[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Wed Jul 15 21:10:36 BST 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9437bec6 by security tracker role at 2020-07-15T20:10:28+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2020-15778
+	RESERVED
 CVE-2020-15777
 	RESERVED
 CVE-2020-15776
@@ -118,12 +120,12 @@ CVE-2020-15720 (In Dogtag PKI through 10.8.3, the pki.client.PKIConnection class
 	NOTE: https://github.com/dogtagpki/pki/commit/50c23ec146ee9abf28c9de87a5f7787d495f0b72
 CVE-2020-15719 (libldap in certain third-party OpenLDAP packages has a certificate-val ...)
 	TODO: check
-CVE-2020-15718
-	RESERVED
-CVE-2020-15717
-	RESERVED
-CVE-2020-15716
-	RESERVED
+CVE-2020-15718 (RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation o ...)
+	TODO: check
+CVE-2020-15717 (RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation o ...)
+	TODO: check
+CVE-2020-15716 (RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation o ...)
+	TODO: check
 CVE-2020-15715
 	RESERVED
 CVE-2020-15714
@@ -154,18 +156,18 @@ CVE-2020-15702
 	RESERVED
 CVE-2020-15701
 	RESERVED
-CVE-2020-15700
-	RESERVED
-CVE-2020-15699
-	RESERVED
-CVE-2020-15698
-	RESERVED
-CVE-2020-15697
-	RESERVED
-CVE-2020-15696
-	RESERVED
-CVE-2020-15695
-	RESERVED
+CVE-2020-15700 (An issue was discovered in Joomla! through 3.9.19. A missing token che ...)
+	TODO: check
+CVE-2020-15699 (An issue was discovered in Joomla! through 3.9.19. Missing validation  ...)
+	TODO: check
+CVE-2020-15698 (An issue was discovered in Joomla! through 3.9.19. Inadequate filterin ...)
+	TODO: check
+CVE-2020-15697 (An issue was discovered in Joomla! through 3.9.19. Internal read-only  ...)
+	TODO: check
+CVE-2020-15696 (An issue was discovered in Joomla! through 3.9.19. Lack of input filte ...)
+	TODO: check
+CVE-2020-15695 (An issue was discovered in Joomla! through 3.9.19. A missing token che ...)
+	TODO: check
 CVE-2020-15694
 	RESERVED
 CVE-2020-15693
@@ -458,8 +460,7 @@ CVE-2020-15573 (SolarWinds Serv-U File Server before 15.2.1 has a "Cross-script
 	NOT-FOR-US: SolarWinds Serv-U File Server
 CVE-2019-20896 (WebChess 1.0 allows SQL injection via the messageFrom, gameID, opponen ...)
 	NOT-FOR-US: WebChess
-CVE-2020-15572 [TROVE-2020-001]
-	RESERVED
+CVE-2020-15572 (Tor before 0.4.3.6 has an out-of-bounds memory access that allows a re ...)
 	- tor 0.4.3.6-1 (unimportant)
 	NOTE: Tor in Debian doesn't use NSS
 	NOTE: https://blog.torproject.org/new-release-tor-03511-0428-0436-security-fixes
@@ -1460,8 +1461,8 @@ CVE-2020-15119
 	RESERVED
 CVE-2020-15118
 	RESERVED
-CVE-2020-15117
-	RESERVED
+CVE-2020-15117 (In Synergy before version 1.12.0, a Synergy server can be crashed by r ...)
+	TODO: check
 CVE-2020-15116
 	RESERVED
 CVE-2020-15115
@@ -2321,481 +2322,421 @@ CVE-2020-14726
 	RESERVED
 CVE-2020-14725
 	RESERVED
-CVE-2020-14724
-	RESERVED
-CVE-2020-14723
-	RESERVED
-CVE-2020-14722
-	RESERVED
-CVE-2020-14721
-	RESERVED
-CVE-2020-14720
-	RESERVED
-CVE-2020-14719
-	RESERVED
-CVE-2020-14718
-	RESERVED
-CVE-2020-14717
-	RESERVED
-CVE-2020-14716
-	RESERVED
-CVE-2020-14715
-	RESERVED
+CVE-2020-14724 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+	TODO: check
+CVE-2020-14723 (Vulnerability in the Oracle Help Technologies product of Oracle Fusion ...)
+	TODO: check
+CVE-2020-14722 (Vulnerability in the Oracle Enterprise Communications Broker product o ...)
+	TODO: check
+CVE-2020-14721 (Vulnerability in the Oracle Enterprise Communications Broker product o ...)
+	TODO: check
+CVE-2020-14720 (Vulnerability in the Oracle Internet Expenses product of Oracle E-Busi ...)
+	TODO: check
+CVE-2020-14719 (Vulnerability in the Oracle Internet Expenses product of Oracle E-Busi ...)
+	TODO: check
+CVE-2020-14718 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
+	TODO: check
+CVE-2020-14717 (Vulnerability in the Oracle Common Applications product of Oracle E-Bu ...)
+	TODO: check
+CVE-2020-14716 (Vulnerability in the Oracle Common Applications product of Oracle E-Bu ...)
+	TODO: check
+CVE-2020-14715 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14714
-	RESERVED
+CVE-2020-14714 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14713
-	RESERVED
+CVE-2020-14713 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14712
-	RESERVED
+CVE-2020-14712 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14711
-	RESERVED
+CVE-2020-14711 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox <not-affected> (MacOS-specific)
-CVE-2020-14710
-	RESERVED
-CVE-2020-14709
-	RESERVED
-CVE-2020-14708
-	RESERVED
-CVE-2020-14707
-	RESERVED
+CVE-2020-14710 (Vulnerability in the Customer Management and Segmentation Foundation p ...)
+	TODO: check
+CVE-2020-14709 (Vulnerability in the Customer Management and Segmentation Foundation p ...)
