diff --git a/2001/0xxx/CVE-2001-0316.json b/2001/0xxx/CVE-2001-0316.json index cfbdbe6456a..22eb267b407 100644 --- a/2001/0xxx/CVE-2001-0316.json +++ b/2001/0xxx/CVE-2001-0316.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0316", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0316", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "RHSA-2001:013", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2001-013.html" - }, - { - "name" : "CSSA-2001-009", - "refsource" : "CALDERA", - "url" : "http://www.caldera.com/support/security/advisories/CSSA-2001-009.0.txt" - }, - { - "name" : "20010213 Trustix Security Advisory - proftpd, kernel", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2001-02/0267.html" - }, - { - "name" : "2364", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/2364" - }, - { - "name" : "6017", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/6017" - }, - { - "name" : "linux-sysctl-read-memory(6079)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6079" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2001:013", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2001-013.html" + }, + { + "name": "6017", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/6017" + }, + { + "name": "linux-sysctl-read-memory(6079)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6079" + }, + { + "name": "CSSA-2001-009", + "refsource": "CALDERA", + "url": "http://www.caldera.com/support/security/advisories/CSSA-2001-009.0.txt" + }, + { + "name": "20010213 Trustix Security Advisory - proftpd, kernel", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0267.html" + }, + { + "name": "2364", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/2364" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0453.json b/2001/0xxx/CVE-2001-0453.json index 46f0f8e23c4..b0445823381 100644 --- a/2001/0xxx/CVE-2001-0453.json +++ b/2001/0xxx/CVE-2001-0453.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0453", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in BRS WebWeaver HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the (1) syshelp, (2) sysimages, or (3) scripts directories." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0453", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20010428 Vulnerabilities in BRS WebWeaver ", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2001-04/0519.html" - }, - { - "name" : "http://members.nbci.com/_XMCM/BSoutham/WebWeaver/WebWeaverHistory.html", - "refsource" : "CONFIRM", - "url" : "http://members.nbci.com/_XMCM/BSoutham/WebWeaver/WebWeaverHistory.html" - }, - { - "name" : "2675", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/2675" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in BRS WebWeaver HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the (1) syshelp, (2) sysimages, or (3) scripts directories." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://members.nbci.com/_XMCM/BSoutham/WebWeaver/WebWeaverHistory.html", + "refsource": "CONFIRM", + "url": "http://members.nbci.com/_XMCM/BSoutham/WebWeaver/WebWeaverHistory.html" + }, + { + "name": "2675", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/2675" + }, + { + "refsource": "BUGTRAQ", + "name": "20010428 Vulnerabilities in BRS WebWeaver", + "url": "http://archives.neohapsis.com/archives/bugtraq/2001-04/0519.html" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0634.json b/2001/0xxx/CVE-2001-0634.json index af45dfd7143..539f869ff8b 100644 --- a/2001/0xxx/CVE-2001-0634.json +++ b/2001/0xxx/CVE-2001-0634.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0634", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Sun Chili!Soft ASP has weak permissions on various configuration files, which allows a local attacker to gain additional privileges and create a denial of service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0634", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20010220 Advisory: Chili!Soft ASP Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2001-02/0378.html" - }, - { - "name" : "20010226 Re: Advisory: Chili!Soft ASP Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2001-02/0443.html" - }, - { - "name" : "chilisoft-asp-license-dos(6176)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6176" - }, - { - "name" : "2409", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/2409" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Sun Chili!Soft ASP has weak permissions on various configuration files, which allows a local attacker to gain additional privileges and create a denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20010220 Advisory: Chili!Soft ASP Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0378.html" + }, + { + "name": "2409", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/2409" + }, + { + "name": "20010226 Re: Advisory: Chili!Soft ASP Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0443.html" + }, + { + "name": "chilisoft-asp-license-dos(6176)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6176" + } + ] + } +} \ No newline at end of file diff --git a/2008/0xxx/CVE-2008-0286.json b/2008/0xxx/CVE-2008-0286.json index 1a0b042df43..bf718fe910a 100644 --- a/2008/0xxx/CVE-2008-0286.json +++ b/2008/0xxx/CVE-2008-0286.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-0286", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in admin/login.php in Article Dashboard allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) password fields." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-0286", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080115 Article DashBoard all version SQL Injection Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/486323/100/0/threaded" - }, - { - "name" : "20080116 Re: Article DashBoard all version SQL Injection Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/486646/100/0/threaded" - }, - { - "name" : "27286", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27286" - }, - { - "name" : "28495", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28495" - }, - { - "name" : "3546", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3546" - }, - { - "name" : "articledashboard-login-sql-injection(39657)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39657" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in admin/login.php in Article Dashboard allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) password fields." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20080115 Article DashBoard all version SQL Injection Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/486323/100/0/threaded" + }, + { + "name": "20080116 Re: Article DashBoard all version SQL Injection Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/486646/100/0/threaded" + }, + { + "name": "27286", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27286" + }, + { + "name": "3546", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3546" + }, + { + "name": "28495", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28495" + }, + { + "name": "articledashboard-login-sql-injection(39657)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39657" + } + ] + } +} \ No newline at end of file diff --git a/2008/0xxx/CVE-2008-0483.json b/2008/0xxx/CVE-2008-0483.json index 1d9b70d1af0..0ab8a65e924 100644 --- a/2008/0xxx/CVE-2008-0483.json +++ b/2008/0xxx/CVE-2008-0483.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-0483", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-0483", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2008/0xxx/CVE-2008-0660.json b/2008/0xxx/CVE-2008-0660.json index bd0eba83c2e..32d4378426d 100644 --- a/2008/0xxx/CVE-2008-0660.json +++ b/2008/0xxx/CVE-2008-0660.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-0660", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-0660", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2008/Feb/0023.html" - }, - { - "name" : "5049", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/5049" - }, - { - "name" : "http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9060483", - "refsource" : "MISC", - "url" : "http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9060483" - }, - { - "name" : "VU#776931", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/776931" - }, - { - "name" : "27576", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27576" - }, - { - "name" : "27577", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27577" - }, - { - "name" : "ADV-2008-0391", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0391/references" - }, - { - "name" : "ADV-2008-0394", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0394/references" - }, - { - "name" : "1019297", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019297" - }, - { - "name" : "28707", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28707" - }, - { - "name" : "28713", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28713" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple stack-based buffer overflows in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.6.17.0, 4.5.70.0, and 4.5.126.0, and ImageUploader5 5.0.10.0, as used by Facebook PhotoUploader 4.5.57.0, allow remote attackers to execute arbitrary code via long (1) ExtractExif and (2) ExtractIptc properties." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2008/Feb/0023.html" + }, + { + "name": "ADV-2008-0394", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0394/references" + }, + { + "name": "27576", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27576" + }, + { + "name": "28707", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28707" + }, + { + "name": "ADV-2008-0391", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0391/references" + }, + { + "name": "28713", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28713" + }, + { + "name": "5049", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/5049" + }, + { + "name": "27577", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27577" + }, + { + "name": "1019297", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019297" + }, + { + "name": "VU#776931", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/776931" + }, + { + "name": "http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9060483", + "refsource": "MISC", + "url": "http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9060483" + } + ] + } +} \ No newline at end of file diff --git a/2008/0xxx/CVE-2008-0721.json b/2008/0xxx/CVE-2008-0721.json index 7b789de0357..1d66f53bb2f 100644 --- a/2008/0xxx/CVE-2008-0721.json +++ b/2008/0xxx/CVE-2008-0721.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-0721", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in the Sermon (com_sermon) 0.2 component for Mambo allows remote attackers to execute arbitrary SQL commands via the gid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-0721", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "5076", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/5076" - }, - { - "name" : "27673", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27673" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in the Sermon (com_sermon) 0.2 component for Mambo allows remote attackers to execute arbitrary SQL commands via the gid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27673", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27673" + }, + { + "name": "5076", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/5076" + } + ] + } +} \ No newline at end of file diff --git a/2008/1xxx/CVE-2008-1229.json b/2008/1xxx/CVE-2008-1229.json index 044ccc300b6..d1c940ba158 100644 --- a/2008/1xxx/CVE-2008-1229.json +++ b/2008/1xxx/CVE-2008-1229.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-1229", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote attackers to inject arbitrary web script or HTML via the editor parameter, a different vector than CVE-2007-5120.b." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-1229", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080213 JSPWiki Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=120300554011544&w=2" - }, - { - "name" : "5112", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/5112" - }, - { - "name" : "http://www.bugsec.com/articles.php?Security=48&Web-Application-Firewall=0", - "refsource" : "MISC", - "url" : "http://www.bugsec.com/articles.php?Security=48&Web-Application-Firewall=0" - }, - { - "name" : "27785", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27785" - }, - { - "name" : "28969", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28969" - }, - { - "name" : "jspwiki-edit-xss(40507)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/40507" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote attackers to inject arbitrary web script or HTML via the editor parameter, a different vector than CVE-2007-5120.b." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20080213 JSPWiki Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=120300554011544&w=2" + }, + { + "name": "http://www.bugsec.com/articles.php?Security=48&Web-Application-Firewall=0", + "refsource": "MISC", + "url": "http://www.bugsec.com/articles.php?Security=48&Web-Application-Firewall=0" + }, + { + "name": "28969", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28969" + }, + { + "name": "27785", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27785" + }, + { + "name": "jspwiki-edit-xss(40507)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40507" + }, + { + "name": "5112", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/5112" + } + ] + } +} \ No newline at end of file diff --git a/2008/1xxx/CVE-2008-1658.json b/2008/1xxx/CVE-2008-1658.json index 90c63deed7a..a59920b6095 100644 --- a/2008/1xxx/CVE-2008-1658.json +++ b/2008/1xxx/CVE-2008-1658.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-1658", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Format string vulnerability in the grant helper (polkit-grant-helper.c) in PolicyKit 0.7 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in a password." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@ubuntu.com", + "ID": "CVE-2008-1658", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.freedesktop.org/show_bug.cgi?id=15295", - "refsource" : "CONFIRM", - "url" : "http://bugs.freedesktop.org/show_bug.cgi?id=15295" - }, - { - "name" : "http://gitweb.freedesktop.org/?p=PolicyKit.git;a=commitdiff;h=5bc86a14cc0e356bcf8b5f861674f842869b1be7", - "refsource" : "CONFIRM", - "url" : "http://gitweb.freedesktop.org/?p=PolicyKit.git;a=commitdiff;h=5bc86a14cc0e356bcf8b5f861674f842869b1be7" - }, - { - "name" : "https://bugs.launchpad.net/ubuntu/+source/policykit/+bug/205037", - "refsource" : "CONFIRM", - "url" : "https://bugs.launchpad.net/ubuntu/+source/policykit/+bug/205037" - }, - { - "name" : "FEDORA-2008-2987", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00176.html" - }, - { - "name" : "MDVSA-2008:087", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:087" - }, - { - "name" : "28702", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28702" - }, - { - "name" : "ADV-2008-1254", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1254" - }, - { - "name" : "29755", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29755" - }, - { - "name" : "policykit-granthelper-format-string(41877)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41877" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Format string vulnerability in the grant helper (polkit-grant-helper.c) in PolicyKit 0.7 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in a password." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.launchpad.net/ubuntu/+source/policykit/+bug/205037", + "refsource": "CONFIRM", + "url": "https://bugs.launchpad.net/ubuntu/+source/policykit/+bug/205037" + }, + { + "name": "MDVSA-2008:087", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:087" + }, + { + "name": "http://gitweb.freedesktop.org/?p=PolicyKit.git;a=commitdiff;h=5bc86a14cc0e356bcf8b5f861674f842869b1be7", + "refsource": "CONFIRM", + "url": "http://gitweb.freedesktop.org/?p=PolicyKit.git;a=commitdiff;h=5bc86a14cc0e356bcf8b5f861674f842869b1be7" + }, + { + "name": "http://bugs.freedesktop.org/show_bug.cgi?id=15295", + "refsource": "CONFIRM", + "url": "http://bugs.freedesktop.org/show_bug.cgi?id=15295" + }, + { + "name": "policykit-granthelper-format-string(41877)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41877" + }, + { + "name": "28702", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28702" + }, + { + "name": "FEDORA-2008-2987", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00176.html" + }, + { + "name": "ADV-2008-1254", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1254" + }, + { + "name": "29755", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29755" + } + ] + } +} \ No newline at end of file diff --git a/2008/1xxx/CVE-2008-1712.json b/2008/1xxx/CVE-2008-1712.json index 841f6e922f2..b0ca3947af7 100644 --- a/2008/1xxx/CVE-2008-1712.json +++ b/2008/1xxx/CVE-2008-1712.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-1712", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in includes/functions_weblog.php in mxBB mx_blogs 2.0.0 beta allows remote attackers to execute arbitrary PHP code via a URL in the mx_root_path parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-1712", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "5323", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/5323" - }, - { - "name" : "28515", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28515" - }, - { - "name" : "mxblogs-functionsweblog-file-include(41819)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41819" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in includes/functions_weblog.php in mxBB mx_blogs 2.0.0 beta allows remote attackers to execute arbitrary PHP code via a URL in the mx_root_path parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "28515", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28515" + }, + { + "name": "5323", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/5323" + }, + { + "name": "mxblogs-functionsweblog-file-include(41819)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41819" + } + ] + } +} \ No newline at end of file diff --git a/2008/1xxx/CVE-2008-1720.json b/2008/1xxx/CVE-2008-1720.json index fa569a01d91..f2c177123f2 100644 --- a/2008/1xxx/CVE-2008-1720.json +++ b/2008/1xxx/CVE-2008-1720.json @@ -1,192 +1,192 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-1720", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2008-1720", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[rsync-announce] 20080408 Rsync 3.0.2 released w/xattr security fix (attn: 2.6.9 