diff --git a/2012/0xxx/CVE-2012-0225.json b/2012/0xxx/CVE-2012-0225.json index 72241f1b316..73f69fe51f1 100644 --- a/2012/0xxx/CVE-2012-0225.json +++ b/2012/0xxx/CVE-2012-0225.json @@ -55,9 +55,18 @@ { "url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf" }, + { + "url" : "http://www.securityfocus.com/bid/52851" + }, { "url" : "http://osvdb.org/80888" }, + { + "url" : "http://www.securitytracker.com/id?1026886" + }, + { + "url" : "http://www.securitytracker.com/id?1026887" + }, { "url" : "http://secunia.com/advisories/48603" }, diff --git a/2012/0xxx/CVE-2012-0226.json b/2012/0xxx/CVE-2012-0226.json index cd514056960..0ab8e56a093 100644 --- a/2012/0xxx/CVE-2012-0226.json +++ b/2012/0xxx/CVE-2012-0226.json @@ -55,6 +55,18 @@ { "url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf" }, + { + "url" : "http://www.securityfocus.com/bid/52851" + }, + { + "url" : "http://osvdb.org/80889" + }, + { + "url" : "http://www.securitytracker.com/id?1026886" + }, + { + "url" : "http://www.securitytracker.com/id?1026887" + }, { "url" : "http://secunia.com/advisories/48603" }, diff --git a/2012/0xxx/CVE-2012-0228.json b/2012/0xxx/CVE-2012-0228.json index 757ea426e5d..0088ab42b37 100644 --- a/2012/0xxx/CVE-2012-0228.json +++ b/2012/0xxx/CVE-2012-0228.json @@ -55,6 +55,18 @@ { "url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-062-01.pdf" }, + { + "url" : "http://www.securityfocus.com/bid/52851" + }, + { + "url" : "http://osvdb.org/80890" + }, + { + "url" : "http://www.securitytracker.com/id?1026886" + }, + { + "url" : "http://www.securitytracker.com/id?1026887" + }, { "url" : "http://secunia.com/advisories/48603" } diff --git a/2012/0xxx/CVE-2012-0246.json b/2012/0xxx/CVE-2012-0246.json index 9ff7fb34988..f89d102efb4 100644 --- a/2012/0xxx/CVE-2012-0246.json +++ b/2012/0xxx/CVE-2012-0246.json @@ -58,6 +58,9 @@ { "url" : "http://osvdb.org/80650" }, + { + "url" : "http://secunia.com/advisories/48558" + }, { "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/74388" } diff --git a/2012/0xxx/CVE-2012-0451.json b/2012/0xxx/CVE-2012-0451.json index 42bd85c7527..559574996db 100644 --- a/2012/0xxx/CVE-2012-0451.json +++ b/2012/0xxx/CVE-2012-0451.json @@ -61,6 +61,9 @@ { "url" : "http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html" }, + { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html" + }, { "url" : "http://www.ubuntu.com/usn/USN-1400-3" }, diff --git a/2012/0xxx/CVE-2012-0454.json b/2012/0xxx/CVE-2012-0454.json index f37af862782..87a3788cc91 100644 --- a/2012/0xxx/CVE-2012-0454.json +++ b/2012/0xxx/CVE-2012-0454.json @@ -58,6 +58,9 @@ { "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=684555" }, + { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html" + }, { "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14258" }, diff --git a/2012/0xxx/CVE-2012-0455.json b/2012/0xxx/CVE-2012-0455.json index 5e89d7fba18..6a593722af1 100644 --- a/2012/0xxx/CVE-2012-0455.json +++ b/2012/0xxx/CVE-2012-0455.json @@ -67,6 +67,12 @@ { "url" : "http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html" }, + { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html" + }, + { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00015.html" + }, { "url" : "http://www.ubuntu.com/usn/USN-1400-3" }, diff --git a/2012/0xxx/CVE-2012-0456.json b/2012/0xxx/CVE-2012-0456.json index 880e1449134..625437a556e 100644 --- a/2012/0xxx/CVE-2012-0456.json +++ b/2012/0xxx/CVE-2012-0456.json @@ -67,6 +67,12 @@ { "url" : "http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html" }, + { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html" + }, + { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00015.html" + }, { "url" : "http://www.ubuntu.com/usn/USN-1400-3" }, diff --git a/2012/0xxx/CVE-2012-0457.json b/2012/0xxx/CVE-2012-0457.json index af9eb7ee7d2..1417f950a7d 100644 --- a/2012/0xxx/CVE-2012-0457.json +++ b/2012/0xxx/CVE-2012-0457.json @@ -64,6 +64,12 @@ { "url" : "http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html" }, + { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html" + }, + { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00015.html" + }, { "url" : "http://www.ubuntu.com/usn/USN-1400-3" }, diff --git a/2012/0xxx/CVE-2012-0458.json b/2012/0xxx/CVE-2012-0458.json index eecbc0f8324..37201ab892b 100644 --- a/2012/0xxx/CVE-2012-0458.json +++ b/2012/0xxx/CVE-2012-0458.json @@ -73,6 +73,12 @@ { "url" : "http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html" }, + { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html" + }, + { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00015.html" + }, { "url" : "http://www.ubuntu.com/usn/USN-1400-3" }, diff --git a/2012/0xxx/CVE-2012-0459.json b/2012/0xxx/CVE-2012-0459.json index b400cc148af..671da949ebb 100644 --- a/2012/0xxx/CVE-2012-0459.json +++ b/2012/0xxx/CVE-2012-0459.json @@ -61,6 +61,9 @@ { "url" : "http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html" }, + { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html" + }, { "url" : "http://www.ubuntu.com/usn/USN-1400-3" }, diff --git a/2012/0xxx/CVE-2012-0460.json b/2012/0xxx/CVE-2012-0460.json index 062f4929fa7..c56f57a2577 100644 --- a/2012/0xxx/CVE-2012-0460.json +++ b/2012/0xxx/CVE-2012-0460.json @@ -61,6 +61,9 @@ { "url" : "http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html" }, + { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html" + }, { "url" : "http://www.ubuntu.com/usn/USN-1400-3" }, diff --git a/2012/0xxx/CVE-2012-0461.json b/2012/0xxx/CVE-2012-0461.json index 128c62a3989..700ffaea0bd 100644 --- a/2012/0xxx/CVE-2012-0461.json +++ b/2012/0xxx/CVE-2012-0461.json @@ -70,6 +70,12 @@ { "url" : "http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html" }, + { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html" + }, + { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00015.html" + }, { "url" : "http://www.ubuntu.com/usn/USN-1400-3" }, diff --git a/2012/0xxx/CVE-2012-0462.json b/2012/0xxx/CVE-2012-0462.json index beedf1511cc..63dfd6e553d 100644 --- a/2012/0xxx/CVE-2012-0462.json +++ b/2012/0xxx/CVE-2012-0462.json @@ -85,6 +85,12 @@ { "url" : "http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html" }, + { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html" + }, + { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00015.html" + }, { "url" : "http://www.ubuntu.com/usn/USN-1400-3" }, diff --git a/2012/0xxx/CVE-2012-0463.json b/2012/0xxx/CVE-2012-0463.json index 0329715f4e4..ae827841cac 100644 --- a/2012/0xxx/CVE-2012-0463.json +++ b/2012/0xxx/CVE-2012-0463.json @@ -61,6 +61,12 @@ { "url" : "http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html" }, + { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html" + }, + { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00015.html" + }, { "url" : "http://www.securityfocus.com/bid/52466" }, diff --git a/2012/0xxx/CVE-2012-0464.json b/2012/0xxx/CVE-2012-0464.json index d20de694539..246894c39f1 100644 --- a/2012/0xxx/CVE-2012-0464.json +++ b/2012/0xxx/CVE-2012-0464.json @@ -76,6 +76,12 @@ { "url" : "http://lists.opensuse.org/opensuse-updates/2012-03/msg00042.html" }, + { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00014.html" + }, + { + "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00015.html" + }, { "url" : "http://www.ubuntu.com/usn/USN-1400-3" }, diff --git a/2012/1xxx/CVE-2012-1515.json b/2012/1xxx/CVE-2012-1515.json index 2e400b4235f..26390b49c87 100644 --- a/2012/1xxx/CVE-2012-1515.json +++ b/2012/1xxx/CVE-2012-1515.json @@ -70,6 +70,9 @@ { "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17110" }, + { + "url" : "http://www.securitytracker.com/id?1026875" + }, { "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/74480" } diff --git a/2012/1xxx/CVE-2012-1558.json b/2012/1xxx/CVE-2012-1558.json index 4bd0665d7d7..e19de7f59ea 100644 --- a/2012/1xxx/CVE-2012-1558.json +++ b/2012/1xxx/CVE-2012-1558.json @@ -55,6 +55,12 @@ { "url" : "http://www.yassl.com/yaSSL/Docs-cyassl-changelog.html" }, + { + "url" : "http://www.securityfocus.com/bid/52828" + }, + { + "url" : "http://secunia.com/advisories/48634" + }, { "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/74095" } diff --git a/2012/1xxx/CVE-2012-1777.json