+	TODO: check
+CVE-2020-14708 (Vulnerability in the Customer Management and Segmentation Foundation p ...)
+	TODO: check
+CVE-2020-14707 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14706
-	RESERVED
-CVE-2020-14705
-	RESERVED
-CVE-2020-14704
-	RESERVED
+CVE-2020-14706 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
+	TODO: check
+CVE-2020-14705 (Vulnerability in the Oracle GoldenGate product of Oracle GoldenGate (c ...)
+	TODO: check
+CVE-2020-14704 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14703
-	RESERVED
+CVE-2020-14703 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14702
-	RESERVED
+CVE-2020-14702 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14701
-	RESERVED
-CVE-2020-14700
-	RESERVED
+CVE-2020-14701 (Vulnerability in the Oracle SD-WAN Aware product of Oracle Communicati ...)
+	TODO: check
+CVE-2020-14700 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14699
-	RESERVED
+CVE-2020-14699 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14698
-	RESERVED
+CVE-2020-14698 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14697
-	RESERVED
+CVE-2020-14697 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14696
-	RESERVED
-CVE-2020-14695
-	RESERVED
+CVE-2020-14696 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
+	TODO: check
+CVE-2020-14695 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14694
-	RESERVED
+CVE-2020-14694 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14693
-	RESERVED
-CVE-2020-14692
-	RESERVED
-CVE-2020-14691
-	RESERVED
-CVE-2020-14690
-	RESERVED
+CVE-2020-14693 (Vulnerability in the Oracle Insurance Accounting Analyzer product of O ...)
+	TODO: check
+CVE-2020-14692 (Vulnerability in the Oracle Financial Services Loan Loss Forecasting a ...)
+	TODO: check
+CVE-2020-14691 (Vulnerability in the Oracle Financial Services Liquidity Risk Manageme ...)
+	TODO: check
+CVE-2020-14690 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+	TODO: check
 CVE-2020-14689
 	RESERVED
-CVE-2020-14688
-	RESERVED
-CVE-2020-14687
-	RESERVED
-CVE-2020-14686
-	RESERVED
-CVE-2020-14685
-	RESERVED
-CVE-2020-14684
-	RESERVED
+CVE-2020-14688 (Vulnerability in the Oracle Common Applications product of Oracle E-Bu ...)
+	TODO: check
+CVE-2020-14687 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2020-14686 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
+	TODO: check
+CVE-2020-14685 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
+	TODO: check
+CVE-2020-14684 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
+	TODO: check
 CVE-2020-14683
 	RESERVED
-CVE-2020-14682
-	RESERVED
-CVE-2020-14681
-	RESERVED
-CVE-2020-14680
-	RESERVED
+CVE-2020-14682 (Vulnerability in the Oracle Depot Repair product of Oracle E-Business  ...)
+	TODO: check
+CVE-2020-14681 (Vulnerability in the Oracle E-Business Intelligence product of Oracle  ...)
+	TODO: check
+CVE-2020-14680 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14679
-	RESERVED
-CVE-2020-14678
-	RESERVED
+CVE-2020-14679 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+	TODO: check
+CVE-2020-14678 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14677
-	RESERVED
+CVE-2020-14677 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14676
-	RESERVED
+CVE-2020-14676 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14675
-	RESERVED
+CVE-2020-14675 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14674
-	RESERVED
+CVE-2020-14674 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14673
-	RESERVED
+CVE-2020-14673 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
 CVE-2020-14672
 	RESERVED
-CVE-2020-14671
-	RESERVED
-CVE-2020-14670
-	RESERVED
-CVE-2020-14669
-	RESERVED
-CVE-2020-14668
-	RESERVED
-CVE-2020-14667
-	RESERVED
-CVE-2020-14666
-	RESERVED
-CVE-2020-14665
-	RESERVED
-CVE-2020-14664
-	RESERVED
+CVE-2020-14671 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
+	TODO: check
+CVE-2020-14670 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
+	TODO: check
+CVE-2020-14669 (Vulnerability in the Oracle Configurator product of Oracle Supply Chai ...)
+	TODO: check
+CVE-2020-14668 (Vulnerability in the Oracle E-Business Intelligence product of Oracle  ...)
+	TODO: check
+CVE-2020-14667 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+	TODO: check
+CVE-2020-14666 (Vulnerability in the Oracle Email Center product of Oracle E-Business  ...)
+	TODO: check
+CVE-2020-14665 (Vulnerability in the Oracle Trade Management product of Oracle E-Busin ...)
+	TODO: check
+CVE-2020-14664 (Vulnerability in the Java SE product of Oracle Java SE (component: Jav ...)
 	- openjfx 11+26-1
 	NOTE: Oracle CPU lists only 8.x as affected, so marking the first 11.x upload as fixed
-CVE-2020-14663
-	RESERVED
+CVE-2020-14663 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14662
-	RESERVED
-CVE-2020-14661
-	RESERVED
-CVE-2020-14660
-	RESERVED
-CVE-2020-14659
-	RESERVED
-CVE-2020-14658
-	RESERVED
-CVE-2020-14657
-	RESERVED
-CVE-2020-14656
-	RESERVED
+CVE-2020-14662 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
+	TODO: check
+CVE-2020-14661 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+	TODO: check
+CVE-2020-14660 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+	TODO: check
+CVE-2020-14659 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+	TODO: check
+CVE-2020-14658 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+	TODO: check
+CVE-2020-14657 (Vulnerability in the Oracle CRM Technical Foundation product of Oracle ...)
+	TODO: check
+CVE-2020-14656 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14655
-	RESERVED
-CVE-2020-14654
-	RESERVED
+CVE-2020-14655 (Vulnerability in the Oracle Security Service product of Oracle Fusion  ...)
