transaction Manager for SWIFT Services for Multiplatform ...)
	NOT-FOR-US: IBM
CVE-2020-4906 (IBM Financial Transaction Manager for SWIFT Services for Multiplatform ...)
	NOT-FOR-US: IBM
CVE-2020-4905 (IBM Financial Transaction Manager for SWIFT Services for Multiplatform ...)
	NOT-FOR-US: IBM
CVE-2020-4904 (IBM Financial Transaction Manager for SWIFT Services for Multiplatform ...)
	NOT-FOR-US: IBM
CVE-2020-4903 (IBM API Connect V10 and V2018 could allow an attacker who has intercep ...)
	NOT-FOR-US: IBM
CVE-2020-4902 (IBM Datacap Taskmaster Capture (IBM Datacap Navigator 9.1.7) is vulner ...)
	NOT-FOR-US: IBM
CVE-2020-4901 (IBM Robotic Process Automation with Automation Anywhere 11.0 could all ...)
	NOT-FOR-US: IBM
CVE-2020-4900 (IBM Business Automation Workflow 19.0.0.3 stores potentially sensitive ...)
	NOT-FOR-US: IBM
CVE-2020-4899 (IBM API Connect 5.0.0.0 through 5.0.8.10 could potentially leak sensit ...)
	NOT-FOR-US: IBM
CVE-2020-4898 (IBM Emptoris Strategic Supply Management 10.1.3 uses weaker than expec ...)
	NOT-FOR-US: IBM
CVE-2020-4897 (IBM Emptoris Contract Management and IBM Emptoris Spend Analysis 10.1. ...)
	NOT-FOR-US: IBM
CVE-2020-4896 (IBM Emptoris Sourcing 10.1.0, 10.1.1, and 10.1.3 is vulnerable to web  ...)
	NOT-FOR-US: IBM
CVE-2020-4895 (IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 is ...)
	NOT-FOR-US: IBM
CVE-2020-4894
	RESERVED
CVE-2020-4893 (IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 tr ...)
	NOT-FOR-US: IBM
CVE-2020-4892 (IBM Emptoris Contract Management 10.1.3 is vulnerable to cross-site sc ...)
	NOT-FOR-US: IBM
CVE-2020-4891 (IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 use ...)
	NOT-FOR-US: IBM
CVE-2020-4890 (IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 cou ...)
	NOT-FOR-US: IBM
CVE-2020-4889 (IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local ...)
	NOT-FOR-US: IBM
CVE-2020-4888 (IBM QRadar SIEM 7.4.0 to 7.4.2 Patch 1 and 7.3.0 to 7.3.3 Patch 7 coul ...)
	NOT-FOR-US: IBM
CVE-2020-4887 (IBM AIX 7.1, 7.2 and AIX VIOS 3.1 could allow a local user to exploit  ...)
	NOT-FOR-US: IBM
CVE-2020-4886 (IBM InfoSphere Information Server 11.7 stores sensitive information in ...)
	NOT-FOR-US: IBM
CVE-2020-4885 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 ...)
	NOT-FOR-US: IBM
CVE-2020-4884 (IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user c ...)
	NOT-FOR-US: IBM
CVE-2020-4883 (IBM QRadar SIEM 7.3 and 7.4 could disclose sensitive information about ...)
	NOT-FOR-US: IBM
CVE-2020-4882 (IBM Planning Analytics 2.0 could be vulnerable to a Server-Side Reques ...)
	NOT-FOR-US: IBM
CVE-2020-4881 (IBM Planning Analytics 2.0 could allow a remote attacker to obtain sen ...)
	NOT-FOR-US: IBM
CVE-2020-4880
	RESERVED
CVE-2020-4879 (IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could allow a remote  ...)
	NOT-FOR-US: IBM
CVE-2020-4878
	RESERVED
CVE-2020-4877 (IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could be vulnerable t ...)
	NOT-FOR-US: IBM
CVE-2020-4876 (IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 is vulnerable to an X ...)
	NOT-FOR-US: IBM
CVE-2020-4875 (IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 is vulnerable to an X ...)
	NOT-FOR-US: IBM
CVE-2020-4874
	RESERVED
CVE-2020-4873 (IBM Planning Analytics 2.0 could allow an attacker to obtain sensitive ...)
	NOT-FOR-US: IBM
CVE-2020-4872
	RESERVED
CVE-2020-4871 (IBM Planning Analytics 2.0 allows web pages to be stored locally which ...)
	NOT-FOR-US: IBM
CVE-2020-4870 (IBM MQ 9.2 CD and LTS are vulnerable to a denial of service attack cau ...)
	NOT-FOR-US: IBM
CVE-2020-4869 (IBM MQ Appliance 9.2 CD and 9.2 LTS is vulnerable to a denial of servi ...)
	NOT-FOR-US: IBM
CVE-2020-4868
	RESERVED
CVE-2020-4867
	RESERVED
CVE-2020-4866 (IBM Engineering products are vulnerable to cross-site scripting. This  ...)
	NOT-FOR-US: IBM
CVE-2020-4865 (IBM Jazz Foundation products is vulnerable to cross-site scripting. Th ...)
	NOT-FOR-US: IBM
CVE-2020-4864 (IBM Resilient SOAR V38.0 could allow an attacker on the internal net w ...)
	NOT-FOR-US: IBM
CVE-2020-4863 (IBM Engineering products are vulnerable to stored cross-site scripting ...)
	NOT-FOR-US: IBM
CVE-2020-4862
	RESERVED
CVE-2020-4861
	RESERVED
CVE-2020-4860
	RESERVED
CVE-2020-4859
	RESERVED
CVE-2020-4858
	RESERVED
CVE-2020-4857 (IBM Engineering products are vulnerable to stored cross-site scripting ...)
	NOT-FOR-US: IBM
CVE-2020-4856 (IBM Engineering products are vulnerable to stored cross-site scripting ...)
	NOT-FOR-US: IBM
CVE-2020-4855 (IBM Jazz Foundation products is vulnerable to cross-site scripting. Th ...)
	NOT-FOR-US: IBM
CVE-2020-4854 (IBM Spectrum Protect Plus 10.1.0 thorugh 10.1.6 contains hard-coded cr ...)
	NOT-FOR-US: IBM
CVE-2020-4853
	RESERVED
CVE-2020-4852
	RESERVED
CVE-2020-4851 (IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 cou ...)
	NOT-FOR-US: IBM
CVE-2020-4850 (IBM Spectrum Scale 1.1.1.0 through 1.1.8.4 Transparent Cloud Tiering c ...)
	NOT-FOR-US: IBM
CVE-2020-4849 (IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.19 Interim Fix 7 could ...)
	NOT-FOR-US: IBM
CVE-2020-4848 (IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 could allow a ...)
	NOT-FOR-US: IBM
CVE-2020-4847
	RESERVED
CVE-2020-4846 (IBM Security Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote  ...)
	NOT-FOR-US: IBM
CVE-2020-4845 (IBM Security Key Lifecycle Manager 3.0.1 and 4.0 is vulnerable to cros ...)
	NOT-FOR-US: IBM
CVE-2020-4844
	RESERVED
CVE-2020-4843 (IBM Security Secret Server 10.6 stores potentially sensitive informati ...)
	NOT-FOR-US: IBM
CVE-2020-4842 (IBM Security Secret Server 10.6 could allow a remote attacker to obtai ...)
	NOT-FOR-US: IBM
CVE-2020-4841 (IBM Security Secret Server 10.6 could allow a remote attacker to obtai ...)
	NOT-FOR-US: IBM
CVE-2020-4840 (IBM Security Secret Server 10.6 could allow a remote attacker to condu ...)
	NOT-FOR-US: IBM
CVE-2020-4839 (IBM Host firmware for LC-class Systems is vulnerable to a stack based  ...)
	NOT-FOR-US: IBM
CVE-2020-4838 (IBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to stored cross ...)
	NOT-FOR-US: IBM
CVE-2020-4837
	RESERVED
CVE-2020-4836
	RESERVED
CVE-2020-4835
	RESERVED
CVE-2020-4834
	RESERVED
CVE-2020-4833
	RESERVED
CVE-2020-4832 (IBM PowerHA 7.2 could allow a local attacker to obtain sensitive infor ...)
	NOT-FOR-US: IBM
CVE-2020-4831 (IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expec ...)
	NOT-FOR-US: IBM
CVE-2020-4830
	RESERVED
CVE-2020-4829 (IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a v ...)
	NOT-FOR-US: IBM
CVE-2020-4828 (IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018. ...)
	NOT-FOR-US: IBM
CVE-2020-4827 (IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018. ...)
	NOT-FOR-US: IBM
CVE-2020-4826 (IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018. ...)
	NOT-FOR-US: IBM
CVE-2020-4825 (IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018. ...)
	NOT-FOR-US: IBM
CVE-2020-4824
	RESERVED
CVE-2020-4823
	RESERVED
CVE-2020-4822
	RESERVED
CVE-2020-4821 (IBM InfoSphere Data Replication 11.4 and IBM InfoSphere Change Data Ca ...)
	NOT-FOR-US: IBM
CVE-2020-4820 (IBM Cloud Pak for Security (CP4S) 1.4.0.0 is vulnerable to cross-site  ...)
	NOT-FOR-US: IBM
CVE-2020-4819
	RESERVED
CVE-2020-4818
	RESERVED
CVE-2020-4817
	RESERVED
CVE-2020-4816 (IBM Cloud Pak for Security (CP4S) 1.4.0.0 could allow a remote attacke ...)
	NOT-FOR-US: IBM
CVE-2020-4815 (IBM Cloud Pak for Security (CP4S) 1.4.0.0 could allow a remote user to ...)
	NOT-FOR-US: IBM
CVE-2020-4814
	RESERVED
CVE-2020-4813
	RESERVED
CVE-2020-4812
	RESERVED
CVE-2020-4811 (IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0,  ...)
	NOT-FOR-US: IBM
CVE-2020-4810
	RESERVED
CVE-2020-4809 (IBM Edge 4.2 allows web pages to be stored locally which can be read b ...)
	NOT-FOR-US: IBM
CVE-2020-4808
	RESERVED
CVE-2020-4807
	RESERVED
CVE-2020-4806
	RESERVED
CVE-2020-4805 (IBM Edge 4.2 allows web pages to be stored locally which can be read b ...)
	NOT-FOR-US: IBM
CVE-2020-4804
	RESERVED
CVE-2020-4803 (IBM Edge 4.2 allows web pages to be stored locally which can be read b ...)
	NOT-FOR-US: IBM
CVE-2020-4802
	RESERVED
CVE-2020-4801
	RESERVED
CVE-2020-4800
	RESERVED
CVE-2020-4799 (IBM Informix spatial 14.10 could allow a local user to execute command ...)
	NOT-FOR-US: IBM
CVE-2020-4798
	RESERVED
CVE-2020-4797
	RESERVED
CVE-2020-4796
	RESERVED
CVE-2020-4795 (IBM Security Identity Governance and Intelligence 5.2.6 could disclose ...)
	NOT-FOR-US: IBM
CVE-2020-4794 (IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Busines ...)
	NOT-FOR-US: IBM
CVE-2020-4793
	RESERVED
CVE-2020-4792 (IBM Edge 4.2 is vulnerable to cross-site scripting. This vulnerability ...)
	NOT-FOR-US: IBM
CVE-2020-4791 (IBM Security Identity Governance and Intelligence 5.2.6 could allow an ...)
	NOT-FOR-US: IBM
CVE-2020-4790 (IBM Security Identity Governance and Intelligence 5.2.6 could allow a  ...)
	NOT-FOR-US: IBM
CVE-2020-4789 (IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and ...)
	NOT-FOR-US: IBM
CVE-2020-4788 (IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local ...)
	{DLA-2483-1}
	- linux 5.9.11-1
	[buster] - linux 4.19.160-1
	[stretch] - linux <ignored> (powerpc architectures not included in LTS)
CVE-2020-4787 (IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and ...)
	NOT-FOR-US: IBM
CVE-2020-4786 (IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and ...)
	NOT-FOR-US: IBM
CVE-2020-4785 (IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1. ...)
	NOT-FOR-US: IBM
CVE-2020-4784
	RESERVED
CVE-2020-4783 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 could allow a remote a ...)
	NOT-FOR-US: IBM
CVE-2020-4782 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a  ...)
	NOT-FOR-US: IBM
CVE-2020-4781 (An improper input validation before calling java readLine() method may ...)
	NOT-FOR-US: IBM
CVE-2020-4780 (OOTB build scripts does not set the secure attribute on session cookie ...)
	NOT-FOR-US: IBM
CVE-2020-4779 (A HTTP Verb Tampering vulnerability may impact IBM Curam Social Progra ...)
	NOT-FOR-US: IBM
CVE-2020-4778 (IBM Curam Social Program Management 7.0.9 and 7.0.10 uses MD5 algorith ...)
	NOT-FOR-US: IBM
CVE-2020-4777
	RESERVED
CVE-2020-4776 (A path traversal vulnerability may impact IBM Curam Social Program Man ...)
	NOT-FOR-US: IBM
CVE-2020-4775 (A cross-site scripting (XSS) vulnerability may impact IBM Curam Social ...)
	NOT-FOR-US: IBM
CVE-2020-4774 (An XPath vulnerability may impact IBM Curam Social Program Management  ...)
	NOT-FOR-US: IBM
CVE-2020-4773 (A cross-site request forgery (CSRF) vulnerability may impact IBM Curam ...)
	NOT-FOR-US: IBM
CVE-2020-4772 (An XML External Entity Injection (XXE) vulnerability may impact IBM Cu ...)
	NOT-FOR-US: IBM
CVE-2020-4771 (IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.10.and 7. ...)
	NOT-FOR-US: IBM
CVE-2020-4770
	RESERVED
CVE-2020-4769
	RESERVED
CVE-2020-4768 (IBM Case Manager 5.2 and 5.3 and IBM Business Automation Workflow 18.0 ...)
	NOT-FOR-US: IBM
CVE-2020-4767 (IBM Sterling Connect Direct for Microsoft Windows 4.7, 4.8, 6.0, and 6 ...)
	NOT-FOR-US: IBM
CVE-2020-4766 (IBM MQ Internet Pass-Thru 2.1 and 9.2 could allow a remote user to cau ...)
	NOT-FOR-US: IBM
CVE-2020-4765 (IBM Cloud Pak for Multicloud Management prior to 2.3 allows web pages  ...)
	NOT-FOR-US: IBM
CVE-2020-4764 (IBM Planning Analytics 2.0 is vulnerable to cross-site request forgery ...)
	NOT-FOR-US: IBM
CVE-2020-4763 (IBM Sterling File Gateway 6.0.0.0 through 6.0.3.2 and 2.2.0.0 through  ...)
	NOT-FOR-US: IBM
CVE-2020-4762 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2 ...)
	NOT-FOR-US: IBM
CVE-2020-4761 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2 ...)
	NOT-FOR-US: IBM
CVE-2020-4760 (IBM Content Navigator 3.0CD is vulnerable to cross-site scripting. Thi ...)
	NOT-FOR-US: IBM
CVE-2020-4759 (IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable  ...)
	NOT-FOR-US: IBM
CVE-2020-4758
	RESERVED
CVE-2020-4757 (IBM FileNet Content Manager and IBM Content Navigator 3.0.CD is vulner ...)
	NOT-FOR-US: IBM
CVE-2020-4756 (IBM Spectrum Scale V4.2.0.0 through V4.2.3.23 and V5.0.0.0 through V5. ...)
	NOT-FOR-US: IBM
CVE-2020-4755 (IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site s ...)
	NOT-FOR-US: IBM
CVE-2020-4754
	RESERVED
CVE-2020-4753
	RESERVED
CVE-2020-4752
	RESERVED
CVE-2020-4751
	RESERVED
CVE-2020-4750
	RESERVED
CVE-2020-4749 (IBM Spectrum Scale 5.0.0 through 5.0.5.2 does not set the secure attri ...)
	NOT-FOR-US: IBM
CVE-2020-4748 (IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site s ...)
	NOT-FOR-US: IBM
CVE-2020-4747 (IBM Connect:Direct for UNIX 6.1.0, 6.0.0, 4.3.0, and 4.2.0 can allow a ...)
	NOT-FOR-US: IBM
CVE-2020-4746
	RESERVED
CVE-2020-4745
	RESERVED
CVE-2020-4744
	RESERVED
CVE-2020-4743
	RESERVED
CVE-2020-4742
	RESERVED
CVE-2020-4741 (IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to store ...)
	NOT-FOR-US: IBM
CVE-2020-4740 (IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to HTML  ...)
	NOT-FOR-US: IBM
CVE-2020-4739 (IBM DB2 Accessories Suite for Linux, UNIX, and Windows, DB2 for Linux, ...)
	NOT-FOR-US: IBM
CVE-2020-4738
	RESERVED
CVE-2020-4737
	RESERVED
CVE-2020-4736
	RESERVED
CVE-2020-4735
	RESERVED
CVE-2020-4734
	RESERVED
CVE-2020-4733 (IBM Jazz Foundation products are vulnerable to cross-site scripting. T ...)
	NOT-FOR-US: IBM
CVE-2020-4732 (IBM Jazz Foundation and IBM Engineering products could allow an authen ...)
	NOT-FOR-US: IBM
CVE-2020-4731 (IBM Aspera Web Application 1.9.14 PL1 is vulnerable to cross-site scri ...)
	NOT-FOR-US: IBM
CVE-2020-4730
	RESERVED
CVE-2020-4729
	RESERVED
CVE-2020-4728
	RESERVED
CVE-2020-4727 (IBM InfoSphere Information Server 11.7 could allow a remote attacker t ...)
	NOT-FOR-US: IBM
CVE-2020-4726 (The IBM Application Performance Monitoring UI (IBM Cloud APM 8.1.4) al ...)
	NOT-FOR-US: IBM
CVE-2020-4725 (IBM Monitoring (IBM Cloud APM 8.1.4 ) could allow an authenticated use ...)
	NOT-FOR-US: IBM
CVE-2020-4724 (IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker t ...)
	NOT-FOR-US: IBM
CVE-2020-4723 (IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker t ...)
	NOT-FOR-US: IBM
CVE-2020-4722 (IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker t ...)
	NOT-FOR-US: IBM
CVE-2020-4721 (IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker t ...)
	NOT-FOR-US: IBM
CVE-2020-4720
	RESERVED
CVE-2020-4719 (The IBM Cloud APM 8.1.4 server will issue a DNS request to resolve any ...)
	NOT-FOR-US: IBM
CVE-2020-4718 (IBM Jazz Reporting Service 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vulnerabl ...)
	NOT-FOR-US: IBM
CVE-2020-4717 (A vulnerability exists in IBM SPSS Modeler Subscription Installer that ...)
	NOT-FOR-US: IBM
CVE-2020-4716
	RESERVED
CVE-2020-4715
	RESERVED
CVE-2020-4714
	RESERVED
CVE-2020-4713
	RESERVED
CVE-2020-4712
	RESERVED
CVE-2020-4711 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 could allow a remote a ...)
	NOT-FOR-US: IBM
CVE-2020-4710
	RESERVED
CVE-2020-4709
	RESERVED
CVE-2020-4708 (IBM Security Trusteer Pinpoint Detect 11.6.5 could disclose some infor ...)
	NOT-FOR-US: IBM
CVE-2020-4707 (IBM API Connect 5.0.0.0 through 5.0.8.11 is vulnerable to cross-site s ...)
	NOT-FOR-US: IBM
CVE-2020-4706 (IBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to HTTP header  ...)
	NOT-FOR-US: IBM
CVE-2020-4705 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 a ...)
	NOT-FOR-US: IBM
CVE-2020-4704 (IBM Content Navigator 3.0CD is vulnerable to stored cross-site scripti ...)
	NOT-FOR-US: IBM
CVE-2020-4703 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 Administrative Console ...)
	NOT-FOR-US: IBM
CVE-2020-4702 (IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-s ...)
	NOT-FOR-US: IBM
CVE-2020-4701 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5 ...)
	NOT-FOR-US: IBM
CVE-2020-4700 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 a ...)
	NOT-FOR-US: IBM
CVE-2020-4699 (IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0. ...)
	NOT-FOR-US: IBM
CVE-2020-4698 (IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Work ...)
	NOT-FOR-US: IBM
CVE-2020-4697 (IBM Jazz Foundation products are vulnerable to cross-site scripting. T ...)
	NOT-FOR-US: IBM
CVE-2020-4696 (IBM Cloud Pak for Security 1.3.0.1(CP4S) does not invalidate session a ...)
	NOT-FOR-US: IBM
CVE-2020-4695 (IBM API Connect V10 is impacted by insecure communications during data ...)
	NOT-FOR-US: IBM
CVE-2020-4694
	RESERVED
CVE-2020-4693 (IBM Spectrum Protect Operations Center 7.1.0.000 through 7.1.10 and 8. ...)
	NOT-FOR-US: IBM
CVE-2020-4692 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 a ...)
	NOT-FOR-US: IBM
CVE-2020-4691 (IBM Jazz Foundation Products are vulnerable to cross-site scripting. T ...)
	NOT-FOR-US: IBM
CVE-2020-4690 (IBM Security Guardium 11.3 contains hard-coded credentials, such as a  ...)
	NOT-FOR-US: IBM
CVE-2020-4689 (IBM Security Guardium 11.2 is vulnerable to CVS Injection. A remote pr ...)
	NOT-FOR-US: IBM
CVE-2020-4688 (IBM Security Guardium 10.6 and 11.2 could allow a local attacker to ex ...)
	NOT-FOR-US: IBM
CVE-2020-4687 (IBM Content Navigator 3.0.7 and 3.0.8 could allow an authenticated use ...)
	NOT-FOR-US: IBM
CVE-2020-4686 (IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated  ...)
	NOT-FOR-US: IBM
CVE-2020-4685 (A low level user of IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, 10.4 ...)
	NOT-FOR-US: IBM
CVE-2020-4684
	RESERVED
CVE-2020-4683
	RESERVED
CVE-2020-4682 (IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote at ...)
	NOT-FOR-US: IBM
CVE-2020-4681 (IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This ...)
	NOT-FOR-US: IBM
CVE-2020-4680 (IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This ...)
	NOT-FOR-US: IBM
CVE-2020-4679 (IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This ...)
	NOT-FOR-US: IBM
CVE-2020-4678 (IBM Security Guardium 11.2 could allow an attacker with admin access t ...)
	NOT-FOR-US: IBM
CVE-2020-4677
	RESERVED
CVE-2020-4676
	RESERVED
CVE-2020-4675 (IBM InfoSphere Master Data Management Server 11.6 is vulnerable to cro ...)
	NOT-FOR-US: IBM
CVE-2020-4674 (IBM Workload Automation 9.5 stores the server path in URLs that could  ...)
	NOT-FOR-US: IBM
CVE-2020-4673 (IBM Workload Automation 9.5 stores sensitive information in HTML comme ...)
	NOT-FOR-US: IBM
CVE-2020-4672 (IBM Business Automation Workflow 20.0.0.1 is vulnerable to cross-site  ...)
	NOT-FOR-US: IBM
CVE-2020-4671 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 a ...)
	NOT-FOR-US: IBM
CVE-2020-4670 (IBM Planning Analytics Local 2.0 connects to a Redis server. The Redis ...)
	NOT-FOR-US: IBM
CVE-2020-4669 (IBM Planning Analytics Local 2.0 connects to a MongoDB server. MongoDB ...)
	NOT-FOR-US: IBM
CVE-2020-4668
	RESERVED
CVE-2020-4667 (IBM Engineering Requirements Quality Assistant On-Premises could allow ...)
	NOT-FOR-US: IBM
CVE-2020-4666 (IBM Engineering Requirements Quality Assistant On-Premises is vulnerab ...)
	NOT-FOR-US: IBM
CVE-2020-4665 (IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through  ...)
	NOT-FOR-US: IBM
CVE-2020-4664 (IBM Engineering Requirements Quality Assistant On-Premises is vulnerab ...)
	NOT-FOR-US: IBM
CVE-2020-4663 (IBM Engineering Requirements Quality Assistant On-Premises is vulnerab ...)
	NOT-FOR-US: IBM
CVE-2020-4662 (IBM Event Streams 10.0.0 could allow an authenticated user to perform  ...)
	NOT-FOR-US: IBM
CVE-2020-4661 (IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0. ...)
	NOT-FOR-US: IBM
CVE-2020-4660 (IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0. ...)
	NOT-FOR-US: IBM
CVE-2020-4659
	RESERVED
CVE-2020-4658 (IBM Sterling File Gateway 2.2.0.0 through 6.0.3.2 is vulnerable to cro ...)
	NOT-FOR-US: IBM
CVE-2020-4657 (IBM Sterling B2B Integrator 5.2.0.0 through 6.0.3.2 Standard Edition i ...)
	NOT-FOR-US: IBM
CVE-2020-4656
	RESERVED
CVE-2020-4655 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 a ...)
	NOT-FOR-US: IBM
CVE-2020-4654 (IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authe ...)
	NOT-FOR-US: IBM
CVE-2020-4653 (IBM Planning Analytics 2.0 could allow a remote attacker to conduct ph ...)
	NOT-FOR-US: IBM
CVE-2020-4652
	RESERVED
CVE-2020-4651 (IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6 ...)
	NOT-FOR-US: IBM
CVE-2020-4650 (IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6 ...)
	NOT-FOR-US: IBM
CVE-2020-4649 (IBM Planning Analytics Local 2.0.9.2 and IBM Planning Analytics Worksp ...)
	NOT-FOR-US: IBM
CVE-2020-4648 (A vulnerability exsists in IBM Planning Analytics 2.0 whereby avatars  ...)
	NOT-FOR-US: IBM
CVE-2020-4647 (IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through  ...)
	NOT-FOR-US: IBM
CVE-2020-4646 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5,  ...)
	NOT-FOR-US: IBM
CVE-2020-4645 (IBM Planning Analytics Local 2.0.0 through 2.0.9.1 is vulnerable to cr ...)
	NOT-FOR-US: IBM
CVE-2020-4644 (IBM Planning Analytics Local 2.0.0 through 2.0.9.1 could allow a remot ...)
	NOT-FOR-US: IBM
CVE-2020-4643 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable  ...)
	NOT-FOR-US: IBM
CVE-2020-4642 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
	NOT-FOR-US: IBM
CVE-2020-4641
	RESERVED
CVE-2020-4640 (Certain IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 throu ...)
	NOT-FOR-US: IBM
CVE-2020-4639
	RESERVED
CVE-2020-4638 (IBM API Connect's API Manager 2018.4.1.0 through 2018.4.1.12 is vulner ...)
	NOT-FOR-US: IBM
CVE-2020-4637
	RESERVED
CVE-2020-4636 (IBM Resilient OnPrem 38.2 could allow a privileged user to inject mali ...)
	NOT-FOR-US: IBM
CVE-2020-4635 (IBM Resilient SOAR 40 and earlier could disclose sensitive information ...)
	NOT-FOR-US: IBM
CVE-2020-4634
	RESERVED
CVE-2020-4633 (IBM Resilient SOAR V38.0 could allow a remote attacker to execute arbi ...)
	NOT-FOR-US: IBM
CVE-2020-4632 (IBM InfoSphere Metadata Asset Manager 11.7 is vulnerable to server-sid ...)
	NOT-FOR-US: IBM
CVE-2020-4631 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 agent files, in non-de ...)
	NOT-FOR-US: IBM
CVE-2020-4630
	RESERVED
CVE-2020-4629 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a  ...)
	NOT-FOR-US: IBM
CVE-2020-4628 (IBM Cloud Pak for Security (CP4S) 1.3.0.1 and 1.4.0.0 could allow a re ...)
	NOT-FOR-US: IBM
CVE-2020-4627 (IBM Cloud Pak for Security 1.3.0.1(CP4S) potentially vulnerable to CVS ...)
	NOT-FOR-US: IBM
CVE-2020-4626 (IBM Cloud Pak for Security 1.3.0.1 (CP4S) could reveal sensitive infor ...)
	NOT-FOR-US: IBM
CVE-2020-4625 (IBM Cloud Pak for Security 1.3.0.1(CP4S) could allow a remote attacker ...)
	NOT-FOR-US: IBM
CVE-2020-4624 (IBM Cloud Pak for Security 1.3.0.1 (CP4S) uses weaker than expected cr ...)
	NOT-FOR-US: IBM
CVE-2020-4623 (IBM i2 iBase 8.9.13 could allow a local authenticated attacker to exec ...)
	NOT-FOR-US: IBM
CVE-2020-4622 (IBM Data Risk Manager (iDNA) 2.0.6 contains hard-coded credentials, su ...)
	NOT-FOR-US: IBM
CVE-2020-4621 (IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user t ...)
	NOT-FOR-US: IBM
CVE-2020-4620 (IBM Data Risk Manager (iDNA) 2.0.6 could allow a remote authenticated  ...)
	NOT-FOR-US: IBM
CVE-2020-4619 (IBM Data Risk Manager (iDNA) 2.0.6 stores user credentials in plain in ...)
	NOT-FOR-US: IBM
CVE-2020-4618 (IBM Data Risk Manager (iDNA) 2.0.6 could allow a privileged user to ca ...)
	NOT-FOR-US: IBM
CVE-2020-4617 (IBM Data Risk Manager (iDNA) 2.0.6 is vulnerable to cross-site request ...)
	NOT-FOR-US: IBM
CVE-2020-4616 (IBM Data Risk Manager (iDNA) 2.0.6 could disclose sensitive username i ...)
	NOT-FOR-US: IBM
CVE-2020-4615 (IBM Data Risk Manager (iDNA) 2.0.6 is vulnerable to cross-site scripti ...)
	NOT-FOR-US: IBM
CVE-2020-4614 (IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptogra ...)
	NOT-FOR-US: IBM
CVE-2020-4613 (IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptogra ...)
	NOT-FOR-US: IBM
CVE-2020-4612 (IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user t ...)
	NOT-FOR-US: IBM
CVE-2020-4611 (IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user t ...)
	NOT-FOR-US: IBM
CVE-2020-4610 (IBM Security Secret Server (IBM Security Verify Privilege Manager 10.8 ...)
	NOT-FOR-US: IBM
CVE-2020-4609 (IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8 ...)
	NOT-FOR-US: IBM
CVE-2020-4608
	RESERVED
CVE-2020-4607 (IBM Security Secret Server (IBM Security Verify Privilege Vault Remote ...)
	NOT-FOR-US: IBM
CVE-2020-4606 (IBM Security Verify Privilege Manager 10.8 is vulnerable to an XML Ext ...)
	NOT-FOR-US: IBM
CVE-2020-4605
	RESERVED
CVE-2020-4604 (IBM Security Guardium Insights 2.0.2 stores user credentials in plain  ...)
	NOT-FOR-US: IBM
CVE-2020-4603 (IBM Security Guardium Insights 2.0.1 performs an operation at a privil ...)
	NOT-FOR-US: IBM
CVE-2020-4602 (IBM Security Guardium Insights 2.0.2 stores user credentials in plain  ...)
	NOT-FOR-US: IBM
CVE-2020-4601
	RESERVED
CVE-2020-4600 (IBM Security Guardium Insights 2.0.2 could allow a remote attacker to  ...)
	NOT-FOR-US: IBM
CVE-2020-4599 (IBM Security Guardium Insights 2.0.2 could allow a remote attacker to  ...)
	NOT-FOR-US: IBM
CVE-2020-4598 (IBM Security Guardium Insights 2.0.1 could allow a remote attacker to  ...)
	NOT-FOR-US: IBM
CVE-2020-4597 (IBM Security Guardium Insights 2.0.2 does not set the secure attribute ...)
	NOT-FOR-US: IBM
CVE-2020-4596 (IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptog ...)
	NOT-FOR-US: IBM
CVE-2020-4595 (IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptog ...)
	NOT-FOR-US: IBM
CVE-2020-4594 (IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptog ...)
	NOT-FOR-US: IBM
CVE-2020-4593 (IBM Security Guardium Insights 2.0.1 stores user credentials in plain  ...)
	NOT-FOR-US: IBM
CVE-2020-4592 (IBM MQ Appliance 9.1.CD and LTS could allow an authenticated user, und ...)
	NOT-FOR-US: IBM
CVE-2020-4591 (IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclos ...)
	NOT-FOR-US: IBM
CVE-2020-4590 (IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 run ...)
	NOT-FOR-US: IBM
CVE-2020-4589 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a  ...)
	NOT-FOR-US: IBM
CVE-2020-4588 (IBM i2 iBase 8.9.13 could allow an attacker to upload arbitrary execut ...)
	NOT-FOR-US: IBM
CVE-2020-4587 (IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, 6.0.0, and 6.1.0 is ...)
	NOT-FOR-US: IBM
CVE-2020-4586
	RESERVED
CVE-2020-4585
	RESERVED
CVE-2020-4584 (IBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive  ...)
	NOT-FOR-US: IBM
CVE-2020-4583
	RESERVED
CVE-2020-4582
	RESERVED
CVE-2020-4581 (IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a rem ...)
	NOT-FOR-US: IBM
CVE-2020-4580 (IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a rem ...)
	NOT-FOR-US: IBM
CVE-2020-4579 (IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a rem ...)
	NOT-FOR-US: IBM
CVE-2020-4578 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable  ...)
	NOT-FOR-US: IBM
CVE-2020-4577
	RESERVED
CVE-2020-4576 (IBM WebSphere Application Server 7.5, 8.0, 8.5, and 9.0 traditional co ...)
	NOT-FOR-US: IBM
CVE-2020-4575 (IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Vir ...)
	NOT-FOR-US: IBM
CVE-2020-4574 (IBM Tivoli Key Lifecycle Manager does not require that users should ha ...)
	NOT-FOR-US: IBM
CVE-2020-4573 (IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 could disclose sensitiv ...)
	NOT-FOR-US: IBM
CVE-2020-4572 (IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote at ...)
	NOT-FOR-US: IBM
CVE-2020-4571
	RESERVED
CVE-2020-4570
	RESERVED
CVE-2020-4569 (IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 uses a protection mecha ...)
	NOT-FOR-US: IBM
CVE-2020-4568 (IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, and 4.0 stores user crede ...)
	NOT-FOR-US: IBM
CVE-2020-4567 (IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 uses an inadequate acco ...)
	NOT-FOR-US: IBM
CVE-2020-4566 (IBM Sterling B2B Integrator Standard Edition 5.2.6.0 through 5.2.6.5 a ...)
	NOT-FOR-US: IBM
CVE-2020-4565 (IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow an attacke ...)
	NOT-FOR-US: IBM
CVE-2020-4564 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 a ...)
	NOT-FOR-US: IBM
CVE-2020-4563
	RESERVED
CVE-2020-4562 (IBM Planning Analytics 2.0 could allow a remote attacker to obtain sen ...)
	NOT-FOR-US: IBM
CVE-2020-4561 (IBM Cognos Analytics 11.0 and 11.1 DQM API allows submitting of all co ...)
	NOT-FOR-US: IBM
CVE-2020-4560 (IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site sc ...)
	NOT-FOR-US: IBM
CVE-2020-4559 (IBM Spectrum Protect 7.1 and 8.1 could allow an attacker to cause a de ...)
	NOT-FOR-US: IBM
CVE-2020-4558
	RESERVED
CVE-2020-4557 (IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business ...)
	NOT-FOR-US: IBM
CVE-2020-4556
	RESERVED
CVE-2020-4555 (IBM Financial Transaction Manager 3.0.6 and 3.1.0 does not invalidate  ...)
	NOT-FOR-US: IBM
CVE-2020-4554 (IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker t ...)
	NOT-FOR-US: IBM
CVE-2020-4553 (IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker t ...)
	NOT-FOR-US: IBM
CVE-2020-4552 (IBM i2 Analyst Notebook 9.2.1 could allow a local attacker to execute  ...)
	NOT-FOR-US: IBM
CVE-2020-4551 (IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker t ...)
	NOT-FOR-US: IBM
CVE-2020-4550 (IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker t ...)
	NOT-FOR-US: IBM
CVE-2020-4549 (IBM i2 Analyst Notebook 9.2.1 could allow a local attacker to execute  ...)
	NOT-FOR-US: IBM
CVE-2020-4548 (IBM Content Navigator 3.0.7 and 3.0.8 is vulnerable to improper input  ...)
	NOT-FOR-US: IBM
CVE-2020-4547 (IBM Jazz Foundation products could allow a remote attacker to hijack t ...)
	NOT-FOR-US: IBM
CVE-2020-4546 (IBM Jazz Team Server based Applications are vulnerable to cross-site s ...)
	NOT-FOR-US: IBM
CVE-2020-4545 (IBM Aspera Connect 3.9.9 could allow a remote attacker to execute arbi ...)
	NOT-FOR-US: IBM
CVE-2020-4544 (IBM Jazz Foundation Products could allow a remote attacker to obtain s ...)
	NOT-FOR-US: IBM
CVE-2020-4543
	RESERVED
CVE-2020-4542 (IBM Jazz Foundation and IBM Engineering products are vulnerable to cro ...)
	NOT-FOR-US: IBM
CVE-2020-4541 (IBM Jazz Reporting Service 7.0 and 7.0.1 is vulnerable to cross-site s ...)
	NOT-FOR-US: IBM
CVE-2020-4540
	RESERVED
CVE-2020-4539 (IBM Jazz Reporting Service 6.0.2, 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vu ...)
	NOT-FOR-US: IBM
CVE-2020-4538
	RESERVED
CVE-2020-4537
	RESERVED
CVE-2020-4536 (IBM OpenPages GRC Platform 8.1 could allow a remote attacker to obtain ...)
	NOT-FOR-US: IBM
CVE-2020-4535 (IBM OpenPages GRC Platform 8.1 is vulnerable to cross-site scripting.  ...)
	NOT-FOR-US: IBM
CVE-2020-4534 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a  ...)
	NOT-FOR-US: IBM
CVE-2020-4533 (IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cr ...)
	NOT-FOR-US: IBM
CVE-2020-4532 (IBM Business Automation Workflow and IBM Business Process Manager (IBM ...)
	NOT-FOR-US: IBM
CVE-2020-4531 (IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business ...)
	NOT-FOR-US: IBM
CVE-2020-4530 (IBM Business Automation Workflow C.D.0 and IBM Business Process Manage ...)
	NOT-FOR-US: IBM
CVE-2020-4529 (IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to server si ...)
	NOT-FOR-US: IBM
CVE-2020-4528 (IBM MQ Appliance (IBM DataPower Gateway 10.0.0.0 and 2018.4.1.0 throug ...)
	NOT-FOR-US: IBM
CVE-2020-4527 (IBM Planning Analytics 2.0 could allow a remote attacker to obtain sen ...)
	NOT-FOR-US: IBM
CVE-2020-4526 (IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to cross-sit ...)
	NOT-FOR-US: IBM
CVE-2020-4525 (IBM Jazz Foundation and IBM Engineering products are vulnerable to cro ...)
	NOT-FOR-US: IBM
CVE-2020-4524 (IBM Jazz Foundation products is vulnerable to cross-site scripting. Th ...)
	NOT-FOR-US: IBM
CVE-2020-4523
	RESERVED
CVE-2020-4522 (IBM Jazz Team Server based Applications are vulnerable to cross-site s ...)
	NOT-FOR-US: IBM
CVE-2020-4521 (IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote authe ...)
	NOT-FOR-US: IBM
CVE-2020-4520 (IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to in ...)
	NOT-FOR-US: IBM
CVE-2020-4519
	RESERVED
CVE-2020-4518
	RESERVED
CVE-2020-4517
	RESERVED
CVE-2020-4516 (IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Work ...)
	NOT-FOR-US: IBM
CVE-2020-4515
	RESERVED
CVE-2020-4514
	RESERVED
CVE-2020-4513 (IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. Thi ...)
	NOT-FOR-US: IBM
CVE-2020-4512 (IBM QRadar SIEM 7.3 and 7.4 could allow a remote privileged user to ex ...)
	NOT-FOR-US: IBM
CVE-2020-4511 (IBM QRadar SIEM 7.3 and 7.4 could allow an authenticated user to cause ...)
	NOT-FOR-US: IBM
CVE-2020-4510 (IBM QRadar SIEM 7.3 and 7.4 is vulnerable to an XML External Entity In ...)
	NOT-FOR-US: IBM
CVE-2020-4509 (IBM QRadar SIEM 7.3 and 7.4 is vulnerable to an XML External Entity In ...)
	NOT-FOR-US: IBM
CVE-2020-4508
	RESERVED
CVE-2020-4507
	RESERVED
CVE-2020-4506
	RESERVED
CVE-2020-4505
	RESERVED
CVE-2020-4504
	RESERVED
CVE-2020-4503 (IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting ...)
	NOT-FOR-US: IBM
CVE-2020-4502
	RESERVED
CVE-2020-4501
	RESERVED
CVE-2020-4500
	RESERVED
CVE-2020-4499 (IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0. ...)
	NOT-FOR-US: IBM
CVE-2020-4498 (IBM MQ Appliance 9.1 LTS and 9.1 CD could allow a local privileged use ...)
	NOT-FOR-US: IBM
CVE-2020-4497
	RESERVED
CVE-2020-4496 (The IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x server connect ...)
	NOT-FOR-US: IBM
CVE-2020-4495 (IBM Jazz Foundation and IBM Engineering products could allow a remote  ...)
	NOT-FOR-US: IBM
CVE-2020-4494 (IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows ...)
	NOT-FOR-US: IBM
CVE-2020-4493 (IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow an attacker to ...)
	NOT-FOR-US: IBM
CVE-2020-4492 (IBM Spectrum Scale V5.0.0.0 through V5.0.4.3 and V4.2.0.0 through V4.2 ...)
	NOT-FOR-US: IBM
CVE-2020-4491 (IBM Spectrum Scale V4.2.0.0 through V4.2.3.22 and V5.0.0.0 through V5. ...)
	NOT-FOR-US: IBM
CVE-2020-4490 (IBM Business Automation Workflow 18 and 19, and IBM Business Process M ...)
	NOT-FOR-US: IBM
CVE-2020-4489
	RESERVED
CVE-2020-4488
	RESERVED
CVE-2020-4487 (IBM Jazz Foundation Products could allow a remote attacker to obtain s ...)
	NOT-FOR-US: IBM
CVE-2020-4486 (IBM QRadar 7.2.0 thorugh 7.2.9 could allow an authenticated user to ov ...)
	NOT-FOR-US: IBM
CVE-2020-4485 (IBM QRadar 7.2.0 through 7.2.9 could allow an authenticated user to di ...)
	NOT-FOR-US: IBM
CVE-2020-4484 (IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 coul ...)
	NOT-FOR-US: IBM
CVE-2020-4483 (IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 coul ...)
	NOT-FOR-US: IBM
CVE-2020-4482 (IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 coul ...)
	NOT-FOR-US: IBM
CVE-2020-4481 (IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 is v ...)
	NOT-FOR-US: IBM
CVE-2020-4480
	RESERVED
CVE-2020-4479
	RESERVED
CVE-2020-4478
	RESERVED
CVE-2020-4477 (IBM Spectrum Protect Plus 10.1.0 through 10.1.5 discloses highly sensi ...)
	NOT-FOR-US: IBM
CVE-2020-4476 (IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through  ...)
	NOT-FOR-US: IBM
CVE-2020-4475 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 a ...)
	NOT-FOR-US: IBM
CVE-2020-4474
	RESERVED
CVE-2020-4473
	RESERVED
CVE-2020-4472
	RESERVED
CVE-2020-4471 (IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow an unauthe ...)
	NOT-FOR-US: IBM
CVE-2020-4470 (IBM Spectrum Protect Plus 10.1.0 through 10.1.5 Administrative Console ...)
	NOT-FOR-US: IBM
CVE-2020-4469 (IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote a ...)
	NOT-FOR-US: IBM
CVE-2020-4468 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacke ...)
	NOT-FOR-US: IBM
CVE-2020-4467 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacke ...)
	NOT-FOR-US: IBM
CVE-2020-4466 (IBM MQ for HPE NonStop 8.0.4 and 8.1.0 could allow a remote authentica ...)
	NOT-FOR-US: IBM
CVE-2020-4465 (IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 CD, and  ...)
	NOT-FOR-US: IBM
CVE-2020-4464 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional co ...)
	NOT-FOR-US: IBM
CVE-2020-4463 (IBM Maximo Asset Management 7.6.0.1 and 7.6.0.2 is vulnerable to an XM ...)
	NOT-FOR-US: IBM
CVE-2020-4462 (IBM Sterling External Authentication Server 6.0.1, 6.0.0, 2.4.3.2, and ...)
	NOT-FOR-US: IBM
CVE-2020-4461 (IBM Security Access Manager Appliance 9.0.7.1 could allow an authentic ...)
	NOT-FOR-US: IBM
CVE-2020-4460
	RESERVED
CVE-2020-4459 (IBM Security Verify Access 10.7 contains hard-coded credentials, such  ...)
	NOT-FOR-US: IBM
CVE-2020-4458
	RESERVED
CVE-2020-4457
	RESERVED
CVE-2020-4456
	RESERVED
CVE-2020-4455
	RESERVED
CVE-2020-4454
	RESERVED
CVE-2020-4453
	RESERVED
CVE-2020-4452 (IBM API Connect V2018.4.1.0 through 2018.4.1.11 uses weaker than expec ...)
	NOT-FOR-US: IBM
CVE-2020-4451
	RESERVED
CVE-2020-4450 (IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a ...)
	NOT-FOR-US: IBM
CVE-2020-4449 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional co ...)
	NOT-FOR-US: IBM
CVE-2020-4448 (IBM WebSphere Application Server Network Deployment 7.0, 8.0, 8.5, and ...)
	NOT-FOR-US: IBM
CVE-2020-4447 (IBM FileNet Content Manager 5.5.3 and 5.5.4 is vulnerable to cross-sit ...)
	NOT-FOR-US: IBM
CVE-2020-4446 (IBM Business Process Manager 8.0, 8.5, and 8.6 and IBM Business Automa ...)
	NOT-FOR-US: IBM
CVE-2020-4445 (IBM Jazz Team Server based Applications are vulnerable to cross-site s ...)
	NOT-FOR-US: IBM
CVE-2020-4444
	RESERVED
CVE-2020-4443
	RESERVED
CVE-2020-4442
	RESERVED
CVE-2020-4441
	RESERVED
CVE-2020-4440
	RESERVED
CVE-2020-4439
	RESERVED
CVE-2020-4438
	RESERVED
CVE-2020-4437
	RESERVED
CVE-2020-4436 (Certain IBM Aspera applications are vulnerable to buffer overflow afte ...)
	NOT-FOR-US: IBM
CVE-2020-4435 (Certain IBM Aspera applications are vulnerable to arbitrary memory cor ...)
	NOT-FOR-US: IBM
CVE-2020-4434 (Certain IBM Aspera applications are vulnerable to buffer overflow base ...)
	NOT-FOR-US: IBM
CVE-2020-4433 (Certain IBM Aspera applications are vulnerable to a stack-based buffer ...)
	NOT-FOR-US: IBM
CVE-2020-4432 (Certain IBM Aspera applications are vulnerable to command injection af ...)
	NOT-FOR-US: IBM
CVE-2020-4431 (IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting ...)
	NOT-FOR-US: IBM
CVE-2020-4430 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a rem ...)
	NOT-FOR-US: IBM
CVE-2020-4429 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 con ...)
	NOT-FOR-US: IBM
CVE-2020-4428 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a rem ...)
	NOT-FOR-US: IBM
CVE-2020-4427 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 cou ...)
	NOT-FOR-US: IBM
CVE-2020-4426
	RESERVED
CVE-2020-4425
	RESERVED
CVE-2020-4424
	RESERVED
CVE-2020-4423
	RESERVED
CVE-2020-4422 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacke ...)
	NOT-FOR-US: IBM
CVE-2020-4421 (IBM WebSphere Application Liberty 19.0.0.5 through 20.0.0.4 could allo ...)
	NOT-FOR-US: IBM
CVE-2020-4420 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
	NOT-FOR-US: IBM
CVE-2020-4419 (IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cr ...)
	NOT-FOR-US: IBM
CVE-2020-4418
	RESERVED
CVE-2020-4417
	RESERVED
CVE-2020-4416
	RESERVED
CVE-2020-4415 (IBM Spectrum Protect 7.1 and 8.1 server is vulnerable to a stack-based ...)
	NOT-FOR-US: IBM
CVE-2020-4414 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
	NOT-FOR-US: IBM
CVE-2020-4413 (IBM Security Secret Server 10.7 could allow a remote attacker to obtai ...)
	NOT-FOR-US: IBM
CVE-2020-4412 (The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4. ...)
	NOT-FOR-US: IBM
CVE-2020-4411 (The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4. ...)
	NOT-FOR-US: IBM
CVE-2020-4410 (IBM Jazz Foundation and IBM Engineering products could allow an authen ...)
	NOT-FOR-US: IBM
CVE-2020-4409 (IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attac ...)
	NOT-FOR-US: IBM
CVE-2020-4408 (The IBM QRadar Advisor 1.1 through 2.5.2 with Watson App for IBM QRada ...)
	NOT-FOR-US: IBM
CVE-2020-4407
	RESERVED
CVE-2020-4406 (IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows ...)
	NOT-FOR-US: IBM
CVE-2020-4405 (IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 could disclose potentially se ...)
	NOT-FOR-US: IBM
CVE-2020-4404
	RESERVED
CVE-2020-4403
	RESERVED
CVE-2020-4402
	RESERVED
CVE-2020-4401
	RESERVED
CVE-2020-4400 (IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 uses an inadequate account lo ...)
	NOT-FOR-US: IBM
CVE-2020-4399 (IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 could allow an authenticated  ...)
	NOT-FOR-US: IBM
CVE-2020-4398
	RESERVED
CVE-2020-4397 (IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 transmits sensitive informati ...)
	NOT-FOR-US: IBM
CVE-2020-4396 (IBM Jazz Foundation and IBM Engineering products are vulnerable to cro ...)
	NOT-FOR-US: IBM
CVE-2020-4395 (IBM Security Access Manager Appliance 9.0.7 does not invalidate sessio ...)
	NOT-FOR-US: IBM
CVE-2020-4394
	RESERVED
CVE-2020-4393
	RESERVED
CVE-2020-4392
	RESERVED
CVE-2020-4391
	RESERVED
CVE-2020-4390
	RESERVED
CVE-2020-4389
	RESERVED
CVE-2020-4388 (IBM Cognos Analytics 11.0 and 11.1 could be vulnerable to a denial of  ...)
	NOT-FOR-US: IBM
CVE-2020-4387 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
	NOT-FOR-US: IBM
CVE-2020-4386 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
	NOT-FOR-US: IBM
CVE-2020-4385 (IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 contains hard-coded credentia ...)
	NOT-FOR-US: IBM
CVE-2020-4384 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable t ...)
	NOT-FOR-US: IBM
CVE-2020-4383 (IBM Spectrum Scale for IBM Elastic Storage Server 5.3.0 through 5.3.5  ...)
	NOT-FOR-US: IBM
CVE-2020-4382 (IBM Spectrum Scale for IBM Elastic Storage Server 5.3.0 through 5.3.5  ...)
	NOT-FOR-US: IBM
CVE-2020-4381 (IBM Spectrum Scale for IBM Elastic Storage Server 5.3.0 through 5.3.6  ...)
	NOT-FOR-US: IBM
CVE-2020-4380 (IBM Workload Scheduler 9.3.0.4 is vulnerable to cross-site scripting.  ...)
	NOT-FOR-US: IBM
CVE-2020-4379 (IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected c ...)
	NOT-FOR-US: IBM
CVE-2020-4378 (IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a privileged au ...)
	NOT-FOR-US: IBM
CVE-2020-4377 (IBM Cognos Anaytics 11.0 and 11.1 is vulnerable to an XML External Ent ...)
	NOT-FOR-US: IBM
CVE-2020-4376 (IBM MQ, IBM MQ Appliance, IBM MQ for HPE NonStop 8.0.4 and 8.1.0 could ...)
	NOT-FOR-US: IBM
CVE-2020-4375 (IBM MQ, IBM MQ Appliance, IBM MQ for HPE NonStop 8.0, 9.1 CD, and 9.1  ...)
	NOT-FOR-US: IBM
CVE-2020-4374
	RESERVED
CVE-2020-4373
	RESERVED
CVE-2020-4372 (IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 stores user credentials in pl ...)
	NOT-FOR-US: IBM
CVE-2020-4371 (IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 contains sensitive informatio ...)
	NOT-FOR-US: IBM
CVE-2020-4370
	RESERVED
CVE-2020-4369 (IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 stores highly sensitive infor ...)
	NOT-FOR-US: IBM
CVE-2020-4368
	RESERVED
CVE-2020-4367 (IBM Planning Analytics Local 2.0 uses weaker than expected cryptograph ...)
	NOT-FOR-US: IBM
CVE-2020-4366 (IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting ...)
	NOT-FOR-US: IBM
CVE-2020-4365 (IBM WebSphere Application Server 8.5 is vulnerable to server-side requ ...)
	NOT-FOR-US: IBM
CVE-2020-4364 (IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. Thi ...)
	NOT-FOR-US: IBM
CVE-2020-4363 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
	NOT-FOR-US: IBM
CVE-2020-4362 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional is ...)
	NOT-FOR-US: IBM
CVE-2020-4361 (IBM Planning Analytics 2.0 could allow a remote attacker to obtain sen ...)
	NOT-FOR-US: IBM
CVE-2020-4360 (IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting ...)
	NOT-FOR-US: IBM
CVE-2020-4359
	RESERVED
CVE-2020-4358 (IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 is vulnerable to cross-site ...)
	NOT-FOR-US: IBM
CVE-2020-4357 (IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a remote attack ...)
	NOT-FOR-US: IBM
CVE-2020-4356
	RESERVED
CVE-2020-4355 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
	NOT-FOR-US: IBM
CVE-2020-4354 (IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripti ...)
	NOT-FOR-US: IBM
CVE-2020-4353 (IBM MaaS360 6.82 could allow a user with pysical access to the device  ...)
	NOT-FOR-US: IBM
CVE-2020-4352 (IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege esc ...)
	NOT-FOR-US: IBM
CVE-2020-4351
	RESERVED
CVE-2020-4350 (IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected c ...)
	NOT-FOR-US: IBM
CVE-2020-4349 (IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected c ...)
	NOT-FOR-US: IBM
CVE-2020-4348 (IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4. ...)
	NOT-FOR-US: IBM
CVE-2020-4347 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could be subjec ...)
	NOT-FOR-US: IBM
CVE-2020-4346 (IBM API Connect's V2018.4.1.0 through 2018.4.1.10 management server ha ...)
	NOT-FOR-US: IBM
CVE-2020-4345 (IBM i 7.2, 7.3, and 7.4 users running complex SQL statements under a s ...)
	NOT-FOR-US: IBM
CVE-2020-4344 (IBM Tivoli Business Service Manager 6.2.0.0 - 6.2.0.2 IF 1 allows web  ...)
	NOT-FOR-US: IBM
CVE-2020-4343 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacke ...)
	NOT-FOR-US: IBM
CVE-2020-4342 (IBM Security Secret Server 10.7 could disclose sensitive information i ...)
	NOT-FOR-US: IBM
CVE-2020-4341 (IBM Security Secret Server 10.7 could allow a remote attacker to obtai ...)
	NOT-FOR-US: IBM
CVE-2020-4340 (IBM Security Secret Server prior to 10.9 could allow an attacker to by ...)
	NOT-FOR-US: IBM
CVE-2020-4339
	RESERVED
CVE-2020-4338 (IBM MQ 9.1.4 could allow a local attacker to obtain sensitive informat ...)
	NOT-FOR-US: IBM
CVE-2020-4337 (IBM API Connect 2018.4.1.0 through 2018.4.1.12 could allow an attacker ...)
	NOT-FOR-US: IBM
CVE-2020-4336 (IBM WebSphere eXtreme Scale 8.6.1 stores sensitive information in URL  ...)
	NOT-FOR-US: IBM
CVE-2020-4335
	RESERVED
CVE-2020-4334
	RESERVED
CVE-2020-4333
	RESERVED
CVE-2020-4332
	RESERVED
CVE-2020-4331
	RESERVED
CVE-2020-4330
	RESERVED
CVE-2020-4329 (IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0 ...)
	NOT-FOR-US: IBM
CVE-2020-4328 (IBM Financial Transaction Manager 3.2.4 is vulnerable to SQL injection ...)
	NOT-FOR-US: IBM
CVE-2020-4327 (IBM Security Secret Server 10.7 could allow a remote attacker to obtai ...)
	NOT-FOR-US: IBM
CVE-2020-4326
	RESERVED
CVE-2020-4325 (The IBM Process Federation Server 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0 ...)
	NOT-FOR-US: IBM
CVE-2020-4324 (IBM Security Secret Server proir to 10.9 could allow a remote attacker ...)
	NOT-FOR-US: IBM
CVE-2020-4323 (IBM Security Secret Server 10.7 is vulnerable to cross-site scripting. ...)
	NOT-FOR-US: IBM
CVE-2020-4322 (IBM Security Secret Server 10.7 could allow a remote attacker to hijac ...)
	NOT-FOR-US: IBM
CVE-2020-4321
	RESERVED
CVE-2020-4320 (IBM MQ Appliance and IBM MQ AMQP Channels 8.0, 9.0 LTS, 9.1 LTS, and 9 ...)
	NOT-FOR-US: IBM
CVE-2020-4319 (IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 LTS, and ...)
	NOT-FOR-US: IBM
CVE-2020-4318 (IBM Intelligent Operations Center for Emergency Management, Intelligen ...)
	NOT-FOR-US: IBM
CVE-2020-4317 (IBM Intelligent Operations Center for Emergency Management, Intelligen ...)
	NOT-FOR-US: IBM
CVE-2020-4316 (IBM Publishing Engine 6.0.6, 6.0.6.1, and 7.0 does not set the secure  ...)
	NOT-FOR-US: IBM
CVE-2020-4315 (IBM Business Automation Content Analyzer on Cloud 1.0 does not set the ...)
	NOT-FOR-US: IBM
CVE-2020-4314
	RESERVED
CVE-2020-4313
	RESERVED
CVE-2020-4312 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 trough 6.0.3.1 co ...)
	NOT-FOR-US: IBM
CVE-2020-4311 (IBM Tivoli Monitoring 6.3.0 could allow a local attacker to execute ar ...)
	NOT-FOR-US: IBM
CVE-2020-4310 (IBM MQ and MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 C are ...)
	NOT-FOR-US: IBM
CVE-2020-4309 (IBM Content Navigator 3.0CD could disclose sensitive information to an ...)
	NOT-FOR-US: IBM
CVE-2020-4308
	RESERVED
CVE-2020-4307 (IBM Security Guardium 11.1 could allow an attacker on the same network ...)
	NOT-FOR-US: IBM
CVE-2020-4306 (IBM Planning Analytics Local 2.0.0 through 2.0.9 is vulnerable to cros ...)
	NOT-FOR-US: IBM
CVE-2020-4305 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a r ...)
	NOT-FOR-US: IBM
CVE-2020-4304 (IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 i ...)
	NOT-FOR-US: IBM
CVE-2020-4303 (IBM WebSphere Application Server - Liberty 17.0.0.3 through 20.0.0.3 i ...)
	NOT-FOR-US: IBM
CVE-2020-4302 (IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to ex ...)
	NOT-FOR-US: IBM
CVE-2020-4301
	RESERVED
CVE-2020-4300 (IBM Cognos Analytics 11.0 and 11.1 is vulnerable to an XML External En ...)
	NOT-FOR-US: IBM
CVE-2020-4299 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 c ...)
	NOT-FOR-US: IBM
CVE-2020-4298 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable t ...)
	NOT-FOR-US: IBM
CVE-2020-4297 (IBM DOORS Next Generation (DNG/RRC) 6.0.2, 6.0.6, 6.0.6.1, and 7.0 is  ...)
	NOT-FOR-US: IBM
CVE-2020-4296
	RESERVED
CVE-2020-4295 (IBM DOORS Next Generation (DNG/RRC) 6.0.2, 6.0.6, 6.0.6.1, and 7.0 is  ...)
	NOT-FOR-US: IBM
CVE-2020-4294 (IBM QRadar 7.3.0 to 7.3.3 Patch 2 is vulnerable to Server Side Request ...)
	NOT-FOR-US: IBM
CVE-2020-4293
	RESERVED
CVE-2020-4292 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, and  ...)
	NOT-FOR-US: IBM
CVE-2020-4291 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0. ...)
	NOT-FOR-US: IBM
CVE-2020-4290 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0. ...)
	NOT-FOR-US: IBM
CVE-2020-4289 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0. ...)
	NOT-FOR-US: IBM
CVE-2020-4288 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacke ...)
	NOT-FOR-US: IBM
CVE-2020-4287 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacke ...)
	NOT-FOR-US: IBM
CVE-2020-4286 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable t ...)
	NOT-FOR-US: IBM
CVE-2020-4285 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacke ...)
	NOT-FOR-US: IBM
CVE-2020-4284 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0. ...)
	NOT-FOR-US: IBM
CVE-2020-4283 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, and  ...)
	NOT-FOR-US: IBM
CVE-2020-4282 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0. ...)
	NOT-FOR-US: IBM
CVE-2020-4281 (IBM DOORS Next Generation (DNG/RRC) 6.0.2, 6.0.6, 6.0.6.1, and 7.0 is  ...)
	NOT-FOR-US: IBM
CVE-2020-4280 (IBM QRadar SIEM 7.3 and 7.4 could allow a remote attacker to execute a ...)
	NOT-FOR-US: IBM
CVE-2020-4279
	RESERVED
CVE-2020-4278 (IBM Platform LSF 9.1 and 10.1, IBM Spectrum LSF Suite 10.2, and IBM Sp ...)
	NOT-FOR-US: IBM
CVE-2020-4277 (IBM TRIRIGA Application Platform 3.5.3 and 3.6.1 discloses sensitive i ...)
	NOT-FOR-US: IBM
CVE-2020-4276 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional is ...)
