From 28e17823411e5f0a72a08285062bc2828dbbe77f Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 00:36:33 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2004/1xxx/CVE-2004-1029.json | 260 +++++++++---------- 2004/1xxx/CVE-2004-1172.json | 210 ++++++++-------- 2004/1xxx/CVE-2004-1263.json | 130 +++++----- 2004/1xxx/CVE-2004-1656.json | 140 +++++------ 2004/1xxx/CVE-2004-1887.json | 180 ++++++------- 2004/1xxx/CVE-2004-1903.json | 140 +++++------ 2008/0xxx/CVE-2008-0386.json | 280 ++++++++++----------- 2008/0xxx/CVE-2008-0712.json | 180 ++++++------- 2008/3xxx/CVE-2008-3030.json | 150 +++++------ 2008/3xxx/CVE-2008-3398.json | 170 ++++++------- 2008/3xxx/CVE-2008-3478.json | 34 +-- 2008/3xxx/CVE-2008-3651.json | 390 ++++++++++++++--------------- 2008/3xxx/CVE-2008-3795.json | 150 +++++------ 2008/4xxx/CVE-2008-4056.json | 150 +++++------ 2008/6xxx/CVE-2008-6159.json | 150 +++++------ 2008/6xxx/CVE-2008-6172.json | 150 +++++------ 2008/6xxx/CVE-2008-6192.json | 170 ++++++------- 2008/6xxx/CVE-2008-6590.json | 170 ++++++------- 2013/2xxx/CVE-2013-2631.json | 34 +-- 2013/2xxx/CVE-2013-2983.json | 120 ++++----- 2013/6xxx/CVE-2013-6061.json | 34 +-- 2013/6xxx/CVE-2013-6351.json | 34 +-- 2013/6xxx/CVE-2013-6509.json | 34 +-- 2013/6xxx/CVE-2013-6602.json | 34 +-- 2013/6xxx/CVE-2013-6715.json | 34 +-- 2013/7xxx/CVE-2013-7145.json | 34 +-- 2017/10xxx/CVE-2017-10230.json | 142 +++++------ 2017/10xxx/CVE-2017-10516.json | 34 +-- 2017/10xxx/CVE-2017-10575.json | 34 +-- 2017/11xxx/CVE-2017-11506.json | 132 +++++----- 2017/14xxx/CVE-2017-14253.json | 34 +-- 2017/14xxx/CVE-2017-14760.json | 120 ++++----- 2017/14xxx/CVE-2017-14932.json | 130 +++++----- 2017/15xxx/CVE-2017-15256.json | 120 ++++----- 2017/15xxx/CVE-2017-15331.json | 120 ++++----- 2017/15xxx/CVE-2017-15404.json | 132 +++++----- 2017/15xxx/CVE-2017-15909.json | 150 +++++------ 2017/15xxx/CVE-2017-15989.json | 120 ++++----- 2017/9xxx/CVE-2017-9096.json | 140 +++++------ 2017/9xxx/CVE-2017-9253.json | 120 ++++----- 2017/9xxx/CVE-2017-9419.json | 130 +++++----- 2017/9xxx/CVE-2017-9709.json | 122 ++++----- 2017/9xxx/CVE-2017-9718.json | 122 ++++----- 2017/9xxx/CVE-2017-9806.json | 132 +++++----- 2018/0xxx/CVE-2018-0343.json | 130 +++++----- 2018/0xxx/CVE-2018-0361.json | 140 +++++------ 2018/0xxx/CVE-2018-0962.json | 34 +-- 2018/1000xxx/CVE-2018-1000641.json | 136 +++++----- 2018/12xxx/CVE-2018-12526.json | 130 +++++----- 2018/16xxx/CVE-2018-16110.json | 34 +-- 2018/16xxx/CVE-2018-16157.json | 120 ++++----- 2018/16xxx/CVE-2018-16228.json | 34 +-- 2018/16xxx/CVE-2018-16523.json | 140 +++++------ 2018/16xxx/CVE-2018-16797.json | 120 ++++----- 2018/19xxx/CVE-2018-19046.json | 140 +++++------ 2018/4xxx/CVE-2018-4025.json | 34 +-- 2018/4xxx/CVE-2018-4165.json | 190 +++++++------- 2018/4xxx/CVE-2018-4233.json | 210 ++++++++-------- 2018/4xxx/CVE-2018-4660.json | 34 +-- 2018/4xxx/CVE-2018-4682.json | 34 +-- 2018/4xxx/CVE-2018-4865.json | 34 +-- 61 files changed, 3645 insertions(+), 3645 deletions(-) diff --git a/2004/1xxx/CVE-2004-1029.json b/2004/1xxx/CVE-2004-1029.json index 8f23bd9858a..57cf054fc2c 100644 --- a/2004/1xxx/CVE-2004-1029.json +++ b/2004/1xxx/CVE-2004-1029.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1029", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1029", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20041122 Sun Java Plugin Arbitrary Package Access Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://www.idefense.com/application/poi/display?id=158&type=vulnerabilities" - }, - { - "name" : "http://jouko.iki.fi/adv/javaplugin.html", - "refsource" : "MISC", - "url" : "http://jouko.iki.fi/adv/javaplugin.html" - }, - { - "name" : "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html", - "refsource" : "CONFIRM", - "url" : "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html" - }, - { - "name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21257249", - "refsource" : "CONFIRM", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21257249" - }, - { - "name" : "APPLE-SA-2005-02-22", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html" - }, - { - "name" : "57591", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1" - }, - { - "name" : "101523", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1" - }, - { - "name" : "VU#760344", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/760344" - }, - { - "name" : "12317", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/12317" - }, - { - "name" : "oval:org.mitre.oval:def:5674", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5674" - }, - { - "name" : "ADV-2008-0599", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0599" - }, - { - "name" : "13271", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/13271" - }, - { - "name" : "29035", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29035" - }, - { - "name" : "61", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/61" - }, - { - "name" : "sdk-jre-applet-restriction-bypass(18188)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18188" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20041122 Sun Java Plugin Arbitrary Package Access Vulnerability", + "refsource": "IDEFENSE", + "url": "http://www.idefense.com/application/poi/display?id=158&type=vulnerabilities" + }, + { + "name": "http://jouko.iki.fi/adv/javaplugin.html", + "refsource": "MISC", + "url": "http://jouko.iki.fi/adv/javaplugin.html" + }, + { + "name": "oval:org.mitre.oval:def:5674", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5674" + }, + { + "name": "APPLE-SA-2005-02-22", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html" + }, + { + "name": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html", + "refsource": "CONFIRM", + "url": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html" + }, + { + "name": "13271", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/13271" + }, + { + "name": "29035", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29035" + }, + { + "name": "61", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/61" + }, + { + "name": "12317", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/12317" + }, + { + "name": "ADV-2008-0599", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0599" + }, + { + "name": "sdk-jre-applet-restriction-bypass(18188)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18188" + }, + { + "name": "101523", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1" + }, + { + "name": "VU#760344", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/760344" + }, + { + "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249", + "refsource": "CONFIRM", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249" + }, + { + "name": "57591", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1172.json b/2004/1xxx/CVE-2004-1172.json index 30f0e0f05b1..6da8467b042 100644 --- a/2004/1xxx/CVE-2004-1172.json +++ b/2004/1xxx/CVE-2004-1172.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1172", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the Agent Browser in Veritas Backup Exec 8.x before 8.60.3878 Hotfix 68, and 9.x before 9.1.4691 Hotfix 40, allows remote attackers to execute arbitrary code via a registration request with a long hostname." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1172", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20041216 Veritas Backup Exec Agent Browser Registration Request Buffer Overflow Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://www.idefense.com/application/poi/display?id=169" - }, - { - "name" : "http://www.frsirt.com/exploits/20050111.101_BXEC.cpp.php", - "refsource" : "MISC", - "url" : "http://www.frsirt.com/exploits/20050111.101_BXEC.cpp.php" - }, - { - "name" : "http://seer.support.veritas.com/docs/273419.htm", - "refsource" : "CONFIRM", - "url" : "http://seer.support.veritas.com/docs/273419.htm" - }, - { - "name" : "http://seer.support.veritas.com/docs/273420.htm", - "refsource" : "CONFIRM", - "url" : "http://seer.support.veritas.com/docs/273420.htm" - }, - { - "name" : "http://seer.support.veritas.com/docs/273422.htm", - "refsource" : "CONFIRM", - "url" : "http://seer.support.veritas.com/docs/273422.htm" - }, - { - "name" : "http://seer.support.veritas.com/docs/273850.htm", - "refsource" : "CONFIRM", - "url" : "http://seer.support.veritas.com/docs/273850.htm" - }, - { - "name" : "VU#907729", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/907729" - }, - { - "name" : "13495", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/13495/" - }, - { - "name" : "11974", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11974" - }, - { - "name" : "netbackup-agent-browser-bo(18506)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18506" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the Agent Browser in Veritas Backup Exec 8.x before 8.60.3878 Hotfix 68, and 9.x before 9.1.4691 Hotfix 40, allows remote attackers to execute arbitrary code via a registration request with a long hostname." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://seer.support.veritas.com/docs/273419.htm", + "refsource": "CONFIRM", + "url": "http://seer.support.veritas.com/docs/273419.htm" + }, + { + "name": "http://www.frsirt.com/exploits/20050111.101_BXEC.cpp.php", + "refsource": "MISC", + "url": "http://www.frsirt.com/exploits/20050111.101_BXEC.cpp.php" + }, + { + "name": "11974", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11974" + }, + { + "name": "http://seer.support.veritas.com/docs/273850.htm", + "refsource": "CONFIRM", + "url": "http://seer.support.veritas.com/docs/273850.htm" + }, + { + "name": "VU#907729", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/907729" + }, + { + "name": "http://seer.support.veritas.com/docs/273422.htm", + "refsource": "CONFIRM", + "url": "http://seer.support.veritas.com/docs/273422.htm" + }, + { + "name": "13495", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/13495/" + }, + { + "name": "netbackup-agent-browser-bo(18506)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18506" + }, + { + "name": "http://seer.support.veritas.com/docs/273420.htm", + "refsource": "CONFIRM", + "url": "http://seer.support.veritas.com/docs/273420.htm" + }, + { + "name": "20041216 Veritas Backup Exec Agent Browser Registration Request Buffer Overflow Vulnerability", + "refsource": "IDEFENSE", + "url": "http://www.idefense.com/application/poi/display?id=169" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1263.json b/2004/1xxx/CVE-2004-1263.json index 9235aec6b14..d1f8edba033 100644 --- a/2004/1xxx/CVE-2004-1263.json +++ b/2004/1xxx/CVE-2004-1263.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1263", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "changepassword.cgi in ChangePassword 0.8, when installed setuid, allows local users to execute arbitrary code by modifying the PATH environment variable to point to a malicious \"make\" program." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1263", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://tigger.uic.edu/~jlongs2/holes/changepassword.txt", - "refsource" : "MISC", - "url" : "http://tigger.uic.edu/~jlongs2/holes/changepassword.txt" - }, - { - "name" : "changepassword-gain-privileges(18593)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18593" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "changepassword.cgi in ChangePassword 0.8, when installed setuid, allows local users to execute arbitrary code by modifying the PATH environment variable to point to a malicious \"make\" program." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "changepassword-gain-privileges(18593)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18593" + }, + { + "name": "http://tigger.uic.edu/~jlongs2/holes/changepassword.txt", + "refsource": "MISC", + "url": "http://tigger.uic.edu/~jlongs2/holes/changepassword.txt" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1656.json b/2004/1xxx/CVE-2004-1656.json index 3364ebbd46f..51794fa227e 100644 --- a/2004/1xxx/CVE-2004-1656.json +++ b/2004/1xxx/CVE-2004-1656.