+	TODO: check
+CVE-2020-14654 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14653
-	RESERVED
-CVE-2020-14652
-	RESERVED
-CVE-2020-14651
-	RESERVED
+CVE-2020-14653 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
+	TODO: check
+CVE-2020-14652 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2020-14651 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14650
-	RESERVED
+CVE-2020-14650 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14649
-	RESERVED
+CVE-2020-14649 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14648
-	RESERVED
+CVE-2020-14648 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14647
-	RESERVED
+CVE-2020-14647 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14646
-	RESERVED
+CVE-2020-14646 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14645
-	RESERVED
-CVE-2020-14644
-	RESERVED
-CVE-2020-14643
-	RESERVED
+CVE-2020-14645 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2020-14644 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2020-14643 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14642
-	RESERVED
-CVE-2020-14641
-	RESERVED
+CVE-2020-14642 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
+	TODO: check
+CVE-2020-14641 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14640
-	RESERVED
-CVE-2020-14639
-	RESERVED
-CVE-2020-14638
-	RESERVED
-CVE-2020-14637
-	RESERVED
-CVE-2020-14636
-	RESERVED
-CVE-2020-14635
-	RESERVED
-CVE-2020-14634
-	RESERVED
+CVE-2020-14640 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2020-14639 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2020-14638 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2020-14637 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2020-14636 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2020-14635 (Vulnerability in the Oracle Application Object Library product of Orac ...)
+	TODO: check
+CVE-2020-14634 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14633
-	RESERVED
+CVE-2020-14633 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14632
-	RESERVED
+CVE-2020-14632 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14631
-	RESERVED
+CVE-2020-14631 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14630
-	RESERVED
-CVE-2020-14629
-	RESERVED
+CVE-2020-14630 (Vulnerability in the Oracle Enterprise Session Border Controller produ ...)
+	TODO: check
+CVE-2020-14629 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14628
-	RESERVED
+CVE-2020-14628 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox 6.1.12-dfsg-1
-CVE-2020-14627
-	RESERVED
-CVE-2020-14626
-	RESERVED
-CVE-2020-14625
-	RESERVED
-CVE-2020-14624
-	RESERVED
+CVE-2020-14627 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+	TODO: check
+CVE-2020-14626 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+	TODO: check
+CVE-2020-14625 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2020-14624 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14623
-	RESERVED
+CVE-2020-14623 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14622
-	RESERVED
-CVE-2020-14621
-	RESERVED
+CVE-2020-14622 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2020-14621 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-14 <unfixed>
 	- openjdk-11 <unfixed>
 	- openjdk-8 <unfixed>
-CVE-2020-14620
-	RESERVED
+CVE-2020-14620 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14619
-	RESERVED
+CVE-2020-14619 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14618
-	RESERVED
-CVE-2020-14617
-	RESERVED
-CVE-2020-14616
-	RESERVED
-CVE-2020-14615
-	RESERVED
-CVE-2020-14614
-	RESERVED
+CVE-2020-14618 (Vulnerability in the Primavera Unifier product of Oracle Construction  ...)
+	TODO: check
+CVE-2020-14617 (Vulnerability in the Primavera Unifier product of Oracle Construction  ...)
+	TODO: check
+CVE-2020-14616 (Vulnerability in the Oracle Hospitality Reporting and Analytics produc ...)
+	TODO: check
+CVE-2020-14615 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
+	TODO: check
+CVE-2020-14614 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14613
-	RESERVED
-CVE-2020-14612
-	RESERVED
-CVE-2020-14611
-	RESERVED
-CVE-2020-14610
-	RESERVED
-CVE-2020-14609
-	RESERVED
-CVE-2020-14608
-	RESERVED
-CVE-2020-14607
-	RESERVED
-CVE-2020-14606
-	RESERVED
-CVE-2020-14605
-	RESERVED
-CVE-2020-14604
-	RESERVED
-CVE-2020-14603
-	RESERVED
-CVE-2020-14602
-	RESERVED
-CVE-2020-14601
-	RESERVED
-CVE-2020-14600
-	RESERVED
-CVE-2020-14599
-	RESERVED
-CVE-2020-14598
-	RESERVED
-CVE-2020-14597
-	RESERVED
+CVE-2020-14613 (Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion M ...)
+	TODO: check
+CVE-2020-14612 (Vulnerability in the PeopleSoft Enterprise HRMS product of Oracle Peop ...)
+	TODO: check
+CVE-2020-14611 (Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion  ...)
+	TODO: check
+CVE-2020-14610 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
+	TODO: check
+CVE-2020-14609 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+	TODO: check
+CVE-2020-14608 (Vulnerability in the Oracle Fusion Middleware MapViewer product of Ora ...)
+	TODO: check
+CVE-2020-14607 (Vulnerability in the Oracle Fusion Middleware MapViewer product of Ora ...)
+	TODO: check
+CVE-2020-14606 (Vulnerability in the Oracle SD-WAN Edge product of Oracle Communicatio ...)
+	TODO: check
+CVE-2020-14605 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
+	TODO: check
+CVE-2020-14604 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
+	TODO: check
+CVE-2020-14603 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
+	TODO: check
+CVE-2020-14602 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
+	TODO: check
+CVE-2020-14601 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
+	TODO: check
+CVE-2020-14600 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+	TODO: check
+CVE-2020-14599 (Vulnerability in the Oracle CRM Gateway for Mobile Devices product of  ...)
+	TODO: check
+CVE-2020-14598 (Vulnerability in the Oracle CRM Gateway for Mobile Devices product of  ...)
+	TODO: check
+CVE-2020-14597 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14596
-	RESERVED
-CVE-2020-14595
-	RESERVED
-CVE-2020-14594
-	RESERVED
-CVE-2020-14593
-	RESERVED
+CVE-2020-14596 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite  ...)
+	TODO: check
+CVE-2020-14595 (Vulnerability in the Oracle iLearning product of Oracle iLearning (com ...)
