From 232c9accc0cba84d41067f6a8a22c02163779144 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 00:05:33 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2008/0xxx/CVE-2008-0583.json | 160 +++++----- 2008/0xxx/CVE-2008-0607.json | 130 ++++---- 2008/0xxx/CVE-2008-0784.json | 280 ++++++++--------- 2008/1xxx/CVE-2008-1191.json | 360 +++++++++++----------- 2008/1xxx/CVE-2008-1193.json | 470 ++++++++++++++--------------- 2008/1xxx/CVE-2008-1688.json | 200 ++++++------ 2008/3xxx/CVE-2008-3090.json | 170 +++++------ 2008/3xxx/CVE-2008-3770.json | 170 +++++------ 2008/4xxx/CVE-2008-4334.json | 130 ++++---- 2008/4xxx/CVE-2008-4685.json | 260 ++++++++-------- 2013/2xxx/CVE-2013-2723.json | 160 +++++----- 2013/3xxx/CVE-2013-3796.json | 180 +++++------ 2013/3xxx/CVE-2013-3826.json | 140 ++++----- 2013/4xxx/CVE-2013-4329.json | 160 +++++----- 2013/4xxx/CVE-2013-4959.json | 120 ++++---- 2013/6xxx/CVE-2013-6205.json | 130 ++++---- 2013/6xxx/CVE-2013-6266.json | 34 +-- 2013/6xxx/CVE-2013-6347.json | 120 ++++---- 2013/6xxx/CVE-2013-6884.json | 170 +++++------ 2013/7xxx/CVE-2013-7175.json | 140 ++++----- 2013/7xxx/CVE-2013-7466.json | 120 ++++---- 2017/10xxx/CVE-2017-10743.json | 120 ++++---- 2017/10xxx/CVE-2017-10825.json | 130 ++++---- 2017/10xxx/CVE-2017-10834.json | 130 ++++---- 2017/13xxx/CVE-2017-13190.json | 156 +++++----- 2017/13xxx/CVE-2017-13303.json | 122 ++++---- 2017/13xxx/CVE-2017-13681.json | 142 ++++----- 2017/17xxx/CVE-2017-17108.json | 120 ++++---- 2017/17xxx/CVE-2017-17243.json | 34 +-- 2017/17xxx/CVE-2017-17357.json | 34 +-- 2017/17xxx/CVE-2017-17464.json | 120 ++++---- 2017/9xxx/CVE-2017-9224.json | 150 ++++----- 2017/9xxx/CVE-2017-9317.json | 122 ++++---- 2017/9xxx/CVE-2017-9477.json | 120 ++++---- 2017/9xxx/CVE-2017-9824.json | 34 +-- 2017/9xxx/CVE-2017-9887.json | 130 ++++---- 2018/0xxx/CVE-2018-0196.json | 130 ++++---- 2018/0xxx/CVE-2018-0560.json | 130 ++++---- 2018/0xxx/CVE-2018-0766.json | 142 ++++----- 2018/1000xxx/CVE-2018-1000600.json | 120 ++++---- 2018/1000xxx/CVE-2018-1000881.json | 126 ++++---- 2018/18xxx/CVE-2018-18138.json | 34 +-- 2018/19xxx/CVE-2018-19033.json | 34 +-- 2018/19xxx/CVE-2018-19118.json | 120 ++++---- 2018/19xxx/CVE-2018-19441.json | 34 +-- 2018/19xxx/CVE-2018-19747.json | 34 +-- 2018/19xxx/CVE-2018-19847.json | 34 +-- 2018/1xxx/CVE-2018-1022.json | 342 ++++++++++----------- 2018/1xxx/CVE-2018-1030.json | 176 +++++------ 2018/1xxx/CVE-2018-1380.json | 184 +++++------ 2018/1xxx/CVE-2018-1623.json | 34 +-- 51 files changed, 3571 insertions(+), 3571 deletions(-) diff --git a/2008/0xxx/CVE-2008-0583.json b/2008/0xxx/CVE-2008-0583.json index 357529b5ddd..316d50f21d1 100644 --- a/2008/0xxx/CVE-2008-0583.json +++ b/2008/0xxx/CVE-2008-0583.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-0583", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earlier 3.5.x and 3.6.x versions, on Windows allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Description and unspecified other metadata fields of a Metacafe movie submitted by Metacafe Pro to the Skype video gallery, accessible through a search within the (1) \"Add video to chat\" or (2) \"Add video to mood\" dialog, a different vector than CVE-2008-0454." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-0583", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://aviv.raffon.net/2008/01/22/NoMoreVideosForYouComeBackWhenPatchAvailable.aspx", - "refsource" : "MISC", - "url" : "http://aviv.raffon.net/2008/01/22/NoMoreVideosForYouComeBackWhenPatchAvailable.aspx" - }, - { - "name" : "http://skype.com/security/skype-sb-2008-001-update1.htm", - "refsource" : "MISC", - "url" : "http://skype.com/security/skype-sb-2008-001-update1.htm" - }, - { - "name" : "VU#794236", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/794236" - }, - { - "name" : "27338", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27338" - }, - { - "name" : "skype-addvideotochat-code-execution(39754)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39754" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earlier 3.5.x and 3.6.x versions, on Windows allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Description and unspecified other metadata fields of a Metacafe movie submitted by Metacafe Pro to the Skype video gallery, accessible through a search within the (1) \"Add video to chat\" or (2) \"Add video to mood\" dialog, a different vector than CVE-2008-0454." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "skype-addvideotochat-code-execution(39754)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39754" + }, + { + "name": "http://aviv.raffon.net/2008/01/22/NoMoreVideosForYouComeBackWhenPatchAvailable.aspx", + "refsource": "MISC", + "url": "http://aviv.raffon.net/2008/01/22/NoMoreVideosForYouComeBackWhenPatchAvailable.aspx" + }, + { + "name": "27338", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27338" + }, + { + "name": "VU#794236", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/794236" + }, + { + "name": "http://skype.com/security/skype-sb-2008-001-update1.htm", + "refsource": "MISC", + "url": "http://skype.com/security/skype-sb-2008-001-update1.htm" + } + ] + } +} \ No newline at end of file diff --git a/2008/0xxx/CVE-2008-0607.json b/2008/0xxx/CVE-2008-0607.json index c34ebffa4ab..aa155c96de8 100644 --- a/2008/0xxx/CVE-2008-0607.json +++ b/2008/0xxx/CVE-2008-0607.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-0607", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) 2.5.3 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-0607", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "5038", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/5038" - }, - { - "name" : "27617", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27617" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) 2.5.3 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "5038", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/5038" + }, + { + "name": "27617", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27617" + } + ] + } +} \ No newline at end of file diff --git a/2008/0xxx/CVE-2008-0784.json b/2008/0xxx/CVE-2008-0784.json index 72e1ce7cf14..77ac1e57569 100644 --- a/2008/0xxx/CVE-2008-0784.json +++ b/2008/0xxx/CVE-2008-0784.json @@ -1,142 +1,142 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-0784", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows remote attackers to obtain the full path via an invalid local_graph_id parameter and other unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-0784", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080212 Cacti 0.8.7a Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/488018/100/0/threaded" - }, - { - "name" : "20080212 cacti -- Multiple security vulnerabilities have been discovered", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/488013/100/0/threaded" - }, - { - "name" : "http://www.cacti.net/release_notes_0_8_7b.php", - "refsource" : "CONFIRM", - "url" : "http://www.cacti.net/release_notes_0_8_7b.php" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=432758", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=432758" - }, - { - "name" : "FEDORA-2008-1699", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html" - }, - { - "name" : "FEDORA-2008-1737", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html" - }, - { - "name" : "GLSA-200803-18", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200803-18.xml" - }, - { - "name" : "MDVSA-2008:052", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052" - }, - { - "name" : "SUSE-SR:2008:005", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html" - }, - { - "name" : "27749", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27749" - }, - { - "name" : "ADV-2008-0540", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0540" - }, - { - "name" : "1019414", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019414" - }, - { - "name" : "28872", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28872" - }, - { - "name" : "28976", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28976" - }, - { - "name" : "29242", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29242" - }, - { - "name" : "29274", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29274" - }, - { - "name" : "3657", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3657" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows remote attackers to obtain the full path via an invalid local_graph_id parameter and other unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2008-1737", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html" + }, + { + "name": "29242", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29242" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=432758", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=432758" + }, + { + "name": "3657", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3657" + }, + { + "name": "SUSE-SR:2008:005", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html" + }, + { + "name": "GLSA-200803-18", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200803-18.xml" + }, + { + "name": "28872", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28872" + }, + { + "name": "MDVSA-2008:052", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:052" + }, + { + "name": "http://www.cacti.net/release_notes_0_8_7b.php", + "refsource": "CONFIRM", + "url": "http://www.cacti.net/release_notes_0_8_7b.php" + }, + { + "name": "29274", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29274" + }, + { + "name": "20080212 cacti -- Multiple security vulnerabilities have been discovered", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/488013/100/0/threaded" + }, + { + "name": "ADV-2008-0540", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0540" + }, + { + "name": "27749", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27749" + }, + { + "name": "28976", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28976" + }, + { + "name": "FEDORA-2008-1699", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html" + }, + { + "name": "1019414", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019414" + }, + { + "name": "20080212 Cacti 0.8.7a Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/488018/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2008/1xxx/CVE-2008-1191.json b/2008/1xxx/CVE-2008-1191.json index c7be1d5a1f2..767f7beabea 100644 --- a/2008/1xxx/CVE-2008-1191.json +++ b/2008/1xxx/CVE-2008-1191.json @@ -1,182 +1,182 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-1191", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrusted application, a different issue than CVE-2008-1190, aka \"The fifth issue.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-1191", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2008-0010.