onward)", - "refsource" : "MLIST", - "url" : "http://www.mail-archive.com/rsync-announce@lists.samba.org/msg00057.html" - }, - { - "name" : "http://rsync.samba.org/ftp/rsync/security/rsync-3.0.1-xattr-alloc.diff", - "refsource" : "CONFIRM", - "url" : "http://rsync.samba.org/ftp/rsync/security/rsync-3.0.1-xattr-alloc.diff" - }, - { - "name" : "http://samba.anu.edu.au/rsync/security.html#s3_0_2", - "refsource" : "CONFIRM", - "url" : "http://samba.anu.edu.au/rsync/security.html#s3_0_2" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=591462&group_id=69227", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=591462&group_id=69227" - }, - { - "name" : "DSA-1545", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1545" - }, - { - "name" : "FEDORA-2008-3047", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00237.html" - }, - { - "name" : "FEDORA-2008-3060", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00247.html" - }, - { - "name" : "GLSA-200804-16", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200804-16.xml" - }, - { - "name" : "HPSBMA02447", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=125017764422557&w=2" - }, - { - "name" : "SSRT090062", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=125017764422557&w=2" - }, - { - "name" : "MDVSA-2008:084", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:084" - }, - { - "name" : "SUSE-SR:2008:011", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html" - }, - { - "name" : "USN-600-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/600-1/" - }, - { - "name" : "28726", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28726" - }, - { - "name" : "ADV-2008-1191", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1191/references" - }, - { - "name" : "ADV-2008-1215", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1215/references" - }, - { - "name" : "44368", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/44368" - }, - { - "name" : "44369", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/44369" - }, - { - "name" : "1019835", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019835" - }, - { - "name" : "29668", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29668" - }, - { - "name" : "29770", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29770" - }, - { - "name" : "29777", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29777" - }, - { - "name" : "29781", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29781" - }, - { - "name" : "29856", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29856" - }, - { - "name" : "29861", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29861" - }, - { - "name" : "29788", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29788" - }, - { - "name" : "rsync-xattr-bo(41766)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41766" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "29856", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29856" + }, + { + "name": "29788", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29788" + }, + { + "name": "SUSE-SR:2008:011", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html" + }, + { + "name": "GLSA-200804-16", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200804-16.xml" + }, + { + "name": "[rsync-announce] 20080408 Rsync 3.0.2 released w/xattr security fix (attn: 2.6.9 onward)", + "refsource": "MLIST", + "url": "http://www.mail-archive.com/rsync-announce@lists.samba.org/msg00057.html" + }, + { + "name": "USN-600-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/600-1/" + }, + { + "name": "29781", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29781" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=591462&group_id=69227", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=591462&group_id=69227" + }, + { + "name": "ADV-2008-1215", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1215/references" + }, + { + "name": "29770", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29770" + }, + { + "name": "FEDORA-2008-3047", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00237.html" + }, + { + "name": "http://rsync.samba.org/ftp/rsync/security/rsync-3.0.1-xattr-alloc.diff", + "refsource": "CONFIRM", + "url": "http://rsync.samba.org/ftp/rsync/security/rsync-3.0.1-xattr-alloc.diff" + }, + { + "name": "http://samba.anu.edu.au/rsync/security.html#s3_0_2", + "refsource": "CONFIRM", + "url": "http://samba.anu.edu.au/rsync/security.html#s3_0_2" + }, + { + "name": "MDVSA-2008:084", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:084" + }, + { + "name": "ADV-2008-1191", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1191/references" + }, + { + "name": "28726", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28726" + }, + { + "name": "1019835", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019835" + }, + { + "name": "29861", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29861" + }, + { + "name": "29668", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29668" + }, + { + "name": "DSA-1545", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1545" + }, + { + "name": "HPSBMA02447", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=125017764422557&w=2" + }, + { + "name": "FEDORA-2008-3060", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00247.html" + }, + { + "name": "29777", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29777" + }, + { + "name": "rsync-xattr-bo(41766)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41766" + }, + { + "name": "SSRT090062", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=125017764422557&w=2" + }, + { + "name": "44369", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/44369" + }, + { + "name": "44368", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/44368" + } + ] + } +} \ No newline at end of file diff --git a/2008/1xxx/CVE-2008-1932.json b/2008/1xxx/CVE-2008-1932.json index d0162f899cf..10e86121b9a 100644 --- a/2008/1xxx/CVE-2008-1932.json +++ b/2008/1xxx/CVE-2008-1932.