+	TODO: check
+CVE-2020-14594 (Vulnerability in the Oracle Hospitality Reporting and Analytics produc ...)
+	TODO: check
+CVE-2020-14593 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-14 <unfixed>
 	- openjdk-11 <unfixed>
 	- openjdk-8 <unfixed>
-CVE-2020-14592
-	RESERVED
-CVE-2020-14591
-	RESERVED
+CVE-2020-14592 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+	TODO: check
+CVE-2020-14591 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14590
-	RESERVED
-CVE-2020-14589
-	RESERVED
-CVE-2020-14588
-	RESERVED
-CVE-2020-14587
-	RESERVED
-CVE-2020-14586
-	RESERVED
+CVE-2020-14590 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
+	TODO: check
+CVE-2020-14589 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2020-14588 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2020-14587 (Vulnerability in the PeopleSoft Enterprise FIN Expenses product of Ora ...)
+	TODO: check
+CVE-2020-14586 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14585
-	RESERVED
-CVE-2020-14584
-	RESERVED
-CVE-2020-14583
-	RESERVED
+CVE-2020-14585 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
+	TODO: check
+CVE-2020-14584 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
+	TODO: check
+CVE-2020-14583 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-14 <unfixed>
 	- openjdk-11 <unfixed>
 	- openjdk-8 <unfixed>
-CVE-2020-14582
-	RESERVED
-CVE-2020-14581
-	RESERVED
+CVE-2020-14582 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite  ...)
+	TODO: check
+CVE-2020-14581 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-14 <unfixed>
 	- openjdk-11 <unfixed>
 	- openjdk-8 <unfixed>
-CVE-2020-14580
-	RESERVED
-CVE-2020-14579
-	RESERVED
+CVE-2020-14580 (Vulnerability in the Oracle Communications Session Border Controller p ...)
+	TODO: check
+CVE-2020-14579 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-14 <unfixed>
 	- openjdk-11 <unfixed>
 	- openjdk-8 <unfixed>
-CVE-2020-14578
-	RESERVED
+CVE-2020-14578 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-14 <unfixed>
 	- openjdk-11 <unfixed>
 	- openjdk-8 <unfixed>
-CVE-2020-14577
-	RESERVED
+CVE-2020-14577 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-14 <unfixed>
 	- openjdk-11 <unfixed>
 	- openjdk-8 <unfixed>
-CVE-2020-14576
-	RESERVED
-CVE-2020-14575
-	RESERVED
+CVE-2020-14576 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
+	TODO: check
+CVE-2020-14575 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14574
-	RESERVED
-CVE-2020-14573
-	RESERVED
+CVE-2020-14574 (Vulnerability in the Oracle Communications Interactive Session Recorde ...)
+	TODO: check
+CVE-2020-14573 (Vulnerability in the Java SE product of Oracle Java SE (component: Hot ...)
 	- openjdk-14 <unfixed>
 	- openjdk-11 <unfixed>
-CVE-2020-14572
-	RESERVED
-CVE-2020-14571
-	RESERVED
-CVE-2020-14570
-	RESERVED
-CVE-2020-14569
-	RESERVED
-CVE-2020-14568
-	RESERVED
+CVE-2020-14572 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2020-14571 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
+	TODO: check
+CVE-2020-14570 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
+	TODO: check
+CVE-2020-14569 (Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Ora ...)
+	TODO: check
+CVE-2020-14568 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
-CVE-2020-14567
-	RESERVED
-CVE-2020-14566
-	RESERVED
-CVE-2020-14565
-	RESERVED
-CVE-2020-14564
-	RESERVED
-CVE-2020-14563
-	RESERVED
-CVE-2020-14562
-	RESERVED
+CVE-2020-14567 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
+	TODO: check
+CVE-2020-14566 (Vulnerability in the Primavera Portfolio Management product of Oracle  ...)
+	TODO: check
+CVE-2020-14565 (Vulnerability in the Oracle Unified Directory product of Oracle Fusion ...)
+	TODO: check
+CVE-2020-14564 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+	TODO: check
+CVE-2020-14563 (Vulnerability in the Oracle Enterprise Communications Broker product o ...)
+	TODO: check
+CVE-2020-14562 (Vulnerability in the Java SE product of Oracle Java SE (component: Ima ...)
 	- openjdk-14 <unfixed>
 	- openjdk-11 <unfixed>
-CVE-2020-14561
-	RESERVED
-CVE-2020-14560
-	RESERVED
-CVE-2020-14559
-	RESERVED
-CVE-2020-14558
-	RESERVED
-CVE-2020-14557
-	RESERVED
-CVE-2020-14556
-	RESERVED
+CVE-2020-14561 (Vulnerability in the Oracle Hospitality Reporting and Analytics produc ...)
+	TODO: check
+CVE-2020-14560 (Vulnerability in the Oracle Hyperion BI+ product of Oracle Hyperion (c ...)
+	TODO: check
+CVE-2020-14559 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
+	TODO: check
+CVE-2020-14558 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
+	TODO: check
+CVE-2020-14557 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2020-14556 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	- openjdk-14 <unfixed>
 	- openjdk-11 <unfixed>
 	- openjdk-8 <unfixed>
-CVE-2020-14555
-	RESERVED
-CVE-2020-14554
-	RESERVED
-CVE-2020-14553
-	RESERVED
-CVE-2020-14552
-	RESERVED
-CVE-2020-14551
-	RESERVED
-CVE-2020-14550
-	RESERVED
-CVE-2020-14549
-	RESERVED
-CVE-2020-14548
-	RESERVED
-CVE-2020-14547
-	RESERVED
-CVE-2020-14546
-	RESERVED
-CVE-2020-14545
-	RESERVED
-CVE-2020-14544
-	RESERVED
-CVE-2020-14543
-	RESERVED
-CVE-2020-14542
-	RESERVED
-CVE-2020-14541
-	RESERVED
-CVE-2020-14540
-	RESERVED
-CVE-2020-14539
-	RESERVED
+CVE-2020-14555 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
+	TODO: check
+CVE-2020-14554 (Vulnerability in the Oracle Application Object Library product of Orac ...)