b/2012/1xxx/CVE-2012-1777.json index 2be38a86baa..ed4c0bae4ad 100644 --- a/2012/1xxx/CVE-2012-1777.json +++ b/2012/1xxx/CVE-2012-1777.json @@ -64,6 +64,9 @@ { "url" : "http://support.f5.com/kb/en-us/solutions/public/13000/400/sol13463.html" }, + { + "url" : "http://www.securitytracker.com/id?1026834" + }, { "url" : "http://secunia.com/advisories/48455" }, diff --git a/2012/1xxx/CVE-2012-1795.json b/2012/1xxx/CVE-2012-1795.json index c406fcda0ab..e9eb311aae3 100644 --- a/2012/1xxx/CVE-2012-1795.json +++ b/2012/1xxx/CVE-2012-1795.json @@ -57,6 +57,9 @@ }, { "url" : "http://osvdb.org/80344" + }, + { + "url" : "http://www.securitytracker.com/id?1026825" } ] } diff --git a/2012/1xxx/CVE-2012-1902.json b/2012/1xxx/CVE-2012-1902.json index 04549f7b19d..c610df47078 100644 --- a/2012/1xxx/CVE-2012-1902.json +++ b/2012/1xxx/CVE-2012-1902.json @@ -67,6 +67,9 @@ { "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079435.html" }, + { + "url" : "http://www.securityfocus.com/bid/52858" + }, { "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/74608" } diff --git a/2012/1xxx/CVE-2012-1926.json b/2012/1xxx/CVE-2012-1926.json index edd5a3802f8..ef3a90d70e8 100644 --- a/2012/1xxx/CVE-2012-1926.json +++ b/2012/1xxx/CVE-2012-1926.json @@ -67,8 +67,14 @@ { "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00012.html" }, + { + "url" : "http://osvdb.org/80622" + }, { "url" : "http://secunia.com/advisories/48535" + }, + { + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/74351" } ] } diff --git a/2012/1xxx/CVE-2012-1927.json b/2012/1xxx/CVE-2012-1927.json index c10551c695b..de88b20b10d 100644 --- a/2012/1xxx/CVE-2012-1927.json +++ b/2012/1xxx/CVE-2012-1927.json @@ -67,8 +67,14 @@ { "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00012.html" }, + { + "url" : "http://osvdb.org/80623" + }, { "url" : "http://secunia.com/advisories/48535" + }, + { + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/74502" } ] } diff --git a/2012/1xxx/CVE-2012-1928.json b/2012/1xxx/CVE-2012-1928.json index aef2a64d860..1d899192fe7 100644 --- a/2012/1xxx/CVE-2012-1928.json +++ b/2012/1xxx/CVE-2012-1928.json @@ -67,8 +67,14 @@ { "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00012.html" }, + { + "url" : "http://osvdb.org/80624" + }, { "url" : "http://secunia.com/advisories/48535" + }, + { + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/74353" } ] } diff --git a/2018/5xxx/CVE-2018-5249.json b/2018/5xxx/CVE-2018-5249.json index 8b5cee9b76e..5ea57b4f22e 100644 --- a/2018/5xxx/CVE-2018-5249.json +++ b/2018/5xxx/CVE-2018-5249.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-5249", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,32 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Cross-site scripting (XSS) vulnerability in Shaarli before 0.8.5 and 0.9.x before 0.9.3 allows remote attackers to inject arbitrary code via the login form's username field (aka the login parameter to the ban_canLogin function in index.php)." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://github.com/shaarli/Shaarli/pull/1046" + }, + { + "url" : "https://github.com/shaarli/Shaarli/releases/tag/v0.8.5" + }, + { + "url" : "https://github.com/shaarli/Shaarli/releases/tag/v0.9.3" } ] } diff --git a/2018/5xxx/CVE-2018-5250.json b/2018/5xxx/CVE-2018-5250.json new file mode 100644 index 00000000000..30c96e25c86 --- /dev/null +++ b/2018/5xxx/CVE-2018-5250.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-5250", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/5xxx/CVE-2018-5251.json b/2018/5xxx/CVE-2018-5251.json new file mode 100644 index 00000000000..2fc73c72323 --- /dev/null +++ b/2018/5xxx/CVE-2018-5251.json @@ -0,0 +1,60 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-5251", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "In libming 0.4.8, there is an integer signedness error vulnerability (left shift of a negative value) in the readSBits function (util/read.c). Remote attackers can leverage this vulnerability to cause a denial of service via a crafted swf file." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://github.com/libming/libming/issues/97" + } + ] + } +}