	NOT-FOR-US: IBM
CVE-2020-4275
	RESERVED
CVE-2020-4274 (IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to ...)
	NOT-FOR-US: IBM
CVE-2020-4273 (IBM Spectrum Scale 4.2 and 5.0 could allow a local unprivileged attack ...)
	NOT-FOR-US: IBM
CVE-2020-4272 (IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a remote attacker to inc ...)
	NOT-FOR-US: IBM
CVE-2020-4271 (IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to ...)
	NOT-FOR-US: IBM
CVE-2020-4270 (IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a local user to gain esc ...)
	NOT-FOR-US: IBM
CVE-2020-4269 (IBM QRadar 7.3.0 to 7.3.3 Patch 2 contains hard-coded credentials, suc ...)
	NOT-FOR-US: IBM
CVE-2020-4268 (IBM QRadar 7.3.0 to 7.3.3 Patch 2 is vulnerable to cross-site scriptin ...)
	NOT-FOR-US: IBM
CVE-2020-4267 (IBM MQ and MQ Appliance 8.0, 9.1 LTS, and 9.1 CD could allow an authen ...)
	NOT-FOR-US: IBM
CVE-2020-4266 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker ...)
	NOT-FOR-US: IBM
CVE-2020-4265 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker ...)
	NOT-FOR-US: IBM
CVE-2020-4264 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker ...)
	NOT-FOR-US: IBM
CVE-2020-4263 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker ...)
	NOT-FOR-US: IBM
CVE-2020-4262 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker ...)
	NOT-FOR-US: IBM
CVE-2020-4261 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker ...)
	NOT-FOR-US: IBM
CVE-2020-4260 (IBM UrbanCode Deploy (UCD) 7.0.5 could allow a user with special permi ...)
	NOT-FOR-US: IBM
CVE-2020-4259 (IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 could allow an authe ...)
	NOT-FOR-US: IBM
CVE-2020-4258 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker ...)
	NOT-FOR-US: IBM
CVE-2020-4257 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker ...)
	NOT-FOR-US: IBM
CVE-2020-4256
	RESERVED
CVE-2020-4255
	RESERVED
CVE-2020-4254 (IBM Security Guardium Big Data Intelligence 1.0 (SonarG) uses weaker t ...)
	NOT-FOR-US: IBM
CVE-2020-4253 (IBM Content Navigator 3.0CD does not invalidate session after logout w ...)
	NOT-FOR-US: IBM
CVE-2020-4252 (IBM DOORS Next Generation (DNG/RRC) 6.0.2. 6.0.6, and 6.0.61 is vulner ...)
	NOT-FOR-US: IBM
CVE-2020-4251 (IBM API Connect 5.0.0.0 through 5.0.8.8 is vulnerable to cross-site sc ...)
	NOT-FOR-US: IBM
CVE-2020-4250
	RESERVED
CVE-2020-4249 (IBM Security Identity Governance and Intelligence 5.2.6 could disclose ...)
	NOT-FOR-US: IBM
CVE-2020-4248 (IBM Security Identity Governance and Intelligence 5.2.6 could allow a  ...)
	NOT-FOR-US: IBM
CVE-2020-4247
	RESERVED
CVE-2020-4246 (IBM Security Identity Governance and Intelligence 5.2.6 is vulnerable  ...)
	NOT-FOR-US: IBM
CVE-2020-4245 (IBM Security Identity Governance and Intelligence 5.2.6 does not requi ...)
	NOT-FOR-US: IBM
CVE-2020-4244 (IBM Security Identity Governance and Intelligence 5.2.6 could allow an ...)
	NOT-FOR-US: IBM
CVE-2020-4243 (IBM Security Identity Governance and Intelligence 5.2.6 Virtual Applia ...)
	NOT-FOR-US: IBM
CVE-2020-4242 (IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 ...)
	NOT-FOR-US: IBM
CVE-2020-4241 (IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 ...)
	NOT-FOR-US: IBM
CVE-2020-4240 (IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote a ...)
	NOT-FOR-US: IBM
CVE-2020-4239 (IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow a remot ...)
	NOT-FOR-US: IBM
CVE-2020-4238 (IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cr ...)
	NOT-FOR-US: IBM
CVE-2020-4237 (IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cr ...)
	NOT-FOR-US: IBM
CVE-2020-4236 (IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow an auth ...)
	NOT-FOR-US: IBM
CVE-2020-4235 (IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cr ...)
	NOT-FOR-US: IBM
CVE-2020-4234
	RESERVED
CVE-2020-4233 (IBM Security Identity Governance and Intelligence 5.2.6 could allow a  ...)
	NOT-FOR-US: IBM
CVE-2020-4232 (IBM Security Identity Governance and Intelligence 5.2.6 could allow an ...)
	NOT-FOR-US: IBM
CVE-2020-4231 (IBM Security Identity Governance and Intelligence 5.2.6 could allow an ...)
	NOT-FOR-US: IBM
CVE-2020-4230 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 ...)
	NOT-FOR-US: IBM
CVE-2020-4229 (IBM Worklight/MobileFoundation 8.0.0.0 does not properly invalidate se ...)
	NOT-FOR-US: IBM
CVE-2020-4228
	RESERVED
CVE-2020-4227
	RESERVED
CVE-2020-4226 (IBM MobileFirst Platform Foundation 8.0.0.0 stores highly sensitive in ...)
	NOT-FOR-US: IBM
CVE-2020-4225
	RESERVED
CVE-2020-4224 (IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive inform ...)
	NOT-FOR-US: IBM
CVE-2020-4223 (IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 is vulnerable to cros ...)
	NOT-FOR-US: IBM
CVE-2020-4222 (IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attac ...)
	NOT-FOR-US: IBM Spectrum Protect Plus
CVE-2020-4221
	RESERVED
CVE-2020-4220
	RESERVED
CVE-2020-4219
	RESERVED
CVE-2020-4218
	RESERVED
CVE-2020-4217 (The IBM Spectrum Scale 4.2 and 5.0 file system component is affected b ...)
	NOT-FOR-US: IBM
CVE-2020-4216 (IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded cr ...)
	NOT-FOR-US: IBM
CVE-2020-4215
	RESERVED
CVE-2020-4214 (IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote a ...)
	NOT-FOR-US: IBM
CVE-2020-4213 (IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attac ...)
	NOT-FOR-US: IBM
CVE-2020-4212 (IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attac ...)
	NOT-FOR-US: IBM
CVE-2020-4211 (IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attac ...)
	NOT-FOR-US: IBM
CVE-2020-4210 (IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attac ...)
	NOT-FOR-US: IBM
CVE-2020-4209 (IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote a ...)
	NOT-FOR-US: IBM
CVE-2020-4208 (IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded cr ...)
	NOT-FOR-US: IBM
CVE-2020-4207 (IBM Watson IoT Message Gateway 2.0.0.x, 5.0.0.0, 5.0.0.1, and 5.0.0.2  ...)
	NOT-FOR-US: IBM
CVE-2020-4206 (IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote a ...)
	NOT-FOR-US: IBM
CVE-2020-4205 (IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.8 could allow an aut ...)
	NOT-FOR-US: IBM
CVE-2020-4204 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
	NOT-FOR-US: IBM
CVE-2020-4203 (IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.8 could potentially  ...)
	NOT-FOR-US: IBM
CVE-2020-4202 (IBM UrbanCode Deploy (UCD) 7.0.3.0 and 7.0.4.0 could allow an authenti ...)
	NOT-FOR-US: IBM
CVE-2020-4201
	RESERVED
CVE-2020-4200 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5 ...)
	NOT-FOR-US: IBM
CVE-2020-4199 (IBM Tivoli Netcool/OMNIbus 8.1.0 is vulnerable to cross-site request f ...)
	NOT-FOR-US: IBM
CVE-2020-4198 (IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scrip ...)
	NOT-FOR-US: IBM
CVE-2020-4197 (IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 allows web pages to be stored loc ...)
	NOT-FOR-US: IBM
CVE-2020-4196 (IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scrip ...)
	NOT-FOR-US: IBM
CVE-2020-4195 (IBM API Connect V2018.4.1.0 through 2018.4.1.10 could allow a remote a ...)
	NOT-FOR-US: IBM
CVE-2020-4194
	RESERVED
CVE-2020-4193 (IBM Security Guardium 11.1 uses an inadequate account lockout setting  ...)
	NOT-FOR-US: IBM
CVE-2020-4192
	RESERVED
CVE-2020-4191 (IBM Security Guardium 11.1 uses weaker than expected cryptographic alg ...)
	NOT-FOR-US: IBM
CVE-2020-4190 (IBM Security Guardium 10.6, 11.0, and 11.1 contains hard-coded credent ...)
	NOT-FOR-US: IBM
CVE-2020-4189 (IBM Security Guardium 11.2 discloses sensitive information in the resp ...)
	NOT-FOR-US: IBM
CVE-2020-4188 (IBM Security Guardium 10.6 and 11.1 may use insufficiently random numb ...)
	NOT-FOR-US: IBM
CVE-2020-4187 (IBM Security Guardium 11.1 could disclose sensitive information on the ...)
	NOT-FOR-US: IBM
CVE-2020-4186 (IBM Security Guardium 10.5, 10.6, and 11.1 could disclose sensitive in ...)
	NOT-FOR-US: IBM
CVE-2020-4185 (IBM Security Guardium 10.5, 10.6, and 11.1 uses weaker than expected c ...)
	NOT-FOR-US: IBM
CVE-2020-4184 (IBM Security Guardium 11.2 performs an operation at a privilege level  ...)
	NOT-FOR-US: IBM
CVE-2020-4183 (IBM Security Guardium 11.1 is vulnerable to cross-site scripting. This ...)
	NOT-FOR-US: IBM
CVE-2020-4182 (IBM Security Guardium 11.1 is vulnerable to cross-site scripting. This ...)
	NOT-FOR-US: IBM
CVE-2020-4181
	RESERVED
CVE-2020-4180 (IBM Security Guardium 11.1 could allow a remote authenticated attacker ...)
	NOT-FOR-US: IBM
CVE-2020-4179
	RESERVED
CVE-2020-4178
	RESERVED
CVE-2020-4177 (IBM Security Guardium 11.1 contains hard-coded credentials, such as a  ...)
	NOT-FOR-US: IBM
CVE-2020-4176
	RESERVED
CVE-2020-4175 (IBM Security Guardium Insights 2.0.1 could allow a remote attacker to  ...)
	NOT-FOR-US: IBM
CVE-2020-4174 (IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptog ...)
	NOT-FOR-US: IBM
CVE-2020-4173 (IBM Guardium Activity Insights 10.6 and 11.0 does not set the secure a ...)
	NOT-FOR-US: IBM
CVE-2020-4172 (IBM Security Guardium Insights 2.0.1 stores sensitive information in U ...)
	NOT-FOR-US: IBM
CVE-2020-4171 (IBM Security Guardium Insights 2.0.1 allows web pages to be stored loc ...)
	NOT-FOR-US: IBM
CVE-2020-4170 (IBM Security Guardium Insights 2.0.1 is vulnerable to cross-site reque ...)
	NOT-FOR-US: IBM
CVE-2020-4169 (IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptog ...)
	NOT-FOR-US: IBM
CVE-2020-4168
	RESERVED
CVE-2020-4167 (IBM Security Guardium Insights 2.0.1 could allow an attacker to obtain ...)
	NOT-FOR-US: IBM
CVE-2020-4166 (IBM Security Guardium Insights 2.0.1 could allow a remote attacker to  ...)
	NOT-FOR-US: IBM
CVE-2020-4165 (IBM Security Guardium Insights 2.0.1 could allow a remote attacker to  ...)
	NOT-FOR-US: IBM
CVE-2020-4164 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0. ...)
	NOT-FOR-US: IBM
CVE-2020-4163 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, under special ...)
	NOT-FOR-US: IBM
CVE-2020-4162 (IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to cross ...)
	NOT-FOR-US: IBM
CVE-2020-4161 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 ...)
	NOT-FOR-US: IBM
CVE-2020-4160 (IBM QRadar Network Security 5.4.0 and 5.5.0 could allow a remote attac ...)
	NOT-FOR-US: IBM
CVE-2020-4159
	RESERVED
CVE-2020-4158
	RESERVED
CVE-2020-4157
	RESERVED
CVE-2020-4156
	RESERVED
CVE-2020-4155
	RESERVED
CVE-2020-4154
	RESERVED
CVE-2020-4153 (IBM QRadar Network Security 5.4.0 and 5.5.0 is vulnerable to cross-sit ...)
	NOT-FOR-US: IBM
CVE-2020-4152 (IBM QRadar Network Security 5.4.0 and 5.5.0 transmits sensitive or sec ...)
	NOT-FOR-US: IBM
CVE-2020-4151 (IBM QRadar SIEM 7.3.0 through 7.3.3 could allow an authenticated attac ...)
	NOT-FOR-US: IBM
CVE-2020-4150
	RESERVED
CVE-2020-4149
	RESERVED
CVE-2020-4148
	RESERVED
CVE-2020-4147
	RESERVED
CVE-2020-4146 (IBM Security SiteProtector System 3.1.1 could allow a remote attacker  ...)
	NOT-FOR-US: IBM
CVE-2020-4145
	RESERVED
CVE-2020-4144
	RESERVED
CVE-2020-4143
	RESERVED
CVE-2020-4142
	RESERVED
CVE-2020-4141
	RESERVED
CVE-2020-4140 (IBM Security SiteProtector System 3.1.1 is vulnerable to cross-site sc ...)
	NOT-FOR-US: IBM
CVE-2020-4139
	RESERVED
CVE-2020-4138
	RESERVED
CVE-2020-4137
	RESERVED
CVE-2020-4136
	RESERVED
CVE-2020-4135 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
	NOT-FOR-US: IBM
CVE-2020-4134
	RESERVED
CVE-2020-4133
	RESERVED
CVE-2020-4132
	RESERVED
CVE-2020-4131
	RESERVED
CVE-2020-4130
	RESERVED
CVE-2020-4129 (HCL Domino is susceptible to a lockout policy bypass vulnerability in  ...)
	NOT-FOR-US: HCL Domino
CVE-2020-4128 (HCL Domino is susceptible to a lockout policy bypass vulnerability in  ...)
	NOT-FOR-US: HCL Domino
CVE-2020-4127 (HCL Domino is susceptible to a Login CSRF vulnerability. With a valid  ...)
	NOT-FOR-US: HCL Domino
CVE-2020-4126 (HCL iNotes is susceptible to a sensitive cookie exposure vulnerability ...)
	NOT-FOR-US: HCL iNotes
CVE-2020-4125 (Using HCL Marketing Operations 9.1.2.4, 10.1.x, 11.1.0.x, a malicious  ...)
	NOT-FOR-US: HCL
CVE-2020-4124
	RESERVED
CVE-2020-4123
	RESERVED
CVE-2020-4122
	RESERVED
CVE-2020-4121
	RESERVED
CVE-2020-4120
	RESERVED
CVE-2020-4119
	RESERVED
CVE-2020-4118
	RESERVED
CVE-2020-4117
	RESERVED
CVE-2020-4116
	RESERVED
CVE-2020-4115
	RESERVED
CVE-2020-4114
	RESERVED
CVE-2020-4113
	RESERVED
CVE-2020-4112
	RESERVED
CVE-2020-4111
	RESERVED
CVE-2020-4110
	RESERVED
CVE-2020-4109
	RESERVED
CVE-2020-4108
	RESERVED
CVE-2020-4107
	RESERVED
CVE-2020-4106
	RESERVED
CVE-2020-4105
	RESERVED
CVE-2020-4104 (HCL BigFix WebUI is vulnerable to stored cross-site scripting (XSS) wi ...)
	NOT-FOR-US: HCL
CVE-2020-4103
	RESERVED
CVE-2020-4102 (HCL Notes is susceptible to a Buffer Overflow vulnerability in DXL due ...)
	NOT-FOR-US: HCL Notes
CVE-2020-4101 ("HCL Digital Experience is susceptible to Server Side Request Forgery. ...)
	NOT-FOR-US: HCL Digital Experience
CVE-2020-4100 ("HCL Verse for Android was found to employ dynamic code loading. This  ...)
	NOT-FOR-US: HCL
CVE-2020-4099
	RESERVED
CVE-2020-4098
	RESERVED
CVE-2020-4097 (In HCL Notes version 9 previous to release 9.0.1 FixPack 10 Interim Fi ...)
	NOT-FOR-US: HCL Notes
CVE-2020-4096
	RESERVED
CVE-2020-4095 ("BigFix Platform is storing clear text credentials within the system's ...)
	NOT-FOR-US: HCL
CVE-2020-4094
	RESERVED
CVE-2020-4093
	RESERVED
CVE-2020-4092 ("If port encryption is not enabled on the Domino Server, HCL Nomad on  ...)
	NOT-FOR-US: HCL Nomad
CVE-2020-4091
	RESERVED
CVE-2020-4090
	RESERVED
CVE-2020-4089 (HCL Notes is vulnerable to an information leakage vulnerability throug ...)
	NOT-FOR-US: HCL Notes
CVE-2020-4088
	RESERVED
CVE-2020-4087
	RESERVED
CVE-2020-4086
	RESERVED
CVE-2020-4085 ("HCL Connections is vulnerable to possible information leakage and cou ...)
	NOT-FOR-US: HCL Connections
CVE-2020-4084 (HCL Connections v5.5, v6.0, and v6.5 are vulnerable to cross-site scri ...)
	NOT-FOR-US: HCL Connections
CVE-2020-4083 (HCL Connections 6.5 is vulnerable to possible information leakage. Con ...)
	NOT-FOR-US: HCL Connections
CVE-2020-4082 (The HCL Connections 5.5 help system is vulnerable to cross-site script ...)
	NOT-FOR-US: HCL Connections
CVE-2020-4081 (In Digital Experience 8.5, 9.0, and 9.5, WSRP consumer is vulnerable t ...)
	NOT-FOR-US: Digital Experience
CVE-2020-4080 (HCL Verse v10 and v11 is susceptible to a Stored Cross-Site Scripting  ...)
	NOT-FOR-US: HCL
CVE-2020-4079 (Combodo iTop is a web based IT Service Management tool. In iTop before ...)
	NOT-FOR-US: Combodo iTop
CVE-2020-4078
	RESERVED
CVE-2020-4077 (In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, there is a ...)
	- electron <itp> (bug #842420)
CVE-2020-4076 (In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, there is a ...)
	- electron <itp> (bug #842420)
CVE-2020-4075 (In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, arbitrary  ...)
	- electron <itp> (bug #842420)
CVE-2020-4074 (In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, the aut ...)
	NOT-FOR-US: PrestaShop
CVE-2020-4073
	RESERVED
CVE-2020-4072 (In generator-jhipster-kotlin version 1.6.0 log entries are created for ...)
	NOT-FOR-US: generator-jhipster-kotlin
CVE-2020-4071 (In django-basic-auth-ip-whitelist before 0.3.4, a potential timing att ...)
	NOT-FOR-US: django-basic-auth-ip-whitelist
CVE-2020-4070 (In CSS Validator less than or equal to commit 54d68a1, there is a cros ...)
	NOT-FOR-US: w3c css-validator
CVE-2020-4069
	RESERVED
CVE-2020-4068 (In APNSwift 1.0.0, calling APNSwiftSigner.sign(digest:) is likely to r ...)
	NOT-FOR-US: APNSwift
CVE-2020-4067 (In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN  ...)
	{DSA-4711-1 DLA-2271-1}
	- coturn 4.5.1.3-1
	NOTE: https://github.com/coturn/coturn/security/advisories/GHSA-c8r8-8vp5-6gcm
	NOTE: https://github.com/coturn/coturn/commit/170da1140797748ae85565b5a93a2e35e7b07b6a
CVE-2020-4066 (In Limdu before 0.95, the trainBatch function has a command injection  ...)
	NOT-FOR-US: Limdu
CVE-2020-4065
	RESERVED
CVE-2020-4064
	RESERVED
CVE-2020-4063
	RESERVED
CVE-2020-4062 (In Conjur OSS Helm Chart before 2.0.0, a recently identified critical  ...)
	NOT-FOR-US: Conjur Helm Chart
CVE-2020-4061 (In October from version 1.0.319 and before version 1.0.467, pasting co ...)
	NOT-FOR-US: October CMS
CVE-2020-4060 (In LoRa Basics Station before 2.0.4, there is a Use After Free vulnera ...)
	NOT-FOR-US: LoRa Basics Station
CVE-2020-4059 (In mversion before 2.0.0, there is a command injection vulnerability.  ...)
	NOT-FOR-US: mversion
CVE-2020-4058
	RESERVED
CVE-2020-4057
	RESERVED
CVE-2020-4056
	RESERVED
CVE-2020-4055
	RESERVED
CVE-2020-4054 (In Sanitize (RubyGem sanitize) greater than or equal to 3.0.0 and less ...)
	{DSA-4730-1}
	- ruby-sanitize 4.6.6-2.1 (bug #963808)
	[stretch] - ruby-sanitize <not-affected> (Vulnerable code introduced later)
	[jessie] - ruby-sanitize <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/rgrove/sanitize/security/advisories/GHSA-p4x4-rw2p-8j8m
	NOTE: Fixed by: https://github.com/rgrove/sanitize/commit/a11498de9e283cd457b35ee252983662f7452aa9 (v5.2.1)
	NOTE: Only in 5.0.0 removing of useless filtered elements content is done by default
	NOTE: with: https://github.com/rgrove/sanitize/commit/faf9a0f432fda3cef29f0f8aad99d4dedf079d67 (v5.0.0)
CVE-2020-4053 (In Helm greater than or equal to 3.0.0 and less than 3.2.4, a path tra ...)
	- helm-kubernetes <itp> (bug #910799)
CVE-2020-4052 (In Wiki.js before 2.4.107, there is a stored cross-site scripting thro ...)
	NOT-FOR-US: Wiki.js
CVE-2020-4051 (In Dijit before versions 1.11.11, and greater than or equal to 1.12.0  ...)
	- dojo 1.15.4+dfsg1-1 (bug #970000)
	[buster] - dojo <no-dsa> (Minor issue)
	NOTE: https://github.com/dojo/dijit/security/advisories/GHSA-cxjc-r2fp-7mq6
	NOTE: https://github.com/dojo/dijit/commit/462bdcd60d0333315fe69ab4709c894d78f61301
CVE-2020-4045 (SSB-DB version 20.0.0 has an information disclosure vulnerability. The ...)
	NOT-FOR-US: SSB-DB
CVE-2020-4044 (The xrdp-sesman service before version 0.9.13.1 can be crashed by conn ...)
	{DSA-4737-1 DLA-2319-1}
	- xrdp 0.9.12-1.1 (bug #964573)
	NOTE: https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-j9fv-6fwf-p3g4
	NOTE: Fixed by: https://github.com/neutrinolabs/xrdp/commit/e593f58a82bf79b556601ae08e9e25e366a662fb
CVE-2020-4043 (phpMussel from versions 1.0.0 and less than 1.6.0 has an unserializati ...)
	NOT-FOR-US: phpMussel
CVE-2020-4042 (Bareos before version 19.2.8 and earlier allows a malicious client to  ...)
	- bareos <removed> (bug #965985)
	[buster] - bareos <ignored> (Minor issue; workaround exists; intrusive to backport to older versions)
	[stretch] - bareos <no-dsa> (minor issue, low priority)
	NOTE: https://github.com/bareos/bareos/security/advisories/GHSA-vqpj-2vhj-h752
	NOTE: https://bugs.bareos.org/view.php?id=1250
	NOTE: https://github.com/bareos/bareos/commit/93f2db6451a684fbb224a7d24cdd85e77b2b51fc (master)
	NOTE: Workaround: Make sure the director will not connect to a client that can
	NOTE: initiate connections. As a rule: every client with "Connection From Client
	NOTE: To Director = yes" must also set "Connection From Director To Client = no".
CVE-2020-4041 (In Bolt CMS before version 3.7.1, the filename of uploaded files was v ...)
	NOT-FOR-US: Bolt CMS
CVE-2020-4040 (Bolt CMS before version 3.7.1 lacked CSRF protection in the preview ge ...)
	NOT-FOR-US: Bolt CMS
CVE-2020-4039 (SUSI.AI is an intelligent Open Source personal assistant. SUSI.AI Serv ...)
	NOT-FOR-US: SUSI.AI
CVE-2020-4038 (GraphQL Playground (graphql-playground-html NPM package) before versio ...)
	NOT-FOR-US: Node graphql-playground-html
CVE-2020-4037 (In OAuth2 Proxy from version 5.1.1 and less than version 6.0.0, users  ...)
	- oauth2-proxy <itp> (bug #982891)
CVE-2020-4036
	RESERVED
CVE-2020-4035 (In WatermelonDB (NPM package "@nozbe/watermelondb") before versions 0. ...)
	NOT-FOR-US: WatermelonDB
CVE-2020-4034
	RESERVED
CVE-2020-4033 (In FreeRDP before version 2.1.2, there is an out of bounds read in RLE ...)
	- freerdp2 2.1.2+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7rhj-856w-82p8
CVE-2020-4032 (In FreeRDP before version 2.1.2, there is an integer casting vulnerabi ...)
	- freerdp2 2.1.2+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3898-mc89-x2vc
CVE-2020-4031 (In FreeRDP before version 2.1.2, there is a use-after-free in gdi_Sele ...)
	- freerdp2 2.1.2+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-gwcq-hpq2-m74g
CVE-2020-4030 (In FreeRDP before version 2.1.2, there is an out of bounds read in Tri ...)
	- freerdp2 2.1.2+dfsg1-1
	[buster] - freerdp2 <no-dsa> (Minor issue)
	- freerdp <removed>
	[stretch] - freerdp <no-dsa> (Minor issue)
	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-fjr5-97f5-qq98
CVE-2020-4029 (The /rest/project-templates/1.0/createshared resource in Atlassian Jir ...)
	NOT-FOR-US: Atlassian
CVE-2020-4028 (Versions before 8.9.1, Various resources in Jira responded with a 404  ...)
	NOT-FOR-US: Atlassian
CVE-2020-4027 (Affected versions of Atlassian Confluence Server and Data Center allow ...)
	NOT-FOR-US: Atlassian
CVE-2020-4026 (The CustomAppsRestResource list resource in Atlassian Navigator Links  ...)
	NOT-FOR-US: Atlassian
CVE-2020-4025 (The attachment download resource in Atlassian Jira Server and Data Cen ...)
	NOT-FOR-US: Atlassian
CVE-2020-4024 (The attachment download resource in Atlassian Jira Server and Data Cen ...)
	NOT-FOR-US: Atlassian
CVE-2020-4023 (The review coverage resource in Atlassian Fisheye and Crucible before  ...)
	NOT-FOR-US: Atlassian Fisheye and Crucible
CVE-2020-4022 (The attachment download resource in Atlassian Jira Server and Data Cen ...)
	NOT-FOR-US: Atlassian
CVE-2020-4021 (Affected versions are: Before 8.5.5, and from 8.6.0 before 8.8.1 of At ...)
	NOT-FOR-US: Atlassian
CVE-2020-4020 (The file downloading functionality in the Atlassian Companion App befo ...)
	NOT-FOR-US: Atlassian
CVE-2020-4019 (The file editing functionality in the Atlassian Companion App before v ...)
	NOT-FOR-US: Atlassian
CVE-2020-4018 (The setup resources in Atlassian Fisheye and Crucible before version 4 ...)
	NOT-FOR-US: Atlassian
CVE-2020-4017 (The /rest/jira-ril/1.0/jira-rest/applinks resource in the crucible-jir ...)
	NOT-FOR-US: Atlassian
CVE-2020-4016 (The /plugins/servlet/jira-blockers/ resource in the crucible-jira-ril  ...)
	NOT-FOR-US: Atlassian
CVE-2020-4015 (The /json/fe/activeUserFinder.do resource in Altassian Fisheye and Cru ...)
	NOT-FOR-US: Atlassian
CVE-2020-4014 (The /profile/deleteWatch.do resource in Atlassian Fisheye and Crucible ...)
	NOT-FOR-US: Atlassian
CVE-2020-4013 (The review resource in Atlassian Fisheye and Crucible before version 4 ...)
	NOT-FOR-US: Atlassian
CVE-2020-4012
	RESERVED
CVE-2020-4011
	RESERVED
CVE-2020-4010
	RESERVED
CVE-2020-4009
	RESERVED
CVE-2020-4008 (The installer of the macOS Sensor for VMware Carbon Black Cloud prior  ...)
	NOT-FOR-US: VMware
CVE-2020-4007
	RESERVED
CVE-2020-4006 (VMware Workspace One Access, Access Connector, Identity Manager, and I ...)
	NOT-FOR-US: VMware
CVE-2020-4005 (VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-2020111 ...)
	NOT-FOR-US: VMware
CVE-2020-4004 (VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-2020111 ...)
	NOT-FOR-US: VMware
CVE-2020-4003 (VMware SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4 ...)
	NOT-FOR-US: VMware
CVE-2020-4002 (The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, ...)
	NOT-FOR-US: VMware
CVE-2020-4001 (The SD-WAN Orchestrator 3.3.2, 3.4.x, and 4.0.x has default passwords  ...)
	NOT-FOR-US: VMware
CVE-2020-4000 (The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, ...)
	NOT-FOR-US: VMware
CVE-2020-3999 (VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16. ...)
	NOT-FOR-US: VMware
CVE-2020-3998 (VMware Horizon Client for Windows (5.x prior to 5.5.0) contains an inf ...)
	NOT-FOR-US: VMware
CVE-2020-3997 (VMware Horizon Server (7.x prior to 7.10.3 or 7.13.0) contains a Cross ...)
	NOT-FOR-US: VMware
CVE-2020-3996 (Velero (prior to 1.4.3 and 1.5.2) in some instances doesn&#8217;t prop ...)
	NOT-FOR-US: Velero
CVE-2020-3995 (In VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-20 ...)
	NOT-FOR-US: VMware
CVE-2020-3994 (VMware vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) contains a ...)
	NOT-FOR-US: VMware
CVE-2020-3993 (VMware NSX-T (3.x before 3.0.2, 2.5.x before 2.5.2.2.0) contains a sec ...)
	NOT-FOR-US: VMware
CVE-2020-3992 (OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6. ...)
	NOT-FOR-US: VMware
	NOTE: Might affect src:openslp-dfsg, but removed years ago
CVE-2020-3991 (VMware Horizon Client for Windows (5.x before 5.5.0) contains a denial ...)
	NOT-FOR-US: VMware
CVE-2020-3990 (VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5 ...)
	NOT-FOR-US: VMware
CVE-2020-3989 (VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5 ...)
	NOT-FOR-US: VMware
CVE-2020-3988 (VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5 ...)
	NOT-FOR-US: VMware
CVE-2020-3987 (VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5 ...)
	NOT-FOR-US: VMware
CVE-2020-3986 (VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5 ...)
	NOT-FOR-US: VMware
CVE-2020-3985 (The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4 ...)
	NOT-FOR-US: VMware
CVE-2020-3984 (The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4 ...)
	NOT-FOR-US: VMware
CVE-2020-3983
	RESERVED
CVE-2020-3982 (VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-20 ...)
	NOT-FOR-US: VMware
CVE-2020-3981 (VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-20 ...)
	NOT-FOR-US: VMware
CVE-2020-3980 (VMware Fusion (11.x) contains a privilege escalation vulnerability due ...)
	NOT-FOR-US: VMware
CVE-2020-3979 (InstallBuilder for Qt Windows (versions prior to 20.7.0) installers lo ...)
	NOT-FOR-US: InstallBuilder for Qt Windows installers
CVE-2020-3978
	RESERVED
CVE-2020-3977 (VMware Horizon DaaS (7.x and 8.x before 8.0.1 Update 1) contains a bro ...)
	NOT-FOR-US: VMware
CVE-2020-3976 (VMware ESXi and vCenter Server contain a partial denial of service vul ...)
	NOT-FOR-US: VMware
CVE-2020-3975 (VMware App Volumes 2.x prior to 2.18.6 and VMware App Volumes 4 prior  ...)
	NOT-FOR-US: VMware
CVE-2020-3974 (VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11. ...)
	NOT-FOR-US: VMware
CVE-2020-3973 (The VeloCloud Orchestrator does not apply correct input validation whi ...)
	NOT-FOR-US: VMware
CVE-2020-3972 (VMware Tools for macOS (11.x.x and prior before 11.1.1) contains a den ...)
	NOT-FOR-US: VMware
CVE-2020-3971 (VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-20 ...)
	NOT-FOR-US: VMware
CVE-2020-3970 (VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-2 ...)
	NOT-FOR-US: VMware
CVE-2020-3969 (VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-2 ...)
	NOT-FOR-US: VMware
CVE-2020-3968 (VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-2 ...)
	NOT-FOR-US: VMware
CVE-2020-3967 (VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-2 ...)
	NOT-FOR-US: VMware
CVE-2020-3966 (VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-2 ...)
	NOT-FOR-US: VMware
CVE-2020-3965 (VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-2 ...)
	NOT-FOR-US: VMware
CVE-2020-3964 (VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-2 ...)
	NOT-FOR-US: VMware
CVE-2020-3963 (VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-2 ...)
	NOT-FOR-US: VMware
CVE-2020-3962 (VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-2 ...)
	NOT-FOR-US: VMware
CVE-2020-3961 (VMware Horizon Client for Windows (prior to 5.4.3) contains a privileg ...)
	NOT-FOR-US: VMware
CVE-2020-3960 (VMware ESXi (6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-20 ...)
	NOT-FOR-US: VMware
CVE-2020-3959 (VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-20 ...)
	NOT-FOR-US: VMware
CVE-2020-3958 (VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-20 ...)
	NOT-FOR-US: VMware
CVE-2020-3957 (VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11. ...)
	NOT-FOR-US: VMware
CVE-2020-3956 (VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5,  ...)
	NOT-FOR-US: VMware
CVE-2020-3955 (ESXi 6.5 without patch ESXi650-201912104-SG and ESXi 6.7 without patch ...)
	NOT-FOR-US: VMware
CVE-2020-3954 (Open Redirect vulnerability exists in VMware vRealize Log Insight prio ...)
	NOT-FOR-US: VMware
CVE-2020-3953 (Cross Site Scripting (XSS) vulnerability exists in VMware vRealize Log ...)
	NOT-FOR-US: VMware
CVE-2020-3952 (Under certain conditions, vmdir that ships with VMware vCenter Server, ...)
	NOT-FOR-US: VMware
CVE-2020-3951 (VMware Workstation (15.x before 15.5.2) and Horizon Client for Windows ...)
	NOT-FOR-US: VMware
CVE-2020-3950 (VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11. ...)
	NOT-FOR-US: VMware
CVE-2020-3949
	RESERVED
CVE-2020-3948 (Linux Guest VMs running on VMware Workstation (15.x before 15.5.2) and ...)
	NOT-FOR-US: VMware
CVE-2020-3947 (VMware Workstation (15.x before 15.5.2) and Fusion (11.x before 11.5.2 ...)
	NOT-FOR-US: VMware
CVE-2020-3946 (InstallBuilder AutoUpdate tool and regular installers enabling &lt;che ...)
	NOT-FOR-US: InstallBuilder
CVE-2020-3945 (vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6. ...)
	NOT-FOR-US: VMware
CVE-2020-3944 (vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6. ...)
	NOT-FOR-US: VMware
CVE-2020-3943 (vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6. ...)
	NOT-FOR-US: VMware
CVE-2020-3942
	RESERVED
CVE-2020-3941 (The repair operation of VMware Tools for Windows 10.x.y has a race con ...)
	NOT-FOR-US: VMware Tools for Windows
CVE-2020-3940 (VMware Workspace ONE SDK and dependent mobile application updates addr ...)
	NOT-FOR-US: VMware
CVE-2020-3939 (SysJust Syuan-Gu-Da-Shih, versions before 20191223, contain vulnerabil ...)
	NOT-FOR-US: SysJust Syuan-Gu-Da-Shih
CVE-2020-3938 (SysJust Syuan-Gu-Da-Shih, versions before 20191223, contain vulnerabil ...)
	NOT-FOR-US: SysJust Syuan-Gu-Da-Shih
CVE-2020-3937 (SQL Injection in SysJust Syuan-Gu-Da-Shih, versions before 20191223, a ...)
	NOT-FOR-US: SysJust Syuan-Gu-Da-Shih
CVE-2020-3936 (UltraLog Express device management interface does not properly filter  ...)
	NOT-FOR-US: UltraLog Express
CVE-2020-3935 (TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance ...)
	NOT-FOR-US: Secom Co. Dr.ID
CVE-2020-3934 (TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance ...)
	NOT-FOR-US: Secom Co. Dr.ID
CVE-2020-3933 (TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance ...)
	NOT-FOR-US: Secom Co. Dr.ID
CVE-2020-3932 (A vulnerable SNMP in Draytek VigorAP910C cannot be disabled, which may ...)
	NOT-FOR-US: Draytek VigorAP910C
CVE-2020-3931 (Buffer overflow exists in Geovision Door Access Control device family, ...)
	NOT-FOR-US: Geovision Door Access Control
CVE-2020-3930 (GeoVision Door Access Control device family improperly stores and cont ...)
	NOT-FOR-US: GeoVision Door Access Control
CVE-2020-3929 (GeoVision Door Access Control device family employs shared cryptograph ...)
	NOT-FOR-US: GeoVision Door Access Control
CVE-2020-3928 (GeoVision Door Access Control device family is hardcoded with a root p ...)
	NOT-FOR-US: GeoVision Door Access Control
CVE-2020-3927 (An arbitrary-file-access vulnerability exists in ServiSign security pl ...)
	NOT-FOR-US: ServiSign security plugin
CVE-2020-3926 (An arbitrary-file-access vulnerability exists in ServiSign security pl ...)
	NOT-FOR-US: ServiSign security plugin
CVE-2020-3925 (A Remote Code Execution(RCE) vulnerability exists in some designated a ...)
	NOT-FOR-US: ServiSign security plugin
CVE-2020-3924 (DVR firmware in TAT-76 and TAT-77 series of products, provided by TONN ...)
	NOT-FOR-US: DVR firmware in TAT-76 and TAT-77 series
CVE-2020-3923 (DVR firmware in TAT-76 and TAT-77 series of products, provided by TONN ...)
	NOT-FOR-US: DVR firmware in TAT-76 and TAT-77 series
CVE-2020-3922 (LisoMail, by ArmorX, allows SQL Injections, attackers can access the d ...)
	NOT-FOR-US: LisoMail
CVE-2020-3921 (UltraLog Express device management software stores user&#8217;s inform ...)
	NOT-FOR-US: UltraLog Express
CVE-2020-3920 (UltraLog Express device management interface does not properly perform ...)
	NOT-FOR-US: UltraLog Express
CVE-2020-3919 (A memory initialization issue was addressed with improved memory handl ...)
	NOT-FOR-US: Apple
CVE-2020-3918 (An access issue was addressed with additional sandbox restrictions. Th ...)
	NOT-FOR-US: Apple
CVE-2020-3917 (This issue was addressed with a new entitlement. This issue is fixed i ...)
	NOT-FOR-US: Apple
CVE-2020-3916 (An access issue was addressed with additional sandbox restrictions. Th ...)
	NOT-FOR-US: Apple
CVE-2020-3915 (A path handling issue was addressed with improved validation. This iss ...)
	NOT-FOR-US: Apple
CVE-2020-3914 (A memory initialization issue was addressed with improved memory handl ...)
	NOT-FOR-US: Apple
CVE-2020-3913 (A permissions issue existed. This issue was addressed with improved pe ...)
	NOT-FOR-US: Apple
CVE-2020-3912 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-3911 (A buffer overflow was addressed with improved bounds checking. This is ...)
	NOT-FOR-US: Apple
CVE-2020-3910 (A buffer overflow was addressed with improved size validation. This is ...)
	NOT-FOR-US: Apple, unknown if it affects libxml2 upstream, but Apple is a black hole
CVE-2020-3909 (A buffer overflow was addressed with improved bounds checking. This is ...)
	NOT-FOR-US: Apple, unknown if it affects libxml2 upstream, but Apple is a black hole
CVE-2020-3908 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-3907 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-3906 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Apple
CVE-2020-3905 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-3904 (Multiple memory corruption issues were addressed with improved state m ...)
	NOT-FOR-US: Apple
CVE-2020-3903 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2020-3902 (An input validation issue was addressed with improved input validation ...)
	{DSA-4681-1}
	- webkit2gtk 2.28.0-2
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.0-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0005.html
CVE-2020-3901 (A type confusion issue was addressed with improved memory handling. Th ...)
	{DSA-4681-1}
	- webkit2gtk 2.28.0-2
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.0-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0005.html
CVE-2020-3900 (A memory corruption issue was addressed with improved memory handling. ...)
	{DSA-4681-1}
	- webkit2gtk 2.28.0-2
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.0-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0005.html
CVE-2020-3899 (A memory consumption issue was addressed with improved memory handling ...)
	{DSA-4681-1}
	- webkit2gtk 2.28.2-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.2-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0005.html
CVE-2020-3898 (A memory corruption issue was addressed with improved validation. This ...)
	{DLA-2237-1}
	- cups 2.3.1-12
	[buster] - cups 2.2.10-6+deb10u3
	[stretch] - cups 2.2.1-8+deb9u6
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1823964
	NOTE: https://src.fedoraproject.org/rpms/cups/blob/c1920d09b842bd2d0611559d00d595abd8aa2424/f/cups-ppdopen-heap-overflow.patch
	NOTE: https://github.com/apple/cups/commit/82e3ee0e3230287b76a76fb8f16b92ca6e50b444 (cups/ppd.c, ppdc/ppdc-source.cxx)
CVE-2020-3897 (A type confusion issue was addressed with improved memory handling. Th ...)
	{DSA-4681-1}
	- webkit2gtk 2.28.0-2
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.0-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0005.html
CVE-2020-3896 (This issue was addressed by removing the vulnerable code. This issue i ...)
	NOT-FOR-US: Apple
CVE-2020-3895 (A memory corruption issue was addressed with improved memory handling. ...)
	{DSA-4681-1}
	- webkit2gtk 2.28.0-2
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.0-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0005.html
CVE-2020-3894 (A race condition was addressed with additional validation. This issue  ...)
	{DSA-4681-1}
	- webkit2gtk 2.28.0-2
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.0-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0005.html
CVE-2020-3893 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-3892 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-3891 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-3890 (The issue was addressed with improved deletion. This issue is fixed in ...)
	NOT-FOR-US: Apple
CVE-2020-3889 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-3888 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Apple
CVE-2020-3887 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Apple
CVE-2020-3886 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2020-3885 (A logic issue was addressed with improved restrictions. This issue is  ...)
	{DSA-4681-1}
	- webkit2gtk 2.28.0-2
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.28.0-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0005.html
CVE-2020-3884 (An injection issue was addressed with improved validation. This issue  ...)
	NOT-FOR-US: Apple
CVE-2020-3883 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2020-3882 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2020-3881 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-3880 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-3879
	RESERVED
CVE-2020-3878 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-3877 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-3876
	RESERVED
CVE-2020-3875 (A validation issue was addressed with improved input sanitization. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-3874 (An issued existed in the naming of screenshots. The issue was correcte ...)
	NOT-FOR-US: Apple
CVE-2020-3873 (This issue was addressed with improved setting propagation. This issue ...)
	NOT-FOR-US: Apple
CVE-2020-3872 (A memory initialization issue was addressed with improved memory handl ...)
	NOT-FOR-US: Apple
CVE-2020-3871 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2020-3870 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-3869 (An issue existed in the handling of the local user's self-view. The is ...)
	NOT-FOR-US: Apple
CVE-2020-3868 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4627-1}
	- webkit2gtk 2.26.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.26.4-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0002.html
CVE-2020-3867 (A logic issue was addressed with improved state management. This issue ...)
	{DSA-4627-1}
	- webkit2gtk 2.26.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.26.4-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0002.html
CVE-2020-3866 (This was addressed with additional checks by Gatekeeper on files mount ...)
	NOT-FOR-US: Apple
CVE-2020-3865 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4627-1}
	- webkit2gtk 2.26.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.26.4-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0002.html
CVE-2020-3864 (A logic issue was addressed with improved validation. This issue is fi ...)
	{DSA-4627-1}
	- webkit2gtk 2.26.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.26.4-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0002.html
CVE-2020-3863 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2020-3862 (A denial of service issue was addressed with improved memory handling. ...)
	{DSA-4627-1}
	- webkit2gtk 2.26.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	- wpewebkit 2.26.4-1
	NOTE: https://webkitgtk.org/security/WSA-2020-0002.html
CVE-2020-3861 (The issue was addressed with improved permissions logic. This issue is ...)
	NOT-FOR-US: Apple
CVE-2020-3860 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-3859 (An inconsistent user interface issue was addressed with improved state ...)
	NOT-FOR-US: Apple
CVE-2020-3858 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2020-3857 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2020-3856 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-3855 (An access issue was addressed with improved access restrictions. This  ...)
	NOT-FOR-US: Apple
CVE-2020-3854 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2020-3853 (A type confusion issue was addressed with improved memory handling. Th ...)
	NOT-FOR-US: Apple
CVE-2020-3852 (A logic issue was addressed with improved validation. This issue is fi ...)
	NOT-FOR-US: Safari
CVE-2020-3851 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2020-3850 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-3849 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-3848 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-3847 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-3846 (A buffer overflow was addressed with improved size validation. This is ...)
	NOT-FOR-US: Apple
CVE-2020-3845 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2020-3844 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2020-3843 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-3842 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2020-3841 (The issue was addressed with improved UI handling. This issue is fixed ...)
	NOT-FOR-US: Apple
CVE-2020-3840 (An off by one issue existed in the handling of racoon configuration fi ...)
	NOT-FOR-US: Apple
CVE-2020-3839 (A validation issue was addressed with improved input sanitization. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-3838 (The issue was addressed with improved permissions logic. This issue is ...)
	NOT-FOR-US: Apple
CVE-2020-3837 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2020-3836 (An access issue was addressed with improved memory management. This is ...)
	NOT-FOR-US: Apple
CVE-2020-3835 (A validation issue existed in the handling of symlinks. This issue was ...)
	NOT-FOR-US: Apple
CVE-2020-3834 (A memory corruption issue was addressed with improved state management ...)
	NOT-FOR-US: Apple
CVE-2020-3833 (An inconsistent user interface issue was addressed with improved state ...)
	NOT-FOR-US: Apple
CVE-2020-3832
	RESERVED
CVE-2020-3831 (A race condition was addressed with improved locking. This issue is fi ...)
	NOT-FOR-US: Apple
CVE-2020-3830 (A validation issue existed in the handling of symlinks. This issue was ...)
	NOT-FOR-US: Apple
CVE-2020-3829 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-3828 (A lock screen issue allowed access to contacts on a locked device. Thi ...)
	NOT-FOR-US: Apple
CVE-2020-3827 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2020-3826 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2020-3825 (Multiple memory corruption issues were addressed with improved memory  ...)
	NOT-FOR-US: Apple
CVE-2020-3824
	REJECTED
CVE-2020-3823
	REJECTED
CVE-2020-3822
	REJECTED
CVE-2020-3821
	REJECTED
CVE-2020-3820
	REJECTED
CVE-2020-3819
	REJECTED
CVE-2020-3818
	REJECTED
CVE-2020-3817
	REJECTED
CVE-2020-3816
	REJECTED
CVE-2020-3815
	REJECTED
CVE-2020-3814
	REJECTED
CVE-2020-3813
	REJECTED
CVE-2020-3812 (qmail-verify as used in netqmail 1.06 is prone to an information discl ...)
	{DSA-4692-1 DLA-2234-1}
	- netqmail 1.06-6.2 (bug #961060)
	NOTE: https://www.openwall.com/lists/oss-security/2020/05/19/8
CVE-2020-3811 (qmail-verify as used in netqmail 1.06 is prone to a mail-address verif ...)
	{DSA-4692-1 DLA-2234-1}
	- netqmail 1.06-6.2 (bug #961060)
	NOTE: https://www.openwall.com/lists/oss-security/2020/05/19/8
CVE-2020-3810 (Missing input validation in the ar/tar implementations of APT before v ...)
	{DSA-4685-1 DLA-2210-1}
	- apt 2.1.2
	NOTE: https://github.com/Debian/apt/issues/111
	NOTE: https://bugs.launchpad.net/bugs/1878177
	NOTE: https://salsa.debian.org/apt-team/apt/-/commit/dceb1e49e4b8e4dadaf056be34088b415939cda6
CVE-2020-3809 (Adobe After Effects versions 17.0.1 and earlier have an out-of-bounds  ...)
	NOT-FOR-US: Adobe
CVE-2020-3808 (Creative Cloud Desktop Application versions 5.0 and earlier have a tim ...)
	NOT-FOR-US: Adobe
CVE-2020-3807 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3806 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3805 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3804 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3803 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3802 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3801 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3800 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3799 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3798 (Adobe Digital Editions versions 4.5.11.187212 and below have a file en ...)
	NOT-FOR-US: Adobe
CVE-2020-3797 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3796 (ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have an impro ...)
	NOT-FOR-US: ColdFusion
CVE-2020-3795 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3794 (ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a file i ...)
	NOT-FOR-US: Adobe
CVE-2020-3793 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3792 (Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3791 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3790 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3789 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3788 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3787 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3786 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3785 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3784 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3783 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3782 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3781 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3780 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3779 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3778 (Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an ...)
	NOT-FOR-US: Adobe
CVE-2020-3777 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3776 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3775 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3774 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3773 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3772 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3771 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3770 (Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 202 ...)
	NOT-FOR-US: Adobe
CVE-2020-3769 (Adobe Experience Manager versions 6.5 and earlier have a server-side r ...)
	NOT-FOR-US: Adobe
CVE-2020-3768 (ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a dll se ...)
	NOT-FOR-US: ColdFusion
CVE-2020-3767 (ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have an insuf ...)
	NOT-FOR-US: ColdFusion
CVE-2020-3766 (Adobe Genuine Integrity Service versions Version 6.4 and earlier have  ...)
	NOT-FOR-US: Adobe
CVE-2020-3765 (Adobe After Effects versions 16.1.2 and earlier have an out-of-bounds  ...)
	NOT-FOR-US: Adobe
CVE-2020-3764 (Adobe Media Encoder versions 14.0 and earlier have an out-of-bounds wr ...)
	NOT-FOR-US: Adobe
CVE-2020-3763 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3762 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3761 (ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a remote ...)
	NOT-FOR-US: Adobe
CVE-2020-3760 (Adobe Digital Editions versions 4.5.10 and below have a command inject ...)
	NOT-FOR-US: Adobe
CVE-2020-3759 (Adobe Digital Editions versions 4.5.10 and below have a buffer errors  ...)
	NOT-FOR-US: Adobe
CVE-2020-3758 (Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and e ...)
	NOT-FOR-US: Magento
CVE-2020-3757 (Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and ear ...)
	NOT-FOR-US: Adobe
CVE-2020-3756 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3755 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3754 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3753 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3752 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3751 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3750 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3749 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3748 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3747 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3746 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3745 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3744 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3743 (Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011 ...)
	NOT-FOR-US: Adobe
CVE-2020-3742 (Adobe Acrobat and Reader versions, 2019.021.20061 and earlier, 2017.01 ...)
	NOT-FOR-US: Adobe
CVE-2020-3741 (Adobe Experience Manager versions 6.5, and 6.4 have an uncontrolled re ...)
	NOT-FOR-US: Adobe
CVE-2020-3740 (Adobe Framemaker versions 2019.0.4 and below have a memory corruption  ...)
	NOT-FOR-US: Adobe
CVE-2020-3739 (Adobe Framemaker versions 2019.0.4 and below have a memory corruption  ...)
	NOT-FOR-US: Adobe
CVE-2020-3738 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...)
	NOT-FOR-US: Adobe
CVE-2020-3737 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...)
	NOT-FOR-US: Adobe
CVE-2020-3736 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...)
	NOT-FOR-US: Adobe
CVE-2020-3735 (Adobe Framemaker versions 2019.0.4 and below have a heap overflow vuln ...)
	NOT-FOR-US: Adobe
CVE-2020-3734 (Adobe Framemaker versions 2019.0.4 and below have a buffer error vulne ...)
	NOT-FOR-US: Adobe
CVE-2020-3733 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...)
	NOT-FOR-US: Adobe
CVE-2020-3732 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...)
	NOT-FOR-US: Adobe
CVE-2020-3731 (Adobe Framemaker versions 2019.0.4 and below have a heap overflow vuln ...)
	NOT-FOR-US: Adobe
CVE-2020-3730 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...)
	NOT-FOR-US: Adobe
CVE-2020-3729 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...)
	NOT-FOR-US: Adobe
CVE-2020-3728 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...)
	NOT-FOR-US: Adobe
CVE-2020-3727 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...)
	NOT-FOR-US: Adobe
CVE-2020-3726 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...)
	NOT-FOR-US: Adobe
CVE-2020-3725 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...)
	NOT-FOR-US: Adobe
CVE-2020-3724 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...)
	NOT-FOR-US: Adobe
CVE-2020-3723 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...)
	NOT-FOR-US: Adobe
CVE-2020-3722 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...)
	NOT-FOR-US: Adobe
CVE-2020-3721 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...)
	NOT-FOR-US: Adobe
CVE-2020-3720 (Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds wri ...)
	NOT-FOR-US: Adobe
CVE-2020-3719 (Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and e ...)
	NOT-FOR-US: Magento
CVE-2020-3718 (Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and e ...)
	NOT-FOR-US: Magento
CVE-2020-3717 (Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and e ...)
	NOT-FOR-US: Magento
CVE-2020-3716 (Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and e ...)
	NOT-FOR-US: Magento
CVE-2020-3715 (Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and e ...)
	NOT-FOR-US: Magento
CVE-2020-3714 (Adobe Illustrator CC versions 24.0 and earlier have a memory corruptio ...)
	NOT-FOR-US: Adobe
CVE-2020-3713 (Adobe Illustrator CC versions 24.0 and earlier have a memory corruptio ...)
	NOT-FOR-US: Adobe
CVE-2020-3712 (Adobe Illustrator CC versions 24.0 and earlier have a memory corruptio ...)
	NOT-FOR-US: Adobe
CVE-2020-3711 (Adobe Illustrator CC versions 24.0 and earlier have a memory corruptio ...)
	NOT-FOR-US: Adobe
CVE-2020-3710 (Adobe Illustrator CC versions 24.0 and earlier have a memory corruptio ...)
	NOT-FOR-US: Adobe
CVE-2020-3709
	REJECTED
CVE-2020-3708
	REJECTED
CVE-2020-3707
	REJECTED
CVE-2020-3706
	REJECTED
CVE-2020-3705
	REJECTED
CVE-2020-3704 (u'While processing invalid connection request PDU which is nonstandard ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3703 (u'Buffer over-read issue in Bluetooth peripheral firmware due to lack  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3702 (u'Specifically timed and handcrafted traffic can cause internal errors ...)
	{DSA-4978-1 DLA-2843-1 DLA-2785-1}
	- linux 5.14.6-1
	[buster] - linux 4.19.208-1
	NOTE: https://lore.kernel.org/linux-wireless/CABvG-CVvPF++0vuGzCrBj8+s=Bcx1GwWfiW1_Somu_GVncTAcQ@mail.gmail.com/
	NOTE: https://lore.kernel.org/stable/20210818084859.vcs4vs3yd6zetmyt@pali/t/#mf8b430d4f19f1b939a29b6c5098fdc514fd1a928
CVE-2020-3701 (Use after free issue while processing error notification from camx dri ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3700 (Possible out of bounds read due to a missing bounds check and could le ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3699 (Possible out of bound access while processing assoc response from host ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3698 (Out of bound write while QoS DSCP mapping due to improper input valida ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3697
	REJECTED
CVE-2020-3696 (u'Use after free while installing new security rule in ipcrtr as old o ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3695
	REJECTED
CVE-2020-3694 (u'Use out of range pointer issue can occur due to incorrect buffer ran ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3693 (u'Use out of range pointer issue can occur due to incorrect buffer ran ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3692 (u'Possible buffer overflow while updating output buffer for IMEI and G ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3691 (Possible out of bound memory access in audio due to integer underflow  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3690 (u'Due to an incorrect SMMU configuration, the modem crypto engine can  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3689
	RESERVED
CVE-2020-3688 (Possible buffer overflow while parsing mp4 clip with corrupted sample  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3687 (Local privilege escalation in admin services in Windows environment ca ...)
	NOT-FOR-US: Qualcomm
CVE-2020-3686 (Possible memory out of bound issue during music playback when an incor ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3685 (Pointer variable which is freed is not cleared can result in memory co ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3684 (u'QSEE reads the access permission policy for the SMEM TOC partition f ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3683
	RESERVED
CVE-2020-3682
	REJECTED
CVE-2020-3681 (Authenticated and encrypted payload MMEs can be forged and remotely se ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3680 (A race condition can occur when using the fastrpc memory mapping API.  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3679 (u'During execution after Address Space Layout Randomization is turned  ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3678 (u'A buffer overflow could occur if the API is improperly used due to U ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3677
	RESERVED
CVE-2020-3676 (Possible memory corruption in perfservice due to improper validation a ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3675 (u'Potential integer underflow while parsing Service Info and IPv6 link ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3674 (Information can leak into userspace due to improper transfer of data f ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3673 (u'Buffer overflow can happen as part of SIP message packet processing  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3672
	RESERVED
CVE-2020-3671 (Use-after-free issue could occur due to dangling pointer when generati ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3670 (u'Potential out of bounds read while processing downlink NAS transport ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3669 (u'Buffer Overflow issue in WLAN tcp ip verification due to usage of ou ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3668 (u'Buffer overflow while parsing PMF enabled MCBC frames due to frame l ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3667 (u'Buffer Overflow in mic calculation for WPA due to copying data into  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3666 (u'Out of bounds memory access during memory copy while processing Host ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3665 (A possible buffer overflow would occur while processing command from f ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3664 (Out of bound read access in hypervisor due to an invalid read access a ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3663 (Buffer over-write may occur during fetching track decoder specific inf ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3662 (Buffer overflow can occur while parsing eac3 header while playing the  ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3661 (Buffer overflow will happen while parsing mp4 clip with corrupted samp ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3660 (Possible null-pointer dereference can occur while parsing mp4 clip wit ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3659
	RESERVED
CVE-2020-3658 (Possible null-pointer dereference can occur while parsing mp4 clip wit ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3657 (u'Remote code execution can happen by sending a carefully crafted POST ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3656 (Out of bound access can happen in MHI command process due to lack of c ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3655
	RESERVED
CVE-2020-3654 (u'Buffer overflow occurs while processing SIP message packet due to la ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3653 (Possible buffer over-read in windows wlan driver function due to lack  ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3652 (Possible buffer over-read issue in windows x86 wlan driver function wh ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3651 (Active command timeout since WM status change cmd is not removed from  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3650
	RESERVED
CVE-2020-3649
	RESERVED
CVE-2020-3648 (u'Possible out of bound write in DSP driver code due to lack of check  ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3647 (u'Potential buffer overflow when accessing npu debugfs node "off"/"log ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3646 (u'Buffer overflow seen as the destination buffer size is lesser than t ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3645 (Firmware will hit assert in WLAN firmware If encrypted data length in  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3644 (u'Information disclosure issue occurs as in current logic Secure Touch ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3643 (u'Information disclosure issue can occur due to partial secure display ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3642 (Use after free issue in camera applications when used randomly over mu ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3641 (Integer overflow may occur if atom size is less than atom offset as th ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3640 (u'Resizing the usage table header before passing all the checks leads  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3639 (u'When a non standard SIP sigcomp message is received from the network ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3638 (u'An Unaligned address or size can propagate to the database due to im ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3637
	RESERVED
CVE-2020-3636 (u'Out of bound writes happen when accessing usage_table header entry b ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3635 (Stack based overflow If the maximum number of arguments allowed per re ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3634 (u'Multiple Read overflows issue due to improper length check while dec ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3633 (Array out of bound may occur while playing mp3 file as no check is the ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3632 (u'Incorrect validation of ring context fetched from host memory can le ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3631
	REJECTED
CVE-2020-3630 (Possibility of out of bound access while processing the responses from ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3629 (u'Stack out of bound issue occurs when making query to DSP capabilitie ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3628 (Improper access due to socket opened by the logging application withou ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3627
	REJECTED
CVE-2020-3626 (Any application can bind to it and exercise the APIs due to no protect ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3625 (When making query to DSP capabilities, Stack out of bounds occurs due  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3624 (u'A potential buffer overflow exists due to integer overflow when pars ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3623 (kernel failure due to load failures while running v1 path directly via ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3622 (u'Channel name string which has been read from shared memory is potent ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3621 (u'Lack of check to ensure that the TX read index &amp; RX write index  ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3620 (u'Lack of check of integer overflow while doing a round up operation f ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3619 (u'Non-secure memory is touched multiple times during TrustZone\u2019s  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3618 (NULL exception due to accessing bad pointer while posting events on RT ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3617 (u'Buffer over-read Issue in Q6 testbus framework due to diag packet le ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3616 (Buffer overflow in display function due to memory copy without checkin ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3615 (Valid deauth/disassoc frames is dropped in case if RMF is enabled and  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3614 (Possible buffer overflow while copying the frame to local buffer due t ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3613 (Double free issue in kernel memory mapping due to lack of memory prote ...)
	NOT-FOR-US: Snapdragon
CVE-2020-3612
	RESERVED
CVE-2020-3611 (u'XBL SEC clears only ZI region when loading Qualcomm-signed segments  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3610 (Possibility of double free of the drawobj that is added to the drawque ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2020-3609
	RESERVED
CVE-2020-3608
	RESERVED
CVE-2020-3607
	RESERVED
CVE-2020-3606
	RESERVED
CVE-2020-3605
	RESERVED
CVE-2020-3604 (Multiple vulnerabilities in Cisco Webex Network Recording Player for W ...)
	NOT-FOR-US: Cisco
CVE-2020-3603 (Multiple vulnerabilities in Cisco Webex Network Recording Player for W ...)
