diff --git a/2013/2xxx/CVE-2013-2219.json b/2013/2xxx/CVE-2013-2219.json index 839c6855f09..671a6ab40ca 100644 --- a/2013/2xxx/CVE-2013-2219.json +++ b/2013/2xxx/CVE-2013-2219.json @@ -57,6 +57,9 @@ }, { "url" : "http://rhn.redhat.com/errata/RHSA-2013-1116.html" + }, + { + "url" : "http://rhn.redhat.com/errata/RHSA-2013-1119.html" } ] } diff --git a/2013/2xxx/CVE-2013-2852.json b/2013/2xxx/CVE-2013-2852.json index ea7acae446b..8372c10ecb0 100644 --- a/2013/2xxx/CVE-2013-2852.json +++ b/2013/2xxx/CVE-2013-2852.json @@ -102,6 +102,9 @@ }, { "url" : "http://www.ubuntu.com/usn/USN-1930-1" + }, + { + "url" : "http://www.ubuntu.com/usn/USN-1920-1" } ] } diff --git a/2013/3xxx/CVE-2013-3433.json b/2013/3xxx/CVE-2013-3433.json index bb5c7ef3f17..fb6a07ba6e6 100644 --- a/2013/3xxx/CVE-2013-3433.json +++ b/2013/3xxx/CVE-2013-3433.json @@ -55,6 +55,12 @@ { "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-cucm" }, + { + "url" : "http://www.securityfocus.com/bid/61297" + }, + { + "url" : "http://osvdb.org/95404" + }, { "url" : "http://secunia.com/advisories/54249" } diff --git a/2013/3xxx/CVE-2013-3434.json b/2013/3xxx/CVE-2013-3434.json index 8be0b954c2d..8830248bd89 100644 --- a/2013/3xxx/CVE-2013-3434.json +++ b/2013/3xxx/CVE-2013-3434.json @@ -55,6 +55,12 @@ { "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-cucm" }, + { + "url" : "http://www.securityfocus.com/bid/61296" + }, + { + "url" : "http://osvdb.org/95403" + }, { "url" : "http://secunia.com/advisories/54249" } diff --git a/2013/3xxx/CVE-2013-3436.json b/2013/3xxx/CVE-2013-3436.json index a6d57d25125..3dec017b737 100644 --- a/2013/3xxx/CVE-2013-3436.json +++ b/2013/3xxx/CVE-2013-3436.json @@ -58,8 +58,17 @@ { "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3436" }, + { + "url" : "http://www.securityfocus.com/bid/61362" + }, { "url" : "http://osvdb.org/95460" + }, + { + "url" : "http://www.securitytracker.com/id/1028810" + }, + { + "url" : "http://xforce.iss.net/xforce/xfdb/85868" } ] } diff --git a/2013/3xxx/CVE-2013-3439.json b/2013/3xxx/CVE-2013-3439.json index a8ad93ed2e5..d7b1978a7ea 100644 --- a/2013/3xxx/CVE-2013-3439.json +++ b/2013/3xxx/CVE-2013-3439.json @@ -58,8 +58,14 @@ { "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3439" }, + { + "url" : "http://www.securityfocus.com/bid/61416" + }, { "url" : "http://osvdb.org/95585" + }, + { + "url" : "http://www.securitytracker.com/id/1028825" } ] } diff --git a/2013/3xxx/CVE-2013-3440.json b/2013/3xxx/CVE-2013-3440.json index 1cdc259db64..00222384945 100644 --- a/2013/3xxx/CVE-2013-3440.json +++ b/2013/3xxx/CVE-2013-3440.json @@ -58,8 +58,14 @@ { "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3440" }, + { + "url" : "http://www.securityfocus.com/bid/61414" + }, { "url" : "http://osvdb.org/95584" + }, + { + "url" : "http://www.securitytracker.com/id/1028819" } ] } diff --git a/2013/3xxx/CVE-2013-3441.json b/2013/3xxx/CVE-2013-3441.json index 6bd87d4498f..0ab096d9586 100644 --- a/2013/3xxx/CVE-2013-3441.json +++ b/2013/3xxx/CVE-2013-3441.json @@ -58,8 +58,14 @@ { "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3441" }, + { + "url" : "http://www.securityfocus.com/bid/61404" + }, { "url" : "http://osvdb.org/95548" + }, + { + "url" : "http://www.securitytracker.com/id/1028818" } ] } diff --git a/2013/3xxx/CVE-2013-3445.json b/2013/3xxx/CVE-2013-3445.json index b4ad8adaadd..154ef8ac436 100644 --- a/2013/3xxx/CVE-2013-3445.json +++ b/2013/3xxx/CVE-2013-3445.json @@ -58,8 +58,17 @@ { "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3445" }, + { + "url" : "http://www.securityfocus.com/bid/61452" + }, { "url" : "http://osvdb.org/95659" + }, + { + "url" : "http://www.securitytracker.com/id/1028837" + }, + { + "url" : "http://xforce.iss.net/xforce/xfdb/85982" } ] } diff --git a/2013/3xxx/CVE-2013-3656.json b/2013/3xxx/CVE-2013-3656.json index f092a513308..5f33a9834ab 100644 --- a/2013/3xxx/CVE-2013-3656.json +++ b/2013/3xxx/CVE-2013-3656.json @@ -60,6 +60,9 @@ }, { "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000069" + }, + { + "url" : "http://xforce.iss.net/xforce/xfdb/85894" } ] } diff --git a/2013/3xxx/CVE-2013-3744.json b/2013/3xxx/CVE-2013-3744.json index c1d53b1b6aa..a2336227b84 100644 --- a/2013/3xxx/CVE-2013-3744.json +++ b/2013/3xxx/CVE-2013-3744.json @@ -79,6 +79,9 @@ { "url" : "http://www.us-cert.gov/ncas/alerts/TA13-169A" }, + { + "url" : "http://www.securityfocus.com/bid/60654" + }, { "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17180" }, diff --git a/2013/3xxx/CVE-2013-3746.json b/2013/3xxx/CVE-2013-3746.json index bd34777f345..d362263f18c 100644 --- a/2013/3xxx/CVE-2013-3746.json +++ b/2013/3xxx/CVE-2013-3746.json @@ -54,6 +54,9 @@ "reference_data" : [ { "url" : "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html" + }, + { + "url" : "http://secunia.com/advisories/54239" } ] } diff --git a/2013/3xxx/CVE-2013-3754.json b/2013/3xxx/CVE-2013-3754.json index 73be8af63db..e9d34eec45c 100644 --- a/2013/3xxx/CVE-2013-3754.json +++ b/2013/3xxx/CVE-2013-3754.json @@ -61,6 +61,9 @@ { "url" : "http://osvdb.org/95306" }, + { + "url" : "http://secunia.com/advisories/54239" + }, { "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/85693" } diff --git a/2013/4xxx/CVE-2013-4673.json b/2013/4xxx/CVE-2013-4673.json index 524bf1083c6..8a661ce2279 100644 --- a/2013/4xxx/CVE-2013-4673.json +++ b/2013/4xxx/CVE-2013-4673.json @@ -58,6 +58,9 @@ { "url" : "http://www.securityfocus.com/bid/61105" }, + { + "url" : "http://osvdb.org/95702" + }, { "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/85990" } diff --git a/2013/4xxx/CVE-2013-4674.json b/2013/4xxx/CVE-2013-4674.json index c1ad0b2061e..8f084e3901d 100644 --- a/2013/4xxx/CVE-2013-4674.json +++ b/2013/4xxx/CVE-2013-4674.json @@ -57,6 +57,18 @@ }, { "url" : "http://www.securityfocus.com/bid/61290" + }, + { + "url" : "http://osvdb.org/95581" + }, + { + "url" : "http://www.securitytracker.com/id/1028820" + }, + { + "url" : "http://secunia.com/advisories/54214" + }, + { + "url" : "http://xforce.iss.net/xforce/xfdb/85902" } ] } diff --git a/2017/1000xxx/CVE-2017-1000126.json b/2017/1000xxx/CVE-2017-1000126.json index 192a056a879..5ab01eb8d77 100644 --- a/2017/1000xxx/CVE-2017-1000126.json +++ b/2017/1000xxx/CVE-2017-1000126.json @@ -1,62 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "kurt@seifried.org", - "DATE_ASSIGNED": "2017-08-22T17:29:33.340007", - "ID": "CVE-2017-1000126", - "STATE": "PUBLIC", - "REQUESTER": "hanno@hboeck.de" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "exiv2", - "version": { - "version_data": [ - { - "version_value": "0.26" - } - ] - } - } - ] - }, - "vendor_name": "" - } + "CVE_data_meta" : { + "ASSIGNER" : "cve-assign@distributedweaknessfiling.org", + "DATE_ASSIGNED" : "2017-08-22T17:29:33.340007", + "ID" : "CVE-2017-1000126", + "REQUESTER" : "hanno@hboeck.de", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "exiv2", + "version" : { + "version_data" : [ + { + "version_value" : "0.26" + } + ] + } + } + ] + }, + "vendor_name" : "" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "exiv2 0.26 contains a Stack out of bounds read in webp parser" + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Overflow" + } ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "exiv2 0.26 contains a Stack out of bounds read in webp parser" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Buffer