+	TODO: check
+CVE-2020-14553 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
+	TODO: check
+CVE-2020-14552 (Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion  ...)
+	TODO: check
+CVE-2020-14551 (Vulnerability in the Oracle AutoVue product of Oracle Supply Chain (co ...)
+	TODO: check
+CVE-2020-14550 (Vulnerability in the MySQL Client product of Oracle MySQL (component:  ...)
+	TODO: check
+CVE-2020-14549 (Vulnerability in the Primavera Portfolio Management product of Oracle  ...)
+	TODO: check
+CVE-2020-14548 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
+	TODO: check
+CVE-2020-14547 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
+	TODO: check
+CVE-2020-14546 (Vulnerability in the Hyperion Financial Close Management product of Or ...)
+	TODO: check
+CVE-2020-14545 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+	TODO: check
+CVE-2020-14544 (Vulnerability in the Oracle Transportation Management product of Oracl ...)
+	TODO: check
+CVE-2020-14543 (Vulnerability in the Oracle Hospitality Reporting and Analytics produc ...)
+	TODO: check
+CVE-2020-14542 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+	TODO: check
+CVE-2020-14541 (Vulnerability in the Hyperion Financial Close Management product of Or ...)
+	TODO: check
+CVE-2020-14540 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
+	TODO: check
+CVE-2020-14539 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
+	TODO: check
 CVE-2020-14538
 	RESERVED
-CVE-2020-14537
-	RESERVED
-CVE-2020-14536
-	RESERVED
-CVE-2020-14535
-	RESERVED
-CVE-2020-14534
-	RESERVED
-CVE-2020-14533
-	RESERVED
-CVE-2020-14532
-	RESERVED
-CVE-2020-14531
-	RESERVED
-CVE-2020-14530
-	RESERVED
-CVE-2020-14529
-	RESERVED
-CVE-2020-14528
-	RESERVED
-CVE-2020-14527
-	RESERVED
+CVE-2020-14537 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
+	TODO: check
+CVE-2020-14536 (Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce E ...)
+	TODO: check
+CVE-2020-14535 (Vulnerability in the Oracle Commerce Service Center product of Oracle  ...)
+	TODO: check
+CVE-2020-14534 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
+	TODO: check
+CVE-2020-14533 (Vulnerability in the Oracle Commerce Platform product of Oracle Commer ...)
+	TODO: check
+CVE-2020-14532 (Vulnerability in the Oracle Commerce Platform product of Oracle Commer ...)
+	TODO: check
+CVE-2020-14531 (Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM  ...)
+	TODO: check
+CVE-2020-14530 (Vulnerability in the Oracle Security Service product of Oracle Fusion  ...)
+	TODO: check
+CVE-2020-14529 (Vulnerability in the Primavera Portfolio Management product of Oracle  ...)
+	TODO: check
+CVE-2020-14528 (Vulnerability in the Primavera Portfolio Management product of Oracle  ...)
+	TODO: check
+CVE-2020-14527 (Vulnerability in the Primavera Portfolio Management product of Oracle  ...)
+	TODO: check
 CVE-2020-14526
 	RESERVED
 CVE-2020-14525
@@ -2826,8 +2767,8 @@ CVE-2020-14513
 	RESERVED
 CVE-2020-14512
 	RESERVED
-CVE-2020-14511
-	RESERVED
+CVE-2020-14511 (Malicious operation of the crafted web browser cookie may cause a stac ...)
+	TODO: check
 CVE-2020-14510
 	RESERVED
 CVE-2020-14509
@@ -3301,6 +3242,7 @@ CVE-2020-14424
 CVE-2020-14423 (Convos before 4.20 does not properly generate a random secret in Core/ ...)
 	NOT-FOR-US: Convos
 CVE-2020-14422 (Lib/ipaddress.py in Python through 3.8.3 improperly computes hash valu ...)
+	{DLA-2280-1}
 	- python3.8 3.8.4~rc1-1
 	- python3.7 <removed>
 	[buster] - python3.7 <no-dsa> (Minor issue)
@@ -4566,8 +4508,7 @@ CVE-2020-13925 (Similar to CVE-2020-1956, Kylin has one more restful API which c
 	NOT-FOR-US: Apache Kylin (different from Kylin desktop environment)
 CVE-2020-13924
 	RESERVED
-CVE-2020-13923
-	RESERVED
+CVE-2020-13923 (IDOR vulnerability in the order processing feature from ecommerce comp ...)
 	NOT-FOR-US: Apache OFBiz
 CVE-2020-13922
 	RESERVED
@@ -7149,8 +7090,8 @@ CVE-2020-12856 (OpenTrace, as used in COVIDSafe through v1.0.17, TraceTogether,
 	NOT-FOR-US: COVIDSafe
 CVE-2020-12855
 	RESERVED
-CVE-2020-12854
-	RESERVED
+CVE-2020-12854 (A remote code execution vulnerability was identified in SecZetta NEPro ...)
+	TODO: check
 CVE-2020-12853 (Pydio Cells 2.0.4 allows XSS. A malicious user can either upload or cr ...)
 	NOT-FOR-US: Pydio Cells
 CVE-2020-12852 (The update feature for Pydio Cells 2.0.4 allows an administrator user  ...)
@@ -17023,8 +16964,7 @@ CVE-2020-9498 (Apache Guacamole 1.1.0 and older may mishandle pointers involved
 CVE-2020-9497 (Apache Guacamole 1.1.0 and older do not properly validate datareceived ...)