	NOT-FOR-US: Cisco
CVE-2020-3602 (A vulnerability in the CLI of Cisco StarOS operating system for Cisco  ...)
	NOT-FOR-US: Cisco
CVE-2020-3601 (A vulnerability in the CLI of Cisco StarOS operating system for Cisco  ...)
	NOT-FOR-US: Cisco
CVE-2020-3600 (A vulnerability in Cisco SD-WAN Software could allow an authenticated, ...)
	NOT-FOR-US: Cisco
CVE-2020-3599 (A vulnerability in the web-based management interface of Cisco Adaptiv ...)
	NOT-FOR-US: Cisco
CVE-2020-3598 (A vulnerability in the web-based management interface of Cisco Vision  ...)
	NOT-FOR-US: Cisco
CVE-2020-3597 (A vulnerability in the configuration restore feature of Cisco Nexus Da ...)
	NOT-FOR-US: Cisco
CVE-2020-3596 (A vulnerability in the Session Initiation Protocol (SIP) of Cisco Expr ...)
	NOT-FOR-US: Cisco
CVE-2020-3595 (A vulnerability in Cisco SD-WAN Software could allow an authenticated, ...)
	NOT-FOR-US: Cisco
CVE-2020-3594 (A vulnerability in Cisco SD-WAN Software could allow an authenticated, ...)
	NOT-FOR-US: Cisco
CVE-2020-3593 (A vulnerability in Cisco SD-WAN Software could allow an authenticated, ...)
	NOT-FOR-US: Cisco
CVE-2020-3592 (A vulnerability in the web-based management interface of Cisco SD-WAN  ...)
	NOT-FOR-US: Cisco
CVE-2020-3591 (A vulnerability in the web-based management interface of the Cisco SD- ...)
	NOT-FOR-US: Cisco
CVE-2020-3590 (A vulnerability in the web-based management interface of the Cisco SD- ...)
	NOT-FOR-US: Cisco
CVE-2020-3589 (A vulnerability in the web-based management interface of Cisco Identit ...)
	NOT-FOR-US: Cisco
CVE-2020-3588 (A vulnerability in virtualization channel messaging in Cisco Webex Mee ...)
	NOT-FOR-US: Cisco
CVE-2020-3587 (A vulnerability in the web-based management interface of the Cisco SD- ...)
	NOT-FOR-US: Cisco
CVE-2020-3586 (A vulnerability in the web-based management interface of Cisco DNA Spa ...)
	NOT-FOR-US: Cisco
CVE-2020-3585 (A vulnerability in the TLS handler of Cisco Adaptive Security Applianc ...)
	NOT-FOR-US: Cisco
CVE-2020-3584
	RESERVED
CVE-2020-3583 (Multiple vulnerabilities in the web services interface of Cisco Adapti ...)
	NOT-FOR-US: Cisco
CVE-2020-3582 (Multiple vulnerabilities in the web services interface of Cisco Adapti ...)
	NOT-FOR-US: Cisco
CVE-2020-3581 (Multiple vulnerabilities in the web services interface of Cisco Adapti ...)
	NOT-FOR-US: Cisco
CVE-2020-3580 (Multiple vulnerabilities in the web services interface of Cisco Adapti ...)
	NOT-FOR-US: Cisco
CVE-2020-3579 (A vulnerability in the web-based management interface of Cisco SD-WAN  ...)
	NOT-FOR-US: Cisco
CVE-2020-3578 (A vulnerability in the web services interface of Cisco Adaptive Securi ...)
	NOT-FOR-US: Cisco
CVE-2020-3577 (A vulnerability in the ingress packet processing path of Cisco Firepow ...)
	NOT-FOR-US: Cisco
CVE-2020-3576
	RESERVED
CVE-2020-3575
	RESERVED
CVE-2020-3574 (A vulnerability in the TCP packet processing functionality of Cisco IP ...)
	NOT-FOR-US: Cisco
CVE-2020-3573 (Multiple vulnerabilities in Cisco Webex Network Recording Player for W ...)
	NOT-FOR-US: Cisco
CVE-2020-3572 (A vulnerability in the SSL/TLS session handler of Cisco Adaptive Secur ...)
	NOT-FOR-US: Cisco
CVE-2020-3571 (A vulnerability in the ICMP ingress packet processing of Cisco Firepow ...)
	NOT-FOR-US: Cisco
CVE-2020-3570
	RESERVED
CVE-2020-3569 (Multiple vulnerabilities in the Distance Vector Multicast Routing Prot ...)
	NOT-FOR-US: Cisco
CVE-2020-3568 (A vulnerability in the antispam protection mechanisms of Cisco AsyncOS ...)
	NOT-FOR-US: Cisco
CVE-2020-3567 (A vulnerability in the management REST API of Cisco Industrial Network ...)
	NOT-FOR-US: Cisco
CVE-2020-3566 (A vulnerability in the Distance Vector Multicast Routing Protocol (DVM ...)
	NOT-FOR-US: Cisco
CVE-2020-3565 (A vulnerability in the TCP Intercept functionality of Cisco Firepower  ...)
	NOT-FOR-US: Cisco
CVE-2020-3564 (A vulnerability in the FTP inspection engine of Cisco Adaptive Securit ...)
	NOT-FOR-US: Cisco
CVE-2020-3563 (A vulnerability in the packet processing functionality of Cisco Firepo ...)
	NOT-FOR-US: Cisco
CVE-2020-3562 (A vulnerability in the SSL/TLS inspection of Cisco Firepower Threat De ...)
	NOT-FOR-US: Cisco
CVE-2020-3561 (A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive S ...)
	NOT-FOR-US: Cisco
CVE-2020-3560 (A vulnerability in Cisco Aironet Access Points (APs) could allow an un ...)
	NOT-FOR-US: Cisco
CVE-2020-3559 (A vulnerability in Cisco Aironet Access Point (AP) Software could allo ...)
	NOT-FOR-US: Cisco
CVE-2020-3558 (A vulnerability in the web-based management interface of Cisco Firepow ...)
	NOT-FOR-US: Cisco
CVE-2020-3557 (A vulnerability in the host input API daemon of Cisco Firepower Manage ...)
	NOT-FOR-US: Cisco
CVE-2020-3556 (A vulnerability in the interprocess communication (IPC) channel of Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3555 (A vulnerability in the SIP inspection process of Cisco Adaptive Securi ...)
	NOT-FOR-US: Cisco
CVE-2020-3554 (A vulnerability in the TCP packet processing of Cisco Adaptive Securit ...)
	NOT-FOR-US: Cisco
CVE-2020-3553 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3552 (A vulnerability in the Ethernet packet handling of Cisco Aironet Acces ...)
	NOT-FOR-US: Cisco
CVE-2020-3551 (A vulnerability in the web-based management interface of Cisco Identit ...)
	NOT-FOR-US: Cisco
CVE-2020-3550 (A vulnerability in the sfmgr daemon of Cisco Firepower Management Cent ...)
	NOT-FOR-US: Cisco
CVE-2020-3549 (A vulnerability in the sftunnel functionality of Cisco Firepower Manag ...)
	NOT-FOR-US: Cisco
CVE-2020-3548
	RESERVED
CVE-2020-3547 (A vulnerability in the web-based management interface of Cisco AsyncOS ...)
	NOT-FOR-US: Cisco
CVE-2020-3546 (A vulnerability in the web-based management interface of Cisco AsyncOS ...)
	NOT-FOR-US: Cisco
CVE-2020-3545 (A vulnerability in Cisco FXOS Software could allow an authenticated, l ...)
	NOT-FOR-US: Cisco
CVE-2020-3544 (A vulnerability in the Cisco Discovery Protocol implementation for Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3543 (A vulnerability in the Cisco Discovery Protocol of Cisco Video Surveil ...)
	NOT-FOR-US: Cisco
CVE-2020-3542 (A vulnerability in Cisco Webex Training could allow an authenticated,  ...)
	NOT-FOR-US: Cisco
CVE-2020-3541 (A vulnerability in the media engine component of Cisco Webex Meetings  ...)
	NOT-FOR-US: Cisco
CVE-2020-3540
	RESERVED
CVE-2020-3539
	RESERVED
CVE-2020-3538
	RESERVED
CVE-2020-3537 (A vulnerability in Cisco Jabber for Windows software could allow an au ...)
	NOT-FOR-US: Cisco
CVE-2020-3536 (A vulnerability in the web-based management interface of Cisco SD-WAN  ...)
	NOT-FOR-US: Cisco
CVE-2020-3535 (A vulnerability in the loading mechanism of specific DLLs in the Cisco ...)
	NOT-FOR-US: Cisco
CVE-2020-3534
	RESERVED
CVE-2020-3533 (A vulnerability in the Simple Network Management Protocol (SNMP) input ...)
	NOT-FOR-US: Cisco
CVE-2020-3532
	RESERVED
CVE-2020-3531 (A vulnerability in the REST API of Cisco IoT Field Network Director (F ...)
	NOT-FOR-US: Cisco
CVE-2020-3530 (A vulnerability in task group assignment for a specific CLI command in ...)
	NOT-FOR-US: Cisco
CVE-2020-3529 (A vulnerability in the SSL VPN negotiation process for Cisco Adaptive  ...)
	NOT-FOR-US: Cisco
CVE-2020-3528 (A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco ...)
	NOT-FOR-US: Cisco
CVE-2020-3527 (A vulnerability in the Polaris kernel of Cisco Catalyst 9200 Series Sw ...)
	NOT-FOR-US: Cisco
CVE-2020-3526 (A vulnerability in the Common Open Policy Service (COPS) engine of Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3525
	RESERVED
CVE-2020-3524 (A vulnerability in the Cisco IOS XE ROM Monitor (ROMMON) Software for  ...)
	NOT-FOR-US: Cisco
CVE-2020-3523 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
	NOT-FOR-US: Cisco
CVE-2020-3522 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
	NOT-FOR-US: Cisco
CVE-2020-3521 (A vulnerability in a specific REST API of Cisco Data Center Network Ma ...)
	NOT-FOR-US: Cisco
CVE-2020-3520 (A vulnerability in Cisco Data Center Network Manager (DCNM) Software c ...)
	NOT-FOR-US: Cisco
CVE-2020-3519 (A vulnerability in a specific REST API method of Cisco Data Center Net ...)
	NOT-FOR-US: Cisco
CVE-2020-3518 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
	NOT-FOR-US: Cisco
CVE-2020-3517 (A vulnerability in the Cisco Fabric Services component of Cisco FXOS S ...)
	NOT-FOR-US: Cisco
CVE-2020-3516 (A vulnerability in the web server authentication of Cisco IOS XE Softw ...)
	NOT-FOR-US: Cisco
CVE-2020-3515 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3514 (A vulnerability in the multi-instance feature of Cisco Firepower Threa ...)
	NOT-FOR-US: Cisco
CVE-2020-3513 (Multiple vulnerabilities in the initialization routines that are execu ...)
	NOT-FOR-US: Cisco
CVE-2020-3512 (A vulnerability in the PROFINET handler for Link Layer Discovery Proto ...)
	NOT-FOR-US: Cisco
CVE-2020-3511 (A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco  ...)
	NOT-FOR-US: Cisco
CVE-2020-3510 (A vulnerability in the Umbrella Connector component of Cisco IOS XE So ...)
	NOT-FOR-US: Cisco
CVE-2020-3509 (A vulnerability in the DHCP message handler of Cisco IOS XE Software f ...)
	NOT-FOR-US: Cisco
CVE-2020-3508 (A vulnerability in the IP Address Resolution Protocol (ARP) feature of ...)
	NOT-FOR-US: Cisco
CVE-2020-3507 (Multiple vulnerabilities in the Cisco Discovery Protocol implementatio ...)
	NOT-FOR-US: Cisco
CVE-2020-3506 (Multiple vulnerabilities in the Cisco Discovery Protocol implementatio ...)
	NOT-FOR-US: Cisco
CVE-2020-3505 (A vulnerability in the Cisco Discovery Protocol of Cisco Video Surveil ...)
	NOT-FOR-US: Cisco
CVE-2020-3504 (A vulnerability in the local management (local-mgmt) CLI of Cisco UCS  ...)
	NOT-FOR-US: Cisco
CVE-2020-3503 (A vulnerability in the file system permissions of Cisco IOS XE Softwar ...)
	NOT-FOR-US: Cisco
CVE-2020-3502 (Multiple vulnerabilities in the user interface of Cisco Webex Meetings ...)
	NOT-FOR-US: Cisco
CVE-2020-3501 (Multiple vulnerabilities in the user interface of Cisco Webex Meetings ...)
	NOT-FOR-US: Cisco
CVE-2020-3500 (A vulnerability in the IPv6 implementation of Cisco StarOS could allow ...)
	NOT-FOR-US: Cisco
CVE-2020-3499 (A vulnerability in the licensing service of Cisco Firepower Management ...)
	NOT-FOR-US: Cisco
CVE-2020-3498 (A vulnerability in Cisco Jabber software could allow an authenticated, ...)
	NOT-FOR-US: Cisco
CVE-2020-3497 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...)
	NOT-FOR-US: Cisco
CVE-2020-3496 (A vulnerability in the IPv6 packet processing engine of Cisco Small Bu ...)
	NOT-FOR-US: Cisco
CVE-2020-3495 (A vulnerability in Cisco Jabber for Windows could allow an authenticat ...)
	NOT-FOR-US: Cisco
CVE-2020-3494 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...)
	NOT-FOR-US: Cisco
CVE-2020-3493 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...)
	NOT-FOR-US: Cisco
CVE-2020-3492 (A vulnerability in the Flexible NetFlow Version 9 packet processor of  ...)
	NOT-FOR-US: Cisco
CVE-2020-3491 (A vulnerability in the web-based management interface of Cisco Vision  ...)
	NOT-FOR-US: Cisco
CVE-2020-3490 (A vulnerability in the web-based management interface of Cisco Vision  ...)
	NOT-FOR-US: Cisco
CVE-2020-3489 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...)
	NOT-FOR-US: Cisco
CVE-2020-3488 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...)
	NOT-FOR-US: Cisco
CVE-2020-3487 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...)
	NOT-FOR-US: Cisco
CVE-2020-3486 (Multiple vulnerabilities in the Control and Provisioning of Wireless A ...)
	NOT-FOR-US: Cisco
CVE-2020-3485 (A vulnerability in the role-based access control (RBAC) functionality  ...)
	NOT-FOR-US: Cisco
CVE-2020-3484 (A vulnerability in the web-based management interface of Cisco Vision  ...)
	NOT-FOR-US: Cisco
CVE-2020-3483 (Duo has identified and fixed an issue with the Duo Network Gateway (DN ...)
	NOT-FOR-US: Duo
CVE-2020-3482 (A vulnerability in the Traversal Using Relays around NAT (TURN) server ...)
	NOT-FOR-US: Cisco
CVE-2020-3481 (A vulnerability in the EGG archive parsing module in Clam AntiVirus (C ...)
	{DLA-2314-1}
	- clamav 0.102.4+dfsg-1
	[buster] - clamav 0.102.4+dfsg-0+deb10u1
	NOTE: https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html
CVE-2020-3480 (Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco I ...)
	NOT-FOR-US: Cisco
CVE-2020-3479 (A vulnerability in the implementation of Multiprotocol Border Gateway  ...)
	NOT-FOR-US: Cisco
CVE-2020-3478 (A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure ...)
	NOT-FOR-US: Cisco
CVE-2020-3477 (A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS  ...)
	NOT-FOR-US: Cisco
CVE-2020-3476 (A vulnerability in the CLI implementation of a specific command of Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3475 (Multiple vulnerabilities in the web management framework of Cisco IOS  ...)
	NOT-FOR-US: Cisco
CVE-2020-3474 (Multiple vulnerabilities in the web management framework of Cisco IOS  ...)
	NOT-FOR-US: Cisco
CVE-2020-3473 (A vulnerability in task group assignment for a specific CLI command in ...)
	NOT-FOR-US: Cisco
CVE-2020-3472 (A vulnerability in the contacts feature of Cisco Webex Meetings could  ...)
	NOT-FOR-US: Cisco
CVE-2020-3471 (A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Serve ...)
	NOT-FOR-US: Cisco
CVE-2020-3470 (Multiple vulnerabilities in the API subsystem of Cisco Integrated Mana ...)
	NOT-FOR-US: Cisco
CVE-2020-3469
	RESERVED
CVE-2020-3468 (A vulnerability in the web-based management interface of Cisco SD-WAN  ...)
	NOT-FOR-US: Cisco
CVE-2020-3467 (A vulnerability in the web-based management interface of Cisco Identit ...)
	NOT-FOR-US: Cisco
CVE-2020-3466 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3465 (A vulnerability in Cisco IOS XE Software could allow an unauthenticate ...)
	NOT-FOR-US: Cisco
CVE-2020-3464 (A vulnerability in the web-based management interface of Cisco UCS Dir ...)
	NOT-FOR-US: Cisco
CVE-2020-3463 (A vulnerability in the web-based management interface of Cisco Webex M ...)
	NOT-FOR-US: Cisco
CVE-2020-3462 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
	NOT-FOR-US: Cisco
CVE-2020-3461 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
	NOT-FOR-US: Cisco
CVE-2020-3460 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
	NOT-FOR-US: Cisco
CVE-2020-3459 (A vulnerability in the CLI of Cisco FXOS Software could allow an authe ...)
	NOT-FOR-US: Cisco
CVE-2020-3458 (Multiple vulnerabilities in the secure boot process of Cisco Adaptive  ...)
	NOT-FOR-US: Cisco
CVE-2020-3457 (A vulnerability in the CLI of Cisco FXOS Software could allow an authe ...)
	NOT-FOR-US: Cisco
CVE-2020-3456 (A vulnerability in the Cisco Firepower Chassis Manager (FCM) of Cisco  ...)
	NOT-FOR-US: Cisco
CVE-2020-3455 (A vulnerability in the secure boot process of Cisco FXOS Software coul ...)
	NOT-FOR-US: Cisco
CVE-2020-3454 (A vulnerability in the Call Home feature of Cisco NX-OS Software could ...)
	NOT-FOR-US: Cisco
CVE-2020-3453 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3452 (A vulnerability in the web services interface of Cisco Adaptive Securi ...)
	NOT-FOR-US: Cisco
CVE-2020-3451 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3450 (A vulnerability in the web-based management interface of Cisco Vision  ...)
	NOT-FOR-US: Cisco
CVE-2020-3449 (A vulnerability in the Border Gateway Protocol (BGP) additional paths  ...)
	NOT-FOR-US: Cisco
CVE-2020-3448 (A vulnerability in an access control mechanism of Cisco Cyber Vision C ...)
	NOT-FOR-US: Cisco
CVE-2020-3447 (A vulnerability in the CLI of Cisco AsyncOS for Cisco Email Security A ...)
	NOT-FOR-US: Cisco
CVE-2020-3446 (A vulnerability in Cisco Virtual Wide Area Application Services (vWAAS ...)
	NOT-FOR-US: Cisco
CVE-2020-3445
	RESERVED
CVE-2020-3444 (A vulnerability in the packet filtering features of Cisco SD-WAN Softw ...)
	NOT-FOR-US: Cisco
CVE-2020-3443 (A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem)  ...)
	NOT-FOR-US: Cisco
CVE-2020-3442 (The DuoConnect client enables users to establish SSH connections to ho ...)
	NOT-FOR-US: DuoConnect
CVE-2020-3441 (A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Serve ...)
	NOT-FOR-US: Cisco
CVE-2020-3440 (A vulnerability in Cisco Webex Meetings Desktop App for Windows could  ...)
	NOT-FOR-US: Cisco
CVE-2020-3439 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
	NOT-FOR-US: Cisco
CVE-2020-3438
	RESERVED
CVE-2020-3437 (A vulnerability in the web-based management interface of Cisco SD-WAN  ...)
	NOT-FOR-US: Cisco
CVE-2020-3436 (A vulnerability in the web services interface of Cisco Adaptive Securi ...)
	NOT-FOR-US: Cisco
CVE-2020-3435 (A vulnerability in the interprocess communication (IPC) channel of Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3434 (A vulnerability in the interprocess communication (IPC) channel of Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3433 (A vulnerability in the interprocess communication (IPC) channel of Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3432
	RESERVED
CVE-2020-3431
	RESERVED
CVE-2020-3430 (A vulnerability in the application protocol handling features of Cisco ...)
	NOT-FOR-US: Cisco
CVE-2020-3429 (A vulnerability in the WPA2 and WPA3 security implementation of Cisco  ...)
	NOT-FOR-US: Cisco
CVE-2020-3428 (A vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wi ...)
	NOT-FOR-US: Cisco
CVE-2020-3427 (The Windows Logon installer prior to 4.1.2 did not properly validate f ...)
	NOT-FOR-US: Duo
CVE-2020-3426 (A vulnerability in the implementation of the Low Power, Wide Area (LPW ...)
	NOT-FOR-US: Cisco
CVE-2020-3425 (Multiple vulnerabilities in the web management framework of Cisco IOS  ...)
	NOT-FOR-US: Cisco
CVE-2020-3424
	RESERVED
CVE-2020-3423 (A vulnerability in the implementation of the Lua interpreter that is i ...)
	NOT-FOR-US: Cisco
CVE-2020-3422 (A vulnerability in the IP Service Level Agreement (SLA) responder feat ...)
	NOT-FOR-US: Cisco
CVE-2020-3421 (Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco I ...)
	NOT-FOR-US: Cisco
CVE-2020-3420
	RESERVED
CVE-2020-3419 (A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Serve ...)
	NOT-FOR-US: Cisco
CVE-2020-3418 (A vulnerability in Cisco IOS XE Wireless Controller Software for Cisco ...)
	NOT-FOR-US: Cisco
CVE-2020-3417 (A vulnerability in Cisco IOS XE Software could allow an authenticated, ...)
	NOT-FOR-US: Cisco
CVE-2020-3416 (Multiple vulnerabilities in the initialization routines that are execu ...)
	NOT-FOR-US: Cisco
CVE-2020-3415 (A vulnerability in the Data Management Engine (DME) of Cisco NX-OS Sof ...)
	NOT-FOR-US: Cisco
CVE-2020-3414 (A vulnerability in the packet processing of Cisco IOS XE Software for  ...)
	NOT-FOR-US: Cisco
CVE-2020-3413 (A vulnerability in the scheduled meeting template feature of Cisco Web ...)
	NOT-FOR-US: Cisco
CVE-2020-3412 (A vulnerability in the scheduled meeting template feature of Cisco Web ...)
	NOT-FOR-US: Cisco
CVE-2020-3411 (A vulnerability in Cisco DNA Center software could allow an unauthenti ...)
	NOT-FOR-US: Cisco
CVE-2020-3410 (A vulnerability in the Common Access Card (CAC) authentication feature ...)
	NOT-FOR-US: Cisco
CVE-2020-3409 (A vulnerability in the PROFINET feature of Cisco IOS Software and Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3408 (A vulnerability in the Split DNS feature of Cisco IOS Software and Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3407 (A vulnerability in the RESTCONF and NETCONF-YANG access control list ( ...)
	NOT-FOR-US: Cisco
CVE-2020-3406 (A vulnerability in the web-based management interface of the Cisco SD- ...)
	NOT-FOR-US: Cisco
CVE-2020-3405 (A vulnerability in the web UI of Cisco SD-WAN vManage Software could a ...)
	NOT-FOR-US: Cisco
CVE-2020-3404 (A vulnerability in the persistent Telnet/Secure Shell (SSH) CLI of Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3403 (A vulnerability in the CLI of Cisco IOS XE Software could allow an aut ...)
	NOT-FOR-US: Cisco
CVE-2020-3402 (A vulnerability in the Java Remote Method Invocation (RMI) interface o ...)
	NOT-FOR-US: Cisco
CVE-2020-3401 (A vulnerability in the web-based management interface of Cisco SD-WAN  ...)
	NOT-FOR-US: Cisco
CVE-2020-3400 (A vulnerability in the web UI feature of Cisco IOS XE Software could a ...)
	NOT-FOR-US: Cisco
CVE-2020-3399 (A vulnerability in the Control and Provisioning of Wireless Access Poi ...)
	NOT-FOR-US: Cisco
CVE-2020-3398 (A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MV ...)
	NOT-FOR-US: Cisco
CVE-2020-3397 (A vulnerability in the Border Gateway Protocol (BGP) Multicast VPN (MV ...)
	NOT-FOR-US: Cisco
CVE-2020-3396 (A vulnerability in the file system on the pluggable USB 3.0 Solid Stat ...)
	NOT-FOR-US: Cisco
CVE-2020-3395
	RESERVED
CVE-2020-3394 (A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Serie ...)
	NOT-FOR-US: Cisco
CVE-2020-3393 (A vulnerability in the application-hosting subsystem of Cisco IOS XE S ...)
	NOT-FOR-US: Cisco
CVE-2020-3392 (A vulnerability in the API of Cisco IoT Field Network Director (FND) c ...)
	NOT-FOR-US: Cisco
CVE-2020-3391 (A vulnerability in Cisco Digital Network Architecture (DNA) Center cou ...)
	NOT-FOR-US: Cisco
CVE-2020-3390 (A vulnerability in Simple Network Management Protocol (SNMP) trap gene ...)
	NOT-FOR-US: Cisco
CVE-2020-3389 (A vulnerability in the installation component of Cisco Hyperflex HX-Se ...)
	NOT-FOR-US: Cisco
CVE-2020-3388 (A vulnerability in the CLI of Cisco SD-WAN vManage Software could allo ...)
	NOT-FOR-US: Cisco
CVE-2020-3387 (A vulnerability in Cisco SD-WAN vManage Software could allow an authen ...)
	NOT-FOR-US: Cisco
CVE-2020-3386 (A vulnerability in the REST API endpoint of Cisco Data Center Network  ...)
	NOT-FOR-US: Cisco
CVE-2020-3385 (A vulnerability in the deep packet inspection (DPI) engine of Cisco SD ...)
	NOT-FOR-US: Cisco
CVE-2020-3384 (A vulnerability in specific REST API endpoints of Cisco Data Center Ne ...)
	NOT-FOR-US: Cisco
CVE-2020-3383 (A vulnerability in the archive utility of Cisco Data Center Network Ma ...)
	NOT-FOR-US: Cisco
CVE-2020-3382 (A vulnerability in the REST API of Cisco Data Center Network Manager ( ...)
	NOT-FOR-US: Cisco
CVE-2020-3381 (A vulnerability in the web management interface of Cisco SD-WAN vManag ...)
	NOT-FOR-US: Cisco
CVE-2020-3380 (A vulnerability in the CLI of Cisco Data Center Network Manager (DCNM) ...)
	NOT-FOR-US: Cisco
CVE-2020-3379 (A vulnerability in Cisco SD-WAN Solution Software could allow an authe ...)
	NOT-FOR-US: Cisco
CVE-2020-3378 (A vulnerability in the web-based management interface for Cisco SD-WAN ...)
	NOT-FOR-US: Cisco
CVE-2020-3377 (A vulnerability in the Device Manager application of Cisco Data Center ...)
	NOT-FOR-US: Cisco
CVE-2020-3376 (A vulnerability in the Device Manager application of Cisco Data Center ...)
	NOT-FOR-US: Cisco
CVE-2020-3375 (A vulnerability in Cisco SD-WAN Solution Software could allow an unaut ...)
	NOT-FOR-US: Cisco
CVE-2020-3374 (A vulnerability in the web-based management interface of Cisco SD-WAN  ...)
	NOT-FOR-US: Cisco
CVE-2020-3373 (A vulnerability in the IP fragment-handling implementation of Cisco Ad ...)
	NOT-FOR-US: Cisco
CVE-2020-3372 (A vulnerability in the web-based management interface of Cisco SD-WAN  ...)
	NOT-FOR-US: Cisco
CVE-2020-3371 (A vulnerability in the web UI of Cisco Integrated Management Controlle ...)
	NOT-FOR-US: Cisco
CVE-2020-3370 (A vulnerability in URL filtering of Cisco Content Security Management  ...)
	NOT-FOR-US: Cisco
CVE-2020-3369 (A vulnerability in the deep packet inspection (DPI) engine of Cisco SD ...)
	NOT-FOR-US: Cisco
CVE-2020-3368 (A vulnerability in the antispam protection mechanisms of Cisco AsyncOS ...)
	NOT-FOR-US: Cisco
CVE-2020-3367 (A vulnerability in the log subscription subsystem of Cisco AsyncOS for ...)
	NOT-FOR-US: Cisco
CVE-2020-3366
	RESERVED
CVE-2020-3365 (A vulnerability in the directory permissions of Cisco Enterprise NFV I ...)
	NOT-FOR-US: Cisco
CVE-2020-3364 (A vulnerability in the access control list (ACL) functionality of the  ...)
	NOT-FOR-US: Cisco
CVE-2020-3363 (A vulnerability in the IPv6 packet processing engine of Cisco Small Bu ...)
	NOT-FOR-US: Cisco
CVE-2020-3362 (A vulnerability in the CLI of Cisco Network Services Orchestrator (NSO ...)
	NOT-FOR-US: Cisco
CVE-2020-3361 (A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Serve ...)
	NOT-FOR-US: Cisco
CVE-2020-3360 (A vulnerability in the Web Access feature of Cisco IP Phones Series 78 ...)
	NOT-FOR-US: Cisco
CVE-2020-3359 (A vulnerability in the multicast DNS (mDNS) feature of Cisco IOS XE So ...)
	NOT-FOR-US: Cisco
CVE-2020-3358 (A vulnerability in the Secure Sockets Layer (SSL) VPN feature for Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3357 (A vulnerability in the Secure Sockets Layer (SSL) VPN feature of Cisco ...)
	NOT-FOR-US: Cisco
CVE-2020-3356 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
	NOT-FOR-US: Cisco
CVE-2020-3355 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
	NOT-FOR-US: Cisco
CVE-2020-3354 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
	NOT-FOR-US: Cisco
CVE-2020-3353 (A vulnerability in the syslog processing engine of Cisco Identity Serv ...)
	NOT-FOR-US: Cisco
CVE-2020-3352 (A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Sof ...)
	NOT-FOR-US: Cisco
CVE-2020-3351 (A vulnerability in Cisco SD-WAN Solution Software could allow an unaut ...)
	NOT-FOR-US: Cisco
CVE-2020-3350 (A vulnerability in the endpoint software of Cisco AMP for Endpoints an ...)
	{DLA-2314-1}
	- clamav 0.102.4+dfsg-1
	[buster] - clamav 0.102.4+dfsg-0+deb10u1
	NOTE: https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html
CVE-2020-3349 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3348 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3347 (A vulnerability in Cisco Webex Meetings Desktop App for Windows could  ...)
	NOT-FOR-US: Cisco
CVE-2020-3346 (A vulnerability in the web UI of Cisco Unified Communications Manager  ...)
	NOT-FOR-US: Cisco
CVE-2020-3345 (A vulnerability in certain web pages of Cisco Webex Meetings and Cisco ...)
	NOT-FOR-US: Cisco
CVE-2020-3344 (A vulnerability in Cisco AMP for Endpoints Linux Connector Software an ...)
	NOT-FOR-US: Cisco
CVE-2020-3343 (A vulnerability in Cisco AMP for Endpoints Linux Connector Software an ...)
	NOT-FOR-US: Cisco
CVE-2020-3342 (A vulnerability in the software update feature of Cisco Webex Meetings ...)
	NOT-FOR-US: Cisco
CVE-2020-3341 (A vulnerability in the PDF archive parsing module in Clam AntiVirus (C ...)
	{DLA-2215-1}
	- clamav 0.102.3+dfsg-1
	[buster] - clamav 0.102.3+dfsg-0~deb10u1
	[stretch] - clamav 0.102.3+dfsg-0~deb9u1
	NOTE: https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html
CVE-2020-3340 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3339 (A vulnerability in the web-based management interface of Cisco Prime I ...)
	NOT-FOR-US: Cisco
CVE-2020-3338 (A vulnerability in the Protocol Independent Multicast (PIM) feature fo ...)
	NOT-FOR-US: Cisco
CVE-2020-3337 (A vulnerability in the web server of Cisco Umbrella could allow an una ...)
	NOT-FOR-US: Cisco
CVE-2020-3336 (A vulnerability in the software upgrade process of Cisco TelePresence  ...)
	NOT-FOR-US: Cisco
CVE-2020-3335 (A vulnerability in the key store of Cisco Application Services Engine  ...)
	NOT-FOR-US: Cisco
CVE-2020-3334 (A vulnerability in the ARP packet processing of Cisco Adaptive Securit ...)
	NOT-FOR-US: Cisco
CVE-2020-3333 (A vulnerability in the API of Cisco Application Services Engine Softwa ...)
	NOT-FOR-US: Cisco
CVE-2020-3332 (A vulnerability in the web-based management interface of Cisco Small B ...)
	NOT-FOR-US: Cisco
CVE-2020-3331 (A vulnerability in the web-based management interface of Cisco RV110W  ...)
	NOT-FOR-US: Cisco
CVE-2020-3330 (A vulnerability in the Telnet service of Cisco Small Business RV110W W ...)
	NOT-FOR-US: Cisco
CVE-2020-3329 (A vulnerability in role-based access control of Cisco Integrated Manag ...)
	NOT-FOR-US: Cisco
CVE-2020-3328
	RESERVED
CVE-2020-3327 (A vulnerability in the ARJ archive parsing module in Clam AntiVirus (C ...)
	{DLA-2314-1 DLA-2215-1}
	- clamav 0.102.4+dfsg-1
	[buster] - clamav 0.102.4+dfsg-0+deb10u1
	NOTE: https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html
	NOTE: https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html
	NOTE: Original fix from 0.102.3 was incomplete
CVE-2020-3326
	RESERVED
CVE-2020-3325
	RESERVED
CVE-2020-3324
	RESERVED
CVE-2020-3323 (A vulnerability in the web-based management interface of Cisco Small B ...)
	NOT-FOR-US: Cisco
CVE-2020-3322 (A vulnerability in Cisco Webex Network Recording Player and Cisco Webe ...)
	NOT-FOR-US: Cisco
CVE-2020-3321 (A vulnerability in Cisco Webex Network Recording Player and Cisco Webe ...)
	NOT-FOR-US: Cisco
CVE-2020-3320 (A vulnerability in the web-based management interface of Cisco Firepow ...)
	NOT-FOR-US: Cisco
CVE-2020-3319 (A vulnerability in Cisco Webex Network Recording Player and Cisco Webe ...)
	NOT-FOR-US: Cisco
CVE-2020-3318 (Multiple vulnerabilities in Cisco Firepower Management Center (FMC) So ...)
	NOT-FOR-US: Cisco
CVE-2020-3317 (A vulnerability in the ssl_inspection component of Cisco Firepower Thr ...)
	NOT-FOR-US: Cisco
CVE-2020-3316
	RESERVED
CVE-2020-3315 (Multiple Cisco products are affected by a vulnerability in the Snort d ...)
	NOT-FOR-US: Cisco
CVE-2020-3314 (A vulnerability in the file scan process of Cisco AMP for Endpoints Ma ...)
	NOT-FOR-US: Cisco
CVE-2020-3313 (A vulnerability in the web UI of Cisco Firepower Management Center (FM ...)
	NOT-FOR-US: Cisco
CVE-2020-3312 (A vulnerability in the application policy configuration of Cisco Firep ...)
	NOT-FOR-US: Cisco
CVE-2020-3311 (A vulnerability in the web interface of Cisco Firepower Management Cen ...)
	NOT-FOR-US: Cisco
CVE-2020-3310 (A vulnerability in the XML parser code of Cisco Firepower Device Manag ...)
	NOT-FOR-US: Cisco
CVE-2020-3309 (A vulnerability in Cisco Firepower Device Manager (FDM) On-Box softwar ...)
	NOT-FOR-US: Cisco
CVE-2020-3308 (A vulnerability in the Image Signature Verification feature of Cisco F ...)
	NOT-FOR-US: Cisco
CVE-2020-3307 (A vulnerability in the web UI of Cisco Firepower Management Center (FM ...)
	NOT-FOR-US: Cisco
CVE-2020-3306 (A vulnerability in the DHCP module of Cisco Adaptive Security Applianc ...)
	NOT-FOR-US: Cisco
CVE-2020-3305 (A vulnerability in the implementation of the Border Gateway Protocol ( ...)
	NOT-FOR-US: Cisco
CVE-2020-3304 (A vulnerability in the web interface of Cisco Adaptive Security Applia ...)
	NOT-FOR-US: Cisco
CVE-2020-3303 (A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature ...)
	NOT-FOR-US: Cisco
CVE-2020-3302 (A vulnerability in the web UI of Cisco Firepower Management Center (FM ...)
	NOT-FOR-US: Cisco
CVE-2020-3301 (Multiple vulnerabilities in Cisco Firepower Management Center (FMC) So ...)
	NOT-FOR-US: Cisco
CVE-2020-3300
	RESERVED
CVE-2020-3299 (Multiple Cisco products are affected by a vulnerability in the Snort d ...)
	NOT-FOR-US: Cisco
CVE-2020-3298 (A vulnerability in the Open Shortest Path First (OSPF) implementation  ...)
	NOT-FOR-US: Cisco
CVE-2020-3297 (A vulnerability in session management for the web-based interface of C ...)
	NOT-FOR-US: Cisco
CVE-2020-3296 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3295 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3294 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3293 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3292 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3291 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3290 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3289 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3288 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3287 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3286 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3285 (A vulnerability in the Transport Layer Security version 1.3 (TLS 1.3)  ...)
	NOT-FOR-US: Cisco
CVE-2020-3284 (A vulnerability in the enhanced Preboot eXecution Environment (PXE) bo ...)
	NOT-FOR-US: Cisco
CVE-2020-3283 (A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Secu ...)
	NOT-FOR-US: Cisco
CVE-2020-3282 (A vulnerability in the web-based management interface of Cisco Unified ...)
	NOT-FOR-US: Cisco
CVE-2020-3281 (A vulnerability in the audit logging component of Cisco Digital Networ ...)
	NOT-FOR-US: Cisco
CVE-2020-3280 (A vulnerability in the Java Remote Management Interface of Cisco Unifi ...)
	NOT-FOR-US: Cisco
CVE-2020-3279 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3278 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3277 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3276 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3275 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3274 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3273 (A vulnerability in the 802.11 Generic Advertisement Service (GAS) fram ...)
	NOT-FOR-US: Cisco
CVE-2020-3272 (A vulnerability in the DHCP server of Cisco Prime Network Registrar co ...)
	NOT-FOR-US: Cisco
CVE-2020-3271
	RESERVED
CVE-2020-3270
	RESERVED
CVE-2020-3269 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3268 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3267 (A vulnerability in the API subsystem of Cisco Unified Contact Center E ...)
	NOT-FOR-US: Cisco
CVE-2020-3266 (A vulnerability in the CLI of Cisco SD-WAN Solution software could all ...)
	NOT-FOR-US: Cisco
CVE-2020-3265 (A vulnerability in Cisco SD-WAN Solution software could allow an authe ...)
	NOT-FOR-US: Cisco
CVE-2020-3264 (A vulnerability in Cisco SD-WAN Solution software could allow an authe ...)
	NOT-FOR-US: Cisco
CVE-2020-3263 (A vulnerability in Cisco Webex Meetings Desktop App could allow an una ...)
	NOT-FOR-US: Cisco
CVE-2020-3262 (A vulnerability in the Control and Provisioning of Wireless Access Poi ...)
	NOT-FOR-US: Cisco
CVE-2020-3261 (A vulnerability in the web-based management interface of Cisco Mobilit ...)
	NOT-FOR-US: Cisco
CVE-2020-3260 (A vulnerability in Cisco Aironet Series Access Points Software could a ...)
	NOT-FOR-US: Cisco
CVE-2020-3259 (A vulnerability in the web services interface of Cisco Adaptive Securi ...)
	NOT-FOR-US: Cisco
CVE-2020-3258 (Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 I ...)
	NOT-FOR-US: Cisco
CVE-2020-3257 (Multiple vulnerabilities in the Cisco IOx application environment of C ...)
	NOT-FOR-US: Cisco
CVE-2020-3256 (A vulnerability in the web-based management interface of Cisco Hosted  ...)
	NOT-FOR-US: Cisco
CVE-2020-3255 (A vulnerability in the packet processing functionality of Cisco Firepo ...)
	NOT-FOR-US: Cisco
CVE-2020-3254 (Multiple vulnerabilities in the Media Gateway Control Protocol (MGCP)  ...)
	NOT-FOR-US: Cisco
CVE-2020-3253 (A vulnerability in the support tunnel feature of Cisco Firepower Threa ...)
	NOT-FOR-US: Cisco
CVE-2020-3252 (Multiple vulnerabilities in the REST API of Cisco UCS Director and Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3251 (Multiple vulnerabilities in the REST API of Cisco UCS Director and Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3250 (Multiple vulnerabilities in the REST API of Cisco UCS Director and Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3249 (Multiple vulnerabilities in the REST API of Cisco UCS Director and Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3248 (Multiple vulnerabilities in the REST API of Cisco UCS Director and Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3247 (Multiple vulnerabilities in the REST API of Cisco UCS Director and Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3246 (A vulnerability in the web server of Cisco Umbrella could allow an una ...)
	NOT-FOR-US: Cisco
CVE-2020-3245 (A vulnerability in the web application of Cisco Smart Software Manager ...)
	NOT-FOR-US: Cisco
CVE-2020-3244 (A vulnerability in the Enhanced Charging Service (ECS) functionality o ...)
	NOT-FOR-US: Cisco
CVE-2020-3243 (Multiple vulnerabilities in the REST API of Cisco UCS Director and Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3242 (A vulnerability in the REST API of Cisco UCS Director could allow an a ...)
	NOT-FOR-US: Cisco
CVE-2020-3241 (A vulnerability in the orchestration tasks of Cisco UCS Director could ...)
	NOT-FOR-US: Cisco
CVE-2020-3240 (Multiple vulnerabilities in the REST API of Cisco UCS Director and Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3239 (Multiple vulnerabilities in the REST API of Cisco UCS Director and Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3238 (A vulnerability in the Cisco Application Framework component of the Ci ...)
	NOT-FOR-US: Cisco
CVE-2020-3237 (A vulnerability in the Cisco Application Framework component of the Ci ...)
	NOT-FOR-US: Cisco
CVE-2020-3236 (A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Soft ...)
	NOT-FOR-US: Cisco
CVE-2020-3235 (A vulnerability in the Simple Network Management Protocol (SNMP) subsy ...)
	NOT-FOR-US: Cisco
CVE-2020-3234 (A vulnerability in the virtual console authentication of Cisco IOS Sof ...)
	NOT-FOR-US: Cisco
CVE-2020-3233 (A vulnerability in the web-based Local Manager interface of the Cisco  ...)
	NOT-FOR-US: Cisco
CVE-2020-3232 (A vulnerability in the Simple Network Management Protocol (SNMP) imple ...)
	NOT-FOR-US: Cisco
CVE-2020-3231 (A vulnerability in the 802.1X feature of Cisco Catalyst 2960-L Series  ...)
	NOT-FOR-US: Cisco
CVE-2020-3230 (A vulnerability in the Internet Key Exchange Version 2 (IKEv2) impleme ...)
	NOT-FOR-US: Cisco
CVE-2020-3229 (A vulnerability in Role Based Access Control (RBAC) functionality of C ...)
	NOT-FOR-US: Cisco
CVE-2020-3228 (A vulnerability in Security Group Tag Exchange Protocol (SXP) in Cisco ...)
	NOT-FOR-US: Cisco
CVE-2020-3227 (A vulnerability in the authorization controls for the Cisco IOx applic ...)
	NOT-FOR-US: Cisco
CVE-2020-3226 (A vulnerability in the Session Initiation Protocol (SIP) library of Ci ...)
	NOT-FOR-US: Cisco
CVE-2020-3225 (Multiple vulnerabilities in the implementation of the Common Industria ...)
	NOT-FOR-US: Cisco
CVE-2020-3224 (A vulnerability in the web-based user interface (web UI) of Cisco IOS  ...)
	NOT-FOR-US: Cisco
CVE-2020-3223 (A vulnerability in the web-based user interface (web UI) of Cisco IOS  ...)
	NOT-FOR-US: Cisco
CVE-2020-3222 (A vulnerability in the web-based user interface (web UI) of Cisco IOS  ...)
	NOT-FOR-US: Cisco
CVE-2020-3221 (A vulnerability in the Flexible NetFlow Version 9 packet processor of  ...)
	NOT-FOR-US: Cisco
CVE-2020-3220 (A vulnerability in the hardware crypto driver of Cisco IOS XE Software ...)
	NOT-FOR-US: Cisco
CVE-2020-3219 (A vulnerability in the web UI of Cisco IOS XE Software could allow an  ...)
	NOT-FOR-US: Cisco
CVE-2020-3218 (A vulnerability in the web UI of Cisco IOS XE Software could allow an  ...)
	NOT-FOR-US: Cisco
CVE-2020-3217 (A vulnerability in the Topology Discovery Service of Cisco One Platfor ...)
	NOT-FOR-US: Cisco
CVE-2020-3216 (A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthe ...)
	NOT-FOR-US: Cisco
CVE-2020-3215 (A vulnerability in the Virtual Services Container of Cisco IOS XE Soft ...)
	NOT-FOR-US: Cisco
CVE-2020-3214 (A vulnerability in Cisco IOS XE Software could allow an authenticated, ...)
	NOT-FOR-US: Cisco
CVE-2020-3213 (A vulnerability in the ROMMON of Cisco IOS XE Software could allow an  ...)
	NOT-FOR-US: Cisco
CVE-2020-3212 (A vulnerability in the web UI of Cisco IOS XE Software could allow an  ...)
	NOT-FOR-US: Cisco
CVE-2020-3211 (A vulnerability in the web UI of Cisco IOS XE Software could allow an  ...)
	NOT-FOR-US: Cisco
CVE-2020-3210 (A vulnerability in the CLI parsers of Cisco IOS Software for Cisco 809 ...)
	NOT-FOR-US: Cisco
CVE-2020-3209 (A vulnerability in software image verification in Cisco IOS XE Softwar ...)
	NOT-FOR-US: Cisco
CVE-2020-3208 (A vulnerability in the image verification feature of Cisco IOS Softwar ...)
	NOT-FOR-US: Cisco
CVE-2020-3207 (A vulnerability in the processing of boot options of specific Cisco IO ...)
	NOT-FOR-US: Cisco
CVE-2020-3206 (A vulnerability in the handling of IEEE 802.11w Protected Management F ...)
	NOT-FOR-US: Cisco
CVE-2020-3205 (A vulnerability in the implementation of the inter-VM channel of Cisco ...)
	NOT-FOR-US: Cisco
CVE-2020-3204 (A vulnerability in the Tool Command Language (Tcl) interpreter of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3203 (A vulnerability in the locally significant certificate (LSC) provision ...)
	NOT-FOR-US: Cisco
CVE-2020-3202
	RESERVED
CVE-2020-3201 (A vulnerability in the Tool Command Language (Tcl) interpreter of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2020-3200 (A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Sof ...)
	NOT-FOR-US: Cisco
CVE-2020-3199 (Multiple vulnerabilities in the Cisco IOx application environment of C ...)
	NOT-FOR-US: Cisco
CVE-2020-3198 (Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 I ...)
	NOT-FOR-US: Cisco
CVE-2020-3197 (A vulnerability in the API subsystem of Cisco Meetings App could allow ...)
	NOT-FOR-US: Cisco
CVE-2020-3196 (A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Secu ...)
	NOT-FOR-US: Cisco
CVE-2020-3195 (A vulnerability in the Open Shortest Path First (OSPF) implementation  ...)
	NOT-FOR-US: Cisco
CVE-2020-3194 (A vulnerability in Cisco Webex Network Recording Player for Microsoft  ...)
	NOT-FOR-US: Cisco
CVE-2020-3193 (A vulnerability in the web-based management interface of Cisco Prime C ...)
	NOT-FOR-US: Cisco
CVE-2020-3192 (A vulnerability in the web-based management interface of Cisco Prime C ...)
	NOT-FOR-US: Cisco
CVE-2020-3191 (A vulnerability in DNS over IPv6 packet processing for Cisco Adaptive  ...)
	NOT-FOR-US: Cisco
CVE-2020-3190 (A vulnerability in the IPsec packet processor of Cisco IOS XR Software ...)
	NOT-FOR-US: Cisco
CVE-2020-3189 (A vulnerability in the VPN System Logging functionality for Cisco Fire ...)
	NOT-FOR-US: Cisco
CVE-2020-3188 (A vulnerability in how Cisco Firepower Threat Defense (FTD) Software h ...)
	NOT-FOR-US: Cisco
CVE-2020-3187 (A vulnerability in the web services interface of Cisco Adaptive Securi ...)
	NOT-FOR-US: Cisco
CVE-2020-3186 (A vulnerability in the management access list configuration of Cisco F ...)
	NOT-FOR-US: Cisco
CVE-2020-3185 (A vulnerability in the web-based management interface of Cisco TelePre ...)
	NOT-FOR-US: Cisco
CVE-2020-3184 (A vulnerability in the web-based management interface of Cisco Prime C ...)
	NOT-FOR-US: Cisco
CVE-2020-3183
	RESERVED
CVE-2020-3182 (A vulnerability in the multicast DNS (mDNS) protocol configuration of  ...)
	NOT-FOR-US: Cisco
CVE-2020-3181 (A vulnerability in the malware detection functionality in Cisco Advanc ...)
	NOT-FOR-US: Cisco
CVE-2020-3180 (A vulnerability in Cisco SD-WAN Solution Software could allow an unaut ...)
	NOT-FOR-US: Cisco
CVE-2020-3179 (A vulnerability in the generic routing encapsulation (GRE) tunnel deca ...)
	NOT-FOR-US: Cisco
CVE-2020-3178 (Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Softwar ...)
	NOT-FOR-US: Cisco
CVE-2020-3177 (A vulnerability in the Tool for Auto-Registered Phones Support (TAPS)  ...)
	NOT-FOR-US: Cisco
CVE-2020-3176 (A vulnerability in Cisco Remote PHY Device Software could allow an aut ...)
	NOT-FOR-US: Cisco
CVE-2020-3175 (A vulnerability in the resource handling system of Cisco NX-OS Softwar ...)
	NOT-FOR-US: Cisco
CVE-2020-3174 (A vulnerability in the anycast gateway feature of Cisco NX-OS Software ...)
	NOT-FOR-US: Cisco
CVE-2020-3173 (A vulnerability in the local management (local-mgmt) CLI of Cisco UCS  ...)
	NOT-FOR-US: Cisco
CVE-2020-3172 (A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS  ...)
	NOT-FOR-US: Cisco
CVE-2020-3171 (A vulnerability in the local management (local-mgmt) CLI of Cisco FXOS ...)
	NOT-FOR-US: Cisco
CVE-2020-3170 (A vulnerability in the NX-API feature of Cisco NX-OS Software could al ...)
	NOT-FOR-US: Cisco
CVE-2020-3169 (A vulnerability in the CLI of Cisco FXOS Software could allow an authe ...)
	NOT-FOR-US: Cisco
CVE-2020-3168 (A vulnerability in the Secure Login Enhancements capability of Cisco N ...)
	NOT-FOR-US: Cisco
CVE-2020-3167 (A vulnerability in the CLI of Cisco FXOS Software and Cisco UCS Manage ...)
	NOT-FOR-US: Cisco
CVE-2020-3166 (A vulnerability in the CLI of Cisco FXOS Software could allow an authe ...)
	NOT-FOR-US: Cisco
CVE-2020-3165 (A vulnerability in the implementation of Border Gateway Protocol (BGP) ...)
	NOT-FOR-US: Cisco
CVE-2020-3164 (A vulnerability in the web-based management interface of Cisco AsyncOS ...)
	NOT-FOR-US: Cisco
CVE-2020-3163 (A vulnerability in the Live Data server of Cisco Unified Contact Cente ...)
	NOT-FOR-US: Cisco
CVE-2020-3162 (A vulnerability in the Constrained Application Protocol (CoAP) impleme ...)
	NOT-FOR-US: Cisco
CVE-2020-3161 (A vulnerability in the web server for Cisco IP Phones could allow an u ...)
	NOT-FOR-US: Cisco
CVE-2020-3160 (A vulnerability in the Extensible Messaging and Presence Protocol (XMP ...)
	NOT-FOR-US: Cisco
CVE-2020-3159 (A vulnerability in the web-based management interface of Cisco Finesse ...)
	NOT-FOR-US: Cisco
CVE-2020-3158 (A vulnerability in the High Availability (HA) service of Cisco Smart S ...)
	NOT-FOR-US: Cisco
CVE-2020-3157 (A vulnerability in the web-based management interface of Cisco Identit ...)
	NOT-FOR-US: Cisco
CVE-2020-3156 (A vulnerability in the logging component of Cisco Identity Services En ...)
	NOT-FOR-US: Cisco
CVE-2020-3155 (A vulnerability in the SSL implementation of the Cisco Intelligent Pro ...)
	NOT-FOR-US: Cisco
CVE-2020-3154 (A vulnerability in the web UI of Cisco Cloud Web Security (CWS) could  ...)
	NOT-FOR-US: Cisco
CVE-2020-3153 (A vulnerability in the installer component of Cisco AnyConnect Secure  ...)
	NOT-FOR-US: Cisco
CVE-2020-3152 (A vulnerability in Cisco Connected Mobile Experiences (CMX) could allo ...)
	NOT-FOR-US: Cisco
CVE-2020-3151 (A vulnerability in the CLI of Cisco Connected Mobile Experiences (CMX) ...)
	NOT-FOR-US: Cisco
CVE-2020-3150 (A vulnerability in the web-based management interface of Cisco Small B ...)
	NOT-FOR-US: Cisco
CVE-2020-3149 (A vulnerability in the web-based management interface of Cisco Identit ...)
	NOT-FOR-US: Cisco
CVE-2020-3148 (A vulnerability in the web-based interface of Cisco Prime Network Regi ...)
	NOT-FOR-US: Cisco
CVE-2020-3147 (A vulnerability in the web UI of Cisco Small Business Switches could a ...)
	NOT-FOR-US: Cisco
CVE-2020-3146 (Multiple vulnerabilities in the web-based management interface of the  ...)
	NOT-FOR-US: Cisco
CVE-2020-3145 (Multiple vulnerabilities in the web-based management interface of the  ...)
	NOT-FOR-US: Cisco
CVE-2020-3144 (A vulnerability in the web-based management interface of the Cisco RV1 ...)
	NOT-FOR-US: Cisco
CVE-2020-3143 (A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence ...)
	NOT-FOR-US: Cisco
CVE-2020-3142 (A vulnerability in Cisco Webex Meetings Suite sites and Cisco Webex Me ...)
	NOT-FOR-US: Cisco
CVE-2020-3141 (Multiple vulnerabilities in the web management framework of Cisco IOS  ...)
	NOT-FOR-US: Cisco
CVE-2020-3140 (A vulnerability in the web management interface of Cisco Prime License ...)
	NOT-FOR-US: Cisco
CVE-2020-3139 (A vulnerability in the out of band (OOB) management interface IP table ...)
	NOT-FOR-US: Cisco
CVE-2020-3138 (A vulnerability in the upgrade component of Cisco Enterprise NFV Infra ...)
	NOT-FOR-US: Cisco
CVE-2020-3137 (A vulnerability in the web-based management interface of Cisco Email S ...)
	NOT-FOR-US: Cisco
CVE-2020-3136 (A vulnerability in the web-based management interface of Cisco Jabber  ...)
	NOT-FOR-US: Cisco
CVE-2020-3135 (A vulnerability in the web-based management interface of Cisco Unified ...)
	NOT-FOR-US: Cisco
CVE-2020-3134 (A vulnerability in the zip decompression engine of Cisco AsyncOS Softw ...)
	NOT-FOR-US: Cisco
CVE-2020-3133 (A vulnerability in the email message scanning of Cisco AsyncOS Softwar ...)
	NOT-FOR-US: Cisco
CVE-2020-3132 (A vulnerability in the email message scanning feature of Cisco AsyncOS ...)
	NOT-FOR-US: Cisco
CVE-2020-3131 (A vulnerability in the Cisco Webex Teams client for Windows could allo ...)
	NOT-FOR-US: Cisco
CVE-2020-3130 (A vulnerability in the web management interface of Cisco Unity Connect ...)
	NOT-FOR-US: Cisco
CVE-2020-3129 (A vulnerability in the web-based management interface of Cisco Unity C ...)
	NOT-FOR-US: Cisco
CVE-2020-3128 (Multiple vulnerabilities in Cisco Webex Network Recording Player for M ...)
	NOT-FOR-US: Cisco
CVE-2020-3127 (Multiple vulnerabilities in Cisco Webex Network Recording Player for M ...)
	NOT-FOR-US: Cisco
CVE-2020-3126 (vulnerability within the Multimedia Viewer feature of Cisco Webex Meet ...)
	NOT-FOR-US: Cisco
CVE-2020-3125 (A vulnerability in the Kerberos authentication feature of Cisco Adapti ...)
	NOT-FOR-US: Cisco
CVE-2020-3124 (A vulnerability in the web-based interface of Cisco Hosted Collaborati ...)
	NOT-FOR-US: Cisco
CVE-2020-3123 (A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiV ...)
	- clamav 0.102.2+dfsg-1 (bug #950944)
	[buster] - clamav 0.102.2+dfsg-0+deb10u1
	[stretch] - clamav 0.102.2+dfsg-0~deb9u1
	[jessie] - clamav <not-affected> (Vulnerable code introduced in 0.102.x)
	NOTE: https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html
CVE-2020-3122
	RESERVED
CVE-2020-3121 (A vulnerability in the web-based management interface of Cisco Small B ...)
	NOT-FOR-US: Cisco
CVE-2020-3120 (A vulnerability in the Cisco Discovery Protocol implementation for Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3119 (A vulnerability in the Cisco Discovery Protocol implementation for Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3118 (A vulnerability in the Cisco Discovery Protocol implementation for Cis ...)
	NOT-FOR-US: Cisco
CVE-2020-3117 (A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Se ...)
	NOT-FOR-US: Cisco
CVE-2020-3116 (A vulnerability in the way Cisco Webex applications process Universal  ...)
	NOT-FOR-US: Cisco
CVE-2020-3115 (A vulnerability in the CLI of the Cisco SD-WAN Solution vManage softwa ...)
	NOT-FOR-US: Cisco
CVE-2020-3114 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
	NOT-FOR-US: Cisco
CVE-2020-3113 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
	NOT-FOR-US: Cisco
CVE-2020-3112 (A vulnerability in the REST API endpoint of Cisco Data Center Network  ...)
	NOT-FOR-US: Cisco
CVE-2020-3111 (A vulnerability in the Cisco Discovery Protocol implementation for the ...)
	NOT-FOR-US: Cisco
CVE-2020-3110 (A vulnerability in the Cisco Discovery Protocol implementation for the ...)
	NOT-FOR-US: Cisco
CVE-2020-3109
	RESERVED
CVE-2020-3108
	RESERVED
CVE-2020-3107
	RESERVED
CVE-2020-3106
	RESERVED
CVE-2020-3105
	RESERVED
CVE-2020-3104
	RESERVED
CVE-2020-3103
	RESERVED
CVE-2020-3102
	RESERVED
CVE-2020-3101
	RESERVED
CVE-2020-3100
	RESERVED
CVE-2020-3099
	RESERVED
CVE-2020-3098
	RESERVED
CVE-2020-3097
	RESERVED
CVE-2020-3096
	RESERVED
CVE-2020-3095
	RESERVED
CVE-2020-3094
	RESERVED
CVE-2020-3093
	RESERVED
CVE-2020-3092
	RESERVED
CVE-2020-3091
	RESERVED
CVE-2020-3090
	RESERVED
CVE-2020-3089
	RESERVED
CVE-2020-3088
	RESERVED
CVE-2020-3087
	RESERVED
CVE-2020-3086
	RESERVED
CVE-2020-3085
	RESERVED
CVE-2020-3084
	RESERVED
CVE-2020-3083
	RESERVED
CVE-2020-3082
	RESERVED
CVE-2020-3081
	RESERVED
CVE-2020-3080
	RESERVED
CVE-2020-3079
	RESERVED
CVE-2020-3078
	RESERVED
CVE-2020-3077
	RESERVED
CVE-2020-3076
	RESERVED
CVE-2020-3075
	RESERVED
CVE-2020-3074
	RESERVED
CVE-2020-3073
	RESERVED
CVE-2020-3072
	RESERVED
CVE-2020-3071
	RESERVED
CVE-2020-3070
	RESERVED
CVE-2020-3069
	RESERVED
CVE-2020-3068
	RESERVED
CVE-2020-3067
	RESERVED
CVE-2020-3066
	RESERVED
CVE-2020-3065
	RESERVED
CVE-2020-3064
	RESERVED
CVE-2020-3063
	RESERVED
CVE-2020-3062
	RESERVED
CVE-2020-3061
	RESERVED
CVE-2020-3060
	RESERVED
CVE-2020-3059
	RESERVED
CVE-2020-3058
	RESERVED
CVE-2020-3057
	RESERVED
CVE-2020-3056
	RESERVED
CVE-2020-3055
	RESERVED
CVE-2020-3054
	RESERVED
CVE-2020-3053
	RESERVED
CVE-2020-3052
	RESERVED
CVE-2020-3051
	RESERVED
CVE-2020-3050
	RESERVED
CVE-2020-3049
	RESERVED
CVE-2020-3048
	RESERVED
CVE-2020-3047
	RESERVED
CVE-2020-3046
	RESERVED
CVE-2020-3045
	RESERVED
CVE-2020-3044
	RESERVED
CVE-2020-3043
	RESERVED
CVE-2020-3042
	RESERVED
CVE-2020-3041
	RESERVED
CVE-2020-3040
	RESERVED
CVE-2020-3039
	RESERVED
CVE-2020-3038
	RESERVED
CVE-2020-3037
	RESERVED
CVE-2020-3036
	RESERVED
CVE-2020-3035
	RESERVED
CVE-2020-3034
	RESERVED
CVE-2020-3033
	RESERVED
CVE-2020-3032
	RESERVED
CVE-2020-3031
	RESERVED
CVE-2020-3030
	RESERVED
CVE-2020-3029
	RESERVED
CVE-2020-3028
	RESERVED
CVE-2020-3027
	RESERVED
CVE-2020-3026
	RESERVED
CVE-2020-3025
	RESERVED
CVE-2020-3024
	RESERVED
CVE-2020-3023
	RESERVED
CVE-2020-3022
	RESERVED
CVE-2020-3021
	RESERVED
CVE-2020-3020
	RESERVED
CVE-2020-3019
	RESERVED
CVE-2020-3018
	RESERVED
CVE-2020-3017
	RESERVED
CVE-2020-3016
	RESERVED
CVE-2020-3015
	RESERVED
CVE-2020-3014
	RESERVED
CVE-2020-3013
	RESERVED
CVE-2020-3012
	RESERVED
CVE-2020-3011
	RESERVED
CVE-2020-3010
	RESERVED
CVE-2020-3009
	RESERVED
CVE-2020-3008
	RESERVED
CVE-2020-3007
	RESERVED
CVE-2020-3006
	RESERVED
CVE-2020-3005
	RESERVED
CVE-2020-3004
	RESERVED
CVE-2020-3003
	RESERVED
CVE-2020-3002
	RESERVED
CVE-2020-3001
	RESERVED
CVE-2020-3000
	RESERVED
CVE-2020-2999
	RESERVED
CVE-2020-2998
	RESERVED
CVE-2020-2997
	RESERVED
CVE-2020-2996
	RESERVED
CVE-2020-2995
	RESERVED
CVE-2020-2994
	RESERVED
CVE-2020-2993
	RESERVED
CVE-2020-2992
	RESERVED
CVE-2020-2991
	RESERVED
CVE-2020-2990
	RESERVED
CVE-2020-2989
	RESERVED
CVE-2020-2988
	RESERVED
CVE-2020-2987
	RESERVED
CVE-2020-2986
	RESERVED
CVE-2020-2985
	RESERVED
CVE-2020-2984 (Vulnerability in the Oracle Configuration Manager product of Oracle En ...)