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-1932", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allows local users to execute arbitrary code via a crafted IOCTL request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-1932", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080423 [W01-0408] Realtek HD Audio Codec Drivers (Vista) - Local Privilege Escalation", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/491249/100/0/threaded" - }, - { - "name" : "http://www.wintercore.com/advisories/advisory_W010408.html", - "refsource" : "MISC", - "url" : "http://www.wintercore.com/advisories/advisory_W010408.html" - }, - { - "name" : "28909", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28909" - }, - { - "name" : "ADV-2008-1350", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1350/references" - }, - { - "name" : "29953", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29953" - }, - { - "name" : "realtek-ioctl-overflow(42079)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42079" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allows local users to execute arbitrary code via a crafted IOCTL request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "29953", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29953" + }, + { + "name": "realtek-ioctl-overflow(42079)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42079" + }, + { + "name": "20080423 [W01-0408] Realtek HD Audio Codec Drivers (Vista) - Local Privilege Escalation", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/491249/100/0/threaded" + }, + { + "name": "ADV-2008-1350", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1350/references" + }, + { + "name": "http://www.wintercore.com/advisories/advisory_W010408.html", + "refsource": "MISC", + "url": "http://www.wintercore.com/advisories/advisory_W010408.html" + }, + { + "name": "28909", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28909" + } + ] + } +} \ No newline at end of file diff --git a/2008/5xxx/CVE-2008-5458.json b/2008/5xxx/CVE-2008-5458.json index 4e5018d6e86..a04e65b33f9 100644 --- a/2008/5xxx/CVE-2008-5458.json +++ b/2008/5xxx/CVE-2008-5458.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-5458", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10 and CU2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2008-5458", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html" - }, - { - "name" : "33177", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/33177" - }, - { - "name" : "ADV-2009-0115", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/0115" - }, - { - "name" : "1021568", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1021568" - }, - { - "name" : "33525", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33525" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10 and CU2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33525", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33525" + }, + { + "name": "ADV-2009-0115", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/0115" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html" + }, + { + "name": "33177", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/33177" + }, + { + "name": "1021568", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1021568" + } + ] + } +} \ No newline at end of file diff --git a/2008/5xxx/CVE-2008-5691.json b/2008/5xxx/CVE-2008-5691.json index 40305d293ca..0b88685383a 100644 --- a/2008/5xxx/CVE-2008-5691.json +++ b/2008/5xxx/CVE-2008-5691.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-5691", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the Phoenician Casino FlashAX ActiveX control 1.0.0.7 allows remote attackers to execute arbitrary code via a long argument to the SetID method." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-5691", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "7505", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/7505" - }, - { - "name" : "32901", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32901" - }, - { - "name" : "4795", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/4795" - }, - { - "name" : "phoenician-flashax-bo(47448)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47448" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the Phoenician Casino FlashAX ActiveX control 1.0.0.7 allows remote attackers to execute arbitrary code via a long argument to the SetID method." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4795", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/4795" + }, + { + "name": "32901", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32901" + }, + { + "name": "phoenician-flashax-bo(47448)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47448" + }, + { + "name": "7505", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/7505" + } + ] + } +} \ No newline at end of file diff --git a/2008/5xxx/CVE-2008-5746.json b/2008/5xxx/CVE-2008-5746.json index 265b66d54c0..b201115d7f3 100644 --- a/2008/5xxx/CVE-2008-5746.json +++ b/2008/5xxx/CVE-2008-5746.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-5746", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Sun SNMP Management Agent (SUNWmasf) 1.4u2 through 1.5.4 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on temporary files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-5746", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "248646", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-248646-1" - }, - { - "name" : "33014", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/33014" - }, - { - "name" : "50987", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/50987" - }, - { - "name" : "1021496", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1021496" - }, - { - "name" : "33328", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33328" - }, - { - "name" : "snmp-managementagent-symlink(47619)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47619" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Sun SNMP Management Agent (SUNWmasf) 1.4u2 through 1.5.4 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on temporary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33014", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/33014" + }, + { + "name": "1021496", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1021496" + }, + { + "name": "33328", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33328" + }, + { + "name": "snmp-managementagent-symlink(47619)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47619" + }, + { + "name": "50987", + "refsource": "OSVDB", + "url": "http://osvdb.org/50987" + }, + { + "name": "248646", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-248646-1" + } + ] + } +} \ No newline at end of file diff --git a/2013/0xxx/CVE-2013-0386.json b/2013/0xxx/CVE-2013-0386.json index 798c1ddc7b6..b2ff331356f 100644 --- a/2013/0xxx/CVE-2013-0386.json +++ b/2013/0xxx/CVE-2013-0386.