automatic update

1 files changed, 8 insertions, 4 deletions

diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 45543ecd60..1030e75814 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1,3 +1,7 @@
+CVE-2020-36285
+	RESERVED
+CVE-2020-36284
+	RESERVED
 CVE-2020-36283 (HID OMNIKEY 5427 and OMNIKEY 5127 readers are vulnerable to CSRF when  ...)
 	NOT-FOR-US: HID OMNIKEY 5427 and OMNIKEY 5127 readers
 CVE-2020-36282 (JMS Client for RabbitMQ 1.x before 1.15.2 and 2.x before 2.2.0 is vuln ...)
@@ -13905,8 +13909,8 @@ CVE-2020-24997
 CVE-2020-24996 (There is an invalid memory access in the function TextString::~TextStr ...)
 	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=42028
-CVE-2020-24995
-	RESERVED
+CVE-2020-24995 (Buffer overflow vulnerability in sniff_channel_order function in aacde ...)
+	TODO: check
 CVE-2020-24994 (Stack overflow in the parse_tag function in libass/ass_parse.c in liba ...)
 	- libass 1:0.15.0-1
 	[buster] - libass <no-dsa> (Minor issue)
@@ -15239,8 +15243,8 @@ CVE-2020-24392 (In voloko twitter-stream 0.1.10, missing TLS hostname validation
 	[buster] - ruby-twitter-stream <no-dsa> (Minor issue)
 	[stretch] - ruby-twitter-stream <no-dsa> (Minor issue)
 	NOTE: https://securitylab.github.com/advisories/GHSL-2020-097-voloko-twitter-stream
-CVE-2020-24391
-	RESERVED
+CVE-2020-24391 (mongo-express before 1.0.0 offers support for certain advanced syntax  ...)
+	TODO: check
 CVE-2020-24390 (eonweb in EyesOfNetwork before 5.3-7 does not properly escape the user ...)
 	NOT-FOR-US: EyesOfNetwork (EON)
 CVE-2020-24389