 	- guacamole-client <unfixed> (bug #964195)
 	NOTE: https://www.openwall.com/lists/oss-security/2020/07/02/2
-CVE-2020-9496
-	RESERVED
+CVE-2020-9496 (XML-RPC request are vulnerable to unsafe deserialization and Cross-Sit ...)
 	NOT-FOR-US: Apache OFBiz
 CVE-2020-9495 (Apache Archiva login service before 2.2.5 is vulnerable to LDAP inject ...)
 	NOT-FOR-US: Apache Archiva
@@ -19477,6 +19417,7 @@ CVE-2020-8494 (In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x ver
 CVE-2020-8493 (A stored XSS vulnerability in Kronos Web Time and Attendance (webTA) a ...)
 	NOT-FOR-US: Kronos Web Time and Attendance (webTA)
 CVE-2020-8492 (Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7  ...)
+	{DLA-2280-1}
 	- python3.8 3.8.3~rc1-1
 	- python3.7 <removed>
 	[buster] - python3.7 <no-dsa> (Minor issue)
@@ -20106,8 +20047,8 @@ CVE-2020-8205
 	RESERVED
 CVE-2020-8204
 	RESERVED
-CVE-2020-8203
-	RESERVED
+CVE-2020-8203 (Prototype pollution attack when using _.zipObjectDeep in lodash <=  ...)
+	TODO: check
 CVE-2020-8202
 	RESERVED
 CVE-2020-8201
@@ -20160,8 +20101,8 @@ CVE-2020-8180 (A too lax check in Nextcloud Talk 6.0.4, 7.0.2 and 8.0.7 allowed
 	NOT-FOR-US: Nextcloud Talk
 CVE-2020-8179 (Improper access control in Nextcloud Deck 1.0.0 allowed an attacker to ...)
 	NOT-FOR-US: Nextcloud Deck
-CVE-2020-8178
-	RESERVED
+CVE-2020-8178 (Insufficient input validation in npm package `jison` <= 0.4.18 may  ...)
+	TODO: check
 CVE-2020-8177
 	RESERVED
 	- curl <unfixed>
@@ -22298,8 +22239,8 @@ CVE-2020-7294
 	RESERVED
 CVE-2020-7293
 	RESERVED
-CVE-2020-7292
-	RESERVED
+CVE-2020-7292 (Inappropriate Encoding for output context in McAfee Web Gateway (MWG)  ...)
+	TODO: check
 CVE-2020-7291 (Privilege Escalation vulnerability in McAfee Active Response (MAR) for ...)
 	NOT-FOR-US: McAfee
 CVE-2020-7290 (Privilege Escalation vulnerability in McAfee Active Response (MAR) for ...)
@@ -26181,8 +26122,8 @@ CVE-2020-5767
 	RESERVED
 CVE-2020-5766 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	NOT-FOR-US: Wordpress plugin
-CVE-2020-5765
-	RESERVED
+CVE-2020-5765 (Nessus 8.10.0 and earlier were found to contain a Stored XSS vulnerabi ...)
+	TODO: check
 CVE-2020-5764 (MX Player Android App versions prior to v1.24.5, are vulnerable to a d ...)
 	NOT-FOR-US: MX Player Android App
 CVE-2020-5763
@@ -30192,8 +30133,8 @@ CVE-2020-4102
 	RESERVED
 CVE-2020-4101 ("HCL Digital Experience is susceptible to Server Side Request Forgery. ...)
 	NOT-FOR-US: HCL Digital Experience
-CVE-2020-4100
-	RESERVED
+CVE-2020-4100 ("HCL Verse for Android was found to employ dynamic code loading. This  ...)
+	TODO: check
 CVE-2020-4099
 	RESERVED
 CVE-2020-4098
@@ -33764,44 +33705,44 @@ CVE-2020-2986
 	RESERVED
 CVE-2020-2985
 	RESERVED
-CVE-2020-2984
-	RESERVED
-CVE-2020-2983
-	RESERVED
-CVE-2020-2982
-	RESERVED
-CVE-2020-2981
-	RESERVED
+CVE-2020-2984 (Vulnerability in the Oracle Configuration Manager product of Oracle En ...)
+	TODO: check
+CVE-2020-2983 (Vulnerability in the Oracle Data Masking and Subsetting product of Ora ...)
+	TODO: check
+CVE-2020-2982 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
+	TODO: check
+CVE-2020-2981 (Vulnerability in the Data Store component of Oracle Berkeley DB. The s ...)
+	TODO: check
 CVE-2020-2980
 	RESERVED
 CVE-2020-2979
 	RESERVED
-CVE-2020-2978
-	RESERVED
-CVE-2020-2977
-	RESERVED
-CVE-2020-2976
-	RESERVED
-CVE-2020-2975
-	RESERVED
-CVE-2020-2974
-	RESERVED
-CVE-2020-2973
-	RESERVED
-CVE-2020-2972
-	RESERVED
-CVE-2020-2971
-	RESERVED
+CVE-2020-2978 (Vulnerability in the Oracle Database - Enterprise Edition component of ...)
+	TODO: check
+CVE-2020-2977 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
+	TODO: check
+CVE-2020-2976 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
+	TODO: check
+CVE-2020-2975 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
+	TODO: check
+CVE-2020-2974 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
+	TODO: check
+CVE-2020-2973 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
+	TODO: check
+CVE-2020-2972 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
+	TODO: check
+CVE-2020-2971 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
+	TODO: check
 CVE-2020-2970
 	RESERVED
-CVE-2020-2969
-	RESERVED
-CVE-2020-2968
-	RESERVED
-CVE-2020-2967
-	RESERVED
-CVE-2020-2966
-	RESERVED
+CVE-2020-2969 (Vulnerability in the Data Pump component of Oracle Database Server. Su ...)
+	TODO: check
+CVE-2020-2968 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
+	TODO: check
+CVE-2020-2967 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
+CVE-2020-2966 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
 CVE-2020-2965
 	RESERVED
 CVE-2020-2964 (Vulnerability in the Oracle Financial Services Data Foundation product ...)