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2008-0010.html" - }, - { - "name" : "http://support.apple.com/kb/HT3178", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3178" - }, - { - "name" : "http://support.apple.com/kb/HT3179", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3179" - }, - { - "name" : "APPLE-SA-2008-09-24", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html" - }, - { - "name" : "GLSA-200804-20", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml" - }, - { - "name" : "GLSA-200804-28", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200804-28.xml" - }, - { - "name" : "GLSA-200806-11", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml" - }, - { - "name" : "RHSA-2008:0186", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0186.html" - }, - { - "name" : "RHSA-2008:0267", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0267.html" - }, - { - "name" : "233323", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233323-1" - }, - { - "name" : "SUSE-SA:2008:018", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html" - }, - { - "name" : "TA08-066A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA08-066A.html" - }, - { - "name" : "oval:org.mitre.oval:def:10167", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10167" - }, - { - "name" : "ADV-2008-0770", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0770/references" - }, - { - "name" : "ADV-2008-1856", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1856/references" - }, - { - "name" : "1019549", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019549" - }, - { - "name" : "29273", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29273" - }, - { - "name" : "29239", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29239" - }, - { - "name" : "29582", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29582" - }, - { - "name" : "29858", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29858" - }, - { - "name" : "30676", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30676" - }, - { - "name" : "30780", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30780" - }, - { - "name" : "32018", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32018" - }, - { - "name" : "javawebstart-application-priv-escalation(41029)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41029" - }, - { - "name" : "javawebstart-unspecified-priv-escalation(41136)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41136" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier allows remote attackers to create arbitrary files via an untrusted application, a different issue than CVE-2008-1190, aka \"The fifth issue.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2008-09-24", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html" + }, + { + "name": "30676", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30676" + }, + { + "name": "RHSA-2008:0267", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html" + }, + { + "name": "SUSE-SA:2008:018", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html" + }, + { + "name": "1019549", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019549" + }, + { + "name": "32018", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32018" + }, + { + "name": "javawebstart-unspecified-priv-escalation(41136)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41136" + }, + { + "name": "javawebstart-application-priv-escalation(41029)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41029" + }, + { + "name": "GLSA-200804-28", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200804-28.xml" + }, + { + "name": "29239", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29239" + }, + { + "name": "29858", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29858" + }, + { + "name": "oval:org.mitre.oval:def:10167", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10167" + }, + { + "name": "TA08-066A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html" + }, + { + "name": "http://support.apple.com/kb/HT3178", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3178" + }, + { + "name": "29582", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29582" + }, + { + "name": "ADV-2008-0770", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0770/references" + }, + { + "name": "233323", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233323-1" + }, + { + "name": "30780", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30780" + }, + { + "name": "ADV-2008-1856", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1856/references" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html" + }, + { + "name": "GLSA-200804-20", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml" + }, + { + "name": "GLSA-200806-11", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml" + }, + { + "name": "RHSA-2008:0186", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html" + }, + { + "name": "http://support.apple.com/kb/HT3179", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3179" + }, + { + "name": "29273", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29273" + } + ] + } +} \ No newline at end of file diff --git a/2008/1xxx/CVE-2008-1193.json b/2008/1xxx/CVE-2008-1193.json index 0bc4702a635..4d8e72d1e77 100644 --- a/2008/1xxx/CVE-2008-1193.json +++ b/2008/1xxx/CVE-2008-1193.json @@ -1,237 +1,237 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-1193", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-1193", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2008-0010.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2008-0010.html" - }, - { - "name" : "http://support.apple.com/kb/HT3178", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3178" - }, - { - "name" : "http://support.apple.com/kb/HT3179", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3179" - }, - { - "name" : "APPLE-SA-2008-09-24", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html" - }, - { - "name" : "BEA08-201.00", - "refsource" : "BEA", - "url" : "http://dev2dev.bea.com/pub/advisory/277" - }, - { - "name" : "GLSA-200804-20", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml" - }, - { - "name" : "GLSA-200804-28", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200804-28.xml" - }, - { - "name" : "GLSA-200806-11", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml" - }, - { - "name" : "RHSA-2008:0186", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0186.html" - }, - { - "name" : "RHSA-2008:0210", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0210.html" - }, - { - "name" : "RHSA-2008:0244", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0244.html" - }, - { - "name" : "RHSA-2008:0245", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0245.html" - }, - { - "name" : "RHSA-2008:0267", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0267.html" - }, - { - "name" : "233325", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233325-1" - }, - { - "name" : "SUSE-SA:2008:018", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html" - }, - { - "name" : "SUSE-SA:2008:025", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html" - }, - { - "name" : "TA08-066A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA08-066A.html" - }, - { - "name" : "28125", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28125" - }, - { - "name" : "oval:org.mitre.oval:def:11409", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11409" - }, - { - "name" : "ADV-2008-0770", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0770/references" - }, - { - "name" : "ADV-2008-1252", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1252" - }, - { - "name" : "ADV-2008-1856", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1856/references" - }, - { - "name" : "1019551", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019551" - }, - { - "name" : "29273", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29273" - }, - { - "name" : "29239", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29239" - }, - { - "name" : "29498", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29498" - }, - { - "name" : "29582", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29582" - }, - { - "name" : "29841", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29841" - }, - { - "name" : "29858", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29858" - }, - { - "name" : "30003", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30003" - }, - { - "name" : "29897", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29897" - }, - { - "name" : "30676", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30676" - }, - { - "name" : "30780", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30780" - }, - { - "name" : "31497", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31497" - }, - { - "name" : "32018", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32018" - }, - { - "name" : "sun-jre-imagelibrary-privilege-escalation(41028)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41028" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2008-09-24", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00008.html" + }, + { + "name": "30676", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30676" + }, + { + "name": "29841", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29841" + }, + { + "name": "sun-jre-imagelibrary-privilege-escalation(41028)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41028" + }, + { + "name": "RHSA-2008:0267", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0267.html" + }, + { + "name": "SUSE-SA:2008:018", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00000.html" + }, + { + "name": "1019551", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019551" + }, + { + "name": "233325", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-233325-1" + }, + { + "name": "RHSA-2008:0245", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0245.html" + }, + { + "name": "32018", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32018" + }, + { + "name": "29897", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29897" + }, + { + "name": "29498", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29498" + }, + { + "name": "BEA08-201.00", + "refsource": "BEA", + "url": "http://dev2dev.bea.com/pub/advisory/277" + }, + { + "name": "GLSA-200804-28", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200804-28.xml" + }, + { + "name": "29239", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29239" + }, + { + "name": "29858", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29858" + }, + { + "name": "TA08-066A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA08-066A.html" + }, + { + "name": "SUSE-SA:2008:025", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html" + }, + { + "name": "http://support.apple.com/kb/HT3178", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3178" + }, + { + "name": "29582", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29582" + }, + { + "name": "ADV-2008-1252", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1252" + }, + { + "name": "ADV-2008-0770", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0770/references" + }, + { + "name": "31497", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31497" + }, + { + "name": "RHSA-2008:0210", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0210.html" + }, + { + "name": "28125", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28125" + }, + { + "name": "30780", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30780" + }, + { + "name": "RHSA-2008:0244", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0244.html" + }, + { + "name": "ADV-2008-1856", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1856/references" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html" + }, + { + "name": "30003", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30003" + }, + { + "name": "oval:org.mitre.oval:def:11409", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11409" + }, + { + "name": "GLSA-200804-20", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml" + }, + { + "name": "GLSA-200806-11", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml" + }, + { + "name": "RHSA-2008:0186", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0186.html" + }, + { + "name": "http://support.apple.com/kb/HT3179", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3179" + }, + { + "name": "29273", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29273" + } + ] + } +} \ No newline at end of file diff --git a/2008/1xxx/CVE-2008-1688.json b/2008/1xxx/CVE-2008-1688.json index ed04e2800d1..6e33642818c 100644 --- a/2008/1xxx/CVE-2008-1688.json +++ b/2008/1xxx/CVE-2008-1688.