From 2bbeee4c0c4ed8385d01cdc8cc59f0f26804267a Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 17 Mar 2019 21:54:40 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2002/0xxx/CVE-2002-0136.json | 140 +++++++------- 2002/0xxx/CVE-2002-0413.json | 140 +++++++------- 2002/0xxx/CVE-2002-0545.json | 140 +++++++------- 2002/0xxx/CVE-2002-0597.json | 180 ++++++++--------- 2002/1xxx/CVE-2002-1580.json | 190 +++++++++--------- 2002/1xxx/CVE-2002-1805.json | 140 +++++++------- 2003/0xxx/CVE-2003-0079.json | 180 ++++++++--------- 2003/0xxx/CVE-2003-0538.json | 120 ++++++------ 2003/1xxx/CVE-2003-1305.json | 130 ++++++------- 2012/0xxx/CVE-2012-0196.json | 34 ++-- 2012/0xxx/CVE-2012-0198.json | 130 ++++++------- 2012/0xxx/CVE-2012-0405.json | 34 ++-- 2012/0xxx/CVE-2012-0414.json | 140 +++++++------- 2012/0xxx/CVE-2012-0633.json | 200 +++++++++---------- 2012/0xxx/CVE-2012-0979.json | 180 ++++++++--------- 2012/1xxx/CVE-2012-1263.json | 34 ++-- 2012/1xxx/CVE-2012-1378.json | 34 ++-- 2012/1xxx/CVE-2012-1442.json | 170 ++++++++-------- 2012/1xxx/CVE-2012-1742.json | 170 ++++++++-------- 2012/3xxx/CVE-2012-3344.json | 34 ++-- 2012/3xxx/CVE-2012-3845.json | 150 +++++++-------- 2012/4xxx/CVE-2012-4208.json | 300 ++++++++++++++--------------- 2012/4xxx/CVE-2012-4450.json | 190 +++++++++--------- 2017/1002xxx/CVE-2017-1002025.json | 138 ++++++------- 2017/2xxx/CVE-2017-2472.json | 180 ++++++++--------- 2017/2xxx/CVE-2017-2480.json | 190 +++++++++--------- 2017/2xxx/CVE-2017-2847.json | 132 ++++++------- 2017/2xxx/CVE-2017-2990.json | 160 +++++++-------- 2017/3xxx/CVE-2017-3430.json | 166 ++++++++-------- 2017/3xxx/CVE-2017-3972.json | 168 ++++++++-------- 2017/6xxx/CVE-2017-6056.json | 250 ++++++++++++------------ 2017/6xxx/CVE-2017-6110.json | 34 ++-- 2017/6xxx/CVE-2017-6210.json | 170 ++++++++-------- 2017/6xxx/CVE-2017-6763.json | 150 +++++++-------- 2017/7xxx/CVE-2017-7098.json | 190 +++++++++--------- 2017/7xxx/CVE-2017-7230.json | 130 ++++++------- 2017/7xxx/CVE-2017-7303.json | 130 ++++++------- 2017/7xxx/CVE-2017-7433.json | 120 ++++++------ 2017/7xxx/CVE-2017-7742.json | 140 +++++++------- 2017/7xxx/CVE-2017-7750.json | 256 ++++++++++++------------ 2018/10xxx/CVE-2018-10274.json | 34 ++-- 2018/10xxx/CVE-2018-10584.json | 34 ++-- 2018/10xxx/CVE-2018-10772.json | 120 ++++++------ 2018/14xxx/CVE-2018-14424.json | 160 +++++++-------- 2018/14xxx/CVE-2018-14494.json | 34 ++-- 2018/14xxx/CVE-2018-14662.json | 160 +++++++-------- 2018/14xxx/CVE-2018-14899.json | 120 ++++++------ 2018/17xxx/CVE-2018-17746.json | 34 ++-- 2018/20xxx/CVE-2018-20043.json | 34 ++-- 2018/20xxx/CVE-2018-20545.json | 140 +++++++------- 2018/20xxx/CVE-2018-20778.json | 120 ++++++------ 2018/20xxx/CVE-2018-20795.json | 120 ++++++------ 2018/9xxx/CVE-2018-9001.json | 120 ++++++------ 2018/9xxx/CVE-2018-9178.json | 34 ++-- 2018/9xxx/CVE-2018-9398.json | 34 ++-- 2018/9xxx/CVE-2018-9403.json | 34 ++-- 2018/9xxx/CVE-2018-9786.json | 34 ++-- 57 files changed, 3615 insertions(+), 3615 deletions(-) diff --git a/2002/0xxx/CVE-2002-0136.json b/2002/0xxx/CVE-2002-0136.json index 715c92c0cf9..ad6dd90840f 100644 --- a/2002/0xxx/CVE-2002-0136.json +++ b/2002/0xxx/CVE-2002-0136.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-0136", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 5.5 on Windows 98 allows remote web pages to cause a denial of service (hang) via extremely long values for form fields such as INPUT and TEXTAREA, which can be automatically filled via Javascript." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-0136", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20020115 IE FORM DOS", - "refsource" : "BUGTRAQ", - "url" : "http://online.securityfocus.com/archive/1/250592" - }, - { - "name" : "3892", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/3892" - }, - { - "name" : "ie-html-form-dos(7938)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7938" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 5.5 on Windows 98 allows remote web pages to cause a denial of service (hang) via extremely long values for form fields such as INPUT and TEXTAREA, which can be automatically filled via Javascript." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3892", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/3892" + }, + { + "name": "20020115 IE FORM DOS", + "refsource": "BUGTRAQ", + "url": "http://online.securityfocus.com/archive/1/250592" + }, + { + "name": "ie-html-form-dos(7938)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7938" + } + ] + } +} \ No newline at end of file diff --git a/2002/0xxx/CVE-2002-0413.json b/2002/0xxx/CVE-2002-0413.json index f793b397dea..63b2d8b1b97 100644 --- a/2002/0xxx/CVE-2002-0413.json +++ b/2002/0xxx/CVE-2002-0413.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-0413", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting vulnerability in ReBB allows remote attackers to execute arbitrary Javascript and steal cookies via an IMG tag whose URL includes the malicious script." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-0413", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20020304 ReBB javascripts vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://online.securityfocus.com/archive/1/259464" - }, - { - "name" : "4220", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/4220" - }, - { - "name" : "rebb-img-css(8353)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/8353.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting vulnerability in ReBB allows remote attackers to execute arbitrary Javascript and steal cookies via an IMG tag whose URL includes the malicious script." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20020304 ReBB javascripts vulnerability", + "refsource": "BUGTRAQ", + "url": "http://online.securityfocus.com/archive/1/259464" + }, + { + "name": "4220", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/4220" + }, + { + "name": "rebb-img-css(8353)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/8353.php" + } + ] + } +} \ No newline at end of file diff --git a/2002/0xxx/CVE-2002-0545.json b/2002/0xxx/CVE-2002-0545.json index 16c7e599cd3..668ce73d646 100644 --- a/2002/0xxx/CVE-2002-0545.json +++ b/2002/0xxx/CVE-2002-0545.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-0545", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-0545", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20020409 Aironet Telnet Vulnerability", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/warp/public/707/Aironet-Telnet.shtml" - }, - { - "name" : "4461", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/4461" - }, - { - "name" : "cisco-aironet-telnet-dos(8788)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/8788.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "cisco-aironet-telnet-dos(8788)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/8788.php" + }, + { + "name": "20020409 Aironet Telnet Vulnerability", + "refsource": "CISCO", + "url": "http://www.cisco.com/warp/public/707/Aironet-Telnet.shtml" + }, + { + "name": "4461", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/4461" + } + ] + } +} \ No newline at end of file diff --git a/2002/0xxx/CVE-2002-0597.json b/2002/0xxx/CVE-2002-0597.json index fc3343e079d..5fdbd6ed86b 100644 --- a/2002/0xxx/CVE-2002-0597.json +++ b/2002/0xxx/CVE-2002-0597.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-0597", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "LANMAN service on Microsoft Windows 2000 allows remote attackers to cause a denial of service (CPU/memory exhaustion) via a stream of malformed data to microsoft-ds port 445." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-0597", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20020417 KPMG-2002011: Windows 2000 microsoft-ds Denial of Service", - "refsource" : "BUGTRAQ", - "url" : "http://online.securityfocus.com/archive/1/268066" - }, - { - "name" : "20020417 [VulnWatch] KPMG-2002011: Windows 2000 microsoft-ds Denial of Service", - "refsource" : "VULNWATCH", - "url" : "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0025.html" - }, - { - "name" : "Q320751", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q320751" - }, - { - "name" : "VU#693099", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/693099" - }, - { - "name" : "4532", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/4532" - }, - { - "name" : "5179", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/5179" - }, - { - "name" : "win2k-lanman-dos(8867)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/8867.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "LANMAN service on Microsoft Windows 2000 allows remote attackers to cause a denial of service (CPU/memory exhaustion) via a stream of malformed data to microsoft-ds port 445." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#693099", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/693099" + }, + { + "name": "5179", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/5179" + }, + { + "name": "win2k-lanman-dos(8867)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/8867.php" + }, + { + "name": "4532", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/4532" + }, + { + "name": "20020417 [VulnWatch] KPMG-2002011: Windows 2000 microsoft-ds Denial of Service", + "refsource": "VULNWATCH", + "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0025.html" + }, + { + "name": "20020417 KPMG-2002011: Windows 2000 microsoft-ds Denial of Service", + "refsource": "BUGTRAQ", + "url": "http://online.securityfocus.com/archive/1/268066" + }, + { + "name": "Q320751", + "refsource": "MSKB", + "url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q320751" + } + ] + } +} \ No newline at end of file diff --git a/2002/1xxx/CVE-2002-1580.json b/2002/1xxx/CVE-2002-1580.json index 0daf0a4c965..31b35d07cb4 100644 --- a/2002/1xxx/CVE-2002-1580.json +++ b/2002/1xxx/CVE-2002-1580.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-1580", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-1580", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20021202 pre-login buffer overflow in Cyrus IMAP server", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/301864" - }, - { - "name" : "CLA-2002:557", - "refsource" : "CONECTIVA", - "url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000557" - }, - { - "name" : "000557", - "refsource" : "CONECTIVA", - "url" : "http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000557" - }, - { - "name" : "DSA-215", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2002/dsa-215" - }, - { - "name" : "VU#740169", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/740169" - }, - { - "name" : "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html", - "refsource" : "CONFIRM", - "url" : "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html" - }, - { - "name" : "cyrus-imap-preauth-bo(10744)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/10744" - }, - { - "name" : "6298", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/6298" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "000557", + "refsource": "CONECTIVA", + "url": "http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000557" + }, + { + "name": "CLA-2002:557", + "refsource": "CONECTIVA", + "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000557" + }, + { + "name": "DSA-215", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2002/dsa-215" + }, + { + "name": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html", + "refsource": "CONFIRM", + "url": "http://asg.web.cmu.edu/cyrus/download/imapd/changes.html" + }, + { + "name": "VU#740169", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/740169" + }, + { + "name": "6298", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/6298" + }, + { + "name": "cyrus-imap-preauth-bo(10744)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10744" + }, + { + "name": "20021202 pre-login buffer overflow in Cyrus IMAP server", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/301864" + } + ] + } +} \ No newline at end of file diff --git a/2002/1xxx/CVE-2002-1805.json b/2002/1xxx/CVE-2002-1805.json index aa5a9cba529..9838ff0d5dd 100644 --- a/2002/1xxx/CVE-2002-1805.json +++ b/2002/1xxx/CVE-2002-1805.