	NOT-FOR-US: Oracle
CVE-2020-2983 (Vulnerability in the Oracle Data Masking and Subsetting product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2020-2982 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2981 (Vulnerability in the Data Store component of Oracle Berkeley DB. The s ...)
	NOT-FOR-US: Oracle
CVE-2020-2980
	RESERVED
CVE-2020-2979
	RESERVED
CVE-2020-2978 (Vulnerability in the Oracle Database - Enterprise Edition component of ...)
	NOT-FOR-US: Oracle
CVE-2020-2977 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
	NOT-FOR-US: Oracle
CVE-2020-2976 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
	NOT-FOR-US: Oracle
CVE-2020-2975 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
	NOT-FOR-US: Oracle
CVE-2020-2974 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
	NOT-FOR-US: Oracle
CVE-2020-2973 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
	NOT-FOR-US: Oracle
CVE-2020-2972 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
	NOT-FOR-US: Oracle
CVE-2020-2971 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
	NOT-FOR-US: Oracle
CVE-2020-2970
	RESERVED
CVE-2020-2969 (Vulnerability in the Data Pump component of Oracle Database Server. Su ...)
	NOT-FOR-US: Oracle
CVE-2020-2968 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
	NOT-FOR-US: Oracle
CVE-2020-2967 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2966 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2965
	RESERVED
CVE-2020-2964 (Vulnerability in the Oracle Financial Services Data Foundation product ...)
	NOT-FOR-US: Oracle
CVE-2020-2963 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2962
	RESERVED
CVE-2020-2961 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2960
	RESERVED
CVE-2020-2959 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2958 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2957
	RESERVED
CVE-2020-2956 (Vulnerability in the Oracle Human Resources product of Oracle E-Busine ...)
	NOT-FOR-US: Oracle
CVE-2020-2955 (Vulnerability in the Oracle FLEXCUBE Core Banking product of Oracle Fi ...)
	NOT-FOR-US: Oracle
CVE-2020-2954 (Vulnerability in the PeopleSoft Enterprise HRMS product of Oracle Peop ...)
	NOT-FOR-US: Oracle
CVE-2020-2953 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...)
	NOT-FOR-US: Oracle
CVE-2020-2952 (Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middl ...)
	NOT-FOR-US: Oracle
CVE-2020-2951 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2950 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
	NOT-FOR-US: Oracle
CVE-2020-2949 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
	NOT-FOR-US: Oracle
CVE-2020-2948
	RESERVED
CVE-2020-2947 (Vulnerability in the PeopleSoft Enterprise HCM Absence Management prod ...)
	NOT-FOR-US: Oracle
CVE-2020-2946 (Vulnerability in the Application Performance Management product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2020-2945 (Vulnerability in the Oracle Financial Services Deposit Insurance Calcu ...)
	NOT-FOR-US: Oracle
CVE-2020-2944 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle Solaris
CVE-2020-2943 (Vulnerability in the Oracle Financial Services Liquidity Risk Measurem ...)
	NOT-FOR-US: Oracle
CVE-2020-2942 (Vulnerability in the Oracle Financial Services Price Creation and Disc ...)
	NOT-FOR-US: Oracle
CVE-2020-2941 (Vulnerability in the Oracle Financial Services Funds Transfer Pricing  ...)
	NOT-FOR-US: Oracle
CVE-2020-2940 (Vulnerability in the Oracle Financial Services Profitability Managemen ...)
	NOT-FOR-US: Oracle
CVE-2020-2939 (Vulnerability in the Oracle Financial Services Asset Liability Managem ...)
	NOT-FOR-US: Oracle
CVE-2020-2938 (Vulnerability in the Oracle Financial Services Loan Loss Forecasting a ...)
	NOT-FOR-US: Oracle
CVE-2020-2937 (Vulnerability in the Oracle Insurance Accounting Analyzer product of O ...)
	NOT-FOR-US: Oracle
CVE-2020-2936 (Vulnerability in the Oracle Financial Services Balance Sheet Planning  ...)
	NOT-FOR-US: Oracle
CVE-2020-2935 (Vulnerability in the Oracle Financial Services Hedge Management and IF ...)
	NOT-FOR-US: Oracle
CVE-2020-2934 (Vulnerability in the MySQL Connectors product of Oracle MySQL (compone ...)
	{DSA-4703-1 DLA-2245-1}
	- mysql-connector-java <removed>
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2933 (Vulnerability in the MySQL Connectors product of Oracle MySQL (compone ...)
	{DSA-4703-1 DLA-2245-1}
	- mysql-connector-java <removed>
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2932 (Vulnerability in the Oracle Knowledge product of Oracle Knowledge (com ...)
	NOT-FOR-US: Oracle
CVE-2020-2931 (Vulnerability in the Oracle Knowledge product of Oracle Knowledge (com ...)
	NOT-FOR-US: Oracle
CVE-2020-2930 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2929 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2928 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2927 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2020-2926 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2925 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2924 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2923 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2922 (Vulnerability in the MySQL Client product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #956832)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2921 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2920 (Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain ( ...)
	NOT-FOR-US: Oracle
CVE-2020-2919
	RESERVED
CVE-2020-2918
	RESERVED
CVE-2020-2917
	RESERVED
CVE-2020-2916
	RESERVED
CVE-2020-2915 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
	NOT-FOR-US: Oracle
CVE-2020-2914 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2913 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2912 (Vulnerability in the PeopleSoft Enterprise CS Campus Community product ...)
	NOT-FOR-US: Oracle
CVE-2020-2911 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2910 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2909 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2908 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2907 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2906 (Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of O ...)
	NOT-FOR-US: Oracle
CVE-2020-2905 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2904 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2903 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2902 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2901 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2900 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2899 (Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of O ...)
	NOT-FOR-US: Oracle
CVE-2020-2898 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2897 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2896 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2895 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2894 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2893 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2892 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2891 (Vulnerability in the Oracle Financial Services Liquidity Risk Manageme ...)
	NOT-FOR-US: Oracle
CVE-2020-2890 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2020-2889 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2020-2888 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2020-2887 (Vulnerability in the Oracle Customer Interaction History product of Or ...)
	NOT-FOR-US: Oracle
CVE-2020-2886 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2020-2885 (Vulnerability in the Oracle Document Management and Collaboration prod ...)
	NOT-FOR-US: Oracle
CVE-2020-2884 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2883 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2882 (Vulnerability in the Oracle Human Resources product of Oracle E-Busine ...)
	NOT-FOR-US: Oracle
CVE-2020-2881 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2020-2880 (Vulnerability in the Oracle Learning Management product of Oracle E-Bu ...)
	NOT-FOR-US: Oracle
CVE-2020-2879 (Vulnerability in the Oracle Scripting product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2020-2878 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
	NOT-FOR-US: Oracle
CVE-2020-2877 (Vulnerability in the Oracle Partner Management product of Oracle E-Bus ...)
	NOT-FOR-US: Oracle
CVE-2020-2876 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2020-2875 (Vulnerability in the MySQL Connectors product of Oracle MySQL (compone ...)
	{DSA-4703-1 DLA-2245-1}
	- mysql-connector-java <removed>
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2874 (Vulnerability in the Oracle Email Center product of Oracle E-Business  ...)
	NOT-FOR-US: Oracle
CVE-2020-2873 (Vulnerability in the Oracle Customer Interaction History product of Or ...)
	NOT-FOR-US: Oracle
CVE-2020-2872 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
	NOT-FOR-US: Oracle
CVE-2020-2871 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2020-2870 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2020-2869 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2868 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2867 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2866 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2020-2865 (Vulnerability in the Oracle Configurator product of Oracle Supply Chai ...)
	NOT-FOR-US: Oracle
CVE-2020-2864 (Vulnerability in the Oracle iSupplier Portal product of Oracle E-Busin ...)
	NOT-FOR-US: Oracle
CVE-2020-2863 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2020-2862 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2020-2861 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2020-2860 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2020-2859 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2858 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2020-2857 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2020-2856 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2020-2855 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
	NOT-FOR-US: Oracle
CVE-2020-2854 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2020-2853 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2852 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2020-2851 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle Solaris
CVE-2020-2850 (Vulnerability in the Oracle Depot Repair product of Oracle E-Business  ...)
	NOT-FOR-US: Oracle
CVE-2020-2849 (Vulnerability in the Oracle Depot Repair product of Oracle E-Business  ...)
	NOT-FOR-US: Oracle
CVE-2020-2848 (Vulnerability in the Oracle Depot Repair product of Oracle E-Business  ...)
	NOT-FOR-US: Oracle
CVE-2020-2847 (Vulnerability in the Oracle Depot Repair product of Oracle E-Business  ...)
	NOT-FOR-US: Oracle
CVE-2020-2846 (Vulnerability in the Oracle Depot Repair product of Oracle E-Business  ...)
	NOT-FOR-US: Oracle
CVE-2020-2845 (Vulnerability in the Oracle Depot Repair product of Oracle E-Business  ...)
	NOT-FOR-US: Oracle
CVE-2020-2844 (Vulnerability in the Oracle Depot Repair product of Oracle E-Business  ...)
	NOT-FOR-US: Oracle
CVE-2020-2843 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
	NOT-FOR-US: Oracle
CVE-2020-2842 (Vulnerability in the Oracle Depot Repair product of Oracle E-Business  ...)
	NOT-FOR-US: Oracle
CVE-2020-2841 (Vulnerability in the Oracle Knowledge Management product of Oracle E-B ...)
	NOT-FOR-US: Oracle
CVE-2020-2840 (Vulnerability in the Oracle E-Business Intelligence product of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2020-2839 (Vulnerability in the Oracle Service Intelligence product of Oracle E-B ...)
	NOT-FOR-US: Oracle
CVE-2020-2838 (Vulnerability in the Oracle CRM Gateway for Mobile Devices product of  ...)
	NOT-FOR-US: Oracle
CVE-2020-2837 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2020-2836 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2020-2835 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2020-2834 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2020-2833 (Vulnerability in the Oracle Quoting product of Oracle E-Business Suite ...)
	NOT-FOR-US: Oracle
CVE-2020-2832 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2020-2831 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2020-2830 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4668-1 DSA-4662-1 DLA-2193-1}
	- openjdk-14 14.0.1+7-1
	- openjdk-11 11.0.7+10-1
	- openjdk-8 8u252-b09-1
	- openjdk-7 <removed>
CVE-2020-2829 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2828 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2827 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2020-2826 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2020-2825 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2020-2824 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2020-2823 (Vulnerability in the Oracle Common Applications Calendar product of Or ...)
	NOT-FOR-US: Oracle
CVE-2020-2822 (Vulnerability in the Oracle Trade Management product of Oracle E-Busin ...)
	NOT-FOR-US: Oracle
CVE-2020-2821 (Vulnerability in the Oracle Trade Management product of Oracle E-Busin ...)
	NOT-FOR-US: Oracle
CVE-2020-2820 (Vulnerability in the Oracle Common Applications Calendar product of Or ...)
	NOT-FOR-US: Oracle
CVE-2020-2819 (Vulnerability in the Oracle Universal Work Queue product of Oracle E-B ...)
	NOT-FOR-US: Oracle
CVE-2020-2818 (Vulnerability in the Oracle Universal Work Queue product of Oracle E-B ...)
	NOT-FOR-US: Oracle
CVE-2020-2817 (Vulnerability in the Oracle Scripting product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2020-2816 (Vulnerability in the Java SE product of Oracle Java SE (component: JSS ...)
	{DSA-4662-1}
	- openjdk-14 14.0.1+7-1
	- openjdk-11 11.0.7+10-1
CVE-2020-2815 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
	NOT-FOR-US: Oracle
CVE-2020-2814 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mariadb-10.3 1:10.3.23-1 (bug #961849)
	[buster] - mariadb-10.3 1:10.3.23-0+deb10u1
	- mariadb-10.1 <removed>
	[stretch] - mariadb-10.1 10.1.45-0+deb9u1
	- mysql-5.7 <removed> (bug #956832)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
	NOTE: Fixed in MariaDB 10.3.23, 10.1.45
CVE-2020-2813 (Vulnerability in the Oracle Email Center product of Oracle E-Business  ...)
	NOT-FOR-US: Oracle
CVE-2020-2812 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mariadb-10.3 1:10.3.23-1 (bug #961849)
	[buster] - mariadb-10.3 1:10.3.23-0+deb10u1
	- mariadb-10.1 <removed>
	[stretch] - mariadb-10.1 10.1.45-0+deb9u1
	- mysql-5.7 <removed> (bug #956832)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
	NOTE: Fixed in MariaDB 10.3.23, 10.1.45
CVE-2020-2811 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2810 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite  ...)
	NOT-FOR-US: Oracle
CVE-2020-2809 (Vulnerability in the Oracle E-Business Intelligence product of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2020-2808 (Vulnerability in the Oracle E-Business Intelligence product of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2020-2807 (Vulnerability in the Oracle Marketing Encyclopedia System product of O ...)
	NOT-FOR-US: Oracle
CVE-2020-2806 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #956832)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2805 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4668-1 DSA-4662-1 DLA-2193-1}
	- openjdk-14 14.0.1+7-1
	- openjdk-11 11.0.7+10-1
	- openjdk-8 8u252-b09-1
	- openjdk-7 <removed>
CVE-2020-2804 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #956832)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2803 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4668-1 DSA-4662-1 DLA-2193-1}
	- openjdk-14 14.0.1+7-1
	- openjdk-11 11.0.7+10-1
	- openjdk-8 8u252-b09-1
	- openjdk-7 <removed>
CVE-2020-2802 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2801 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2800 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4668-1 DSA-4662-1 DLA-2193-1}
	- openjdk-14 14.0.1+7-1
	- openjdk-11 11.0.7+10-1
	- openjdk-8 8u252-b09-1
	- openjdk-7 <removed>
CVE-2020-2799 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2798 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2797 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2796 (Vulnerability in the Oracle Email Center product of Oracle E-Business  ...)
	NOT-FOR-US: Oracle
CVE-2020-2795 (Vulnerability in the Oracle Knowledge product of Oracle Knowledge (com ...)
	NOT-FOR-US: Oracle
CVE-2020-2794 (Vulnerability in the Oracle Email Center product of Oracle E-Business  ...)
	NOT-FOR-US: Oracle
CVE-2020-2793 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
	NOT-FOR-US: Oracle
CVE-2020-2792
	RESERVED
CVE-2020-2791 (Vulnerability in the Oracle Knowledge product of Oracle Knowledge (com ...)
	NOT-FOR-US: Oracle
CVE-2020-2790 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #956832)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2789 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
	NOT-FOR-US: Oracle
CVE-2020-2788
	RESERVED
CVE-2020-2787 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
	NOT-FOR-US: Oracle
CVE-2020-2786 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
	NOT-FOR-US: Oracle
CVE-2020-2785 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
	NOT-FOR-US: Oracle
CVE-2020-2784 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
	NOT-FOR-US: Oracle
CVE-2020-2783 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
	NOT-FOR-US: Oracle
CVE-2020-2782 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2781 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4668-1 DSA-4662-1 DLA-2193-1}
	- openjdk-14 14.0.1+7-1
	- openjdk-11 11.0.7+10-1
	- openjdk-8 8u252-b09-1
	- openjdk-7 <removed>
CVE-2020-2780 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #956832)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2779 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (MySQL 8 only)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2778 (Vulnerability in the Java SE product of Oracle Java SE (component: JSS ...)
	{DSA-4662-1}
	- openjdk-14 14.0.1+7-1
	- openjdk-11 11.0.7+10-1
CVE-2020-2777 (Vulnerability in the Hyperion Financial Management product of Oracle H ...)
	NOT-FOR-US: Oracle
CVE-2020-2776 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2775 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2774 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2773 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4668-1 DSA-4662-1 DLA-2193-1}
	- openjdk-14 14.0.1+7-1
	- openjdk-11 11.0.7+10-1
	- openjdk-8 8u252-b09-1
	- openjdk-7 <removed>
CVE-2020-2772 (Vulnerability in the Oracle Human Resources product of Oracle E-Busine ...)
	NOT-FOR-US: Oracle
CVE-2020-2771 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle Solaris
CVE-2020-2770 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2769 (Vulnerability in the Hyperion Financial Reporting product of Oracle Hy ...)
	NOT-FOR-US: Oracle
CVE-2020-2768 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...)
	- mysql-cluster <itp> (bug #833356)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2767 (Vulnerability in the Java SE product of Oracle Java SE (component: JSS ...)
	{DSA-4662-1}
	- openjdk-14 14.0.1+7-1
	- openjdk-11 11.0.7+10-1
CVE-2020-2766 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2765 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #956832)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2764 (Vulnerability in the Java SE product of Oracle Java SE (component: Adv ...)
	NOT-FOR-US: Java Advanced Management Console
CVE-2020-2763 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #956832)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2762 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2761 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2760 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mariadb-10.3 1:10.3.23-1 (bug #961849)
	[buster] - mariadb-10.3 1:10.3.23-0+deb10u1
	- mysql-5.7 <removed> (bug #956832)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
	NOTE: Fixed in MariaDB 10.3.23
CVE-2020-2759 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2758 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2757 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4668-1 DSA-4662-1 DLA-2193-1}
	- openjdk-14 14.0.1+7-1
	- openjdk-11 11.0.7+10-1
	- openjdk-8 8u252-b09-1
	- openjdk-7 <removed>
CVE-2020-2756 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4668-1 DSA-4662-1 DLA-2193-1}
	- openjdk-14 14.0.1+7-1
	- openjdk-11 11.0.7+10-1
	- openjdk-8 8u252-b09-1
	- openjdk-7 <removed>
CVE-2020-2755 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4668-1 DSA-4662-1}
	- openjdk-14 14.0.1+7-1
	- openjdk-11 11.0.7+10-1
	- openjdk-8 8u252-b09-1
CVE-2020-2754 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4668-1 DSA-4662-1}
	- openjdk-14 14.0.1+7-1
	- openjdk-11 11.0.7+10-1
	- openjdk-8 8u252-b09-1
CVE-2020-2753 (Vulnerability in the Oracle Workflow product of Oracle E-Business Suit ...)
	NOT-FOR-US: Oracle
CVE-2020-2752 (Vulnerability in the MySQL Client product of Oracle MySQL (component:  ...)
	- mariadb-10.3 1:10.3.23-1 (bug #961849)
	[buster] - mariadb-10.3 1:10.3.23-0+deb10u1
	- mariadb-10.1 <removed>
	[stretch] - mariadb-10.1 10.1.45-0+deb9u1
	- mysql-5.7 <removed> (bug #956832)
	NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
	NOTE: Fixed in MariaDB 10.3.23, 10.1.45
CVE-2020-2751 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2750 (Vulnerability in the Oracle General Ledger product of Oracle E-Busines ...)
	NOT-FOR-US: Oracle
CVE-2020-2749 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2020-2748 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2747 (Vulnerability in the Oracle Access Manager product of Oracle Fusion Mi ...)
	NOT-FOR-US: Oracle
CVE-2020-2746 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
	NOT-FOR-US: Oracle
CVE-2020-2745 (Vulnerability in the Oracle Access Manager product of Oracle Fusion Mi ...)
	NOT-FOR-US: Oracle
CVE-2020-2744 (Vulnerability in the Oracle Transportation Management product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2743 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.2-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2742 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.2-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2741 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2740 (Vulnerability in the Oracle Access Manager product of Oracle Fusion Mi ...)
	NOT-FOR-US: Oracle
CVE-2020-2739 (Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2738 (Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM  ...)
	NOT-FOR-US: Oracle
CVE-2020-2737 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
	NOT-FOR-US: Oracle
CVE-2020-2736
	RESERVED
CVE-2020-2735 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
	NOT-FOR-US: Oracle
CVE-2020-2734 (Vulnerability in the RDBMS/Optimizer component of Oracle Database Serv ...)
	NOT-FOR-US: Oracle
CVE-2020-2733 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2020-2732 (A flaw was discovered in the way that the KVM hypervisor handled instr ...)
	{DSA-4698-1 DSA-4667-1 DLA-2242-1 DLA-2241-1}
	- linux 5.5.13-1
	NOTE: https://git.kernel.org/linus/07721feee46b4b248402133228235318199b05ec
	NOTE: https://git.kernel.org/linus/35a571346a94fb93b5b3b6a599675ef3384bc75c
	NOTE: https://git.kernel.org/linus/e71237d3ff1abf9f3388337cfebf53b96df2020d
CVE-2020-2731 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
	NOT-FOR-US: Oracle
CVE-2020-2730 (Vulnerability in the Oracle Financial Services Revenue Management and  ...)
	NOT-FOR-US: Oracle
CVE-2020-2729 (Vulnerability in the Identity Manager product of Oracle Fusion Middlew ...)
	NOT-FOR-US: Oracle
CVE-2020-2728 (Vulnerability in the Identity Manager product of Oracle Fusion Middlew ...)
	NOT-FOR-US: Oracle
CVE-2020-2727 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.2-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2726 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.2-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2725 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.2-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2724 (Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2020-2723 (Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2020-2722 (Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2020-2721 (Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2020-2720 (Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2020-2719 (Vulnerability in the Oracle Banking Corporate Lending product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2718 (Vulnerability in the Oracle Banking Corporate Lending product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2717 (Vulnerability in the Oracle Banking Corporate Lending product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2716 (Vulnerability in the Oracle Banking Corporate Lending product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2715 (Vulnerability in the Oracle Banking Corporate Lending product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2714 (Vulnerability in the Oracle Banking Payments product of Oracle Financi ...)
	NOT-FOR-US: Oracle
CVE-2020-2713 (Vulnerability in the Oracle Banking Payments product of Oracle Financi ...)
	NOT-FOR-US: Oracle
CVE-2020-2712 (Vulnerability in the Oracle Banking Payments product of Oracle Financi ...)
	NOT-FOR-US: Oracle
CVE-2020-2711 (Vulnerability in the Oracle Banking Payments product of Oracle Financi ...)
	NOT-FOR-US: Oracle
CVE-2020-2710 (Vulnerability in the Oracle Banking Payments product of Oracle Financi ...)
	NOT-FOR-US: Oracle
CVE-2020-2709 (Vulnerability in the Oracle iLearning product of Oracle iLearning (com ...)
	NOT-FOR-US: Oracle
CVE-2020-2708
	RESERVED
CVE-2020-2707 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
	NOT-FOR-US: Oracle
CVE-2020-2706 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
	NOT-FOR-US: Oracle
CVE-2020-2705 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.2-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2704 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.2-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2703 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.2-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2702 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.2-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2701 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.2-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2700 (Vulnerability in the Oracle FLEXCUBE Universal Banking product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2699 (Vulnerability in the Oracle FLEXCUBE Universal Banking product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2698 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.2-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2697 (Vulnerability in the Oracle Hospitality Suites Management component of ...)
	NOT-FOR-US: Oracle
CVE-2020-2696 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2020-2695 (Vulnerability in the PeopleSoft Enterprise CC Common Application Objec ...)
	NOT-FOR-US: Oracle
CVE-2020-2694 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (MySQL 8 only)
	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
CVE-2020-2693 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.2-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2692 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.2-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2691 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.2-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2690 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.2-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2689 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.2-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2688 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
	NOT-FOR-US: Oracle
CVE-2020-2687 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2686 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
CVE-2020-2685 (Vulnerability in the Oracle FLEXCUBE Universal Banking product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2684 (Vulnerability in the Oracle FLEXCUBE Universal Banking product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2683 (Vulnerability in the Oracle FLEXCUBE Universal Banking product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2682 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.2-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2681 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.2-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2680 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2020-2679 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
CVE-2020-2678 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.2-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2677 (Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hosp ...)
	NOT-FOR-US: Oracle
CVE-2020-2676 (Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hosp ...)
	NOT-FOR-US: Oracle
CVE-2020-2675 (Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hosp ...)
	NOT-FOR-US: Oracle
CVE-2020-2674 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.2-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2673 (Vulnerability in the Oracle Application Testing Suite product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2672 (Vulnerability in the Oracle Email Center product of Oracle E-Business  ...)
	NOT-FOR-US: Oracle
CVE-2020-2671 (Vulnerability in the Oracle Email Center product of Oracle E-Business  ...)
	NOT-FOR-US: Oracle
CVE-2020-2670 (Vulnerability in the Oracle Email Center product of Oracle E-Business  ...)
	NOT-FOR-US: Oracle
CVE-2020-2669 (Vulnerability in the Oracle Email Center product of Oracle E-Business  ...)
	NOT-FOR-US: Oracle
CVE-2020-2668 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
	NOT-FOR-US: Oracle
CVE-2020-2667 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
	NOT-FOR-US: Oracle
CVE-2020-2666 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2020-2665 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
	NOT-FOR-US: Oracle
CVE-2020-2664 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2020-2663 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2662 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
	NOT-FOR-US: Oracle
CVE-2020-2661 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
	NOT-FOR-US: Oracle
CVE-2020-2660 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #949994)
	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
CVE-2020-2659 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4621-1 DLA-2128-1}
	- openjdk-8 8u242-b08-1
	- openjdk-7 <removed>
CVE-2020-2658 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
	NOT-FOR-US: Oracle
CVE-2020-2657 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2020-2656 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2020-2655 (Vulnerability in the Java SE product of Oracle Java SE (component: JSS ...)
	{DSA-4605-1}
	- openjdk-13 13.0.2+8-1
	- openjdk-11 11.0.6+10-1
CVE-2020-2654 (Vulnerability in the Java SE product of Oracle Java SE (component: Lib ...)
	{DSA-4621-1 DSA-4605-1 DLA-2128-1}
	- openjdk-13 13.0.2+8-1
	- openjdk-11 11.0.6+10-1
	- openjdk-8 8u242-b08-1
	- openjdk-7 <removed>
CVE-2020-2653 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2020-2652 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2020-2651 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2020-2650 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...)
	NOT-FOR-US: Oracle
CVE-2020-2649 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...)
	NOT-FOR-US: Oracle
CVE-2020-2648 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...)
	NOT-FOR-US: Oracle
CVE-2020-2647 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2020-2646 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2645 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2644 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2643 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2642 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2641 (Vulnerability in the Enterprise Manager for Oracle Database product of ...)
	NOT-FOR-US: Oracle
CVE-2020-2640 (Vulnerability in the Enterprise Manager for Oracle Database product of ...)
	NOT-FOR-US: Oracle
CVE-2020-2639 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2638 (Vulnerability in the Enterprise Manager for Oracle Database product of ...)
	NOT-FOR-US: Oracle
CVE-2020-2637 (Vulnerability in the Enterprise Manager for Oracle Database product of ...)
	NOT-FOR-US: Oracle
CVE-2020-2636 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2635 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2634 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2633 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2632 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2631 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2630 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2629 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2628 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2627 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
CVE-2020-2626 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2625 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2624 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2623 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2622 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2621 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2620 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2619 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2618 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2617 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2616 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2615 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2614 (Vulnerability in the Enterprise Manager for Fusion Middleware product  ...)
	NOT-FOR-US: Oracle
CVE-2020-2613 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2612 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2611 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2610 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2609 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2608 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2020-2607 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2606 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2605 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2020-2604 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4621-1 DSA-4605-1 DLA-2128-1}
	- openjdk-13 13.0.2+8-1
	- openjdk-11 11.0.6+10-1
	- openjdk-8 8u242-b08-1
	- openjdk-7 <removed>
CVE-2020-2603 (Vulnerability in the Oracle Field Service product of Oracle E-Business ...)
	NOT-FOR-US: Oracle
CVE-2020-2602 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2601 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4621-1 DSA-4605-1 DLA-2128-1}
	- openjdk-13 13.0.2+8-1
	- openjdk-11 11.0.6+10-1
	- openjdk-8 8u242-b08-1
	- openjdk-7 <removed>
CVE-2020-2600 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2599 (Vulnerability in the Oracle Hospitality Cruise Materials Management pr ...)
	NOT-FOR-US: Oracle
CVE-2020-2598 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2597 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2020-2596 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2020-2595 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2594 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
	NOT-FOR-US: Oracle
CVE-2020-2593 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4621-1 DSA-4605-1 DLA-2128-1}
	- openjdk-13 13.0.2+8-1
	- openjdk-11 11.0.6+10-1
	- openjdk-8 8u242-b08-1
	- openjdk-7 <removed>
CVE-2020-2592 (Vulnerability in the Oracle AutoVue product of Oracle Supply Chain (co ...)
	NOT-FOR-US: Oracle
CVE-2020-2591 (Vulnerability in the Oracle Web Applications Desktop Integrator produc ...)
	NOT-FOR-US: Oracle
CVE-2020-2590 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4621-1 DSA-4605-1 DLA-2128-1}
	- openjdk-13 13.0.2+8-1
	- openjdk-11 11.0.6+10-1
	- openjdk-8 8u242-b08-1
	- openjdk-7 <removed>
CVE-2020-2589 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #949994)
	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
CVE-2020-2588 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (MySQL 8 only)
	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
CVE-2020-2587 (Vulnerability in the Oracle Human Resources product of Oracle E-Busine ...)
	NOT-FOR-US: Oracle
CVE-2020-2586 (Vulnerability in the Oracle Human Resources product of Oracle E-Busine ...)
	NOT-FOR-US: Oracle
CVE-2020-2585 (Vulnerability in the Java SE product of Oracle Java SE (component: Jav ...)
	- openjfx 11+26-1
	[stretch] - openjfx <no-dsa> (Minor issue)
	NOTE: This only affects JavaFX 8, so marking the first post 8 version as fixed
CVE-2020-2584 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #949994)
	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
CVE-2020-2583 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4621-1 DSA-4605-1 DLA-2128-1}
	- openjdk-13 13.0.2+8-1
	- openjdk-11 11.0.6+10-1
	- openjdk-8 8u242-b08-1
	- openjdk-7 <removed>
CVE-2020-2582 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite  ...)
	NOT-FOR-US: Oracle
CVE-2020-2581 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2580 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (MySQL 8 only)
	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
CVE-2020-2579 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #949994)
	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
CVE-2020-2578 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2020-2577 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #949994)
	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
CVE-2020-2576 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
	NOT-FOR-US: Oracle
CVE-2020-2575 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.1.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2574 (Vulnerability in the MySQL Client product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #949994)
	- mariadb-10.3 1:10.3.22-1
	[buster] - mariadb-10.3 1:10.3.22-0+deb10u1
	- mariadb-10.1 <removed>
	[stretch] - mariadb-10.1 10.1.44-0+deb9u1
	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
	NOTE: Fixed in MariaDB: 5.5.67, 10.1.44, 10.2.31, 10.3.22, 10.4.12
CVE-2020-2573 (Vulnerability in the MySQL Client product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #949994)
	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
CVE-2020-2572 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #949994)
	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
CVE-2020-2571 (Vulnerability in the Oracle VM Server for SPARC product of Oracle Syst ...)
	NOT-FOR-US: Oracle
CVE-2020-2570 (Vulnerability in the MySQL Client product of Oracle MySQL (component:  ...)
	- mysql-5.7 <removed> (bug #949994)
	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
CVE-2020-2569 (Vulnerability in the Oracle Applications DBA component of Oracle Datab ...)
	NOT-FOR-US: Oracle
CVE-2020-2568 (Vulnerability in the Oracle Applications DBA component of Oracle Datab ...)
	NOT-FOR-US: Oracle
CVE-2020-2567 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...)
	NOT-FOR-US: Oracle
CVE-2020-2566 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2020-2565 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2020-2564 (Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM  ...)
	NOT-FOR-US: Oracle
CVE-2020-2563 (Vulnerability in the Hyperion Financial Close Management product of Or ...)
	NOT-FOR-US: Oracle
CVE-2020-2562 (Vulnerability in the Primavera Portfolio Management product of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2020-2561 (Vulnerability in the PeopleSoft Enterprise HCM Human Resources product ...)
	NOT-FOR-US: Oracle
CVE-2020-2560 (Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM  ...)
	NOT-FOR-US: Oracle
CVE-2020-2559 (Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM  ...)
	NOT-FOR-US: Oracle
CVE-2020-2558 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2020-2557 (Vulnerability in the Oracle Demantra Demand Management product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2020-2556 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
	NOT-FOR-US: Oracle
CVE-2020-2555 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
	NOT-FOR-US: Oracle
CVE-2020-2554
	RESERVED
CVE-2020-2553 (Vulnerability in the Oracle Knowledge product of Oracle Knowledge (com ...)
	NOT-FOR-US: Oracle
CVE-2020-2552 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2551 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2550 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2549 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2548 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2547 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2546 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2545 (Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middl ...)
	NOT-FOR-US: Oracle
CVE-2020-2544 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2543 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
	NOT-FOR-US: Oracle
CVE-2020-2542 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
	NOT-FOR-US: Oracle
CVE-2020-2541 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
	NOT-FOR-US: Oracle
CVE-2020-2540 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
	NOT-FOR-US: Oracle
CVE-2020-2539 (Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2538 (Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2537 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
	NOT-FOR-US: Oracle
CVE-2020-2536 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
	NOT-FOR-US: Oracle
CVE-2020-2535 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
	NOT-FOR-US: Oracle
CVE-2020-2534 (Vulnerability in the Oracle Reports Developer product of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2020-2533 (Vulnerability in the Oracle Reports Developer product of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2020-2532
	RESERVED
CVE-2020-2531 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
	NOT-FOR-US: Oracle
CVE-2020-2530 (Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middl ...)
	NOT-FOR-US: Oracle
CVE-2020-2529
	RESERVED
CVE-2020-2528
	RESERVED
CVE-2020-2527 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
	NOT-FOR-US: Oracle
CVE-2020-2526
	RESERVED
CVE-2020-2525
	RESERVED
CVE-2020-2524 (Vulnerability in the Oracle Knowledge product of Oracle Knowledge (com ...)
	NOT-FOR-US: Oracle
CVE-2020-2523
	RESERVED
CVE-2020-2522 (Vulnerability in the Oracle Knowledge product of Oracle Knowledge (com ...)
	NOT-FOR-US: Oracle
CVE-2020-2521
	RESERVED
CVE-2020-2520
	RESERVED
CVE-2020-2519 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2020-2518 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
	NOT-FOR-US: Oracle
CVE-2020-2517 (Vulnerability in the Database Gateway for ODBC component of Oracle Dat ...)
	NOT-FOR-US: Oracle
CVE-2020-2516 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
	NOT-FOR-US: Oracle
CVE-2020-2515 (Vulnerability in the Database Gateway for ODBC component of Oracle Dat ...)
	NOT-FOR-US: Oracle
CVE-2020-2514 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
	NOT-FOR-US: Oracle
CVE-2020-2513 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
	NOT-FOR-US: Oracle
CVE-2020-2512 (Vulnerability in the Database Gateway for ODBC component of Oracle Dat ...)
	NOT-FOR-US: Oracle
CVE-2020-2511 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
	NOT-FOR-US: Oracle
CVE-2020-2510 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
	NOT-FOR-US: Oracle
CVE-2020-2509 (A command injection vulnerability has been reported to affect QTS and  ...)
	NOT-FOR-US: QNAP
CVE-2020-2508 (A command injection vulnerability has been reported to affect QTS and  ...)
	NOT-FOR-US: QNAP
CVE-2020-2507 (The vulnerability have been reported to affect earlier versions of QTS ...)
	NOT-FOR-US: QNAP
CVE-2020-2506 (The vulnerability have been reported to affect earlier versions of QTS ...)
	NOT-FOR-US: QNAP
CVE-2020-2505 (If exploited, this vulnerability could allow attackers to gain sensiti ...)
	NOT-FOR-US: QNAP
CVE-2020-2504 (If exploited, this absolute path traversal vulnerability could allow a ...)
	NOT-FOR-US: QNAP
CVE-2020-2503 (If exploited, this stored cross-site scripting vulnerability could all ...)
	NOT-FOR-US: QNAP
CVE-2020-2502 (This cross-site scripting vulnerability in Photo Station allows remote ...)
	NOT-FOR-US: QNAP
CVE-2020-2501 (A stack-based buffer overflow vulnerability has been reported to affec ...)
	NOT-FOR-US: QNAP
CVE-2020-2500 (This improper access control vulnerability in Helpdesk allows attacker ...)
	NOT-FOR-US: QNAP
CVE-2020-2499 (A hard-coded password vulnerability has been reported to affect earlie ...)
	NOT-FOR-US: QNAP
CVE-2020-2498 (If exploited, this cross-site scripting vulnerability could allow remo ...)
	NOT-FOR-US: QNAP
CVE-2020-2497 (If exploited, this cross-site scripting vulnerability could allow remo ...)
	NOT-FOR-US: QNAP
CVE-2020-2496 (If exploited, this cross-site scripting vulnerability could allow remo ...)
	NOT-FOR-US: QNAP
CVE-2020-2495 (If exploited, this cross-site scripting vulnerability could allow remo ...)
	NOT-FOR-US: QNAP
CVE-2020-2494 (This cross-site scripting vulnerability in Music Station allows remote ...)
	NOT-FOR-US: QNAP
CVE-2020-2493 (This cross-site scripting vulnerability in Multimedia Console allows r ...)
	NOT-FOR-US: QNAP
CVE-2020-2492 (If exploited, the command injection vulnerability could allow remote a ...)
	NOT-FOR-US: QNAP
CVE-2020-2491 (This cross-site scripting vulnerability in Photo Station allows remote ...)
	NOT-FOR-US: QNAP
CVE-2020-2490 (If exploited, the command injection vulnerability could allow remote a ...)
	NOT-FOR-US: QNAP
CVE-2020-2489
	RESERVED
CVE-2020-2488
	RESERVED
CVE-2020-2487
	RESERVED
CVE-2020-2486
	RESERVED
CVE-2020-2485
	RESERVED
CVE-2020-2484
	RESERVED
CVE-2020-2483
	RESERVED
CVE-2020-2482
	RESERVED
CVE-2020-2481
	RESERVED
CVE-2020-2480
	RESERVED
CVE-2020-2479
	RESERVED
CVE-2020-2478
	RESERVED
CVE-2020-2477
	RESERVED
CVE-2020-2476
	RESERVED
CVE-2020-2475
	RESERVED
CVE-2020-2474
	RESERVED
CVE-2020-2473
	RESERVED
CVE-2020-2472
	RESERVED
CVE-2020-2471
	RESERVED
CVE-2020-2470
	RESERVED
CVE-2020-2469
	RESERVED
CVE-2020-2468
	RESERVED
CVE-2020-2467
	RESERVED
CVE-2020-2466
	RESERVED
CVE-2020-2465
	RESERVED
CVE-2020-2464
	RESERVED
CVE-2020-2463
	RESERVED
CVE-2020-2462
	RESERVED
CVE-2020-2461
	RESERVED
CVE-2020-2460
	RESERVED
CVE-2020-2459
	RESERVED
CVE-2020-2458
	RESERVED
CVE-2020-2457
	RESERVED
CVE-2020-2456
	RESERVED
CVE-2020-2455
	RESERVED
CVE-2020-2454
	RESERVED
CVE-2020-2453
	RESERVED
CVE-2020-2452
	RESERVED
CVE-2020-2451
	RESERVED
CVE-2020-2450
	RESERVED
CVE-2020-2449
	RESERVED
CVE-2020-2448
	RESERVED
CVE-2020-2447
	RESERVED
CVE-2020-2446
	RESERVED
CVE-2020-2445
	RESERVED
CVE-2020-2444
	RESERVED
CVE-2020-2443
	RESERVED
CVE-2020-2442
	RESERVED
CVE-2020-2441
	RESERVED
CVE-2020-2440
	RESERVED
CVE-2020-2439
	RESERVED
CVE-2020-2438
	RESERVED
CVE-2020-2437
	RESERVED
CVE-2020-2436
	RESERVED
CVE-2020-2435
	RESERVED
CVE-2020-2434
	RESERVED
CVE-2020-2433
	RESERVED
CVE-2020-2432
	RESERVED
CVE-2020-2431
	RESERVED
CVE-2020-2430
	RESERVED
CVE-2020-2429
	RESERVED
CVE-2020-2428
	RESERVED
CVE-2020-2427
	RESERVED
CVE-2020-2426
	RESERVED
CVE-2020-2425
	RESERVED
CVE-2020-2424
	RESERVED
CVE-2020-2423
	RESERVED
CVE-2020-2422
	RESERVED
CVE-2020-2421
	RESERVED
CVE-2020-2420
	RESERVED
CVE-2020-2419
	RESERVED
CVE-2020-2418
	RESERVED
CVE-2020-2417
	RESERVED
CVE-2020-2416
	RESERVED
CVE-2020-2415
	RESERVED
CVE-2020-2414
	RESERVED
CVE-2020-2413
	RESERVED
CVE-2020-2412
	RESERVED
CVE-2020-2411
	RESERVED
CVE-2020-2410
	RESERVED
CVE-2020-2409
	RESERVED
CVE-2020-2408
	RESERVED
CVE-2020-2407
	RESERVED
CVE-2020-2406
	RESERVED
CVE-2020-2405
	RESERVED
CVE-2020-2404
	RESERVED
CVE-2020-2403
	RESERVED
CVE-2020-2402
	RESERVED
CVE-2020-2401
	RESERVED
CVE-2020-2400
	RESERVED
CVE-2020-2399
	RESERVED
CVE-2020-2398
	RESERVED
CVE-2020-2397
	RESERVED
CVE-2020-2396
	RESERVED
CVE-2020-2395
	RESERVED
CVE-2020-2394
	RESERVED
CVE-2020-2393
	RESERVED
CVE-2020-2392
	RESERVED
CVE-2020-2391
	RESERVED
CVE-2020-2390
	RESERVED
CVE-2020-2389
	RESERVED
CVE-2020-2388
	RESERVED
CVE-2020-2387
	RESERVED
CVE-2020-2386
	RESERVED
CVE-2020-2385
	RESERVED
CVE-2020-2384
	RESERVED
CVE-2020-2383
	RESERVED
CVE-2020-2382
	RESERVED
CVE-2020-2381
	RESERVED
CVE-2020-2380
	RESERVED
CVE-2020-2379
	RESERVED
CVE-2020-2378
	RESERVED
CVE-2020-2377
	RESERVED
CVE-2020-2376
	RESERVED
CVE-2020-2375
	RESERVED
CVE-2020-2374
	RESERVED
CVE-2020-2373
	RESERVED
CVE-2020-2372
	RESERVED
CVE-2020-2371
	RESERVED
CVE-2020-2370
	RESERVED
CVE-2020-2369
	RESERVED
CVE-2020-2368
	RESERVED
CVE-2020-2367
	RESERVED
CVE-2020-2366
	RESERVED
CVE-2020-2365
	RESERVED
CVE-2020-2364
	RESERVED
CVE-2020-2363
	RESERVED
CVE-2020-2362
	RESERVED
CVE-2020-2361
	RESERVED
CVE-2020-2360
	RESERVED
CVE-2020-2359
	RESERVED
CVE-2020-2358
	RESERVED
CVE-2020-2357
	RESERVED
CVE-2020-2356
	RESERVED
CVE-2020-2355
	RESERVED
CVE-2020-2354
	RESERVED
CVE-2020-2353
	RESERVED
CVE-2020-2352
	RESERVED
CVE-2020-2351
	RESERVED
CVE-2020-2350
	RESERVED
CVE-2020-2349
	RESERVED
CVE-2020-2348
	RESERVED
CVE-2020-2347
	RESERVED
CVE-2020-2346
	RESERVED
CVE-2020-2345
	RESERVED
CVE-2020-2344
	RESERVED
CVE-2020-2343
	RESERVED
CVE-2020-2342
	RESERVED
CVE-2020-2341
	RESERVED
CVE-2020-2340
	RESERVED
CVE-2020-2339
	RESERVED
CVE-2020-2338
	RESERVED
CVE-2020-2337
	RESERVED
CVE-2020-2336
	RESERVED
CVE-2020-2335
	RESERVED
CVE-2020-2334
	RESERVED
CVE-2020-2333
	RESERVED
CVE-2020-2332
	RESERVED
CVE-2020-2331
	RESERVED
CVE-2020-2330
	RESERVED
CVE-2020-2329
	RESERVED
CVE-2020-2328
	RESERVED
CVE-2020-2327
	RESERVED
CVE-2020-2326
	RESERVED
CVE-2020-2325
	RESERVED
CVE-2020-2324 (Jenkins CVS Plugin 2.16 and earlier does not configure its XML parser  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2323 (Jenkins Chaos Monkey Plugin 0.4 and earlier does not perform permissio ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2322 (Jenkins Chaos Monkey Plugin 0.3 and earlier does not perform permissio ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2321 (A cross-site request forgery (CSRF) vulnerability in Jenkins Shelve Pr ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2320 (Jenkins Plugin Installation Manager Tool 2.1.3 and earlier does not ve ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2319 (Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier stores a pa ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2318 (Jenkins Mail Commander Plugin for Jenkins-ci Plugin 1.0.0 and earlier  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2317 (Jenkins FindBugs Plugin 5.0.0 and earlier does not escape the annotati ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2316 (Jenkins Static Analysis Utilities Plugin 1.96 and earlier does not esc ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2315 (Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2314 (Jenkins AppSpider Plugin 1.0.12 and earlier stores a password unencryp ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2313 (A missing permission check in Jenkins Azure Key Vault Plugin 2.0 and e ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2312 (Jenkins SQLPlus Script Runner Plugin 2.0.12 and earlier does not mask  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2311 (A missing permission check in Jenkins AWS Global Configuration Plugin  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2310 (Missing permission checks in Jenkins Ansible Plugin 1.0 and earlier al ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2309 (A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1 ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2308 (A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and ear ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2307 (Jenkins Kubernetes Plugin 1.27.3 and earlier allows low-privilege user ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2306 (A missing permission check in Jenkins Mercurial Plugin 2.11 and earlie ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2305 (Jenkins Mercurial Plugin 2.11 and earlier does not configure its XML p ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2304 (Jenkins Subversion Plugin 2.13.1 and earlier does not configure its XM ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2303 (A cross-site request forgery (CSRF) vulnerability in Jenkins Active Di ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2302 (A missing permission check in Jenkins Active Directory Plugin 2.19 and ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2301 (Jenkins Active Directory Plugin 2.19 and earlier allows attackers to l ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2300 (Jenkins Active Directory Plugin 2.19 and earlier does not prohibit the ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2299 (Jenkins Active Directory Plugin 2.19 and earlier allows attackers to l ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2298 (Jenkins Nerrvana Plugin 1.02.06 and earlier does not configure its XML ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2297 (Jenkins SMS Notification Plugin 1.2 and earlier stores an access token ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2296 (A cross-site request forgery (CSRF) vulnerability in Jenkins Shared Ob ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2295 (A cross-site request forgery (CSRF) vulnerability in Jenkins Maven Cas ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2294 (Jenkins Maven Cascade Release Plugin 1.3.2 and earlier does not perfor ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2293 (Jenkins Persona Plugin 2.4 and earlier allows users with Overall/Read  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2292 (Jenkins Release Plugin 2.10.2 and earlier does not escape the release  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2291 (Jenkins couchdb-statistics Plugin 0.3 and earlier stores its server pa ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2290 (Jenkins Active Choices Plugin 2.4 and earlier does not escape some ret ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2289 (Jenkins Active Choices Plugin 2.4 and earlier does not escape the name ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2288 (In Jenkins Audit Trail Plugin 3.6 and earlier, the default regular exp ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2287 (Jenkins Audit Trail Plugin 3.6 and earlier applies pattern matching to ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2286 (Jenkins Role-based Authorization Strategy Plugin 3.0 and earlier does  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2285 (A missing permission check in Jenkins Liquibase Runner Plugin 1.4.7 an ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2284 (Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not configure i ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2283 (Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not escape chan ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2282 (Jenkins Implied Labels Plugin 0.6 and earlier does not perform a permi ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2281 (A cross-site request forgery (CSRF) vulnerability in Jenkins Lockable  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2280 (A cross-site request forgery (CSRF) vulnerability in Jenkins Warnings  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2279 (A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.74  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2278 (Jenkins Storable Configs Plugin 1.0 and earlier does not restrict the  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2277 (Jenkins Storable Configs Plugin 1.0 and earlier allows users with Job/ ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2276 (Jenkins Selection tasks Plugin 1.0 and earlier executes a user-specifi ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2275 (Jenkins Copy data to workspace Plugin 1.0 and earlier does not limit w ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2274 (Jenkins ElasTest Plugin 1.2.1 and earlier stores its server password u ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2273 (A cross-site request forgery (CSRF) vulnerability in Jenkins ElasTest  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2272 (A missing permission check in Jenkins ElasTest Plugin 1.2.1 and earlie ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2271 (Jenkins Locked Files Report Plugin 1.6 and earlier does not escape loc ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2270 (Jenkins ClearCase Release Plugin 0.3 and earlier does not escape the c ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2269 (Jenkins chosen-views-tabbar Plugin 1.2 and earlier does not escape vie ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2268 (A cross-site request forgery (CSRF) vulnerability in Jenkins MongoDB P ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2267 (A missing permission check in Jenkins MongoDB Plugin 1.3 and earlier a ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2266 (Jenkins Description Column Plugin 1.3 and earlier does not escape the  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2265 (Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and earlier does ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2264 (Jenkins Custom Job Icon Plugin 0.2 and earlier does not escape the job ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2263 (Jenkins Radiator View Plugin 1.29 and earlier does not escape the full ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2262 (Jenkins Android Lint Plugin 2.6 and earlier does not escape the annota ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2261 (Jenkins Perfecto Plugin 1.17 and earlier executes a command on the Jen ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2260 (A missing permission check in Jenkins Perfecto Plugin 1.17 and earlier ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2259 (Jenkins computer-queue-plugin Plugin 1.5 and earlier does not escape t ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2258 (Jenkins Health Advisor by CloudBees Plugin 3.2.0 and earlier does not  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2257 (Jenkins Validating String Parameter Plugin 2.4 and earlier does not es ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2256 (Jenkins Pipeline Maven Integration Plugin 3.9.2 and earlier does not e ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2255 (A missing permission check in Jenkins Blue Ocean Plugin 1.23.2 and ear ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2254 (Jenkins Blue Ocean Plugin 1.23.2 and earlier provides an undocumented  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2253 (Jenkins Email Extension Plugin 2.75 and earlier does not perform hostn ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2252 (Jenkins Mailer Plugin 1.32 and earlier does not perform hostname valid ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2251 (Jenkins SoapUI Pro Functional Testing Plugin 1.5 and earlier transmits ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2250 (Jenkins SoapUI Pro Functional Testing Plugin 1.3 and earlier stores pr ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2249 (Jenkins Team Foundation Server Plugin 5.157.1 and earlier stores a web ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2248 (Jenkins JSGames Plugin 0.2 and earlier evaluates part of a URL as code ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2247 (Jenkins Klocwork Analysis Plugin 2020.2.1 and earlier does not configu ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2246 (Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Va ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2245 (Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML pa ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2244 (Jenkins Build Failure Analyzer Plugin 1.27.0 and earlier does not esca ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2243 (Jenkins Cadence vManager Plugin 3.0.4 and earlier does not escape buil ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2242 (A missing permission check in Jenkins database Plugin 1.6 and earlier  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2241 (A cross-site request forgery (CSRF) vulnerability in Jenkins database  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2240 (A cross-site request forgery (CSRF) vulnerability in Jenkins database  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2239 (Jenkins Parameterized Remote Trigger Plugin 3.1.3 and earlier stores a ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2238 (Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the re ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2237 (A cross-site request forgery (CSRF) vulnerability in Jenkins Flaky Tes ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2236 (Jenkins Yet Another Build Visualizer Plugin 1.11 and earlier does not  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2235 (A cross-site request forgery (CSRF) vulnerability in Jenkins Pipeline  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2234 (A missing permission check in Jenkins Pipeline Maven Integration Plugi ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2233 (A missing permission check in Jenkins Pipeline Maven Integration Plugi ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2232 (Jenkins Email Extension Plugin 2.72 and 2.73 transmits and displays th ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2231 (Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the ...)
	- jenkins <removed>
CVE-2020-2230 (Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the ...)
	- jenkins <removed>
CVE-2020-2229 (Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the ...)
	- jenkins <removed>
CVE-2020-2228 (Jenkins Gitlab Authentication Plugin 1.5 and earlier does not perform  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2227 (Jenkins Deployer Framework Plugin 1.2 and earlier does not escape the  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2226 (Jenkins Matrix Authorization Strategy Plugin 2.6.1 and earlier does no ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2225 (Jenkins Matrix Project Plugin 1.16 and earlier does not escape the axi ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2224 (Jenkins Matrix Project Plugin 1.16 and earlier does not escape the nod ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2223 (Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape cor ...)
	- jenkins <removed>
CVE-2020-2222 (Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the ...)
	- jenkins <removed>
CVE-2020-2221 (Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the ...)
	- jenkins <removed>
CVE-2020-2220 (Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the ...)
	- jenkins <removed>
CVE-2020-2219 (Jenkins Link Column Plugin 1.0 and earlier does not filter URLs of lin ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2218 (Jenkins HP ALM Quality Center Plugin 1.6 and earlier stores a password ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2217 (Jenkins Compatibility Action Storage Plugin 1.0 and earlier does not e ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2216 (A missing permission check in Jenkins Zephyr for JIRA Test Management  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2215 (A cross-site request forgery vulnerability in Jenkins Zephyr for JIRA  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2214 (Jenkins ZAP Pipeline Plugin 1.9 and earlier programmatically disables  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2213 (Jenkins White Source Plugin 19.1.1 and earlier stores credentials unen ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2212 (Jenkins GitHub Coverage Reporter Plugin 1.8 and earlier stores secrets ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2211 (Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin 1.3 and earlier doe ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2210 (Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier transmits conf ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2209 (Jenkins TestComplete support Plugin 2.4.1 and earlier stores a passwor ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2208 (Jenkins Slack Upload Plugin 1.7 and earlier stores a secret unencrypte ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2207 (Jenkins VncViewer Plugin 1.7 and earlier does not escape a parameter v ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2206 (Jenkins VncRecorder Plugin 1.25 and earlier does not escape a paramete ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2205 (Jenkins VncRecorder Plugin 1.25 and earlier does not escape a tool pat ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2204 (A missing permission check in Jenkins Fortify on Demand Plugin 5.0.1 a ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2203 (A cross-site request forgery vulnerability in Jenkins Fortify on Deman ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2202 (A missing permission check in Jenkins Fortify on Demand Plugin 6.0.0 a ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2201 (Jenkins Sonargraph Integration Plugin 3.0.0 and earlier does not escap ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2200 (Jenkins Play Framework Plugin 1.0.2 and earlier lets users specify the ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2199 (Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier do ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2198 (Jenkins Project Inheritance Plugin 19.08.02 and earlier does not redac ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2197 (Jenkins Project Inheritance Plugin 19.08.02 and earlier does not requi ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2196 (Jenkins Selenium Plugin 3.141.59 and earlier has no CSRF protection fo ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2195 (Jenkins Compact Columns Plugin 1.11 and earlier displays the unprocess ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2194 (Jenkins ECharts API Plugin 4.7.0-3 and earlier does not escape the dis ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2193 (Jenkins ECharts API Plugin 4.7.0-3 and earlier does not escape the par ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2192 (A cross-site request forgery vulnerability in Jenkins Self-Organizing  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2191 (Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2190 (Jenkins Script Security Plugin 1.72 and earlier does not correctly esc ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2189 (Jenkins SCM Filter Jervis Plugin 0.2.1 and earlier does not configure  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2188 (A missing permission check in Jenkins Amazon EC2 Plugin 1.50.1 and ear ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2187 (Jenkins Amazon EC2 Plugin 1.50.1 and earlier unconditionally accepts s ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2186 (A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugi ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2185 (Jenkins Amazon EC2 Plugin 1.50.1 and earlier does not validate SSH hos ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2184 (A cross-site request forgery vulnerability in Jenkins CVS Plugin 2.15  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2183 (Jenkins Copy Artifact Plugin 1.43.1 and earlier performs improper perm ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2182 (Jenkins Credentials Binding Plugin 1.22 and earlier does not mask (i.e ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2181 (Jenkins Credentials Binding Plugin 1.22 and earlier does not mask (i.e ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2180 (Jenkins AWS SAM Plugin 1.2.2 and earlier does not configure its YAML p ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2179 (Jenkins Yaml Axis Plugin 0.2.0 and earlier does not configure its YAML ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2178 (Jenkins Parasoft Findings Plugin 10.4.3 and earlier does not configure ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2177 (Jenkins Copr Plugin 0.3 and earlier stores credentials unencrypted in  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2176 (Multiple form validation endpoints in Jenkins useMango Runner Plugin 1 ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2175 (Jenkins FitNesse Plugin 1.31 and earlier does not correctly escape rep ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2174 (Jenkins AWSEB Deployment Plugin 0.3.19 and earlier does not escape var ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2173 (Jenkins Gatling Plugin 1.2.7 and earlier prevents Content-Security-Pol ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2172 (Jenkins Code Coverage API Plugin 1.1.4 and earlier does not configure  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2171 (Jenkins RapidDeploy Plugin 4.2 and earlier does not configure its XML  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2170 (Jenkins RapidDeploy Plugin 4.2 and earlier does not escape package nam ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2169 (A form validation endpoint in Jenkins Queue cleanup Plugin 1.3 and ear ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2168 (Jenkins Azure Container Service Plugin 1.0.1 and earlier does not conf ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2167 (Jenkins OpenShift Pipeline Plugin 1.0.56 and earlier does not configur ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2166 (Jenkins Pipeline: AWS Steps Plugin 1.40 and earlier does not configure ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2165 (Jenkins Artifactory Plugin 3.6.0 and earlier transmits configured pass ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2164 (Jenkins Artifactory Plugin 3.5.0 and earlier stores its Artifactory se ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2163 (Jenkins 2.227 and earlier, LTS 2.204.5 and earlier improperly processe ...)
	- jenkins <removed>
CVE-2020-2162 (Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not set Conten ...)
	- jenkins <removed>
CVE-2020-2161 (Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not properly e ...)
	- jenkins <removed>
CVE-2020-2160 (Jenkins 2.227 and earlier, LTS 2.204.5 and earlier uses different repr ...)
	- jenkins <removed>
CVE-2020-2159 (Jenkins CryptoMove Plugin 0.1.33 and earlier allows attackers with Job ...)
	NOT-FOR-US: Jenkins CryptoMove Plugin
CVE-2020-2158 (Jenkins Literate Plugin 1.0 and earlier does not configure its YAML pa ...)
	NOT-FOR-US: Jenkins Literate Plugin
CVE-2020-2157 (Jenkins Skytap Cloud CI Plugin 2.07 and earlier transmits configured c ...)
	NOT-FOR-US: Jenkins Skytap Cloud CI Plugin
CVE-2020-2156 (Jenkins DeployHub Plugin 8.0.14 and earlier transmits configured crede ...)
	NOT-FOR-US: Jenkins DeployHub Plugin
CVE-2020-2155 (Jenkins OpenShift Deployer Plugin 1.2.0 and earlier transmits configur ...)
	NOT-FOR-US: Jenkins OpenShift Deployer Plugin
CVE-2020-2154 (Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier stores  ...)
	NOT-FOR-US: Jenkins Zephyr for JIRA Test Management Plugin
CVE-2020-2153 (Jenkins Backlog Plugin 2.4 and earlier transmits configured credential ...)
	NOT-FOR-US: Jenkins Backlog Plugin
CVE-2020-2152 (Jenkins Subversion Release Manager Plugin 1.2 and earlier does not esc ...)
	NOT-FOR-US: Jenkins Subversion Release Manager Plugin
CVE-2020-2151 (Jenkins Quality Gates Plugin 2.5 and earlier transmits configured cred ...)
	NOT-FOR-US: Jenkins Quality Gates Plugin
CVE-2020-2150 (Jenkins Sonar Quality Gates Plugin 1.3.1 and earlier transmits configu ...)
	NOT-FOR-US: Jenkins Sonar Quality Gates Plugin
CVE-2020-2149 (Jenkins Repository Connector Plugin 1.2.6 and earlier transmits config ...)
	NOT-FOR-US: Jenkins Repository Connector Plugin
CVE-2020-2148 (A missing permission check in Jenkins Mac Plugin 1.1.0 and earlier all ...)
	NOT-FOR-US: Jenkins Mac Plugin
CVE-2020-2147 (A cross-site request forgery vulnerability in Jenkins Mac Plugin 1.1.0 ...)