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-0386", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2013-0386", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html" - }, - { - "name" : "GLSA-201308-06", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201308-06.xml" - }, - { - "name" : "MDVSA-2013:150", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" - }, - { - "name" : "USN-1703-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1703-1" - }, - { - "name" : "oval:org.mitre.oval:def:16835", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16835" - }, - { - "name" : "53372", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/53372" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-1703-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1703-1" + }, + { + "name": "53372", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/53372" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html" + }, + { + "name": "GLSA-201308-06", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml" + }, + { + "name": "MDVSA-2013:150", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" + }, + { + "name": "oval:org.mitre.oval:def:16835", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16835" + } + ] + } +} \ No newline at end of file diff --git a/2013/0xxx/CVE-2013-0592.json b/2013/0xxx/CVE-2013-0592.json index 3ae27c39219..01f461270b2 100644 --- a/2013/0xxx/CVE-2013-0592.json +++ b/2013/0xxx/CVE-2013-0592.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-0592", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2013-0592", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www-01.ibm.com/support/docview.wss?uid=swg21671622", - "refsource" : "CONFIRM", - "url" : "https://www-01.ibm.com/support/docview.wss?uid=swg21671622" - }, - { - "name" : "ibm-inotes-cve20130592-xss(83815)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/83815" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622", + "refsource": "CONFIRM", + "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622" + }, + { + "name": "ibm-inotes-cve20130592-xss(83815)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83815" + } + ] + } +} \ No newline at end of file diff --git a/2013/3xxx/CVE-2013-3000.json b/2013/3xxx/CVE-2013-3000.json index aca3e8d792d..672332d8c4e 100644 --- a/2013/3xxx/CVE-2013-3000.json +++ b/2013/3xxx/CVE-2013-3000.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-3000", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. IBM X-Force ID: 84116." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2013-3000", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-infosphere-data-replication-dashboard-cve-2013-2999-cve-2013-3001-cve-2013-3000/", - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-infosphere-data-replication-dashboard-cve-2013-2999-cve-2013-3001-cve-2013-3000/" - }, - { - "name" : "infosphere-cve20133000-sql-injection(84116)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/84116" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. IBM X-Force ID: 84116." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "infosphere-cve20133000-sql-injection(84116)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84116" + }, + { + "name": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-infosphere-data-replication-dashboard-cve-2013-2999-cve-2013-3001-cve-2013-3000/", + "refsource": "CONFIRM", + "url": "https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-infosphere-data-replication-dashboard-cve-2013-2999-cve-2013-3001-cve-2013-3000/" + } + ] + } +} \ No newline at end of file diff --git a/2013/3xxx/CVE-2013-3403.json b/2013/3xxx/CVE-2013-3403.json index bd301c610e1..822b87d384c 100644 --- a/2013/3xxx/CVE-2013-3403.json +++ b/2013/3xxx/CVE-2013-3403.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-3403", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple untrusted search path vulnerabilities in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allow local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCuh73454." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2013-3403", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20130717 Multiple Vulnerabilities in Cisco Unified Communications Manager", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-cucm" - }, - { - "name" : "54249", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/54249" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple untrusted search path vulnerabilities in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allow local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCuh73454." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "54249", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/54249" + }, + { + "name": "20130717 Multiple Vulnerabilities in Cisco Unified Communications Manager", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-cucm" + } + ] + } +} \ No newline at end of file diff --git a/2013/3xxx/CVE-2013-3594.json b/2013/3xxx/CVE-2013-3594.json index 822df18a290..992e1f91951 100644 --- a/2013/3xxx/CVE-2013-3594.json +++ b/2013/3xxx/CVE-2013-3594.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-3594", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SSH service on Dell PowerConnect 3348 1.2.1.3, 3524p 2.0.0.48, and 5324 2.0.1.4 switches allows remote attackers to cause a denial of service (device reset) or possibly execute arbitrary code by sending many packets to TCP port 22." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2013-3594", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#122582", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/122582" - }, - { - "name" : "powerconnect-cve20133594-dos(90595)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90595" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SSH service on Dell PowerConnect 3348 1.2.1.3, 3524p 2.0.0.48, and 5324 2.0.1.4 switches allows remote attackers to cause a denial of service (device reset) or possibly execute arbitrary code by sending many packets to TCP port 22." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#122582", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/122582" + }, + { + "name": "powerconnect-cve20133594-dos(90595)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90595" + } + ] + } +} \ No newline at end of file diff --git a/2013/4xxx/CVE-2013-4178.json b/2013/4xxx/CVE-2013-4178.json index 7fb923b880c..11a39fecc9c 100644 --- a/2013/4xxx/CVE-2013-4178.json +++ b/2013/4xxx/CVE-2013-4178.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-4178", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Google Authenticator login module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to obtain access by replaying the username, password, and one-time password (OTP)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2013-4178", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://drupal.org/node/1995706", - "refsource" : "MISC", - "url" : "https://drupal.org/node/1995706" - }, - { - "name" : "https://drupal.org/node/1995482", - "refsource" : "CONFIRM", - "url" : "https://drupal.org/node/1995482" - }, - { - "name" : "https://drupal.org/node/1995634", - "refsource" : "CONFIRM", - "url" : "https://drupal.org/node/1995634" - }, - { - "name" : "59884", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/59884" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Google Authenticator login module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to obtain access by replaying the username, password, and one-time password (OTP)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://drupal.org/node/1995634", + "refsource": "CONFIRM", + "url": "https://drupal.org/node/1995634" + }, + { + "name": "59884", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/59884" + }, + { + "name": "https://drupal.org/node/1995706", + "refsource": "MISC", + "url": "https://drupal.org/node/1995706" + }, + { + "name": "https://drupal.org/node/1995482", + "refsource": "CONFIRM", + "url": "https://drupal.org/node/1995482" + } + ] + } +} \ No newline at end of file diff --git a/2013/4xxx/CVE-2013-4515.json b/2013/4xxx/CVE-2013-4515.json index ebc5ae9be3e..4e8c2b9639e 100644 --- a/2013/4xxx/CVE-2013-4515.json +++ b/2013/4xxx/CVE-2013-4515.json @@ -1,142 +1,142 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-4515", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The bcm_char_ioctl function in drivers/staging/bcm/Bcmchar.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an IOCTL_BCM_GET_DEVICE_DRIVER_INFO ioctl call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2013-4515", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20131104 Re: some unstracked linux kernel security fixes", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2013/11/04/22" - }, - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8d1e72250c847fa96498ec029891de4dc638a5ba", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8d1e72250c847fa96498ec029891de4dc638a5ba" - }, - { - "name" : "https://github.com/torvalds/linux/commit/8d1e72250c847fa96498ec029891de4dc638a5ba", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/8d1e72250c847fa96498ec029891de4dc638a5ba" - }, - { - "name" : "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2", - "refsource" : "CONFIRM", - "url" : "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2" - }, - { - "name" : "openSUSE-SU-2014:0247", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-02/msg00045.html" - }, - { - "name" : "openSUSE-SU-2014:0204", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html" - }, - { - "name" : "USN-2066-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2066-1" - }, - { - "name" : "USN-2067-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2067-1" - }, - { - "name" : "USN-2068-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2068-1" - }, - { - "name" : "USN-2069-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2069-1" - }, - { - "name" : "USN-2070-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2070-1" - }, - { - "name" : "USN-2071-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2071-1" - }, - { - "name" : "USN-2072-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2072-1" - }, - { - "name" : "USN-2073-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2073-1" - }, - { - "name" : "USN-2074-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2074-1" - }, - { - "name" : "USN-2075-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2075-1" - }, - { - "name" : "USN-2076-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2076-1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The bcm_char_ioctl function in drivers/staging/bcm/Bcmchar.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an IOCTL_BCM_GET_DEVICE_DRIVER_INFO ioctl call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2014:0247", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00045.html" + }, + { + "name": "USN-2073-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2073-1" + }, + { + "name": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2", + "refsource": "CONFIRM", + "url": "https://www.kernel.org/pub/linux/kernel/v3.x/patch-3.12.bz2" + }, + { + "name": "USN-2076-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2076-1" + }, + { + "name": "USN-2069-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2069-1" + }, + { + "name": "USN-2070-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2070-1" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8d1e72250c847fa96498ec029891de4dc638a5ba", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8d1e72250c847fa96498ec029891de4dc638a5ba" + }, + { + "name": "USN-2066-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2066-1" + }, + { + "name": "USN-2071-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2071-1" + }, + { + "name": "[oss-security] 20131104 Re: some unstracked linux kernel security fixes", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2013/11/04/22" + }, + { + "name": "USN-2074-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2074-1" + }, + { + "name": "https://github.com/torvalds/linux/commit/8d1e72250c847fa96498ec029891de4dc638a5ba", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/8d1e72250c847fa96498ec029891de4dc638a5ba" + }, + { + "name": "USN-2068-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2068-1" + }, + { + "name": "openSUSE-SU-2014:0204", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html" + }, + { + "name": "USN-2072-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2072-1" + }, + { + "name": "USN-2075-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2075-1" + }, + { + "name": "USN-2067-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2067-1" + } + ] + } +} \ No newline at end of file diff --git a/2013/6xxx/CVE-2013-6097.json b/2013/6xxx/CVE-2013-6097.json index 9913ed580ae..b6bb60fb75b 100644 --- a/2013/6xxx/CVE-2013-6097.json +++ b/2013/6xxx/CVE-2013-6097.