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-1805", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in DaCode 1.2.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-1805", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20020924 ECHU Alert #2: IMG Attack in the news : 6 CMS vulnerables", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2002-09/0307.html" - }, - { - "name" : "5798", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/5798" - }, - { - "name" : "cms-news-image-xss(10173)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/10173.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in DaCode 1.2.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "5798", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/5798" + }, + { + "name": "cms-news-image-xss(10173)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/10173.php" + }, + { + "name": "20020924 ECHU Alert #2: IMG Attack in the news : 6 CMS vulnerables", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0307.html" + } + ] + } +} \ No newline at end of file diff --git a/2003/0xxx/CVE-2003-0079.json b/2003/0xxx/CVE-2003-0079.json index 56e5651c1da..cf0f9328a6d 100644 --- a/2003/0xxx/CVE-2003-0079.json +++ b/2003/0xxx/CVE-2003-0079.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2003-0079", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The DEC UDK processing feature in the hanterm (hanterm-xf) terminal emulator before 2.0.5 allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2003-0079", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20030224 Terminal Emulator Security Issues", - "refsource" : "VULNWATCH", - "url" : "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html" - }, - { - "name" : "20030224 Terminal Emulator Security Issues", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=104612710031920&w=2" - }, - { - "name" : "RHSA-2003:070", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2003-070.html" - }, - { - "name" : "RHSA-2003:071", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2003-071.html" - }, - { - "name" : "6944", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/6944" - }, - { - "name" : "terminal-emulator-dec-udk(11415)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/11415.php" - }, - { - "name" : "4918", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/4918" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The DEC UDK processing feature in the hanterm (hanterm-xf) terminal emulator before 2.0.5 allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "terminal-emulator-dec-udk(11415)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/11415.php" + }, + { + "name": "20030224 Terminal Emulator Security Issues", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=104612710031920&w=2" + }, + { + "name": "RHSA-2003:071", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2003-071.html" + }, + { + "name": "4918", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/4918" + }, + { + "name": "6944", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/6944" + }, + { + "name": "20030224 Terminal Emulator Security Issues", + "refsource": "VULNWATCH", + "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html" + }, + { + "name": "RHSA-2003:070", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2003-070.html" + } + ] + } +} \ No newline at end of file diff --git a/2003/0xxx/CVE-2003-0538.json b/2003/0xxx/CVE-2003-0538.json index 0ec3220fa17..de20d6e8708 100644 --- a/2003/0xxx/CVE-2003-0538.json +++ b/2003/0xxx/CVE-2003-0538.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2003-0538", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mailcap file for mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpreter, which allows remote attackers to execute arbitrary Oz programs in a MIME-aware client program." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2003-0538", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "DSA-342", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2003/dsa-342" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mailcap file for mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpreter, which allows remote attackers to execute arbitrary Oz programs in a MIME-aware client program." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-342", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2003/dsa-342" + } + ] + } +} \ No newline at end of file diff --git a/2003/1xxx/CVE-2003-1305.json b/2003/1xxx/CVE-2003-1305.json index 10b66495c79..b306b6b38cb 100644 --- a/2003/1xxx/CVE-2003-1305.json +++ b/2003/1xxx/CVE-2003-1305.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2003-1305", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer allows remote attackers to cause a denial of service (resource consumption) via a Javascript src attribute that recursively loads the current web page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2003-1305", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20030707 Internet Explorer Crash", - "refsource" : "BUGTRAQ", - "url" : "http://archive.cert.uni-stuttgart.de/archive/bugtraq/2003/07/msg00068.html" - }, - { - "name" : "2291", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/2291" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer allows remote attackers to cause a denial of service (resource consumption) via a Javascript src attribute that recursively loads the current web page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2291", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/2291" + }, + { + "name": "20030707 Internet Explorer Crash", + "refsource": "BUGTRAQ", + "url": "http://archive.cert.uni-stuttgart.de/archive/bugtraq/2003/07/msg00068.html" + } + ] + } +} \ No newline at end of file diff --git a/2012/0xxx/CVE-2012-0196.json b/2012/0xxx/CVE-2012-0196.json index f27594f0ba6..e1758c78120 100644 --- a/2012/0xxx/CVE-2012-0196.json +++ b/2012/0xxx/CVE-2012-0196.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-0196", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-0196", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/0xxx/CVE-2012-0198.json b/2012/0xxx/CVE-2012-0198.json index 60c76fe6508..b5939052e4e 100644 --- a/2012/0xxx/CVE-2012-0198.json +++ b/2012/0xxx/CVE-2012-0198.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-0198", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control in IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 allows remote attackers to execute arbitrary code via vectors related to an Asset Information file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2012-0198", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-12-040/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-12-040/" - }, - { - "name" : "tpme-isigisigctl1-bo(73033)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/73033" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control in IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 allows remote attackers to execute arbitrary code via vectors related to an Asset Information file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-12-040/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-12-040/" + }, + { + "name": "tpme-isigisigctl1-bo(73033)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73033" + } + ] + } +} \ No newline at end of file diff --git a/2012/0xxx/CVE-2012-0405.json b/2012/0xxx/CVE-2012-0405.json index 0a32b2a0f92..82424fa1e4f 100644 --- a/2012/0xxx/CVE-2012-0405.json +++ b/2012/0xxx/CVE-2012-0405.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-0405", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2012-0405", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2012/0xxx/CVE-2012-0414.json b/2012/0xxx/CVE-2012-0414.json index 6c4c4ae160a..7216441b11a 100644 --- a/2012/0xxx/CVE-2012-0414.json +++ b/2012/0xxx/CVE-2012-0414.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-0414", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Spacewalk service in SUSE Manager 1.2 for SUSE Linux Enterprise (SLE) 11 SP1 allows remote attackers to inject arbitrary web script or HTML via an image name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-0414", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.novell.com/show_bug.cgi?id=761165", - "refsource" : "MISC", - "url" : "https://bugzilla.novell.com/show_bug.cgi?id=761165" - }, - { - "name" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5145796.html", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5145796.html" - }, - { - "name" : "https://support.novell.com/security/cve/CVE-2012-0414.html", - "refsource" : "CONFIRM", - "url" : "https://support.novell.com/security/cve/CVE-2012-0414.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Spacewalk service in SUSE Manager 1.2 for SUSE Linux Enterprise (SLE) 11 SP1 allows remote attackers to inject arbitrary web script or HTML via an image name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.novell.com/show_bug.cgi?id=761165", + "refsource": "MISC", + "url": "https://bugzilla.novell.com/show_bug.cgi?id=761165" + }, + { + "name": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5145796.html", + "refsource": "CONFIRM", + "url": "http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5145796.html" + }, + { + "name": "https://support.novell.com/security/cve/CVE-2012-0414.html", + "refsource": "CONFIRM", + "url": "https://support.novell.com/security/cve/CVE-2012-0414.html" + } + ] + } +} \ No newline at end of file diff --git a/2012/0xxx/CVE-2012-0633.json b/2012/0xxx/CVE-2012-0633.json index 228cd86003a..41657197d64 100644 --- a/2012/0xxx/CVE-2012-0633.json +++ b/2012/0xxx/CVE-2012-0633.