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-1688", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in GNU m4 before 1.4.11 might allow context-dependent attackers to execute arbitrary code, related to improper handling of filenames specified with the -F option. NOTE: it is not clear when this issue crosses privilege boundaries." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-1688", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20080406 Re: Security fixes in m4-1.4.11", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2008/04/07/3" - }, - { - "name" : "[oss-security] 20080406 Security fixes in m4-1.4.11", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2008/04/07/1" - }, - { - "name" : "SSA:2008-098-01", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.510612" - }, - { - "name" : "28688", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28688" - }, - { - "name" : "44272", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/44272" - }, - { - "name" : "ADV-2008-1151", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1151/references" - }, - { - "name" : "29671", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29671" - }, - { - "name" : "29729", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29729" - }, - { - "name" : "gnu-m4-producefrozenstate-format-string(41704)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41704" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in GNU m4 before 1.4.11 might allow context-dependent attackers to execute arbitrary code, related to improper handling of filenames specified with the -F option. NOTE: it is not clear when this issue crosses privilege boundaries." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2008-1151", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1151/references" + }, + { + "name": "gnu-m4-producefrozenstate-format-string(41704)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41704" + }, + { + "name": "28688", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28688" + }, + { + "name": "44272", + "refsource": "OSVDB", + "url": "http://osvdb.org/44272" + }, + { + "name": "29671", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29671" + }, + { + "name": "[oss-security] 20080406 Re: Security fixes in m4-1.4.11", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2008/04/07/3" + }, + { + "name": "29729", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29729" + }, + { + "name": "[oss-security] 20080406 Security fixes in m4-1.4.11", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2008/04/07/1" + }, + { + "name": "SSA:2008-098-01", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.510612" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3090.json b/2008/3xxx/CVE-2008-3090.json index 6d268615c3d..12386368dbd 100644 --- a/2008/3xxx/CVE-2008-3090.json +++ b/2008/3xxx/CVE-2008-3090.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3090", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in index.php in BlognPlus (BURO GUN +) 2.5.5 MySQL and PostgreSQL editions allow remote attackers to execute arbitrary SQL commands via the (1) p, (2) e, (3) d, and (4) m parameters, a different vulnerability than CVE-2008-2819." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3090", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://vuln.sg/blognplus255-en.html", - "refsource" : "MISC", - "url" : "http://vuln.sg/blognplus255-en.html" - }, - { - "name" : "http://www.blogn.org/index.php?e=171", - "refsource" : "MISC", - "url" : "http://www.blogn.org/index.php?e=171" - }, - { - "name" : "30104", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30104" - }, - { - "name" : "30959", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30959" - }, - { - "name" : "blognplus-dm-sql-injection(43593)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43593" - }, - { - "name" : "blognplus-index-sql-injection(43592)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43592" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in index.php in BlognPlus (BURO GUN +) 2.5.5 MySQL and PostgreSQL editions allow remote attackers to execute arbitrary SQL commands via the (1) p, (2) e, (3) d, and (4) m parameters, a different vulnerability than CVE-2008-2819." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "blognplus-index-sql-injection(43592)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43592" + }, + { + "name": "30959", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30959" + }, + { + "name": "30104", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30104" + }, + { + "name": "blognplus-dm-sql-injection(43593)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43593" + }, + { + "name": "http://vuln.sg/blognplus255-en.html", + "refsource": "MISC", + "url": "http://vuln.sg/blognplus255-en.html" + }, + { + "name": "http://www.blogn.org/index.php?e=171", + "refsource": "MISC", + "url": "http://www.blogn.org/index.php?e=171" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3770.json b/2008/3xxx/CVE-2008-3770.json index 2e386e22978..93bcfae528d 100644 --- a/2008/3xxx/CVE-2008-3770.json +++ b/2008/3xxx/CVE-2008-3770.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3770", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple directory traversal vulnerabilities in Freeway 1.4.1.171, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter to (1) includes/events_application_top.php; (2) english/account.php, (3) french/account.php, and (4) french/account_newsletters.php in includes/languages/; (5) includes/modules/faqdesk/faqdesk_article_require.php; (6) includes/modules/newsdesk/newsdesk_article_require.php; (7) card1.php, (8) loginbox.php, and (9) whos_online.php in templates/Freeway/boxes/; and (10) templates/Freeway/mainpage_modules/mainpage.php. NOTE: vector 1 may be the same as CVE-2008-3677." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3770", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080818 [DSECRG-08-036] Multiple Security Vulnerabilities in Freeway eCommerce 1.4.1.171", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/495549/100/0/threaded" - }, - { - "name" : "http://www.openfreeway.org/download/change-log.html", - "refsource" : "CONFIRM", - "url" : "http://www.openfreeway.org/download/change-log.html" - }, - { - "name" : "30731", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30731" - }, - { - "name" : "31475", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31475" - }, - { - "name" : "4181", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/4181" - }, - { - "name" : "freeway-language-directory-traversal(45037)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45037" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple directory traversal vulnerabilities in Freeway 1.4.1.171, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter to (1) includes/events_application_top.php; (2) english/account.php, (3) french/account.php, and (4) french/account_newsletters.php in includes/languages/; (5) includes/modules/faqdesk/faqdesk_article_require.php; (6) includes/modules/newsdesk/newsdesk_article_require.php; (7) card1.php, (8) loginbox.php, and (9) whos_online.php in templates/Freeway/boxes/; and (10) templates/Freeway/mainpage_modules/mainpage.php. NOTE: vector 1 may be the same as CVE-2008-3677." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "freeway-language-directory-traversal(45037)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45037" + }, + { + "name": "30731", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30731" + }, + { + "name": "31475", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31475" + }, + { + "name": "http://www.openfreeway.org/download/change-log.html", + "refsource": "CONFIRM", + "url": "http://www.openfreeway.org/download/change-log.html" + }, + { + "name": "4181", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/4181" + }, + { + "name": "20080818 [DSECRG-08-036] Multiple Security Vulnerabilities in Freeway eCommerce 1.4.1.171", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/495549/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2008/4xxx/CVE-2008-4334.json b/2008/4xxx/CVE-2008-4334.json index 3ddb3efce4b..eae272c6892 100644 --- a/2008/4xxx/CVE-2008-4334.json +++ b/2008/4xxx/CVE-2008-4334.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-4334", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP infoBoard V.7 Plus allows remote attackers to bypass authentication and gain administrative access by setting the infouser cookie to 1." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-4334", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6568", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6568" - }, - { - "name" : "31404", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31404" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP infoBoard V.7 Plus allows remote attackers to bypass authentication and gain administrative access by setting the infouser cookie to 1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "31404", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31404" + }, + { + "name": "6568", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6568" + } + ] + } +} \ No newline at end of file diff --git a/2008/4xxx/CVE-2008-4685.json b/2008/4xxx/CVE-2008-4685.json index c0324c0ec42..92113fff611 100644 --- a/2008/4xxx/CVE-2008-4685.json +++ b/2008/4xxx/CVE-2008-4685.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-4685", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via certain packets that trigger an exception." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-4685", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20081211 rPSA-2008-0336-1 tshark wireshark", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/499154/100/0/threaded" - }, - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2008-06.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2008-06.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2870", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2870" - }, - { - "name" : "http://wiki.rpath.com/Advisories:rPSA-2008-0336", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/Advisories:rPSA-2008-0336" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2009-082.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2009-082.htm" - }, - { - "name" : "DSA-1673", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1673" - }, - { - "name" : "MDVSA-2008:215", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:215" - }, - { - "name" : "RHSA-2009:0313", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2009-0313.html" - }, - { - "name" : "31838", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31838" - }, - { - "name" : "oval:org.mitre.oval:def:10788", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10788" - }, - { - "name" : "34144", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34144" - }, - { - "name" : "ADV-2008-2872", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2872" - }, - { - "name" : "1021069", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1021069" - }, - { - "name" : "32355", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32355" - }, - { - "name" : "32944", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32944" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via certain packets that trigger an exception." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20081211 rPSA-2008-0336-1 tshark wireshark", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/499154/100/0/threaded" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-082.