	NOT-FOR-US: Jenkins Mac Plugin
CVE-2020-2146 (Jenkins Mac Plugin 1.1.0 and earlier does not validate SSH host keys w ...)
	NOT-FOR-US: Jenkins Mac Plugin
CVE-2020-2145 (Jenkins Zephyr Enterprise Test Management Plugin 1.9.1 and earlier sto ...)
	NOT-FOR-US: Jenkins Zephyr Enterprise Test Management Plugin
CVE-2020-2144 (Jenkins Rundeck Plugin 3.6.6 and earlier does not configure its XML pa ...)
	NOT-FOR-US: Jenkins Rundeck Plugin
CVE-2020-2143 (Jenkins Logstash Plugin 2.3.1 and earlier transmits configured credent ...)
	NOT-FOR-US: Jenkins Logstash Plugin
CVE-2020-2142 (A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier al ...)
	NOT-FOR-US: Jenkins P4 Plugin
CVE-2020-2141 (A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.1 ...)
	NOT-FOR-US: Jenkins P4 Plugin
CVE-2020-2140 (Jenkins Audit Trail Plugin 3.2 and earlier does not escape the error m ...)
	NOT-FOR-US: Jenkins Audit Trail Plugin
CVE-2020-2139 (An arbitrary file write vulnerability in Jenkins Cobertura Plugin 1.15 ...)
	NOT-FOR-US: Jenkins Cobertura Plugin
CVE-2020-2138 (Jenkins Cobertura Plugin 1.15 and earlier does not configure its XML p ...)
	NOT-FOR-US: Jenkins Cobertura Plugin
CVE-2020-2137 (Jenkins Timestamper Plugin 1.11.1 and earlier does not sanitize HTML f ...)
	NOT-FOR-US: Jenkins Timestamper Plugin
CVE-2020-2136 (Jenkins Git Plugin 4.2.0 and earlier does not escape the error message ...)
	NOT-FOR-US: Jenkins Git Plugin
CVE-2020-2135 (Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier  ...)
	NOT-FOR-US: Jenkins Script Security Plugin
CVE-2020-2134 (Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier  ...)
	NOT-FOR-US: Jenkins Script Security Plugin
CVE-2020-2133 (Jenkins Applatix Plugin 1.1 and earlier stores a password unencrypted  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2132 (Jenkins Parasoft Environment Manager Plugin 2.14 and earlier stores a  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2131 (Jenkins Harvest SCM Plugin 0.5.1 and earlier stores passwords unencryp ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2130 (Jenkins Harvest SCM Plugin 0.5.1 and earlier stores a password unencry ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2129 (Jenkins Eagle Tester Plugin 1.0.9 and earlier stores a password unencr ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2128 (Jenkins ECX Copy Data Management Plugin 1.9 and earlier stores a passw ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2127 (Jenkins BMC Release Package and Deployment Plugin 1.1 and earlier stor ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2126 (Jenkins DigitalOcean Plugin 1.1 and earlier stores a token unencrypted ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2125 (Jenkins Debian Package Builder Plugin 1.6.11 and earlier stores a GPG  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2124 (Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier sto ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2123 (Jenkins RadarGun Plugin 1.7 and earlier does not configure its YAML pa ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2122 (Jenkins Brakeman Plugin 0.12 and earlier did not escape values receive ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2121 (Jenkins Google Kubernetes Engine Plugin 0.8.0 and earlier does not con ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2120 (Jenkins FitNesse Plugin 1.30 and earlier does not configure the XML pa ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2119 (Jenkins Azure AD Plugin 1.1.2 and earlier transmits configured credent ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2118 (A missing permission check in Jenkins Pipeline GitHub Notify Step Plug ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2117 (A missing permission check in Jenkins Pipeline GitHub Notify Step Plug ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2116 (A cross-site request forgery vulnerability in Jenkins Pipeline GitHub  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2115 (Jenkins NUnit Plugin 0.25 and earlier does not configure the XML parse ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2114 (Jenkins S3 publisher Plugin 0.11.4 and earlier transmits configured cr ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2113 (Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the de ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2112 (Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the pa ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2111 (Jenkins Subversion Plugin 2.13.0 and earlier does not escape the error ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2110 (Sandbox protection in Jenkins Script Security Plugin 1.69 and earlier  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2109 (Sandbox protection in Jenkins Pipeline: Groovy Plugin 2.78 and earlier ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2108 (Jenkins WebSphere Deployer Plugin 1.6.1 and earlier does not configure ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2107 (Jenkins Fortify Plugin 19.1.29 and earlier stores proxy server passwor ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2106 (Jenkins Code Coverage API Plugin 1.1.2 and earlier does not escape the ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2105 (REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earli ...)
	- jenkins <removed>
CVE-2020-2104 (Jenkins 2.218 and earlier, LTS 2.204.1 and earlier allowed users with  ...)
	- jenkins <removed>
CVE-2020-2103 (Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session ide ...)
	- jenkins <removed>
CVE-2020-2102 (Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant ...)
	- jenkins <removed>
CVE-2020-2101 (Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a const ...)
	- jenkins <removed>
CVE-2020-2100 (Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a ...)
	- jenkins <removed>
CVE-2020-2099 (Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses e ...)
	- jenkins <removed>
CVE-2020-2098 (A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0. ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2097 (Jenkins Sounds Plugin 0.5 and earlier does not perform permission chec ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2096 (Jenkins Gitlab Hook Plugin 1.4.2 and earlier does not escape project n ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2095 (Jenkins Redgate SQL Change Automation Plugin 2.0.4 and earlier stored  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2094 (A missing permission check in Jenkins Health Advisor by CloudBees Plug ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2093 (A cross-site request forgery vulnerability in Jenkins Health Advisor b ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2092 (Jenkins Robot Framework Plugin 2.0.0 and earlier does not configure it ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2091 (A missing permission check in Jenkins Amazon EC2 Plugin 1.47 and earli ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2090 (A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugi ...)
	NOT-FOR-US: Jenkins plugin
CVE-2020-2089
	REJECTED
CVE-2020-2088
	REJECTED
CVE-2020-2087
	REJECTED
CVE-2020-2086
	REJECTED
CVE-2020-2085
	REJECTED
CVE-2020-2084
	REJECTED
CVE-2020-2083
	REJECTED
CVE-2020-2082
	REJECTED
CVE-2020-2081
	REJECTED
CVE-2020-2080
	REJECTED
CVE-2020-2079
	REJECTED
CVE-2020-2078 (Passwords are stored in plain text within the configuration of SICK Pa ...)
	NOT-FOR-US: SICK
CVE-2020-2077 (SICK Package Analytics software up to and including version V04.0.0 ar ...)
	NOT-FOR-US: SICK
CVE-2020-2076 (SICK Package Analytics software up to and including version V04.0.0 ar ...)
	NOT-FOR-US: SICK
CVE-2020-2075 (Platform mechanism AutoIP allows remote attackers to reboot the device ...)
	NOT-FOR-US: SICK
CVE-2020-2074
	RESERVED
CVE-2020-2073
	RESERVED
CVE-2020-2072
	RESERVED
CVE-2020-2071
	RESERVED
CVE-2020-2070
	RESERVED
CVE-2020-2069
	RESERVED
CVE-2020-2068
	RESERVED
CVE-2020-2067
	RESERVED
CVE-2020-2066
	RESERVED
CVE-2020-2065
	RESERVED
CVE-2020-2064
	RESERVED
CVE-2020-2063
	RESERVED
CVE-2020-2062
	RESERVED
CVE-2020-2061
	RESERVED
CVE-2020-2060
	RESERVED
CVE-2020-2059
	RESERVED
CVE-2020-2058
	RESERVED
CVE-2020-2057
	RESERVED
CVE-2020-2056
	RESERVED
CVE-2020-2055
	RESERVED
CVE-2020-2054
	RESERVED
CVE-2020-2053
	RESERVED
CVE-2020-2052
	RESERVED
CVE-2020-2051
	RESERVED
CVE-2020-2050 (An authentication bypass vulnerability exists in the GlobalProtect SSL ...)
	NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2049 (A local privilege escalation vulnerability exists in Palo Alto Network ...)
	NOT-FOR-US: Palo Alto Networks Cortex XDR Agent
CVE-2020-2048 (An information exposure through log file vulnerability exists where th ...)
	NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2047
	RESERVED
CVE-2020-2046
	RESERVED
CVE-2020-2045
	RESERVED
CVE-2020-2044 (An information exposure through log file vulnerability where an admini ...)
	NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2043 (An information exposure through log file vulnerability where sensitive ...)
	NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2042 (A buffer overflow vulnerability in the PAN-OS management web interface ...)
	NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2041 (An insecure configuration of the appweb daemon of Palo Alto Networks P ...)
	NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2040 (A buffer overflow vulnerability in PAN-OS allows an unauthenticated at ...)
	NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2039 (An uncontrolled resource consumption vulnerability in Palo Alto Networ ...)
	NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2038 (An OS Command Injection vulnerability in the PAN-OS management interfa ...)
	NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2037 (An OS Command Injection vulnerability in the PAN-OS management interfa ...)
	NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2036 (A reflected cross-site scripting (XSS) vulnerability exists in the PAN ...)
	NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-2035 (When SSL/TLS Forward Proxy Decryption mode has been configured to decr ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2020-2034 (An OS Command Injection vulnerability in the PAN-OS GlobalProtect port ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2020-2033 (When the pre-logon feature is enabled, a missing certification validat ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2020-2032 (A race condition vulnerability Palo Alto Networks GlobalProtect app on ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2020-2031 (An integer underflow vulnerability in the dnsproxyd component of the P ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2020-2030 (An OS Command Injection vulnerability in the PAN-OS management interfa ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2020-2029 (An OS Command Injection vulnerability in the PAN-OS web management int ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2020-2028 (An OS Command Injection vulnerability in PAN-OS management server allo ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2020-2027 (A buffer overflow vulnerability in the authd component of the PAN-OS m ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2020-2026 (A malicious guest compromised before a container creation (e.g. a mali ...)
	NOT-FOR-US: Kata Containers
CVE-2020-2025 (Kata Containers before 1.11.0 on Cloud Hypervisor persists guest files ...)
	NOT-FOR-US: Kata Containers
CVE-2020-2024 (An improper link resolution vulnerability affects Kata Containers vers ...)
	NOT-FOR-US: Kata Containers
CVE-2020-2023 (Kata Containers doesn't restrict containers from accessing the guest's ...)
	NOT-FOR-US: Kata Containers
CVE-2020-2022 (An information exposure vulnerability exists in Palo Alto Networks Pan ...)
	NOT-FOR-US: Palo Alto Networks Panorama
CVE-2020-2021 (When Security Assertion Markup Language (SAML) authentication is enabl ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2020-2020 (An improper handling of exceptional conditions vulnerability in Cortex ...)
	NOT-FOR-US: Palo Alto Networks Cortex XDR Agent
CVE-2020-2019
	RESERVED
CVE-2020-2018 (An authentication bypass vulnerability in the Panorama context switchi ...)
	NOT-FOR-US: PAN-OS
CVE-2020-2017 (A DOM-Based Cross Site Scripting Vulnerability exists in PAN-OS and Pa ...)
	NOT-FOR-US: PAN-OS
CVE-2020-2016 (A race condition due to insecure creation of a file in a temporary dir ...)
	NOT-FOR-US: PAN-OS
CVE-2020-2015 (A buffer overflow vulnerability in the PAN-OS management server allows ...)
	NOT-FOR-US: PAN-OS
CVE-2020-2014 (An OS Command Injection vulnerability in PAN-OS management server allo ...)
	NOT-FOR-US: PAN-OS
CVE-2020-2013 (A cleartext transmission of sensitive information vulnerability in Pal ...)
	NOT-FOR-US: PAN-OS
CVE-2020-2012 (Improper restriction of XML external entity reference ('XXE') vulnerab ...)
	NOT-FOR-US: PAN-OS
CVE-2020-2011 (An improper input validation vulnerability in the configuration daemon ...)
	NOT-FOR-US: PAN-OS
CVE-2020-2010 (An OS command injection vulnerability in PAN-OS management interface a ...)
	NOT-FOR-US: PAN-OS
CVE-2020-2009 (An external control of filename vulnerability in the SD WAN component  ...)
	NOT-FOR-US: PAN-OS
CVE-2020-2008 (An OS command injection and external control of filename vulnerability ...)
	NOT-FOR-US: PAN-OS
CVE-2020-2007 (An OS command injection vulnerability in the management server compone ...)
	NOT-FOR-US: PAN-OS
CVE-2020-2006 (A stack-based buffer overflow vulnerability in the management server c ...)
	NOT-FOR-US: PAN-OS
CVE-2020-2005 (A cross-site scripting (XSS) vulnerability exists when visiting malici ...)
	NOT-FOR-US: PAN-OS
CVE-2020-2004 (Under certain circumstances a user's password may be logged in clearte ...)
	NOT-FOR-US: PAN-OS
CVE-2020-2003 (An external control of filename vulnerability in the command processin ...)
	NOT-FOR-US: PAN-OS
CVE-2020-2002 (An authentication bypass by spoofing vulnerability exists in the authe ...)
	NOT-FOR-US: PAN-OS
CVE-2020-2001 (An external control of path and data vulnerability in the Palo Alto Ne ...)
	NOT-FOR-US: PAN-OS
CVE-2020-2000 (An OS command injection and memory corruption vulnerability in the PAN ...)
	NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-1999 (A vulnerability exists in the Palo Alto Network PAN-OS signature-based ...)
	NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-1998 (An improper authorization vulnerability in PAN-OS that mistakenly uses ...)
	NOT-FOR-US: PAN-OS
CVE-2020-1997 (An open redirection vulnerability in the GlobalProtect component of Pa ...)
	NOT-FOR-US: PAN-OS
CVE-2020-1996 (A missing authorization vulnerability in the management server compone ...)
	NOT-FOR-US: PAN-OS
CVE-2020-1995 (A NULL pointer dereference vulnerability in Palo Alto Networks PAN-OS  ...)
	NOT-FOR-US: PAN-OS
CVE-2020-1994 (A predictable temporary file vulnerability in PAN-OS allows a local au ...)
	NOT-FOR-US: PAN-OS
CVE-2020-1993 (The GlobalProtect Portal feature in PAN-OS does not set a new session  ...)
	NOT-FOR-US: PAN-OS
CVE-2020-1992 (A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-70 ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2020-1991 (An insecure temporary file vulnerability in Palo Alto Networks Traps a ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2020-1990 (A stack-based buffer overflow vulnerability in the management server c ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2020-1989 (An incorrect privilege assignment vulnerability when writing applicati ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2020-1988 (An unquoted search path vulnerability in the Windows release of Global ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2020-1987 (An information exposure vulnerability in the logging component of Palo ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2020-1986 (Improper input validation vulnerability in Secdo allows an authenticat ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2020-1985 (Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in S ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2020-1984 (Secdo tries to execute a script at a hardcoded path if present, which  ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2020-1983 (A use after free vulnerability in ip_reass() in ip_input.c of libslirp ...)
	{DSA-4665-1 DLA-2288-1 DLA-2262-1}
	- qemu 1:4.1-2
	- qemu-kvm <removed>
	- libslirp 4.2.0-2
	- slirp4netns 1.0.1-1
	[buster] - slirp4netns <no-dsa> (Minor issue)
	NOTE: https://gitlab.freedesktop.org/slirp/libslirp/-/commit/9bd6c5913271eabcb7768a58197ed3301fe19f2d
	NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed
	NOTE: slirp4netns 1.0.1-1 switched to system libslirp, marking that version as fixed.
	NOTE: https://github.com/rootless-containers/slirp4netns/security/advisories/GHSA-p3hx-89v2-4r99
CVE-2020-1982 (Certain communication between PAN-OS and cloud-delivered services inad ...)
	NOT-FOR-US: PAN-OS
CVE-2020-1981 (A predictable temporary filename vulnerability in PAN-OS allows local  ...)
	NOT-FOR-US: PAN-OS
CVE-2020-1980 (A shell command injection vulnerability in the PAN-OS CLI allows a loc ...)
	NOT-FOR-US: PAN-OS
CVE-2020-1979 (A format string vulnerability in the PAN-OS log daemon (logd) on Panor ...)
	NOT-FOR-US: PAN-OS
CVE-2020-1978 (TechSupport files generated on Palo Alto Networks VM Series firewalls  ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2020-1977 (Insufficient Cross-Site Request Forgery (XSRF) protection on Expeditio ...)
	NOT-FOR-US: Palo Alto
CVE-2020-1976 (A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalPr ...)
	NOT-FOR-US: Palo Alto Networks GlobalProtect software
CVE-2020-1975 (Missing XML validation vulnerability in the PAN-OS web interface on Pa ...)
	NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2020-1974
	REJECTED
CVE-2020-1973
	REJECTED
CVE-2020-1972
	REJECTED
CVE-2020-1971 (The X.509 GeneralName type is a generic type for representing differen ...)
	{DSA-4807-1 DLA-2493-1 DLA-2492-1}
	- openssl 1.1.1i-1
	- openssl1.0 <removed>
	NOTE: https://www.openssl.org/news/secadv/20201208.txt
	NOTE: Prerequisite: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=aa0ad2011d3e7ad8a611da274ef7d9c7706e289b (OpenSSL_1_1_1-stable)
	NOTE: Fixed by: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920 (OpenSSL_1_1_1-stable)
	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ecc76f6746cefd502c7e9000bdfa4e5d7911386 (OpenSSL_1_1_1-stable)
	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=41d62636fd996c031c0c7cef746476278583dc9e (OpenSSL_1_1_1-stable)
	NOTE: Test: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94ece6af0c89d596f9c5221b7df7d6582168c8ba (OpenSSL_1_1_1-stable)
	NOTE: Test: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=433974af7b188d55b1da049b84f3fdeca320cb6a (OpenSSL_1_1_1-stable)
CVE-2020-1970
	REJECTED
CVE-2020-1969
	REJECTED
CVE-2020-1968 (The Raccoon attack exploits a flaw in the TLS specification which can  ...)
	{DLA-2378-1}
	- openssl 1.1.0c-1
	- openssl1.0 <removed>
	NOTE: https://www.openssl.org/news/secadv/20200909.txt
	NOTE: https://raccoon-attack.com/
	NOTE: Fixed DH ciphersuites removed upstream in 1.1.0~pre2:
	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bc71f91064a3eec10310fa4cc14fe2a3fd9bc7bb (OpenSSL_1_1_0-pre2)
CVE-2020-1967 (Server or client applications that call the SSL_check_chain() function ...)
	{DSA-4661-1}
	- openssl 1.1.1g-1
	[stretch] - openssl <not-affected> (Only affects 1.1.1d to 1.1.1f)
	[jessie] - openssl <not-affected> (Only affects 1.1.1d to 1.1.1f)
	- openssl1.0 <not-affected> (Only affects 1.1.1d to 1.1.1f)
	NOTE: https://www.openssl.org/news/secadv/20200421.txt
CVE-2020-1966
	REJECTED
CVE-2020-1965
	RESERVED
CVE-2020-1964 (It was noticed that Apache Heron 0.20.2-incubating, Release 0.20.1-inc ...)
	NOT-FOR-US: Apache Heron
CVE-2020-1963 (Apache Ignite uses H2 database to build SQL distributed execution engi ...)
	NOT-FOR-US: Apache Ignite
CVE-2020-1962
	REJECTED
CVE-2020-1961 (Vulnerability to Server-Side Template Injection on Mail templates for  ...)
	NOT-FOR-US: Apache Syncope
CVE-2020-1960 (A vulnerability in Apache Flink (1.1.0 to 1.1.5, 1.2.0 to 1.2.1, 1.3.0 ...)
	NOT-FOR-US: Apache Flink
CVE-2020-1959 (A Server-Side Template Injection was identified in Apache Syncope prio ...)
	NOT-FOR-US: Apache Syncope
CVE-2020-1958 (When LDAP authentication is enabled in Apache Druid 0.17.0, callers of ...)
	- druid <itp> (bug #825797)
CVE-2020-1957 (Apache Shiro before 1.5.2, when using Apache Shiro with Spring dynamic ...)
	{DLA-2273-1 DLA-2181-1}
	- shiro 1.3.2-5 (bug #955018)
	[bullseye] - shiro 1.3.2-4+deb11u1
	[buster] - shiro 1.3.2-4+deb10u1
	NOTE: https://www.openwall.com/lists/oss-security/2020/03/23/2
	NOTE: Fixed by: https://github.com/apache/shiro/commit/3708d7907016bf2fa12691dff6ff0def1249b8ce#diff-98f7bc5c0391389e56531f8b3754081aL139
	NOTE: https://github.com/apache/shiro/pull/203#issuecomment-606270322
	NOTE: Fix for CVE-2020-1957 introduces a (security sensitive) encoding issue
	NOTE: resulting in a followup release 1.5.3.
CVE-2020-1956 (Apache Kylin 2.3.0, and releases up to 2.6.5 and 3.0.1 has some restfu ...)
	NOT-FOR-US: Apache Kylin
CVE-2020-1955 (CouchDB version 3.0.0 shipped with a new configuration setting that go ...)
	- couchdb <removed>
CVE-2020-1954 (Apache CXF has the ability to integrate with JMX by registering an Ins ...)
	NOT-FOR-US: Apache CXF
CVE-2020-1953 (Apache Commons Configuration uses a third-party library to parse YAML  ...)
	- commons-configuration2 2.7-1 (bug #954713)
	[buster] - commons-configuration2 2.2-1+deb10u1
	NOTE: https://www.openwall.com/lists/oss-security/2020/03/13/1
CVE-2020-1952 (An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2. W ...)
	NOT-FOR-US: Apache IoTDB
CVE-2020-1951 (A carefully crafted or corrupt PSD file can cause an infinite loop in  ...)
	{DLA-2161-1}
	- tika 1.22-2 (bug #954302)
	[buster] - tika <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2020/03/18/4
	NOTE: https://github.com/apache/tika/commit/ab8a9ed830ec710a32e4ffdf4989aea3aaea92ef
CVE-2020-1950 (A carefully crafted or corrupt PSD file can cause excessive memory usa ...)
	{DLA-2161-1}
	- tika 1.22-2 (bug #954303)
	[buster] - tika <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2020/03/18/3
	NOTE: https://github.com/apache/tika/commit/ab8a9ed830ec710a32e4ffdf4989aea3aaea92ef
CVE-2020-1949 (Scripts in Sling CMS before 0.16.0 do not property escape the Sling Se ...)
	NOT-FOR-US: Apache Sling
CVE-2020-1948 (This vulnerability can affect all Dubbo users stay on version 2.7.6 or ...)
	NOT-FOR-US: Apache Dubbo
CVE-2020-1947 (In Apache ShardingSphere(incubator) 4.0.0-RC3 and 4.0.0, the ShardingS ...)
	NOT-FOR-US: Apache ShardingSphere
CVE-2020-1946 (In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf ...)
	{DSA-4879-1 DLA-2615-1}
	- spamassassin 3.4.5~pre1-1 (bug #985962)
	NOTE: https://www.openwall.com/lists/oss-security/2021/03/24/3
	NOTE: https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7793 (not public)
	NOTE: https://svn.apache.org/viewvc/spamassassin/branches/3.4/lib/Mail/SpamAssassin/Conf/Parser.pm?r1=1864416&r2=1876381&pathrev=1876381
CVE-2020-1945 (Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default tempora ...)
	- ant 1.10.8-1 (low; bug #960630)
	[buster] - ant <no-dsa> (Minor issue)
	[stretch] - ant <no-dsa> (Minor issue)
	[jessie] - ant <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2020/05/13/1
	NOTE: https://github.com/apache/ant/commit/9c1f4d905da59bf446570ac28df5b68a37281f35 (1.9.15)
	NOTE: https://github.com/apache/ant/commit/926f339ea30362bec8e53bf5924ce803938163b7 (1.9.15)
	NOTE: https://github.com/apache/ant/commit/d591851ae3921172bb825b5a5344afa3de0e28ca (10.8)
	NOTE: https://github.com/apache/ant/commit/9c1f4d905da59bf446570ac28df5b68a37281f35 (10.8)
	NOTE: https://github.com/apache/ant/commit/041b058c7bf10a94d56db3ca9dba38cf90ab9943 (10.8)
	NOTE: https://github.com/apache/ant/commit/a8645a151bc706259fb1789ef587d05482d98612 (10.8)
	NOTE: https://github.com/apache/ant/commit/926f339ea30362bec8e53bf5924ce803938163b7 (10.8)
	NOTE: Adressing CVE-2020-1945 introduces a new issue CVE-2020-11979.
CVE-2020-1944 (There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0. ...)
	{DSA-4672-1}
	- trafficserver 8.0.6+ds-1
	NOTE: https://lists.apache.org/thread.html/r99d18d0bc4daa05e7d0e5a63e0e22701a421b2ef5a8f4f7694c43869%40%3Cannounce.trafficserver.apache.org%3E
	NOTE: https://github.com/apache/trafficserver/commit/5830bc72611e85e7a31098ce86710242f29076dc
CVE-2020-1943 (Data sent with contentId to /control/stream is not sanitized, allowing ...)
	NOT-FOR-US: Apache OFBiz
CVE-2020-1942 (In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory generated ...)
	NOT-FOR-US: Apache NiFi
CVE-2020-1941 (In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open  ...)
	- activemq <unfixed> (unimportant)
	NOTE: Admin console not enabled in the Debian package, see #702670)
	NOTE: Fixed in 5.15.12
CVE-2020-1940 (The optional initial password change and password expiration features  ...)
	NOT-FOR-US: Apache Jackrabbit Oak
CVE-2020-1939 (The Apache NuttX (Incubating) project provides an optional separate "a ...)
	NOT-FOR-US: Apache NuttX
CVE-2020-1938 (When using the Apache JServ Protocol (AJP), care must be taken when tr ...)
	{DSA-4680-1 DSA-4673-1 DLA-2209-1 DLA-2133-1}
	- tomcat9 9.0.31-1 (bug #952437)
	- tomcat8 <removed> (bug #952438)
	- tomcat7 <removed> (bug #952436)
	[stretch] - tomcat7 <ignored> (No components in libservlet3.0-java binary package are affected)
	NOTE: AJP disabled in Debian in default configuration since 2008
	NOTE: fixed in upstream versions 9.0.31, 8.5.51, 7.0.100
	NOTE: https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487
	NOTE: https://github.com/apache/tomcat/commit/0e8a50f0a5958744bea1fd6768c862e04d3b7e75 (9.0.31)
	NOTE: https://github.com/apache/tomcat/commit/9ac90532e9a7d239f90952edb229b07c80a9a3eb (9.0.31)
	NOTE: https://github.com/apache/tomcat/commit/64fa5b99442589ef0bf2a7fcd71ad2bc68b35fad (9.0.31)
	NOTE: https://github.com/apache/tomcat/commit/7a1406a3cd20fdd90656add6cd8f27ef8f24e957 (9.0.31)
	NOTE: https://github.com/apache/tomcat/commit/49ad3f954f69c6e838c8cd112ad79aa5fa8e7153 (9.0.31)
	NOTE: https://github.com/apache/tomcat/commit/69c56080fb3355507e1b55d014ec0ee6767a6150 (8.5.51)
	NOTE: https://github.com/apache/tomcat/commit/b962835f98b905286b78c414d5aaec2d0e711f75 (8.5.51)
	NOTE: https://github.com/apache/tomcat/commit/9be57601efb8a81e3832feb0dd60b1eb9d2b61d5 (8.5.51)
	NOTE: https://github.com/apache/tomcat/commit/64159aa1d7cdc2c118fcb5eac098e70129d54a19 (8.5.51)
	NOTE: https://github.com/apache/tomcat/commit/03c436126db6794db5277a3b3d871016fb9a3f23 (8.5.51)
	NOTE: https://github.com/apache/tomcat/commit/0d633e72ebc7b3c242d0081c23bba5e4dacd9b72 (7.0.100)
	NOTE: https://github.com/apache/tomcat/commit/40d5d93bd284033cf4a1f77f5492444f83d803e2 (7.0.100)
	NOTE: https://github.com/apache/tomcat/commit/b99fba5bd796d876ea536e83299603443842feba (7.0.100)
	NOTE: https://github.com/apache/tomcat/commit/f7180bafc74cb1250c9e9287b68a230f0e1f4645 (7.0.100)
CVE-2020-1937 (Kylin has some restful apis which will concatenate SQLs with the user  ...)
	NOT-FOR-US: Apache Kylin
CVE-2020-1936 (A cross-site scripting issue was found in Apache Ambari Views. This wa ...)
	NOT-FOR-US: Apache Ambari
CVE-2020-1935 (In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0. ...)
	{DSA-4680-1 DSA-4673-1 DLA-2209-1 DLA-2133-1}
	- tomcat9 9.0.31-1
	- tomcat8 <removed>
	- tomcat7 <removed>
	[stretch] - tomcat7 <ignored> (No components in libservlet3.0-java binary package are affected)
	NOTE: https://github.com/apache/tomcat/commit/8bfb0ff7f25fe7555a5eb2f7984f73546c11aa26 (9.0.31)
	NOTE: https://github.com/apache/tomcat/commit/8fbe2e962f0ea138d92361921643fe5abe0c4f56 (8.5.51)
	NOTE: https://github.com/apache/tomcat/commit/702bf15bea292915684d931526d95d4990b2e73d (7.0.100)
CVE-2020-1934 (In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitial ...)
	{DSA-4757-1 DLA-2706-1}
	- apache2 2.4.43-1 (low)
	[jessie] - apache2 <ignored> (Minor issue)
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1934
	NOTE: Upstream patch: https://svn.apache.org/r1873745
CVE-2020-1933 (A XSS vulnerability was found in Apache NiFi 1.0.0 to 1.10.0. Maliciou ...)
	NOT-FOR-US: Apache NiFi
CVE-2020-1932 (An information disclosure issue was found in Apache Superset 0.34.0, 0 ...)
	NOT-FOR-US: Apache Superset
CVE-2020-1931 (A command execution issue was found in Apache SpamAssassin prior to 3. ...)
	{DSA-4615-1 DLA-2107-1}
	- spamassassin 3.4.4~rc1-1 (bug #950258)
	NOTE: https://svn.apache.org/repos/asf/spamassassin/branches/3.4/build/announcements/3.4.4.txt
	NOTE: https://www.openwall.com/lists/oss-security/2020/01/30/2
	NOTE: https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7784 (restricted)
CVE-2020-1930 (A command execution issue was found in Apache SpamAssassin prior to 3. ...)
	{DSA-4615-1 DLA-2107-1}
	- spamassassin 3.4.4~rc1-1 (bug #950258)
	NOTE: https://svn.apache.org/repos/asf/spamassassin/branches/3.4/build/announcements/3.4.4.txt
	NOTE: https://www.openwall.com/lists/oss-security/2020/01/30/3
	NOTE: https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7648 (restricted)
CVE-2020-1929 (The Apache Beam MongoDB connector in versions 2.10.0 to 2.16.0 has an  ...)
	NOT-FOR-US: Apache Beam MongoDB connector
CVE-2020-1928 (An information disclosure vulnerability was found in Apache NiFi 1.10. ...)
	NOT-FOR-US: Apache NiFi
CVE-2020-1927 (In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_r ...)
	{DSA-4757-1 DLA-2706-1}
	- apache2 2.4.43-1 (low)
	[jessie] - apache2 <ignored> (Minor issue)
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927
	NOTE: https://svn.apache.org/r1873905
	NOTE: https://svn.apache.org/r1874191
CVE-2020-1926 (Apache Hive cookie signature verification used a non constant time com ...)
	NOT-FOR-US: Apache Hive
CVE-2020-1925 (Apache Olingo versions 4.0.0 to 4.7.0 provide the AsyncRequestWrapperI ...)
	NOT-FOR-US: Olingo
CVE-2020-1924
	RESERVED
CVE-2020-1923
	RESERVED
CVE-2020-1922
	RESERVED
CVE-2020-1921 (In the crypt function, we attempt to null terminate a buffer using the ...)
	- hhvm <removed>
CVE-2020-1920 (A regular expression denial of service (ReDoS) vulnerability in the va ...)
	NOT-FOR-US: react-native
CVE-2020-1919 (Incorrect bounds calculations in substr_compare could lead to an out-o ...)
	- hhvm <removed>
CVE-2020-1918 (In-memory file operations (ie: using fopen on a data URI) did not prop ...)
	- hhvm <removed>
CVE-2020-1917 (xbuf_format_converter, used as part of exif_read_data, was appending a ...)
	- hhvm <removed>
CVE-2020-1916 (An incorrect size calculation in ldap_escape may lead to an integer ov ...)
	- hhvm <removed>
CVE-2020-1915 (An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes ...)
	NOT-FOR-US: Facebook Hermes
CVE-2020-1914 (A logic vulnerability when handling the SaveGeneratorLong instruction  ...)
	NOT-FOR-US: Facebook Hermes
CVE-2020-1913 (An Integer signedness error in the JavaScript Interpreter in Facebook  ...)
	NOT-FOR-US: Facebook Hermes
CVE-2020-1912 (An out-of-bounds read/write vulnerability when executing lazily compil ...)
	NOT-FOR-US: Facebook Hermes
CVE-2020-1911 (A type confusion vulnerability when resolving properties of JavaScript ...)
	NOT-FOR-US: Facebook Hermes
CVE-2020-1910 (A missing bounds check in WhatsApp for Android prior to v2.21.1.13 and ...)
	NOT-FOR-US: WhatsApp
CVE-2020-1909 (A use-after-free in a logging library in WhatsApp for iOS prior to v2. ...)
	NOT-FOR-US: WhatsApp
CVE-2020-1908 (Improper authorization of the Screen Lock feature in WhatsApp and What ...)
	NOT-FOR-US: WhatsApp
CVE-2020-1907 (A stack overflow in WhatsApp for Android prior to v2.20.196.16, WhatsA ...)
	NOT-FOR-US: WhatsApp
CVE-2020-1906 (A buffer overflow in WhatsApp for Android prior to v2.20.130 and Whats ...)
	NOT-FOR-US: WhatsApp
CVE-2020-1905 (Media ContentProvider URIs used for opening attachments in other apps  ...)
	NOT-FOR-US: WhatsApp
CVE-2020-1904 (A path validation issue in WhatsApp for iOS prior to v2.20.61 and What ...)
	NOT-FOR-US: WhatsApp
CVE-2020-1903 (An issue when unzipping docx, pptx, and xlsx documents in WhatsApp for ...)
	NOT-FOR-US: WhatsApp
CVE-2020-1902 (A user running a quick search on a highly forwarded message on WhatsAp ...)
	NOT-FOR-US: WhatsApp
CVE-2020-1901 (Receiving a large text message containing URLs in WhatsApp for iOS pri ...)
	NOT-FOR-US: WhatsApp
CVE-2020-1900 (When unserializing an object with dynamic properties HHVM needs to pre ...)
	- hhvm <removed>
CVE-2020-1899 (The unserialize() function supported a type code, "S", which was meant ...)
	- hhvm <removed>
CVE-2020-1898 (The fb_unserialize function did not impose a depth limit for nested de ...)
	- hhvm <removed>
CVE-2020-1897 (A use-after-free is possible due to an error in lifetime management in ...)
	NOT-FOR-US: Facebook Proxygen
CVE-2020-1896 (A stack overflow vulnerability in Facebook Hermes 'builtin apply' prio ...)
	NOT-FOR-US: Facebook Hermes
CVE-2020-1895 (A large heap overflow could occur in Instagram for Android when attemp ...)
	NOT-FOR-US: Instagram for Android
CVE-2020-1894 (A stack write overflow in WhatsApp for Android prior to v2.20.35, What ...)
	NOT-FOR-US: WhatsApp
CVE-2020-1893 (Insufficient boundary checks when decoding JSON in TryParse reads out  ...)
	- hhvm <removed>
CVE-2020-1892 (Insufficient boundary checks when decoding JSON in JSON_parser allows  ...)
	- hhvm <removed>
CVE-2020-1891 (A user controlled parameter used in video call in WhatsApp for Android ...)
	NOT-FOR-US: WhatsApp
CVE-2020-1890 (A URL validation issue in WhatsApp for Android prior to v2.20.11 and W ...)
	NOT-FOR-US: WhatsApp
CVE-2020-1889 (A security feature bypass issue in WhatsApp Desktop versions prior to  ...)
	NOT-FOR-US: WhatsApp
CVE-2020-1888 (Insufficient boundary checks when decoding JSON in handleBackslash rea ...)
	- hhvm <removed>
CVE-2020-1887 (Incorrect validation of the TLS SNI hostname in osquery versions after ...)
	- osquery <itp> (bug #803502)
CVE-2020-1886 (A buffer overflow in WhatsApp for Android prior to v2.20.11 and WhatsA ...)
	NOT-FOR-US: WhatsApp
CVE-2020-1885 (Writing to an unprivileged file from a privileged OVRRedir.exe process ...)
	NOT-FOR-US: Oculus Desktop
CVE-2020-1884
	RESERVED
CVE-2020-1883 (Huawei products NIP6800;Secospace USG6600;USG9500 have a memory leak v ...)
	NOT-FOR-US: Huawei
CVE-2020-1882 (Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6 ...)
	NOT-FOR-US: Huawei
CVE-2020-1881 (NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C3 ...)
	NOT-FOR-US: Huawei
CVE-2020-1880 (Huawei smartphone Lion-AL00C with versions earlier than 10.0.0.205(C00 ...)
	NOT-FOR-US: Huawei
CVE-2020-1879 (There is an improper integrity checking vulnerability on some huawei p ...)
	NOT-FOR-US: Huawei
CVE-2020-1878 (Huawei smartphone OxfordS-AN00A with versions earlier than 10.0.1.152D ...)
	NOT-FOR-US: Huawei
CVE-2020-1877 (NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R0 ...)
	NOT-FOR-US: Huawei
CVE-2020-1876 (NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R0 ...)
	NOT-FOR-US: Huawei
CVE-2020-1875 (NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V5 ...)
	NOT-FOR-US: Huawei
CVE-2020-1874 (NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V5 ...)
	NOT-FOR-US: Huawei
CVE-2020-1873 (NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C3 ...)
	NOT-FOR-US: Huawei
CVE-2020-1872 (Huawei smart phones P10 Plus with versions earlier than 9.1.0.201(C01E ...)
	NOT-FOR-US: Huawei
CVE-2020-1871 (USG9500 with software of V500R001C30SPC100; V500R001C30SPC200; V500R00 ...)
	NOT-FOR-US: Huawei
CVE-2020-1870 (There is a denial of service vulnerability in some Huawei products. Du ...)
	NOT-FOR-US: Huawei
CVE-2020-1869
	RESERVED
CVE-2020-1868
	RESERVED
CVE-2020-1867
	RESERVED
CVE-2020-1866 (There is an out-of-bounds read vulnerability in several products. The  ...)
	NOT-FOR-US: Huawei
CVE-2020-1865 (There is an out-of-bounds read vulnerability in Huawei CloudEngine pro ...)
	NOT-FOR-US: Huawei
CVE-2020-1864 (Some Huawei products have a security vulnerability due to improper aut ...)
	NOT-FOR-US: Huawei
CVE-2020-1863 (Huawei USG6000V with versions V500R001C20SPC300, V500R003C00SPC100, an ...)
	NOT-FOR-US: Huawei
CVE-2020-1862 (There is a double free vulnerability in some Huawei products. A local  ...)
	NOT-FOR-US: Huawei
CVE-2020-1861 (CloudEngine 12800 with versions of V200R001C00SPC600,V200R001C00SPC700 ...)
	NOT-FOR-US: Huawei
CVE-2020-1860 (NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C3 ...)
	NOT-FOR-US: Huawei
CVE-2020-1859
	RESERVED
CVE-2020-1858 (Huawei products NIP6800 versions V500R001C30, V500R001C60SPC500, and V ...)
	NOT-FOR-US: Huawei
CVE-2020-1857 (Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C0 ...)
	NOT-FOR-US: Huawei
CVE-2020-1856 (Huawei NGFW Module, NIP6300, NIP6600, Secospace USG6500, Secospace USG ...)
	NOT-FOR-US: Huawei
CVE-2020-1855 (Huawei HEGE-570 version 1.0.1.22(SP3); and HEGE-560, OSCA-550, OSCA-55 ...)
	NOT-FOR-US: Huawei
CVE-2020-1854
	RESERVED
CVE-2020-1853 (GaussDB 200 with version of 6.5.1 have a path traversal vulnerability. ...)
	NOT-FOR-US: Huawei
CVE-2020-1852
	RESERVED
CVE-2020-1851
	RESERVED
CVE-2020-1850
	RESERVED
CVE-2020-1849
	RESERVED
CVE-2020-1848 (There is a resource management error vulnerability in Jackman-AL00D ve ...)
	NOT-FOR-US: Huawei
CVE-2020-1847 (There is a denial of service vulnerability in some Huawei products. Th ...)
	NOT-FOR-US: Huawei
CVE-2020-1846
	RESERVED
CVE-2020-1845 (Huawei PCManager product with versions earlier than 10.0.5.53 have a l ...)
	NOT-FOR-US: Huawei
CVE-2020-1844 (PCManager with versions earlier than 10.0.5.51 have a privilege escala ...)
	NOT-FOR-US: Huawei
CVE-2020-1843 (Huawei HEGE-560 version 1.0.1.20(SP2), OSCA-550 version 1.0.0.71(SP1), ...)
	NOT-FOR-US: Huawei
CVE-2020-1842 (Huawei HEGE-560 version 1.0.1.20(SP2); OSCA-550 and OSCA-550A version  ...)
	NOT-FOR-US: Huawei
CVE-2020-1841 (Huawei CloudLink Board version 20.0.0; DP300 version V500R002C00; RSE6 ...)
	NOT-FOR-US: Huawei
CVE-2020-1840 (HUAWEI Mate 20 smart phones with versions earlier than 10.0.0.175(C00E ...)
	NOT-FOR-US: Huawei
CVE-2020-1839 (HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have ...)
	NOT-FOR-US: Huawei
CVE-2020-1838 (HUAWEI Mate 30 Pro with versions earlier than 10.1.0.150(C00E136R5P3)  ...)
	NOT-FOR-US: Huawei
CVE-2020-1837 (ChangXiang 8 Plus with versions earlier than 9.1.0.136(C00E121R1P6T8)  ...)
	NOT-FOR-US: Huawei
CVE-2020-1836 (HUAWEI P30 with versions earlier than 10.1.0.160(C00E160R2P11) and HUA ...)
	NOT-FOR-US: Huawei
CVE-2020-1835 (HUAWEI Mate 30 with versions earlier than 10.1.0.126(C00E125R5P3) have ...)
	NOT-FOR-US: Huawei
CVE-2020-1834 (HUAWEI P30 and HUAWEI P30 Pro with versions earlier than 10.1.0.135(C0 ...)
	NOT-FOR-US: Huawei
CVE-2020-1833 (Honor 9X smartphones with versions earlier than 9.1.1.172(C00E170R8P1) ...)
	NOT-FOR-US: Huawei
CVE-2020-1832 (E6878-370 products with versions of 10.0.3.1(H557SP27C233) and 10.0.3. ...)
	NOT-FOR-US: Huawei
CVE-2020-1831 (HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.195(SP31C ...)
	NOT-FOR-US: Huawei
CVE-2020-1830 (Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C0 ...)
	NOT-FOR-US: Huawei
CVE-2020-1829 (Huawei NIP6800 versions V500R001C30 and V500R001C60SPC500; and Secospa ...)
	NOT-FOR-US: Huawei
CVE-2020-1828 (Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C0 ...)
	NOT-FOR-US: Huawei
CVE-2020-1827 (Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C0 ...)
	NOT-FOR-US: Huawei
CVE-2020-1826 (Huawei Honor Magic2 mobile phones with versions earlier than 10.0.0.17 ...)
	NOT-FOR-US: Huawei
CVE-2020-1825 (FusionAccess with versions earlier than 6.5.1.SPC002 have a Denial of  ...)
	NOT-FOR-US: Huawei
CVE-2020-1824
	RESERVED
CVE-2020-1823
	RESERVED
CVE-2020-1822
	RESERVED
CVE-2020-1821
	RESERVED
CVE-2020-1820
	RESERVED
CVE-2020-1819
	RESERVED
CVE-2020-1818
	RESERVED
CVE-2020-1817 (Huawei PCManager with versions earlier than 10.0.1.36 has a privilege  ...)
	NOT-FOR-US: Huawei
CVE-2020-1816 (Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C0 ...)
	NOT-FOR-US: Huawei
CVE-2020-1815 (Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C0 ...)
	NOT-FOR-US: Huawei
CVE-2020-1814 (Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C0 ...)
	NOT-FOR-US: Huawei
CVE-2020-1813 (HUAWEI P30 smart phone with versions earlier than 10.1.0.135(C00E135R2 ...)
	NOT-FOR-US: Huawei
CVE-2020-1812 (HUAWEI P30 smartphones with versions earlier than 10.0.0.173(C00E73R1P ...)
	NOT-FOR-US: Huawei
CVE-2020-1811 (GaussDB 200 with version of 6.5.1 have a command injection vulnerabili ...)
	NOT-FOR-US: Huawei
CVE-2020-1810 (There is a weak algorithm vulnerability in some Huawei products. The a ...)
	NOT-FOR-US: Huawei
CVE-2020-1809 (HUAWEI Mate 10 smartphones with versions earlier than 10.0.0.143(C00E1 ...)
	NOT-FOR-US: Huawei
CVE-2020-1808 (Honor 20;HONOR 20 PRO;Honor Magic2;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI  ...)
	NOT-FOR-US: Huawei
CVE-2020-1807 (HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.188(C00E7 ...)
	NOT-FOR-US: Huawei
CVE-2020-1806 (Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00 ...)
	NOT-FOR-US: Huawei
CVE-2020-1805 (Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00 ...)
	NOT-FOR-US: Huawei
CVE-2020-1804 (Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00 ...)
	NOT-FOR-US: Huawei
CVE-2020-1803 (Huawei smartphones Honor V20 with versions earlier than 10.0.0.179(C63 ...)
	NOT-FOR-US: Huawei
CVE-2020-1802 (There is an insufficient integrity validation vulnerability in several ...)
	NOT-FOR-US: Huawei
CVE-2020-1801 (There is an improper authentication vulnerability in several smartphon ...)
	NOT-FOR-US: Huawei
CVE-2020-1800 (HUAWEI smartphones P30 with versions earlier than 10.0.0.185(C00E85R1P ...)
	NOT-FOR-US: Huawei
CVE-2020-1799 (E6878-370 with versions of 10.0.3.1(H557SP27C233), 10.0.3.1(H563SP1C00 ...)
	NOT-FOR-US: Huawei
CVE-2020-1798 (HUAWEI P30 smartphones with versions earlier than 10.1.0.135(C00E135R2 ...)
	NOT-FOR-US: Huawei
CVE-2020-1797 (HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E7 ...)
	NOT-FOR-US: Huawei
CVE-2020-1796 (There is an improper authorization vulnerability in several smartphone ...)
	NOT-FOR-US: Huawei
CVE-2020-1795 (There is a logic error vulnerability in several smartphones. The softw ...)
	NOT-FOR-US: Huawei
CVE-2020-1794 (There is an improper authentication vulnerability in several smartphon ...)
	NOT-FOR-US: Huawei
CVE-2020-1793 (There is an improper authentication vulnerability in several smartphon ...)
	NOT-FOR-US: Huawei
CVE-2020-1792 (Honor V10 smartphones with versions earlier than BKL-AL20 10.0.0.156(C ...)
	NOT-FOR-US: Huawei
CVE-2020-1791 (HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E7 ...)
	NOT-FOR-US: Huawei
CVE-2020-1790 (GaussDB 200 with version of 6.5.1 have a command injection vulnerabili ...)
	NOT-FOR-US: Huawei
CVE-2020-1789 (Huawei OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X products with ve ...)
	NOT-FOR-US: Huawei
CVE-2020-1788 (Honor V30 smartphones with versions earlier than 10.0.1.135(C00E130R4P ...)
	NOT-FOR-US: Huawei
CVE-2020-1787 (HUAWEI Mate 20 smartphones versions earlier than 9.1.0.139(C00E133R3P1 ...)
	NOT-FOR-US: Huawei
CVE-2020-1786 (HUAWEI Mate 20 Pro smartphones versions earlier than 10.0.0.175(C00E69 ...)
	NOT-FOR-US: Huawei
CVE-2020-1785 (Mate 10 Pro;Honor V10;Honor 10;Nova 4 smartphones have a denial of ser ...)
	NOT-FOR-US: Huawei
CVE-2020-1784
	RESERVED
CVE-2020-1783
	RESERVED
CVE-2020-1782
	RESERVED
CVE-2020-1781
	RESERVED
CVE-2020-1780
	RESERVED
CVE-2020-1779 (When dynamic templates are used (OTRSTicketForms), admin can use OTRS  ...)
	NOT-FOR-US: OTRSTicketForms (OTRS addon)
CVE-2020-1778 (When OTRS uses multiple backends for user authentication (with LDAP),  ...)
	- otrs2 <not-affected> (Only affects 8.x)
	NOTE: https://otrs.com/release-notes/otrs-security-advisory-2020-16/
CVE-2020-1777 (Agent names that participates in a chat conversation are revealed in c ...)
	- otrs2 <not-affected> (Only affects 7.x and 8.x)
	NOTE: https://otrs.com/release-notes/otrs-security-advisory-2020-15/
CVE-2020-1776 (When an agent user is renamed or set to invalid the session belonging  ...)
	- otrs2 6.0.29-1
	[buster] - otrs2 <ignored> (Non-free not supported)
	[stretch] - otrs2 <ignored> (Non-free not supported)
	NOTE: https://otrs.com/release-notes/otrs-security-advisory-2020-13/
CVE-2020-1775 (BCC recipients in mails sent from OTRS are visible in article detail o ...)
	- otrs2 <not-affected> (ONly affects 7.x and 8.x series)
	NOTE: https://otrs.com/release-notes/otrs-security-advisory-2020-12/
CVE-2020-1774 (When user downloads PGP or S/MIME keys/certificates, exported file has ...)
	{DLA-2198-1}
	- otrs2 6.0.28-1 (bug #959448)
	[buster] - otrs2 <ignored> (Non-free not supported)
	[stretch] - otrs2 <ignored> (Non-free not supported)
	NOTE: https://otrs.com/release-notes/otrs-security-advisory-2020-11/
	NOTE: Fixed in 7.0.17, 6.0.28
	NOTE: OTRS6: https://github.com/OTRS/otrs/commit/ff725cbea77f03fa296bb13f93f5b07086920342
CVE-2020-1773 (An attacker with the ability to generate session IDs or password reset ...)
	- otrs2 6.0.27-1
	[buster] - otrs2 <ignored> (Non-free not supported)
	[stretch] - otrs2 <ignored> (Non-free not supported)
	[jessie] - otrs2 <no-dsa> (Too intrusive to backport)
	NOTE: https://otrs.com/release-notes/otrs-security-advisory-2020-10/
	NOTE: Fixed in 7.0.16, 6.0.27, 5.0.42
	NOTE: OTRS6: https://github.com/OTRS/otrs/commit/ab253734bc211541309b9f8ea2b8b70389c4a64e
	NOTE: OTRS5: https://github.com/OTRS/otrs/commit/4955521af50238046847bce51ad9865950324f77
CVE-2020-1772 (It's possible to craft Lost Password requests with wildcards in the To ...)
	{DLA-2198-1}
	- otrs2 6.0.27-1
	[buster] - otrs2 <ignored> (Non-free not supported)
	[stretch] - otrs2 <ignored> (Non-free not supported)
	NOTE: https://otrs.com/release-notes/otrs-security-advisory-2020-09/
	NOTE: Fixed in 7.0.16, 6.0.27, 5.0.42
	NOTE: OTRS6: https://github.com/OTRS/otrs/commit/c0255365d5c455272b2b9e7bb1f6c96c3fce441b
	NOTE: OTRS5: https://github.com/OTRS/otrs/commit/2628464f659c39fafbc32147d569553eb07d41d7
CVE-2020-1771 (Attacker is able craft an article with a link to the customer address  ...)
	- otrs2 6.0.27-1
	[buster] - otrs2 <ignored> (Non-free not supported)
	[stretch] - otrs2 <ignored> (Non-free not supported)
	[jessie] - otrs2 <not-affected> (Vulnerable code introduced in later version)
	NOTE: https://otrs.com/release-notes/otrs-security-advisory-2020-08/
	NOTE: Fixed in 7.0.16, 6.0.27
	NOTE: https://github.com/OTRS/otrs/commit/2576830053f70a3a9251558e55f34843dec61aa2
CVE-2020-1770 (Support bundle generated files could contain sensitive information tha ...)
	{DLA-2198-1}
	- otrs2 6.0.27-1
	[buster] - otrs2 <ignored> (Non-free not supported)
	[stretch] - otrs2 <ignored> (Non-free not supported)
	NOTE: https://otrs.com/release-notes/otrs-security-advisory-2020-07/
	NOTE: Fixed in 7.0.16, 6.0.27, 5.0.42
	NOTE: OTRS6: https://github.com/OTRS/otrs/commit/cb6d12a74fbf721ba33f24ce93ae37ed9a945a95
	NOTE: OTRS5: https://github.com/OTRS/otrs/commit/d37defe6592992e886cc5cc8fec444d34875fd4d
CVE-2020-1769 (In the login screens (in agent and customer interface), Username and P ...)
	- otrs2 6.0.27-1
	[buster] - otrs2 <ignored> (Non-free not supported)
	[stretch] - otrs2 <ignored> (Non-free not supported)
	[jessie] - otrs2 <no-dsa> (https://lists.debian.org/debian-lts/2020/04/msg00040.html)
	NOTE: https://otrs.com/release-notes/otrs-security-advisory-2020-06/
	NOTE: Fixed in 7.0.16, 6.0.27, 5.0.42
	NOTE: OTRS6: https://github.com/OTRS/otrs/commit/1b74e24582c946d02209acfc248d4ba451251f93
	NOTE: OTRS5: https://github.com/OTRS/otrs/commit/7974ea582211c13730d223fc4dcdffa542af423f
CVE-2020-1768 (The external frontend system uses numerous background calls to the bac ...)
	- otrs2 <not-affected> (Only affects 7.0.x series)
	NOTE: https://community.otrs.com/security-advisory-2020-04/
CVE-2020-1767 (Agent A is able to save a draft (i.e. for customer reply). Then Agent  ...)
	{DLA-2079-1}
	- otrs2 6.0.25-1
	[buster] - otrs2 <ignored> (Non-free not supported)
	[stretch] - otrs2 <ignored> (Non-free not supported)
	NOTE: https://otrs.com/release-notes/otrs-security-advisory-2020-03/
	NOTE: https://github.com/OTRS/otrs/commit/5f488fd6c809064ee49def3a432030258d211570
CVE-2020-1766 (Due to improper handling of uploaded images it is possible in very unl ...)
	{DLA-2079-1}
	- otrs2 6.0.25-1
	[buster] - otrs2 <ignored> (Non-free not supported)
	[stretch] - otrs2 <ignored> (Non-free not supported)
	NOTE: https://otrs.com/release-notes/otrs-security-advisory-2020-02/
	NOTE: https://github.com/OTRS/otrs/commit/128078b0bb30f601ed97d4a13906644264ee6013 (OTRS6)
	NOTE: https://github.com/OTRS/otrs/commit/b7d80f9000fc9a435743d8d1d7d44d9a17483a9a (OTRS5)
CVE-2020-1765 (An improper control of parameters allows the spoofing of the from fiel ...)
	{DLA-2079-1}
	- otrs2 6.0.25-1
	[buster] - otrs2 <ignored> (Non-free not supported)
	[stretch] - otrs2 <ignored> (Non-free not supported)
	NOTE: https://otrs.com/release-notes/otrs-security-advisory-2020-01/
	NOTE: https://github.com/OTRS/otrs/commit/d146d4997cbd6e1370669784c6a2ec8d64655252 (OTRS6)
	NOTE: https://github.com/OTRS/otrs/commit/874889b86abea4c01ceb1368a836b66694fae1c3 (OTRS5)
CVE-2020-1764 (A hard-coded cryptographic key vulnerability in the default configurat ...)
	NOT-FOR-US: Kiali
CVE-2020-1763 (An out-of-bounds buffer read flaw was found in the pluto daemon of lib ...)
	{DSA-4684-1}
	- libreswan 3.32-1 (bug #960458)
	NOTE: Introduced by: https://github.com/libreswan/libreswan/commit/fa004e7d4b83fbeaa8d0f6d8430a96aed97a97b9 (v3.27)
	NOTE: Fixed by: https://github.com/libreswan/libreswan/commit/471a3e41a449d7c753bc4edbba4239501bb62ba8
	NOTE: https://libreswan.org/security/CVE-2020-1763/CVE-2020-1763.txt
CVE-2020-1762 (An insufficient JWT validation vulnerability was found in Kiali versio ...)
	NOT-FOR-US: Kiali
CVE-2020-1761 (A flaw was found in the OpenShift web console, where the access token  ...)
	NOT-FOR-US: OpenShift
CVE-2020-1760 (A flaw was found in the Ceph Object Gateway, where it supports request ...)
	{DLA-2735-1 DLA-2171-1}
	- ceph 14.2.9-1 (bug #956142)
	[buster] - ceph <no-dsa> (Minor issue)
	NOTE: Introduced with: https://github.com/ceph/ceph-ci/commit/f4a0b2d9260a4523745875e3977a8a1ef9dc5e2e
	NOTE: Fixed by: https://github.com/ceph/ceph-ci/commit/8aa1f77363ec32bdc57744a143035033291ab5e1
	NOTE: Fixed by: https://github.com/ceph/ceph-ci/commit/18eb4d918b27d362312c29a3bbd57a421897c0a5
	NOTE: Fixed by: https://github.com/ceph/ceph-ci/commit/1bf14094fec34770d2cc74317f4238ccb2dfef98
	NOTE: https://www.openwall.com/lists/oss-security/2020/04/07/1
CVE-2020-1759 (A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Opensh ...)
	- ceph 14.2.9-1 (bug #956139)
	[buster] - ceph <not-affected> (Vulnerable code not present)
	[stretch] - ceph <not-affected> (Vulnerable code not present)
	[jessie] - ceph <not-affected> (Vulnerable code not present)
	NOTE: Introduced with: https://github.com/ceph/ceph-ci/commit/fe387e02b11df98357d8cdbfa3b1f1d5f2bb3f74
	NOTE: Fixed by: https://github.com/ceph/ceph-ci/commit/84d2e215969cde830b086d11544aeb3666614211
	NOTE: Fixed by: https://github.com/ceph/ceph-ci/commit/659ec7dc6e30fe961832f813da007f49e603a33d
	NOTE: https://www.openwall.com/lists/oss-security/2020/04/07/2
CVE-2020-1758 (A flaw was found in Keycloak in versions before 10.0.0, where it does  ...)
	NOT-FOR-US: Keycloak
CVE-2020-1757 (A flaw was found in all undertow-2.x.x SP1 versions prior to undertow- ...)
	- undertow 2.1.0-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1752770
	NOTE: https://issues.redhat.com/browse/UNDERTOW-1464
	NOTE: https://issues.redhat.com/browse/UNDERTOW-1671
	NOTE: https://github.com/undertow-io/undertow/pull/871
CVE-2020-1756
	RESERVED
CVE-2020-1755
	RESERVED
CVE-2020-1754
	RESERVED
CVE-2020-1753 (A security flaw was found in Ansible Engine, all Ansible 2.7.x version ...)
	{DSA-4950-1}
	- ansible 2.9.16+dfsg-1
	[stretch] - ansible <not-affected> (Vulnerable code introduced later)
	[jessie] - ansible <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1811008
	NOTE: https://github.com/ansible-collections/kubernetes/pull/51
	NOTE: https://github.com/ansible/ansible/pull/71971
	NOTE: Fixed by: https://github.com/ansible/ansible/commit/3728530c9a21c0992047d32cb02518d1b076e23d (v2.9.14rc1)
	NOTE: Followup fix: https://github.com/ansible/ansible/commit/7529d31ba9042843ca4364459a744381728b7b4f (v2.9.15rc1)
	NOTE: Fixing commit only introduces a warning about disclosure when using certain
	NOTE: options.
CVE-2020-1752 (A use-after-free vulnerability introduced in glibc upstream version 2. ...)
	- glibc 2.30-3 (bug #953788)
	[buster] - glibc <no-dsa> (Minor issue)
	[stretch] - glibc <no-dsa> (Minor issue)
	[jessie] - glibc <no-dsa> (Minor issue)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25414
	NOTE: Introduced in: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f2962a71959fd254a7a223437ca4b63b9e81130c (2.14)
	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c
CVE-2020-1751 (An out-of-bounds write vulnerability was found in glibc before 2.31 wh ...)
	- glibc 2.30-3
	[buster] - glibc <no-dsa> (Minor issue)
	[stretch] - glibc <no-dsa> (Minor issue)
	[jessie] - glibc <no-dsa> (Minor issue)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25423
	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d93769405996dfc11d216ddbe415946617b5a494
CVE-2020-1750 (A flaw was found in the machine-config-operator that causes an OpenShi ...)
	NOT-FOR-US: OpenShift machine-config-operator
CVE-2020-1749 (A flaw was found in the Linux kernel's implementation of some networki ...)
	{DLA-2241-1}
	- linux 5.4.6-1
	[buster] - linux 4.19.118-1
	[stretch] - linux 4.9.228-1
	NOTE: https://git.kernel.org/linus/6c8991f41546c3c472503dff1ea9daaddf9331c2
CVE-2020-1748 (A flaw was found in all supported versions before wildfly-elytron-1.6. ...)
	- wildfly <itp> (bug #752018)
CVE-2020-1747 (A vulnerability was discovered in the PyYAML library in versions befor ...)