@@ -34803,8 +34744,8 @@ CVE-2020-2564 (Vulnerability in the Siebel UI Framework product of Oracle Siebel
 	NOT-FOR-US: Oracle
 CVE-2020-2563 (Vulnerability in the Hyperion Financial Close Management product of Or ...)
 	NOT-FOR-US: Oracle
-CVE-2020-2562
-	RESERVED
+CVE-2020-2562 (Vulnerability in the Primavera Portfolio Management product of Oracle  ...)
+	TODO: check
 CVE-2020-2561 (Vulnerability in the PeopleSoft Enterprise HCM Human Resources product ...)
 	NOT-FOR-US: Oracle
 CVE-2020-2560 (Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM  ...)
@@ -34901,8 +34842,8 @@ CVE-2020-2515 (Vulnerability in the Database Gateway for ODBC component of Oracl
 	NOT-FOR-US: Oracle
 CVE-2020-2514 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
 	NOT-FOR-US: Oracle
-CVE-2020-2513
-	RESERVED
+CVE-2020-2513 (Vulnerability in the Oracle Application Express component of Oracle Da ...)
+	TODO: check
 CVE-2020-2512 (Vulnerability in the Database Gateway for ODBC component of Oracle Dat ...)
 	NOT-FOR-US: Oracle
 CVE-2020-2511 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
@@ -35799,32 +35740,23 @@ CVE-2020-2230
 	RESERVED
 CVE-2020-2229
 	RESERVED
-CVE-2020-2228
-	RESERVED
+CVE-2020-2228 (Jenkins Gitlab Authentication Plugin 1.5 and earlier does not perform  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2020-2227
-	RESERVED
+CVE-2020-2227 (Jenkins Deployer Framework Plugin 1.2 and earlier does not escape the  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2020-2226
-	RESERVED
+CVE-2020-2226 (Jenkins Matrix Authorization Strategy Plugin 2.6.1 and earlier does no ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2020-2225
-	RESERVED
+CVE-2020-2225 (Jenkins Matrix Project Plugin 1.16 and earlier does not escape the axi ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2020-2224
-	RESERVED
+CVE-2020-2224 (Jenkins Matrix Project Plugin 1.16 and earlier does not escape the nod ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2020-2223
-	RESERVED
+CVE-2020-2223 (Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape cor ...)
 	NOT-FOR-US: Jenkins
-CVE-2020-2222
-	RESERVED
+CVE-2020-2222 (Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the ...)
 	NOT-FOR-US: Jenkins
-CVE-2020-2221
-	RESERVED
+CVE-2020-2221 (Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the ...)
 	NOT-FOR-US: Jenkins
-CVE-2020-2220
-	RESERVED
+CVE-2020-2220 (Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the ...)
 	NOT-FOR-US: Jenkins
 CVE-2020-2219 (Jenkins Link Column Plugin 1.0 and earlier does not filter URLs of lin ...)
 	NOT-FOR-US: Jenkins plugin
@@ -37901,8 +37833,8 @@ CVE-2019-19328 (ui/editor/tooltip/Rdf.js in Wikibase Wikidata Query Service GUI
 	NOT-FOR-US: Wikibase Wikidata Query Service GUI
 CVE-2019-19327 (ui/ResultView.js in Wikibase Wikidata Query Service GUI before 0.3.6-S ...)
 	NOT-FOR-US: Wikibase Wikidata Query Service GUI
-CVE-2019-19326
-	RESERVED
+CVE-2019-19326 (SilverStripe through 4.4.4 allows Web Cache Poisoning through HTTPRequ ...)
+	TODO: check
 CVE-2019-19325 (SilverStripe through 4.4.x before 4.4.5 and 4.5.x before 4.5.2 allows  ...)
 	NOT-FOR-US: SilverStripe
 CVE-2019-19324 (Xmidt cjwt through 1.0.1 before 2019-11-25 maps unsupported algorithms ...)
@@ -42918,6 +42850,7 @@ CVE-2019-18350 (In Ant Design Pro 4.0.0, reflected XSS in the user/login redirec
 CVE-2019-18349 (HotkeyP through 4.9 r96 allows privilege escalation in the privilege f ...)
 	NOT-FOR-US: HotkeyP
 CVE-2019-18348 (An issue was discovered in urllib2 in Python 2.x through 2.7.17 and ur ...)
+	{DLA-2280-1}
 	- python3.8 3.8.3~rc1-1 (unimportant)
 	- python3.7 <removed> (unimportant)
 	- python3.5 <removed> (unimportant)
@@ -45456,8 +45389,8 @@ CVE-2019-17639
 	RESERVED
 CVE-2019-17638 (In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in ca ...)
 	TODO: check
-CVE-2019-17637
-	RESERVED
+CVE-2019-17637 (In all versions of Eclipse Web Tools Platform through release 3.18 (20 ...)
+	TODO: check
 CVE-2019-17636 (In Eclipse Theia versions 0.3.9 through 0.15.0, one of the default pre ...)
 	NOT-FOR-US: Eclipse Theia
 CVE-2019-17635 (Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a dese ...)
@@ -47521,6 +47454,7 @@ CVE-2019-16937
 CVE-2019-16936
 	RESERVED
 CVE-2019-16935 (The documentation XML-RPC server in Python through 2.7.16, 3.x through ...)
+	{DLA-2280-1}
 	- python3.8 3.8.0~rc1-1
 	- python3.7 3.7.5~rc1-1
 	[buster] - python3.7 3.7.3-2+deb10u1
@@ -50095,7 +50029,7 @@ CVE-2019-16058 (An issue was discovered in the pam_p11 component 0.2.0 and 0.3.0
 CVE-2019-16057 (The login_mgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnera ...)
 	NOT-FOR-US: D-Link
 CVE-2019-16056 (An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3 ...)
