automatic update

1 files changed, 15 insertions, 16 deletions

diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 511527d4b3..1af9fa17f6 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1031,8 +1031,8 @@ CVE-2020-35858 (An issue was discovered in the prost crate before 0.6.1 for Rust
 	NOT-FOR-US: prost rust crate
 CVE-2020-35857 (An issue was discovered in the trust-dns-server crate before 0.18.1 fo ...)
 	NOT-FOR-US: Rust trust-dns-server
-CVE-2020-35856
-	RESERVED
+CVE-2020-35856 (SolarWinds Orion Platform before 2020.2.5 allows stored XSS attacks by ...)
+	TODO: check
 CVE-2020-35855
 	RESERVED
 CVE-2020-35854 (Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Bod ...)
@@ -1829,8 +1829,7 @@ CVE-2020-35519
 	[buster] - linux 4.19.171-1
 	[stretch] - linux 4.9.258-1
 	NOTE: https://www.openwall.com/lists/oss-security/2021/03/17/17
-CVE-2020-35518 [Information disclosure during the binding of a DN]
-	RESERVED
+CVE-2020-35518 (When binding against a DN during authentication, the reply from 389-ds ...)
 	- 389-ds-base 1.4.4.10-1
 	[buster] - 389-ds-base <not-affected> (Vulnerable code introduced later)
 	[stretch] - 389-ds-base <not-affected> (Vulnerable code introduced later)
@@ -1874,8 +1873,7 @@ CVE-2020-35510
 CVE-2020-35509
 	RESERVED
 	NOT-FOR-US: Keycloak
-CVE-2020-35508
-	RESERVED
+CVE-2020-35508 (A flaw possibility of race condition and incorrect initialization of t ...)
 	- linux 5.9.9-1
 	[buster] - linux 4.19.160-1
 	[stretch] - linux 4.9.246-1
@@ -2967,6 +2965,7 @@ CVE-2020-29624
 	RESERVED
 CVE-2020-29623
 	RESERVED
+	{DSA-4877-1}
 	- webkit2gtk 2.30.6-1
 	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
 	- wpewebkit 2.30.6-1
@@ -5135,8 +5134,8 @@ CVE-2020-28697
 	RESERVED
 CVE-2020-28696
 	RESERVED
-CVE-2020-28695
-	RESERVED
+CVE-2020-28695 (Askey Fiber Router RTF3505VW-N1 BR_SV_g000_R3505VWN1001_s32_7 devices  ...)
+	TODO: check
 CVE-2020-28694
 	RESERVED
 CVE-2020-28693 (An unrestricted file upload issue in HorizontCMS 1.0.0-beta allows an  ...)
@@ -6877,6 +6876,7 @@ CVE-2020-27920
 CVE-2020-27919
 	RESERVED
 CVE-2020-27918 (A use after free issue was addressed with improved memory management.  ...)
+	{DSA-4877-1}
 	- webkit2gtk 2.30.6-1
 	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
 	- wpewebkit 2.30.6-1
@@ -7105,8 +7105,7 @@ CVE-2020-27830 [Linux kernel NULL-ptr deref bug in spk_ttyio_receive_buf2]
 	[stretch] - linux <not-affected> (Vulnerability introduced later)
 	NOTE: https://www.openwall.com/lists/oss-security/2020/12/07/1
 	NOTE: https://git.kernel.org/linus/f0992098cadb4c9c6a00703b66cafe604e178fea
-CVE-2020-27829 [heap buffer overflow in coders/tiff.c]
-	RESERVED
+CVE-2020-27829 (A heap based buffer overflow in coders/tiff.c may result in program cr ...)
 	- imagemagick 8:6.9.11.57+dfsg-1
 	[stretch] - imagemagick <not-affected> (vulnerable code was introduced later)
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/6ee5059cd3ac8d82714a1ab1321399b88539abf0
@@ -11766,8 +11765,8 @@ CVE-2020-25842 (The encryption function of NHIServiSignAdapter fail to verify th
 	NOT-FOR-US: NHIServiSignAdapter
 CVE-2020-25841
 	RESERVED
-CVE-2020-25840
-	RESERVED
+CVE-2020-25840 (Cross-Site scripting vulnerability in Micro Focus Access Manager produ ...)
+	TODO: check
 CVE-2020-25839 (NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected b ...)
 	NOT-FOR-US: NetIQ Identity Manager
 CVE-2020-25838 (Unauthorized disclosure of sensitive information vulnerability in Micr ...)
@@ -24859,10 +24858,10 @@ CVE-2020-19628
 	RESERVED
 CVE-2020-19627
 	RESERVED
-CVE-2020-19626
-	RESERVED
-CVE-2020-19625
-	RESERVED
+CVE-2020-19626 (Cross Site Scripting (XSS) vulnerability in craftcms 3.1.31, allows re ...)
+	TODO: check
+CVE-2020-19625 (Remote Code Execution Vulnerability in tests/support/stores/test_grid_ ...)
+	TODO: check
 CVE-2020-19624
 	RESERVED
 CVE-2020-19623