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-082.htm" + }, + { + "name": "32355", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32355" + }, + { + "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0336", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0336" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2008-06.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2008-06.html" + }, + { + "name": "34144", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34144" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2870", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2870" + }, + { + "name": "31838", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31838" + }, + { + "name": "32944", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32944" + }, + { + "name": "RHSA-2009:0313", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2009-0313.html" + }, + { + "name": "ADV-2008-2872", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2872" + }, + { + "name": "MDVSA-2008:215", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:215" + }, + { + "name": "1021069", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1021069" + }, + { + "name": "DSA-1673", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1673" + }, + { + "name": "oval:org.mitre.oval:def:10788", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10788" + } + ] + } +} \ No newline at end of file diff --git a/2013/2xxx/CVE-2013-2723.json b/2013/2xxx/CVE-2013-2723.json index 872acc79da9..2adc65a9297 100644 --- a/2013/2xxx/CVE-2013-2723.json +++ b/2013/2xxx/CVE-2013-2723.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-2723", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2013-2723", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb13-15.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb13-15.html" - }, - { - "name" : "GLSA-201308-03", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201308-03.xml" - }, - { - "name" : "RHSA-2013:0826", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0826.html" - }, - { - "name" : "SUSE-SU-2013:0809", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00004.html" - }, - { - "name" : "oval:org.mitre.oval:def:16622", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16622" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.adobe.com/support/security/bulletins/apsb13-15.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb13-15.html" + }, + { + "name": "SUSE-SU-2013:0809", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00004.html" + }, + { + "name": "RHSA-2013:0826", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0826.html" + }, + { + "name": "oval:org.mitre.oval:def:16622", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16622" + }, + { + "name": "GLSA-201308-03", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201308-03.xml" + } + ] + } +} \ No newline at end of file diff --git a/2013/3xxx/CVE-2013-3796.json b/2013/3xxx/CVE-2013-3796.json index 57a837c48cd..17d058cdfcd 100644 --- a/2013/3xxx/CVE-2013-3796.json +++ b/2013/3xxx/CVE-2013-3796.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-3796", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2013-3796", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html" - }, - { - "name" : "SUSE-SU-2013:1390", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html" - }, - { - "name" : "openSUSE-SU-2013:1335", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html" - }, - { - "name" : "openSUSE-SU-2013:1410", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html" - }, - { - "name" : "SUSE-SU-2013:1529", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html" - }, - { - "name" : "61233", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/61233" - }, - { - "name" : "95329", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/95329" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html" + }, + { + "name": "openSUSE-SU-2013:1335", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html" + }, + { + "name": "SUSE-SU-2013:1390", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html" + }, + { + "name": "openSUSE-SU-2013:1410", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html" + }, + { + "name": "61233", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/61233" + }, + { + "name": "95329", + "refsource": "OSVDB", + "url": "http://osvdb.org/95329" + }, + { + "name": "SUSE-SU-2013:1529", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2013/3xxx/CVE-2013-3826.json b/2013/3xxx/CVE-2013-3826.json index 324b1dc7485..3ef46bf0db3 100644 --- a/2013/3xxx/CVE-2013-3826.json +++ b/2013/3xxx/CVE-2013-3826.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-3826", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2013-3826", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" - }, - { - "name" : "oval:org.mitre.oval:def:18671", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18671" - }, - { - "name" : "55322", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/55322" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "55322", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/55322" + }, + { + "name": "oval:org.mitre.oval:def:18671", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18671" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" + } + ] + } +} \ No newline at end of file diff --git a/2013/4xxx/CVE-2013-4329.json b/2013/4xxx/CVE-2013-4329.json index fd93d58594f..e45cd6f5d7d 100644 --- a/2013/4xxx/CVE-2013-4329.json +++ b/2013/4xxx/CVE-2013-4329.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-4329", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The xenlight library (libxl) in Xen 4.0.x through 4.2.x, when IOMMU is disabled, provides access to a busmastering-capable PCI passthrough device before the IOMMU setup is complete, which allows local HVM guest domains to gain privileges or cause a denial of service via a DMA instruction." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2013-4329", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[Xen-devel] 20130701 [PATCH] libxl: suppress device assignment to HVM guest when there is no IOMMU", - "refsource" : "MLIST", - "url" : "http://lists.xen.org/archives/html/xen-devel/2013-07/msg00066.html" - }, - { - "name" : "[oss-security] 20130910 Re: Xen Security Advisory 61 - libxl partially sets up HVM passthrough even with disabled iommu", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2013/09/10/4" - }, - { - "name" : "DSA-3006", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-3006" - }, - { - "name" : "GLSA-201407-03", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201407-03.xml" - }, - { - "name" : "SUSE-SU-2014:0446", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The xenlight library (libxl) in Xen 4.0.x through 4.2.x, when IOMMU is disabled, provides access to a busmastering-capable PCI passthrough device before the IOMMU setup is complete, which allows local HVM guest domains to gain privileges or cause a denial of service via a DMA instruction." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20130910 Re: Xen Security Advisory 61 - libxl partially sets up HVM passthrough even with disabled iommu", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2013/09/10/4" + }, + { + "name": "[Xen-devel] 20130701 [PATCH] libxl: suppress device assignment to HVM guest when there is no IOMMU", + "refsource": "MLIST", + "url": "http://lists.xen.org/archives/html/xen-devel/2013-07/msg00066.html" + }, + { + "name": "GLSA-201407-03", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201407-03.xml" + }, + { + "name": "SUSE-SU-2014:0446", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html" + }, + { + "name": "DSA-3006", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-3006" + } + ] + } +} \ No newline at end of file diff --git a/2013/4xxx/CVE-2013-4959.json b/2013/4xxx/CVE-2013-4959.json index eda8bcddc63..2018b0c6131 100644 --- a/2013/4xxx/CVE-2013-4959.json +++ b/2013/4xxx/CVE-2013-4959.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-4959", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Puppet Enterprise before 3.0.1 uses HTTP responses that contain sensitive information without the \"no-cache\" setting, which might allow local users to obtain sensitive information such as (1) host name, (2) MAC address, and (3) SSH keys via the web browser cache." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-4959", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://puppetlabs.com/security/cve/cve-2013-4959/", - "refsource" : "CONFIRM", - "url" : "http://puppetlabs.com/security/cve/cve-2013-4959/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Puppet Enterprise before 3.0.1 uses HTTP responses that contain sensitive information without the \"no-cache\" setting, which might allow local users to obtain sensitive information such as (1) host name, (2) MAC address, and (3) SSH keys via the web browser cache." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://puppetlabs.com/security/cve/cve-2013-4959/", + "refsource": "CONFIRM", + "url": "http://puppetlabs.com/security/cve/cve-2013-4959/" + } + ] + } +} \ No newline at end of file diff --git a/2013/6xxx/CVE-2013-6205.json b/2013/6xxx/CVE-2013-6205.json index 07e8b24550f..0c38d874ca9 100644 --- a/2013/6xxx/CVE-2013-6205.json +++ b/2013/6xxx/CVE-2013-6205.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-6205", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in HP Rapid Deployment Pack (RDP) and Insight Control Server Deployment allows local users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "hp-security-alert@hp.com", + "ID": "CVE-2013-6205", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBGN02970", - "refsource" : "HP", - "url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04135307" - }, - { - "name" : "SSRT101443", - "refsource" : "HP", - "url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04135307" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in HP Rapid Deployment Pack (RDP) and Insight Control Server Deployment allows local users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SSRT101443", + "refsource": "HP", + "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04135307" + }, + { + "name": "HPSBGN02970", + "refsource": "HP", + "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04135307" + } + ] + } +} \ No newline at end of file diff --git a/2013/6xxx/CVE-2013-6266.json b/2013/6xxx/CVE-2013-6266.json index 94ab7635ad5..6627b66b73f 100644 --- a/2013/6xxx/CVE-2013-6266.json +++ b/2013/6xxx/CVE-2013-6266.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-6266", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2013-6266", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2013/6xxx/CVE-2013-6347.json b/2013/6xxx/CVE-2013-6347.json index 0c7e5c3a56d..d1df2ae5e0a 100644 --- a/2013/6xxx/CVE-2013-6347.json +++ b/2013/6xxx/CVE-2013-6347.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-6347", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Session fixation vulnerability in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack web sessions via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-6347", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.novell.com/support/kb/doc.php?id=7012027", - "refsource" : "CONFIRM", - "url" : "http://www.novell.com/support/kb/doc.php?id=7012027" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Session fixation vulnerability in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack web sessions via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.novell.com/support/kb/doc.php?id=7012027", + "refsource": "CONFIRM", + "url": "http://www.novell.com/support/kb/doc.php?id=7012027" + } + ] + } +} \ No newline at end of file diff --git a/2013/6xxx/CVE-2013-6884.json b/2013/6xxx/CVE-2013-6884.json index 1cd408c14e8..6a194f29afb 100644 --- a/2013/6xxx/CVE-2013-6884.json +++ b/2013/6xxx/CVE-2013-6884.