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-0633", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2012-0633", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "APPLE-SA-2012-03-07-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html" - }, - { - "name" : "APPLE-SA-2012-03-07-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html" - }, - { - "name" : "APPLE-SA-2012-03-12-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html" - }, - { - "name" : "52365", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/52365" - }, - { - "name" : "oval:org.mitre.oval:def:16980", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16980" - }, - { - "name" : "1026774", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1026774" - }, - { - "name" : "48274", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48274" - }, - { - "name" : "48288", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48288" - }, - { - "name" : "48377", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48377" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "52365", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/52365" + }, + { + "name": "1026774", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1026774" + }, + { + "name": "48377", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48377" + }, + { + "name": "oval:org.mitre.oval:def:16980", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16980" + }, + { + "name": "APPLE-SA-2012-03-12-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html" + }, + { + "name": "48274", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48274" + }, + { + "name": "APPLE-SA-2012-03-07-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html" + }, + { + "name": "48288", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48288" + }, + { + "name": "APPLE-SA-2012-03-07-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2012/0xxx/CVE-2012-0979.json b/2012/0xxx/CVE-2012-0979.json index c798999024c..69eae273691 100644 --- a/2012/0xxx/CVE-2012-0979.json +++ b/2012/0xxx/CVE-2012-0979.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-0979", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in TWiki allows remote attackers to inject arbitrary web script or HTML via the organization field in a profile, involving (1) registration or (2) editing of the user." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-0979", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/files/109246/twiki-xss.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/files/109246/twiki-xss.txt" - }, - { - "name" : "http://st2tea.blogspot.com/2012/01/cross-site-scripting-twiki.html", - "refsource" : "MISC", - "url" : "http://st2tea.blogspot.com/2012/01/cross-site-scripting-twiki.html" - }, - { - "name" : "51731", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/51731" - }, - { - "name" : "78664", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/78664" - }, - { - "name" : "1026604", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1026604" - }, - { - "name" : "47784", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/47784" - }, - { - "name" : "twiki-organization-xss(72821)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72821" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in TWiki allows remote attackers to inject arbitrary web script or HTML via the organization field in a profile, involving (1) registration or (2) editing of the user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "47784", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/47784" + }, + { + "name": "http://st2tea.blogspot.com/2012/01/cross-site-scripting-twiki.html", + "refsource": "MISC", + "url": "http://st2tea.blogspot.com/2012/01/cross-site-scripting-twiki.html" + }, + { + "name": "1026604", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1026604" + }, + { + "name": "51731", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/51731" + }, + { + "name": "twiki-organization-xss(72821)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72821" + }, + { + "name": "78664", + "refsource": "OSVDB", + "url": "http://osvdb.org/78664" + }, + { + "name": "http://packetstormsecurity.org/files/109246/twiki-xss.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/files/109246/twiki-xss.txt" + } + ] + } +} \ No newline at end of file diff --git a/2012/1xxx/CVE-2012-1263.json b/2012/1xxx/CVE-2012-1263.json index 3db6aecae85..b4265fa01ac 100644 --- a/2012/1xxx/CVE-2012-1263.json +++ b/2012/1xxx/CVE-2012-1263.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-1263", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-1263", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/1xxx/CVE-2012-1378.json b/2012/1xxx/CVE-2012-1378.json index 48002071422..3ddc31571b0 100644 --- a/2012/1xxx/CVE-2012-1378.json +++ b/2012/1xxx/CVE-2012-1378.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-1378", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-1378", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/1xxx/CVE-2012-1442.json b/2012/1xxx/CVE-2012-1442.json index 78c52fdf347..4a741ed8f02 100644 --- a/2012/1xxx/CVE-2012-1442.json +++ b/2012/1xxx/CVE-2012-1442.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-1442", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-1442", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/522005" - }, - { - "name" : "http://www.ieee-security.org/TC/SP2012/program.html", - "refsource" : "MISC", - "url" : "http://www.ieee-security.org/TC/SP2012/program.html" - }, - { - "name" : "52598", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/52598" - }, - { - "name" : "80426", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/80426" - }, - { - "name" : "80427", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/80427" - }, - { - "name" : "80428", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/80428" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/522005" + }, + { + "name": "80427", + "refsource": "OSVDB", + "url": "http://osvdb.org/80427" + }, + { + "name": "52598", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/52598" + }, + { + "name": "http://www.ieee-security.org/TC/SP2012/program.html", + "refsource": "MISC", + "url": "http://www.ieee-security.org/TC/SP2012/program.html" + }, + { + "name": "80428", + "refsource": "OSVDB", + "url": "http://osvdb.org/80428" + }, + { + "name": "80426", + "refsource": "OSVDB", + "url": "http://osvdb.org/80426" + } + ] + } +} \ No newline at end of file diff --git a/2012/1xxx/CVE-2012-1742.json b/2012/1xxx/CVE-2012-1742.json index 95e37278558..7c7a7d7ed94 100644 --- a/2012/1xxx/CVE-2012-1742.json +++ b/2012/1xxx/CVE-2012-1742.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-1742", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect availability via unknown vectors related to UI Framework, a different vulnerability than CVE-2012-1760." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2012-1742", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html" - }, - { - "name" : "MDVSA-2013:150", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" - }, - { - "name" : "54521", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/54521" - }, - { - "name" : "83922", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/83922" - }, - { - "name" : "1027267", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1027267" - }, - { - "name" : "siebelcrm-uiframework-dos(77035)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/77035" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect availability via unknown vectors related to UI Framework, a different vulnerability than CVE-2012-1760." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1027267", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1027267" + }, + { + "name": "54521", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/54521" + }, + { + "name": "siebelcrm-uiframework-dos(77035)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77035" + }, + { + "name": "83922", + "refsource": "OSVDB", + "url": "http://osvdb.org/83922" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html" + }, + { + "name": "MDVSA-2013:150", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" + } + ] + } +} \ No newline at end of file diff --git a/2012/3xxx/CVE-2012-3344.json b/2012/3xxx/CVE-2012-3344.json index f2851c09f39..5e569d6c5e4 100644 --- a/2012/3xxx/CVE-2012-3344.json +++ b/2012/3xxx/CVE-2012-3344.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-3344", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-3344", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/3xxx/CVE-2012-3845.json b/2012/3xxx/CVE-2012-3845.json index f2fed66c61b..8f68acf3e2b 100644 --- a/2012/3xxx/CVE-2012-3845.json +++ b/2012/3xxx/CVE-2012-3845.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-3845", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in LAN Messenger 1.2.28 and earlier allows remote attackers to cause a denial of service (crash) via a long string in an initiation request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-3845", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20120501 LAN Messenger v1.2.28 - Denial of Service Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2012-05/0005.html" - }, - { - "name" : "18816", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/18816" - }, - { - "name" : "53333", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/53333" - }, - { - "name" : "lan-messenger-packet-dos(75319)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75319" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in LAN Messenger 1.2.28 and earlier allows remote attackers to cause a denial of service (crash) via a long string in an initiation request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "53333", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/53333" + }, + { + "name": "20120501 LAN Messenger v1.2.28 - Denial of Service Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0005.html" + }, + { + "name": "lan-messenger-packet-dos(75319)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75319" + }, + { + "name": "18816", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/18816" + } + ] + } +} \ No newline at end of file diff --git a/2012/4xxx/CVE-2012-4208.json b/2012/4xxx/CVE-2012-4208.json index 1751ab7f9e1..e2fbd2720f5 100644 --- a/2012/4xxx/CVE-2012-4208.json +++ b/2012/4xxx/CVE-2012-4208.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-4208", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 does not consider the compartment during property filtering, which allows remote attackers to bypass intended chrome-only restrictions on reading DOM object properties via a crafted web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-4208", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2012/mfsa2012-99.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2012/mfsa2012-99.