	- pyyaml 5.3-2 (bug #953013)
	[buster] - pyyaml <not-affected> (Loader/Constructor classes are unsafe in this version)
	[stretch] - pyyaml <not-affected> (Loader/Constructor classes are unsafe in this version)
	[jessie] - pyyaml <not-affected> (Loader/Constructor classes are unsafe in this version)
	NOTE: https://github.com/yaml/pyyaml/pull/386
CVE-2020-1746 (A flaw was found in the Ansible Engine affecting Ansible Engine versio ...)
	{DSA-4950-1}
	- ansible 2.9.7+dfsg-1
	[stretch] - ansible <not-affected> (Vulnerable code introduced later)
	[jessie] - ansible <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1805491
	NOTE: https://github.com/ansible/ansible/pull/67866
	NOTE: Fixed by: https://github.com/ansible/ansible/commit/d41e38435b1a9e300d8011ac28f16a5add2db119 (v2.9.7)
CVE-2020-1745 (A file inclusion vulnerability was found in the AJP connector enabled  ...)
	- undertow 2.0.30-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1807305
	NOTE: Variant of the Ghostcat Tomcat vulnerability, CVE-2020-1938.
	NOTE: According to https://lists.jboss.org/pipermail/undertow-dev/2020-March/002422.html
	NOTE: the fix is: https://github.com/undertow-io/undertow/pull/859
CVE-2020-1744 (A flaw was found in keycloak before version 9.0.1. When configuring an ...)
	NOT-FOR-US: Keycloak
CVE-2020-1743
	RESERVED
CVE-2020-1742 (An insecure modification vulnerability flaw was found in containers us ...)
	NOT-FOR-US: OpenShift jenkins-slave-base-rhel7-container
CVE-2020-1741 (A flaw was found in openshift-ansible. OpenShift Container Platform (O ...)
	NOT-FOR-US: openshift-ansible
CVE-2020-1740 (A flaw was found in Ansible Engine when using Ansible Vault for editin ...)
	{DSA-4950-1 DLA-2202-1}
	- ansible 2.9.7+dfsg-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1802193
	NOTE: https://github.com/ansible/ansible/issues/67798
	NOTE: https://github.com/ansible/ansible/pull/68644
CVE-2020-1739 (A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9 ...)
	{DSA-4950-1 DLA-2202-1}
	- ansible 2.9.7+dfsg-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1802178
	NOTE: https://github.com/ansible/ansible/issues/67797
	NOTE: https://github.com/ansible/ansible/pull/67829
	NOTE: https://github.com/ansible/ansible/commit/d91658ec0c8434c82c3ef98bfe9eb4e1027a43a3
CVE-2020-1738 (A flaw was found in Ansible Engine when the module package or service  ...)
	- ansible <unfixed> (unimportant)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1802164
	NOTE: https://github.com/ansible/ansible/issues/67796
	NOTE: Marked unimportant as for exploitation it requires already a remote that is
	NOTE: compromised, cf. https://github.com/ansible/ansible/issues/67796#issuecomment-614656017
CVE-2020-1737 (A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9 ...)
	- ansible 2.9.7+dfsg-1 (unimportant)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1802154
	NOTE: https://github.com/ansible/ansible/issues/67795
	NOTE: https://github.com/ansible/ansible/pull/67799
	NOTE: Issue in the win_unzip module which is executed only on Windows plattform
CVE-2020-1736 (A flaw was found in Ansible Engine when a file is moved using atomic_m ...)
	- ansible <unfixed> (unimportant; bug #966663)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1802124
	NOTE: https://github.com/ansible/ansible/issues/67794
	NOTE: https://github.com/ansible/ansible/pull/70221
	NOTE: The issue will not be fixed source-wise, but to avoid the issue raised in
	NOTE: CVE-2020-1736 one should specify a mode parameter in all file-based tasks
	NOTE: that accept it, cf. https://github.com/ansible/ansible/commit/7eec8e4d268d6711f317583974e9e936083de636
CVE-2020-1735 (A flaw was found in the Ansible Engine when the fetch module is used.  ...)
	{DSA-4950-1}
	- ansible 2.9.7+dfsg-1
	[jessie] - ansible <not-affected> (No remote expansion in fetch module)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1802085
	NOTE: https://github.com/ansible/ansible/issues/67793
	NOTE: https://github.com/ansible/ansible/pull/68720
	NOTE: Introduced in https://github.com/ansible/ansible/commit/e47f6137e5b897dec4319e7cb7791fb9b2cffb8d (1.8)
	NOTE: Fixed by: https://github.com/ansible/ansible/commit/290bfa820d533dc224e0c3fa7dd7c6b907ed0189
	NOTE: The commit has incorrect CVE reference adressed in
	NOTE: https://github.com/ansible/ansible/commit/18f91bbb88a84b1d3614ef41c3550da735592ac1
CVE-2020-1734 (A flaw was found in the pipe lookup plugin of ansible. Arbitrary comma ...)
	- ansible <unfixed> (unimportant)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1801804
	NOTE: https://github.com/ansible/ansible/issues/6550
	NOTE: https://github.com/ansible/ansible/issues/67792
	NOTE: Upstream considers this intended functionality and delegates it up to the
	NOTE: playbook author to ensure they use the quote filter.
CVE-2020-1733 (A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2. ...)
	{DSA-4950-1 DLA-2202-1}
	- ansible 2.9.7+dfsg-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1801735
	NOTE: https://github.com/ansible/ansible/issues/67791
	NOTE: https://github.com/ansible/ansible/pull/68921
	NOTE: https://github.com/ansible/ansible/commit/8077d8e40148fe77e2393caa5f2b2ea855149d63
	NOTE: When applying the fix for CVE-2020-1733 make sure to apply complete fix to
	NOTE: not open up CVE-2020-10744.
CVE-2020-1732 (A flaw was found in Soteria before 1.0.1, in a way that multiple reque ...)
	- wildfly <itp> (bug #752018)
CVE-2020-1731 (A flaw was found in all versions of the Keycloak operator, before vers ...)
	NOT-FOR-US: Keycloak
CVE-2020-1730 (A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in t ...)
	- libssh 0.9.4-1 (bug #956308)
	[buster] - libssh 0.8.7-1+deb10u1
	[stretch] - libssh <not-affected> (Vulnerable code introduced later)
	[jessie] - libssh <not-affected> (Vulnerable code introduced later)
	NOTE: https://www.libssh.org/security/advisories/CVE-2020-1730.txt
	NOTE: https://bugs.libssh.org/T213
	NOTE: Introduced by: https://git.libssh.org/projects/libssh.git/commit/?id=84a85803b4c83b8dac03b0d0aba58b48c98253e6 (libssh-0.8.0)
	NOTE: Fixed by: https://git.libssh.org/projects/libssh.git/commit/?id=b36272eac1b36982598c10de7af0a501582de07a
CVE-2020-1729 (A flaw was found in SmallRye's API through version 1.6.1. The API can  ...)
	NOT-FOR-US: SmallRye Config
CVE-2020-1728 (A vulnerability was found in all versions of Keycloak where, the pages ...)
	NOT-FOR-US: Keycloak
CVE-2020-1727 (A vulnerability was found in Keycloak before 9.0.2, where every Author ...)
	NOT-FOR-US: Keycloak
CVE-2020-1726 (A flaw was discovered in Podman where it incorrectly allows containers ...)
	- libpod 1.6.4+dfsg1-3 (bug #961421)
	NOTE: Introduced in: https://github.com/containers/libpod/commit/997c4b56ed2121726e966afe9a102ed16ba78f93 (v1.6.0-rc1)
	NOTE: https://github.com/containers/libpod/pull/5168
	NOTE: Fixed by: https://github.com/containers/libpod/commit/c140ecdc9b416ab4efd4d21d14acd63b6adbdd42 (v1.8.1-rc1)
CVE-2020-1725 (A flaw was found in keycloak before version 13.0.0. In some scenarios  ...)
	NOT-FOR-US: Keycloak
CVE-2020-1724 (A flaw was found in Keycloak in versions before 9.0.2. This flaw allow ...)
	NOT-FOR-US: Keycloak
CVE-2020-1723 (The logout endpoint /oauth/logout?redirect=url can be abused to redire ...)
	NOT-FOR-US: Keycloak
CVE-2020-1722 (A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending ...)
	- freeipa 4.8.8-2 (bug #966200)
	[buster] - freeipa <no-dsa> (Minor issue)
	NOTE: https://pagure.io/freeipa/issue/8268
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1793071
	NOTE: https://pagure.io/freeipa/c/dbf5df4a66b68f62a9e063c43a30b46e539c603b (master)
	NOTE: https://pagure.io/freeipa/c/089a393581aa249ddec66ce1455fff4951cdb827 (ipa-4-8)
CVE-2020-1721 (A flaw was found in the Key Recovery Authority (KRA) Agent Service in  ...)
	- dogtag-pki 10.9.1-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1777579
	NOTE: https://github.com/dogtagpki/pki/commit/b3514113c867c9394dd84e313c55dc66f3e846b6 (v10.9.0-a2)
CVE-2020-1720 (A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", whe ...)
	{DSA-4623-1 DSA-4622-1 DLA-2105-1}
	- postgresql-12 12.2-1
	- postgresql-11 <unfixed>
	- postgresql-9.6 <removed>
	- postgresql-9.4 <removed>
	NOTE: https://www.postgresql.org/about/news/2011/
	NOTE: Fixed in 12.2, 11.7, 10.12, 9.6.17, 9.5.21, and 9.4.26
	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=b048f558dd7c26a0c630a2cff29d3d8981eaf6b9
CVE-2020-1719 (A flaw was found in wildfly. The EJBContext principle is not popped ba ...)
	- wildfly <itp> (bug #752018)
CVE-2020-1718 (A flaw was found in the reset credential flow in all Keycloak versions ...)
	NOT-FOR-US: Keycloak
CVE-2020-1717 (A flaw was found in Keycloak 7.0.1. A logged in user can do an account ...)
	NOT-FOR-US: Keycloak
CVE-2020-1716 (A flaw was found in the ceph-ansible playbook where it contained hardc ...)
	NOT-FOR-US: ceph-ansible
CVE-2020-1715
	RESERVED
CVE-2020-1714 (A flaw was found in Keycloak before version 11.0.0, where the code bas ...)
	NOT-FOR-US: Keycloak
CVE-2020-1713
	RESERVED
CVE-2020-1712 (A heap use-after-free vulnerability was found in systemd before versio ...)
	- systemd 244.2-1 (bug #950732)
	[buster] - systemd 241-7~deb10u4
	[stretch] - systemd <no-dsa> (Can be fixed via point release)
	[jessie] - systemd <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/systemd/systemd/commit/773b1a7916bfce3aa2a21ecf534d475032e8528e (preparation)
	NOTE: https://github.com/systemd/systemd/commit/95f82ae9d774f3508ce89dcbdd0714ef7385df59 (preparation)
	NOTE: https://github.com/systemd/systemd/commit/7f56982289275ce84e20f0554475864953e6aaab (preparation)
	NOTE: https://github.com/systemd/systemd/commit/f4425c72c7395ec93ae00052916a66e2f60f200b (preparation)
	NOTE: https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54 (introduce new API)
	NOTE: https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb (use new function to fix CVE-2020-1712)
	NOTE: https://github.com/systemd/systemd/commit/5c1163273569809742c164260cfd9f096520cb82 (documentation)
	NOTE: https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d (documentation)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1794578
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1971
CVE-2020-1711 (An out-of-bounds heap buffer access flaw was found in the way the iSCS ...)
	{DLA-2373-1 DLA-2144-1}
	- qemu 1:4.2-2 (bug #949731)
	[buster] - qemu 1:3.1+dfsg-8+deb10u4
	- qemu-kvm <removed>
	NOTE: Upstream patch: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=693fd2acdf14dd86c0bf852610f1c2cca80a74dc (5.0)
	NOTE: https://www.openwall.com/lists/oss-security/2020/01/23/3
CVE-2020-1710 (The issue appears to be that JBoss EAP 6.4.21 does not parse the field ...)
	NOT-FOR-US: JBoss EAP
CVE-2020-1709 (A vulnerability was found in all openshift/mediawiki 4.x.x versions pr ...)
	NOT-FOR-US: openshift
CVE-2020-1708 (It has been found in openshift-enterprise version 3.11 and all openshi ...)
	NOT-FOR-US: openshift
CVE-2020-1707 (A vulnerability was found in all openshift/postgresql-apb 4.x.x versio ...)
	NOT-FOR-US: openshift
CVE-2020-1706 (It has been found that in openshift-enterprise version 3.11 and opensh ...)
	NOT-FOR-US: openshift
CVE-2020-1705 (A vulnerability was found in openshift/template-service-broker-operato ...)
	NOT-FOR-US: openshift
CVE-2020-1704 (An insecure modification vulnerability in the /etc/passwd file was fou ...)
	NOT-FOR-US: openshift
CVE-2020-1703
	REJECTED
CVE-2020-1702 (A malicious container image can consume an unbounded amount of memory  ...)
	NOT-FOR-US: Red Hat container manager tooling
CVE-2020-1701 (A flaw was found in the KubeVirt main virt-handler versions before 0.2 ...)
	NOT-FOR-US: KubeVirt
CVE-2020-1700 (A flaw was found in the way the Ceph RGW Beast front-end handles unexp ...)
	- ceph 14.2.7-1
	[buster] - ceph <no-dsa> (Minor issue)
	[stretch] - ceph <not-affected> (Vulnerable code introduced later)
	[jessie] - ceph <not-affected> (Vulnerable code introduced later)
	NOTE: https://tracker.ceph.com/issues/42531
	NOTE: https://github.com/ceph/ceph/pull/33017
	NOTE: https://github.com/ceph/ceph/commit/ff72c50a2c43c57aead933eb4903ad1ca6d1748a
CVE-2020-1699 (A path traversal flaw was found in the Ceph dashboard implemented in u ...)
	- ceph 14.2.6-4 (bug #949206)
	[buster] - ceph <not-affected> (Vulnerable code introduced later)
	[stretch] - ceph <not-affected> (Vulnerable code introduced later)
	[jessie] - ceph <not-affected> (Vulnerable code introduced later)
	NOTE: https://tracker.ceph.com/issues/41320
	NOTE: https://github.com/ceph/ceph/commit/0443e40c11280ba3b7efcba61522afa70c4f8158
CVE-2020-1698 (A flaw was found in keycloak in versions before 9.0.0. A logged except ...)
	NOT-FOR-US: Keycloak
CVE-2020-1697 (It was found in all keycloak versions before 9.0.0 that links to exter ...)
	NOT-FOR-US: Keycloak
CVE-2020-1696 (A flaw was found in the all pki-core 10.x.x versions, where Token Proc ...)
	- dogtag-pki <unfixed>
	[bullseye] - dogtag-pki <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1780707
CVE-2020-1695 (A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final  ...)
	- resteasy <undetermined>
	- resteasy3.0 3.0.26-2
	[buster] - resteasy3.0 <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1730462
	NOTE: https://github.com/resteasy/Resteasy/commit/acf15f2a8067f7e4cf5838342cecfa0b78a174fb
CVE-2020-1694 (A flaw was found in all versions of Keycloak before 10.0.0, where the  ...)
	NOT-FOR-US: Keycloak
CVE-2020-1693 (A flaw was found in Spacewalk up to version 2.9 where it was vulnerabl ...)
	NOT-FOR-US: Red Hat Satellite / Spacewalk
CVE-2020-1692 (Moodle before version 3.7.2 is vulnerable to information exposure of s ...)
	- moodle <removed>
CVE-2020-1691
	RESERVED
CVE-2020-1690 (An improper authorization flaw was discovered in openstack-selinux's a ...)
	NOT-FOR-US: openstack-selinux
CVE-2020-1689 (On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series d ...)
	NOT-FOR-US: Juniper
CVE-2020-1688 (On Juniper Networks SRX Series and NFX Series, a local authenticated u ...)
	NOT-FOR-US: Juniper
CVE-2020-1687 (On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series d ...)
	NOT-FOR-US: Juniper
CVE-2020-1686 (On Juniper Networks Junos OS devices, receipt of a malformed IPv6 pack ...)
	NOT-FOR-US: Juniper
CVE-2020-1685 (When configuring stateless firewall filters in Juniper Networks EX4600 ...)
	NOT-FOR-US: Juniper
CVE-2020-1684 (On Juniper Networks SRX Series configured with application identificat ...)
	NOT-FOR-US: Juniper
CVE-2020-1683 (On Juniper Networks Junos OS devices, a specific SNMP OID poll causes  ...)
	NOT-FOR-US: Juniper
CVE-2020-1682 (An input validation vulnerability exists in Juniper Networks Junos OS, ...)
	NOT-FOR-US: Juniper
CVE-2020-1681 (Receipt of a specifically malformed NDP packet sent from the local are ...)
	NOT-FOR-US: Juniper
CVE-2020-1680 (On Juniper Networks MX Series with MS-MIC or MS-MPC card configured wi ...)
	NOT-FOR-US: Juniper
CVE-2020-1679 (On Juniper Networks PTX and QFX Series devices with packet sampling co ...)
	NOT-FOR-US: Juniper
CVE-2020-1678 (On Juniper Networks Junos OS and Junos OS Evolved platforms with EVPN  ...)
	NOT-FOR-US: Juniper
CVE-2020-1677 (When SAML authentication is enabled, Juniper Networks Mist Cloud UI mi ...)
	NOT-FOR-US: Juniper
CVE-2020-1676 (When SAML authentication is enabled, Juniper Networks Mist Cloud UI mi ...)
	NOT-FOR-US: Juniper
CVE-2020-1675 (When Security Assertion Markup Language (SAML) authentication is enabl ...)
	NOT-FOR-US: Juniper
CVE-2020-1674
	REJECTED
CVE-2020-1673 (Insufficient Cross-Site Scripting (XSS) protection in Juniper Networks ...)
	NOT-FOR-US: Juniper
CVE-2020-1672 (On Juniper Networks Junos OS devices configured with DHCPv6 relay enab ...)
	NOT-FOR-US: Juniper
CVE-2020-1671 (On Juniper Networks Junos OS platforms configured as DHCPv6 local serv ...)
	NOT-FOR-US: Juniper
CVE-2020-1670 (On Juniper Networks EX4300 Series, receipt of a stream of specific IPv ...)
	NOT-FOR-US: Juniper
CVE-2020-1669 (The Juniper Device Manager (JDM) container, used by the disaggregated  ...)
	NOT-FOR-US: Juniper
CVE-2020-1668 (On Juniper Networks EX2300 Series, receipt of a stream of specific mul ...)
	NOT-FOR-US: Juniper
CVE-2020-1667 (When DNS filtering is enabled on Juniper Networks Junos MX Series with ...)
	NOT-FOR-US: Juniper
CVE-2020-1666 (The system console configuration option 'log-out-on-disconnect' In Jun ...)
	NOT-FOR-US: Juniper
CVE-2020-1665 (On Juniper Networks MX Series and EX9200 Series, in a certain conditio ...)
	NOT-FOR-US: Juniper
CVE-2020-1664 (A stack buffer overflow vulnerability in the device control daemon (DC ...)
	NOT-FOR-US: Juniper
CVE-2020-1663
	RESERVED
CVE-2020-1662 (On Juniper Networks Junos OS and Junos OS Evolved devices, BGP session ...)
	NOT-FOR-US: Juniper
CVE-2020-1661 (On Juniper Networks Junos OS devices configured as a DHCP forwarder, t ...)
	NOT-FOR-US: Juniper
CVE-2020-1660 (When DNS filtering is enabled on Juniper Networks Junos MX Series with ...)
	NOT-FOR-US: Juniper
CVE-2020-1659
	RESERVED
CVE-2020-1658
	RESERVED
CVE-2020-1657 (On SRX Series devices, a vulnerability in the key-management-daemon (k ...)
	NOT-FOR-US: Juniper
CVE-2020-1656 (The DHCPv6 Relay-Agent service, part of the Juniper Enhanced jdhcpd da ...)
	NOT-FOR-US: Juniper
CVE-2020-1655 (When a device running Juniper Networks Junos OS with MPC7, MPC8, or MP ...)
	NOT-FOR-US: Juniper
CVE-2020-1654 (On Juniper Networks SRX Series with ICAP (Internet Content Adaptation  ...)
	NOT-FOR-US: Juniper
CVE-2020-1653 (On Juniper Networks Junos OS devices, a stream of TCP packets sent to  ...)
	NOT-FOR-US: Juniper
CVE-2020-1652 (OpenNMS is accessible via port 9443 ...)
	- opennms <itp> (bug #450615)
CVE-2020-1651 (On Juniper Networks MX series, receipt of a stream of specific Layer 2 ...)
	NOT-FOR-US: Juniper
CVE-2020-1650 (On Juniper Networks Junos MX Series with service card configured, rece ...)
	NOT-FOR-US: Juniper
CVE-2020-1649 (When a device running Juniper Networks Junos OS with MPC7, MPC8, or MP ...)
	NOT-FOR-US: Juniper
CVE-2020-1648 (On Juniper Networks Junos OS and Junos OS Evolved devices, processing  ...)
	NOT-FOR-US: Juniper
CVE-2020-1647 (On Juniper Networks SRX Series with ICAP (Internet Content Adaptation  ...)
	NOT-FOR-US: Juniper
CVE-2020-1646 (On Juniper Networks Junos OS and Junos OS Evolved devices, processing  ...)
	NOT-FOR-US: Juniper
CVE-2020-1645 (When DNS filtering is enabled on Juniper Networks Junos MX Series with ...)
	NOT-FOR-US: Juniper
CVE-2020-1644 (On Juniper Networks Junos OS and Junos OS Evolved devices, the receipt ...)
	NOT-FOR-US: Juniper
CVE-2020-1643 (Execution of the "show ospf interface extensive" or "show ospf interfa ...)
	NOT-FOR-US: Juniper
CVE-2020-1642
	RESERVED
CVE-2020-1641 (A Race Condition vulnerability in Juniper Networks Junos OS LLDP imple ...)
	NOT-FOR-US: Juniper
CVE-2020-1640 (An improper use of a validation framework when processing incoming gen ...)
	NOT-FOR-US: Juniper
CVE-2020-1639 (When an attacker sends a specific crafted Ethernet Operation, Administ ...)
	NOT-FOR-US: Juniper
CVE-2020-1638 (The FPC (Flexible PIC Concentrator) of Juniper Networks Junos OS and J ...)
	NOT-FOR-US: Juniper
CVE-2020-1637 (A vulnerability in Juniper Networks SRX Series device configured as a  ...)
	NOT-FOR-US: Juniper
CVE-2020-1636
	RESERVED
CVE-2020-1635
	RESERVED
CVE-2020-1634 (On High-End SRX Series devices, in specific configurations and when sp ...)
	NOT-FOR-US: Juniper
CVE-2020-1633 (Due to a new NDP proxy feature for EVPN leaf nodes introduced in Junos ...)
	NOT-FOR-US: Juniper
CVE-2020-1632 (In a certain condition, receipt of a specific BGP UPDATE message might ...)
	NOT-FOR-US: Juniper
CVE-2020-1631 (A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentic ...)
	NOT-FOR-US: Juniper
CVE-2020-1630 (A privilege escalation vulnerability in Juniper Networks Junos OS devi ...)
	NOT-FOR-US: Juniper
CVE-2020-1629 (A race condition vulnerability on Juniper Network Junos OS devices may ...)
	NOT-FOR-US: Juniper
CVE-2020-1628 (Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal com ...)
	NOT-FOR-US: Juniper
CVE-2020-1627 (A vulnerability in Juniper Networks Junos OS on vMX and MX150 devices  ...)
	NOT-FOR-US: Juniper
CVE-2020-1626 (A vulnerability in Juniper Networks Junos OS Evolved may allow an atta ...)
	NOT-FOR-US: Juniper
CVE-2020-1625 (The kernel memory usage represented as "temp" via 'show system virtual ...)
	NOT-FOR-US: Juniper
CVE-2020-1624 (A local, authenticated user with shell can obtain the hashed values of ...)
	NOT-FOR-US: Juniper
CVE-2020-1623 (A local, authenticated user with shell can view sensitive configuratio ...)
	NOT-FOR-US: Juniper
CVE-2020-1622 (A local, authenticated user with shell can obtain the hashed values of ...)
	NOT-FOR-US: Juniper
CVE-2020-1621 (A local, authenticated user with shell can obtain the hashed values of ...)
	NOT-FOR-US: Juniper
CVE-2020-1620 (A local, authenticated user with shell can obtain the hashed values of ...)
	NOT-FOR-US: Juniper
CVE-2020-1619 (A privilege escalation vulnerability in Juniper Networks QFX10K Series ...)
	NOT-FOR-US: Juniper
CVE-2020-1618 (On Juniper Networks EX and QFX Series, an authentication bypass vulner ...)
	NOT-FOR-US: Juniper
CVE-2020-1617 (This issue occurs on Juniper Networks Junos OS devices which do not su ...)
	NOT-FOR-US: Juniper
CVE-2020-1616 (Due to insufficient server-side login attempt limit enforcement, a vul ...)
	NOT-FOR-US: Juniper
CVE-2020-1615 (The factory configuration for vMX installations, as shipped, includes  ...)
	NOT-FOR-US: Juniper
CVE-2020-1614 (A Use of Hard-coded Credentials vulnerability exists in the NFX250 Ser ...)
	NOT-FOR-US: Juniper
CVE-2020-1613 (A vulnerability in the BGP FlowSpec implementation may cause a Juniper ...)
	NOT-FOR-US: Juniper
CVE-2020-1612
	RESERVED
CVE-2020-1611 (A Local File Inclusion vulnerability in Juniper Networks Junos Space a ...)
	NOT-FOR-US: Juniper
CVE-2020-1610
	RESERVED
CVE-2020-1609 (When a device using Juniper Network's Dynamic Host Configuration Proto ...)
	NOT-FOR-US: Juniper
CVE-2020-1608 (Receipt of a specific MPLS or IPv6 packet on the core facing interface ...)
	NOT-FOR-US: Juniper
CVE-2020-1607 (Insufficient Cross-Site Scripting (XSS) protection in J-Web may potent ...)
	NOT-FOR-US: Juniper
CVE-2020-1606 (A path traversal vulnerability in the Juniper Networks Junos OS device ...)
	NOT-FOR-US: Juniper
CVE-2020-1605 (When a device using Juniper Network's Dynamic Host Configuration Proto ...)
	NOT-FOR-US: Juniper
CVE-2020-1604 (On EX4300, EX4600, QFX3500, and QFX5100 Series, a vulnerability in the ...)
	NOT-FOR-US: Juniper
CVE-2020-1603 (Specific IPv6 packets sent by clients processed by the Routing Engine  ...)
	NOT-FOR-US: Juniper
CVE-2020-1602 (When a device using Juniper Network's Dynamic Host Configuration Proto ...)
	NOT-FOR-US: Juniper
CVE-2020-1601 (Certain types of malformed Path Computation Element Protocol (PCEP) pa ...)
	NOT-FOR-US: Juniper
CVE-2020-1600 (In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an ...)
	NOT-FOR-US: Juniper
CVE-2020-1599 (Windows Spoofing Vulnerability ...)
	NOT-FOR-US: Microsoft
CVE-2020-1598 (An elevation of privilege vulnerability exists when the Windows Univer ...)
	NOT-FOR-US: Microsoft
CVE-2020-1597 (A denial of service vulnerability exists when ASP.NET Core improperly  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1596 (A information disclosure vulnerability exists when TLS components use  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1595 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2020-1594 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-1593 (A remote code execution vulnerability exists when Windows Media Audio  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1592 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1591 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
	NOT-FOR-US: Microsoft
CVE-2020-1590 (An elevation of privilege vulnerability exists when the Connected User ...)
	NOT-FOR-US: Microsoft
CVE-2020-1589 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1588
	RESERVED
CVE-2020-1587 (An elevation of privilege vulnerability exists when the Windows Ancill ...)
	NOT-FOR-US: Microsoft
CVE-2020-1586
	RESERVED
CVE-2020-1585 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2020-1584 (An elevation of privilege vulnerability exists in the way that the dns ...)
	NOT-FOR-US: Microsoft
CVE-2020-1583 (An information disclosure vulnerability exists when Microsoft Word imp ...)
	NOT-FOR-US: Microsoft
CVE-2020-1582 (A remote code execution vulnerability exists in Microsoft Access softw ...)
	NOT-FOR-US: Microsoft
CVE-2020-1581 (An elevation of privilege vulnerability exists in the way that Microso ...)
	NOT-FOR-US: Microsoft
CVE-2020-1580 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1579 (An elevation of privilege vulnerability exists when the Windows Functi ...)
	NOT-FOR-US: Microsoft
CVE-2020-1578 (An information disclosure vulnerability exists in the Windows kernel t ...)
	NOT-FOR-US: Microsoft
CVE-2020-1577 (An information disclosure vulnerability exists when DirectWrite improp ...)
	NOT-FOR-US: Microsoft
CVE-2020-1576 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2020-1575 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1574 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2020-1573 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1572
	RESERVED
CVE-2020-1571 (An elevation of privilege vulnerability exists in Windows Setup in the ...)
	NOT-FOR-US: Microsoft
CVE-2020-1570 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2020-1569 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
	NOT-FOR-US: Microsoft
CVE-2020-1568 (A remote code execution vulnerability exists when Microsoft Edge PDF R ...)
	NOT-FOR-US: Microsoft
CVE-2020-1567 (A remote code execution vulnerability exists in the way that the MSHTM ...)
	NOT-FOR-US: Microsoft
CVE-2020-1566 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1565 (An elevation of privilege vulnerability exists when the &amp;quot;Publ ...)
	NOT-FOR-US: Microsoft
CVE-2020-1564 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-1563 (A remote code execution vulnerability exists in Microsoft Office softw ...)
	NOT-FOR-US: Microsoft
CVE-2020-1562 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2020-1561 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2020-1560 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2020-1559 (An elevation of privilege vulnerability exists when the Windows Storag ...)
	NOT-FOR-US: Microsoft
CVE-2020-1558 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-1557 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-1556 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1555 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2020-1554 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-1553 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1552 (An elevation of privilege vulnerability exists when the Windows Work F ...)
	NOT-FOR-US: Microsoft
CVE-2020-1551 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-1550 (An elevation of privilege vulnerability exists when the Windows CDP Us ...)
	NOT-FOR-US: Microsoft
CVE-2020-1549 (An elevation of privilege vulnerability exists when the Windows CDP Us ...)
	NOT-FOR-US: Microsoft
CVE-2020-1548 (An information disclosure vulnerability exists when the Windows WaasMe ...)
	NOT-FOR-US: Microsoft
CVE-2020-1547 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-1546 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-1545 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-1544 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-1543 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-1542 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-1541 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-1540 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-1539 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-1538 (An elevation of privilege vulnerability exists when the Windows UPnP D ...)
	NOT-FOR-US: Microsoft
CVE-2020-1537 (An elevation of privilege vulnerability exists when the Windows Remote ...)
	NOT-FOR-US: Microsoft
CVE-2020-1536 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-1535 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-1534 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-1533 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1532 (An elevation of privilege vulnerability exists when the Windows Instal ...)
	NOT-FOR-US: Microsoft
CVE-2020-1531 (An elevation of privilege vulnerability exists when the Windows Accoun ...)
	NOT-FOR-US: Microsoft
CVE-2020-1530 (An elevation of privilege vulnerability exists when Windows Remote Acc ...)
	NOT-FOR-US: Microsoft
CVE-2020-1529 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1528 (An elevation of privilege vulnerability exists when the Windows Radio  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1527 (An elevation of privilege vulnerability exists when the Windows Custom ...)
	NOT-FOR-US: Microsoft
CVE-2020-1526 (An elevation of privilege vulnerability exists when the Windows Networ ...)
	NOT-FOR-US: Microsoft
CVE-2020-1525 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-1524 (An elevation of privilege vulnerability exists when the Windows Speech ...)
	NOT-FOR-US: Microsoft
CVE-2020-1523 (A tampering vulnerability exists when Microsoft SharePoint Server fail ...)
	NOT-FOR-US: Microsoft
CVE-2020-1522 (An elevation of privilege vulnerability exists when the Windows Speech ...)
	NOT-FOR-US: Microsoft
CVE-2020-1521 (An elevation of privilege vulnerability exists when the Windows Speech ...)
	NOT-FOR-US: Microsoft
CVE-2020-1520 (A remote code execution vulnerability exists when the Windows Font Dri ...)
	NOT-FOR-US: Microsoft
CVE-2020-1519 (An elevation of privilege vulnerability exists when the Windows UPnP D ...)
	NOT-FOR-US: Microsoft
CVE-2020-1518 (An elevation of privilege vulnerability exists when the Windows File S ...)
	NOT-FOR-US: Microsoft
CVE-2020-1517 (An elevation of privilege vulnerability exists when the Windows File S ...)
	NOT-FOR-US: Microsoft
CVE-2020-1516 (An elevation of privilege vulnerability exists when the Windows Work F ...)
	NOT-FOR-US: Microsoft
CVE-2020-1515 (An elevation of privilege vulnerability exists when the Windows Teleph ...)
	NOT-FOR-US: Microsoft
CVE-2020-1514 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1513 (An elevation of privilege vulnerability exists when the Windows CSC Se ...)
	NOT-FOR-US: Microsoft
CVE-2020-1512 (An information disclosure vulnerability exists when the Windows State  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1511 (An elevation of privilege vulnerability exists when Connected User Exp ...)
	NOT-FOR-US: Microsoft
CVE-2020-1510 (An information disclosure vulnerability exists when the win32k compone ...)
	NOT-FOR-US: Microsoft
CVE-2020-1509 (An elevation of privilege vulnerability exists in the Local Security A ...)
	NOT-FOR-US: Microsoft
CVE-2020-1508 (A remote code execution vulnerability exists when Windows Media Audio  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1507 (An elevation of privilege vulnerability exists in the way that Microso ...)
	NOT-FOR-US: Microsoft
CVE-2020-1506 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1505 (An information disclosure vulnerability exists when Microsoft SharePoi ...)
	NOT-FOR-US: Microsoft
CVE-2020-1504 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-1503 (An information disclosure vulnerability exists when Microsoft Word imp ...)
	NOT-FOR-US: Microsoft
CVE-2020-1502 (An information disclosure vulnerability exists when Microsoft Word imp ...)
	NOT-FOR-US: Microsoft
CVE-2020-1501 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1500 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1499 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1498 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-1497 (An information disclosure vulnerability exists when Microsoft Excel im ...)
	NOT-FOR-US: Microsoft
CVE-2020-1496 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-1495 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-1494 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-1493 (An information disclosure vulnerability exists when attaching files to ...)
	NOT-FOR-US: Microsoft
CVE-2020-1492 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-1491 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1490 (An elevation of privilege vulnerability exists when the Storage Servic ...)
	NOT-FOR-US: Microsoft
CVE-2020-1489 (An elevation of privilege vulnerability exists when the Windows CSC Se ...)
	NOT-FOR-US: Microsoft
CVE-2020-1488 (An elevation of privilege vulnerability exists when the Windows AppX D ...)
	NOT-FOR-US: Microsoft
CVE-2020-1487 (An information disclosure vulnerability exists when Media Foundation i ...)
	NOT-FOR-US: Microsoft
CVE-2020-1486 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1485 (An information disclosure vulnerability exists when the Windows Image  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1484 (An elevation of privilege vulnerability exists when the Windows Work F ...)
	NOT-FOR-US: Microsoft
CVE-2020-1483 (A remote code execution vulnerability exists in Microsoft Outlook when ...)
	NOT-FOR-US: Microsoft
CVE-2020-1482 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1481 (A remote code execution vulnerability exists in the ESLint extension f ...)
	NOT-FOR-US: Microsoft
CVE-2020-1480 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1479 (An elevation of privilege vulnerability exists when DirectX improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-1478 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-1477 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-1476 (An elevation of privilege vulnerability exists when ASP.NET or .NET we ...)
	NOT-FOR-US: Microsoft
CVE-2020-1475 (An elevation of privilege vulnerability exists in the way that the srm ...)
	NOT-FOR-US: Microsoft
CVE-2020-1474 (An information disclosure vulnerability exists when the Windows Image  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1473 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-1472 (An elevation of privilege vulnerability exists when an attacker establ ...)
	{DLA-2463-1}
	[experimental] - samba 2:4.13.2+dfsg-1
	- samba 2:4.13.2+dfsg-2 (bug #971048)
	[buster] - samba <no-dsa> (Has already safe defaults; can be fixed along in point release)
	NOTE: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472
	NOTE: Originally a Microsoft only CVE but it was found that the ZeroLogon attack
	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14497
	NOTE: Mitigation: server schannel = yes; but code changes planned.
	NOTE: https://www.openwall.com/lists/oss-security/2020/09/17/2
	NOTE: https://www.samba.org/samba/security/CVE-2020-1472.html
CVE-2020-1471 (An elevation of privilege vulnerability exists when Microsoft Windows  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1470 (An elevation of privilege vulnerability exists when the Windows Work F ...)
	NOT-FOR-US: Microsoft
CVE-2020-1469 (A denial of service vulnerability exists when the .NET implementation  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1468 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2020-1467 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-1466 (A denial of service vulnerability exists in Windows Remote Desktop Gat ...)
	NOT-FOR-US: Microsoft
CVE-2020-1465 (An elevation of privilege vulnerability exists in Microsoft OneDrive t ...)
	NOT-FOR-US: Microsoft
CVE-2020-1464 (A spoofing vulnerability exists when Windows incorrectly validates fil ...)
	NOT-FOR-US: Microsoft
CVE-2020-1463 (An elevation of privilege vulnerability exists in the way that the Sha ...)
	NOT-FOR-US: Microsoft
CVE-2020-1462 (An information disclosure vulnerability exists when Skype for Business ...)
	NOT-FOR-US: Microsoft
CVE-2020-1461 (An elevation of privilege vulnerability exists when the MpSigStub.exe  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1460 (A remote code execution vulnerability exists in Microsoft SharePoint S ...)
	NOT-FOR-US: Microsoft
CVE-2020-1459 (An information disclosure vulnerability exists on ARM implementations  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1458 (A remote code execution vulnerability exists when Microsoft Office imp ...)
	NOT-FOR-US: Microsoft
CVE-2020-1457 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2020-1456 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1455 (A denial of service vulnerability exists when Microsoft SQL Server Man ...)
	NOT-FOR-US: Microsoft
CVE-2020-1454 (This vulnerability is caused when SharePoint Server does not properly  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1453 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2020-1452 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2020-1451 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1450 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1449 (A remote code execution vulnerability exists in Microsoft Project soft ...)
	NOT-FOR-US: Microsoft
CVE-2020-1448 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
	NOT-FOR-US: Microsoft
CVE-2020-1447 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
	NOT-FOR-US: Microsoft
CVE-2020-1446 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
	NOT-FOR-US: Microsoft
CVE-2020-1445 (An information disclosure vulnerability exists when Microsoft Office i ...)
	NOT-FOR-US: Microsoft
CVE-2020-1444 (A remote code execution vulnerability exists in the way Microsoft Shar ...)
	NOT-FOR-US: Microsoft
CVE-2020-1443 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1442 (A spoofing vulnerability exists when an Office Web Apps server does no ...)
	NOT-FOR-US: Microsoft
CVE-2020-1441
	RESERVED
CVE-2020-1440 (A tampering vulnerability exists when Microsoft SharePoint Server fail ...)
	NOT-FOR-US: Microsoft
CVE-2020-1439 (A remote code execution vulnerability exists in PerformancePoint Servi ...)
	NOT-FOR-US: Microsoft
CVE-2020-1438 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1437 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1436 (A remote code execution vulnerability exists when the Windows font lib ...)
	NOT-FOR-US: Microsoft
CVE-2020-1435 (A remote code execution vulnerability exists in the way that the Windo ...)
	NOT-FOR-US: Microsoft
CVE-2020-1434 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1433 (An information disclosure vulnerability exists when Microsoft Edge PDF ...)
	NOT-FOR-US: Microsoft
CVE-2020-1432 (An information disclosure vulnerability exists when Skype for Business ...)
	NOT-FOR-US: Microsoft
CVE-2020-1431 (An elevation of privilege vulnerability exists when the Windows AppX D ...)
	NOT-FOR-US: Microsoft
CVE-2020-1430 (An elevation of privilege vulnerability exists when the Windows UPnP D ...)
	NOT-FOR-US: Microsoft
CVE-2020-1429 (An elevation of privilege vulnerability exists when Windows Error Repo ...)
	NOT-FOR-US: Microsoft
CVE-2020-1428 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1427 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1426 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1425 (A remoted code execution vulnerability exists in the way that Microsof ...)
	NOT-FOR-US: Microsoft
CVE-2020-1424 (An elevation of privilege vulnerability exists when the Windows Update ...)
	NOT-FOR-US: Microsoft
CVE-2020-1423 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1422 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1421 (A remote code execution vulnerability exists in Microsoft Windows that ...)
	NOT-FOR-US: Microsoft
CVE-2020-1420 (An information disclosure vulnerability exists when Windows Error Repo ...)
	NOT-FOR-US: Microsoft
CVE-2020-1419 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1418 (An elevation of privilege vulnerability exists when the Windows Diagno ...)
	NOT-FOR-US: Microsoft
CVE-2020-1417 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1416 (An elevation of privilege vulnerability exists in Visual Studio and Vi ...)
	NOT-FOR-US: Microsoft
CVE-2020-1415 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1414 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1413 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1412 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2020-1411 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1410 (A remote code execution vulnerability exists when Windows Address Book ...)
	NOT-FOR-US: Microsoft
CVE-2020-1409 (A remote code execution vulnerability exists in the way that DirectWri ...)
	NOT-FOR-US: Microsoft
CVE-2020-1408 (A remote code execution vulnerability exists when the Windows font lib ...)
	NOT-FOR-US: Microsoft
CVE-2020-1407 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-1406 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1405 (An elevation of privilege vulnerability exists when Windows Mobile Dev ...)
	NOT-FOR-US: Microsoft
CVE-2020-1404 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1403 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2020-1402 (An elevation of privilege vulnerability exists when the Windows Active ...)
	NOT-FOR-US: Microsoft
CVE-2020-1401 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-1400 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-1399 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1398 (An elevation of privilege vulnerability exists when Windows Lockscreen ...)
	NOT-FOR-US: Microsoft
CVE-2020-1397 (An information disclosure vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1396 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-1395 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1394 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1393 (An elevation of privilege vulnerability exists when the Windows Diagno ...)
	NOT-FOR-US: Microsoft
CVE-2020-1392 (An elevation of privilege vulnerability exists when the Windows Delive ...)
	NOT-FOR-US: Microsoft
CVE-2020-1391 (An information disclosure vulnerability exists when the Windows Agent  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1390 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1389 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1388 (An elevation of privilege vulnerability exists in the way that the psm ...)
	NOT-FOR-US: Microsoft
CVE-2020-1387 (An elevation of privilege vulnerability exists in the way the Windows  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1386 (An information vulnerability exists when Windows Connected User Experi ...)
	NOT-FOR-US: Microsoft
CVE-2020-1385 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1384 (An elevation of privilege vulnerability exists when the Windows Crypto ...)
	NOT-FOR-US: Microsoft
CVE-2020-1383 (An information disclosure vulnerability exists in RPC if the server ha ...)
	NOT-FOR-US: Microsoft
CVE-2020-1382 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
	NOT-FOR-US: Microsoft
CVE-2020-1381 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
	NOT-FOR-US: Microsoft
CVE-2020-1380 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2020-1379 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-1378 (An elevation of privilege vulnerability exists when the Windows Kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1377 (An elevation of privilege vulnerability exists when the Windows Kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1376 (An elevation of privilege vulnerability exists in the way that fdSSDP. ...)
	NOT-FOR-US: Microsoft
CVE-2020-1375 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-1374 (A remote code execution vulnerability exists in the Windows Remote Des ...)
	NOT-FOR-US: Microsoft
CVE-2020-1373 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1372 (An elevation of privilege vulnerability exists when Windows Mobile Dev ...)
	NOT-FOR-US: Microsoft
CVE-2020-1371 (An elevation of privilege vulnerability exists when the Windows Event  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1370 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1369 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1368 (An elevation of privilege vulnerability exists in the way that the Cre ...)
	NOT-FOR-US: Microsoft
CVE-2020-1367 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1366 (An elevation of privilege vulnerability exists when the Windows Print  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1365 (An elevation of privilege vulnerability exists when the Windows Event  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1364 (A denial of service vulnerability exists in the way that the WalletSer ...)
	NOT-FOR-US: Microsoft
CVE-2020-1363 (An elevation of privilege vulnerability exists when the Windows Picker ...)
	NOT-FOR-US: Microsoft
CVE-2020-1362 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1361 (An information disclosure vulnerability exists in the way that the Wal ...)
	NOT-FOR-US: Microsoft
CVE-2020-1360 (An elevation of privilege vulnerability exists when the Windows Profil ...)
	NOT-FOR-US: Microsoft
CVE-2020-1359 (An elevation of privilege vulnerability exists when the Windows Crypto ...)
	NOT-FOR-US: Microsoft
CVE-2020-1358 (An information disclosure vulnerability exists when the Windows Resour ...)
	NOT-FOR-US: Microsoft
CVE-2020-1357 (An elevation of privilege vulnerability exists when the Windows System ...)
	NOT-FOR-US: Microsoft
CVE-2020-1356 (An elevation of privilege vulnerability exists when the Windows iSCSI  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1355 (A remote code execution vulnerability exists when the Windows Font Dri ...)
	NOT-FOR-US: Microsoft
CVE-2020-1354 (An elevation of privilege vulnerability exists when the Windows UPnP D ...)
	NOT-FOR-US: Microsoft
CVE-2020-1353 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1352 (An elevation of privilege vulnerability exists when the Windows USO Co ...)
	NOT-FOR-US: Microsoft
CVE-2020-1351 (An information disclosure vulnerability exists when the Windows Graphi ...)
	NOT-FOR-US: Microsoft
CVE-2020-1350 (A remote code execution vulnerability exists in Windows Domain Name Sy ...)
	NOT-FOR-US: Microsoft
CVE-2020-1349 (A remote code execution vulnerability exists in Microsoft Outlook soft ...)
	NOT-FOR-US: Microsoft
CVE-2020-1348 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2020-1347 (An elevation of privilege vulnerability exists when the Windows Storag ...)
	NOT-FOR-US: Microsoft
CVE-2020-1346 (An elevation of privilege vulnerability exists when the Windows Module ...)
	NOT-FOR-US: Microsoft
CVE-2020-1345 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1344 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1343 (An information disclosure vulnerability exists in Visual Studio Code L ...)
	NOT-FOR-US: Microsoft
CVE-2020-1342 (An information disclosure vulnerability exists when Microsoft Office s ...)
	NOT-FOR-US: Microsoft
CVE-2020-1341
	RESERVED
CVE-2020-1340 (A spoofing vulnerability exists when the NuGetGallery does not properl ...)
	NOT-FOR-US: Microsoft
CVE-2020-1339 (A remote code execution vulnerability exists when Windows Media Audio  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1338 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
	NOT-FOR-US: Microsoft
CVE-2020-1337 (An elevation of privilege vulnerability exists when the Windows Print  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1336 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1335 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-1334 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1333 (An elevation of privilege vulnerability exists when Group Policy Servi ...)
	NOT-FOR-US: Microsoft
CVE-2020-1332 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-1331 (A spoofing vulnerability exists when System Center Operations Manager  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1330 (An information disclosure vulnerability exists when Windows Mobile Dev ...)
	NOT-FOR-US: Microsoft
CVE-2020-1329 (A spoofing vulnerability exists when Microsoft Bing Search for Android ...)
	NOT-FOR-US: Microsoft
CVE-2020-1328
	RESERVED
CVE-2020-1327 (A spoofing vulnerability exists in Microsoft Azure DevOps Server when  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1326 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
	NOT-FOR-US: Microsoft
CVE-2020-1325 (Azure DevOps Server and Team Foundation Services Spoofing Vulnerabilit ...)
	NOT-FOR-US: Microsoft
CVE-2020-1324 (An elevation of privilege (user to user) vulnerability exists in Windo ...)
	NOT-FOR-US: Microsoft
CVE-2020-1323 (An open redirect vulnerability exists in Microsoft SharePoint that cou ...)
	NOT-FOR-US: Microsoft
CVE-2020-1322 (An information disclosure vulnerability exists when Microsoft Project  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1321 (A remote code execution vulnerability exists in Microsoft Office softw ...)
	NOT-FOR-US: Microsoft
CVE-2020-1320 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1319 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2020-1318 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1317 (An elevation of privilege vulnerability exists when Group Policy impro ...)
	NOT-FOR-US: Microsoft
CVE-2020-1316 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1315 (An information disclosure vulnerability exists when Internet Explorer  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1314 (An elevation of privilege vulnerability exists in Windows Text Service ...)
	NOT-FOR-US: Microsoft
CVE-2020-1313 (An elevation of privilege vulnerability exists when the Windows Update ...)
	NOT-FOR-US: Microsoft
CVE-2020-1312 (An elevation of privilege vulnerability exists in Windows Installer be ...)
	NOT-FOR-US: Microsoft
CVE-2020-1311 (An elevation of privilege vulnerability exists when Component Object M ...)
	NOT-FOR-US: Microsoft
CVE-2020-1310 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1309 (An elevation of privilege vulnerability exists when the Microsoft Stor ...)
	NOT-FOR-US: Microsoft
CVE-2020-1308 (An elevation of privilege vulnerability exists when DirectX improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-1307 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1306 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1305 (An elevation of privilege vulnerability exists when the Windows State  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1304 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1303 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1302 (An elevation of privilege vulnerability exists in Windows Installer be ...)
	NOT-FOR-US: Microsoft
CVE-2020-1301 (A remote code execution vulnerability exists in the way that the Micro ...)
	NOT-FOR-US: Microsoft
CVE-2020-1300 (A remote code execution vulnerability exists when Microsoft Windows fa ...)
	NOT-FOR-US: Microsoft
CVE-2020-1299 (A remote code execution vulnerability exists in Microsoft Windows that ...)
	NOT-FOR-US: Microsoft
CVE-2020-1298 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1297 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1296 (A vulnerability exists in the way the Windows Diagnostics &amp;amp; fe ...)
	NOT-FOR-US: Microsoft
CVE-2020-1295 (An elevation of privilege vulnerability exists in Microsoft SharePoint ...)
	NOT-FOR-US: Microsoft
CVE-2020-1294 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1293 (An elevation of privilege vulnerability exists when the Diagnostics Hu ...)
	NOT-FOR-US: Microsoft
CVE-2020-1292 (An elevation of privilege vulnerability exists in OpenSSH for Windows  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1291 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1290 (An information disclosure vulnerability exists when the win32k compone ...)
	NOT-FOR-US: Microsoft
CVE-2020-1289 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1288
	RESERVED
CVE-2020-1287 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1286 (A remote code execution vulnerability exists when the Windows Shell do ...)
	NOT-FOR-US: Microsoft
CVE-2020-1285 (A remote code execution vulnerability exists in the way that the Windo ...)
	NOT-FOR-US: Microsoft
CVE-2020-1284 (A denial of service vulnerability exists in the way that the Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2020-1283 (A denial of service vulnerability exists when Windows improperly handl ...)
	NOT-FOR-US: Microsoft
CVE-2020-1282 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1281 (A remote code execution vulnerability exists when Microsoft Windows OL ...)
	NOT-FOR-US: Microsoft
CVE-2020-1280 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1279 (An elevation of privilege vulnerability exists when Windows Lockscreen ...)
	NOT-FOR-US: Microsoft
CVE-2020-1278 (An elevation of privilege vulnerability exists when the Diagnostics Hu ...)
	NOT-FOR-US: Microsoft
CVE-2020-1277 (An elevation of privilege vulnerability exists in Windows Installer be ...)
	NOT-FOR-US: Microsoft
CVE-2020-1276 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1275 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1274 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1273 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1272 (An elevation of privilege vulnerability exists in the Windows Installe ...)
	NOT-FOR-US: Microsoft
CVE-2020-1271 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-1270 (An elevation of privilege vulnerability exists in the way that the wla ...)
	NOT-FOR-US: Microsoft
CVE-2020-1269 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1268 (An information disclosure vulnerability exists when a Windows service  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1267 (This security update corrects a denial of service in the Local Securit ...)
	NOT-FOR-US: Microsoft
CVE-2020-1266 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1265 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1264 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1263 (An information disclosure vulnerability exists in the way Windows Erro ...)
	NOT-FOR-US: Microsoft
CVE-2020-1262 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1261 (An information disclosure vulnerability exists in the way Windows Erro ...)
	NOT-FOR-US: Microsoft
CVE-2020-1260 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2020-1259 (A security feature bypass vulnerability exists when Windows Host Guard ...)
	NOT-FOR-US: Microsoft
CVE-2020-1258 (An elevation of privilege vulnerability exists when DirectX improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-1257 (An elevation of privilege vulnerability exists when the Diagnostics Hu ...)
	NOT-FOR-US: Microsoft
CVE-2020-1256 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2020-1255 (An elevation of privilege vulnerability exists when the Windows Backgr ...)
	NOT-FOR-US: Microsoft
CVE-2020-1254 (An elevation of privilege vulnerability exists when Windows Modules In ...)
	NOT-FOR-US: Microsoft
CVE-2020-1253 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1252 (A remote code execution vulnerability exists when Windows improperly h ...)
	NOT-FOR-US: Microsoft
CVE-2020-1251 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1250 (An information disclosure vulnerability exists when the win32k compone ...)
	NOT-FOR-US: Microsoft
CVE-2020-1249 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1248 (A remote code execution vulnerability exists in the way that the Windo ...)
	NOT-FOR-US: Microsoft
CVE-2020-1247 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1246 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1245 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1244 (A denial of service vulnerability exists when Connected User Experienc ...)
	NOT-FOR-US: Microsoft
CVE-2020-1243 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
	NOT-FOR-US: Microsoft
CVE-2020-1242 (An information disclosure vulnerability exists in the way that Microso ...)
	NOT-FOR-US: Microsoft
CVE-2020-1241 (A security feature bypass vulnerability exists when Windows Kernel fai ...)
	NOT-FOR-US: Microsoft
CVE-2020-1240 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-1239 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-1238 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-1237 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1236 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-1235 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1234 (An elevation of privilege vulnerability exists when Windows Error Repo ...)
	NOT-FOR-US: Microsoft
CVE-2020-1233 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1232 (An information disclosure vulnerability exists when Media Foundation i ...)
	NOT-FOR-US: Microsoft
CVE-2020-1231 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1230 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2020-1229 (A security feature bypass vulnerability exists in Microsoft Outlook wh ...)
	NOT-FOR-US: Microsoft
CVE-2020-1228 (A denial of service vulnerability exists in Windows DNS when it fails  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1227 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1226 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-1225 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-1224 (An information disclosure vulnerability exists when Microsoft Excel im ...)
	NOT-FOR-US: Microsoft
CVE-2020-1223 (A remote code execution vulnerability exists when Microsoft Word for A ...)
	NOT-FOR-US: Microsoft
CVE-2020-1222 (An elevation of privilege vulnerability exists when the Microsoft Stor ...)
	NOT-FOR-US: Microsoft
CVE-2020-1221
	RESERVED
CVE-2020-1220 (A spoofing vulnerability exists when theMicrosoft Edge (Chromium-based ...)
	NOT-FOR-US: Microsoft
CVE-2020-1219 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2020-1218 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
	NOT-FOR-US: Microsoft
CVE-2020-1217 (An information disclosure vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1216 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2020-1215 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2020-1214 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2020-1213 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2020-1212 (An elevation of privilege vulnerability exists when an OLE Automation  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1211 (An elevation of privilege vulnerability exists in the way that the Con ...)
	NOT-FOR-US: Microsoft
CVE-2020-1210 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2020-1209 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1208 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-1207 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1206 (An information disclosure vulnerability exists in the way that the Mic ...)
	NOT-FOR-US: Microsoft
CVE-2020-1205 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1204 (An elevation of privilege vulnerability exists when Windows Mobile Dev ...)
	NOT-FOR-US: Microsoft
CVE-2020-1203 (An elevation of privilege vulnerability exists when the Diagnostics Hu ...)
	NOT-FOR-US: Microsoft
CVE-2020-1202 (An elevation of privilege vulnerability exists when the Diagnostics Hu ...)
	NOT-FOR-US: Microsoft
CVE-2020-1201 (An elevation of privilege vulnerability exists in the way the Windows  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1200 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2020-1199 (An elevation of privilege vulnerability exists when the Windows Feedba ...)
	NOT-FOR-US: Microsoft
CVE-2020-1198 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1197 (An elevation of privilege vulnerability exists when Windows Error Repo ...)
	NOT-FOR-US: Microsoft
CVE-2020-1196 (An elevation of privilege vulnerability exists in the way that the pri ...)
	NOT-FOR-US: Microsoft
CVE-2020-1195 (An elevation of privilege vulnerability exists in Microsoft Edge (Chro ...)
	NOT-FOR-US: Microsoft
CVE-2020-1194 (A denial of service vulnerability exists when Windows Registry imprope ...)
	NOT-FOR-US: Microsoft
CVE-2020-1193 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-1192 (A remote code execution vulnerability exists in Visual Studio Code whe ...)
	NOT-FOR-US: Microsoft
CVE-2020-1191 (An elevation of privilege vulnerability exists when the Windows State  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1190 (An elevation of privilege vulnerability exists when the Windows State  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1189 (An elevation of privilege vulnerability exists when the Windows State  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1188 (An elevation of privilege vulnerability exists when the Windows State  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1187 (An elevation of privilege vulnerability exists when the Windows State  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1186 (An elevation of privilege vulnerability exists when the Windows State  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1185 (An elevation of privilege vulnerability exists when the Windows State  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1184 (An elevation of privilege vulnerability exists when the Windows State  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1183 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1182 (A remote code execution vulnerability exists in Microsoft Dynamics 365 ...)
	NOT-FOR-US: Microsoft
CVE-2020-1181 (A remote code execution vulnerability exists in Microsoft SharePoint S ...)
	NOT-FOR-US: Microsoft
CVE-2020-1180 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-1179 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2020-1178 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
	NOT-FOR-US: Microsoft
CVE-2020-1177 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1176 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-1175 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-1174 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-1173 (A spoofing vulnerability exists in Microsoft Power BI Report Server in ...)
	NOT-FOR-US: Microsoft
CVE-2020-1172 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-1171 (A remote code execution vulnerability exists in Visual Studio Code whe ...)
	NOT-FOR-US: Microsoft
CVE-2020-1170 (An elevation of privilege vulnerability exists in Windows Defender tha ...)
	NOT-FOR-US: Microsoft
CVE-2020-1169 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1168
	RESERVED
CVE-2020-1167 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2020-1166 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-1165 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-1164 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1163 (An elevation of privilege vulnerability exists in Windows Defender tha ...)
	NOT-FOR-US: Microsoft
CVE-2020-1162 (An elevation of privilege (user to user) vulnerability exists in Windo ...)
	NOT-FOR-US: Microsoft
CVE-2020-1161 (A denial of service vulnerability exists when ASP.NET Core improperly  ...)
	NOT-FOR-US: Microsoft .NET
CVE-2020-1160 (An information disclosure vulnerability exists when the Microsoft Wind ...)
	NOT-FOR-US: Microsoft
CVE-2020-1159 (An elevation of privilege vulnerability exists in the way that the Sta ...)
	NOT-FOR-US: Microsoft
CVE-2020-1158 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1157 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1156 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1155 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1154 (An elevation of privilege vulnerability exists when the Windows Common ...)
	NOT-FOR-US: Microsoft
CVE-2020-1153 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2020-1152 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-1151 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1150 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-1149 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1148 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1147 (A remote code execution vulnerability exists in .NET Framework, Micros ...)
	NOT-FOR-US: Microsoft .NET
CVE-2020-1146 (An elevation of privilege vulnerability exists when the Microsoft Stor ...)
	NOT-FOR-US: Microsoft
CVE-2020-1145 (An information disclosure vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1144 (An elevation of privilege vulnerability exists when the Windows State  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1143 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1142 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1141 (An information disclosure vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1140 (An elevation of privilege vulnerability exists when DirectX improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-1139 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1138 (An elevation of privilege vulnerability exists when the Storage Servic ...)
	NOT-FOR-US: Microsoft
CVE-2020-1137 (An elevation of privilege vulnerability exists in the way the Windows  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1136 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-1135 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
	NOT-FOR-US: Microsoft
CVE-2020-1134 (An elevation of privilege vulnerability exists when the Windows State  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1133 (An elevation of privilege vulnerability exists when the Diagnostics Hu ...)
	NOT-FOR-US: Microsoft
CVE-2020-1132 (An elevation of privilege vulnerability exists when Windows Error Repo ...)
	NOT-FOR-US: Microsoft
CVE-2020-1131 (An elevation of privilege vulnerability exists when the Windows State  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1130 (An elevation of privilege vulnerability exists when the Diagnostics Hu ...)
	NOT-FOR-US: Microsoft
CVE-2020-1129 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2020-1128
	RESERVED
CVE-2020-1127
	RESERVED
CVE-2020-1126 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-1125 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1124 (An elevation of privilege vulnerability exists when the Windows State  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1123 (A denial of service vulnerability exists when Connected User Experienc ...)
	NOT-FOR-US: Microsoft
CVE-2020-1122 (An elevation of privilege vulnerability exists when the Windows Langua ...)
	NOT-FOR-US: Microsoft
CVE-2020-1121 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-1120 (A denial of service vulnerability exists when Connected User Experienc ...)
	NOT-FOR-US: Microsoft
CVE-2020-1119 (An information disclosure vulnerability exists when StartTileData.dll  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1118 (A denial of service vulnerability exists in the Windows implementation ...)
	NOT-FOR-US: Microsoft
CVE-2020-1117 (A remote code execution vulnerability exists in the way that the Color ...)
	NOT-FOR-US: Microsoft
CVE-2020-1116 (An information disclosure vulnerability exists when the Windows Client ...)
	NOT-FOR-US: Microsoft
CVE-2020-1115 (An elevation of privilege vulnerability exists when the Windows Common ...)
	NOT-FOR-US: Microsoft
CVE-2020-1114 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1113 (A security feature bypass vulnerability exists in Microsoft Windows wh ...)