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-6884", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The write-blocker in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a has a default \"ditto\" username and password, which allows remote attackers to gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-6884", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "30396", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/30396" - }, - { - "name" : "20131212 Ditto Forensic FieldStation, multiple vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2013/Dec/80" - }, - { - "name" : "http://packetstormsecurity.com/files/124420/Ditto-Forensic-FieldStation-2013Oct15a-XSS-CSRF-Command-Execution.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/124420/Ditto-Forensic-FieldStation-2013Oct15a-XSS-CSRF-Command-Execution.html" - }, - { - "name" : "http://www.cru-inc.com/support/software-downloads/ditto-firmware-updates/ditto-firmware-release-notes-2013jun30a/", - "refsource" : "MISC", - "url" : "http://www.cru-inc.com/support/software-downloads/ditto-firmware-updates/ditto-firmware-release-notes-2013jun30a/" - }, - { - "name" : "http://www.cru-inc.com/support/software-downloads/ditto-firmware-updates/ditto-firmware-release-notes-2013oct15a/", - "refsource" : "MISC", - "url" : "http://www.cru-inc.com/support/software-downloads/ditto-firmware-updates/ditto-firmware-release-notes-2013oct15a/" - }, - { - "name" : "55989", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/55989" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The write-blocker in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a has a default \"ditto\" username and password, which allows remote attackers to gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "55989", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/55989" + }, + { + "name": "http://www.cru-inc.com/support/software-downloads/ditto-firmware-updates/ditto-firmware-release-notes-2013jun30a/", + "refsource": "MISC", + "url": "http://www.cru-inc.com/support/software-downloads/ditto-firmware-updates/ditto-firmware-release-notes-2013jun30a/" + }, + { + "name": "http://packetstormsecurity.com/files/124420/Ditto-Forensic-FieldStation-2013Oct15a-XSS-CSRF-Command-Execution.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/124420/Ditto-Forensic-FieldStation-2013Oct15a-XSS-CSRF-Command-Execution.html" + }, + { + "name": "20131212 Ditto Forensic FieldStation, multiple vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2013/Dec/80" + }, + { + "name": "30396", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/30396" + }, + { + "name": "http://www.cru-inc.com/support/software-downloads/ditto-firmware-updates/ditto-firmware-release-notes-2013oct15a/", + "refsource": "MISC", + "url": "http://www.cru-inc.com/support/software-downloads/ditto-firmware-updates/ditto-firmware-release-notes-2013oct15a/" + } + ] + } +} \ No newline at end of file diff --git a/2013/7xxx/CVE-2013-7175.json b/2013/7xxx/CVE-2013-7175.json index aa65e47864a..dfdece5e41a 100644 --- a/2013/7xxx/CVE-2013-7175.json +++ b/2013/7xxx/CVE-2013-7175.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-7175", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in Avanset Visual CertExam Manager 3.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) Title, (2) File name, or (3) Candidate Name field." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2013-7175", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#869702", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/869702" - }, - { - "name" : "65104", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/65104" - }, - { - "name" : "102414", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/102414" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in Avanset Visual CertExam Manager 3.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) Title, (2) File name, or (3) Candidate Name field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "102414", + "refsource": "OSVDB", + "url": "http://osvdb.org/102414" + }, + { + "name": "65104", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/65104" + }, + { + "name": "VU#869702", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/869702" + } + ] + } +} \ No newline at end of file diff --git a/2013/7xxx/CVE-2013-7466.json b/2013/7xxx/CVE-2013-7466.json index 5cfa28315b2..7f8244866e6 100644 --- a/2013/7xxx/CVE-2013-7466.json +++ b/2013/7xxx/CVE-2013-7466.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-7466", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Simple Machines Forum (SMF) 2.0.4 allows local file inclusion, with resultant remote code execution, in install.php via ../ directory traversal in the db_type parameter if install.php remains present after installation." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-7466", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://hauntit.blogspot.com/2013/04/en-smf-204-full-disclosure.html", - "refsource" : "MISC", - "url" : "http://hauntit.blogspot.com/2013/04/en-smf-204-full-disclosure.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Simple Machines Forum (SMF) 2.0.4 allows local file inclusion, with resultant remote code execution, in install.php via ../ directory traversal in the db_type parameter if install.php remains present after installation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://hauntit.blogspot.com/2013/04/en-smf-204-full-disclosure.html", + "refsource": "MISC", + "url": "http://hauntit.blogspot.com/2013/04/en-smf-204-full-disclosure.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/10xxx/CVE-2017-10743.json b/2017/10xxx/CVE-2017-10743.json index 0c0bceb6026..df2a895d5f7 100644 --- a/2017/10xxx/CVE-2017-10743.json +++ b/2017/10xxx/CVE-2017-10743.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-10743", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a \"Stack Buffer Overrun (/GS Exception) starting at ntdll_77df0000!LdrpInitializeNode+0x000000000000015b.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-10743", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10743", - "refsource" : "MISC", - "url" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10743" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a \"Stack Buffer Overrun (/GS Exception) starting at ntdll_77df0000!LdrpInitializeNode+0x000000000000015b.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10743", + "refsource": "MISC", + "url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10743" + } + ] + } +} \ No newline at end of file diff --git a/2017/10xxx/CVE-2017-10825.json b/2017/10xxx/CVE-2017-10825.json index 81ab72a9595..946d0baf7e5 100644 --- a/2017/10xxx/CVE-2017-10825.json +++ b/2017/10xxx/CVE-2017-10825.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vultures@jpcert.or.jp", - "ID" : "CVE-2017-10825", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Installer of Flets Easy Setup Tool", - "version" : { - "version_data" : [ - { - "version_value" : "Ver1.2.0 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in Installer of Flets Easy Setup Tool Ver1.2.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2017-10825", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Installer of Flets Easy Setup Tool", + "version": { + "version_data": [ + { + "version_value": "Ver1.2.0 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://flets-w.com/topics/setup_tool_vulnerability/", - "refsource" : "MISC", - "url" : "http://flets-w.com/topics/setup_tool_vulnerability/" - }, - { - "name" : "https://jvn.jp/en/jp/JVN97243511/278948/index.html", - "refsource" : "MISC", - "url" : "https://jvn.jp/en/jp/JVN97243511/278948/index.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in Installer of Flets Easy Setup Tool Ver1.2.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://flets-w.com/topics/setup_tool_vulnerability/", + "refsource": "MISC", + "url": "http://flets-w.com/topics/setup_tool_vulnerability/" + }, + { + "name": "https://jvn.jp/en/jp/JVN97243511/278948/index.html", + "refsource": "MISC", + "url": "https://jvn.jp/en/jp/JVN97243511/278948/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/10xxx/CVE-2017-10834.json b/2017/10xxx/CVE-2017-10834.json index 51637d8c87c..1809d33b3a0 100644 --- a/2017/10xxx/CVE-2017-10834.json +++ b/2017/10xxx/CVE-2017-10834.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vultures@jpcert.or.jp", - "ID" : "CVE-2017-10834", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "\"Dokodemo eye Smart HD\" SCR02HD", - "version" : { - "version_data" : [ - { - "version_value" : "Firmware 1.0.3.1000 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "NIPPON ANTENNA Co., Ltd" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in \"Dokodemo eye Smart HD\" SCR02HD Firmware 1.0.3.1000 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Directory traversal" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2017-10834", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "\"Dokodemo eye Smart HD\" SCR02HD", + "version": { + "version_data": [ + { + "version_value": "Firmware 1.0.3.1000 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "NIPPON ANTENNA Co., Ltd" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.nippon-antenna.co.jp/product/ine/pdf/scr02hd_about_security.pdf", - "refsource" : "MISC", - "url" : "http://www.nippon-antenna.co.jp/product/ine/pdf/scr02hd_about_security.pdf" - }, - { - "name" : "JVN#87410770", - "refsource" : "JVN", - "url" : "https://jvn.jp/en/jp/JVN87410770/index.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in \"Dokodemo eye Smart HD\" SCR02HD Firmware 1.0.3.1000 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Directory traversal" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.nippon-antenna.co.jp/product/ine/pdf/scr02hd_about_security.pdf", + "refsource": "MISC", + "url": "http://www.nippon-antenna.co.jp/product/ine/pdf/scr02hd_about_security.pdf" + }, + { + "name": "JVN#87410770", + "refsource": "JVN", + "url": "https://jvn.jp/en/jp/JVN87410770/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/13xxx/CVE-2017-13190.json b/2017/13xxx/CVE-2017-13190.json index 85d372d21be..0821ff2d2a4 100644 --- a/2017/13xxx/CVE-2017-13190.json +++ b/2017/13xxx/CVE-2017-13190.json @@ -1,80 +1,80 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "DATE_PUBLIC" : "2018-01-02T00:00:00", - "ID" : "CVE-2017-13190", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "7.0" - }, - { - "version_value" : "7.1.1" - }, - { - "version_value" : "7.1.2" - }, - { - "version_value" : "8.0" - }, - { - "version_value" : "8.1" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in the Android media framework (libhevc) related to handling ps_codec_obj memory allocation failures. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68299873." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Other" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "DATE_PUBLIC": "2018-01-02T00:00:00", + "ID": "CVE-2017-13190", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "7.0" + }, + { + "version_value": "7.1.1" + }, + { + "version_value": "7.1.2" + }, + { + "version_value": "8.0" + }, + { + "version_value": "8.1" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://android.googlesource.com/platform/external/libhevc/+/3ed3c6b79a7b9a60c475dd4936ad57b0b92fd600", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform/external/libhevc/+/3ed3c6b79a7b9a60c475dd4936ad57b0b92fd600" - }, - { - "name" : "https://source.android.com/security/bulletin/pixel/2018-01-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/pixel/2018-01-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in the Android media framework (libhevc) related to handling ps_codec_obj memory allocation failures. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68299873." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Other" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/pixel/2018-01-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/pixel/2018-01-01" + }, + { + "name": "https://android.googlesource.com/platform/external/libhevc/+/3ed3c6b79a7b9a60c475dd4936ad57b0b92fd600", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform/external/libhevc/+/3ed3c6b79a7b9a60c475dd4936ad57b0b92fd600" + } + ] + } +} \ No newline at end of file diff --git a/2017/13xxx/CVE-2017-13303.json b/2017/13xxx/CVE-2017-13303.json index d35dc694747..1a6f02e5bde 100644 --- a/2017/13xxx/CVE-2017-13303.json +++ b/2017/13xxx/CVE-2017-13303.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2017-13303", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Android kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A information disclosure vulnerability in the Broadcom bcmdhd driver. Product: Android. Versions: Android kernel. Android ID: A-71359108. References: B-V2018010501." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2017-13303", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android kernel" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/pixel/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/pixel/2018-04-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A information disclosure vulnerability in the Broadcom bcmdhd driver. Product: Android. Versions: Android kernel. Android ID: A-71359108. References: B-V2018010501." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/pixel/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/pixel/2018-04-01" + } + ] + } +} \ No newline at end of file diff --git a/2017/13xxx/CVE-2017-13681.json b/2017/13xxx/CVE-2017-13681.json index 08dc8a8e07d..147fb8c9549 100644 --- a/2017/13xxx/CVE-2017-13681.json +++ b/2017/13xxx/CVE-2017-13681.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@symantec.com", - "DATE_PUBLIC" : "2017-11-06T00:00:00", - "ID" : "CVE-2017-13681", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Symantec Endpoint Protection", - "version" : { - "version_data" : [ - { - "version_value" : "Prior to SEP 12.1 RU6 MP9" - } - ] - } - } - ] - }, - "vendor_name" : "Symantec Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. In the circumstances of this issue, the capability of exploit is limited by the need to perform multiple file and directory writes to the local filesystem and as such, is not feasible in a standard drive-by type attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Privilege Escalation" - } + "CVE_data_meta": { + "ASSIGNER": "secure@symantec.com", + "DATE_PUBLIC": "2017-11-06T00:00:00", + "ID": "CVE-2017-13681", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Symantec Endpoint Protection", + "version": { + "version_data": [ + { + "version_value": "Prior to SEP 12.1 RU6 MP9" + } + ] + } + } + ] + }, + "vendor_name": "Symantec Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00", - "refsource" : "CONFIRM", - "url" : "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00" - }, - { - "name" : "101504", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101504" - }, - { - "name" : "1039775", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039775" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. In the circumstances of this issue, the capability of exploit is limited by the need to perform multiple file and directory writes to the local filesystem and as such, is not feasible in a standard drive-by type attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Privilege Escalation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1039775", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039775" + }, + { + "name": "101504", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101504" + }, + { + "name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00", + "refsource": "CONFIRM", + "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00" + } + ] + } +} \ No newline at end of file diff --git a/2017/17xxx/CVE-2017-17108.json b/2017/17xxx/CVE-2017-17108.json index 19469b63db9..9dd793315e6 100644 --- a/2017/17xxx/CVE-2017-17108.json +++ b/2017/17xxx/CVE-2017-17108.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-17108", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Path traversal vulnerability in the administrative panel in KonaKart eCommerce Platform version 8.7 and earlier could allow an attacker to download system files, as well as upload specially crafted JSP files and in turn gain access to the server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-17108", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20180201 KonaKart Path Traversal Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/541742/100/0/threaded" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Path traversal vulnerability in the administrative panel in KonaKart eCommerce Platform version 8.7 and earlier could allow an attacker to download system files, as well as upload specially crafted JSP files and in turn gain access to the server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20180201 KonaKart Path Traversal Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/541742/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2017/17xxx/CVE-2017-17243.json b/2017/17xxx/CVE-2017-17243.json index 0c394003961..f5005af5bdc 100644 --- a/2017/17xxx/CVE-2017-17243.json +++ b/2017/17xxx/CVE-2017-17243.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-17243", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-17243", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/17xxx/CVE-2017-17357.json b/2017/17xxx/CVE-2017-17357.json index 2aee7e84f8d..abdd2864d8b 100644 --- a/2017/17xxx/CVE-2017-17357.json +++ b/2017/17xxx/CVE-2017-17357.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-17357", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-17357", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/17xxx/CVE-2017-17464.json b/2017/17xxx/CVE-2017-17464.json index 54a4961be88..c395babae27 100644 --- a/2017/17xxx/CVE-2017-17464.json +++ b/2017/17xxx/CVE-2017-17464.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-17464", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x95002570 DeviceIoControl request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-17464", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/k0keoyo/Driver-Loaded-PoC/tree/master/K7-Antivirus/K7Anti_Nullptr_Dereference_0x95002570", - "refsource" : "MISC", - "url" : "https://github.com/k0keoyo/Driver-Loaded-PoC/tree/master/K7-Antivirus/K7Anti_Nullptr_Dereference_0x95002570" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x95002570 DeviceIoControl request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/k0keoyo/Driver-Loaded-PoC/tree/master/K7-Antivirus/K7Anti_Nullptr_Dereference_0x95002570", + "refsource": "MISC", + "url": "https://github.com/k0keoyo/Driver-Loaded-PoC/tree/master/K7-Antivirus/K7Anti_Nullptr_Dereference_0x95002570" + } + ] + } +} \ No newline at end of file diff --git a/2017/9xxx/CVE-2017-9224.json b/2017/9xxx/CVE-2017-9224.json index 1d16d4eab1a..26533dec247 100644 --- a/2017/9xxx/CVE-2017-9224.json +++ b/2017/9xxx/CVE-2017-9224.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-9224", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in match_at() during regular expression searching. A logical error involving order of validation and access in match_at() could result in an out-of-bounds read from a stack buffer." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-9224", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/kkos/oniguruma/commit/690313a061f7a4fa614ec5cc8368b4f2284e059b", - "refsource" : "CONFIRM", - "url" : "https://github.com/kkos/oniguruma/commit/690313a061f7a4fa614ec5cc8368b4f2284e059b" - }, - { - "name" : "https://github.com/kkos/oniguruma/issues/57", - "refsource" : "CONFIRM", - "url" : "https://github.com/kkos/oniguruma/issues/57" - }, - { - "name" : "RHSA-2018:1296", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1296" - }, - { - "name" : "101244", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101244" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in match_at() during regular expression searching. A logical error involving order of validation and access in match_at() could result in an out-of-bounds read from a stack buffer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/kkos/oniguruma/commit/690313a061f7a4fa614ec5cc8368b4f2284e059b", + "refsource": "CONFIRM", + "url": "https://github.com/kkos/oniguruma/commit/690313a061f7a4fa614ec5cc8368b4f2284e059b" + }, + { + "name": "RHSA-2018:1296", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1296" + }, + { + "name": "https://github.com/kkos/oniguruma/issues/57", + "refsource": "CONFIRM", + "url": "https://github.com/kkos/oniguruma/issues/57" + }, + { + "name": "101244", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101244" + } + ] + } +} \ No newline at end of file diff --git a/2017/9xxx/CVE-2017-9317.json b/2017/9xxx/CVE-2017-9317.json index 314a32b36f1..2bfb79bcb22 100644 --- a/2017/9xxx/CVE-2017-9317.json +++ b/2017/9xxx/CVE-2017-9317.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cybersecurity@dahuatech.com", - "DATE_PUBLIC" : "2018-03-16T00:00:00", - "ID" : "CVE-2017-9317", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "XVR 5x04, XVR 5x08, XVR 5x16, XVR 7x16, IPC-HDBW4XXX, IPC-HDBW5XXX", - "version" : { - "version_data" : [ - { - "version_value" : "Build before 2017/09" - } - ] - } - } - ] - }, - "vendor_name" : "Dahua Technologies" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Privilege escalation vulnerability found in some Dahua IP devices. Attacker in possession of low privilege account can gain access to credential information of high privilege account and further obtain device information or attack the device." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Privilege escalation" - } + "CVE_data_meta": { + "ASSIGNER": "cybersecurity@dahuatech.com", + "DATE_PUBLIC": "2018-03-16T00:00:00", + "ID": "CVE-2017-9317", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "XVR 5x04, XVR 5x08, XVR 5x16, XVR 7x16, IPC-HDBW4XXX, IPC-HDBW5XXX", + "version": { + "version_data": [ + { + "version_value": "Build before 2017/09" + } + ] + } + } + ] + }, + "vendor_name": "Dahua Technologies" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.dahuasecurity.com/support/cybersecurity/annoucementNotice/337", - "refsource" : "CONFIRM", - "url" : "https://www.dahuasecurity.com/support/cybersecurity/annoucementNotice/337" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Privilege escalation vulnerability found in some Dahua IP devices. Attacker in possession of low privilege account can gain access to credential information of high privilege account and further obtain device information or attack the device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Privilege escalation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.dahuasecurity.com/support/cybersecurity/annoucementNotice/337", + "refsource": "CONFIRM", + "url": "https://www.dahuasecurity.com/support/cybersecurity/annoucementNotice/337" + } + ] + } +} \ No newline at end of file diff --git a/2017/9xxx/CVE-2017-9477.json b/2017/9xxx/CVE-2017-9477.json index 39043ed0e37..54a69560044 100644 --- a/2017/9xxx/CVE-2017-9477.json +++ b/2017/9xxx/CVE-2017-9477.