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=798264", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=798264" - }, - { - "name" : "openSUSE-SU-2012:1583", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html" - }, - { - "name" : "openSUSE-SU-2012:1585", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html" - }, - { - "name" : "openSUSE-SU-2012:1586", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html" - }, - { - "name" : "SUSE-SU-2012:1592", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html" - }, - { - "name" : "openSUSE-SU-2013:0175", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html" - }, - { - "name" : "USN-1638-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1638-1" - }, - { - "name" : "USN-1638-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1638-3" - }, - { - "name" : "USN-1638-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1638-2" - }, - { - "name" : "USN-1636-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1636-1" - }, - { - "name" : "56627", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/56627" - }, - { - "name" : "oval:org.mitre.oval:def:16695", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16695" - }, - { - "name" : "51369", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/51369" - }, - { - "name" : "51381", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/51381" - }, - { - "name" : "51434", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/51434" - }, - { - "name" : "51439", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/51439" - }, - { - "name" : "51440", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/51440" - }, - { - "name" : "51370", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/51370" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 does not consider the compartment during property filtering, which allows remote attackers to bypass intended chrome-only restrictions on reading DOM object properties via a crafted web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-1638-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1638-3" + }, + { + "name": "51370", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/51370" + }, + { + "name": "USN-1638-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1638-2" + }, + { + "name": "openSUSE-SU-2012:1586", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00093.html" + }, + { + "name": "USN-1636-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1636-1" + }, + { + "name": "openSUSE-SU-2013:0175", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00022.html" + }, + { + "name": "51434", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/51434" + }, + { + "name": "openSUSE-SU-2012:1583", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00090.html" + }, + { + "name": "51439", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/51439" + }, + { + "name": "51440", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/51440" + }, + { + "name": "USN-1638-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1638-1" + }, + { + "name": "SUSE-SU-2012:1592", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00021.html" + }, + { + "name": "openSUSE-SU-2012:1585", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00092.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2012/mfsa2012-99.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2012/mfsa2012-99.html" + }, + { + "name": "oval:org.mitre.oval:def:16695", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16695" + }, + { + "name": "51381", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/51381" + }, + { + "name": "56627", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/56627" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=798264", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=798264" + }, + { + "name": "51369", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/51369" + } + ] + } +} \ No newline at end of file diff --git a/2012/4xxx/CVE-2012-4450.json b/2012/4xxx/CVE-2012-4450.json index 74f9dd1c1fb..6628cef7215 100644 --- a/2012/4xxx/CVE-2012-4450.json +++ b/2012/4xxx/CVE-2012-4450.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-4450", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2012-4450", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20120926 CVE Request -- 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2012/09/26/3" - }, - { - "name" : "[oss-security] 20120926 Re: CVE Request -- 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2012/09/26/5" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=860772", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=860772" - }, - { - "name" : "http://git.fedorahosted.org/cgit/389/ds.git/commit/?id=5beb93d42efb807838c09c5fab898876876f8d09", - "refsource" : "CONFIRM", - "url" : "http://git.fedorahosted.org/cgit/389/ds.git/commit/?id=5beb93d42efb807838c09c5fab898876876f8d09" - }, - { - "name" : "https://fedorahosted.org/389/ticket/340", - "refsource" : "CONFIRM", - "url" : "https://fedorahosted.org/389/ticket/340" - }, - { - "name" : "RHSA-2013:0503", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0503.html" - }, - { - "name" : "55690", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/55690" - }, - { - "name" : "50713", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/50713" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restrictions and access the DN entry." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=860772", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=860772" + }, + { + "name": "https://fedorahosted.org/389/ticket/340", + "refsource": "CONFIRM", + "url": "https://fedorahosted.org/389/ticket/340" + }, + { + "name": "http://git.fedorahosted.org/cgit/389/ds.git/commit/?id=5beb93d42efb807838c09c5fab898876876f8d09", + "refsource": "CONFIRM", + "url": "http://git.fedorahosted.org/cgit/389/ds.git/commit/?id=5beb93d42efb807838c09c5fab898876876f8d09" + }, + { + "name": "50713", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/50713" + }, + { + "name": "RHSA-2013:0503", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0503.html" + }, + { + "name": "[oss-security] 20120926 CVE Request -- 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2012/09/26/3" + }, + { + "name": "[oss-security] 20120926 Re: CVE Request -- 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2012/09/26/5" + }, + { + "name": "55690", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/55690" + } + ] + } +} \ No newline at end of file diff --git a/2017/1002xxx/CVE-2017-1002025.json b/2017/1002xxx/CVE-2017-1002025.json index 3fe9f083c57..a45b004bc75 100644 --- a/2017/1002xxx/CVE-2017-1002025.json +++ b/2017/1002xxx/CVE-2017-1002025.json @@ -1,71 +1,71 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve-assign@distributedweaknessfiling.org", - "DATE_ASSIGNED" : "2017-06-21", - "ID" : "CVE-2017-1002025", - "REQUESTER" : "kurt@seifried.org", - "STATE" : "PUBLIC", - "UPDATED" : "2017-08-10T14:41Z" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "add-edit-delete-listing-for-member-module", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "1.0" - } - ] - } - } - ] - }, - "vendor_name" : "Romal Patel" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in wordpress plugin add-edit-delete-listing-for-member-module v1.0, The plugin author does not sanitize user supplied input via $act before passing it into an SQL statement." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "SQL Injection" - } + "CVE_data_meta": { + "ASSIGNER": "larry0@me.com", + "DATE_ASSIGNED": "2017-06-21", + "ID": "CVE-2017-1002025", + "REQUESTER": "kurt@seifried.org", + "STATE": "PUBLIC", + "UPDATED": "2017-08-10T14:41Z" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "add-edit-delete-listing-for-member-module", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "1.0" + } + ] + } + } + ] + }, + "vendor_name": "Romal Patel" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.vapidlabs.com/advisory.php?v=196", - "refsource" : "MISC", - "url" : "http://www.vapidlabs.com/advisory.php?v=196" - }, - { - "name" : "https://wordpress.org/plugins/add-edit-delete-listing-for-member-module/", - "refsource" : "MISC", - "url" : "https://wordpress.org/plugins/add-edit-delete-listing-for-member-module/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in wordpress plugin add-edit-delete-listing-for-member-module v1.0, The plugin author does not sanitize user supplied input via $act before passing it into an SQL statement." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://wordpress.org/plugins/add-edit-delete-listing-for-member-module/", + "refsource": "MISC", + "url": "https://wordpress.org/plugins/add-edit-delete-listing-for-member-module/" + }, + { + "name": "http://www.vapidlabs.com/advisory.php?v=196", + "refsource": "MISC", + "url": "http://www.vapidlabs.com/advisory.php?v=196" + } + ] + } +} \ No newline at end of file diff --git a/2017/2xxx/CVE-2017-2472.json b/2017/2xxx/CVE-2017-2472.json index 5bcd1b4d7ee..1e97dae2709 100644 --- a/2017/2xxx/CVE-2017-2472.json +++ b/2017/2xxx/CVE-2017-2472.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2017-2472", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2017-2472", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "41791", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/41791/" - }, - { - "name" : "https://support.apple.com/HT207601", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207601" - }, - { - "name" : "https://support.apple.com/HT207602", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207602" - }, - { - "name" : "https://support.apple.com/HT207615", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207615" - }, - { - "name" : "https://support.apple.com/HT207617", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207617" - }, - { - "name" : "97137", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97137" - }, - { - "name" : "1038138", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038138" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "41791", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/41791/" + }, + { + "name": "97137", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97137" + }, + { + "name": "https://support.apple.com/HT207601", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207601" + }, + { + "name": "https://support.apple.com/HT207615", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207615" + }, + { + "name": "1038138", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038138" + }, + { + "name": "https://support.apple.com/HT207602", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207602" + }, + { + "name": "https://support.apple.com/HT207617", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207617" + } + ] + } +} \ No newline at end of file diff --git a/2017/2xxx/CVE-2017-2480.json b/2017/2xxx/CVE-2017-2480.json index 8e7a574e936..142505dbc32 100644 --- a/2017/2xxx/CVE-2017-2480.json +++ b/2017/2xxx/CVE-2017-2480.