Overflow" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://www.openwall.com/lists/oss-security/2017/06/30/1" - } - ] - } + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "http://www.openwall.com/lists/oss-security/2017/06/30/1" + } + ] + } } diff --git a/2017/1000xxx/CVE-2017-1000127.json b/2017/1000xxx/CVE-2017-1000127.json index 3c18b221a9c..b4ae3a3b452 100644 --- a/2017/1000xxx/CVE-2017-1000127.json +++ b/2017/1000xxx/CVE-2017-1000127.json @@ -1,62 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "kurt@seifried.org", - "DATE_ASSIGNED": "2017-08-22T17:29:33.340860", - "ID": "CVE-2017-1000127", - "STATE": "PUBLIC", - "REQUESTER": "hanno@hboeck.de" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "exiv2", - "version": { - "version_data": [ - { - "version_value": "0.26" - } - ] - } - } - ] - }, - "vendor_name": "" - } + "CVE_data_meta" : { + "ASSIGNER" : "cve-assign@distributedweaknessfiling.org", + "DATE_ASSIGNED" : "2017-08-22T17:29:33.340860", + "ID" : "CVE-2017-1000127", + "REQUESTER" : "hanno@hboeck.de", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "exiv2", + "version" : { + "version_data" : [ + { + "version_value" : "0.26" + } + ] + } + } + ] + }, + "vendor_name" : "" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Exiv2 0.26 contains a heap buffer overflow in tiff parser" + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Overflow" + } ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Exiv2 0.26 contains a heap buffer overflow in tiff parser" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Buffer Overflow" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://www.openwall.com/lists/oss-security/2017/06/30/1" - } - ] - } + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "http://www.openwall.com/lists/oss-security/2017/06/30/1" + } + ] + } } diff --git a/2017/1000xxx/CVE-2017-1000128.json b/2017/1000xxx/CVE-2017-1000128.json index 15b3a8e797d..a78a01ae8a3 100644 --- a/2017/1000xxx/CVE-2017-1000128.json +++ b/2017/1000xxx/CVE-2017-1000128.json @@ -1,62 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "kurt@seifried.org", - "DATE_ASSIGNED": "2017-08-22T17:29:33.341797", - "ID": "CVE-2017-1000128", - "STATE": "PUBLIC", - "REQUESTER": "hanno@hboeck.de" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "exiv2", - "version": { - "version_data": [ - { - "version_value": "0.26" - } - ] - } - } - ] - }, - "vendor_name": "" - } + "CVE_data_meta" : { + "ASSIGNER" : "cve-assign@distributedweaknessfiling.org", + "DATE_ASSIGNED" : "2017-08-22T17:29:33.341797", + "ID" : "CVE-2017-1000128", + "REQUESTER" : "hanno@hboeck.de", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "exiv2", + "version" : { + "version_data" : [ + { + "version_value" : "0.26" + } + ] + } + } + ] + }, + "vendor_name" : "" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser" + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Buffer Overflow" + } ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Buffer Overflow" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "http://www.openwall.com/lists/oss-security/2017/06/30/1" - } - ] - } + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "http://www.openwall.com/lists/oss-security/2017/06/30/1" + } + ] + } } diff --git a/2017/1000xxx/CVE-2017-1000217.json b/2017/1000xxx/CVE-2017-1000217.json index 9ccc9b0ae6f..8e3e6e0f2cc 100644 --- a/2017/1000xxx/CVE-2017-1000217.json +++ b/2017/1000xxx/CVE-2017-1000217.json @@ -1,65 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "kurt@seifried.org", - "DATE_ASSIGNED": "2017-08-22T17:29:33.445777", - "ID": "CVE-2017-1000217", - "REQUESTER": "lkiesow@uos.de", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Opencast", - "version": { - "version_data": [ - { - "version_value": "2.3.2 