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-9477", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST) and DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to discover the CM MAC address by connecting to the device's xfinitywifi hotspot." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-9477", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-19.wifi-dhcp-cm-mac-leak.txt", - "refsource" : "MISC", - "url" : "https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-19.wifi-dhcp-cm-mac-leak.txt" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST) and DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to discover the CM MAC address by connecting to the device's xfinitywifi hotspot." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-19.wifi-dhcp-cm-mac-leak.txt", + "refsource": "MISC", + "url": "https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-19.wifi-dhcp-cm-mac-leak.txt" + } + ] + } +} \ No newline at end of file diff --git a/2017/9xxx/CVE-2017-9824.json b/2017/9xxx/CVE-2017-9824.json index 458091102ca..44dad02711c 100644 --- a/2017/9xxx/CVE-2017-9824.json +++ b/2017/9xxx/CVE-2017-9824.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-9824", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-9824", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/9xxx/CVE-2017-9887.json b/2017/9xxx/CVE-2017-9887.json index e833f3afb59..3d60f8fba7d 100644 --- a/2017/9xxx/CVE-2017-9887.json +++ b/2017/9xxx/CVE-2017-9887.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-9887", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to \"Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX+0x000000000000688d.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-9887", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9887", - "refsource" : "MISC", - "url" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9887" - }, - { - "name" : "http://www.irfanview.com/plugins.htm", - "refsource" : "CONFIRM", - "url" : "http://www.irfanview.com/plugins.htm" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IrfanView version 4.44 (32bit) with FPX Plugin 4.46 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .fpx file, related to \"Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FPX+0x000000000000688d.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9887", + "refsource": "MISC", + "url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-9887" + }, + { + "name": "http://www.irfanview.com/plugins.htm", + "refsource": "CONFIRM", + "url": "http://www.irfanview.com/plugins.htm" + } + ] + } +} \ No newline at end of file diff --git a/2018/0xxx/CVE-2018-0196.json b/2018/0xxx/CVE-2018-0196.json index cfa3e97b273..698b3b044a3 100644 --- a/2018/0xxx/CVE-2018-0196.json +++ b/2018/0xxx/CVE-2018-0196.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@cisco.com", - "ID" : "CVE-2018-0196", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cisco IOS XE", - "version" : { - "version_data" : [ - { - "version_value" : "Cisco IOS XE" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to write arbitrary files to the operating system of an affected device. The vulnerability is due to insufficient input validation of HTTP requests that are sent to the web UI of the affected software. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web UI of the affected software. A successful exploit could allow the attacker to write arbitrary files to the operating system of an affected device. Cisco Bug IDs: CSCvb22645." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-20" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2018-0196", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco IOS XE", + "version": { + "version_data": [ + { + "version_value": "Cisco IOS XE" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-wfw", - "refsource" : "CONFIRM", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-wfw" - }, - { - "name" : "103570", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103570" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to write arbitrary files to the operating system of an affected device. The vulnerability is due to insufficient input validation of HTTP requests that are sent to the web UI of the affected software. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web UI of the affected software. A successful exploit could allow the attacker to write arbitrary files to the operating system of an affected device. Cisco Bug IDs: CSCvb22645." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "103570", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103570" + }, + { + "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-wfw", + "refsource": "CONFIRM", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-wfw" + } + ] + } +} \ No newline at end of file diff --git a/2018/0xxx/CVE-2018-0560.json b/2018/0xxx/CVE-2018-0560.json index 539f1f0109d..5a425e846ae 100644 --- a/2018/0xxx/CVE-2018-0560.json +++ b/2018/0xxx/CVE-2018-0560.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vultures@jpcert.or.jp", - "ID" : "CVE-2018-0560", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Hatena Bookmark App for iOS", - "version" : { - "version_data" : [ - { - "version_value" : "Version 3.0 to 3.70" - } - ] - } - } - ] - }, - "vendor_name" : "Hatena co.,ltd." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote attackers to spoof the address bar via vectors related to URL display." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Address bar spoofing" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2018-0560", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Hatena Bookmark App for iOS", + "version": { + "version_data": [ + { + "version_value": "Version 3.0 to 3.70" + } + ] + } + } + ] + }, + "vendor_name": "Hatena co.,ltd." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bookmark.hatenastaff.com/entry/2018/04/09/170000", - "refsource" : "CONFIRM", - "url" : "http://bookmark.hatenastaff.com/entry/2018/04/09/170000" - }, - { - "name" : "JVN#77753476", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN77753476/index.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote attackers to spoof the address bar via vectors related to URL display." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Address bar spoofing" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bookmark.hatenastaff.com/entry/2018/04/09/170000", + "refsource": "CONFIRM", + "url": "http://bookmark.hatenastaff.com/entry/2018/04/09/170000" + }, + { + "name": "JVN#77753476", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN77753476/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2018/0xxx/CVE-2018-0766.json b/2018/0xxx/CVE-2018-0766.json index ea03cdf4010..cb4775d6903 100644 --- a/2018/0xxx/CVE-2018-0766.json +++ b/2018/0xxx/CVE-2018-0766.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "DATE_PUBLIC" : "2018-01-03T00:00:00", - "ID" : "CVE-2018-0766", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft Edge", - "version" : { - "version_data" : [ - { - "version_value" : "Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016." - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the Microsoft Edge PDF Reader handles objects in memory, aka \"Microsoft Edge Information Disclosure Vulnerability\"." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "DATE_PUBLIC": "2018-01-03T00:00:00", + "ID": "CVE-2018-0766", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Edge", + "version": { + "version_data": [ + { + "version_value": "Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016." + } + ] + } + } + ] + }, + "vendor_name": "Microsoft Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0766", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0766" - }, - { - "name" : "102388", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102388" - }, - { - "name" : "1040100", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040100" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how the Microsoft Edge PDF Reader handles objects in memory, aka \"Microsoft Edge Information Disclosure Vulnerability\"." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0766", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0766" + }, + { + "name": "102388", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102388" + }, + { + "name": "1040100", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040100" + } + ] + } +} \ No newline at end of file diff --git a/2018/1000xxx/CVE-2018-1000600.json b/2018/1000xxx/CVE-2018-1000600.json index 9d12a867444..2f34256fed2 100644 --- a/2018/1000xxx/CVE-2018-1000600.json +++ b/2018/1000xxx/CVE-2018-1000600.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve-assign@distributedweaknessfiling.org", - "ID" : "CVE-2018-1000600", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and earlier in GitHubTokenCredentialsCreator.java that allows attackers to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-1000600", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://jenkins.io/security/advisory/2018-06-25/#SECURITY-915", - "refsource" : "CONFIRM", - "url" : "https://jenkins.io/security/advisory/2018-06-25/#SECURITY-915" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and earlier in GitHubTokenCredentialsCreator.java that allows attackers to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://jenkins.io/security/advisory/2018-06-25/#SECURITY-915", + "refsource": "CONFIRM", + "url": "https://jenkins.io/security/advisory/2018-06-25/#SECURITY-915" + } + ] + } +} \ No newline at end of file diff --git a/2018/1000xxx/CVE-2018-1000881.json b/2018/1000xxx/CVE-2018-1000881.json index 9a610fa2cb2..3cf5e1b7614 100644 --- a/2018/1000xxx/CVE-2018-1000881.json +++ b/2018/1000xxx/CVE-2018-1000881.json @@ -1,65 +1,65 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "kurt@seifried.org", - "DATE_ASSIGNED" : "2018-12-19T20:52:45.249463", - "DATE_REQUESTED" : "2018-12-04T14:07:18", - "ID" : "CVE-2018-1000881", - "REQUESTER" : "nickb@appcheck-ng.com", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Traccar Server", - "version" : { - "version_data" : [ - { - "version_value" : "4.0 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Traccar" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability in ComputedAttributesHandler.java that can result in Remote Command Execution. This attack appear to be exploitable via Remote: web application request by a self-registered user. This vulnerability appears to have been fixed in 4.1 and later." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-94: Improper Control of Generation of Code ('Code Injection')" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "DATE_ASSIGNED": "2018-12-19T20:52:45.249463", + "DATE_REQUESTED": "2018-12-04T14:07:18", + "ID": "CVE-2018-1000881", + "REQUESTER": "nickb@appcheck-ng.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://appcheck-ng.com/advisory-remote-code-execution-traccar-server/", - "refsource" : "MISC", - "url" : "https://appcheck-ng.com/advisory-remote-code-execution-traccar-server/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability in ComputedAttributesHandler.java that can result in Remote Command Execution. This attack appear to be exploitable via Remote: web application request by a self-registered user. This vulnerability appears to have been fixed in 4.1 and later." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://appcheck-ng.com/advisory-remote-code-execution-traccar-server/", + "refsource": "MISC", + "url": "https://appcheck-ng.com/advisory-remote-code-execution-traccar-server/" + } + ] + } +} \ No newline at end of file diff --git a/2018/18xxx/CVE-2018-18138.json b/2018/18xxx/CVE-2018-18138.json index d84d183fedf..c3d3dd23b67 100644 --- a/2018/18xxx/CVE-2018-18138.json +++ b/2018/18xxx/CVE-2018-18138.