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1656", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CRLF injection vulnerability in Comersus Shopping Cart 5.0991 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the redirecturl parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1656", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040901 ADVISORY: http response splitting hole in Comersus shopping cart", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=109405777905519&w=2" - }, - { - "name" : "11083", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11083" - }, - { - "name" : "comersus-cart-response-splitting(17201)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17201" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CRLF injection vulnerability in Comersus Shopping Cart 5.0991 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the redirecturl parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20040901 ADVISORY: http response splitting hole in Comersus shopping cart", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=109405777905519&w=2" + }, + { + "name": "comersus-cart-response-splitting(17201)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17201" + }, + { + "name": "11083", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11083" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1887.json b/2004/1xxx/CVE-2004-1887.json index 58c702544ae..c5eb8d1c7bd 100644 --- a/2004/1xxx/CVE-2004-1887.json +++ b/2004/1xxx/CVE-2004-1887.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1887", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Ada Image Server (ImgSvr) 0.4 allows remote attackers to view directories or download files via an HTTP request with a trailing %00 (null)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1887", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040401 Index viewing in imgSvr 0.4", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=108083813528255&w=2" - }, - { - "name" : "http://www.autistici.org/fdonato/advisory/imgSvr0.4-adv.txt", - "refsource" : "MISC", - "url" : "http://www.autistici.org/fdonato/advisory/imgSvr0.4-adv.txt" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=230023", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=230023" - }, - { - "name" : "10026", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10026" - }, - { - "name" : "10027", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10027" - }, - { - "name" : "11277", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11277" - }, - { - "name" : "imgsvr-obtain-information(15706)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15706" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Ada Image Server (ImgSvr) 0.4 allows remote attackers to view directories or download files via an HTTP request with a trailing %00 (null)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "11277", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11277" + }, + { + "name": "http://www.autistici.org/fdonato/advisory/imgSvr0.4-adv.txt", + "refsource": "MISC", + "url": "http://www.autistici.org/fdonato/advisory/imgSvr0.4-adv.txt" + }, + { + "name": "20040401 Index viewing in imgSvr 0.4", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=108083813528255&w=2" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=230023", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=230023" + }, + { + "name": "10026", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10026" + }, + { + "name": "10027", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10027" + }, + { + "name": "imgsvr-obtain-information(15706)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15706" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1903.json b/2004/1xxx/CVE-2004-1903.json index 0f350fe2949..0957756bb17 100644 --- a/2004/1xxx/CVE-2004-1903.json +++ b/2004/1xxx/CVE-2004-1903.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1903", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in blaxxun 3D 7.0 allows remote attackers to execute arbitrary code via a long URL property inside an object tag." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1903", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040406 blaxxun3D(blaxxun Platform) 7 - Remote Buffer Overflow", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=108127833002955&w=2" - }, - { - "name" : "10064", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10064" - }, - { - "name" : "blaxxun-applicationxcc3d-bo(15625)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15625" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in blaxxun 3D 7.0 allows remote attackers to execute arbitrary code via a long URL property inside an object tag." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "blaxxun-applicationxcc3d-bo(15625)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15625" + }, + { + "name": "20040406 blaxxun3D(blaxxun Platform) 7 - Remote Buffer Overflow", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=108127833002955&w=2" + }, + { + "name": "10064", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10064" + } + ] + } +} \ No newline at end of file diff --git a/2008/0xxx/CVE-2008-0386.json b/2008/0xxx/CVE-2008-0386.json index abb3cffe399..fe0e37868b5 100644 --- a/2008/0xxx/CVE-2008-0386.json +++ b/2008/0xxx/CVE-2008-0386.json @@ -1,142 +1,142 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-0386", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to (1) xdg-open or (2) xdg-email." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-0386", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=207331", - "refsource" : "CONFIRM", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=207331" - }, - { - "name" : "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-email.in?r1=1.24&r2=1.25", - "refsource" : "CONFIRM", - "url" : "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-email.in?r1=1.24&r2=1.25" - }, - { - "name" : "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-email.in?view=log", - "refsource" : "CONFIRM", - "url" : "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-email.in?view=log" - }, - { - "name" : "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-email?r1=1.36&r2=1.37", - "refsource" : "CONFIRM", - "url" : "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-email?r1=1.36&r2=1.37" - }, - { - "name" : "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-open.in?r1=1.17&r2=1.18", - "refsource" : "CONFIRM", - "url" : "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-open.in?r1=1.17&r2=1.18" - }, - { - "name" : "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-open?r1=1.32&r2=1.33", - "refsource" : "CONFIRM", - "url" : "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-open?r1=1.32&r2=1.33" - }, - { - "name" : "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-open?view=log", - "refsource" : "CONFIRM", - "url" : "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-open?view=log" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=429513", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=429513" - }, - { - "name" : "GLSA-200801-21", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200801-21.xml" - }, - { - "name" : "MDVSA-2008:031", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:031" - }, - { - "name" : "SUSE-SR:2008:004", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html" - }, - { - "name" : "27528", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27528" - }, - { - "name" : "ADV-2008-0342", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0342" - }, - { - "name" : "1019284", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019284" - }, - { - "name" : "28638", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28638" - }, - { - "name" : "28728", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28728" - }, - { - "name" : "29048", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29048" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to (1) xdg-open or (2) xdg-email." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-open?view=log", + "refsource": "CONFIRM", + "url": "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-open?view=log" + }, + { + "name": "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-email?r1=1.36&r2=1.37", + "refsource": "CONFIRM", + "url": "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-email?r1=1.36&r2=1.37" + }, + { + "name": "29048", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29048" + }, + { + "name": "GLSA-200801-21", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200801-21.xml" + }, + { + "name": "28728", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28728" + }, + { + "name": "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-email.in?r1=1.24&r2=1.25", + "refsource": "CONFIRM", + "url": "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-email.in?r1=1.24&r2=1.25" + }, + { + "name": "ADV-2008-0342", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0342" + }, + { + "name": "1019284", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019284" + }, + { + "name": "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-open?r1=1.32&r2=1.33", + "refsource": "CONFIRM", + "url": "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-open?r1=1.32&r2=1.33" + }, + { + "name": "MDVSA-2008:031", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:031" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=207331", + "refsource": "CONFIRM", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=207331" + }, + { + "name": "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-open.in?r1=1.17&r2=1.18", + "refsource": "CONFIRM", + "url": "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-open.in?r1=1.17&r2=1.18" + }, + { + "name": "SUSE-SR:2008:004", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html" + }, + { + "name": "27528", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27528" + }, + { + "name": "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-email.in?view=log", + "refsource": "CONFIRM", + "url": "http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-email.in?view=log" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=429513", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=429513" + }, + { + "name": "28638", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28638" + } + ] + } +} \ No newline at end of file diff --git a/2008/0xxx/CVE-2008-0712.json b/2008/0xxx/CVE-2008-0712.json index 732b4fcc7b5..16ccd1816d7 100644 --- a/2008/0xxx/CVE-2008-0712.json +++ b/2008/0xxx/CVE-2008-0712.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-0712", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the HP HPeDiag (aka eSupportDiagnostics) ActiveX control in hpediag.dll in HP Software Update 4.000.009.002 and earlier allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors. NOTE: this might overlap CVE-2007-6513." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-0712", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBGN02333", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=120907060320901&w=2" - }, - { - "name" : "SSRT080031", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=120907060320901&w=2" - }, - { - "name" : "28929", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28929" - }, - { - "name" : "ADV-2008-1356", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1356/references" - }, - { - "name" : "1019922", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019922" - }, - { - "name" : "29966", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29966" - }, - { - "name" : "hpsoftware-hpediag-code-execution(42003)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42003" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the HP HPeDiag (aka eSupportDiagnostics) ActiveX control in hpediag.dll in HP Software Update 4.000.009.002 and earlier allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors. NOTE: this might overlap CVE-2007-6513." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "HPSBGN02333", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=120907060320901&w=2" + }, + { + "name": "28929", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28929" + }, + { + "name": "ADV-2008-1356", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1356/references" + }, + { + "name": "SSRT080031", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=120907060320901&w=2" + }, + { + "name": "hpsoftware-hpediag-code-execution(42003)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42003" + }, + { + "name": "29966", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29966" + }, + { + "name": "1019922", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019922" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3030.json b/2008/3xxx/CVE-2008-3030.json index 910f8c96a57..49676032ac4 100644 --- a/2008/3xxx/CVE-2008-3030.json +++ b/2008/3xxx/CVE-2008-3030.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3030", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in default.asp in EfesTECH Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in an urunler action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3030", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "5987", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/5987" - }, - { - "name" : "30044", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30044" - }, - { - "name" : "30896", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30896" - }, - { - "name" : "efestechshop-default-sql-injection(43531)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43531" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in default.asp in EfesTECH Shop 2.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in an urunler action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "5987", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/5987" + }, + { + "name": "30896", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30896" + }, + { + "name": "efestechshop-default-sql-injection(43531)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43531" + }, + { + "name": "30044", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30044" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3398.json b/2008/3xxx/CVE-2008-3398.json index 655acc42a35..e179c7cdab2 100644 --- a/2008/3xxx/CVE-2008-3398.json +++ b/2008/3xxx/CVE-2008-3398.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3398", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in XRMS CRM 1.99.2 allow remote attackers to inject arbitrary web script or HTML via the msg parameter to unspecified components, possibly including login.php. NOTE: this may overlap CVE-2008-1129." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3398", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080725 XRMS 1.99.2 (RFI/XSS/IG) Multiple Remote Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/494754/100/0/threaded" - }, - { - "name" : "6131", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6131" - }, - { - "name" : "30369", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30369" - }, - { - "name" : "31233", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31233" - }, - { - "name" : "4081", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/4081" - }, - { - "name" : "xrmscrm-msg-xss(43994)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43994" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in XRMS CRM 1.99.2 allow remote attackers to inject arbitrary web script or HTML via the msg parameter to unspecified components, possibly including login.php. NOTE: this may overlap CVE-2008-1129." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "xrmscrm-msg-xss(43994)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43994" + }, + { + "name": "30369", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30369" + }, + { + "name": "6131", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6131" + }, + { + "name": "31233", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31233" + }, + { + "name": "20080725 XRMS 1.99.2 (RFI/XSS/IG) Multiple Remote Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/494754/100/0/threaded" + }, + { + "name": "4081", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/4081" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3478.json b/2008/3xxx/CVE-2008-3478.json index cb311c713eb..7fa7b83c2e8 100644 --- a/2008/3xxx/CVE-2008-3478.json +++ b/2008/3xxx/CVE-2008-3478.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3478", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2008. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2008-3478", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2008. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3651.json b/2008/3xxx/CVE-2008-3651.json index 0a5d34a9b24..3e95d49616e 100644 --- a/2008/3xxx/CVE-2008-3651.json +++ b/2008/3xxx/CVE-2008-3651.json @@ -1,197 +1,197 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3651", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service (memory consumption) via invalid proposals." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2008-3651", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[ipsec-tools-devel] 20080724 Ipsec-tools 0.7.1 released", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=ipsec-tools-devel&m=121688914101709&w=2" - }, - { - "name" : "[ipsec-tools-announce] 20080724 Ipsec-tools 0.7.1 released", - "refsource" : "MLIST", - "url" : "http://sourceforge.net/mailarchive/message.php?msg_name=20080724084529.GA3768%40zen.inc" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=456660", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=456660" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=615380&group_id=74601", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=615380&group_id=74601" - }, - { - "name" : "http://support.apple.com/kb/HT3549", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3549" - }, - { - "name" : "http://support.apple.com/kb/HT3639", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3639" - }, - { - "name" : "APPLE-SA-2009-05-12", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" - }, - { - "name" : "APPLE-SA-2009-06-17-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html" - }, - { - "name" : "GLSA-200812-03", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200812-03.xml" - }, - { - "name" : "MDVSA-2008:181", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:181" - }, - { - "name" : "RHSA-2008:0849", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0849.html" - }, - { - "name" : "SUSE-SR:2008:025", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html" - }, - { - "name" : "SUSE-SR:2009:004", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html" - }, - { - "name" : "USN-641-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-641-1" - }, - { - "name" : "TA09-133A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" - }, - { - "name" : "30657", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30657" - }, - { - "name" : "oval:org.mitre.oval:def:10453", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10453" - }, - { - "name" : "35074", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35074" - }, - { - "name" : "ADV-2008-2345", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2345" - }, - { - "name" : "ADV-2008-2844", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2844" - }, - { - "name" : "1020667", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1020667" - }, - { - "name" : "31450", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31450" - }, - { - "name" : "31624", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31624" - }, - { - "name" : "32759", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32759" - }, - { - "name" : "32971", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32971" - }, - { - "name" : "ADV-2009-1297", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1297" - }, - { - "name" : "ADV-2009-1621", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1621" - }, - { - "name" : "ipsectools-racoon-dos(44395)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44395" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service (memory consumption) via invalid proposals." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.apple.com/kb/HT3639", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3639" + }, + { + "name": "ADV-2009-1621", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1621" + }, + { + "name": "ADV-2008-2345", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2345" + }, + { + "name": "http://support.apple.com/kb/HT3549", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3549" + }, + { + "name": "MDVSA-2008:181", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:181" + }, + { + "name": "[ipsec-tools-announce] 20080724 Ipsec-tools 0.7.1 released", + "refsource": "MLIST", + "url": "http://sourceforge.net/mailarchive/message.php?msg_name=20080724084529.GA3768%40zen.inc" + }, + { + "name": "oval:org.mitre.oval:def:10453", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10453" + }, + { + "name": "35074", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35074" + }, + { + "name": "30657", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30657" + }, + { + "name": "32971", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32971" + }, + { + "name": "APPLE-SA-2009-06-17-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html" + }, + { + "name": "APPLE-SA-2009-05-12", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" + }, + { + "name": "ADV-2008-2844", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2844" + }, + { + "name": "[ipsec-tools-devel] 20080724 Ipsec-tools 0.7.1 released", + "refsource": "MLIST", + "url": "http://marc.info/?l=ipsec-tools-devel&m=121688914101709&w=2" + }, + { + "name": "GLSA-200812-03", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200812-03.xml" + }, + { + "name": "SUSE-SR:2009:004", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html" + }, + { + "name": "1020667", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1020667" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=456660", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=456660" + }, + { + "name": "32759", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32759" + }, + { + "name": "31624", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31624" + }, + { + "name": "TA09-133A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" + }, + { + "name": "31450", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31450" + }, + { + "name": "ADV-2009-1297", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1297" + }, + { + "name": "USN-641-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-641-1" + }, + { + "name": "ipsectools-racoon-dos(44395)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44395" + }, + { + "name": "SUSE-SR:2008:025", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=615380&group_id=74601", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=615380&group_id=74601" + }, + { + "name": "RHSA-2008:0849", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0849.html" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3795.json b/2008/3xxx/CVE-2008-3795.json index c376b8a7e46..ad5990ee0d6 100644 --- a/2008/3xxx/CVE-2008-3795.json +++ b/2008/3xxx/CVE-2008-3795.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3795", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Ipswitch WS_FTP Home client allows remote FTP servers to have an unknown impact via a long \"message response.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3795", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6257", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6257" - }, - { - "name" : "30728", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30728" - }, - { - "name" : "4173", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/4173" - }, - { - "name" : "wsftp-message-response-bo(44744)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44744" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Ipswitch WS_FTP Home client allows remote FTP servers to have an unknown impact via a long \"message response.