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2017-2480", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2017-2480", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "41865", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/41865/" - }, - { - "name" : "https://support.apple.com/HT207599", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207599" - }, - { - "name" : "https://support.apple.com/HT207600", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207600" - }, - { - "name" : "https://support.apple.com/HT207601", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207601" - }, - { - "name" : "https://support.apple.com/HT207607", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207607" - }, - { - "name" : "https://support.apple.com/HT207617", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207617" - }, - { - "name" : "97176", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97176" - }, - { - "name" : "1038157", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038157" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "97176", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97176" + }, + { + "name": "1038157", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038157" + }, + { + "name": "https://support.apple.com/HT207601", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207601" + }, + { + "name": "41865", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/41865/" + }, + { + "name": "https://support.apple.com/HT207600", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207600" + }, + { + "name": "https://support.apple.com/HT207607", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207607" + }, + { + "name": "https://support.apple.com/HT207599", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207599" + }, + { + "name": "https://support.apple.com/HT207617", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207617" + } + ] + } +} \ No newline at end of file diff --git a/2017/2xxx/CVE-2017-2847.json b/2017/2xxx/CVE-2017-2847.json index 0e24d55e5fb..5a49c3b9314 100644 --- a/2017/2xxx/CVE-2017-2847.json +++ b/2017/2xxx/CVE-2017-2847.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "talos-cna@cisco.com", - "DATE_PUBLIC" : "2017-06-19T00:00:00", - "ID" : "CVE-2017-2847", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Indoor IP Camera C1 Series", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "Foscam" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configuration resulting in command injection. An attacker can simply send an HTTP request to the device to trigger this vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "command injection" - } + "CVE_data_meta": { + "ASSIGNER": "talos-cna@cisco.com", + "DATE_PUBLIC": "2017-06-19T00:00:00", + "ID": "CVE-2017-2847", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Indoor IP Camera C1 Series", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Foscam" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0349", - "refsource" : "MISC", - "url" : "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0349" - }, - { - "name" : "99184", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99184" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configuration resulting in command injection. An attacker can simply send an HTTP request to the device to trigger this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "command injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0349", + "refsource": "MISC", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0349" + }, + { + "name": "99184", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99184" + } + ] + } +} \ No newline at end of file diff --git a/2017/2xxx/CVE-2017-2990.json b/2017/2xxx/CVE-2017-2990.json index e64cc9b4c1b..0fd1b7fdf1a 100644 --- a/2017/2xxx/CVE-2017-2990.json +++ b/2017/2xxx/CVE-2017-2990.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@adobe.com", - "ID" : "CVE-2017-2990", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Adobe Flash Player 24.0.0.194 and earlier.", - "version" : { - "version_data" : [ - { - "version_value" : "Adobe Flash Player 24.0.0.194 and earlier." - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Memory Corruption" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2017-2990", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Adobe Flash Player 24.0.0.194 and earlier.", + "version": { + "version_data": [ + { + "version_value": "Adobe Flash Player 24.0.0.194 and earlier." + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" - }, - { - "name" : "GLSA-201702-20", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201702-20" - }, - { - "name" : "RHSA-2017:0275", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0275.html" - }, - { - "name" : "96190", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96190" - }, - { - "name" : "1037815", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037815" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Memory Corruption" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "96190", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96190" + }, + { + "name": "GLSA-201702-20", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201702-20" + }, + { + "name": "RHSA-2017:0275", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0275.html" + }, + { + "name": "1037815", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037815" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-04.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/3xxx/CVE-2017-3430.json b/2017/3xxx/CVE-2017-3430.json index 7992ffdb9af..5092b260a13 100644 --- a/2017/3xxx/CVE-2017-3430.json +++ b/2017/3xxx/CVE-2017-3430.json @@ -1,85 +1,85 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2017-3430", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "One-to-One Fulfillment", - "version" : { - "version_data" : [ - { - "version_value" : "12.1.1" - }, - { - "version_value" : "12.1.2" - }, - { - "version_value" : "12.1.3" - }, - { - "version_value" : "12.2.3" - }, - { - "version_value" : "12.2.4" - }, - { - "version_value" : "12.2.5" - }, - { - "version_value" : "12.2.6" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle One-to-One Fulfillment, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle One-to-One Fulfillment accessible data as well as unauthorized update, insert or delete access to some of Oracle One-to-One Fulfillment accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2017-3430", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "One-to-One Fulfillment", + "version": { + "version_data": [ + { + "version_value": "12.1.1" + }, + { + "version_value": "12.1.2" + }, + { + "version_value": "12.1.3" + }, + { + "version_value": "12.2.3" + }, + { + "version_value": "12.2.4" + }, + { + "version_value": "12.2.5" + }, + { + "version_value": "12.2.6" + } + ] + } + } + ] + }, + "vendor_name": "Oracle" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html" - }, - { - "name" : "95569", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95569" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle One-to-One Fulfillment, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle One-to-One Fulfillment accessible data as well as unauthorized update, insert or delete access to some of Oracle One-to-One Fulfillment accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "95569", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95569" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/3xxx/CVE-2017-3972.json b/2017/3xxx/CVE-2017-3972.json index 1799c7eee76..9f68ed05d6f 100644 --- a/2017/3xxx/CVE-2017-3972.json +++ b/2017/3xxx/CVE-2017-3972.json @@ -1,86 +1,86 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@mcafee.com", - "DATE_PUBLIC" : "2017-03-29T17:00:00.000Z", - "ID" : "CVE-2017-3972", - "STATE" : "PUBLIC", - "TITLE" : "SB10192 - Network Security Management (NSM) - Infrastructure-based foot printing vulnerability" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Network Security Management (NSM)", - "version" : { - "version_data" : [ - { - "affected" : "<", - "version_name" : "8.2", - "version_value" : "8.2.7.42.2" - } - ] - } - } - ] - }, - "vendor_name" : "McAfee" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Infrastructure-based foot printing vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to execute arbitrary code via the server banner leaking potentially sensitive or security relevant information." - } - ] - }, - "impact" : { - "cvss" : { - "attackComplexity" : "LOW", - "attackVector" : "NETWORK", - "availabilityImpact" : "LOW", - "baseScore" : 8.3, - "baseSeverity" : "HIGH", - "confidentialityImpact" : "LOW", - "integrityImpact" : "LOW", - "privilegesRequired" : "NONE", - "scope" : "CHANGED", - "userInteraction" : "NONE", - "vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Infrastructure-based foot printing vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@mcafee.com", + "DATE_PUBLIC": "2017-03-29T17:00:00.000Z", + "ID": "CVE-2017-3972", + "STATE": "PUBLIC", + "TITLE": "SB10192 - Network Security Management (NSM) - Infrastructure-based foot printing vulnerability" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Network Security Management (NSM)", + "version": { + "version_data": [ + { + "affected": "<", + "version_name": "8.2", + "version_value": "8.2.7.42.2" + } + ] + } + } + ] + }, + "vendor_name": "McAfee" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10192", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10192" - } - ] - }, - "source" : { - "advisory" : "SB10192", - "discovery" : "EXTERNAL" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Infrastructure-based foot printing vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to execute arbitrary code via the server banner leaking potentially sensitive or security relevant information." + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 8.3, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Infrastructure-based foot printing vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10192", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10192" + } + ] + }, + "source": { + "advisory": "SB10192", + "discovery": "EXTERNAL" + } +} \ No newline at end of file diff --git a/2017/6xxx/CVE-2017-6056.json b/2017/6xxx/CVE-2017-6056.json index 2b0d4084ef2..3a94c0fe8be 100644 --- a/2017/6xxx/CVE-2017-6056.json +++ b/2017/6xxx/CVE-2017-6056.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-6056", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not backporting the fix for Tomcat bug 57544. Distributions affected by this backporting issue include Debian (before 7.0.56-3+deb8u8 and 8.0.14-1+deb8u7 in jessie) and Ubuntu." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-6056", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.debian.org/851304", - "refsource" : "CONFIRM", - "url" : "https://bugs.debian.org/851304" - }, - { - "name" : "https://bz.apache.org/bugzilla/show_bug.cgi?id=60578", - "refsource" : "CONFIRM", - "url" : "https://bz.apache.org/bugzilla/show_bug.cgi?id=60578" - }, - { - "name" : "https://lists.debian.org/debian-security-announce/2017/msg00038.html", - "refsource" : "CONFIRM", - "url" : "https://lists.debian.org/debian-security-announce/2017/msg00038.html" - }, - { - "name" : "https://lists.debian.org/debian-security-announce/2017/msg00039.html", - "refsource" : "CONFIRM", - "url" : "https://lists.debian.org/debian-security-announce/2017/msg00039.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20180731-0002/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20180731-0002/" - }, - { - "name" : "DSA-3787", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-3787" - }, - { - "name" : "DSA-3788", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-3788" - }, - { - "name" : "RHSA-2017:0517", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0517.html" - }, - { - "name" : "RHSA-2017:0826", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0826.html" - }, - { - "name" : "RHSA-2017:0827", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0827.html" - }, - { - "name" : "RHSA-2017:0828", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0828.html" - }, - { - "name" : "RHSA-2017:0829", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0829.html" - }, - { - "name" : "96293", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96293" - }, - { - "name" : "1037860", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037860" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not backporting the fix for Tomcat bug 57544. Distributions affected by this backporting issue include Debian (before 7.0.56-3+deb8u8 and 8.0.14-1+deb8u7 in jessie) and Ubuntu." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2017:0828", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0828.html" + }, + { + "name": "RHSA-2017:0827", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0827.html" + }, + { + "name": "https://bz.apache.org/bugzilla/show_bug.cgi?id=60578", + "refsource": "CONFIRM", + "url": "https://bz.apache.org/bugzilla/show_bug.cgi?id=60578" + }, + { + "name": "DSA-3787", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-3787" + }, + { + "name": "RHSA-2017:0517", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0517.html" + }, + { + "name": "https://lists.debian.org/debian-security-announce/2017/msg00038.html", + "refsource": "CONFIRM", + "url": "https://lists.debian.org/debian-security-announce/2017/msg00038.html" + }, + { + "name": "https://bugs.debian.org/851304", + "refsource": "CONFIRM", + "url": "https://bugs.debian.org/851304" + }, + { + "name": "DSA-3788", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-3788" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20180731-0002/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180731-0002/" + }, + { + "name": "RHSA-2017:0826", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0826.html" + }, + { + "name": "RHSA-2017:0829", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0829.html" + }, + { + "name": "96293", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96293" + }, + { + "name": "1037860", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037860" + }, + { + "name": "https://lists.debian.org/debian-security-announce/2017/msg00039.html", + "refsource": "CONFIRM", + "url": "https://lists.debian.org/debian-security-announce/2017/msg00039.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/6xxx/CVE-2017-6110.json b/2017/6xxx/CVE-2017-6110.json index 74a3d2b2598..586267ce9ac 100644 --- a/2017/6xxx/CVE-2017-6110.json +++ b/2017/6xxx/CVE-2017-6110.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-6110", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-6110", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/6xxx/CVE-2017-6210.json b/2017/6xxx/CVE-2017-6210.json index 8dde9d344d0..dfc0e30ddef 100644 --- a/2017/6xxx/CVE-2017-6210.json +++ b/2017/6xxx/CVE-2017-6210.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-6210", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The vrend_decode_reset function in vrend_decode.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (NULL pointer dereference and QEMU process crash) by destroying context 0 (zero)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-6210", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20170224 CVE-2017-6210 Virglrenderer: null pointer dereference in vrend_decode_reset", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2017/02/23/21" - }, - { - "name" : "[virglrenderer-devel] 20170210 [ANNOUNCE] virglrenderer 0.6.0", - "refsource" : "MLIST", - "url" : "https://lists.freedesktop.org/archives/virglrenderer-devel/2017-February/000145.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1426170", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1426170" - }, - { - "name" : "https://cgit.freedesktop.org/virglrenderer/commit/?id=0a5dff15912207b83018485f83e067474e818bab", - "refsource" : "CONFIRM", - "url" : "https://cgit.freedesktop.org/virglrenderer/commit/?id=0a5dff15912207b83018485f83e067474e818bab" - }, - { - "name" : "GLSA-201707-06", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201707-06" - }, - { - "name" : "96439", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96439" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The vrend_decode_reset function in vrend_decode.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (NULL pointer dereference and QEMU process crash) by destroying context 0 (zero)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1426170", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1426170" + }, + { + "name": "GLSA-201707-06", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201707-06" + }, + { + "name": "[virglrenderer-devel] 20170210 [ANNOUNCE] virglrenderer 0.6.0", + "refsource": "MLIST", + "url": "https://lists.freedesktop.org/archives/virglrenderer-devel/2017-February/000145.html" + }, + { + "name": "96439", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96439" + }, + { + "name": "[oss-security] 20170224 CVE-2017-6210 Virglrenderer: null pointer dereference in vrend_decode_reset", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2017/02/23/21" + }, + { + "name": "https://cgit.freedesktop.org/virglrenderer/commit/?id=0a5dff15912207b83018485f83e067474e818bab", + "refsource": "CONFIRM", + "url": "https://cgit.freedesktop.org/virglrenderer/commit/?id=0a5dff15912207b83018485f83e067474e818bab" + } + ] + } +} \ No newline at end of file diff --git a/2017/6xxx/CVE-2017-6763.json b/2017/6xxx/CVE-2017-6763.json index a03d79f7829..d0c3740fd2b 100644 --- a/2017/6xxx/CVE-2017-6763.json +++ b/2017/6xxx/CVE-2017-6763.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@cisco.com", - "ID" : "CVE-2017-6763", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cisco Meeting Server", - "version" : { - "version_data" : [ - { - "version_value" : "Cisco Meeting Server" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in the implementation of the H.264 protocol in Cisco Meeting Server (CMS) 2.1.4 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability exists because the affected application does not properly validate Fragmentation Unit (FU-A) protocol packets. An attacker could exploit this vulnerability by sending a crafted H.264 FU-A packet through the affected application. A successful exploit could allow the attacker to cause a DoS condition on the affected system due to an unexpected restart of the CMS media process on the system. Although the CMS platform continues to operate and only the single, affected CMS media process is restarted, a brief interruption of media traffic for certain users could occur. Cisco Bug IDs: CSCve10131." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-20" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2017-6763", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Meeting Server", + "version": { + "version_data": [ + { + "version_value": "Cisco Meeting Server" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://quickview.cloudapps.cisco.com/quickview/bug/CSCve10131", - "refsource" : "CONFIRM", - "url" : "https://quickview.cloudapps.cisco.com/quickview/bug/CSCve10131" - }, - { - "name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-ms", - "refsource" : "CONFIRM", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-ms" - }, - { - "name" : "100111", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100111" - }, - { - "name" : "1039058", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039058" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in the implementation of the H.264 protocol in Cisco Meeting Server (CMS) 2.1.4 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability exists because the affected application does not properly validate Fragmentation Unit (FU-A) protocol packets. An attacker could exploit this vulnerability by sending a crafted H.264 FU-A packet through the affected application. A successful exploit could allow the attacker to cause a DoS condition on the affected system due to an unexpected restart of the CMS media process on the system. Although the CMS platform continues to operate and only the single, affected CMS media process is restarted, a brief interruption of media traffic for certain users could occur. Cisco Bug IDs: CSCve10131." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCve10131", + "refsource": "CONFIRM", + "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCve10131" + }, + { + "name": "100111", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100111" + }, + { + "name": "1039058", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039058" + }, + { + "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-ms", + "refsource": "CONFIRM", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-ms" + } + ] + } +} \ No newline at end of file diff --git a/2017/7xxx/CVE-2017-7098.json b/2017/7xxx/CVE-2017-7098.json index 21cde717fc5..5a9625ba969 100644 --- a/2017/7xxx/CVE-2017-7098.json +++ b/2017/7xxx/CVE-2017-7098.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2017-7098", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2017-7098", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT208112", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208112" - }, - { - "name" : "https://support.apple.com/HT208113", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208113" - }, - { - "name" : "https://support.apple.com/HT208116", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208116" - }, - { - "name" : "https://support.apple.com/HT208141", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208141" - }, - { - "name" : "https://support.apple.com/HT208142", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208142" - }, - { - "name" : "100998", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100998" - }, - { - "name" : "1039384", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039384" - }, - { - "name" : "1039428", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039428" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT208141", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208141" + }, + { + "name": "1039384", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039384" + }, + { + "name": "https://support.apple.com/HT208142", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208142" + }, + { + "name": "https://support.apple.com/HT208113", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208113" + }, + { + "name": "https://support.apple.com/HT208112", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208112" + }, + { + "name": "1039428", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039428" + }, + { + "name": "https://support.apple.com/HT208116", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208116" + }, + { + "name": "100998", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100998" + } + ] + } +} \ No newline at end of file diff --git a/2017/7xxx/CVE-2017-7230.json b/2017/7xxx/CVE-2017-7230.json index b6a7825b630..856aa8d413f 100644 --- a/2017/7xxx/CVE-2017-7230.json +++ b/2017/7xxx/CVE-2017-7230.