"-Synchronized-Data."

2025-05-08 11:37:04 +00:00 · 2022-03-02 19:01:12 +00:00 · 2022-03-02 19:01:12 +00:00 · 9b68251f99
commit 9b68251f99
parent 46fa9b652d
5 changed files with 120 additions and 12 deletions
--- a/2021/38xxx/CVE-2021-38268.json
+++ b/2021/38xxx/CVE-2021-38268.json
@ -1,17 +1,66 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
    "CVE_data_meta": {
-        "ID": "CVE-2021-38268",
        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2021-38268",
+        "STATE": "PUBLIC"
    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "The Dynamic Data Mapping module in Liferay Portal through v7.3.6 and Liferay DXP through v7.3 incorrectly sets default permissions for site members, allowing authenticated attackers to add and duplicate forms via the UI or the API."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "http://liferay.com",
+                "refsource": "MISC",
+                "name": "http://liferay.com"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38268-site-member-can-add-new-forms-by-default",
+                "url": "https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38268-site-member-can-add-new-forms-by-default"
            }
        ]
    }
--- a/2021/44xxx/CVE-2021-44664.json
+++ b/2021/44xxx/CVE-2021-44664.json
@ -66,6 +66,11 @@
                "url": "https://riklutz.nl/2021/11/03/authenticated-file-upload-to-remote-code-execution-in-xerte/",
                "refsource": "MISC",
                "name": "https://riklutz.nl/2021/11/03/authenticated-file-upload-to-remote-code-execution-in-xerte/"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/166182/Xerte-3.9-Remote-Code-Execution.html",
+                "url": "http://packetstormsecurity.com/files/166182/Xerte-3.9-Remote-Code-Execution.html"
            }
        ]
    }
--- a/2021/44xxx/CVE-2021-44665.json
+++ b/2021/44xxx/CVE-2021-44665.json
@ -56,6 +56,11 @@
                "url": "https://github.com/thexerteproject/xerteonlinetoolkits/commit/48a9880c6ac38f4d215f9143baf3d6e6062a1871",
                "refsource": "MISC",
                "name": "https://github.com/thexerteproject/xerteonlinetoolkits/commit/48a9880c6ac38f4d215f9143baf3d6e6062a1871"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/166181/Xerte-3.10.3-Directory-Traversal.html",
+                "url": "http://packetstormsecurity.com/files/166181/Xerte-3.10.3-Directory-Traversal.html"
            }
        ]
    }
--- a/2021/46xxx/CVE-2021-46387.json
+++ b/2021/46xxx/CVE-2021-46387.json
@ -66,6 +66,11 @@
                "url": "https://drive.google.com/drive/folders/1_XfWBLqxT2Mqt7uB663Sjlc62pE8-rcN?usp=sharing",
                "refsource": "MISC",
                "name": "https://drive.google.com/drive/folders/1_XfWBLqxT2Mqt7uB663Sjlc62pE8-rcN?usp=sharing"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/166189/Zyxel-ZyWALL-2-Plus-Cross-Site-Scripting.html",
+                "url": "http://packetstormsecurity.com/files/166189/Zyxel-ZyWALL-2-Plus-Cross-Site-Scripting.html"
            }
        ]
    }
--- a/2022/23xxx/CVE-2022-23878.json
+++ b/2022/23xxx/CVE-2022-23878.json
@ -1,17 +1,61 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
    "CVE_data_meta": {
-        "ID": "CVE-2022-23878",
        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2022-23878",
+        "STATE": "PUBLIC"
    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "seacms V11.5 is affected by an arbitrary code execution vulnerability in admin_config.php."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://blog.csdn.net/miuzzx/article/details/122249953",
+                "refsource": "MISC",
+                "name": "https://blog.csdn.net/miuzzx/article/details/122249953"
            }
        ]
    }