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "30728", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30728" + }, + { + "name": "6257", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6257" + }, + { + "name": "4173", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/4173" + }, + { + "name": "wsftp-message-response-bo(44744)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44744" + } + ] + } +} \ No newline at end of file diff --git a/2008/4xxx/CVE-2008-4056.json b/2008/4xxx/CVE-2008-4056.json index c570144134e..be6a77e99fa 100644 --- a/2008/4xxx/CVE-2008-4056.json +++ b/2008/4xxx/CVE-2008-4056.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-4056", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in admin/login.php in Matterdaddy Market 1.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-4056", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.securityfocus.com/bid/30848/exploit", - "refsource" : "MISC", - "url" : "http://www.securityfocus.com/bid/30848/exploit" - }, - { - "name" : "30848", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30848" - }, - { - "name" : "31943", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31943" - }, - { - "name" : "matterdaddymarket-login-xss(44721)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44721" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in admin/login.php in Matterdaddy Market 1.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "matterdaddymarket-login-xss(44721)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44721" + }, + { + "name": "31943", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31943" + }, + { + "name": "http://www.securityfocus.com/bid/30848/exploit", + "refsource": "MISC", + "url": "http://www.securityfocus.com/bid/30848/exploit" + }, + { + "name": "30848", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30848" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6159.json b/2008/6xxx/CVE-2008-6159.json index 428ece8a8ad..f35dbd4cac1 100644 --- a/2008/6xxx/CVE-2008-6159.json +++ b/2008/6xxx/CVE-2008-6159.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6159", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Content Management Made Easy (CMME) 1.19 allows remote attackers to obtain system information via a direct request to info.php, which invokes the phpinfo function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6159", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20081004 CMME Multiple Information disclosure vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/497029/100/0/threaded" - }, - { - "name" : "http://www.bugreport.ir/index_55.htm", - "refsource" : "MISC", - "url" : "http://www.bugreport.ir/index_55.htm" - }, - { - "name" : "32169", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32169" - }, - { - "name" : "cmme-phpinfo-information-disclosure(45703)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45703" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Content Management Made Easy (CMME) 1.19 allows remote attackers to obtain system information via a direct request to info.php, which invokes the phpinfo function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "cmme-phpinfo-information-disclosure(45703)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45703" + }, + { + "name": "http://www.bugreport.ir/index_55.htm", + "refsource": "MISC", + "url": "http://www.bugreport.ir/index_55.htm" + }, + { + "name": "32169", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32169" + }, + { + "name": "20081004 CMME Multiple Information disclosure vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/497029/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6172.json b/2008/6xxx/CVE-2008-6172.json index e4ffa97b897..eff3b60b78d 100644 --- a/2008/6xxx/CVE-2008-6172.json +++ b/2008/6xxx/CVE-2008-6172.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6172", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6172", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6817", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6817" - }, - { - "name" : "31892", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31892" - }, - { - "name" : "32367", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32367" - }, - { - "name" : "rwcards-captchaimage-file-include(46081)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46081" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "rwcards-captchaimage-file-include(46081)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46081" + }, + { + "name": "31892", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31892" + }, + { + "name": "32367", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32367" + }, + { + "name": "6817", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6817" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6192.json b/2008/6xxx/CVE-2008-6192.json index cb857c132f6..52bc1926783 100644 --- a/2008/6xxx/CVE-2008-6192.json +++ b/2008/6xxx/CVE-2008-6192.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6192", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in unspecified Portlets in Sun Java System Portal Server 7.0 and 7.1 allow remote attackers to inject arbitrary web script or HTML via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6192", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "239308", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239308-1" - }, - { - "name" : "30738", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30738" - }, - { - "name" : "1020706", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1020706" - }, - { - "name" : "31538", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31538" - }, - { - "name" : "ADV-2008-2404", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2404" - }, - { - "name" : "sun-jsps-portlets-xss(44531)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44531" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in unspecified Portlets in Sun Java System Portal Server 7.0 and 7.1 allow remote attackers to inject arbitrary web script or HTML via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "239308", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239308-1" + }, + { + "name": "30738", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30738" + }, + { + "name": "ADV-2008-2404", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2404" + }, + { + "name": "1020706", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1020706" + }, + { + "name": "31538", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31538" + }, + { + "name": "sun-jsps-portlets-xss(44531)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44531" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6590.json b/2008/6xxx/CVE-2008-6590.json index f034b205353..8a524ad124f 100644 --- a/2008/6xxx/CVE-2008-6590.json +++ b/2008/6xxx/CVE-2008-6590.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6590", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple directory traversal vulnerabilities in LightNEasy \"no database\" (aka flat) version 1.2.2, and possibly SQLite version 1.2.2, allow remote attackers to read arbitrary files via a .. (dot dot) in the page parameter to (1) index.php and (2) LightNEasy.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6590", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080418 LightNEasy v.1.2.2 flat Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/491064/100/0/threaded" - }, - { - "name" : "28839", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28839" - }, - { - "name" : "44672", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/44672" - }, - { - "name" : "44673", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/44673" - }, - { - "name" : "29833", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29833" - }, - { - "name" : "lightneasy-page-directory-traversal(41889)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41889" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple directory traversal vulnerabilities in LightNEasy \"no database\" (aka flat) version 1.2.2, and possibly SQLite version 1.2.2, allow remote attackers to read arbitrary files via a .. (dot dot) in the page parameter to (1) index.php and (2) LightNEasy.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20080418 LightNEasy v.1.2.2 flat Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/491064/100/0/threaded" + }, + { + "name": "lightneasy-page-directory-traversal(41889)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41889" + }, + { + "name": "29833", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29833" + }, + { + "name": "44673", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/44673" + }, + { + "name": "44672", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/44672" + }, + { + "name": "28839", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28839" + } + ] + } +} \ No newline at end of file diff --git a/2013/2xxx/CVE-2013-2631.json b/2013/2xxx/CVE-2013-2631.json index 1b3105107cb..9dfcfad208b 100644 --- a/2013/2xxx/CVE-2013-2631.json +++ b/2013/2xxx/CVE-2013-2631.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-2631", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-2631", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/2xxx/CVE-2013-2983.json b/2013/2xxx/CVE-2013-2983.json index ababbc07462..f49b154d43c 100644 --- a/2013/2xxx/CVE-2013-2983.json +++ b/2013/2xxx/CVE-2013-2983.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-2983", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling File Gateway 2.2 and Sterling B2B Integrator allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2013-0468." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2013-2983", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "IC91045", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IC91045" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling File Gateway 2.2 and Sterling B2B Integrator allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2013-0468." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "IC91045", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC91045" + } + ] + } +} \ No newline at end of file diff --git a/2013/6xxx/CVE-2013-6061.json b/2013/6xxx/CVE-2013-6061.json index fc394c7baea..eea290c0d6a 100644 --- a/2013/6xxx/CVE-2013-6061.json +++ b/2013/6xxx/CVE-2013-6061.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-6061", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-6061", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/6xxx/CVE-2013-6351.json b/2013/6xxx/CVE-2013-6351.json index 25c01c98ac1..7a79b51a331 100644 --- a/2013/6xxx/CVE-2013-6351.json +++ b/2013/6xxx/CVE-2013-6351.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-6351", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-6351", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/6xxx/CVE-2013-6509.json b/2013/6xxx/CVE-2013-6509.json index 726ce9ce243..e93a1d6709c 100644 --- a/2013/6xxx/CVE-2013-6509.json +++ b/2013/6xxx/CVE-2013-6509.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-6509", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2013-6509", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2013/6xxx/CVE-2013-6602.json b/2013/6xxx/CVE-2013-6602.json index 1b9d12af58e..2fa0be60b15 100644 --- a/2013/6xxx/CVE-2013-6602.json +++ b/2013/6xxx/CVE-2013-6602.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-6602", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2013-6602", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2013/6xxx/CVE-2013-6715.json b/2013/6xxx/CVE-2013-6715.json index 6cd7cb24426..c4e0fc47153 100644 --- a/2013/6xxx/CVE-2013-6715.json +++ b/2013/6xxx/CVE-2013-6715.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-6715", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-6715", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/7xxx/CVE-2013-7145.json b/2013/7xxx/CVE-2013-7145.json index 86f33f1623f..bbe1c9755cf 100644 --- a/2013/7xxx/CVE-2013-7145.json +++ b/2013/7xxx/CVE-2013-7145.