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-7230", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A buffer overflow vulnerability in Disk Sorter Enterprise 9.5.12 and earlier allows remote attackers to execute arbitrary code via a GET request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-7230", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "41666", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/41666/" - }, - { - "name" : "97195", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97195" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A buffer overflow vulnerability in Disk Sorter Enterprise 9.5.12 and earlier allows remote attackers to execute arbitrary code via a GET request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "97195", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97195" + }, + { + "name": "41666", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/41666/" + } + ] + } +} \ No newline at end of file diff --git a/2017/7xxx/CVE-2017-7303.json b/2017/7xxx/CVE-2017-7303.json index 4e5e14794aa..8c4a017360c 100644 --- a/2017/7xxx/CVE-2017-7303.json +++ b/2017/7xxx/CVE-2017-7303.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-7303", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 4) because of missing a check (in the find_link function) for null headers before attempting to match them. This vulnerability causes Binutils utilities like strip to crash." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-7303", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=20922", - "refsource" : "CONFIRM", - "url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=20922" - }, - { - "name" : "97213", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97213" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 4) because of missing a check (in the find_link function) for null headers before attempting to match them. This vulnerability causes Binutils utilities like strip to crash." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=20922", + "refsource": "CONFIRM", + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=20922" + }, + { + "name": "97213", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97213" + } + ] + } +} \ No newline at end of file diff --git a/2017/7xxx/CVE-2017-7433.json b/2017/7xxx/CVE-2017-7433.json index 4dfabea47b9..757ce269829 100644 --- a/2017/7xxx/CVE-2017-7433.json +++ b/2017/7xxx/CVE-2017-7433.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@microfocus.com", - "ID" : "CVE-2017-7433", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Vibe", - "version" : { - "version_data" : [ - { - "version_value" : "4.0.2 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Micro Focus" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An absolute path traversal vulnerability (CWE-36) in Micro Focus Vibe 4.0.2 and earlier allows a remote authenticated attacker to download arbitrary files from the server by submitting a specially crafted request to the viewFile endpoint. Note that the attack can be performed without authentication if Guest access is enabled (Guest access is disabled by default)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Arbitrary file download" - } + "CVE_data_meta": { + "ASSIGNER": "security@suse.com", + "ID": "CVE-2017-7433", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Vibe", + "version": { + "version_data": [ + { + "version_value": "4.0.2 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "Micro Focus" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.novell.com/support/kb/doc.php?id=7019005", - "refsource" : "CONFIRM", - "url" : "https://www.novell.com/support/kb/doc.php?id=7019005" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An absolute path traversal vulnerability (CWE-36) in Micro Focus Vibe 4.0.2 and earlier allows a remote authenticated attacker to download arbitrary files from the server by submitting a specially crafted request to the viewFile endpoint. Note that the attack can be performed without authentication if Guest access is enabled (Guest access is disabled by default)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Arbitrary file download" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.novell.com/support/kb/doc.php?id=7019005", + "refsource": "CONFIRM", + "url": "https://www.novell.com/support/kb/doc.php?id=7019005" + } + ] + } +} \ No newline at end of file diff --git a/2017/7xxx/CVE-2017-7742.json b/2017/7xxx/CVE-2017-7742.json index 5baeb430340..72fe1ad9f64 100644 --- a/2017/7xxx/CVE-2017-7742.json +++ b/2017/7xxx/CVE-2017-7742.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-7742", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In libsndfile before 1.0.28, an error in the \"flac_buffer_copy()\" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-7742", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blogs.gentoo.org/ago/2017/04/11/libsndfile-invalid-memory-read-and-invalid-memory-write-in/", - "refsource" : "MISC", - "url" : "https://blogs.gentoo.org/ago/2017/04/11/libsndfile-invalid-memory-read-and-invalid-memory-write-in/" - }, - { - "name" : "https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0", - "refsource" : "MISC", - "url" : "https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0" - }, - { - "name" : "GLSA-201707-04", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201707-04" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In libsndfile before 1.0.28, an error in the \"flac_buffer_copy()\" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0", + "refsource": "MISC", + "url": "https://github.com/erikd/libsndfile/commit/60b234301adf258786d8b90be5c1d437fc8799e0" + }, + { + "name": "https://blogs.gentoo.org/ago/2017/04/11/libsndfile-invalid-memory-read-and-invalid-memory-write-in/", + "refsource": "MISC", + "url": "https://blogs.gentoo.org/ago/2017/04/11/libsndfile-invalid-memory-read-and-invalid-memory-write-in/" + }, + { + "name": "GLSA-201707-04", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201707-04" + } + ] + } +} \ No newline at end of file diff --git a/2017/7xxx/CVE-2017-7750.json b/2017/7xxx/CVE-2017-7750.json index fd0234f68a5..91538824867 100644 --- a/2017/7xxx/CVE-2017-7750.json +++ b/2017/7xxx/CVE-2017-7750.json @@ -1,130 +1,130 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@mozilla.org", - "ID" : "CVE-2017-7750", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Firefox", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "54" - } - ] - } - }, - { - "product_name" : "Firefox ESR", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "52.2" - } - ] - } - }, - { - "product_name" : "Thunderbird", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "52.2" - } - ] - } - } - ] - }, - "vendor_name" : "Mozilla" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A use-after-free vulnerability during video control operations when a \"\" element holds a reference to an older window if that window has been replaced in the DOM. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Use-after-free with track elements" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2017-7750", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Firefox", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "54" + } + ] + } + }, + { + "product_name": "Firefox ESR", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "52.2" + } + ] + } + }, + { + "product_name": "Thunderbird", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "52.2" + } + ] + } + } + ] + }, + "vendor_name": "Mozilla" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1356558", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1356558" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2017-15/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2017-15/" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2017-16/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2017-16/" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2017-17/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2017-17/" - }, - { - "name" : "DSA-3881", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2017/dsa-3881" - }, - { - "name" : "DSA-3918", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2017/dsa-3918" - }, - { - "name" : "RHSA-2017:1440", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1440" - }, - { - "name" : "RHSA-2017:1561", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1561" - }, - { - "name" : "99057", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99057" - }, - { - "name" : "1038689", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038689" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A use-after-free vulnerability during video control operations when a \"\" element holds a reference to an older window if that window has been replaced in the DOM. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use-after-free with track elements" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "99057", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99057" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1356558", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1356558" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2017-15/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2017-15/" + }, + { + "name": "DSA-3918", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2017/dsa-3918" + }, + { + "name": "1038689", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038689" + }, + { + "name": "DSA-3881", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2017/dsa-3881" + }, + { + "name": "RHSA-2017:1440", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1440" + }, + { + "name": "RHSA-2017:1561", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1561" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2017-17/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2017-17/" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2017-16/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2017-16/" + } + ] + } +} \ No newline at end of file diff --git a/2018/10xxx/CVE-2018-10274.json b/2018/10xxx/CVE-2018-10274.json index bc1c8dbc95f..3cd0e1ba6d3 100644 --- a/2018/10xxx/CVE-2018-10274.json +++ b/2018/10xxx/CVE-2018-10274.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-10274", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-10274", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/10xxx/CVE-2018-10584.json b/2018/10xxx/CVE-2018-10584.json index bd3b29cbb4b..b332d3dce95 100644 --- a/2018/10xxx/CVE-2018-10584.json +++ b/2018/10xxx/CVE-2018-10584.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-10584", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-10584", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/10xxx/CVE-2018-10772.json b/2018/10xxx/CVE-2018-10772.json index 2b5898cbae9..14cb41e345d 100644 --- a/2018/10xxx/CVE-2018-10772.json +++ b/2018/10xxx/CVE-2018-10772.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-10772", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-10772", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1566260", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1566260" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1566260", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1566260" + } + ] + } +} \ No newline at end of file diff --git a/2018/14xxx/CVE-2018-14424.json b/2018/14xxx/CVE-2018-14424.json index c2879e0ed48..beec69f3738 100644 --- a/2018/14xxx/CVE-2018-14424.json +++ b/2018/14xxx/CVE-2018-14424.