From 9b68251f99a8f303416c6efeb99446e15f6f1708 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 2 Mar 2022 19:01:12 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/38xxx/CVE-2021-38268.json | 61 ++++++++++++++++++++++++++++++---- 2021/44xxx/CVE-2021-44664.json | 5 +++ 2021/44xxx/CVE-2021-44665.json | 5 +++ 2021/46xxx/CVE-2021-46387.json | 5 +++ 2022/23xxx/CVE-2022-23878.json | 56 +++++++++++++++++++++++++++---- 5 files changed, 120 insertions(+), 12 deletions(-) diff --git a/2021/38xxx/CVE-2021-38268.json b/2021/38xxx/CVE-2021-38268.json index 497fbd6ccb3..74ecde24231 100644 --- a/2021/38xxx/CVE-2021-38268.json +++ b/2021/38xxx/CVE-2021-38268.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-38268", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-38268", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Dynamic Data Mapping module in Liferay Portal through v7.3.6 and Liferay DXP through v7.3 incorrectly sets default permissions for site members, allowing authenticated attackers to add and duplicate forms via the UI or the API." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://liferay.com", + "refsource": "MISC", + "name": "http://liferay.com" + }, + { + "refsource": "MISC", + "name": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38268-site-member-can-add-new-forms-by-default", + "url": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38268-site-member-can-add-new-forms-by-default" } ] } diff --git a/2021/44xxx/CVE-2021-44664.json b/2021/44xxx/CVE-2021-44664.json index be630c0de34..377ece5939a 100644 --- a/2021/44xxx/CVE-2021-44664.json +++ b/2021/44xxx/CVE-2021-44664.json @@ -66,6 +66,11 @@ "url": "https://riklutz.nl/2021/11/03/authenticated-file-upload-to-remote-code-execution-in-xerte/", "refsource": "MISC", "name": "https://riklutz.nl/2021/11/03/authenticated-file-upload-to-remote-code-execution-in-xerte/" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/166182/Xerte-3.9-Remote-Code-Execution.html", + "url": "http://packetstormsecurity.com/files/166182/Xerte-3.9-Remote-Code-Execution.html" } ] } diff --git a/2021/44xxx/CVE-2021-44665.json b/2021/44xxx/CVE-2021-44665.json index 0036dbfd2fd..371404c9bdf 100644 --- a/2021/44xxx/CVE-2021-44665.json +++ b/2021/44xxx/CVE-2021-44665.json @@ -56,6 +56,11 @@ "url": "https://github.com/thexerteproject/xerteonlinetoolkits/commit/48a9880c6ac38f4d215f9143baf3d6e6062a1871", "refsource": "MISC", "name": "https://github.com/thexerteproject/xerteonlinetoolkits/commit/48a9880c6ac38f4d215f9143baf3d6e6062a1871" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/166181/Xerte-3.10.3-Directory-Traversal.html", + "url": "http://packetstormsecurity.com/files/166181/Xerte-3.10.3-Directory-Traversal.html" } ] } diff --git a/2021/46xxx/CVE-2021-46387.json b/2021/46xxx/CVE-2021-46387.json index e26de9a8097..95b5d2177e2 100644 --- a/2021/46xxx/CVE-2021-46387.json +++ b/2021/46xxx/CVE-2021-46387.json @@ -66,6 +66,11 @@ "url": "https://drive.google.com/drive/folders/1_XfWBLqxT2Mqt7uB663Sjlc62pE8-rcN?usp=sharing", "refsource": "MISC", "name": "https://drive.google.com/drive/folders/1_XfWBLqxT2Mqt7uB663Sjlc62pE8-rcN?usp=sharing" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/166189/Zyxel-ZyWALL-2-Plus-Cross-Site-Scripting.html", + "url": "http://packetstormsecurity.com/files/166189/Zyxel-ZyWALL-2-Plus-Cross-Site-Scripting.html" } ] } diff --git a/2022/23xxx/CVE-2022-23878.json b/2022/23xxx/CVE-2022-23878.json index 455b503c565..45f0387284c 100644 --- a/2022/23xxx/CVE-2022-23878.json +++ b/2022/23xxx/CVE-2022-23878.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-23878", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-23878", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "seacms V11.5 is affected by an arbitrary code execution vulnerability in admin_config.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://blog.csdn.net/miuzzx/article/details/122249953", + "refsource": "MISC", + "name": "https://blog.csdn.net/miuzzx/article/details/122249953" } ] }