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-7145", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2013-7145", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/10xxx/CVE-2017-10230.json b/2017/10xxx/CVE-2017-10230.json index 8e18e41b9af..644da58959f 100644 --- a/2017/10xxx/CVE-2017-10230.json +++ b/2017/10xxx/CVE-2017-10230.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2017-10230", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Hospitality Cruise Dining Room Management", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "8.0.75" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle Hospitality Cruise Dining Room Management component of Oracle Hospitality Applications (subcomponent: SilverWhere). The supported version that is affected is 8.0.75. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Dining Room Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality Cruise Dining Room Management accessible data as well as unauthorized read access to a subset of Oracle Hospitality Cruise Dining Room Management accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Dining Room Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality Cruise Dining Room Management accessible data as well as unauthorized read access to a subset of Oracle Hospitality Cruise Dining Room Management accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2017-10230", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Hospitality Cruise Dining Room Management", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "8.0.75" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" - }, - { - "name" : "99688", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99688" - }, - { - "name" : "1038941", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038941" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Hospitality Cruise Dining Room Management component of Oracle Hospitality Applications (subcomponent: SilverWhere). The supported version that is affected is 8.0.75. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Dining Room Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality Cruise Dining Room Management accessible data as well as unauthorized read access to a subset of Oracle Hospitality Cruise Dining Room Management accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Dining Room Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality Cruise Dining Room Management accessible data as well as unauthorized read access to a subset of Oracle Hospitality Cruise Dining Room Management accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "99688", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99688" + }, + { + "name": "1038941", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038941" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/10xxx/CVE-2017-10516.json b/2017/10xxx/CVE-2017-10516.json index fd4200d1d82..b9429c4944c 100644 --- a/2017/10xxx/CVE-2017-10516.json +++ b/2017/10xxx/CVE-2017-10516.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-10516", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-10516", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/10xxx/CVE-2017-10575.json b/2017/10xxx/CVE-2017-10575.json index fc9a5df6bce..da558c2d1a5 100644 --- a/2017/10xxx/CVE-2017-10575.json +++ b/2017/10xxx/CVE-2017-10575.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-10575", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-10575", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11506.json b/2017/11xxx/CVE-2017-11506.json index 123f8f53353..71795d775bc 100644 --- a/2017/11xxx/CVE-2017-11506.json +++ b/2017/11xxx/CVE-2017-11506.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vulnreport@tenable.com", - "DATE_PUBLIC" : "2017-08-08T00:00:00", - "ID" : "CVE-2017-11506", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Nessus", - "version" : { - "version_data" : [ - { - "version_value" : "6.x before 6.11" - } - ] - } - } - ] - }, - "vendor_name" : "Tenable" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "When linking a Nessus scanner or agent to Tenable.io or other manager, Nessus 6.x before 6.11 does not verify the manager's TLS certificate when making the initial outgoing connection. This could allow man-in-the-middle attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Man-in-the-Middle" - } + "CVE_data_meta": { + "ASSIGNER": "vulnreport@tenable.com", + "DATE_PUBLIC": "2017-08-08T00:00:00", + "ID": "CVE-2017-11506", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Nessus", + "version": { + "version_data": [ + { + "version_value": "6.x before 6.11" + } + ] + } + } + ] + }, + "vendor_name": "Tenable" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.tenable.com/security/tns-2017-11", - "refsource" : "CONFIRM", - "url" : "https://www.tenable.com/security/tns-2017-11" - }, - { - "name" : "1039141", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039141" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "When linking a Nessus scanner or agent to Tenable.io or other manager, Nessus 6.x before 6.11 does not verify the manager's TLS certificate when making the initial outgoing connection. This could allow man-in-the-middle attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Man-in-the-Middle" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.tenable.com/security/tns-2017-11", + "refsource": "CONFIRM", + "url": "https://www.tenable.com/security/tns-2017-11" + }, + { + "name": "1039141", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039141" + } + ] + } +} \ No newline at end of file diff --git a/2017/14xxx/CVE-2017-14253.json b/2017/14xxx/CVE-2017-14253.json index 03be1fac9c8..d2825020f90 100644 --- a/2017/14xxx/CVE-2017-14253.json +++ b/2017/14xxx/CVE-2017-14253.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-14253", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-14253", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/14xxx/CVE-2017-14760.json b/2017/14xxx/CVE-2017-14760.json index 69bfa634bb2..e3e1f7434c6 100644 --- a/2017/14xxx/CVE-2017-14760.json +++ b/2017/14xxx/CVE-2017-14760.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-14760", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL Injection exists in /includes/event-management/index.php in the event-espresso-free (aka Event Espresso Lite) plugin v3.1.37.12.L for WordPress via the recurrence_id parameter to /wp-admin/admin.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-14760", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.sstrunk.com/cve/wp_event-espresso-free.html", - "refsource" : "MISC", - "url" : "http://www.sstrunk.com/cve/wp_event-espresso-free.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL Injection exists in /includes/event-management/index.php in the event-espresso-free (aka Event Espresso Lite) plugin v3.1.37.12.L for WordPress via the recurrence_id parameter to /wp-admin/admin.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.sstrunk.com/cve/wp_event-espresso-free.html", + "refsource": "MISC", + "url": "http://www.sstrunk.com/cve/wp_event-espresso-free.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/14xxx/CVE-2017-14932.json b/2017/14xxx/CVE-2017-14932.json index e9bc00427f2..c35d46d9689 100644 --- a/2017/14xxx/CVE-2017-14932.json +++ b/2017/14xxx/CVE-2017-14932.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-14932", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-14932", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=22204", - "refsource" : "CONFIRM", - "url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=22204" - }, - { - "name" : "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e338894dc2e603683bed2172e8e9f25b29051005", - "refsource" : "CONFIRM", - "url" : "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e338894dc2e603683bed2172e8e9f25b29051005" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e338894dc2e603683bed2172e8e9f25b29051005", + "refsource": "CONFIRM", + "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e338894dc2e603683bed2172e8e9f25b29051005" + }, + { + "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22204", + "refsource": "CONFIRM", + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22204" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15256.json b/2017/15xxx/CVE-2017-15256.json index 0d57cbc985c..5dec2ddb176 100644 --- a/2017/15xxx/CVE-2017-15256.json +++ b/2017/15xxx/CVE-2017-15256.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15256", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to \"Data from Faulting Address controls Branch Selection starting at PDF!xmlListWalk+0x0000000000019fc8.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15256", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15256", - "refsource" : "MISC", - "url" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15256" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IrfanView version 4.44 (32bit) with PDF plugin version 4.43 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to \"Data from Faulting Address controls Branch Selection starting at PDF!xmlListWalk+0x0000000000019fc8.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15256", + "refsource": "MISC", + "url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15256" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15331.json b/2017/15xxx/CVE-2017-15331.json index 0bda302a988..26f89cf8fcc 100644 --- a/2017/15xxx/CVE-2017-15331.json +++ b/2017/15xxx/CVE-2017-15331.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@huawei.com", - "ID" : "CVE-2017-15331", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "AR120-S,AR1200,AR1200-S,AR150,AR150-S,AR160,AR200,AR200-S,AR2200,AR2200-S,AR3200,AR510,DP300,IPS Module,MAX PRESENCE,NGFW Module,NIP6300,NIP6600,NIP6800,NetEngine16EX,RP200,RSE6500,SMC2.0,SRG1300,SRG2300,SRG3300,SVN5600,SVN5800,SVN5800-C,Secospace USG6300,Secospace USG6500,TE30,TE40,TE50,TE60,TP3106,TP3206,USG9500,USG9520,USG9560,USG9580,ViewPoint 9030", - "version" : { - "version_data" : [ - { - "version_value" : "AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, MAX PRESENCE V100R001C00, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RP200 V500R002C00SPC200, V600R006C00, RSE6500 V500R002C00, SMC2.0 V100R003C10, V100R005C00, V500R002C00, V500R002C00T, V600R006C00, V600R006C00T, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, ViewPoint 9030 V100R011C02, V100R011C03," - } - ] - } - } - ] - }, - "vendor_name" : "Huawei Technologies Co., Ltd." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, MAX PRESENCE V100R001C00, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RP200 V500R002C00SPC200, V600R006C00, RSE6500 V500R002C00, SMC2.0 V100R003C10, V100R005C00, V500R002C00, V500R002C00T, V600R006C00, V600R006C00T, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, ViewPoint 9030 V100R011C02, V100R011C03, have an out-of-bounds read vulnerability in H323 protocol. An unauthenticated, remote attacker may send crafted packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause process reboot." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "out-of-bounds read" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@huawei.com", + "ID": "CVE-2017-15331", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "AR120-S,AR1200,AR1200-S,AR150,AR150-S,AR160,AR200,AR200-S,AR2200,AR2200-S,AR3200,AR510,DP300,IPS Module,MAX PRESENCE,NGFW Module,NIP6300,NIP6600,NIP6800,NetEngine16EX,RP200,RSE6500,SMC2.0,SRG1300,SRG2300,SRG3300,SVN5600,SVN5800,SVN5800-C,Secospace USG6300,Secospace USG6500,TE30,TE40,TE50,TE60,TP3106,TP3206,USG9500,USG9520,USG9560,USG9580,ViewPoint 9030", + "version": { + "version_data": [ + { + "version_value": "AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, MAX PRESENCE V100R001C00, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RP200 V500R002C00SPC200, V600R006C00, RSE6500 V500R002C00, SMC2.0 V100R003C10, V100R005C00, V500R002C00, V500R002C00T, V600R006C00, V600R006C00T, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, ViewPoint 9030 V100R011C02, V100R011C03," + } + ] + } + } + ] + }, + "vendor_name": "Huawei Technologies Co., Ltd." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-h323-en", - "refsource" : "CONFIRM", - "url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-h323-en" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, MAX PRESENCE V100R001C00, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RP200 V500R002C00SPC200, V600R006C00, RSE6500 V500R002C00, SMC2.0 V100R003C10, V100R005C00, V500R002C00, V500R002C00T, V600R006C00, V600R006C00T, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, ViewPoint 9030 V100R011C02, V100R011C03, have an out-of-bounds read vulnerability in H323 protocol. An unauthenticated, remote attacker may send crafted packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause process reboot." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "out-of-bounds read" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-h323-en", + "refsource": "CONFIRM", + "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-h323-en" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15404.json b/2017/15xxx/CVE-2017-15404.json index 93c88c9d037..b002b14dd40 100644 --- a/2017/15xxx/CVE-2017-15404.json +++ b/2017/15xxx/CVE-2017-15404.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "chrome-cve-admin@google.com", - "ID" : "CVE-2017-15404", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Chrome", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "61.0.3163.113" - } - ] - } - } - ] - }, - "vendor_name" : "Google" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An ability to process crash dumps under root privileges and inappropriate symlinks handling could lead to a local privilege escalation in Crash Reporting in Google Chrome on Chrome OS prior to 61.0.3163.113 allowed a local attacker to perform privilege escalation via a crafted HTML page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Inappropriate implementation" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2017-15404", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "61.0.3163.113" + } + ] + } + } + ] + }, + "vendor_name": "Google" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://crbug.com/766275", - "refsource" : "MISC", - "url" : "https://crbug.com/766275" - }, - { - "name" : "https://chromereleases.googleblog.com/2017/10/stable-channel-updates-for-chrome-os.html", - "refsource" : "CONFIRM", - "url" : "https://chromereleases.googleblog.com/2017/10/stable-channel-updates-for-chrome-os.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An ability to process crash dumps under root privileges and inappropriate symlinks handling could lead to a local privilege escalation in Crash Reporting in Google Chrome on Chrome OS prior to 61.0.3163.113 allowed a local attacker to perform privilege escalation via a crafted HTML page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Inappropriate implementation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://crbug.com/766275", + "refsource": "MISC", + "url": "https://crbug.com/766275" + }, + { + "name": "https://chromereleases.googleblog.com/2017/10/stable-channel-updates-for-chrome-os.html", + "refsource": "CONFIRM", + "url": "https://chromereleases.googleblog.com/2017/10/stable-channel-updates-for-chrome-os.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15909.json b/2017/15xxx/CVE-2017-15909.json index 7c52fc33ed6..b5475a500c9 100644 --- a/2017/15xxx/CVE-2017-15909.json +++ b/2017/15xxx/CVE-2017-15909.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15909", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "D-Link DGS-1500 Ax devices before 2.51B021 have a hardcoded password, which allows remote attackers to obtain shell access." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15909", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "ftp://ftp2.dlink.com/PRODUCTS/DGS-1500-20/REVA/DGS-1500_REVA_FIRMWARE_PATCH_NOTES_2.51.021_EN.pdf", - "refsource" : "CONFIRM", - "url" : "ftp://ftp2.dlink.com/PRODUCTS/DGS-1500-20/REVA/DGS-1500_REVA_FIRMWARE_PATCH_NOTES_2.51.021_EN.pdf" - }, - { - "name" : "ftp://ftp2.dlink.com/PRODUCTS/DGS-1500-28/REVA/DGS-1500_REVA_FIRMWARE_PATCH_NOTES_2.51.021_EN.pdf", - "refsource" : "CONFIRM", - "url" : "ftp://ftp2.dlink.com/PRODUCTS/DGS-1500-28/REVA/DGS-1500_REVA_FIRMWARE_PATCH_NOTES_2.51.021_EN.pdf" - }, - { - "name" : "ftp://ftp2.dlink.com/PRODUCTS/DGS-1500-28P/REVA/DGS-1500_REVA_FIRMWARE_PATCH_NOTES_2.51.021_EN.pdf", - "refsource" : "CONFIRM", - "url" : "ftp://ftp2.dlink.com/PRODUCTS/DGS-1500-28P/REVA/DGS-1500_REVA_FIRMWARE_PATCH_NOTES_2.51.021_EN.pdf" - }, - { - "name" : "ftp://ftp2.dlink.com/PRODUCTS/DGS-1500-52/REVA/DGS-1500_REVA_FIRMWARE_PATCH_NOTES_2.51.021_EN.pdf", - "refsource" : "CONFIRM", - "url" : "ftp://ftp2.dlink.com/PRODUCTS/DGS-1500-52/REVA/DGS-1500_REVA_FIRMWARE_PATCH_NOTES_2.51.021_EN.pdf" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "D-Link DGS-1500 Ax devices before 2.51B021 have a hardcoded password, which allows remote attackers to obtain shell access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ftp://ftp2.dlink.com/PRODUCTS/DGS-1500-52/REVA/DGS-1500_REVA_FIRMWARE_PATCH_NOTES_2.51.021_EN.pdf", + "refsource": "CONFIRM", + "url": "ftp://ftp2.dlink.com/PRODUCTS/DGS-1500-52/REVA/DGS-1500_REVA_FIRMWARE_PATCH_NOTES_2.51.021_EN.pdf" + }, + { + "name": "ftp://ftp2.dlink.com/PRODUCTS/DGS-1500-28P/REVA/DGS-1500_REVA_FIRMWARE_PATCH_NOTES_2.51.021_EN.pdf", + "refsource": "CONFIRM", + "url": "ftp://ftp2.dlink.com/PRODUCTS/DGS-1500-28P/REVA/DGS-1500_REVA_FIRMWARE_PATCH_NOTES_2.51.021_EN.pdf" + }, + { + "name": "ftp://ftp2.dlink.com/PRODUCTS/DGS-1500-28/REVA/DGS-1500_REVA_FIRMWARE_PATCH_NOTES_2.51.021_EN.pdf", + "refsource": "CONFIRM", + "url": "ftp://ftp2.dlink.com/PRODUCTS/DGS-1500-28/REVA/DGS-1500_REVA_FIRMWARE_PATCH_NOTES_2.51.021_EN.pdf" + }, + { + "name": "ftp://ftp2.dlink.com/PRODUCTS/DGS-1500-20/REVA/DGS-1500_REVA_FIRMWARE_PATCH_NOTES_2.51.021_EN.pdf", + "refsource": "CONFIRM", + "url": "ftp://ftp2.dlink.com/PRODUCTS/DGS-1500-20/REVA/DGS-1500_REVA_FIRMWARE_PATCH_NOTES_2.51.021_EN.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15989.json b/2017/15xxx/CVE-2017-15989.json index 02403be64b1..f6875b943a1 100644 --- a/2017/15xxx/CVE-2017-15989.json +++ b/2017/15xxx/CVE-2017-15989.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15989", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Online Exam Test Application allows SQL Injection via the resources.php sort parameter in a category action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15989", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "43070", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/43070/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Online Exam Test Application allows SQL Injection via the resources.php sort parameter in a category action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "43070", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/43070/" + } + ] + } +} \ No newline at end of file diff --git a/2017/9xxx/CVE-2017-9096.json b/2017/9xxx/CVE-2017-9096.json index 7f75c1f73b7..59b1bb1f8a4 100644 --- a/2017/9xxx/CVE-2017-9096.json +++ b/2017/9xxx/CVE-2017-9096.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-9096", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not disable external entities, which might allow remote attackers to conduct XML external entity (XXE) attacks via a crafted PDF." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-9096", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20171106 CVE-2017-9096 iText XML External Entity Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/541483/100/0/threaded" - }, - { - "name" : "https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2017-017_itext_xml_external_entity_attack.txt", - "refsource" : "MISC", - "url" : "https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2017-017_itext_xml_external_entity_attack.txt" - }, - { - "name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us", - "refsource" : "CONFIRM", - "url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not disable external entities, which might allow remote attackers to conduct XML external entity (XXE) attacks via a crafted PDF." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20171106 CVE-2017-9096 iText XML External Entity Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/541483/100/0/threaded" + }, + { + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us", + "refsource": "CONFIRM", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us" + }, + { + "name": "https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2017-017_itext_xml_external_entity_attack.txt", + "refsource": "MISC", + "url": "https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2017-017_itext_xml_external_entity_attack.txt" + } + ] + } +} \ No newline at end of file diff --git a/2017/9xxx/CVE-2017-9253.json b/2017/9xxx/CVE-2017-9253.json index 6b9b7333608..834ab5f741e 100644 --- a/2017/9xxx/CVE-2017-9253.json +++ b/2017/9xxx/CVE-2017-9253.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-9253", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-9253", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://seclists.org/fulldisclosure/2017/Jun/32", - "refsource" : "MISC", - "url" : "http://seclists.org/fulldisclosure/2017/Jun/32" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.7 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted mp4 file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://seclists.org/fulldisclosure/2017/Jun/32", + "refsource": "MISC", + "url": "http://seclists.org/fulldisclosure/2017/Jun/32" + } + ] + } +} \ No newline at end of file diff --git a/2017/9xxx/CVE-2017-9419.json b/2017/9xxx/CVE-2017-9419.json index 9c0b599e48f..d9ebdecea0d 100644 --- a/2017/9xxx/CVE-2017-9419.json +++ b/2017/9xxx/CVE-2017-9419.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-9419", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Webhammer WP Custom Fields Search plugin 0.3.28 for WordPress allows remote attackers to inject arbitrary JavaScript via the cs-all-0 parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-9419", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://dtsa.eu/cve-2017-9419-wordpress-wp-custom-fields-search-v-0-3-28-reflected-cross-site-scripting-xss/", - "refsource" : "MISC", - "url" : "http://dtsa.eu/cve-2017-9419-wordpress-wp-custom-fields-search-v-0-3-28-reflected-cross-site-scripting-xss/" - }, - { - "name" : "https://wpvulndb.com/vulnerabilities/8848", - "refsource" : "MISC", - "url" : "https://wpvulndb.com/vulnerabilities/8848" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Webhammer WP Custom Fields Search plugin 0.3.28 for WordPress allows remote attackers to inject arbitrary JavaScript via the cs-all-0 parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://wpvulndb.com/vulnerabilities/8848", + "refsource": "MISC", + "url": "https://wpvulndb.com/vulnerabilities/8848" + }, + { + "name": "http://dtsa.eu/cve-2017-9419-wordpress-wp-custom-fields-search-v-0-3-28-reflected-cross-site-scripting-xss/", + "refsource": "MISC", + "url": "http://dtsa.eu/cve-2017-9419-wordpress-wp-custom-fields-search-v-0-3-28-reflected-cross-site-scripting-xss/" + } + ] + } +} \ No newline at end of file diff --git a/2017/9xxx/CVE-2017-9709.json b/2017/9xxx/CVE-2017-9709.json index 5a450efc32e..55ac83d90c2 100644 --- a/2017/9xxx/CVE-2017-9709.json +++ b/2017/9xxx/CVE-2017-9709.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2017-12-04T00:00:00", - "ID" : "CVE-2017-9709", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a privilege escalation vulnerability exists in telephony." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper Access Control in Telephony" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2017-12-04T00:00:00", + "ID": "CVE-2017-9709", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android for MSM, Firefox OS for MSM, QRD Android", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/pixel/2017-12-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/pixel/2017-12-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a privilege escalation vulnerability exists in telephony." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Access Control in Telephony" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/pixel/2017-12-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/pixel/2017-12-01" + } + ] + } +} \ No newline at end of file diff --git a/2017/9xxx/CVE-2017-9718.json b/2017/9xxx/CVE-2017-9718.json index c8d6fcf9345..ffc594a67c4 100644 --- a/2017/9xxx/CVE-2017-9718.json +++ b/2017/9xxx/CVE-2017-9718.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2017-12-04T00:00:00", - "ID" : "CVE-2017-9718", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in a multimedia driver can potentially lead to a buffer overwrite." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Time-of-check Time-of-use (TOCTOU) Race Condition in Multimedia" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2017-12-04T00:00:00", + "ID": "CVE-2017-9718", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android for MSM, Firefox OS for MSM, QRD Android", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/pixel/2017-12-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/pixel/2017-12-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in a multimedia driver can potentially lead to a buffer overwrite." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Time-of-check Time-of-use (TOCTOU) Race Condition in Multimedia" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/pixel/2017-12-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/pixel/2017-12-01" + } + ] + } +} \ No newline at end of file diff --git a/2017/9xxx/CVE-2017-9806.json b/2017/9xxx/CVE-2017-9806.json index fc53cdfadc6..b4cd44728ab 100644 --- a/2017/9xxx/CVE-2017-9806.json +++ b/2017/9xxx/CVE-2017-9806.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@apache.org", - "DATE_PUBLIC" : "2017-11-18T00:00:00", - "ID" : "CVE-2017-9806", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Apache OpenOffice", - "version" : { - "version_data" : [ - { - "version_value" : "4.0.0 to 4.1.3, and some previous releases, including some using our old OpenOffice.org brand" - } - ] - } - } - ] - }, - "vendor_name" : "Apache Software Foundation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Potential Arbitrary Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "security@apache.org", + "DATE_PUBLIC": "2017-11-18T00:00:00", + "ID": "CVE-2017-9806", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Apache OpenOffice", + "version": { + "version_data": [ + { + "version_value": "4.0.0 to 4.1.3, and some previous releases, including some using our old OpenOffice.org brand" + } + ] + } + } + ] + }, + "vendor_name": "Apache Software Foundation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.openoffice.org/security/cves/CVE-2017-9806.html", - "refsource" : "CONFIRM", - "url" : "http://www.openoffice.org/security/cves/CVE-2017-9806.html" - }, - { - "name" : "101585", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101585" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Potential Arbitrary Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.openoffice.org/security/cves/CVE-2017-9806.html", + "refsource": "CONFIRM", + "url": "http://www.openoffice.org/security/cves/CVE-2017-9806.html" + }, + { + "name": "101585", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101585" + } + ] + } +} \ No newline at end of file diff --git a/2018/0xxx/CVE-2018-0343.json b/2018/0xxx/CVE-2018-0343.json index b785ef77729..e3cc8b7579f 100644 --- a/2018/0xxx/CVE-2018-0343.json +++ b/2018/0xxx/CVE-2018-0343.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@cisco.com", - "ID" : "CVE-2018-0343", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cisco SD-WAN Solution unknown", - "version" : { - "version_data" : [ - { - "version_value" : "Cisco SD-WAN Solution unknown" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary code with vmanage user privileges or cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient access restrictions to the HTTP management interface of the affected solution. An attacker could exploit this vulnerability by sending a malicious HTTP request to the affected management service through an authenticated device. A successful exploit could allow the attacker to execute arbitrary code with vmanage user privileges or stop HTTP services on an affected system. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69976." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-284" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2018-0343", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco SD-WAN Solution unknown", + "version": { + "version_data": [ + { + "version_value": "Cisco SD-WAN Solution unknown" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sd-wan-code-ex", - "refsource" : "CONFIRM", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sd-wan-code-ex" - }, - { - "name" : "104861", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104861" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary code with vmanage user privileges or cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient access restrictions to the HTTP management interface of the affected solution. An attacker could exploit this vulnerability by sending a malicious HTTP request to the affected management service through an authenticated device. A successful exploit could allow the attacker to execute arbitrary code with vmanage user privileges or stop HTTP services on an affected system. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69976." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-284" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sd-wan-code-ex", + "refsource": "CONFIRM", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sd-wan-code-ex" + }, + { + "name": "104861", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104861" + } + ] + } +} \ No newline at end of file diff --git a/2018/0xxx/CVE-2018-0361.json b/2018/0xxx/CVE-2018-0361.json index b500299e81c..7aeb7f51aac 100644 --- a/2018/0xxx/CVE-2018-0361.json +++ b/2018/0xxx/CVE-2018-0361.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@cisco.com", - "ID" : "CVE-2018-0361", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "ClamAV before 0.100.1 unknown", - "version" : { - "version_data" : [ - { - "version_value" : "ClamAV before 0.100.1 unknown" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "unreasonably long time to parse" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2018-0361", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ClamAV before 0.100.1 unknown", + "version": { + "version_data": [ + { + "version_value": "ClamAV before 0.100.1 unknown" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20180820 [SECURITY] [DLA 1461-1] clamav security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html" - }, - { - "name" : "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html", - "refsource" : "CONFIRM", - "url" : "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html" - }, - { - "name" : "1041367", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041367" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "unreasonably long time to parse" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1041367", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041367" + }, + { + "name": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html", + "refsource": "CONFIRM", + "url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html" + }, + { + "name": "[debian-lts-announce] 20180820 [SECURITY] [DLA 1461-1] clamav security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html" + } + ] + } +} \ No newline at end of file diff --git a/2018/0xxx/CVE-2018-0962.json b/2018/0xxx/CVE-2018-0962.json index 08d0743bbd0..741771c7704 100644 --- a/2018/0xxx/CVE-2018-0962.json +++ b/2018/0xxx/CVE-2018-0962.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-0962", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-0962", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/1000xxx/CVE-2018-1000641.json b/2018/1000xxx/CVE-2018-1000641.json index a406ebce17c..e38a455a9cb 100644 --- a/2018/1000xxx/CVE-2018-1000641.json +++ b/2018/1000xxx/CVE-2018-1000641.json @@ -1,70 +1,70 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "kurt@seifried.org", - "DATE_ASSIGNED" : "2018-08-19T17:09:33.141498", - "DATE_REQUESTED" : "2018-08-08T12:58:09", - "ID" : "CVE-2018-1000641", - "REQUESTER" : "sajeeb@0dd.zone", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "YesWiki ", - "version" : { - "version_data" : [ - { - "version_value" : "<= cercopitheque beta 1" - } - ] - } - } - ] - }, - "vendor_name" : "YesWiki " - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "YesWiki version <= cercopitheque beta 1 contains a PHP Object Injection vulnerability in Unserialising user entered parameter in i18n.inc.php that can result in execution of code, disclosure of information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "PHP Object Injection" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "DATE_ASSIGNED": "2018-08-19T17:09:33.141498", + "DATE_REQUESTED": "2018-08-08T12:58:09", + "ID": "CVE-2018-1000641", + "REQUESTER": "sajeeb@0dd.zone", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://0dd.zone/2018/08/05/YesWiki-Object-Injection/", - "refsource" : "MISC", - "url" : "https://0dd.zone/2018/08/05/YesWiki-Object-Injection/" - }, - { - "name" : "https://github.com/YesWiki/yeswiki/issues/356", - "refsource" : "MISC", - "url" : "https://github.com/YesWiki/yeswiki/issues/356" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "YesWiki version <= cercopitheque beta 1 contains a PHP Object Injection vulnerability in Unserialising user entered parameter in i18n.inc.php that can result in execution of code, disclosure of information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/YesWiki/yeswiki/issues/356", + "refsource": "MISC", + "url": "https://github.com/YesWiki/yeswiki/issues/356" + }, + { + "name": "https://0dd.zone/2018/08/05/YesWiki-Object-Injection/", + "refsource": "MISC", + "url": "https://0dd.zone/2018/08/05/YesWiki-Object-Injection/" + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12526.json b/2018/12xxx/CVE-2018-12526.json index a3f3a859e05..38ee562e8e6 100644 --- a/2018/12xxx/CVE-2018-12526.json +++ b/2018/12xxx/CVE-2018-12526.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12526", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Telesquare SDT-CS3B1 and SDT-CW3B1 devices through 1.2.0 have a default factory account. Remote attackers can obtain access to the device via TELNET using a hardcoded account." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12526", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.boho.or.kr/data/secNoticeView.do?bulletin_writing_sequence=27284", - "refsource" : "MISC", - "url" : "https://www.boho.or.kr/data/secNoticeView.do?bulletin_writing_sequence=27284" - }, - { - "name" : "https://www.fortiguard.com/zeroday/FG-VD-18-106", - "refsource" : "MISC", - "url" : "https://www.fortiguard.com/zeroday/FG-VD-18-106" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Telesquare SDT-CS3B1 and SDT-CW3B1 devices through 1.2.0 have a default factory account. Remote attackers can obtain access to the device via TELNET using a hardcoded account." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.boho.or.kr/data/secNoticeView.do?bulletin_writing_sequence=27284", + "refsource": "MISC", + "url": "https://www.boho.or.kr/data/secNoticeView.do?bulletin_writing_sequence=27284" + }, + { + "name": "https://www.fortiguard.com/zeroday/FG-VD-18-106", + "refsource": "MISC", + "url": "https://www.fortiguard.com/zeroday/FG-VD-18-106" + } + ] + } +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16110.json b/2018/16xxx/CVE-2018-16110.json index f5e0e84ce0e..2fb9b3826bc 100644 --- a/2018/16xxx/CVE-2018-16110.json +++ b/2018/16xxx/CVE-2018-16110.