-	{DLA-1925-1 DLA-1924-1}
+	{DLA-2280-1 DLA-1925-1 DLA-1924-1}
 	- python3.8 3.8.0~b4-1
 	- python3.7 3.7.4-4
 	[buster] - python3.7 3.7.3-2+deb10u1
@@ -59292,7 +59226,7 @@ CVE-2019-13578 (A SQL injection vulnerability exists in the Impress GiveWP Give
 CVE-2019-13577 (SnmpAdm.exe in MAPLE WBT SNMP Administrator v2.0.195.15 has an Unauthe ...)
 	NOT-FOR-US: SnmpAdm.exe in MAPLE WBT SNMP Administrator
 CVE-2018-20852 (http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py ...)
-	{DLA-1906-1 DLA-1889-1}
+	{DLA-2280-1 DLA-1906-1 DLA-1889-1}
 	- python3.7 3.7.3~rc1-1
 	- python3.5 <removed>
 	- python3.4 <removed>
@@ -68851,6 +68785,7 @@ CVE-2019-10161 (It was discovered that libvirtd before versions 4.10.1 and 5.4.1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1720115
 	NOTE: https://libvirt.org/git/?p=libvirt.git;a=commit;h=aed6a032cead4386472afb24b16196579e239580
 CVE-2019-10160 (A security regression of CVE-2019-9636 was discovered in python since  ...)
+	{DLA-2280-1}
 	- python3.7 3.7.4~rc2-2
 	[buster] - python3.7 3.7.3-2+deb10u1
 	- python3.6 <not-affected> (Fix for CVE-2019-9636 not applied)
@@ -69514,7 +69449,7 @@ CVE-2019-9950 (Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultr
 CVE-2019-9949 (Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100 ...)
 	NOT-FOR-US: Western Digital
 CVE-2019-9948 (urllib in Python 2.x through 2.7.16 supports the local_file: scheme, w ...)
-	{DLA-1852-1 DLA-1834-1}
+	{DLA-2280-1 DLA-1852-1 DLA-1834-1}
 	- python3.7 3.7.4~rc2-2
 	[buster] - python3.7 3.7.3-2+deb10u1
 	- python3.6 <removed>
@@ -69529,7 +69464,7 @@ CVE-2019-9948 (urllib in Python 2.x through 2.7.16 supports the local_file: sche
 	NOTE: https://github.com/python/cpython/commit/b15bde8058e821b383d81fcae68b335a752083ca (2.7)
 	NOTE: https://github.com/python/cpython/commit/942c31dffbe886ff02e25a319cc3891220b8c641 (2.7)
 CVE-2019-9947 (An issue was discovered in urllib2 in Python 2.x through 2.7.16 and ur ...)
-	{DLA-1835-1 DLA-1834-1}
+	{DLA-2280-1 DLA-1835-1 DLA-1834-1}
 	- python3.7 3.7.4~rc2-2
 	[buster] - python3.7 3.7.3-2+deb10u1
 	- python3.6 <removed>
@@ -71078,7 +71013,7 @@ CVE-2019-9741 (An issue was discovered in net/http in Go 1.11.5. CRLF injection
 	NOTE: https://github.com/golang/go/commit/829c5df58694b3345cb5ea41206783c8ccf5c3ca#diff-b97af51863ce82bf2a13003b52034aa9
 	NOTE: https://github.com/golang/go/commit/f1d662f34788f4a5f087581d0951cdf4e0f6e708#diff-b97af51863ce82bf2a13003b52034aa9
 CVE-2019-9740 (An issue was discovered in urllib2 in Python 2.x through 2.7.16 and ur ...)
-	{DLA-1835-1 DLA-1834-1}
+	{DLA-2280-1 DLA-1835-1 DLA-1834-1}
 	- python3.7 3.7.4~rc2-2
 	[buster] - python3.7 3.7.3-2+deb10u1
 	- python3.6 <removed>
@@ -71357,7 +71292,7 @@ CVE-2019-9643
 CVE-2019-9642 (An issue was discovered in proxy.php in pydio-core in Pydio through 8. ...)
 	- extplorer <removed>
 CVE-2019-9636 (Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Impr ...)
-	{DLA-1835-1 DLA-1834-1}
+	{DLA-2280-1 DLA-1835-1 DLA-1834-1}
 	- python3.7 3.7.3~rc1-1 (bug #924072)
 	- python3.6 <removed>
 	- python3.5 <removed>
@@ -83482,7 +83417,7 @@ CVE-2019-5012 (An exploitable privilege escalation vulnerability exists in the W
 CVE-2019-5011 (An exploitable privilege escalation vulnerability exists in the helper ...)
 	NOT-FOR-US: CleanMyMac
 CVE-2019-5010 (An exploitable denial-of-service vulnerability exists in the X509 cert ...)
-	{DLA-1834-1 DLA-1663-1}
+	{DLA-2280-1 DLA-1834-1 DLA-1663-1}
 	- python3.7 3.7.2-2 (bug #921064)
 	- python3.6 <removed> (bug #921063)
 	- python3.5 <removed>
@@ -87865,7 +87800,7 @@ CVE-2018-20408 (An issue was discovered in Bento4 1.5.1-627. There is a memory l
 CVE-2018-20407 (An issue was discovered in Bento4 1.5.1-627. There is a memory leak in ...)
 	NOT-FOR-US: Bento4
 CVE-2018-20406 (Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a ...)
-	{DLA-1663-1}
+	{DLA-2280-1 DLA-1663-1}
 	- python3.7 3.7.0-7 (unimportant)
 	- python3.6 3.6.7~rc1-1 (unimportant)
 	- python3.5 <removed> (unimportant)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9437bec660ddf219cc2e5525b5c62f9f9601429a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9437bec660ddf219cc2e5525b5c62f9f9601429a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200715/b50e5a9f/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list