From 193a6f981d6798fb232dead523b672cb19349ae9 Mon Sep 17 00:00:00 2001
From: CVE Team <cve-request@mitre.org>
Date: Tue, 20 Apr 2021 16:00:42 +0000
Subject: [PATCH] "-Synchronized-Data."

---
 2011/1xxx/CVE-2011-1473.json   | 10 ++++++
 2020/14xxx/CVE-2020-14105.json | 50 ++++++++++++++++++++++++++--
 2021/28xxx/CVE-2021-28156.json | 61 ++++++++++++++++++++++++++++++----
 2021/30xxx/CVE-2021-30496.json | 61 ++++++++++++++++++++++++++++++----
 4 files changed, 167 insertions(+), 15 deletions(-)

diff --git a/2011/1xxx/CVE-2011-1473.json b/2011/1xxx/CVE-2011-1473.json
index 63e5cde4d6d..f06e4a31302 100644
--- a/2011/1xxx/CVE-2011-1473.json
+++ b/2011/1xxx/CVE-2011-1473.json
@@ -171,6 +171,16 @@
                 "refsource": "MLIST",
                 "name": "[rocketmq-dev] 20210327 [GitHub] [rocketmq] liufeiguo commented on pull request #1820: [ISSUE #1233] Fix CVE-2011-1473",
                 "url": "https://lists.apache.org/thread.html/r13a07a09f98b2841193dbf17a47c7f09b464e0747a1d3e7298ad4c81@%3Cdev.rocketmq.apache.org%3E"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[rocketmq-dev] 20210420 [GitHub] [rocketmq] mouzz commented on pull request #1820: [ISSUE #1233] Fix CVE-2011-1473",
+                "url": "https://lists.apache.org/thread.html/rf9e8ae0356af3ec4f7780ca651b770721d287d4d55f62f4f754e0a6f@%3Cdev.rocketmq.apache.org%3E"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[rocketmq-dev] 20210420 [GitHub] [rocketmq] mouzz removed a comment on pull request #1820: [ISSUE #1233] Fix CVE-2011-1473",
+                "url": "https://lists.apache.org/thread.html/rc98eaa3f8223ac75aa5969f717954d8cbc9f3a9d8b7a6156a54fa557@%3Cdev.rocketmq.apache.org%3E"
             }
         ]
     }
diff --git a/2020/14xxx/CVE-2020-14105.json b/2020/14xxx/CVE-2020-14105.json
index e7d92d8d0c3..bc3a3fb8c70 100644
--- a/2020/14xxx/CVE-2020-14105.json
+++ b/2020/14xxx/CVE-2020-14105.json
@@ -4,14 +4,58 @@
     "data_version": "4.0",
     "CVE_data_meta": {
         "ID": "CVE-2020-14105",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "security@xiaomi.com",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "n/a",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Xiaomi 10",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "Xiaomi 10 MIUI system < 2020.01.15"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "Information disclosure"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "CONFIRM",
+                "name": "https://privacy.mi.com/trust#/security/vulnerability-management/vulnerability-announcement/detail?id=28&locale=zh",
+                "url": "https://privacy.mi.com/trust#/security/vulnerability-management/vulnerability-announcement/detail?id=28&locale=zh"
+            }
+        ]
     },
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "The application in the mobile phone can read the SNO information of the device, Xiaomi 10 MIUI < 2020.01.15."
             }
         ]
     }
diff --git a/2021/28xxx/CVE-2021-28156.json b/2021/28xxx/CVE-2021-28156.json
index 147592fca9b..ebfd9ddcdc1 100644
--- a/2021/28xxx/CVE-2021-28156.json
+++ b/2021/28xxx/CVE-2021-28156.json
@@ -1,17 +1,66 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
     "CVE_data_meta": {
-        "ID": "CVE-2021-28156",
         "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2021-28156",
+        "STATE": "PUBLIC"
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be bypassed by specifically crafted HTTP events. Fixed in 1.9.5, and 1.8.10."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://www.hashicorp.com/blog/category/consul",
+                "refsource": "MISC",
+                "name": "https://www.hashicorp.com/blog/category/consul"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://discuss.hashicorp.com/t/hcsec-2021-08-consul-enterprise-audit-log-bypass-for-http-events/23369",
+                "url": "https://discuss.hashicorp.com/t/hcsec-2021-08-consul-enterprise-audit-log-bypass-for-http-events/23369"
             }
         ]
     }
diff --git a/2021/30xxx/CVE-2021-30496.json b/2021/30xxx/CVE-2021-30496.json
index 0188fa97eac..b970b0bf2dd 100644
--- a/2021/30xxx/CVE-2021-30496.json
+++ b/2021/30xxx/CVE-2021-30496.json
@@ -1,17 +1,66 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
     "CVE_data_meta": {
-        "ID": "CVE-2021-30496",
         "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2021-30496",
+        "STATE": "PUBLIC"
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "The Telegram app 7.6.2 for iOS allows remote authenticated users to cause a denial of service (application crash) if the victim pastes an attacker-supplied message (e.g., in the Persian language) into a channel or group. The crash occurs in MtProtoKitFramework."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://gist.github.com/raminfp/bf64c2974ee6949787329749148a4b31",
+                "refsource": "MISC",
+                "name": "https://gist.github.com/raminfp/bf64c2974ee6949787329749148a4b31"
+            },
+            {
+                "url": "https://t.me/joinchat/bJ9cnUosVh03ZTI0",
+                "refsource": "MISC",
+                "name": "https://t.me/joinchat/bJ9cnUosVh03ZTI0"
             }
         ]
     }