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-16110", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-16110", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16157.json b/2018/16xxx/CVE-2018-16157.json index e1136f76b92..534e17b6c5b 100644 --- a/2018/16xxx/CVE-2018-16157.json +++ b/2018/16xxx/CVE-2018-16157.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-16157", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=cart&a=save item_totals parameter to zero, the entire cart is sold for free." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-16157", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/caokang/waimai/issues/5", - "refsource" : "MISC", - "url" : "https://github.com/caokang/waimai/issues/5" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=cart&a=save item_totals parameter to zero, the entire cart is sold for free." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/caokang/waimai/issues/5", + "refsource": "MISC", + "url": "https://github.com/caokang/waimai/issues/5" + } + ] + } +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16228.json b/2018/16xxx/CVE-2018-16228.json index 460c4ff87b6..7cd42e4bb73 100644 --- a/2018/16xxx/CVE-2018-16228.json +++ b/2018/16xxx/CVE-2018-16228.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-16228", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-16228", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16523.json b/2018/16xxx/CVE-2018-16523.json index 74f4d0e65e2..3222a736fa0 100644 --- a/2018/16xxx/CVE-2018-16523.json +++ b/2018/16xxx/CVE-2018-16523.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-16523", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-16523", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", - "refsource" : "MISC", - "url" : "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/" - }, - { - "name" : "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", - "refsource" : "MISC", - "url" : "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/" - }, - { - "name" : "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", - "refsource" : "CONFIRM", - "url" : "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", + "refsource": "CONFIRM", + "url": "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md" + }, + { + "name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", + "refsource": "MISC", + "url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/" + }, + { + "name": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", + "refsource": "MISC", + "url": "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/" + } + ] + } +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16797.json b/2018/16xxx/CVE-2018-16797.json index 4884e473f4c..885a729a43a 100644 --- a/2018/16xxx/CVE-2018-16797.json +++ b/2018/16xxx/CVE-2018-16797.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-16797", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A heap-based buffer overflow in PotPlayerMini.exe in PotPlayer 1.7.8556 allows remote attackers to execute arbitrary code via a .wav file with large BytesPerSec and SamplesPerSec values, and a small Data_Chunk_Size value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-16797", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://nightohl.tistory.com/entry/PotPlayer-Audiowav-File-Vulnerabilitiy?category=780012", - "refsource" : "MISC", - "url" : "https://nightohl.tistory.com/entry/PotPlayer-Audiowav-File-Vulnerabilitiy?category=780012" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A heap-based buffer overflow in PotPlayerMini.exe in PotPlayer 1.7.8556 allows remote attackers to execute arbitrary code via a .wav file with large BytesPerSec and SamplesPerSec values, and a small Data_Chunk_Size value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nightohl.tistory.com/entry/PotPlayer-Audiowav-File-Vulnerabilitiy?category=780012", + "refsource": "MISC", + "url": "https://nightohl.tistory.com/entry/PotPlayer-Audiowav-File-Vulnerabilitiy?category=780012" + } + ] + } +} \ No newline at end of file diff --git a/2018/19xxx/CVE-2018-19046.json b/2018/19xxx/CVE-2018-19046.json index 4f9b6922711..95557a5d554 100644 --- a/2018/19xxx/CVE-2018-19046.json +++ b/2018/19xxx/CVE-2018-19046.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-19046", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "keepalived 2.0.8 didn't check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats. If a local attacker had previously created a file with the expected name (e.g., /tmp/keepalived.data or /tmp/keepalived.stats), with read access for the attacker and write access for the keepalived process, then this potentially leaked sensitive information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-19046", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.suse.com/show_bug.cgi?id=1015141", - "refsource" : "MISC", - "url" : "https://bugzilla.suse.com/show_bug.cgi?id=1015141" - }, - { - "name" : "https://github.com/acassen/keepalived/issues/1048", - "refsource" : "MISC", - "url" : "https://github.com/acassen/keepalived/issues/1048" - }, - { - "name" : "GLSA-201903-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201903-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "keepalived 2.0.8 didn't check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats. If a local attacker had previously created a file with the expected name (e.g., /tmp/keepalived.data or /tmp/keepalived.stats), with read access for the attacker and write access for the keepalived process, then this potentially leaked sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201903-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201903-01" + }, + { + "name": "https://bugzilla.suse.com/show_bug.cgi?id=1015141", + "refsource": "MISC", + "url": "https://bugzilla.suse.com/show_bug.cgi?id=1015141" + }, + { + "name": "https://github.com/acassen/keepalived/issues/1048", + "refsource": "MISC", + "url": "https://github.com/acassen/keepalived/issues/1048" + } + ] + } +} \ No newline at end of file diff --git a/2018/4xxx/CVE-2018-4025.json b/2018/4xxx/CVE-2018-4025.json index 8566dc4308d..9854cb358b1 100644 --- a/2018/4xxx/CVE-2018-4025.json +++ b/2018/4xxx/CVE-2018-4025.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-4025", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-4025", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/4xxx/CVE-2018-4165.json b/2018/4xxx/CVE-2018-4165.json index 5cfc15c51c0..252a9aa439f 100644 --- a/2018/4xxx/CVE-2018-4165.json +++ b/2018/4xxx/CVE-2018-4165.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2018-4165", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2018-4165", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT208693", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208693" - }, - { - "name" : "https://support.apple.com/HT208694", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208694" - }, - { - "name" : "https://support.apple.com/HT208695", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208695" - }, - { - "name" : "https://support.apple.com/HT208697", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208697" - }, - { - "name" : "https://support.apple.com/HT208698", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208698" - }, - { - "name" : "GLSA-201808-04", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201808-04" - }, - { - "name" : "USN-3635-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3635-1/" - }, - { - "name" : "1040604", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040604" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1040604", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040604" + }, + { + "name": "https://support.apple.com/HT208698", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208698" + }, + { + "name": "GLSA-201808-04", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201808-04" + }, + { + "name": "https://support.apple.com/HT208693", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208693" + }, + { + "name": "https://support.apple.com/HT208694", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208694" + }, + { + "name": "https://support.apple.com/HT208697", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208697" + }, + { + "name": "USN-3635-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3635-1/" + }, + { + "name": "https://support.apple.com/HT208695", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208695" + } + ] + } +} \ No newline at end of file diff --git a/2018/4xxx/CVE-2018-4233.json b/2018/4xxx/CVE-2018-4233.json index 98e69bbee84..43e24a5d8c2 100644 --- a/2018/4xxx/CVE-2018-4233.json +++ b/2018/4xxx/CVE-2018-4233.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2018-4233", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2018-4233", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "45998", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/45998/" - }, - { - "name" : "https://support.apple.com/HT208848", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208848" - }, - { - "name" : "https://support.apple.com/HT208850", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208850" - }, - { - "name" : "https://support.apple.com/HT208851", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208851" - }, - { - "name" : "https://support.apple.com/HT208852", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208852" - }, - { - "name" : "https://support.apple.com/HT208853", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208853" - }, - { - "name" : "https://support.apple.com/HT208854", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208854" - }, - { - "name" : "GLSA-201808-04", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201808-04" - }, - { - "name" : "USN-3687-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3687-1/" - }, - { - "name" : "1041029", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041029" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT208850", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208850" + }, + { + "name": "https://support.apple.com/HT208853", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208853" + }, + { + "name": "https://support.apple.com/HT208851", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208851" + }, + { + "name": "GLSA-201808-04", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201808-04" + }, + { + "name": "https://support.apple.com/HT208854", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208854" + }, + { + "name": "1041029", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041029" + }, + { + "name": "USN-3687-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3687-1/" + }, + { + "name": "https://support.apple.com/HT208848", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208848" + }, + { + "name": "45998", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/45998/" + }, + { + "name": "https://support.apple.com/HT208852", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208852" + } + ] + } +} \ No newline at end of file diff --git a/2018/4xxx/CVE-2018-4660.json b/2018/4xxx/CVE-2018-4660.json index 78e9a100dc1..8db240b0500 100644 --- a/2018/4xxx/CVE-2018-4660.json +++ b/2018/4xxx/CVE-2018-4660.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-4660", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-4660", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/4xxx/CVE-2018-4682.json b/2018/4xxx/CVE-2018-4682.json index a834bac263d..25dd736046d 100644 --- a/2018/4xxx/CVE-2018-4682.json +++ b/2018/4xxx/CVE-2018-4682.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-4682", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-4682", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/4xxx/CVE-2018-4865.json b/2018/4xxx/CVE-2018-4865.json index 0aa7afd1eb5..ee14ec019b8 100644 --- a/2018/4xxx/CVE-2018-4865.json +++ b/2018/4xxx/CVE-2018-4865.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-4865", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-4865", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file