	NOT-FOR-US: Microsoft
CVE-2020-1112 (An elevation of privilege vulnerability exists when the Windows Backgr ...)
	NOT-FOR-US: Microsoft
CVE-2020-1111 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-1110 (An elevation of privilege vulnerability exists when the Windows Update ...)
	NOT-FOR-US: Microsoft
CVE-2020-1109 (An elevation of privilege vulnerability exists when the Windows Update ...)
	NOT-FOR-US: Microsoft
CVE-2020-1108 (A denial of service vulnerability exists when .NET Core or .NET Framew ...)
	NOT-FOR-US: Microsoft .NET
CVE-2020-1107 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1106 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1105 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1104 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1103 (An information disclosure vulnerability exists where certain modes of  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1102 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2020-1101 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1100 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1099 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-1098 (An elevation of privilege vulnerability exists when the Shell infrastr ...)
	NOT-FOR-US: Microsoft
CVE-2020-1097 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2020-1096 (A remote code execution vulnerability exists when Microsoft Edge PDF R ...)
	NOT-FOR-US: Microsoft
CVE-2020-1095
	RESERVED
CVE-2020-1094 (An elevation of privilege vulnerability exists when the Windows Work F ...)
	NOT-FOR-US: Microsoft
CVE-2020-1093 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2020-1092 (A remote code execution vulnerability exists when Internet Explorer im ...)
	NOT-FOR-US: Microsoft
CVE-2020-1091 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2020-1090 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1089
	RESERVED
CVE-2020-1088 (An elevation of privilege vulnerability exists in Windows Error Report ...)
	NOT-FOR-US: Microsoft
CVE-2020-1087 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1086 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1085 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1084 (A Denial Of Service vulnerability exists when Connected User Experienc ...)
	NOT-FOR-US: Microsoft
CVE-2020-1083 (An information disclosure vulnerability exists when the Microsoft Wind ...)
	NOT-FOR-US: Microsoft
CVE-2020-1082 (An elevation of privilege vulnerability exists in Windows Error Report ...)
	NOT-FOR-US: Microsoft
CVE-2020-1081 (An elevation of privilege vulnerability exists when the Windows Printe ...)
	NOT-FOR-US: Microsoft
CVE-2020-1080 (An elevation of privilege vulnerability exists when Windows Hyper-V on ...)
	NOT-FOR-US: Microsoft
CVE-2020-1079 (An elevation of privilege vulnerability exists when the Windows fails  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1078 (An elevation of privilege vulnerability exists in Windows Installer be ...)
	NOT-FOR-US: Microsoft
CVE-2020-1077 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2020-1076 (A denial of service vulnerability exists when Windows improperly handl ...)
	NOT-FOR-US: Microsoft
CVE-2020-1075 (An information disclosure vulnerability exists when Windows Subsystem  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1074 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-1073 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-1072 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1071 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-1070 (An elevation of privilege vulnerability exists when the Windows Print  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1069 (A remote code execution vulnerability exists in Microsoft SharePoint S ...)
	NOT-FOR-US: Microsoft
CVE-2020-1068 (An elevation of privilege vulnerability exists in Windows Media Servic ...)
	NOT-FOR-US: Microsoft
CVE-2020-1067 (A remote code execution vulnerability exists in the way that Windows h ...)
	NOT-FOR-US: Microsoft
CVE-2020-1066 (An elevation of privilege vulnerability exists in .NET Framework which ...)
	NOT-FOR-US: Microsoft
CVE-2020-1065 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-1064 (A remote code execution vulnerability exists in the way that the MSHTM ...)
	NOT-FOR-US: Microsoft
CVE-2020-1063 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
	NOT-FOR-US: Microsoft
CVE-2020-1062 (A remote code execution vulnerability exists when Internet Explorer im ...)
	NOT-FOR-US: Microsoft
CVE-2020-1061 (A remote code execution vulnerability exists in the way that the Micro ...)
	NOT-FOR-US: Microsoft
CVE-2020-1060 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2020-1059 (A spoofing vulnerability exists when Microsoft Edge does not properly  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1058 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2020-1057 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-1056 (An elevation of privilege vulnerability exists when Microsoft Edge doe ...)
	NOT-FOR-US: Microsoft
CVE-2020-1055 (A cross-site-scripting (XSS) vulnerability exists when Active Director ...)
	NOT-FOR-US: Microsoft
CVE-2020-1054 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1053 (An elevation of privilege vulnerability exists when DirectX improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-1052 (An elevation of privilege vulnerability exists in the way that the ssd ...)
	NOT-FOR-US: Microsoft
CVE-2020-1051 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-1050 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
	NOT-FOR-US: Microsoft
CVE-2020-1049 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
	NOT-FOR-US: Microsoft
CVE-2020-1048 (An elevation of privilege vulnerability exists when the Windows Print  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1047 (An elevation of privilege vulnerability exists when Windows Hyper-V on ...)
	NOT-FOR-US: Microsoft
CVE-2020-1046 (A remote code execution vulnerability exists when Microsoft .NET Frame ...)
	NOT-FOR-US: Microsoft
CVE-2020-1045 (A security feature bypass vulnerability exists in the way Microsoft AS ...)
	- dotnet-core-3.1 <itp> (bug #968921)
CVE-2020-1044 (A security feature bypass vulnerability exists in SQL Server Reporting ...)
	NOT-FOR-US: Microsoft
CVE-2020-1043 (A remote code execution vulnerability exists when Hyper-V RemoteFX vGP ...)
	NOT-FOR-US: Microsoft
CVE-2020-1042 (A remote code execution vulnerability exists when Hyper-V RemoteFX vGP ...)
	NOT-FOR-US: Microsoft
CVE-2020-1041 (A remote code execution vulnerability exists when Hyper-V RemoteFX vGP ...)
	NOT-FOR-US: Microsoft
CVE-2020-1040 (A remote code execution vulnerability exists when Hyper-V RemoteFX vGP ...)
	NOT-FOR-US: Microsoft
CVE-2020-1039 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-1038 (A denial of service vulnerability exists when Windows Routing Utilitie ...)
	NOT-FOR-US: Microsoft
CVE-2020-1037 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-1036 (A remote code execution vulnerability exists when Hyper-V RemoteFX vGP ...)
	NOT-FOR-US: Microsoft
CVE-2020-1035 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2020-1034 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1033 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1032 (A remote code execution vulnerability exists when Hyper-V RemoteFX vGP ...)
	NOT-FOR-US: Microsoft
CVE-2020-1031 (An information disclosure vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1030 (An elevation of privilege vulnerability exists when the Windows Print  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1029 (An elevation of privilege vulnerability exists when Connected User Exp ...)
	NOT-FOR-US: Microsoft
CVE-2020-1028 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-1027 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1026 (A Security Feature Bypass vulnerability exists in the MSR JavaScript C ...)
	NOT-FOR-US: Microsoft
CVE-2020-1025 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
	NOT-FOR-US: Microsoft
CVE-2020-1024 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2020-1023 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2020-1022 (A remote code execution vulnerability exists in Microsoft Dynamics Bus ...)
	NOT-FOR-US: Microsoft
CVE-2020-1021 (An elevation of privilege vulnerability exists in Windows Error Report ...)
	NOT-FOR-US: Microsoft
CVE-2020-1020 (A remote code execution vulnerability exists in Microsoft Windows when ...)
	NOT-FOR-US: Microsoft
CVE-2020-1019 (An elevation of privilege vulnerability exists in RMS Sharing App for  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1018 (An information disclosure vulnerability exists when Microsoft Dynamics ...)
	NOT-FOR-US: Microsoft
CVE-2020-1017 (An elevation of privilege vulnerability exists in the way the Windows  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1016 (An information disclosure vulnerability exists when the Windows Push N ...)
	NOT-FOR-US: Microsoft
CVE-2020-1015 (An elevation of privilege vulnerability exists in the way that the Use ...)
	NOT-FOR-US: Microsoft
CVE-2020-1014 (An elevation of privilege vulnerability exists in the Microsoft Window ...)
	NOT-FOR-US: Microsoft
CVE-2020-1013 (An elevation of privilege vulnerability exists when Microsoft Windows  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1012 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-1011 (An elevation of privilege vulnerability exists when the Windows System ...)
	NOT-FOR-US: Microsoft
CVE-2020-1010 (An elevation of privilege vulnerability exists in Windows Block Level  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1009 (An elevation of privilege vulnerability exists in the way that the Mic ...)
	NOT-FOR-US: Microsoft
CVE-2020-1008 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-1007 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1006 (An elevation of privilege vulnerability exists in the way the Windows  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1005 (An information disclosure vulnerability exists when the Microsoft Wind ...)
	NOT-FOR-US: Microsoft
CVE-2020-1004 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
	NOT-FOR-US: Microsoft
CVE-2020-1003 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-1002 (An elevation of privilege vulnerability exists when the MpSigStub.exe  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1001 (An elevation of privilege vulnerability exists in the way the Windows  ...)
	NOT-FOR-US: Microsoft
CVE-2020-1000 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-0999 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-0998 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
	NOT-FOR-US: Microsoft
CVE-2020-0997 (A remote code execution vulnerability exists when the Windows Camera C ...)
	NOT-FOR-US: Microsoft
CVE-2020-0996 (An elevation of privilege vulnerability exists when the Windows Update ...)
	NOT-FOR-US: Microsoft
CVE-2020-0995 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-0994 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-0993 (A denial of service vulnerability exists in Windows DNS when it fails  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0992 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-0991 (A remote code execution vulnerability exists in Microsoft Office softw ...)
	NOT-FOR-US: Microsoft
CVE-2020-0990
	RESERVED
CVE-2020-0989 (An information disclosure vulnerability exists when Windows Mobile Dev ...)
	NOT-FOR-US: Microsoft
CVE-2020-0988 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-0987 (An information disclosure vulnerability exists when the Microsoft Wind ...)
	NOT-FOR-US: Microsoft
CVE-2020-0986 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-0985 (An elevation of privilege vulnerability exists when the Windows Update ...)
	NOT-FOR-US: Microsoft
CVE-2020-0984 (An elevation of privilege vulnerability exists when the Microsoft Auto ...)
	NOT-FOR-US: Microsoft
CVE-2020-0983 (An elevation of privilege vulnerability exists when the Windows Delive ...)
	NOT-FOR-US: Microsoft
CVE-2020-0982 (An information disclosure vulnerability exists when the Microsoft Wind ...)
	NOT-FOR-US: Microsoft
CVE-2020-0981 (A security feature bypass vulnerability exists when Windows fails to p ...)
	NOT-FOR-US: Microsoft
CVE-2020-0980 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
	NOT-FOR-US: Microsoft
CVE-2020-0979 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-0978 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-0977 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0976 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0975 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0974 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2020-0973 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-0972 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0971 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2020-0970 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0969 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0968 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2020-0967 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0966 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0965 (A remoted code execution vulnerability exists in the way that Microsof ...)
	NOT-FOR-US: Microsoft
CVE-2020-0964 (A remote code execution vulnerability exists in the way that the Windo ...)
	NOT-FOR-US: Microsoft
CVE-2020-0963 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2020-0962 (An information disclosure vulnerability exists when the win32k compone ...)
	NOT-FOR-US: Microsoft
CVE-2020-0961 (A remote code execution vulnerability exists when the Microsoft Office ...)
	NOT-FOR-US: Microsoft
CVE-2020-0960 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-0959 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-0958 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0957 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0956 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0955 (An information disclosure vulnerability exists when certain central pr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0954 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-0953 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-0952 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2020-0951 (A security feature bypass vulnerability exists in Windows Defender App ...)
	NOT-FOR-US: Microsoft
CVE-2020-0950 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-0949 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-0948 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-0947 (An information disclosure vulnerability exists when Media Foundation i ...)
	NOT-FOR-US: Microsoft
CVE-2020-0946 (An information disclosure vulnerability exists when Media Foundation i ...)
	NOT-FOR-US: Microsoft
CVE-2020-0945 (An information disclosure vulnerability exists when Media Foundation i ...)
	NOT-FOR-US: Microsoft
CVE-2020-0944 (An elevation of privilege vulnerability exists when Connected User Exp ...)
	NOT-FOR-US: Microsoft
CVE-2020-0943 (An authentication bypass vulnerability exists in Microsoft YourPhoneCo ...)
	NOT-FOR-US: Microsoft
CVE-2020-0942 (An elevation of privilege vulnerability exists when Connected User Exp ...)
	NOT-FOR-US: Microsoft
CVE-2020-0941 (An information disclosure vulnerability exists when the win32k compone ...)
	NOT-FOR-US: Microsoft
CVE-2020-0940 (An elevation of privilege vulnerability exists in the way the Windows  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0939 (An information disclosure vulnerability exists when Media Foundation i ...)
	NOT-FOR-US: Microsoft
CVE-2020-0938 (A remote code execution vulnerability exists in Microsoft Windows when ...)
	NOT-FOR-US: Microsoft
CVE-2020-0937 (An information disclosure vulnerability exists when Media Foundation i ...)
	NOT-FOR-US: Microsoft
CVE-2020-0936 (An elevation of privilege vulnerability exists when a Windows schedule ...)
	NOT-FOR-US: Microsoft
CVE-2020-0935 (An elevation of privilege vulnerability exists when the OneDrive for W ...)
	NOT-FOR-US: Microsoft
CVE-2020-0934 (An elevation of privilege vulnerability exists when the Windows WpcDes ...)
	NOT-FOR-US: Microsoft
CVE-2020-0933 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-0932 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2020-0931 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2020-0930 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-0929 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2020-0928 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-0927 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-0926 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-0925 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-0924 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-0923 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-0922 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2020-0921 (An information disclosure vulnerability exists when the Microsoft Wind ...)
	NOT-FOR-US: Microsoft
CVE-2020-0920 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2020-0919 (An elevation of privilege vulnerability exists in Remote Desktop App f ...)
	NOT-FOR-US: Microsoft
CVE-2020-0918 (An elevation of privilege vulnerability exists when Windows Hyper-V on ...)
	NOT-FOR-US: Microsoft
CVE-2020-0917 (An elevation of privilege vulnerability exists when Windows Hyper-V on ...)
	NOT-FOR-US: Microsoft
CVE-2020-0916 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0915 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0914 (An information disclosure vulnerability exists when the Windows State  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0913 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-0912 (An elevation of privilege vulnerability exists when the Windows Functi ...)
	NOT-FOR-US: Microsoft
CVE-2020-0911 (An elevation of privilege vulnerability exists when Windows Modules In ...)
	NOT-FOR-US: Microsoft
CVE-2020-0910 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
	NOT-FOR-US: Microsoft
CVE-2020-0909 (A denial of service vulnerability exists when Hyper-V on a Windows Ser ...)
	NOT-FOR-US: Microsoft
CVE-2020-0908 (A remote code execution vulnerability exists when the Windows Text Ser ...)
	NOT-FOR-US: Microsoft
CVE-2020-0907 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2020-0906 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-0905 (An remote code execution vulnerability exists in Microsoft Dynamics Bu ...)
	NOT-FOR-US: Microsoft
CVE-2020-0904 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
	NOT-FOR-US: Microsoft
CVE-2020-0903 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Excha ...)
	NOT-FOR-US: Microsoft
CVE-2020-0902 (An elevation of privilege vulnerability exists in Service Fabric File  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0901 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-0900 (An elevation of privilege vulnerability exists when the Visual Studio  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0899 (An elevation of privilege vulnerability exists when Microsoft Visual S ...)
	NOT-FOR-US: Microsoft
CVE-2020-0898 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
	NOT-FOR-US: Microsoft
CVE-2020-0897 (An elevation of privilege vulnerability exists when the Windows Work F ...)
	NOT-FOR-US: Microsoft
CVE-2020-0896 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-0895 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0894 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-0893 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-0892 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
	NOT-FOR-US: Microsoft
CVE-2020-0891 (This vulnerability is caused when SharePoint Server does not properly  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0890 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
	NOT-FOR-US: Microsoft
CVE-2020-0889 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2020-0888 (An elevation of privilege vulnerability exists when DirectX improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-0887 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0886 (An elevation of privilege vulnerability exists when the Windows Storag ...)
	NOT-FOR-US: Microsoft
CVE-2020-0885 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2020-0884 (A spoofing vulnerability exists in Microsoft Visual Studio as it inclu ...)
	NOT-FOR-US: Microsoft
CVE-2020-0883 (A remote code execution vulnerability exists in the way that the Windo ...)
	NOT-FOR-US: Microsoft
CVE-2020-0882 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2020-0881 (A remote code execution vulnerability exists in the way that the Windo ...)
	NOT-FOR-US: Microsoft
CVE-2020-0880 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2020-0879 (An information disclosure vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0878 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2020-0877 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0876 (An information disclosure vulnerability exists when the win32k compone ...)
	NOT-FOR-US: Microsoft
CVE-2020-0875 (An information disclosure vulnerability exists in how splwow64.exe han ...)
	NOT-FOR-US: Microsoft
CVE-2020-0874 (An information disclosure vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0873
	RESERVED
CVE-2020-0872 (A remote code execution vulnerability exists in Application Inspector  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0871 (An information disclosure vulnerability exists when Windows Network Co ...)
	NOT-FOR-US: Microsoft
CVE-2020-0870 (An elevation of privilege vulnerability exists when the Shell infrastr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0869 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-0868 (An elevation of privilege vulnerability exists when the Windows Update ...)
	NOT-FOR-US: Microsoft
CVE-2020-0867 (An elevation of privilege vulnerability exists when the Windows Update ...)
	NOT-FOR-US: Microsoft
CVE-2020-0866 (An elevation of privilege vulnerability exists when the Windows Work F ...)
	NOT-FOR-US: Microsoft
CVE-2020-0865 (An elevation of privilege vulnerability exists when the Windows Work F ...)
	NOT-FOR-US: Microsoft
CVE-2020-0864 (An elevation of privilege vulnerability exists when the Windows Work F ...)
	NOT-FOR-US: Microsoft
CVE-2020-0863 (An information vulnerability exists when Windows Connected User Experi ...)
	NOT-FOR-US: Microsoft
CVE-2020-0862
	RESERVED
CVE-2020-0861 (An information disclosure vulnerability exists when the Windows Networ ...)
	NOT-FOR-US: Microsoft
CVE-2020-0860 (An elevation of privilege vulnerability exists when the Windows Active ...)
	NOT-FOR-US: Microsoft
CVE-2020-0859 (An information vulnerability exists when Windows Modules Installer Ser ...)
	NOT-FOR-US: Microsoft
CVE-2020-0858 (An elevation of privilege vulnerability exists when the &amp;quot;Publ ...)
	NOT-FOR-US: Microsoft
CVE-2020-0857 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0856 (An information disclosure vulnerability exists when Active Directory i ...)
	NOT-FOR-US: Microsoft
CVE-2020-0855 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
	NOT-FOR-US: Microsoft
CVE-2020-0854 (An elevation of privilege vulnerability exists when Windows Mobile Dev ...)
	NOT-FOR-US: Microsoft
CVE-2020-0853 (An information disclosure vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0852 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
	NOT-FOR-US: Microsoft
CVE-2020-0851 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
	NOT-FOR-US: Microsoft
CVE-2020-0850 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
	NOT-FOR-US: Microsoft
CVE-2020-0849 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-0848 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0847 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0846
	RESERVED
CVE-2020-0845 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0844 (An elevation of privilege vulnerability exists when Connected User Exp ...)
	NOT-FOR-US: Microsoft
CVE-2020-0843 (An elevation of privilege vulnerability exists in Windows Installer be ...)
	NOT-FOR-US: Microsoft
CVE-2020-0842 (An elevation of privilege vulnerability exists in Windows Installer be ...)
	NOT-FOR-US: Microsoft
CVE-2020-0841 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-0840 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-0839 (An elevation of privilege vulnerability exists in the way that the dns ...)
	NOT-FOR-US: Microsoft
CVE-2020-0838 (An elevation of privilege vulnerability exists when NTFS improperly ch ...)
	NOT-FOR-US: Microsoft
CVE-2020-0837 (A spoofing vulnerability exists when Active Directory Federation Servi ...)
	NOT-FOR-US: Microsoft
CVE-2020-0836 (A denial of service vulnerability exists in Windows DNS when it fails  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0835 (An elevation of privilege vulnerability exists when Windows Defender a ...)
	NOT-FOR-US: Microsoft
CVE-2020-0834 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-0833 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2020-0832 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2020-0831 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0830 (A remote code execution vulnerability exists in the way the scripting  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0829 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0828 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0827 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0826 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0825 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0824 (A remote code execution vulnerability exists when Internet Explorer im ...)
	NOT-FOR-US: Microsoft
CVE-2020-0823 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0822 (An elevation of privilege vulnerability exists when the Windows Langua ...)
	NOT-FOR-US: Microsoft
CVE-2020-0821 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-0820 (An information disclosure vulnerability exists when Media Foundation i ...)
	NOT-FOR-US: Microsoft
CVE-2020-0819 (An elevation of privilege vulnerability exists when the Windows Device ...)
	NOT-FOR-US: Microsoft
CVE-2020-0818
	RESERVED
CVE-2020-0817
	RESERVED
CVE-2020-0816 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
	NOT-FOR-US: Microsoft
CVE-2020-0815 (An elevation of privilege vulnerability exists when Azure DevOps Serve ...)
	NOT-FOR-US: Microsoft
CVE-2020-0814 (An elevation of privilege vulnerability exists in Windows Installer be ...)
	NOT-FOR-US: Microsoft
CVE-2020-0813 (An information disclosure vulnerability exists when Chakra improperly  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0812 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0811 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0810 (An elevation of privilege vulnerability exists when the Diagnostics Hu ...)
	NOT-FOR-US: Microsoft
CVE-2020-0809 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-0808 (An elevation of privilege vulnerability exists in the way the Provisio ...)
	NOT-FOR-US: Microsoft
CVE-2020-0807 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-0806 (An elevation of privilege vulnerability exists in Windows Error Report ...)
	NOT-FOR-US: Microsoft
CVE-2020-0805 (A security feature bypass vulnerability exists when a Windows Projecte ...)
	NOT-FOR-US: Microsoft
CVE-2020-0804 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0803 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0802 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0801 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-0800 (An elevation of privilege vulnerability exists when the Windows Work F ...)
	NOT-FOR-US: Microsoft
CVE-2020-0799 (An elevation of privilege vulnerability exists in Microsoft Windows wh ...)
	NOT-FOR-US: Microsoft
CVE-2020-0798 (An elevation of privilege vulnerability exists in the Windows Installe ...)
	NOT-FOR-US: Microsoft
CVE-2020-0797 (An elevation of privilege vulnerability exists when the Windows Work F ...)
	NOT-FOR-US: Microsoft
CVE-2020-0796 (A remote code execution vulnerability exists in the way that the Micro ...)
	NOT-FOR-US: Microsoft
CVE-2020-0795 (This vulnerability is caused when SharePoint Server does not properly  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0794 (A denial of service vulnerability exists when Windows improperly handl ...)
	NOT-FOR-US: Microsoft
CVE-2020-0793 (An elevation of privilege vulnerability exists when the Diagnostics Hu ...)
	NOT-FOR-US: Microsoft
CVE-2020-0792 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
	NOT-FOR-US: Microsoft
CVE-2020-0791 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
	NOT-FOR-US: Microsoft
CVE-2020-0790 (A local elevation of privilege vulnerability exists in how splwow64.ex ...)
	NOT-FOR-US: Microsoft
CVE-2020-0789 (A denial of service vulnerability exists when the Visual Studio Extens ...)
	NOT-FOR-US: Microsoft
CVE-2020-0788 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0787 (An elevation of privilege vulnerability exists when the Windows Backgr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0786 (A denial of service vulnerability exists when the Windows Tile Object  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0785 (An elevation of privilege vulnerability exists when the Windows User P ...)
	NOT-FOR-US: Microsoft
CVE-2020-0784 (An elevation of privilege vulnerability exists when DirectX improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-0783 (An elevation of privilege vulnerability exists when the Windows Univer ...)
	NOT-FOR-US: Microsoft
CVE-2020-0782 (An elevation of privilege vulnerability exists when the Windows Crypto ...)
	NOT-FOR-US: Microsoft
CVE-2020-0781 (An elevation of privilege vulnerability exists when the Windows Univer ...)
	NOT-FOR-US: Microsoft
CVE-2020-0780 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0779 (An elevation of privilege vulnerability exists in the Windows Installe ...)
	NOT-FOR-US: Microsoft
CVE-2020-0778 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0777 (An elevation of privilege vulnerability exists when the Windows Work F ...)
	NOT-FOR-US: Microsoft
CVE-2020-0776 (An elevation of privilege vulnerability exists when the Windows AppX D ...)
	NOT-FOR-US: Microsoft
CVE-2020-0775 (An information disclosure vulnerability exists when Windows Error Repo ...)
	NOT-FOR-US: Microsoft
CVE-2020-0774 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2020-0773 (An elevation of privilege vulnerability exists when the Windows Active ...)
	NOT-FOR-US: Microsoft
CVE-2020-0772 (An elevation of privilege vulnerability exists when Windows Error Repo ...)
	NOT-FOR-US: Microsoft
CVE-2020-0771 (An elevation of privilege vulnerability exists when the Windows CSC Se ...)
	NOT-FOR-US: Microsoft
CVE-2020-0770 (An elevation of privilege vulnerability exists when the Windows Active ...)
	NOT-FOR-US: Microsoft
CVE-2020-0769 (An elevation of privilege vulnerability exists when the Windows CSC Se ...)
	NOT-FOR-US: Microsoft
CVE-2020-0768 (A remote code execution vulnerability exists in the way the scripting  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0767 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0766 (An elevation of privilege vulnerability exists when the Microsoft Stor ...)
	NOT-FOR-US: Microsoft
CVE-2020-0765 (An information disclosure vulnerability exists in the Remote Desktop C ...)
	NOT-FOR-US: Microsoft
CVE-2020-0764 (An elevation of privilege vulnerability exists when the Windows Storag ...)
	NOT-FOR-US: Microsoft
CVE-2020-0763 (An elevation of privilege vulnerability exists when Windows Defender S ...)
	NOT-FOR-US: Microsoft
CVE-2020-0762 (An elevation of privilege vulnerability exists when Windows Defender S ...)
	NOT-FOR-US: Microsoft
CVE-2020-0761 (A remote code execution vulnerability exists when Active Directory int ...)
	NOT-FOR-US: Microsoft
CVE-2020-0760 (A remote code execution vulnerability exists when Microsoft Office imp ...)
	NOT-FOR-US: Microsoft
CVE-2020-0759 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-0758 (An elevation of privilege vulnerability exists when Azure DevOps Serve ...)
	NOT-FOR-US: Microsoft
CVE-2020-0757 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-0756 (An information disclosure vulnerability exists in the Cryptography Nex ...)
	NOT-FOR-US: Microsoft
CVE-2020-0755 (An information disclosure vulnerability exists in the Cryptography Nex ...)
	NOT-FOR-US: Microsoft
CVE-2020-0754 (An elevation of privilege vulnerability exists in Windows Error Report ...)
	NOT-FOR-US: Microsoft
CVE-2020-0753 (An elevation of privilege vulnerability exists in Windows Error Report ...)
	NOT-FOR-US: Microsoft
CVE-2020-0752 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0751 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
	NOT-FOR-US: Microsoft
CVE-2020-0750 (An elevation of privilege vulnerability exists in the way that the Con ...)
	NOT-FOR-US: Microsoft
CVE-2020-0749 (An elevation of privilege vulnerability exists in the way that the Con ...)
	NOT-FOR-US: Microsoft
CVE-2020-0748 (An information disclosure vulnerability exists in the Cryptography Nex ...)
	NOT-FOR-US: Microsoft
CVE-2020-0747 (An elevation of privilege vulnerability exists when the Windows Data S ...)
	NOT-FOR-US: Microsoft
CVE-2020-0746 (An information disclosure vulnerability exists in the way that Microso ...)
	NOT-FOR-US: Microsoft
CVE-2020-0745 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
	NOT-FOR-US: Microsoft
CVE-2020-0744 (An information disclosure vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0743 (An elevation of privilege vulnerability exists in the way that the Con ...)
	NOT-FOR-US: Microsoft
CVE-2020-0742 (An elevation of privilege vulnerability exists in the way that the Con ...)
	NOT-FOR-US: Microsoft
CVE-2020-0741 (An elevation of privilege vulnerability exists in the way that the Con ...)
	NOT-FOR-US: Microsoft
CVE-2020-0740 (An elevation of privilege vulnerability exists in the way that the Con ...)
	NOT-FOR-US: Microsoft
CVE-2020-0739 (An elevation of privilege vulnerability exists in the way that the dss ...)
	NOT-FOR-US: Microsoft
CVE-2020-0738 (A memory corruption vulnerability exists when Windows Media Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2020-0737 (An elevation of privilege vulnerability exists in the way that the tap ...)
	NOT-FOR-US: Microsoft
CVE-2020-0736 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-0735 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0734 (A remote code execution vulnerability exists in the Windows Remote Des ...)
	NOT-FOR-US: Microsoft
CVE-2020-0733 (An elevation of privilege vulnerability exists when the Windows Malici ...)
	NOT-FOR-US: Microsoft
CVE-2020-0732 (An elevation of privilege vulnerability exists when DirectX improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-0731 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0730 (An elevation of privilege vulnerability exists when the Windows User P ...)
	NOT-FOR-US: Microsoft
CVE-2020-0729 (A remote code execution vulnerability exists in Microsoft Windows that ...)
	NOT-FOR-US: Microsoft
CVE-2020-0728 (An information vulnerability exists when Windows Modules Installer Ser ...)
	NOT-FOR-US: Microsoft
CVE-2020-0727 (An elevation of privilege vulnerability exists when the Connected User ...)
	NOT-FOR-US: Microsoft
CVE-2020-0726 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0725 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0724 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0723 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0722 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0721 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0720 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0719 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0718 (A remote code execution vulnerability exists when Active Directory int ...)
	NOT-FOR-US: Microsoft
CVE-2020-0717 (An information disclosure vulnerability exists when the win32k compone ...)
	NOT-FOR-US: Microsoft
CVE-2020-0716 (An information disclosure vulnerability exists when the win32k compone ...)
	NOT-FOR-US: Microsoft
CVE-2020-0715 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
	NOT-FOR-US: Microsoft
CVE-2020-0714 (An information disclosure vulnerability exists when DirectX improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-0713 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0712 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0711 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0710 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0709 (An elevation of privilege vulnerability exists when DirectX improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-0708 (A remote code execution vulnerability exists when the Windows Imaging  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0707 (An elevation of privilege vulnerability exists when the Windows IME im ...)
	NOT-FOR-US: Microsoft
CVE-2020-0706 (An information disclosure vulnerability exists in the way that affecte ...)
	NOT-FOR-US: Microsoft
CVE-2020-0705 (An information disclosure vulnerability exists when the Windows Networ ...)
	NOT-FOR-US: Microsoft
CVE-2020-0704 (An elevation of privilege vulnerability exists when the Windows Wirele ...)
	NOT-FOR-US: Microsoft
CVE-2020-0703 (An elevation of privilege vulnerability exists when the Windows Backup ...)
	NOT-FOR-US: Microsoft
CVE-2020-0702 (A security feature bypass vulnerability exists in Surface Hub when pro ...)
	NOT-FOR-US: Microsoft
CVE-2020-0701 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0700 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
	NOT-FOR-US: Microsoft
CVE-2020-0699 (An information disclosure vulnerability exists when the win32k compone ...)
	NOT-FOR-US: Microsoft
CVE-2020-0698 (An information disclosure vulnerability exists when the Telephony Serv ...)
	NOT-FOR-US: Microsoft
CVE-2020-0697 (An elevation of privilege vulnerability exists in Microsoft Office OLi ...)
	NOT-FOR-US: Microsoft
CVE-2020-0696 (A security feature bypass vulnerability exists in Microsoft Outlook so ...)
	NOT-FOR-US: Microsoft
CVE-2020-0695 (A spoofing vulnerability exists when Office Online Server does not val ...)
	NOT-FOR-US: Microsoft
CVE-2020-0694 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-0693 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2020-0692 (An elevation of privilege vulnerability exists in Microsoft Exchange S ...)
	NOT-FOR-US: Microsoft
CVE-2020-0691 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0690 (An elevation of privilege vulnerability exists when DirectX improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-0689 (A security feature bypass vulnerability exists in secure boot, aka 'Mi ...)
	NOT-FOR-US: Microsoft
CVE-2020-0688 (A remote code execution vulnerability exists in Microsoft Exchange sof ...)
	NOT-FOR-US: Microsoft
CVE-2020-0687 (A remote code execution vulnerability exists when the Windows font lib ...)
	NOT-FOR-US: Microsoft
CVE-2020-0686 (An elevation of privilege vulnerability exists in the Windows Installe ...)
	NOT-FOR-US: Microsoft
CVE-2020-0685 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2020-0684 (A remote code execution vulnerability exists in Microsoft Windows that ...)
	NOT-FOR-US: Microsoft
CVE-2020-0683 (An elevation of privilege vulnerability exists in the Windows Installe ...)
	NOT-FOR-US: Microsoft
CVE-2020-0682 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0681 (A remote code execution vulnerability exists in the Windows Remote Des ...)
	NOT-FOR-US: Microsoft
CVE-2020-0680 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0679 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0678 (An elevation of privilege vulnerability exists when Windows Error Repo ...)
	NOT-FOR-US: Microsoft
CVE-2020-0677 (An information disclosure vulnerability exists in the Cryptography Nex ...)
	NOT-FOR-US: Microsoft
CVE-2020-0676 (An information disclosure vulnerability exists in the Cryptography Nex ...)
	NOT-FOR-US: Microsoft
CVE-2020-0675 (An information disclosure vulnerability exists in the Cryptography Nex ...)
	NOT-FOR-US: Microsoft
CVE-2020-0674 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2020-0673 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2020-0672 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-0671 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-0670 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2020-0669 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0668 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0667 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0666 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0665 (An elevation of privilege vulnerability exists in Active Directory For ...)
	NOT-FOR-US: Microsoft
CVE-2020-0664 (An information disclosure vulnerability exists when Active Directory i ...)
	NOT-FOR-US: Microsoft
CVE-2020-0663 (An elevation of privilege vulnerability exists when Microsoft Edge doe ...)
	NOT-FOR-US: Microsoft
CVE-2020-0662 (A remote code execution vulnerability exists in the way that Windows h ...)
	NOT-FOR-US: Microsoft
CVE-2020-0661 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
	NOT-FOR-US: Microsoft
CVE-2020-0660 (A denial of service vulnerability exists in Remote Desktop Protocol (R ...)
	NOT-FOR-US: Microsoft
CVE-2020-0659 (An elevation of privilege vulnerability exists when the Windows Data S ...)
	NOT-FOR-US: Microsoft
CVE-2020-0658 (An information disclosure vulnerability exists in the Windows Common L ...)
	NOT-FOR-US: Microsoft
CVE-2020-0657 (An elevation of privilege vulnerability exists when the Windows Common ...)
	NOT-FOR-US: Microsoft
CVE-2020-0656 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
	NOT-FOR-US: Microsoft
CVE-2020-0655 (A remote code execution vulnerability exists in Remote Desktop Service ...)
	NOT-FOR-US: Microsoft
CVE-2020-0654 (A security feature bypass vulnerability exists in Microsoft OneDrive A ...)
	NOT-FOR-US: Microsoft
CVE-2020-0653 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-0652 (A remote code execution vulnerability exists in Microsoft Office softw ...)
	NOT-FOR-US: Microsoft
CVE-2020-0651 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-0650 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2020-0649
	RESERVED
CVE-2020-0648 (An elevation of privilege vulnerability exists when the Windows RSoP S ...)
	NOT-FOR-US: Microsoft
CVE-2020-0647 (A spoofing vulnerability exists when Office Online does not validate o ...)
	NOT-FOR-US: Microsoft
CVE-2020-0646 (A remote code execution vulnerability exists when the Microsoft .NET F ...)
	NOT-FOR-US: Microsoft
CVE-2020-0645 (A tampering vulnerability exists when Microsoft IIS Server improperly  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0644 (An elevation of privilege vulnerability exists when Microsoft Windows  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0643 (An information disclosure vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0642 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0641 (An elevation of privilege vulnerability exists in Windows Media Servic ...)
	NOT-FOR-US: Microsoft
CVE-2020-0640 (A remote code execution vulnerability exists when Internet Explorer im ...)
	NOT-FOR-US: Microsoft
CVE-2020-0639 (An information disclosure vulnerability exists in the Windows Common L ...)
	NOT-FOR-US: Microsoft
CVE-2020-0638 (An elevation of privilege vulnerability exists in the way the Update N ...)
	NOT-FOR-US: Microsoft
CVE-2020-0637 (An information disclosure vulnerability exists when Remote Desktop Web ...)
	NOT-FOR-US: Microsoft
CVE-2020-0636 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0635 (An elevation of privilege vulnerability exists in Microsoft Windows wh ...)
	NOT-FOR-US: Microsoft
CVE-2020-0634 (An elevation of privilege vulnerability exists when the Windows Common ...)
	NOT-FOR-US: Microsoft
CVE-2020-0633 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0632 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0631 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0630 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0629 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0628 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0627 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0626 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0625 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0624 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0623 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0622 (An information disclosure vulnerability exists when the Microsoft Wind ...)
	NOT-FOR-US: Microsoft
CVE-2020-0621 (A security feature bypass vulnerability exists in Windows 10 when thir ...)
	NOT-FOR-US: Microsoft
CVE-2020-0620 (An elevation of privilege vulnerability exists when Microsoft Cryptogr ...)
	NOT-FOR-US: Microsoft
CVE-2020-0619
	RESERVED
CVE-2020-0618 (A remote code execution vulnerability exists in Microsoft SQL Server R ...)
	NOT-FOR-US: Microsoft
CVE-2020-0617 (A denial of service vulnerability exists when Microsoft Hyper-V Virtua ...)
	NOT-FOR-US: Microsoft
CVE-2020-0616 (A denial of service vulnerability exists when Windows improperly handl ...)
	NOT-FOR-US: Microsoft
CVE-2020-0615 (An information disclosure vulnerability exists in the Windows Common L ...)
	NOT-FOR-US: Microsoft
CVE-2020-0614 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0613 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2020-0612 (A denial of service vulnerability exists in Windows Remote Desktop Gat ...)
	NOT-FOR-US: Microsoft
CVE-2020-0611 (A remote code execution vulnerability exists in the Windows Remote Des ...)
	NOT-FOR-US: Microsoft
CVE-2020-0610 (A remote code execution vulnerability exists in Windows Remote Desktop ...)
	NOT-FOR-US: Microsoft
CVE-2020-0609 (A remote code execution vulnerability exists in Windows Remote Desktop ...)
	NOT-FOR-US: Microsoft
CVE-2020-0608 (An information disclosure vulnerability exists when the win32k compone ...)
	NOT-FOR-US: Microsoft
CVE-2020-0607 (An information disclosure vulnerability exists in the way that Microso ...)
	NOT-FOR-US: Microsoft
CVE-2020-0606 (A remote code execution vulnerability exists in .NET software when the ...)
	NOT-FOR-US: Microsoft
CVE-2020-0605 (A remote code execution vulnerability exists in .NET software when the ...)
	NOT-FOR-US: Microsoft
CVE-2020-0604 (A remote code execution vulnerability exists in Visual Studio Code whe ...)
	NOT-FOR-US: Microsoft
CVE-2020-0603 (A remote code execution vulnerability exists in ASP.NET Core software  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0602 (A denial of service vulnerability exists when ASP.NET Core improperly  ...)
	NOT-FOR-US: Microsoft
CVE-2020-0601 (A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32. ...)
	NOT-FOR-US: Microsoft
CVE-2020-0600 (Improper buffer restrictions in firmware for some Intel(R) NUC may all ...)
	NOT-FOR-US: Intel
CVE-2020-0599 (Improper access control in the PMC for some Intel(R) Processors may al ...)
	NOT-FOR-US: Intel
CVE-2020-0598 (Uncontrolled search path in the installer for the Intel(R) Binary Conf ...)
	NOT-FOR-US: Intel
CVE-2020-0597 (Out-of-bounds read in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM  ...)
	NOT-FOR-US: Intel
CVE-2020-0596 (Improper input validation in DHCPv6 subsystem in Intel(R) AMT and Inte ...)
	NOT-FOR-US: Intel
CVE-2020-0595 (Use after free in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM vers ...)
	NOT-FOR-US: Intel
CVE-2020-0594 (Out-of-bounds read in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM  ...)
	NOT-FOR-US: Intel
CVE-2020-0593 (Improper buffer restrictions in BIOS firmware for some Intel(R) Proces ...)
	NOT-FOR-US: Intel
CVE-2020-0592 (Out of bounds write in BIOS firmware for some Intel(R) Processors may  ...)
	NOT-FOR-US: Intel
CVE-2020-0591 (Improper buffer restrictions in BIOS firmware for some Intel(R) Proces ...)
	NOT-FOR-US: Intel
CVE-2020-0590 (Improper input validation in BIOS firmware for some Intel(R) Processor ...)
	NOT-FOR-US: Intel
CVE-2020-0589
	RESERVED
CVE-2020-0588 (Improper conditions check in BIOS firmware for some Intel(R) Processor ...)
	NOT-FOR-US: Intel
CVE-2020-0587 (Improper conditions check in BIOS firmware for some Intel(R) Processor ...)
	NOT-FOR-US: Intel
CVE-2020-0586 (Improper initialization in subsystem for Intel(R) SPS versions before  ...)
	NOT-FOR-US: Intel
CVE-2020-0585
	RESERVED
CVE-2020-0584 (Buffer overflow in firmware for Intel(R) SSD DC P4800X and P4801X Seri ...)
	NOT-FOR-US: Intel
CVE-2020-0583 (Improper access control in the subsystem for Intel(R) Smart Sound Tech ...)
	NOT-FOR-US: Intel
CVE-2020-0582
	RESERVED
CVE-2020-0581
	RESERVED
CVE-2020-0580
	RESERVED
CVE-2020-0579
	RESERVED
CVE-2020-0578 (Improper conditions check for Intel(R) Modular Server MFS2600KISPP Com ...)
	NOT-FOR-US: Intel
CVE-2020-0577 (Insufficient control flow for Intel(R) Modular Server MFS2600KISPP Com ...)
	NOT-FOR-US: Intel
CVE-2020-0576 (Buffer overflow in Intel(R) Modular Server MFS2600KISPP Compute Module ...)
	NOT-FOR-US: Intel
CVE-2020-0575 (Improper buffer restrictions in the Intel(R) Unite Client for Windows* ...)
	NOT-FOR-US: Intel
CVE-2020-0574 (Improper configuration in block design for Intel(R) MAX(R) 10 FPGA all ...)
	NOT-FOR-US: Intel
CVE-2020-0573 (Out of bounds read in the Intel CSI2 Host Controller driver may allow  ...)
	NOT-FOR-US: Intel
CVE-2020-0572 (Improper input validation in the firmware for Intel(R) Server Board S2 ...)
	NOT-FOR-US: Intel
CVE-2020-0571 (Improper conditions check in BIOS firmware for 8th Generation Intel(R) ...)
	NOT-FOR-US: Intel
CVE-2020-0570 (Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5 ...)
	- qtbase-opensource-src 5.12.5+dfsg-8
	[buster] - qtbase-opensource-src 5.11.3+dfsg1-1+deb10u3
	[stretch] - qtbase-opensource-src <not-affected> (Only affects 5.12.0 through 5.14.0)
	[jessie] - qtbase-opensource-src <not-affected> (Only affects 5.12.0 through 5.14.0)
	NOTE: https://bugreports.qt.io/browse/QTBUG-81272
	NOTE: Patch: https://code.qt.io/cgit/qt/qtbase.git/commit/?id=e6f1fde24f77f63fb16b2df239f82a89d2bf05dd
	NOTE: https://lists.qt-project.org/pipermail/development/2020-January/038534.html
CVE-2020-0569 (Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windo ...)
	{DSA-4617-1 DLA-2092-1}
	- qtbase-opensource-src 5.12.5+dfsg-8
	NOTE: Patch for 5.6.0 through 5.13.2: https://code.qt.io/cgit/qt/qtbase.git/commit/?id=bf131e8d2181b3404f5293546ed390999f760404
	NOTE: Patch for 5.0.0 through 5.5.1: https://code.qt.io/cgit/qt/qtbase.git/commit/?id=5c4234ed958130d655df8197129806f687d4df0d
CVE-2020-0568 (Race condition in the Intel(R) Driver and Support Assistant before ver ...)
	NOT-FOR-US: Intel
CVE-2020-0567 (Improper input validation in Intel(R) Graphics Drivers before version  ...)
	NOT-FOR-US: Intel graphics driver for Windows
CVE-2020-0566 (Improper Access Control in subsystem for Intel(R) TXE versions before  ...)
	NOT-FOR-US: Intel
CVE-2020-0565 (Uncontrolled search path in Intel(R) Graphics Drivers before version 2 ...)
	NOT-FOR-US: Intel graphics driver for Windows
CVE-2020-0564 (Improper permissions in the installer for Intel(R) RWC3 for Windows be ...)
	NOT-FOR-US: Intel
CVE-2020-0563 (Improper permissions in the installer for Intel(R) MPSS before version ...)
	NOT-FOR-US: Intel
CVE-2020-0562 (Improper permissions in the installer for Intel(R) RWC2, all versions, ...)
	NOT-FOR-US: Intel
CVE-2020-0561 (Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may  ...)
	NOT-FOR-US: Intel
CVE-2020-0560 (Improper permissions in the installer for the Intel(R) Renesas Electro ...)
	NOT-FOR-US: Intel
CVE-2020-0559 (Insecure inherited permissions in some Intel(R) PROSet/Wireless WiFi p ...)
	NOT-FOR-US: Intel
CVE-2020-0558 (Improper buffer restrictions in kernel mode driver for Intel(R) PROSet ...)
	NOT-FOR-US: Intel
CVE-2020-0557 (Insecure inherited permissions in Intel(R) PROSet/Wireless WiFi produc ...)
	NOT-FOR-US: Intel
CVE-2020-0556 (Improper access control in subsystem for BlueZ before version 5.54 may ...)
	{DSA-4647-1 DLA-2240-1}
	- bluez 5.50-1.1 (bug #953770)
	NOTE: https://lore.kernel.org/linux-bluetooth/20200310023516.209146-1-alainm@chromium.org/
	NOTE: Fixed by: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=8cdbd3b09f29da29374e2f83369df24228da0ad1
	NOTE: Fixed by: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=3cccdbab2324086588df4ccf5f892fb3ce1f1787
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00352.html
	NOTE: Second commit introduces new configuration option "ClassicBondedOnly" which defaults
	NOTE: to false, and allows to make sure that input connections only come from bonded
	NOTE: device connections.
	NOTE: Followup commits to avoid (functional) regression:
	NOTE: Followup: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=35d8d895cd0b724e58129374beb0bb4a2edf9519
	NOTE: Followup: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=f2778f5877d20696d68a452b26e4accb91bfb19e
CVE-2020-0555 (Improper input validation for some Intel(R) Wireless Bluetooth(R) prod ...)
	NOT-FOR-US: Intel
CVE-2020-0554 (Race condition in software installer for some Intel(R) Wireless Blueto ...)
	NOT-FOR-US: Intel
CVE-2020-0553 (Out-of-bounds read in kernel mode driver for some Intel(R) Wireless Bl ...)
	NOT-FOR-US: Intel
CVE-2020-0552
	RESERVED
CVE-2020-0551 (Load value injection in some Intel(R) Processors utilizing speculative ...)
	NOTE: https://software.intel.com/security-software-guidance/software-guidance/load-value-injection
	NOTE: https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection
	NOTE: https://xenbits.xen.org/xsa/advisory-315.html
	NOTE: https://lviattack.eu/
	NOTE: No mitigation will provided by this issue in software, primarily impacts Intel SGX
	NOTE: binutils/toolchain updates will include a patch that optionally emits lfence
	NOTE: instructions in problematic situations (but have performance impact), cf.
	NOTE: https://sourceware.org/pipermail/binutils/2020-March/110175.html
CVE-2020-0550 (Improper data forwarding in some data cache for some Intel(R) Processo ...)
	NOTE: Intel is (currently) no planning to release microcode updates to mitigate issue.
	NOTE: https://software.intel.com/security-software-guidance/insights/deep-dive-snoop-assisted-l1-data-sampling
	NOTE: https://software.intel.com/security-software-guidance/insights/processors-affected-snoop-assisted-l1-data-sampling
CVE-2020-0549 (Cleanup errors in some data cache evictions for some Intel(R) Processo ...)
	{DSA-4701-1 DLA-2248-1}
	- intel-microcode 3.20200609.1
	NOTE: https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling
	NOTE: https://cacheoutattack.com/
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00329.html
CVE-2020-0548 (Cleanup errors in some Intel(R) Processors may allow an authenticated  ...)
	{DSA-4701-1 DLA-2248-1}
	- intel-microcode 3.20200609.1
	NOTE: https://software.intel.com/security-software-guidance/software-guidance/vector-register-sampling
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00329.html
CVE-2020-0547 (Incorrect default permissions in the installer for Intel(R) Data Migra ...)
	NOT-FOR-US: Intel
CVE-2020-0546 (Unquoted service path in Intel(R) Optane(TM) DC Persistent Memory Modu ...)
	NOT-FOR-US: Intel
CVE-2020-0545 (Integer overflow in subsystem for Intel(R) CSME versions before 11.8.7 ...)
	NOT-FOR-US: Intel
CVE-2020-0544 (Insufficient control flow management in the kernel mode driver for som ...)
	NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-0543 (Incomplete cleanup from specific special register read operations in s ...)
	{DSA-4701-1 DSA-4699-1 DSA-4698-1 DLA-2248-1 DLA-2242-1 DLA-2241-1}
	- intel-microcode 3.20200609.1
	- linux 5.6.14-2
	NOTE: https://www.vusec.net/projects/crosstalk/
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html
	NOTE: https://software.intel.com/security-software-guidance/insights/deep-dive-special-register-buffer-data-sampling
CVE-2020-0542 (Improper buffer restrictions in subsystem for Intel(R) CSME versions b ...)
	NOT-FOR-US: Intel
CVE-2020-0541 (Out-of-bounds write in subsystem for Intel(R) CSME versions before 12. ...)
	NOT-FOR-US: Intel
CVE-2020-0540 (Insufficiently protected credentials in Intel(R) AMT versions before 1 ...)
	NOT-FOR-US: Intel
CVE-2020-0539 (Path traversal in subsystem for Intel(R) DAL software for Intel(R) CSM ...)
	NOT-FOR-US: Intel
CVE-2020-0538 (Improper input validation in subsystem for Intel(R) AMT versions befor ...)
	NOT-FOR-US: Intel
CVE-2020-0537 (Improper input validation in subsystem for Intel(R) AMT versions befor ...)
	NOT-FOR-US: Intel
CVE-2020-0536 (Improper input validation in the DAL subsystem for Intel(R) CSME versi ...)
	NOT-FOR-US: Intel
CVE-2020-0535 (Improper input validation in Intel(R) AMT versions before 11.8.76, 11. ...)
	NOT-FOR-US: Intel
CVE-2020-0534 (Improper input validation in the DAL subsystem for Intel(R) CSME versi ...)
	NOT-FOR-US: Intel
CVE-2020-0533 (Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.1 ...)
	NOT-FOR-US: Intel
CVE-2020-0532 (Improper input validation in subsystem for Intel(R) AMT versions befor ...)
	NOT-FOR-US: Intel
CVE-2020-0531 (Improper input validation in Intel(R) AMT versions before 11.8.77, 11. ...)
	NOT-FOR-US: Intel
CVE-2020-0530 (Improper buffer restrictions in firmware for Intel(R) NUC may allow an ...)
	NOT-FOR-US: Intel
CVE-2020-0529 (Improper initialization in BIOS firmware for 8th, 9th and 10th Generat ...)
	NOT-FOR-US: Intel
CVE-2020-0528 (Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10 ...)
	NOT-FOR-US: Intel
CVE-2020-0527 (Insufficient control flow management in firmware for some Intel(R) Dat ...)
	NOT-FOR-US: Intel
CVE-2020-0526 (Improper input validation in firmware for Intel(R) NUC may allow a pri ...)
	NOT-FOR-US: Intel
CVE-2020-0525 (Improper access control in firmware for the Intel(R) Ethernet I210 Con ...)
	NOT-FOR-US: Intel
CVE-2020-0524 (Improper default permissions in the firmware for the Intel(R) Ethernet ...)
	NOT-FOR-US: Intel
CVE-2020-0523 (Improper access control in the firmware for the Intel(R) Ethernet I210 ...)
	NOT-FOR-US: Intel
CVE-2020-0522 (Improper initialization in the firmware for the Intel(R) Ethernet I210 ...)
	NOT-FOR-US: Intel
CVE-2020-0521 (Insufficient control flow management in some Intel(R) Graphics Drivers ...)
	NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-0520 (Path traversal in igdkmd64.sys for Intel(R) Graphics Drivers before ve ...)
	NOT-FOR-US: Intel
CVE-2020-0519 (Improper access control for Intel(R) Graphics Drivers before versions  ...)
	NOT-FOR-US: Intel Graphics drivers for Windows
CVE-2020-0518 (Improper access control in the Intel(R) HD Graphics Control Panel befo ...)
	NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-0517 (Out-of-bounds write in Intel(R) Graphics Drivers before version 15.36. ...)
	NOT-FOR-US: Intel Graphics drivers for Windows
CVE-2020-0516 (Improper access control in Intel(R) Graphics Drivers before version 26 ...)
	NOT-FOR-US: Intel Graphics drivers for Windows
CVE-2020-0515 (Uncontrolled search path element in the installer for Intel(R) Graphic ...)
	NOT-FOR-US: Intel
CVE-2020-0514 (Improper default permissions in the installer for Intel(R) Graphics Dr ...)
	NOT-FOR-US: Intel
CVE-2020-0513 (Out of bounds write for some Intel(R) Graphics Drivers before version  ...)
	NOT-FOR-US: Intel
CVE-2020-0512 (Uncaught exception in the system driver for some Intel(R) Graphics Dri ...)
	NOT-FOR-US: Intel
CVE-2020-0511 (Uncaught exception in system driver for Intel(R) Graphics Drivers befo ...)
	NOT-FOR-US: Intel Graphics drivers for Windows
CVE-2020-0510 (Out of bounds read in some Intel(R) Graphics Drivers before versions 1 ...)
	NOT-FOR-US: Intel
CVE-2020-0509
	RESERVED
CVE-2020-0508 (Incorrect default permissions in the installer for Intel(R) Graphics D ...)
	NOT-FOR-US: Intel
CVE-2020-0507 (Unquoted service path in Intel(R) Graphics Drivers before versions 15. ...)
	NOT-FOR-US: Intel Graphics drivers for Windows
CVE-2020-0506 (Improper initialization in Intel(R) Graphics Drivers before versions 1 ...)
	NOT-FOR-US: Intel Graphics drivers for Windows
CVE-2020-0505 (Improper conditions check in Intel(R) Graphics Drivers before versions ...)
	NOT-FOR-US: Intel Graphics drivers for Windows
CVE-2020-0504 (Buffer overflow in Intel(R) Graphics Drivers before versions 15.40.44. ...)
	NOT-FOR-US: Intel Graphics drivers for Windows
CVE-2020-0503 (Improper access control in Intel(R) Graphics Drivers before version 26 ...)
	NOT-FOR-US: Intel Graphics drivers for Windows
CVE-2020-0502 (Improper access control in Intel(R) Graphics Drivers before version 26 ...)
	NOT-FOR-US: Intel Graphics drivers for Windows
CVE-2020-0501 (Buffer overflow in Intel(R) Graphics Drivers before version 26.20.100. ...)
	NOT-FOR-US: Intel Graphics drivers for Windows
CVE-2020-0500 (In startInputUncheckedLocked of InputMethodManager.java, there is a po ...)
	NOT-FOR-US: Android
CVE-2020-0499 (In FLAC__bitreader_read_rice_signed_block of bitreader.c, there is a p ...)
	{DLA-2514-1}
	- flac 1.3.3-2 (bug #977764)
	[buster] - flac <no-dsa> (Minor issue)
	NOTE: https://github.com/xiph/flac/commit/2e7931c27eb15e387da440a37f12437e35b22dd4
	NOTE: https://android.googlesource.com/platform/external/flac/+/029048f823ced50f63a92e25073427ec3a9bd909%5E%21/#F0
	NOTE: https://source.android.com/security/bulletin/pixel/2020-12-01
CVE-2020-0498 (In decode_packed_entry_number of codebook.c, there is a possible out o ...)
	NOT-FOR-US: Android media framework
CVE-2020-0497 (In canUseBiometric of BiometricServiceBase, there is a missing permiss ...)
	NOT-FOR-US: Android
CVE-2020-0496 (In CPDF_RenderStatus::LoadSMask of cpdf_renderstatus.cpp, there is a p ...)
	NOT-FOR-US: Android
CVE-2020-0495 (In decode_Huffman of JBig2_SddProc.cpp, there is a possible out of bou ...)
	NOT-FOR-US: Android
CVE-2020-0494 (In ih264d_parse_ave of ih264d_sei.c, there is a possible out of bounds ...)
	NOT-FOR-US: Android media framework
CVE-2020-0493 (In CPDF_SampledFunc::v_Call of cpdf_sampledfunc.cpp, there is a possib ...)
	NOT-FOR-US: Android
CVE-2020-0492 (In BitstreamFillCache of bitstream.cpp, there is a possible out of bou ...)
	NOT-FOR-US: Android media framework
CVE-2020-0491 (In readBlock of MatroskaExtractor.cpp, there is a possible denial of s ...)
	NOT-FOR-US: Android media framework
CVE-2020-0490 (In floor1_info_unpack of floor1.c, there is a possible out of bounds r ...)
	NOT-FOR-US: Android media framework
CVE-2020-0489 (In Parse_data of eas_mdls.c, there is a possible out of bounds write d ...)
	NOT-FOR-US: Android media framework
CVE-2020-0488 (In ihevc_inter_pred_chroma_copy_ssse3 of ihevc_inter_pred_filters_ssse ...)
	NOT-FOR-US: Android media framework
CVE-2020-0487
	REJECTED
CVE-2020-0486 (In openAssetFileListener of ContactsProvider2.java, there is a possibl ...)
	NOT-FOR-US: Android
CVE-2020-0485 (In areFunctionsSupported of UsbBackend.java, there is a possible acces ...)
	NOT-FOR-US: Android
CVE-2020-0484 (In destroyResources of ComposerClient.h, there is possible memory corr ...)
	NOT-FOR-US: Android media framework
CVE-2020-0483 (In DrmManagerService::~DrmManagerService() of DrmManagerService.cpp, t ...)
	NOT-FOR-US: Android media framework
CVE-2020-0482 (In command of IncidentService.cpp, there is a possible out of bounds r ...)
	NOT-FOR-US: Android
CVE-2020-0481 (In AndroidManifest.xml, there is a possible permissions bypass. This c ...)
	NOT-FOR-US: Android
CVE-2020-0480 (In callUnchecked of DocumentsProvider.java, there is a possible permis ...)
	NOT-FOR-US: Android
CVE-2020-0479 (In callUnchecked of DocumentsProvider.java, there is a possible permis ...)
	NOT-FOR-US: Android
CVE-2020-0478 (In extend_frame_lowbd of restoration.c, there is a possible out of bou ...)
	- aom <undetermined>
	NOTE: https://android.googlesource.com/platform/external/libaom/+/816f15265cb89a02d7ce4b657de277828e71a4b1
	NOTE: https://source.android.com/security/bulletin/pixel/2020-12-01
	NOTE: https://aomedia.googlesource.com/aom/+/ebba9c769be2c99d5396d0018901e9a4af5e2d2c (v1.0.0-errata1-avif)
	TODO: check if ebba9c769be2c99d5396d0018901e9a4af5e2d2c is the needed commit
CVE-2020-0477 (In sendLinkConfigurationChangedBroadcast of ClientModeImpl.java, there ...)
	NOT-FOR-US: Android
CVE-2020-0476 (In onNotificationRemoved of Assistant.java, there is a possible leak o ...)
	NOT-FOR-US: Android
CVE-2020-0475 (In createInputConsumer of WindowManagerService.java, there is a possib ...)
	NOT-FOR-US: Android
CVE-2020-0474 (In HalCamera::requestNewFrame of HalCamera.cpp, there is a possible us ...)
	NOT-FOR-US: Android media framework
CVE-2020-0473 (In updateIncomingFileConfirmNotification of BluetoothOppNotification.j ...)
	NOT-FOR-US: Android
CVE-2020-0472
	RESERVED
CVE-2020-0471 (In reassemble_and_dispatch of packet_fragmenter.cc, there is a possibl ...)
	NOT-FOR-US: Android
CVE-2020-0470 (In extend_frame_highbd of restoration.c, there is a possible out of bo ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0469 (In addEscrowToken of LockSettingsService.java, there is a possible los ...)
	NOT-FOR-US: Android
CVE-2020-0468 (In listen() and related functions of TelephonyRegistry.java, there is  ...)
	NOT-FOR-US: Android
CVE-2020-0467 (In onUserStopped of Vpn.java, there is a possible resetting of user pr ...)
	NOT-FOR-US: Android
CVE-2020-0466 (In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a poss ...)
	- linux 5.8.7-1
	[buster] - linux 4.19.146-1
	[stretch] - linux 4.9.240-1
	NOTE: https://git.kernel.org/linus/52c479697c9b73f628140dcdfcd39ea302d05482
	NOTE: https://git.kernel.org/linus/a9ed4a6560b8562b7e2e2bed9527e88001f7b682
CVE-2020-0465 (In various methods of hid-multitouch.c, there is a possible out of bou ...)
	- linux 5.8.7-1
	[buster] - linux 4.19.146-1
	[stretch] - linux 4.9.240-1
	NOTE: https://git.kernel.org/linus/35556bed836f8dc07ac55f69c8d17dce3e7f0e25
	NOTE: https://git.kernel.org/linus/bce1305c0ece3dc549663605e567655dd701752c
CVE-2020-0464 (In resolv_cache_lookup of res_cache.cpp, there is a possible side chan ...)
