"-Synchronized-Data."

2019/19xxx/CVE-2019-19882.json

@@ -76,6 +76,11 @@
                 "url": "https://github.com/void-linux/void-packages/pull/17580",
                 "refsource": "MISC",
                 "name": "https://github.com/void-linux/void-packages/pull/17580"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202008-09",
+                "url": "https://security.gentoo.org/glsa/202008-09"
             }
         ]
     }

2020/14xxx/CVE-2020-14042.json

@@ -1,17 +1,66 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
     "CVE_data_meta": {
-        "ID": "CVE-2020-14042",
         "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2020-14042",
+        "STATE": "PUBLIC"
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Cross Site Scripting (XSS) vulnerability was found in Codiad v1.7.8 and later. The vulnerability occurs because of improper sanitization of the folder's name $path variable in components/filemanager/class.filemanager.php. NOTE: the vendor states \"Codiad is no longer under active maintenance by core contributors.\""
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://github.com/Codiad/Codiad/blob/master/README.md",
+                "refsource": "MISC",
+                "name": "https://github.com/Codiad/Codiad/blob/master/README.md"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://github.com/Codiad/Codiad/issues/1122",
+                "url": "https://github.com/Codiad/Codiad/issues/1122"
             }
         ]
     }

2020/17xxx/CVE-2020-17489.json

@@ -56,6 +56,11 @@
                 "url": "https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/2997",
                 "refsource": "MISC",
                 "name": "https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/2997"
+            },
+            {
+                "refsource": "UBUNTU",
+                "name": "USN-4464-1",
+                "url": "https://usn.ubuntu.com/4464-1/"
             }
         ]
     }

2020/24xxx/CVE-2020-24609.json

@@ -1,17 +1,61 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
     "CVE_data_meta": {
-        "ID": "CVE-2020-24609",
         "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2020-24609",
+        "STATE": "PUBLIC"
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "TechKshetra Info Solutions Pvt. Ltd Savsoft Quiz 5 has XSS which can result in an attacker injecting the XSS payload in the User Registration section and each time the admin visits the manage user section from the admin panel, the XSS triggers and the attacker can steal the cookie via crafted payload."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://www.exploit-db.com/exploits/48753",
+                "refsource": "MISC",
+                "name": "https://www.exploit-db.com/exploits/48753"
             }
         ]
     }