and older" - } - ] - } - } - ] - }, - "vendor_name": "Apereo Foundation" - } + "CVE_data_meta" : { + "ASSIGNER" : "cve-assign@distributedweaknessfiling.org", + "DATE_ASSIGNED" : "2017-08-22T17:29:33.445777", + "ID" : "CVE-2017-1000217", + "REQUESTER" : "lkiesow@uos.de", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Opencast", + "version" : { + "version_data" : [ + { + "version_value" : "2.3.2 and older" + } + ] + } + } + ] + }, + "vendor_name" : "Apereo Foundation" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Opencast 2.3.2 and older versions are vulnerable to script injections through media and metadata in the player and media module resulting in arbitrary code execution, fixed in 2.3.3 and 3.0." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Cross Site Scripting (XSS)" + } ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Opencast 2.3.2 and older versions are vulnerable to script injections through media and metadata in the player and media module resulting in arbitrary code execution, fixed in 2.3.3 and 3.0." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Cross Site Scripting (XSS)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://groups.google.com/a/opencast.org/forum/#!forum/security-notices" - }, - { - "url": "https://groups.google.com/a/opencast.org/forum/#!topic/security-notices/sCpt0pIPEFg" - } - ] - } + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://groups.google.com/a/opencast.org/forum/#!topic/security-notices/sCpt0pIPEFg" + } + ] + } } diff --git a/2017/1000xxx/CVE-2017-1000221.json b/2017/1000xxx/CVE-2017-1000221.json index c511d97b432..a1f7702590d 100644 --- a/2017/1000xxx/CVE-2017-1000221.json +++ b/2017/1000xxx/CVE-2017-1000221.json @@ -1,62 +1,62 @@ { - "CVE_data_meta": { - "ASSIGNER": "kurt@seifried.org", - "DATE_ASSIGNED": "2017-08-22T17:29:33.450633", - "ID": "CVE-2017-1000221", - "REQUESTER": "lkiesow@uos.de", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Opencast", - "version": { - "version_data": [ - { - "version_value": "2.2.3 and older" - } - ] - } - } - ] - }, - "vendor_name": "Apereo" - } + "CVE_data_meta" : { + "ASSIGNER" : "cve-assign@distributedweaknessfiling.org", + "DATE_ASSIGNED" : "2017-08-22T17:29:33.450633", + "ID" : "CVE-2017-1000221", + "REQUESTER" : "lkiesow@uos.de", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Opencast", + "version" : { + "version_data" : [ + { + "version_value" : "2.2.3 and older" + } + ] + } + } + ] + }, + "vendor_name" : "Apereo" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "In Opencast 2.2.3 and older if user names overlap, the Opencast search service used for publication to the media modules and players will handle the access control incorrectly so that users only need to match part of the user name used for the access restriction. For example, a user with the role ROLE_USER will have access to recordings published only for ROLE_USER_X." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Incorrect Access Control" + } ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In Opencast 2.2.3 and older if user names overlap, the Opencast search service used for publication to the media modules and players will handle the access control incorrectly so that users only need to match part of the user name used for the access restriction. For example, a user with the role ROLE_USER will have access to recordings published only for ROLE_USER_X." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Incorrect Access Control" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://opencast.jira.com/browse/MH-11862" - } - ] - } + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://opencast.jira.com/browse/MH-11862" + } + ] + } }