	NOT-FOR-US: Android
CVE-2020-0463 (In sdp_server_handle_client_req of sdp_server.cc, there is a possible  ...)
	NOT-FOR-US: Android
CVE-2020-0462
	RESERVED
CVE-2020-0461
	RESERVED
CVE-2020-0460 (In createNameCredentialDialog of CertInstaller.java, there exists the  ...)
	NOT-FOR-US: Android
CVE-2020-0459 (In sendConfiguredNetworkChangedBroadcast of WifiConfigManager.java, th ...)
	NOT-FOR-US: Android
CVE-2020-0458 (In SPDIFEncoder::writeBurstBufferBytes and related methods of SPDIFEnc ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0457 (There is a possible out of bounds write due to a missing bounds check. ...)
	NOT-FOR-US: MediaTek components for Android
CVE-2020-0456 (There is a possible out of bounds write due to a missing bounds check. ...)
	NOT-FOR-US: MediaTek components for Android
CVE-2020-0455 (There is a possible out of bounds write due to a missing bounds check. ...)
	NOT-FOR-US: MediaTek components for Android
CVE-2020-0454 (In callCallbackForRequest of ConnectivityService.java, there is a poss ...)
	NOT-FOR-US: Android
CVE-2020-0453 (In updateNotification of BeamTransferManager.java, there is a possible ...)
	NOT-FOR-US: Android
CVE-2020-0452 (In exif_entry_get_value of exif-entry.c, there is a possible out of bo ...)
	{DSA-4786-1 DLA-2439-1}
	- libexif 0.6.22-3
	NOTE: https://github.com/libexif/libexif/commit/9266d14b5ca4e29b970fa03272318e5f99386e06
CVE-2020-0451 (In sbrDecoder_AssignQmfChannels2SbrChannels of sbrdecoder.cpp, there i ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0450 (In rw_i93_sm_format of rw_i93.cc, there is a possible out of bounds re ...)
	NOT-FOR-US: Android
CVE-2020-0449 (In btm_sec_disconnected of btm_sec.cc, there is a possible memory corr ...)
	NOT-FOR-US: Android
CVE-2020-0448 (In getPhoneAccountsForPackage of TelecomServiceImpl.java, there is a p ...)
	NOT-FOR-US: Android
CVE-2020-0447 (There is a possible out of bounds write due to a missing bounds check. ...)
	NOT-FOR-US: MediaTek components for Android
CVE-2020-0446 (There is a possible out of bounds write due to a missing bounds check. ...)
	NOT-FOR-US: MediaTek components for Android
CVE-2020-0445 (There is a possible out of bounds write due to a missing bounds check. ...)
	NOT-FOR-US: MediaTek components for Android
CVE-2020-0444 (In audit_free_lsm_field of auditfilter.c, there is a possible bad kfre ...)
	- linux 5.5.13-1
	[buster] - linux 4.19.118-1
	[stretch] - linux 4.9.228-1
	NOTE: https://git.kernel.org/linus/2ad3e17ebf94b7b7f3f64c050ff168f9915345eb
CVE-2020-0443 (In LocaleList of LocaleList.java, there is a possible forced reboot du ...)
	NOT-FOR-US: Android
CVE-2020-0442 (In Message and toBundle of Notification.java, there is a possible UI s ...)
	NOT-FOR-US: Android
CVE-2020-0441 (In Message and toBundle of Notification.java, there is a possible reso ...)
	NOT-FOR-US: Android
CVE-2020-0440 (In createVirtualDisplay of DisplayManagerService.java, there is a poss ...)
	NOT-FOR-US: Android
CVE-2020-0439 (In generatePackageInfo of PackageManagerService.java, there is a possi ...)
	NOT-FOR-US: Android
CVE-2020-0438 (In the AIBinder_Class constructor of ibinder.cpp, there is a possible  ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0437 (In CellBroadcastReceiver's intent handlers, there is a possible denial ...)
	NOT-FOR-US: Android
CVE-2020-0436
	RESERVED
CVE-2020-0435
	REJECTED
CVE-2020-0434 (In Pixel's use of the Catpipe library, there is possible memory corrup ...)
	NOT-FOR-US: Catpipe
CVE-2020-0433 (In blk_mq_queue_tag_busy_iter of blk-mq-tag.c, there is a possible use ...)
	- linux 4.19.9-1
	[stretch] - linux 4.9.228-1
	NOTE: https://source.android.com/security/bulletin/pixel/2020-09-01
	NOTE: https://git.kernel.org/linus/f5bbbbe4d63577026f908a809f22f5fd5a90ea1f
	NOTE: https://git.kernel.org/linus/530ca2c9bd6949c72c9b5cfc330cb3dbccaa3f5b
CVE-2020-0432 (In skb_to_mamac of networking.c, there is a possible out of bounds wri ...)
	- linux 5.4.19-1 (unimportant)
	[buster] - linux 4.19.118-1
	[stretch] - linux 4.9.228-1
	NOTE: https://git.kernel.org/linus/4d1356ac12f4d5180d0df345d85ff0ee42b89c72
	NOTE: Staging driver, not enabled/built
CVE-2020-0431 (In kbd_keycode of keyboard.c, there is a possible out of bounds write  ...)
	- linux 5.4.13-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/4f3882177240a1f55e45a3d241d3121341bead78
CVE-2020-0430 (In skb_headlen of /include/linux/skbuff.h, there is a possible out of  ...)
	- linux 4.17.8-1
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.kernel.org/linus/58990d1ff3f7896ee341030e9a7c2e4002570683
CVE-2020-0429 (In l2tp_session_delete and related functions of l2tp_core.c, there is  ...)
	- linux 4.14.2-1
	[stretch] - linux 4.9.228-1
	NOTE: https://git.kernel.org/linus/b228a94066406b6c456321d69643b0d7ce11cfa6
	NOTE: https://git.kernel.org/linus/cdd10c9627496ad25c87ce6394e29752253c69d3
CVE-2020-0428 (In CamX code, there is a possible use after free due to a race conditi ...)
	NOT-FOR-US: Android on Pixel
CVE-2020-0427 (In create_pinctrl of core.c, there is a possible out of bounds read du ...)
	{DLA-2494-1}
	- linux 5.4.8-1
	[buster] - linux 4.19.98-1
	NOTE: https://git.kernel.org/linus/be4c60b563edee3712d392aaeb0943a768df7023
CVE-2020-0426 (In SyncManager, there is a possible permission bypass due to an unsafe ...)
	NOT-FOR-US: Android
CVE-2020-0425 (There is a possible way to view notifications even when the "Lockdown" ...)
	NOT-FOR-US: Android
CVE-2020-0424 (In send_vc of res_send.cpp, there is a possible out of bounds read due ...)
	NOT-FOR-US: Android
CVE-2020-0423 (In binder_release_work of binder.c, there is a possible use-after-free ...)
	{DLA-2483-1}
	- linux 5.9.6-1
	[buster] - linux 4.19.160-1
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://git.kernel.org/linus/f3277cbfba763cd2826396521b9296de67cf1bbc
CVE-2020-0422 (In constructImportFailureNotification of NotificationImportExportListe ...)
	NOT-FOR-US: Android
CVE-2020-0421 (In appendFormatV of String8.cpp, there is a possible out of bounds wri ...)
	NOT-FOR-US: Android
CVE-2020-0420 (In setUpdatableDriverPath of GpuService.cpp, there is a possible memor ...)
	NOT-FOR-US: Android
CVE-2020-0419 (In generateInfo of PackageInstallerSession.java, there is a possible l ...)
	NOT-FOR-US: Android
CVE-2020-0418 (In getPermissionInfosForGroup of Utils.java, there is a logic error. T ...)
	NOT-FOR-US: Android
CVE-2020-0417 (In setNiNotification of GpsNetInitiatedHandler.java, there is a possib ...)
	NOT-FOR-US: Android
CVE-2020-0416 (In multiple settings screens, there are possible tapjacking attacks du ...)
	NOT-FOR-US: Android
CVE-2020-0415 (In various locations in SystemUI, there is a possible permission bypas ...)
	NOT-FOR-US: Android
CVE-2020-0414 (In AudioFlinger::RecordThread::threadLoop of audioflinger/Threads.cpp, ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0413 (In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible ou ...)
	NOT-FOR-US: Android
CVE-2020-0412 (In setProcessMemoryTrimLevel of ActivityManagerService.java, there is  ...)
	NOT-FOR-US: Android
CVE-2020-0411 (In ~AACExtractor() of AACExtractor.cpp, there is a possible out of bou ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0410 (In setNotification of SapServer.java, there is a possible permission b ...)
	NOT-FOR-US: Android
CVE-2020-0409 (In create of FileMap.cpp, there is a possible out of bounds write due  ...)
	NOT-FOR-US: Android
CVE-2020-0408 (In remove of String16.cpp, there is a possible out of bounds write due ...)
	NOT-FOR-US: Android
CVE-2020-0407 (In various functions in fscrypt_ice.c and related files in some implem ...)
	NOT-FOR-US: Android kernel
CVE-2020-0406 (In libmpeg2dec, there is a possible out of bounds write due to a missi ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0405 (In NetworkStackNotifier, there is a possible permissions bypass due to ...)
	NOT-FOR-US: Android
CVE-2020-0404 (In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked  ...)
	- linux 5.4.19-1
	[buster] - linux 4.19.118-1
	[stretch] - linux 4.9.228-1
	NOTE: https://git.kernel.org/linus/68035c80e129c4cfec659aac4180354530b26527
CVE-2020-0403 (In the FPC TrustZone fingerprint App, there is a possible invalid comm ...)
	NOT-FOR-US: FPC TrustZone fingerprint App
CVE-2020-0402
	RESERVED
	NOTE: Duplicate assignment for CVE-2019-19769 (Android security informed)
CVE-2020-0401 (In setInstallerPackageName of PackageManagerService.java, there is a m ...)
	NOT-FOR-US: Android
CVE-2020-0400 (In showDataRoamingNotification of NotificationMgr.java, there is a pos ...)
	NOT-FOR-US: Android
CVE-2020-0399 (In showLimitedSimFunctionWarningNotification of NotificationMgr.java,  ...)
	NOT-FOR-US: Android
CVE-2020-0398 (In updateMwi of NotificationMgr.java, there is a possible permission b ...)
	NOT-FOR-US: Android
CVE-2020-0397 (In getNotificationBuilder of CarrierServiceStateTracker.java, there is ...)
	NOT-FOR-US: Android
CVE-2020-0396 (In various places in Telephony, there is a possible permission bypass  ...)
	NOT-FOR-US: Android
CVE-2020-0395 (In showNotification of EmergencyCallbackModeService.java, there is a p ...)
	NOT-FOR-US: Android
CVE-2020-0394 (In onCreate of BluetoothPairingDialog.java, there is a possible tapjac ...)
	NOT-FOR-US: Android
CVE-2020-0393 (In decrypt and decrypt_1_2 of CryptoPlugin.cpp, there is a possible ou ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0392 (In getLayerDebugInfo of SurfaceFlinger.cpp, there is a possible code e ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0391 (In applyPolicy of PackageManagerService.java, there is possible arbitr ...)
	NOT-FOR-US: Android
CVE-2020-0390 (In the app zygote SE Policy, there is a possible permissions bypass. T ...)
	NOT-FOR-US: Android
CVE-2020-0389 (In createSaveNotification of RecordingService.java, there is a possibl ...)
	NOT-FOR-US: Android
CVE-2020-0388 (In createEmergencyLocationUserNotification of GnssVisibilityControl.ja ...)
	NOT-FOR-US: Android
CVE-2020-0387 (In manifest files of the SmartSpace package, there is a possible tapja ...)
	NOT-FOR-US: Android
CVE-2020-0386 (In onCreate of RequestPermissionActivity.java, there is a possible tap ...)
	NOT-FOR-US: Android
CVE-2020-0385 (In Parse_insh of eas_mdls.c, there is a possible out of bounds write d ...)
	NOT-FOR-US: Android
CVE-2020-0384 (In Parse_art of eas_mdls.c, there is a possible out of bounds write du ...)
	NOT-FOR-US: Android
CVE-2020-0383 (In Parse_ins of eas_mdls.c, there is a possible out of bounds write du ...)
	NOT-FOR-US: Android
CVE-2020-0382 (In RunInternal of dumpstate.cpp, there is a possible user consent bypa ...)
	NOT-FOR-US: Android
CVE-2020-0381 (In Parse_wave of eas_mdls.c, there is a possible out of bounds write d ...)
	NOT-FOR-US: Android
CVE-2020-0380 (In allocExcessBits of bitalloc.c, there is a possible out of bounds wr ...)
	NOT-FOR-US: Android
CVE-2020-0379 (In the Bluetooth service, there is a possible spoofing attack due to a ...)
	NOT-FOR-US: Android
CVE-2020-0378 (In onWnmFrameReceived of PasspointManager.java, there is a missing per ...)
	NOT-FOR-US: Android
CVE-2020-0377 (In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible ou ...)
	NOT-FOR-US: Android
CVE-2020-0376 (There is a possible out of bounds read due to a missing bounds check.P ...)
	NOT-FOR-US: MediaTek components for Android
CVE-2020-0375 (In Telephony, there is a possible permission bypass due to a missing p ...)
	NOT-FOR-US: Android
CVE-2020-0374 (In NFC, there is a possible permission bypass due to an unsafe Pending ...)
	NOT-FOR-US: Android
CVE-2020-0373 (In SoundTriggerHwService, there is a possible out of bounds read due t ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0372 (In ActivityManager, there is a possible access to protected data due t ...)
	NOT-FOR-US: Android
CVE-2020-0371 (There is a possible out of bounds read due to a missing bounds check.P ...)
	NOT-FOR-US: MediaTek components for Android
CVE-2020-0370 (In libAACdec, there is a possible out of bounds read due to missing bo ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0369 (In libavb, there is a possible out of bounds write due to an integer o ...)
	NOT-FOR-US: Android
CVE-2020-0368 (In queryInternal of CallLogProvider.java, there is a possible permissi ...)
	NOT-FOR-US: Android
CVE-2020-0367 (There is a possible out of bounds write due to a missing bounds check. ...)
	NOT-FOR-US: MediaTek components for Android
CVE-2020-0366 (In PackageInstaller, there is a possible permissions bypass due to a t ...)
	NOT-FOR-US: Android
CVE-2020-0365 (In netd, there is a possible out of bounds read due to a missing bound ...)
	NOT-FOR-US: Android
CVE-2020-0364 (In libDRCdec, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0363 (In libmedia, there is a possible resource exhaustion due to improper i ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0362 (In libstagefright, there is a possible resource exhaustion due to impr ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0361 (In libDRCdec, there is a possible information disclosure due to uninit ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0360 (In Notification Access Confirmation, there is a possible permissions b ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0359 (In GLESRenderEngine, there is a possible out of bounds read due to a b ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0358 (In SurfaceFlinger, there is a possible use after free due to a race co ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0357 (In SurfaceFlinger, there is a possible use-after-free due to improper  ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0356 (In the Audio HAL, there is a possible out of bounds write due to an in ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0355 (In libFraunhoferAAC, there is a possible out of bounds read due to a m ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0354 (In Bluetooth, there is a possible out of bounds write due to a missing ...)
	NOT-FOR-US: Android
CVE-2020-0353 (In libmp4extractor, there is a possible resource exhaustion due to a m ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0352 (In MediaProvider, there is a possible permissions bypass due to SQL in ...)
	NOT-FOR-US: Android
CVE-2020-0351 (In libstagefright, there is possible CPU exhaustion due to improper in ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0350 (In NFC, there is a possible out of bounds write due to a missing bound ...)
	NOT-FOR-US: Android
CVE-2020-0349 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
	NOT-FOR-US: Android
CVE-2020-0348 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
	NOT-FOR-US: Android
CVE-2020-0347 (In iptables, there is a possible out of bounds write due to an incorre ...)
	- linux <undetermined>
CVE-2020-0346 (In Mediaserver, there is a possible out of bounds write due to an inte ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0345 (In DocumentsUI, there is a possible permission bypass due to a confuse ...)
	NOT-FOR-US: Android
CVE-2020-0344 (In MediaProvider, there is a possible permissions bypass due to SQL in ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0343 (In NetworkStatsService, there is a possible access to protected data d ...)
	NOT-FOR-US: Android
CVE-2020-0342 (There is a possible out of bounds write due to an incorrect bounds che ...)
	NOT-FOR-US: Android
CVE-2020-0341 (In DisplayManager, there is a possible permission bypass due to a miss ...)
	NOT-FOR-US: Android
CVE-2020-0340 (In libcodec2_soft_mp3dec, there is a possible information disclosure d ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0339 (There is a possible out of bounds read due to a missing bounds check.P ...)
	NOT-FOR-US: MediaTek components for Android
CVE-2020-0338 (In checkKeyIntent of AccountManagerService.java, there is a possible p ...)
	NOT-FOR-US: Android
CVE-2020-0337 (In MediaProvider, there is a possible bypass of a permissions check du ...)
	NOT-FOR-US: Android
CVE-2020-0336 (In SurfaceFlinger, there is possible memory corruption due to type con ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0335 (In NFC, there is a possible out of bounds write due to a missing bound ...)
	NOT-FOR-US: Android
CVE-2020-0334 (In NFC, there is a possible out of bounds write due to a missing bound ...)
	NOT-FOR-US: Android
CVE-2020-0333 (In UrlQuerySanitizer, there is a possible improper input validation. T ...)
	NOT-FOR-US: Android
CVE-2020-0332 (In libstagefright, there is a possible dead loop due to an uncaught ex ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0331 (In Settings, there is a possible permissions bypass. This could lead t ...)
	NOT-FOR-US: Android
CVE-2020-0330 (In iorap, there is a possible memory corruption due to a use after fre ...)
	NOT-FOR-US: Android
CVE-2020-0329 (In the OMX encoder, there is a possible out of bounds read due to inva ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0328 (In the camera, there is a possible out of bounds read due to an intege ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0327 (In core networking, there is a missing permission check. This could le ...)
	NOT-FOR-US: Android
CVE-2020-0326 (In NFC, there is a possible out of bounds write due to uninitialized d ...)
	NOT-FOR-US: Android
CVE-2020-0325 (In NFC, there is a missing bounds check. This could lead to local info ...)
	NOT-FOR-US: Android
CVE-2020-0324 (In libsonivox, there is a possible out of bounds read due to a missing ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0323 (In libavb, there is a possible out of bounds read due to a missing bou ...)
	NOT-FOR-US: Android
CVE-2020-0322 (In apexd, there is a possible out of bounds read due to a missing boun ...)
	NOT-FOR-US: Android
CVE-2020-0321 (In the mp3 extractor, there is a possible out of bounds write due to u ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0320 (In libstagefright, there is a possible resource exhaustion due to impr ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0319 (In NFC, there is a possible out of bounds write due to a missing bound ...)
	NOT-FOR-US: Android
CVE-2020-0318 (In the System UI, there is a possible system crash due to an uncaught  ...)
	NOT-FOR-US: Android
CVE-2020-0317 (In UsageStatsManager, there is a possible access to protected data due ...)
	NOT-FOR-US: Android
CVE-2020-0316 (In Telephony, there is a missing permission check. This could lead to  ...)
	NOT-FOR-US: Android
CVE-2020-0315 (In Zen Mode, there is a possible permission bypass due to an unsafe Pe ...)
	NOT-FOR-US: Android
CVE-2020-0314 (In AudioService, there are missing permission checks. This could lead  ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0313 (In NotificationManagerService, there is a possible permission bypass d ...)
	NOT-FOR-US: Android
CVE-2020-0312 (In Battery Saver, there is a possible permission bypass due to an unsa ...)
	NOT-FOR-US: Android
CVE-2020-0311 (In InputManagerService, there is a possible permission bypass due to a ...)
	NOT-FOR-US: Android
CVE-2020-0310 (In Settings, there is a possible permission bypass due to an unsafe Pe ...)
	NOT-FOR-US: Android
CVE-2020-0309 (In the Bluetooth server, there is a possible out of bounds write due t ...)
	NOT-FOR-US: Android
CVE-2020-0308 (In Window Manager, there is a possible permission bypass due to an uns ...)
	NOT-FOR-US: Android
CVE-2020-0307 (In Settings, there is a possible permission bypass due to an unsafe Pe ...)
	NOT-FOR-US: Android
CVE-2020-0306 (In LLVM, there is a possible ineffective stack cookie placement due to ...)
	- llvm-toolchain-11 <undetermined>
	- llvm-toolchain-9 <undetermined>
CVE-2020-0305 (In cdev_get of char_dev.c, there is a possible use-after-free due to a ...)
	- linux 5.4.13-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	[jessie] - linux 3.16.84-1
	NOTE: https://git.kernel.org/linus/68faa679b8be1a74e6663c21c3a9d25d32f1c079
CVE-2020-0304 (In Settings, there is a possible permission bypass due to an unsafe Pe ...)
	NOT-FOR-US: Android
CVE-2020-0303 (In the Media extractor, there is a possible use after free due to impr ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0302 (In Settings, there is a possible permission bypass due to an unsafe Pe ...)
	NOT-FOR-US: Android
CVE-2020-0301 (In libstagefright, there is a possible resource exhaustion due to impr ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0300 (In NFC, there is a possible out of bounds read due to uninitialized da ...)
	NOT-FOR-US: Android
CVE-2020-0299 (In Bluetooth, there is a possible spoofing of bluetooth device metadat ...)
	NOT-FOR-US: Android
CVE-2020-0298 (In Bluetooth, there is a possible control over Bluetooth enabled state ...)
	NOT-FOR-US: Android
CVE-2020-0297 (In devicepolicy service, there is a possible permission bypass due to  ...)
	NOT-FOR-US: Android
CVE-2020-0296 (In ADB server and USB server, there is a possible permission bypass du ...)
	NOT-FOR-US: Android
CVE-2020-0295 (In Telecom, there is a possible permission bypass due to an unsafe Pen ...)
	NOT-FOR-US: Android
CVE-2020-0294 (In bindWallpaperComponentLocked of WallpaperManagerService.java, there ...)
	NOT-FOR-US: Android
CVE-2020-0293 (In Java network APIs, there is possible access to sensitive network st ...)
	NOT-FOR-US: Android
CVE-2020-0292 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2020-0291 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2020-0290 (In PackageManager, there is a missing permission check. This could lea ...)
	NOT-FOR-US: Android
CVE-2020-0289 (In PackageManager, there is a missing permission check. This could lea ...)
	NOT-FOR-US: Android
CVE-2020-0288 (In PackageManager, there is a missing permission check. This could lea ...)
	NOT-FOR-US: Android
CVE-2020-0287 (In libmkvextractor, there is a possible resource exhaustion due to a m ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0286 (In Bluetooth AVRCP, there is a possible leak of audio metadata due to  ...)
	NOT-FOR-US: Android
CVE-2020-0285 (In Telephony, there is a possible permission bypass due to a missing p ...)
	NOT-FOR-US: Android
CVE-2020-0284 (In Telephony, there is a possible permission bypass due to a missing p ...)
	NOT-FOR-US: Android
CVE-2020-0283 (There is a possible out of bounds write due to a missing bounds check. ...)
	NOT-FOR-US: MediaTek components for Android
CVE-2020-0282 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
	NOT-FOR-US: Android
CVE-2020-0281 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
	NOT-FOR-US: Android
CVE-2020-0280 (In nci_proc_ee_management_rsp of nci_hrcv.cc, there is a possible out  ...)
	NOT-FOR-US: Android
CVE-2020-0279 (In the AAC parser, there is a possible out of bounds read due to a mis ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0278 (There is a possible out of bounds write due to an incorrect bounds che ...)
	NOT-FOR-US: MediaTek components for Android
CVE-2020-0277 (In NetworkPolicyManagerService, there is a possible permissions bypass ...)
	NOT-FOR-US: Android
CVE-2020-0276 (In Telephony, there is a possible permission bypass due to a missing p ...)
	NOT-FOR-US: Android
CVE-2020-0275 (In MediaProvider, there is a possible way to access ContentResolver an ...)
	NOT-FOR-US: Android
CVE-2020-0274 (In the OMX parser, there is a possible information disclosure due to a ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0273 (In hwservicemanager, there is a possible out of bounds write due to fr ...)
	NOT-FOR-US: Android
CVE-2020-0272 (In libhwbinder, there is a possible information disclosure due to unin ...)
	NOT-FOR-US: Android
CVE-2020-0271 (In the Settings app, there is an insecure default value. This could le ...)
	NOT-FOR-US: Android
CVE-2020-0270 (In tremolo, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0269 (In Android Auto Settings, there is a possible permission bypass due to ...)
	NOT-FOR-US: Android
CVE-2020-0268 (In NFC, there is a possible use-after-free due to a race condition. Th ...)
	NOT-FOR-US: Android
CVE-2020-0267 (In WindowManager, there is a possible launch of an unexpected app due  ...)
	NOT-FOR-US: Android
CVE-2020-0266 (In factory reset protection, there is a possible FRP bypass due to a m ...)
	NOT-FOR-US: Android
CVE-2020-0265 (In Telephony, there are possible leaks of sensitive data due to missin ...)
	NOT-FOR-US: Android
CVE-2020-0264 (In libstagefright, there is a possible out of bounds write due to an i ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0263 (In the Accessibility service, there is a possible permission bypass du ...)
	NOT-FOR-US: Android
CVE-2020-0262 (In WiFi tethering, there is a possible attacker controlled intent due  ...)
	NOT-FOR-US: Android
CVE-2020-0261 (In C2 flame devices, there is a possible bypass of seccomp due to a mi ...)
	NOT-FOR-US: C2 flame devices
CVE-2020-0260 (There is a possible out of bounds read due to an incorrect bounds chec ...)
	NOT-FOR-US: Mediatek components for Android
CVE-2020-0259 (In android_verity_ctr of dm-android-verity.c, there is a possible way  ...)
	NOT-FOR-US: Android
CVE-2020-0258 (In stopZygoteLocked of AppZygote.java, there is an insufficient cleanu ...)
	NOT-FOR-US: Android
CVE-2020-0257 (In SpecializeCommon of com_android_internal_os_Zygote.cpp, there is a  ...)
	NOT-FOR-US: Android
CVE-2020-0256 (In LoadPartitionTable of gpt.cc, there is a possible out of bounds wri ...)
	{DLA-2549-1}
	- gdisk 1.0.6-1
	[buster] - gdisk <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/gptfdisk/code/ci/81c8bbee46ad6ebacf72eae70ba5147f376205a4/
	NOTE: https://android.googlesource.com/platform/external/gptfdisk/+/7ffd0a26064cf25c0922f2bab511e4b4e8149083
CVE-2020-0255
	REJECTED
CVE-2020-0254 (There is a possible out of bounds read due to an incorrect bounds chec ...)
	NOT-FOR-US: Mediatek components for Android
CVE-2020-0253 (There is a possible memory corruption due to a use after free.Product: ...)
	NOT-FOR-US: Mediatek components for Android
CVE-2020-0252 (There is a possible memory corruption due to a use after free.Product: ...)
	NOT-FOR-US: Mediatek components for Android
CVE-2020-0251 (There is a possible out of bounds read due to an incorrect bounds chec ...)
	NOT-FOR-US: Mediatek components for Android
CVE-2020-0250 (In requestCellInfoUpdateInternal of PhoneInterfaceManager.java, there  ...)
	NOT-FOR-US: Android
CVE-2020-0249 (In postInstantAppNotif of InstantAppNotifier.java, there is a possible ...)
	NOT-FOR-US: Android
CVE-2020-0248 (In postInstantAppNotif of InstantAppNotifier.java, there is a possible ...)
	NOT-FOR-US: Android
CVE-2020-0247 (In Threshold::getHistogram of ImageProcessHelper.java, there is a poss ...)
	NOT-FOR-US: Android
CVE-2020-0246 (In getCarrierPrivilegeStatus of UiccAccessRule.java, there is a missin ...)
	NOT-FOR-US: Android
CVE-2020-0245 (In DecodeFrameCombinedMode of combined_decode.cpp, there is a possible ...)
	NOT-FOR-US: Android Media framework
CVE-2020-0244 (In writeBurstBufferBytes of SPDIFEncoder.cpp, there is a possible out  ...)
	NOT-FOR-US: Android media framework
CVE-2020-0243 (In clearPropValue of MediaAnalyticsItem.cpp, there is a possible use-a ...)
	NOT-FOR-US: Android media framework
CVE-2020-0242 (In reset of NuPlayerDriver.cpp, there is a possible use-after-free due ...)
	NOT-FOR-US: Android media framework
CVE-2020-0241 (In NuPlayerStreamListener of NuPlayerStreamListener.cpp, there is poss ...)
	NOT-FOR-US: Android media framework
CVE-2020-0240 (In NewFixedDoubleArray of factory.cc, there is a possible out of bound ...)
	NOT-FOR-US: Android
CVE-2020-0239 (In getDocumentMetadata of DocumentsContract.java, there is a possible  ...)
	NOT-FOR-US: Android
CVE-2020-0238 (In updatePreferenceIntents of AccountTypePreferenceLoader, there is a  ...)
	NOT-FOR-US: Android
CVE-2020-0237
	REJECTED
CVE-2020-0236 (In A2DP_GetCodecType of a2dp_codec_config, there is a possible out-of- ...)
	NOT-FOR-US: Android
CVE-2020-0235 (In crus_sp_shared_ioctl we first copy 4 bytes from userdata into "size ...)
	NOT-FOR-US: Pixel kernel drivers
CVE-2020-0234 (In crus_afe_get_param of msm-cirrus-playback.c, there is a possible ou ...)
	NOT-FOR-US: Pixel kernel drivers
CVE-2020-0233 (In main of main.cpp, there is possible memory corruption due to a use  ...)
	NOT-FOR-US: Android
CVE-2020-0232 (Function abc_pcie_issue_dma_xfer_sync creates a transfer object, adds  ...)
	NOT-FOR-US: Pixel kernel drivers
CVE-2020-0231 (There is a possible out of bounds write due to an incorrect bounds che ...)
	NOT-FOR-US: MediaTek components for Android
CVE-2020-0230 (There is a possible out of bounds write due to an incorrect bounds che ...)
	NOT-FOR-US: MediaTek components for Android
CVE-2020-0229 (There is a possible out of bounds write due to an incorrect bounds che ...)
	NOT-FOR-US: MediaTek components for Android
CVE-2020-0228 (There is an improper configuration of recorder related service. Produc ...)
	NOT-FOR-US: MediaTek components for Android
CVE-2020-0227 (In onCommand of CompanionDeviceManagerService.java, there is a possibl ...)
	NOT-FOR-US: Android
CVE-2020-0226 (In createWithSurfaceParent of Client.cpp, there is a possible out of b ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0225 (In a2dp_vendor_ldac_decoder_decode_packet of a2dp_vendor_ldac_decoder. ...)
	NOT-FOR-US: Android
CVE-2020-0224 (In FastKeyAccumulator::GetKeysSlow of keys.cc, there is a possible out ...)
	NOT-FOR-US: Android
CVE-2020-0223 (This is an unbounded write into kernel global memory, via a user-contr ...)
	NOT-FOR-US: Pixel kernel drivers
CVE-2020-0222
	RESERVED
CVE-2020-0221 (Airbrush FW's scratch memory allocator is susceptible to numeric overf ...)
	NOT-FOR-US: Android
CVE-2020-0220 (In crus_afe_callback of msm-cirrus-playback.c, there is a possible out ...)
	NOT-FOR-US: Android
CVE-2020-0219 (In onCreate of SliceDeepLinkSpringBoard.java there is a possible insec ...)
	NOT-FOR-US: Android
CVE-2020-0218 (In loadSoundModel and related functions of SoundTriggerHwService.cpp,  ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0217 (In RW_T4tPresenceCheck of rw_t4t.cc, there is a possible out of bounds ...)
	NOT-FOR-US: Android
CVE-2020-0216 (In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possibl ...)
	NOT-FOR-US: Android
CVE-2020-0215 (In onCreate of ConfirmConnectActivity.java, there is a possible leak o ...)
	NOT-FOR-US: Android
CVE-2020-0214 (In ce_t4t_process_select_file_cmd of ce_t4t.cc, there is a possible ou ...)
	NOT-FOR-US: Android
CVE-2020-0213 (In hevcd_fmt_conv_420sp_to_420sp_av8 of ihevcd_fmt_conv_420sp_to_420sp ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0212 (In _onBufferDestroyed of InputBufferManager.cpp, there is a possible o ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0211 (In SumCompoundHorizontalTaps of convolve_neon.cc, there is a possible  ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0210 (In removeSharedAccountAsUser of AccountManager.java, there is a possib ...)
	NOT-FOR-US: Android
CVE-2020-0209 (In multiple functions of AccountManager.java, there is a possible perm ...)
	NOT-FOR-US: Android
CVE-2020-0208 (In multiple functions of AccountManager.java, there is a possible perm ...)
	NOT-FOR-US: Android
CVE-2020-0207 (In next_marker of jdmarker.c, there is a possible out of bounds read d ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0206 (In the settings app, there is a possible app crash due to improper inp ...)
	NOT-FOR-US: Android
CVE-2020-0205 (In the DaalaBitReader constructor of entropy_decoder.cc, there is a po ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0204 (In InstallPackage of package.cpp, there is a possible bypass of a sign ...)
	NOT-FOR-US: Android
CVE-2020-0203 (In freeIsolatedUidLocked of ProcessList.java, there is a possible UID  ...)
	NOT-FOR-US: Android
CVE-2020-0202 (In onHandleIntent of TraceService.java, there is a possible bypass of  ...)
	NOT-FOR-US: Android
CVE-2020-0201 (In showSecurityFields of WifiConfigController.java there is a possible ...)
	NOT-FOR-US: Android
CVE-2020-0200 (In ReadLittleEndian of raw_bit_reader.cc, there is a possible out of b ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0199 (In TimeCheck::TimeCheckThread::threadLoop of TimeCheck.cpp, there is a ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0198 (In exif_data_load_data_content of exif-data.c, there is a possible UBS ...)
	{DLA-2249-1}
	- libexif 0.6.22-2 (bug #962345)
	[buster] - libexif 0.6.21-5.1+deb10u4
	[stretch] - libexif 0.6.21-2+deb9u4
	NOTE: https://android.googlesource.com/platform/external/libexif/+/1e187b62682ffab5003c702657d6d725b4278f16%5E%21/#F0
	NOTE: https://github.com/libexif/libexif/commit/ce03ad7ef4e8aeefce79192bf5b6f69fae396f0c
CVE-2020-0197 (In InitDataParser::parsePssh of InitDataParser.cpp, there is a possibl ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0196 (In RegisterNotificationResponse::GetEvent of register_notification_pac ...)
	NOT-FOR-US: Android
CVE-2020-0195 (In ihevcd_iquant_itrans_recon_ctb of ihevcd_iquant_itrans_recon_ctb.c  ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0194 (In ihevcd_parse_slice_header of ihevcd_parse_slice_header.c, there is  ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0193 (In ihevc_intra_pred_chroma_mode_3_to_9_av8 of ihevc_intra_pred_chroma_ ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0192 (In ih264d_decode_slice_thread of ih264d_thread_parse_decode.c, there i ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0191 (In ih264d_update_default_index_list() of ih264d_dpb_mgr.c, there is a  ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0190 (In ideint_weave_blk of ideint_utils.c, there is a possible out of boun ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0189 (In ihevcd_decode() of ihevcd_decode.c, there is possible resource exha ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0188 (In onCreatePermissionRequest of SettingsSliceProvider.java, there is a ...)
	NOT-FOR-US: Android
CVE-2020-0187 (In engineSetMode of BaseBlockCipher.java, there is a possible incorrec ...)
	NOT-FOR-US: Android
CVE-2020-0186 (In hal_fd_init of hal_fd.cc, there is a possible out of bounds write d ...)
	NOT-FOR-US: Android
CVE-2020-0185 (In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible out  ...)
	NOT-FOR-US: Android
CVE-2020-0184 (In ihevcd_ref_list() of ihevcd_ref_list.c, there is a possible infinit ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0183 (In handleMessage of BluetoothManagerService, there is an incomplete re ...)
	NOT-FOR-US: Android
CVE-2020-0182 (In exif_entry_get_value of exif-entry.c, there is a possible out of bo ...)
	{DLA-2249-1}
	- libexif 0.6.22-1 (low)
	[buster] - libexif 0.6.21-5.1+deb10u4
	[stretch] - libexif 0.6.21-2+deb9u4
	NOTE: https://github.com/libexif/libexif/commit/f9bb9f263fb00f0603ecbefa8957cad24168cbff (0.6.22)
	NOTE: CVE originally originally reported by Android where a different patch was shipped
CVE-2020-0181 (In exif_data_load_data_thumbnail of exif-data.c, there is a possible d ...)
	{DSA-4618-1 DLA-2100-1}
	- libexif 0.6.21-6 (bug #962346)
	NOTE: https://android.googlesource.com/platform/external/libexif/+/f6c54954cbfc25eb73d2d2902f0597c0220174a4
	NOTE: Fixed by the patch for CVE-2019-9278
CVE-2020-0180 (In GetOpusHeaderBuffers() of OpusHeader.cpp, there is a possible out o ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0179 (In doSendObjectInfo of MtpServer.cpp, there is a possible path travers ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0178 (In getAllConfigFlags of SettingsProvider.cpp, there is a possible ille ...)
	NOT-FOR-US: Android
CVE-2020-0177 (In connect() of PanService.java, there is a possible permissions bypas ...)
	NOT-FOR-US: Android
CVE-2020-0176 (In avdt_msg_prs_rej of avdt_msg.cc, there is a possible out-of-bounds  ...)
	NOT-FOR-US: Android
CVE-2020-0175 (In XMF_ReadNode of eas_xmf.c, there is possible resource exhaustion du ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0174 (In Parse_ptbl of eas_mdls.c, there is possible resource exhaustion due ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0173 (In Parse_lins of eas_mdls.c, there is possible resource exhaustion due ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0172 (In Parse_art of eas_mdls.c, there is possible resource exhaustion due  ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0171 (In Parse_lart of eas_mdls.c, there is possible resource exhaustion due ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0170 (In IMY_Event of eas_imelody.c, there is possible resource exhaustion d ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0169 (In RTTTL_Event of eas_rtttl.c, there is possible resource exhaustion d ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0168 (In impeg2_fmt_conv_yuv420p_to_yuv420sp_uv of impeg2_format_conv.c, the ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0167 (In load of ResourceTypes.cpp, there is a possible out of bounds read d ...)
	NOT-FOR-US: Android
CVE-2020-0166 (In multiple functions of URI.java, there is a possible escalation of p ...)
	NOT-FOR-US: Android
CVE-2020-0165 (In phNxpNciHal_NfcDep_cmd_ext of phNxpNciHal_NfcDepSWPrio.cc, there is ...)
	NOT-FOR-US: Android
CVE-2020-0164 (In phNxpNciHal_NfcDep_cmd_ext of phNxpNciHal_NfcDepSWPrio.cc, there is ...)
	NOT-FOR-US: Android
CVE-2020-0163 (In parseSampleAuxiliaryInformationSizes of MPEG4Extractor.cpp, there i ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0162 (In parseSampleAuxiliaryInformationOffsets of MPEG4Extractor.cpp, there ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0161 (In parseChunk of MPEG4Extractor.cpp, there is possible resource exhaus ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0160 (In setSyncSampleParams of SampleTable.cpp, there is possible resource  ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0159 (In rw_mfc_writeBlock of rw_mfc.cc, there is a possible out of bounds r ...)
	NOT-FOR-US: Android
CVE-2020-0158 (In nfc_ncif_proc_t3t_polling_ntf of nfc_ncif.cc, there is a possible o ...)
	NOT-FOR-US: Android
CVE-2020-0157 (In nfa_hci_conn_cback of nfa_hci_main.cc, there is a possible out of b ...)
	NOT-FOR-US: Android
CVE-2020-0156 (In NxpNfc::ioctl of NxpNfc.cpp, there is a possible out of bounds read ...)
	NOT-FOR-US: Android
CVE-2020-0155 (In phNxpNciHal_send_ese_hal_cmd of phNxpNciHal_ext.cc, there is a poss ...)
	NOT-FOR-US: Android
CVE-2020-0154 (In nci_proc_core_rsp of nci_hrcv.cc, there is a possible out of bounds ...)
	NOT-FOR-US: Android
CVE-2020-0153 (In phNxpNciHal_write_ext of phNxpNciHal_ext.cc, there is a possible ou ...)
	NOT-FOR-US: Android
CVE-2020-0152 (In avb_vbmeta_image_verify of avb_vbmeta_image.c, there is a possible  ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0151 (In avb_vbmeta_image_verify of avb_vbmeta_image.c there is a possible o ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0150 (In rw_t3t_message_set_block_list of rw_t3t.cc, there is a possible out ...)
	NOT-FOR-US: Android
CVE-2020-0149 (In btu_hcif_mode_change_evt of btu_hcif.cc, there is a possible out of ...)
	NOT-FOR-US: Android
CVE-2020-0148 (In btu_hcif_pin_code_request_evt, btu_hcif_link_key_request_evt, and b ...)
	NOT-FOR-US: Android
CVE-2020-0147 (In btu_hcif_esco_connection_chg_evt of btu_hcif.cc, there is a possibl ...)
	NOT-FOR-US: Android
CVE-2020-0146 (In btu_hcif_hardware_error_evt of btu_hcif.cc, there is a possible out ...)
	NOT-FOR-US: Android
CVE-2020-0145 (In btm_simple_pair_complete of btm_sec.cc, there is a possible out of  ...)
	NOT-FOR-US: Android
CVE-2020-0144 (In btm_proc_sp_req_evt of btm_sec.cc, there is a possible out of bound ...)
	NOT-FOR-US: Android
CVE-2020-0143 (In nfa_dm_ndef_find_next_handler of nfa_dm_ndef.c, there is a possible ...)
	NOT-FOR-US: Android
CVE-2020-0142 (In rw_i93_sm_format of rw_i93.c, there is a possible information discl ...)
	NOT-FOR-US: Android
CVE-2020-0141 (In OutputBuffersArray::realloc of CCodecBuffers.cpp, there is a possib ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0140 (In rw_i93_sm_detect_ndef of rw_i93.c, there is a possible information  ...)
	NOT-FOR-US: Android
CVE-2020-0139 (In NDEF_MsgValidate of ndef_utils.c, there is a possible out of bounds ...)
	NOT-FOR-US: Android
CVE-2020-0138 (In get_element_attr_rsp of btif_rc.cc, there is a possible out of boun ...)
	NOT-FOR-US: Android
CVE-2020-0137 (In setIPv6AddrGenMode of NetworkManagementService.java, there is a pos ...)
	NOT-FOR-US: Android
CVE-2020-0136 (In multiple locations of Parcel.cpp, there is a possible out-of-bounds ...)
	NOT-FOR-US: Android
CVE-2020-0135 (In dump of RollbackManagerServiceImpl.java, there is a possible backup ...)
	NOT-FOR-US: Android
CVE-2020-0134 (In BnDrm::onTransact of IDrm.cpp, there is a possible information disc ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0133 (In MockLocationAppPreferenceController.java, it is possible to mock th ...)
	NOT-FOR-US: Android
CVE-2020-0132 (In BnAAudioService::onTransact of IAAudioService.cpp, there is a possi ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0131 (In parseChunk of MPEG4Extractor.cpp, there is a possible out of bounds ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0130 (In screencap, there is a possible command injection due to improper in ...)
	NOT-FOR-US: Android
CVE-2020-0129 (In SetData of btm_ble_multi_adv.cc, there is a possible out-of-bound w ...)
	NOT-FOR-US: Android
CVE-2020-0128 (In addPacket of AMPEG4ElementaryAssembler, there is an out of bounds r ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0127 (In AudioStream::decode of AudioGroup.cpp, there is a possible out of b ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0126 (In multiple functions in DrmPlugin.cpp, there is a possible use after  ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0125 (In mediadrm, there is a possible out of bounds read due to a missing b ...)
	NOT-FOR-US: Android Media framework
CVE-2020-0124 (In markBootComplete of InstalldNativeService.cpp, there is a possible  ...)
	NOT-FOR-US: Android
CVE-2020-0123 (There is a possible out of bounds write due to an incorrect bounds che ...)
	NOT-FOR-US: MediaTek components for Android
CVE-2020-0122 (In the permission declaration for com.google.android.providers.gsf.per ...)
	NOT-FOR-US: Android
CVE-2020-0121 (In updateUidProcState of AppOpsService.java, there is a possible permi ...)
	NOT-FOR-US: Android
CVE-2020-0120 (In notifyErrorForPendingRequests of QCamera3HWI.cpp, there is a possib ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0119 (In addOrUpdateNetworkInternal and related functions of WifiConfigManag ...)
	NOT-FOR-US: Android
CVE-2020-0118 (In addListener of RegionSamplingThread.cpp, there is a possible out of ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0117 (In aes_cmac of aes_cmac.cc, there is a possible out of bounds write du ...)
	NOT-FOR-US: Android
CVE-2020-0116 (In checkSystemLocationAccess of LocationAccessPolicy.java, there is a  ...)
	NOT-FOR-US: Android
CVE-2020-0115 (In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is ...)
	NOT-FOR-US: Android
CVE-2020-0114 (In onCreateSliceProvider of KeyguardSliceProvider.java, there is a pos ...)
	NOT-FOR-US: Android
CVE-2020-0113 (In sendCaptureResult of Camera3OutputUtils.cpp, there is a possible ou ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0112
	RESERVED
CVE-2020-0111
	RESERVED
CVE-2020-0110 (In psi_write of psi.c, there is a possible out of bounds write due to  ...)
	- linux 5.5.13-1
	[buster] - linux <not-affected> (Vulnerable code not present)
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/6fcca0fa48118e6d63733eb4644c6cd880c15b8f (5.6-rc2)
CVE-2020-0109 (In simulatePackageSuspendBroadcast of NotificationManagerService.java, ...)
	NOT-FOR-US: Android
CVE-2020-0108 (In postNotification of ServiceRecord.java, there is a possible bypass  ...)
	NOT-FOR-US: Android
CVE-2020-0107 (In getUiccCardsInfo of PhoneInterfaceManager.java, there is a possible ...)
	NOT-FOR-US: Android
CVE-2020-0106 (In getCellLocation of PhoneInterfaceManager.java, there is a possible  ...)
	NOT-FOR-US: Android
CVE-2020-0105 (In onKeyguardVisibilityChanged of key_store_service.cpp, there is a mi ...)
	NOT-FOR-US: Android
CVE-2020-0104 (In onShowingStateChanged of KeyguardStateMonitor.java, there is a poss ...)
	NOT-FOR-US: Android
CVE-2020-0103 (In a2dp_aac_decoder_cleanup of a2dp_aac_decoder.cc, there is a possibl ...)
	NOT-FOR-US: Android
CVE-2020-0102 (In GattServer::SendResponse of gatt_server.cc, there is a possible out ...)
	NOT-FOR-US: Android
CVE-2020-0101 (In BnCrypto::onTransact of ICrypto.cpp, there is a possible informatio ...)
	NOT-FOR-US: Android media framework
CVE-2020-0100 (In onTransact of IHDCP.cpp, there is a possible out of bounds read due ...)
	NOT-FOR-US: Android media framework
CVE-2020-0099 (In addWindow of WindowManagerService.java, there is a possible window  ...)
	NOT-FOR-US: Android
CVE-2020-0098 (In navigateUpToLocked of ActivityStack.java, there is a possible permi ...)
	NOT-FOR-US: Android
CVE-2020-0097 (In various methods of PackageManagerService.java, there is a possible  ...)
	NOT-FOR-US: Android
CVE-2020-0096 (In startActivities of ActivityStartController.java, there is a possibl ...)
	NOT-FOR-US: Android
CVE-2020-0095
	RESERVED
	NOT-FOR-US: Android Media Framework
CVE-2020-0094 (In setImageHeight and setImageWidth of ExifUtils.cpp, there is a possi ...)
	NOT-FOR-US: Android media framework
CVE-2020-0093 (In exif_data_save_data_entry of exif-data.c, there is a possible out o ...)
	{DLA-2214-1}
	- libexif 0.6.21-8
	[buster] - libexif 0.6.21-5.1+deb10u2
	[stretch] - libexif 0.6.21-2+deb9u2
	NOTE: https://github.com/libexif/libexif/issues/42
	NOTE: https://github.com/libexif/libexif/commit/5ae5973bed1947f4d447dc80b76d5cefadd90133
CVE-2020-0092 (In setHideSensitive of NotificationStackScrollLayout.java, there is a  ...)
	NOT-FOR-US: Android
CVE-2020-0091 (In mnld, an incorrect configuration in driver_cfg of mnld for meta fac ...)
	NOT-FOR-US: Mediatek components for Android
CVE-2020-0090 (An improper authorization in the receiver component of Email.Product:  ...)
	NOT-FOR-US: Mediatek components for Android
CVE-2020-0089 (In the audio server, there is a missing permission check. This could l ...)
	NOT-FOR-US: Android
CVE-2020-0088 (In parseTrackFragmentRun of MPEG4Extractor.cpp, there is possible reso ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0087 (In getProcessPss of ActivityManagerService.java, there is a possible s ...)
	NOT-FOR-US: Android
CVE-2020-0086 (In readCString of Parcel.cpp, there is a possible out of bounds write  ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0085 (In setBluetoothTethering of PanService.java, there is a possible permi ...)
	NOT-FOR-US: Android
CVE-2020-0084 (In several functions of NotificationManagerService.java, there are mis ...)
	NOT-FOR-US: Android
CVE-2020-0083 (In setRequirePmfInternal of sta_network.cpp, there is a possible defau ...)
	NOT-FOR-US: Android
CVE-2020-0082 (In ExternalVibration of ExternalVibration.java, there is a possible ac ...)
	NOT-FOR-US: Android
CVE-2020-0081 (In finalize of AssetManager.java, there is possible memory corruption  ...)
	NOT-FOR-US: Android
CVE-2020-0080 (In onOpActiveChanged and related methods of AppOpsControllerImpl.java, ...)
	NOT-FOR-US: Android
CVE-2020-0079 (In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds  ...)
	NOT-FOR-US: Android
CVE-2020-0078 (In releaseSecureStops of DrmPlugin.cpp, there is a possible out of bou ...)
	NOT-FOR-US: Android
CVE-2020-0077 (In authorize_enroll of the FPC IRIS TrustZone app, there is a possible ...)
	NOT-FOR-US: Android
CVE-2020-0076 (In get_auth_result of the FPC IRIS TrustZone app, there is a possible  ...)
	NOT-FOR-US: Android
CVE-2020-0075 (In set_shared_key of the FPC IRIS TrustZone app, there is a possible o ...)
	NOT-FOR-US: Android
CVE-2020-0074 (In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is ...)
	NOT-FOR-US: Android
CVE-2020-0073 (In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible ...)
	NOT-FOR-US: Android
CVE-2020-0072 (In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible ...)
	NOT-FOR-US: Android
CVE-2020-0071 (In rw_t2t_extract_default_locks_info of rw_t2t_ndef.cc, there is a pos ...)
	NOT-FOR-US: Android
CVE-2020-0070 (In rw_t2t_update_lock_attributes of rw_t2t_ndef.cc, there is a possibl ...)
	NOT-FOR-US: Android
CVE-2020-0069 (In the ioctl handlers of the Mediatek Command Queue driver, there is a ...)
	NOT-FOR-US: Mediatek components for Android
CVE-2020-0068 (In crus_afe_get_param of msm-cirrus-playback.c, there is a possible ou ...)
	NOT-FOR-US: Android
CVE-2020-0067 (In f2fs_xattr_generic_list of xattr.c, there is a possible out of boun ...)
	- linux 5.5.13-1
	[buster] - linux 4.19.118-1
	[stretch] - linux <ignored> (f2fs is not supportable)
	[jessie] - linux <ignored> (f2fs is not supportable)
	NOTE: https://git.kernel.org/linus/688078e7f36c293dae25b338ddc9e0a2790f6e06
CVE-2020-0066 (In the netlink driver, there is a possible out of bounds write due to  ...)
	- linux 4.2.5-1
	[jessie] - linux 3.16.7-ckt20-1
	NOTE: https://git.kernel.org/linus/db65a3aaf29ecce2e34271d52e8d2336b97bd9fe
CVE-2020-0065 (An improper authorization in the receiver component of the Android Sui ...)
	NOT-FOR-US: Mediatek components for Android
CVE-2020-0064 (An improper authorization while processing the provisioning data.Produ ...)
	NOT-FOR-US: Mediatek components for Android
CVE-2020-0063 (In SurfaceFlinger, it is possible to override UI confirmation screen p ...)
	NOT-FOR-US: Android
CVE-2020-0062 (In Euicc, there is a possible information disclosure due to an include ...)
	NOT-FOR-US: Android
CVE-2020-0061 (In Pixel Recorder, there is a possible permissions bypass allowing arb ...)
	NOT-FOR-US: Android
CVE-2020-0060 (In query of SmsProvider.java and MmsSmsProvider.java, there is a possi ...)
	NOT-FOR-US: Android
CVE-2020-0059 (In btm_ble_batchscan_filter_track_adv_vse_cback of btm_ble_batchscan.c ...)
	NOT-FOR-US: Android
CVE-2020-0058 (In l2c_rcv_acl_data of l2c_main.cc, there is a possible out of bounds  ...)
	NOT-FOR-US: Android
CVE-2020-0057 (In btm_process_inq_results of btm_inq.cc, there is a possible out of b ...)
	NOT-FOR-US: Android
CVE-2020-0056 (In btu_hcif_connection_comp_evt of btu_hcif.cc, there is a possible ou ...)
	NOT-FOR-US: Android
CVE-2020-0055 (In l2c_link_process_num_completed_pkts of l2c_link.cc, there is a poss ...)
	NOT-FOR-US: Android
CVE-2020-0054 (In WifiNetworkSuggestionsManager of WifiNetworkSuggestionsManager.java ...)
	NOT-FOR-US: Android
CVE-2020-0053 (In convertHidlNanDataPathInitiatorRequestToLegacy, and convertHidlNanD ...)
	NOT-FOR-US: Android
CVE-2020-0052 (In smsSelected of AnswerFragment.java, there is a way to send an SMS f ...)
	NOT-FOR-US: Android
CVE-2020-0051 (In onCreate of SettingsHomepageActivity, there is a possible tapjackin ...)
	NOT-FOR-US: Android
CVE-2020-0050 (In nfa_hciu_send_msg of nfa_hci_utils.cc, there is a possible out of b ...)
	NOT-FOR-US: Android
CVE-2020-0049 (In onReadBuffer() of StreamingSource.cpp, there is a possible informat ...)
	NOT-FOR-US: Android media framework
CVE-2020-0048 (In onTransact of IAudioFlinger.cpp, there is a possible stack informat ...)
	NOT-FOR-US: Android media framework
CVE-2020-0047 (In setMasterMute of AudioService.java, there is a missing permission c ...)
	NOT-FOR-US: Android media framework
CVE-2020-0046 (In DrmPlugin::releaseSecureStops of DrmPlugin.cpp, there is a possible ...)
	NOT-FOR-US: Android media framework
CVE-2020-0045 (In StatsService::command of StatsService.cpp, there is possible memory ...)
	NOT-FOR-US: Android
CVE-2020-0044 (In set_nonce of fpc_ta_qc_auth.c, there is a possible out of bounds re ...)
	NOT-FOR-US: FPC components for Android
CVE-2020-0043 (In authorize_enrol of fpc_ta_hw_auth.c, there is a possible out of bou ...)
	NOT-FOR-US: FPC components for Android
CVE-2020-0042 (In fpc_ta_hw_auth_unwrap_key of fpc_ta_hw_auth_qsee.c, there is a poss ...)
	NOT-FOR-US: FPC components for Android
CVE-2020-0041 (In binder_transaction of binder.c, there is a possible out of bounds w ...)
	- linux 5.4.6-1
	[buster] - linux <not-affected> (Vulnerability introduced later)
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	[jessie] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://git.kernel.org/linus/16981742717b04644a41052570fb502682a315d2
CVE-2020-0040
	RESERVED
	NOTE: Duplicate of CVE-2019-15239, will be rejected
CVE-2020-0039 (In rw_i93_sm_update_ndef of rw_i93.cc, there is a possible read of uni ...)
	NOT-FOR-US: Android
CVE-2020-0038 (In rw_i93_sm_update_ndef of rw_i93.cc, there is a possible read of uni ...)
	NOT-FOR-US: Android
CVE-2020-0037 (In rw_i93_sm_set_read_only of rw_i93.cc, there is a possible out of bo ...)
	NOT-FOR-US: Android
CVE-2020-0036 (In hasPermissions of PermissionMonitor.java, there is a possible acces ...)
	NOT-FOR-US: Android
CVE-2020-0035 (In query of TelephonyProvider.java, there is a possible access to SIM  ...)
	NOT-FOR-US: Android
CVE-2020-0034 (In vp8_decode_frame of decodeframe.c, there is a possible out of bound ...)
	{DLA-2829-1 DLA-2136-1}
	- libvpx 1.7.0-3
	NOTE: https://github.com/webmproject/libvpx/commit/45daecb4f73a47ab3236a29a3a48c52324cbf19a
CVE-2020-0033 (In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out  ...)
	NOT-FOR-US: Android media framework
CVE-2020-0032 (In ih264d_release_display_bufs of ih264d_utils.c, there is a possible  ...)
	NOT-FOR-US: Android media framework
CVE-2020-0031 (In triggerAugmentedAutofillLocked and related functions of Session.jav ...)
	NOT-FOR-US: Android
CVE-2020-0030 (In binder_thread_release of binder.c, there is a possible use after fr ...)
	- linux 4.15.11-1
	NOTE: Fixed by: https://git.kernel.org/linus/5eeb2ca02a2f6084fc57ae5c244a38baab07033a
CVE-2020-0029 (In the WifiConfigManager, there is a possible storage of location hist ...)
	NOT-FOR-US: Android
CVE-2020-0028 (In notifyNetworkTested and related functions of NetworkMonitor.java, t ...)
	NOT-FOR-US: Android
CVE-2020-0027 (In HidRawSensor::batch of HidRawSensor.cpp, there is a possible out of ...)
	NOT-FOR-US: Android
CVE-2020-0026 (In Parcel::continueWrite of Parcel.cpp, there is possible memory corru ...)
	NOT-FOR-US: Android
CVE-2020-0025 (In deletePackageVersionedInternal of PackageManagerService.java, there ...)
	NOT-FOR-US: Android
CVE-2020-0024 (In onCreate of SettingsBaseActivity.java, there is a possible unauthor ...)
	NOT-FOR-US: Android
CVE-2020-0023 (In setPhonebookAccessPermission of AdapterService.java, there is a pos ...)
	NOT-FOR-US: Android
CVE-2020-0022 (In reassemble_and_dispatch of packet_fragmenter.cc, there is possible  ...)
	NOT-FOR-US: Android
CVE-2020-0021 (In removeUnusedPackagesLPw of PackageManagerService.java, there is a p ...)
	NOT-FOR-US: Android
CVE-2020-0020 (In getAttributeRange of ExifInterface.java, there is a possible failur ...)
	NOT-FOR-US: Android
CVE-2020-0019 (In the Broadcom Nexus firmware, there is an insecure default password. ...)
	NOT-FOR-US: Broadcom components for Android
CVE-2020-0018 (In MotionEntry::appendDescription of InputDispatcher.cpp, there is a p ...)
	NOT-FOR-US: Android
CVE-2020-0017 (In multiple places, it was possible for the primary user&#8217;s dicti ...)
	NOT-FOR-US: Android
CVE-2020-0016 (In the Broadcom Nexus firmware, there is an insecure default password. ...)
	NOT-FOR-US: Broadcom components for Android
CVE-2020-0015 (In onCreate of CertInstaller.java, there is a possible way to overlay  ...)
	NOT-FOR-US: Android
CVE-2020-0014 (It is possible for a malicious application to construct a TYPE_TOAST w ...)
	NOT-FOR-US: Android
CVE-2020-0013
	RESERVED
CVE-2020-0012 (In fpc_ta_pn_get_unencrypted_image of fpc_ta_pn.c, there is a possible ...)
	NOT-FOR-US: FPC components for Android
CVE-2020-0011 (In get_auth_result of fpc_ta_hw_auth.c, there is a possible out of bou ...)
	NOT-FOR-US: FPC components for Android
CVE-2020-0010 (In fpc_ta_get_build_info of fpc_ta_kpi.c, there is a possible out of b ...)
	NOT-FOR-US: FPC components for Android
CVE-2020-0009 (In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write  ...)
	{DLA-2241-1}
	- linux 5.5.13-1
	[buster] - linux 4.19.118-1
	[stretch] - linux 4.9.228-1
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1949
CVE-2020-0008 (In LowEnergyClient::MtuChangedCallback of low_energy_client.cc, there  ...)
	NOT-FOR-US: Android
CVE-2020-0007 (In flattenString8 of Sensor.cpp, there is a possible information discl ...)
	NOT-FOR-US: Android
CVE-2020-0006 (In rw_i93_send_cmd_write_single_block of rw_i93.cc, there is a possibl ...)
	NOT-FOR-US: Android
CVE-2020-0005 (In btm_read_remote_ext_features_complete of btm_acl.cc, there is a pos ...)
	NOT-FOR-US: Android
CVE-2020-0004 (In generateCrop of WallpaperManagerService.java, there is a possible s ...)
	NOT-FOR-US: Android
CVE-2020-0003 (In onCreate of InstallStart.java, there is a possible package validati ...)
	NOT-FOR-US: Android
CVE-2020-0002 (In ih264d_init_decoder of ih264d_api.c, there is a possible out of bou ...)
	NOT-FOR-US: Android Media Framework
CVE-2020-0001 (In getProcessRecordLocked of ActivityManagerService.java isolated apps ...)
	NOT-FOR-US: Android

© 2014-2024 Faster IT GmbH | imprint | privacy policy