diff --git a/2014/2xxx/CVE-2014-2359.json b/2014/2xxx/CVE-2014-2359.json index 8c29cf40b9b..e3a3c160b6e 100644 --- a/2014/2xxx/CVE-2014-2359.json +++ b/2014/2xxx/CVE-2014-2359.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2014-2359", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,33 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "OleumTech Wireless Sensor Network devices allow remote attackers to obtain sensitive information about sensor nodes or spoof devices by reading cleartext protocol data." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://ioactive.com/pdfs/IOActive_Advisory_OleumTech.pdf", + "refsource" : "MISC", + "url" : "https://ioactive.com/pdfs/IOActive_Advisory_OleumTech.pdf" + }, + { + "name" : "oleumtech-cve20142359-info-disc(94788)", + "refsource" : "XF", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94788" } ] } diff --git a/2014/3xxx/CVE-2014-3539.json b/2014/3xxx/CVE-2014-3539.json index 3eac1ffefa5..4ca937cc400 100644 --- a/2014/3xxx/CVE-2014-3539.json +++ b/2014/3xxx/CVE-2014-3539.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2014-3539", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,33 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "base/oi/doa.py in the Rope library in CPython (aka Python) allows remote attackers to execute arbitrary code by leveraging an unsafe call to pickle.load." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "[oss-security] 20150206 python-rope: pickle.load of remotely supplied data with no authentication required", + "refsource" : "MLIST", + "url" : "http://www.openwall.com/lists/oss-security/2015/02/07/1" + }, + { + "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1116485", + "refsource" : "CONFIRM", + "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1116485" } ] } diff --git a/2014/5xxx/CVE-2014-5034.json b/2014/5xxx/CVE-2014-5034.json index 547db39b415..3cd7de54c88 100644 --- a/2014/5xxx/CVE-2014-5034.json +++ b/2014/5xxx/CVE-2014-5034.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2014-5034", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,33 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Cross-site request forgery (CSRF) vulnerability in the Brute Force Login Protection module 1.3 for WordPress allows remote attackers to hijack the authentication of unspecified users for requests that have unknown impact via a crafted request to the brute-force-login-protection page to wp-admin/options-general.php." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/0pc0deFR/Exploits/blob/master/CVE-2014-5034/exploit.html", + "refsource" : "MISC", + "url" : "https://github.com/0pc0deFR/Exploits/blob/master/CVE-2014-5034/exploit.html" + }, + { + "name" : "https://github.com/0pc0deFR/wordpress-sploit-framework/blob/master/exploits/Brute_Force_Login_Protection_1_3_Cross_Site_Request_Forgery", + "refsource" : "MISC", + "url" : "https://github.com/0pc0deFR/wordpress-sploit-framework/blob/master/exploits/Brute_Force_Login_Protection_1_3_Cross_Site_Request_Forgery" } ] } diff --git a/2014/5xxx/CVE-2014-5072.json b/2014/5xxx/CVE-2014-5072.json index 6090f38151b..64822362d9e 100644 --- a/2014/5xxx/CVE-2014-5072.json +++ b/2014/5xxx/CVE-2014-5072.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2014-5072", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,33 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Cross-site request forgery (CSRF) vulnerability in WP Security Audit Log plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of unspecified victims via unknown vectors." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/0pc0deFR/Exploits/tree/master/CVE-2014-5072", + "refsource" : "MISC", + "url" : "https://github.com/0pc0deFR/Exploits/tree/master/CVE-2014-5072" + }, + { + "name" : "https://www.wpsecurityauditlog.com/plugin-change-log/", + "refsource" : "CONFIRM", + "url" : "https://www.wpsecurityauditlog.com/plugin-change-log/" } ] } diff --git a/2018/9xxx/CVE-2018-9315.json b/2018/9xxx/CVE-2018-9315.json index 51854e29d20..c9b83812f71 100644 --- a/2018/9xxx/CVE-2018-9315.json +++ b/2018/9xxx/CVE-2018-9315.json @@ -2,7 +2,7 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-9315", - "STATE" : "RESERVED" + "STATE" : "REJECT" }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +11,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-9314. Reason: This candidate is a reservation duplicate of CVE-2018-9314. Notes: All CVE users should reference CVE-2018-9314 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." } ] } diff --git a/2018/9xxx/CVE-2018-9316.json b/2018/9xxx/CVE-2018-9316.json index 3fcb3779902..503869bcb0d 100644 --- a/2018/9xxx/CVE-2018-9316.json +++ b/2018/9xxx/CVE-2018-9316.json @@ -2,7 +2,7 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-9316", - "STATE" : "RESERVED" + "STATE" : "REJECT" }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +11,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-9312. Reason: This candidate is a reservation duplicate of CVE-2018-9312. Notes: All CVE users should reference CVE-2018-9312 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." } ] } diff --git a/2018/9xxx/CVE-2018-9317.json b/2018/9xxx/CVE-2018-9317.json index 7a930b83c39..325bb947daa 100644 --- a/2018/9xxx/CVE-2018-9317.json +++ b/2018/9xxx/CVE-2018-9317.json @@ -2,7 +2,7 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-9317", - "STATE" : "RESERVED" + "STATE" : "REJECT" }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +11,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-9313. Reason: This candidate is a reservation duplicate of CVE-2018-9313. Notes: All CVE users should reference CVE-2018-9313 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." } ] } diff --git a/2018/9xxx/CVE-2018-9319.json b/2018/9xxx/CVE-2018-9319.json index 11398e82838..b86656aa21c 100644 --- a/2018/9xxx/CVE-2018-9319.json +++ b/2018/9xxx/CVE-2018-9319.json @@ -2,7 +2,7 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-9319", - "STATE" : "RESERVED" + "STATE" : "REJECT" }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +11,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-9318. Reason: This candidate is a reservation duplicate of CVE-2018-9318. Notes: All CVE users should reference CVE-2018-9318 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." } ] } diff --git a/2018/9xxx/CVE-2018-9321.json b/2018/9xxx/CVE-2018-9321.json index 4f9c0586775..7b492cf8789 100644 --- a/2018/9xxx/CVE-2018-9321.json +++ b/2018/9xxx/CVE-2018-9321.json @@ -2,7 +2,7 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-9321", - "STATE" : "RESERVED" + "STATE" : "REJECT" }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +11,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-9320. Reason: This candidate is a reservation duplicate of CVE-2018-9320. Notes: All CVE users should reference CVE-2018-9320 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." } ] } diff --git a/2018/9xxx/CVE-2018-9323.json b/2018/9xxx/CVE-2018-9323.json index 7f5880d60f3..6a860a0deed 100644 --- a/2018/9xxx/CVE-2018-9323.json +++ b/2018/9xxx/CVE-2018-9323.json @@ -2,7 +2,7 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-9323", - "STATE" : "RESERVED" + "STATE" : "REJECT" }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +11,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-9322. Reason: This candidate is a reservation duplicate of CVE-2018-9322. Notes: All CVE users should reference CVE-2018-9322 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." } ] } diff --git a/2018/9xxx/CVE-2018-9324.json b/2018/9xxx/CVE-2018-9324.json index de02bfa0929..ba0efebf8c0 100644 --- a/2018/9xxx/CVE-2018-9324.json +++ b/2018/9xxx/CVE-2018-9324.json @@ -2,7 +2,7 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-9324", - "STATE" : "RESERVED" + "STATE" : "REJECT" }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +11,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-9311. Reason: This candidate is a reservation duplicate of CVE-2018-9311. Notes: All CVE users should reference CVE-2018-9311 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." } ] }