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-18138", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-18138", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/19xxx/CVE-2018-19033.json b/2018/19xxx/CVE-2018-19033.json index 5b2fbe56206..262b7fd3a55 100644 --- a/2018/19xxx/CVE-2018-19033.json +++ b/2018/19xxx/CVE-2018-19033.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-19033", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-19033", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/19xxx/CVE-2018-19118.json b/2018/19xxx/CVE-2018-19118.json index eb36f70fb92..949e6e4b029 100644 --- a/2018/19xxx/CVE-2018-19118.json +++ b/2018/19xxx/CVE-2018-19118.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-19118", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Zoho ManageEngine ADAudit before 5.1 build 5120 allows remote attackers to cause a denial of service (stack-based buffer overflow) via the 'Domain Name' field when adding a new domain." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-19118", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.manageengine.com/products/active-directory-audit/adaudit-plus-release-notes.html", - "refsource" : "CONFIRM", - "url" : "https://www.manageengine.com/products/active-directory-audit/adaudit-plus-release-notes.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Zoho ManageEngine ADAudit before 5.1 build 5120 allows remote attackers to cause a denial of service (stack-based buffer overflow) via the 'Domain Name' field when adding a new domain." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.manageengine.com/products/active-directory-audit/adaudit-plus-release-notes.html", + "refsource": "CONFIRM", + "url": "https://www.manageengine.com/products/active-directory-audit/adaudit-plus-release-notes.html" + } + ] + } +} \ No newline at end of file diff --git a/2018/19xxx/CVE-2018-19441.json b/2018/19xxx/CVE-2018-19441.json index 752d5b2c045..c7e06b07f99 100644 --- a/2018/19xxx/CVE-2018-19441.json +++ b/2018/19xxx/CVE-2018-19441.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-19441", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-19441", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/19xxx/CVE-2018-19747.json b/2018/19xxx/CVE-2018-19747.json index 606a8d35061..700fba4dae4 100644 --- a/2018/19xxx/CVE-2018-19747.json +++ b/2018/19xxx/CVE-2018-19747.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-19747", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-19747", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/19xxx/CVE-2018-19847.json b/2018/19xxx/CVE-2018-19847.json index 3f9ec53e40a..26be558d410 100644 --- a/2018/19xxx/CVE-2018-19847.json +++ b/2018/19xxx/CVE-2018-19847.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-19847", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-19847", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/1xxx/CVE-2018-1022.json b/2018/1xxx/CVE-2018-1022.json index 8ff602148aa..c821205f733 100644 --- a/2018/1xxx/CVE-2018-1022.json +++ b/2018/1xxx/CVE-2018-1022.json @@ -1,173 +1,173 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "Secure@Microsoft.com", - "ID" : "CVE-2018-1022", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "ChakraCore", - "version" : { - "version_data" : [ - { - "version_value" : "ChakraCore" - } - ] - } - }, - { - "product_name" : "Internet Explorer 11", - "version" : { - "version_data" : [ - { - "version_value" : "Windows 10 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value" : "Windows 7 for 32-bit Systems Service Pack 1" - }, - { - "version_value" : "Windows 7 for x64-based Systems Service Pack 1" - }, - { - "version_value" : "Windows 8.1 for 32-bit systems" - }, - { - "version_value" : "Windows 8.1 for x64-based systems" - }, - { - "version_value" : "Windows RT 8.1" - }, - { - "version_value" : "Windows Server 2008 R2 for x64-based Systems Service Pack 1" - }, - { - "version_value" : "Windows Server 2012 R2" - }, - { - "version_value" : "Windows Server 2016" - } - ] - } - }, - { - "product_name" : "Microsoft Edge", - "version" : { - "version_data" : [ - { - "version_value" : "Windows 10 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value" : "Windows Server 2016" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2018-1022", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ChakraCore", + "version": { + "version_data": [ + { + "version_value": "ChakraCore" + } + ] + } + }, + { + "product_name": "Internet Explorer 11", + "version": { + "version_data": [ + { + "version_value": "Windows 10 for 32-bit Systems" + }, + { + "version_value": "Windows 10 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value": "Windows 7 for 32-bit Systems Service Pack 1" + }, + { + "version_value": "Windows 7 for x64-based Systems Service Pack 1" + }, + { + "version_value": "Windows 8.1 for 32-bit systems" + }, + { + "version_value": "Windows 8.1 for x64-based systems" + }, + { + "version_value": "Windows RT 8.1" + }, + { + "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1" + }, + { + "version_value": "Windows Server 2012 R2" + }, + { + "version_value": "Windows Server 2016" + } + ] + } + }, + { + "product_name": "Microsoft Edge", + "version": { + "version_data": [ + { + "version_value": "Windows 10 for 32-bit Systems" + }, + { + "version_value": "Windows 10 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value": "Windows Server 2016" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1022", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1022" - }, - { - "name" : "103978", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103978" - }, - { - "name" : "1040844", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040844" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "103978", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103978" + }, + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1022", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1022" + }, + { + "name": "1040844", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040844" + } + ] + } +} \ No newline at end of file diff --git a/2018/1xxx/CVE-2018-1030.json b/2018/1xxx/CVE-2018-1030.json index 3cd1461124c..705fd40b77d 100644 --- a/2018/1xxx/CVE-2018-1030.json +++ b/2018/1xxx/CVE-2018-1030.json @@ -1,90 +1,90 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "Secure@Microsoft.com", - "ID" : "CVE-2018-1030", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft Office", - "version" : { - "version_data" : [ - { - "version_value" : "2013 RT Service Pack 1" - }, - { - "version_value" : "2013 Service Pack 1 (32-bit editions)" - }, - { - "version_value" : "2013 Service Pack 1 (64-bit editions)" - }, - { - "version_value" : "2016 (32-bit edition)" - }, - { - "version_value" : "2016 (64-bit edition)" - }, - { - "version_value" : "2016 Click-to-Run (C2R) for 32-bit editions" - }, - { - "version_value" : "2016 Click-to-Run (C2R) for 64-bit editions" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka \"Microsoft Office Remote Code Execution Vulnerability.\" This affects Microsoft Office. This CVE ID is unique from CVE-2018-1026." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2018-1030", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Office", + "version": { + "version_data": [ + { + "version_value": "2013 RT Service Pack 1" + }, + { + "version_value": "2013 Service Pack 1 (32-bit editions)" + }, + { + "version_value": "2013 Service Pack 1 (64-bit editions)" + }, + { + "version_value": "2016 (32-bit edition)" + }, + { + "version_value": "2016 (64-bit edition)" + }, + { + "version_value": "2016 Click-to-Run (C2R) for 32-bit editions" + }, + { + "version_value": "2016 Click-to-Run (C2R) for 64-bit editions" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1030", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1030" - }, - { - "name" : "103620", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103620" - }, - { - "name" : "1040654", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040654" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka \"Microsoft Office Remote Code Execution Vulnerability.\" This affects Microsoft Office. This CVE ID is unique from CVE-2018-1026." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "103620", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103620" + }, + { + "name": "1040654", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040654" + }, + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1030", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1030" + } + ] + } +} \ No newline at end of file diff --git a/2018/1xxx/CVE-2018-1380.json b/2018/1xxx/CVE-2018-1380.json index 597379b3bf8..70c30cea970 100644 --- a/2018/1xxx/CVE-2018-1380.json +++ b/2018/1xxx/CVE-2018-1380.json @@ -1,94 +1,94 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2018-10-16T00:00:00", - "ID" : "CVE-2018-1380", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "InfoSphere Master Data Management Collaboration Server", - "version" : { - "version_data" : [ - { - "version_value" : "11.4" - }, - { - "version_value" : "11.5" - }, - { - "version_value" : "11.6" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM InfoSphere Master Data Management Collaboration Server 11.4, 11.5, and 11.6 could allow an authenticated user with CA level access to change change their ca-id to another users and read sensitive information. IBM X-Force ID: 138077." - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "A" : "N", - "AC" : "L", - "AV" : "N", - "C" : "L", - "I" : "N", - "PR" : "H", - "S" : "U", - "SCORE" : "2.700", - "UI" : "N" - }, - "TM" : { - "E" : "U", - "RC" : "C", - "RL" : "O" - } - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2018-10-16T00:00:00", + "ID": "CVE-2018-1380", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "InfoSphere Master Data Management Collaboration Server", + "version": { + "version_data": [ + { + "version_value": "11.4" + }, + { + "version_value": "11.5" + }, + { + "version_value": "11.6" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.ibm.com/support/docview.wss?uid=ibm10735411", - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/docview.wss?uid=ibm10735411" - }, - { - "name" : "ibm-infosphere-cve20181380-info-disc(138077)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/138077" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM InfoSphere Master Data Management Collaboration Server 11.4, 11.5, and 11.6 could allow an authenticated user with CA level access to change change their ca-id to another users and read sensitive information. IBM X-Force ID: 138077." + } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "A": "N", + "AC": "L", + "AV": "N", + "C": "L", + "I": "N", + "PR": "H", + "S": "U", + "SCORE": "2.700", + "UI": "N" + }, + "TM": { + "E": "U", + "RC": "C", + "RL": "O" + } + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ibm-infosphere-cve20181380-info-disc(138077)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/138077" + }, + { + "name": "https://www.ibm.com/support/docview.wss?uid=ibm10735411", + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/docview.wss?uid=ibm10735411" + } + ] + } +} \ No newline at end of file diff --git a/2018/1xxx/CVE-2018-1623.json b/2018/1xxx/CVE-2018-1623.json index 6d3cc7c2607..421fbc4f581 100644 --- a/2018/1xxx/CVE-2018-1623.json +++ b/2018/1xxx/CVE-2018-1623.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-1623", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-1623", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file