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-14424", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-14424", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20180905 [SECURITY] [DLA 1494-1] gdm3 security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/09/msg00003.html" - }, - { - "name" : "https://gitlab.gnome.org/GNOME/gdm/issues/401", - "refsource" : "CONFIRM", - "url" : "https://gitlab.gnome.org/GNOME/gdm/issues/401" - }, - { - "name" : "DSA-4270", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4270" - }, - { - "name" : "USN-3737-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3737-1/" - }, - { - "name" : "105179", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105179" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[debian-lts-announce] 20180905 [SECURITY] [DLA 1494-1] gdm3 security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00003.html" + }, + { + "name": "https://gitlab.gnome.org/GNOME/gdm/issues/401", + "refsource": "CONFIRM", + "url": "https://gitlab.gnome.org/GNOME/gdm/issues/401" + }, + { + "name": "USN-3737-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3737-1/" + }, + { + "name": "DSA-4270", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4270" + }, + { + "name": "105179", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105179" + } + ] + } +} \ No newline at end of file diff --git a/2018/14xxx/CVE-2018-14494.json b/2018/14xxx/CVE-2018-14494.json index 1d1755800bb..f3d682fe46a 100644 --- a/2018/14xxx/CVE-2018-14494.json +++ b/2018/14xxx/CVE-2018-14494.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-14494", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-14494", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/14xxx/CVE-2018-14662.json b/2018/14xxx/CVE-2018-14662.json index 3bbcd039550..a2b62c4b53c 100644 --- a/2018/14xxx/CVE-2018-14662.json +++ b/2018/14xxx/CVE-2018-14662.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "sfowler@redhat.com", - "ID" : "CVE-2018-14662", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "ceph", - "version" : { - "version_data" : [ - { - "version_value" : "13.2.4" - } - ] - } - } - ] - }, - "vendor_name" : "[UNKNOWN]" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption." - } - ] - }, - "impact" : { - "cvss" : [ - [ - { - "vectorString" : "3.5/CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", - "version" : "3.0" - } - ] - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-285" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2018-14662", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ceph", + "version": { + "version_data": [ + { + "version_value": "13.2.4" + } + ] + } + } + ] + }, + "vendor_name": "[UNKNOWN]" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20190301 [SECURITY] [DLA 1696-1] ceph security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2019/03/msg00002.html" - }, - { - "name" : "https://ceph.com/releases/13-2-4-mimic-released", - "refsource" : "MISC", - "url" : "https://ceph.com/releases/13-2-4-mimic-released" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14662", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14662" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption." + } + ] + }, + "impact": { + "cvss": [ + [ + { + "vectorString": "3.5/CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "version": "3.0" + } + ] + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-285" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[debian-lts-announce] 20190301 [SECURITY] [DLA 1696-1] ceph security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00002.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14662", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14662" + }, + { + "name": "https://ceph.com/releases/13-2-4-mimic-released", + "refsource": "MISC", + "url": "https://ceph.com/releases/13-2-4-mimic-released" + } + ] + } +} \ No newline at end of file diff --git a/2018/14xxx/CVE-2018-14899.json b/2018/14xxx/CVE-2018-14899.json index 30bde875aa6..e1e98e75f74 100644 --- a/2018/14xxx/CVE-2018-14899.json +++ b/2018/14xxx/CVE-2018-14899.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-14899", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "On the EPSON WF-2750 printer with firmware JP02I2, the Web interface AirPrint Setup page is vulnerable to HTML Injection that can redirect users to malicious sites." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-14899", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.vdalabs.com/2018/08/26/epson-printer-vulnerabilities/", - "refsource" : "MISC", - "url" : "https://www.vdalabs.com/2018/08/26/epson-printer-vulnerabilities/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "On the EPSON WF-2750 printer with firmware JP02I2, the Web interface AirPrint Setup page is vulnerable to HTML Injection that can redirect users to malicious sites." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.vdalabs.com/2018/08/26/epson-printer-vulnerabilities/", + "refsource": "MISC", + "url": "https://www.vdalabs.com/2018/08/26/epson-printer-vulnerabilities/" + } + ] + } +} \ No newline at end of file diff --git a/2018/17xxx/CVE-2018-17746.json b/2018/17xxx/CVE-2018-17746.json index 4e9733f52e9..08c3773c1d7 100644 --- a/2018/17xxx/CVE-2018-17746.json +++ b/2018/17xxx/CVE-2018-17746.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-17746", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-17746", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20043.json b/2018/20xxx/CVE-2018-20043.json index b242df3ac58..7b2b48a8dd6 100644 --- a/2018/20xxx/CVE-2018-20043.json +++ b/2018/20xxx/CVE-2018-20043.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-20043", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20043", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20545.json b/2018/20xxx/CVE-2018-20545.json index f7cee7af6a5..63cdbf0b04e 100644 --- a/2018/20xxx/CVE-2018-20545.json +++ b/2018/20xxx/CVE-2018-20545.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-20545", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20545", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1652621", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1652621" - }, - { - "name" : "USN-3860-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3860-1/" - }, - { - "name" : "USN-3860-2", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3860-2/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-3860-2", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3860-2/" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1652621", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1652621" + }, + { + "name": "USN-3860-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3860-1/" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20778.json b/2018/20xxx/CVE-2018-20778.json index b7246c6e3f2..63c698c1750 100644 --- a/2018/20xxx/CVE-2018-20778.json +++ b/2018/20xxx/CVE-2018-20778.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-20778", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "admin/?/plugin/file_manager in Frog CMS 0.9.5 allows XSS by creating a new file containing a crafted attribute of an IMG element." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20778", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/philippe/FrogCMS/issues/28", - "refsource" : "MISC", - "url" : "https://github.com/philippe/FrogCMS/issues/28" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "admin/?/plugin/file_manager in Frog CMS 0.9.5 allows XSS by creating a new file containing a crafted attribute of an IMG element." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/philippe/FrogCMS/issues/28", + "refsource": "MISC", + "url": "https://github.com/philippe/FrogCMS/issues/28" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20795.json b/2018/20xxx/CVE-2018-20795.json index a320b5a13a8..fff48fd6777 100644 --- a/2018/20xxx/CVE-2018-20795.json +++ b/2018/20xxx/CVE-2018-20795.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-20795", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary files via path traversal with the path parameter, through the copy_cut action in ajax_calls.php and the paste_clipboard action in execute.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20795", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "45987", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/45987" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary files via path traversal with the path parameter, through the copy_cut action in ajax_calls.php and the paste_clipboard action in execute.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "45987", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/45987" + } + ] + } +} \ No newline at end of file diff --git a/2018/9xxx/CVE-2018-9001.json b/2018/9xxx/CVE-2018-9001.json index bea4401265c..81022779edc 100644 --- a/2018/9xxx/CVE-2018-9001.json +++ b/2018/9xxx/CVE-2018-9001.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-9001", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402000." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-9001", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/D0neMkj/POC_BSOD/tree/master/Advanced%20SystemCare%20Utimate/Monitor_win7_x64.sys-0x9c402000", - "refsource" : "MISC", - "url" : "https://github.com/D0neMkj/POC_BSOD/tree/master/Advanced%20SystemCare%20Utimate/Monitor_win7_x64.sys-0x9c402000" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402000." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/D0neMkj/POC_BSOD/tree/master/Advanced%20SystemCare%20Utimate/Monitor_win7_x64.sys-0x9c402000", + "refsource": "MISC", + "url": "https://github.com/D0neMkj/POC_BSOD/tree/master/Advanced%20SystemCare%20Utimate/Monitor_win7_x64.sys-0x9c402000" + } + ] + } +} \ No newline at end of file diff --git a/2018/9xxx/CVE-2018-9178.json b/2018/9xxx/CVE-2018-9178.json index cac8d8aea2f..cd959ab87d5 100644 --- a/2018/9xxx/CVE-2018-9178.json +++ b/2018/9xxx/CVE-2018-9178.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-9178", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-9178", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/9xxx/CVE-2018-9398.json b/2018/9xxx/CVE-2018-9398.json index 72d8b5a6882..9fc5104ed6f 100644 --- a/2018/9xxx/CVE-2018-9398.json +++ b/2018/9xxx/CVE-2018-9398.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-9398", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-9398", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/9xxx/CVE-2018-9403.json b/2018/9xxx/CVE-2018-9403.json index 02c1e93254f..d045c4d87b4 100644 --- a/2018/9xxx/CVE-2018-9403.json +++ b/2018/9xxx/CVE-2018-9403.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-9403", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-9403", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/9xxx/CVE-2018-9786.json b/2018/9xxx/CVE-2018-9786.json index 3bd655724fe..0fa06b8ff90 100644 --- a/2018/9xxx/CVE-2018-9786.json +++ b/2018/9xxx/CVE-2018-9786.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-9786", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-9786", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file