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-6097", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2013-6097", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2013/7xxx/CVE-2013-7071.json b/2013/7xxx/CVE-2013-7071.json index c7e0e7a8ed7..85264a5132d 100644 --- a/2013/7xxx/CVE-2013-7071.json +++ b/2013/7xxx/CVE-2013-7071.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-7071", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-7071", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/7xxx/CVE-2013-7427.json b/2013/7xxx/CVE-2013-7427.json index d491bab3a3e..404a732126c 100644 --- a/2013/7xxx/CVE-2013-7427.json +++ b/2013/7xxx/CVE-2013-7427.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-7427", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-7427", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/10xxx/CVE-2017-10485.json b/2017/10xxx/CVE-2017-10485.json index 08f3f5d0551..db299c4629e 100644 --- a/2017/10xxx/CVE-2017-10485.json +++ b/2017/10xxx/CVE-2017-10485.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-10485", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-10485", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/10xxx/CVE-2017-10960.json b/2017/10xxx/CVE-2017-10960.json index 36d8078c878..75dd477c562 100644 --- a/2017/10xxx/CVE-2017-10960.json +++ b/2017/10xxx/CVE-2017-10960.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-10960", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-10960", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/12xxx/CVE-2017-12032.json b/2017/12xxx/CVE-2017-12032.json index 96382a01900..b192fc4d1ba 100644 --- a/2017/12xxx/CVE-2017-12032.json +++ b/2017/12xxx/CVE-2017-12032.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-12032", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-12032", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/12xxx/CVE-2017-12286.json b/2017/12xxx/CVE-2017-12286.json index 722a6d36988..d8f5025e8d0 100644 --- a/2017/12xxx/CVE-2017-12286.json +++ b/2017/12xxx/CVE-2017-12286.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@cisco.com", - "ID" : "CVE-2017-12286", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cisco Jabber", - "version" : { - "version_data" : [ - { - "version_value" : "Cisco Jabber" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in the web interface of Cisco Jabber could allow an authenticated, local attacker to retrieve user profile information from the affected software, which could lead to the disclosure of confidential information. The vulnerability is due to a lack of input and validation checks in the affected software. An attacker could exploit this vulnerability by authenticating locally to an affected system and then issuing specific commands to the affected software. A successful exploit could allow the attacker to view all profile information for a user instead of only certain Jabber parameters that should be visible. This vulnerability affects all releases of Cisco Jabber prior to Release 1.9.31. Cisco Bug IDs: CSCve52418." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-20" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2017-12286", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Jabber", + "version": { + "version_data": [ + { + "version_value": "Cisco Jabber" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-jab1", - "refsource" : "CONFIRM", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-jab1" - }, - { - "name" : "101515", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101515" - }, - { - "name" : "1039625", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039625" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in the web interface of Cisco Jabber could allow an authenticated, local attacker to retrieve user profile information from the affected software, which could lead to the disclosure of confidential information. The vulnerability is due to a lack of input and validation checks in the affected software. An attacker could exploit this vulnerability by authenticating locally to an affected system and then issuing specific commands to the affected software. A successful exploit could allow the attacker to view all profile information for a user instead of only certain Jabber parameters that should be visible. This vulnerability affects all releases of Cisco Jabber prior to Release 1.9.31. Cisco Bug IDs: CSCve52418." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1039625", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039625" + }, + { + "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-jab1", + "refsource": "CONFIRM", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-jab1" + }, + { + "name": "101515", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101515" + } + ] + } +} \ No newline at end of file diff --git a/2017/13xxx/CVE-2017-13223.json b/2017/13xxx/CVE-2017-13223.json index 969c09d1c2c..6de5dd6cf3c 100644 --- a/2017/13xxx/CVE-2017-13223.json +++ b/2017/13xxx/CVE-2017-13223.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-13223", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-13223", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/13xxx/CVE-2017-13488.json b/2017/13xxx/CVE-2017-13488.json index 7eb53a31dba..d1353eb6c0a 100644 --- a/2017/13xxx/CVE-2017-13488.json +++ b/2017/13xxx/CVE-2017-13488.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-13488", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-13488", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/13xxx/CVE-2017-13500.json b/2017/13xxx/CVE-2017-13500.json index 2abf94d09fe..3036c762ebd 100644 --- a/2017/13xxx/CVE-2017-13500.json +++ b/2017/13xxx/CVE-2017-13500.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-13500", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-13500", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/13xxx/CVE-2017-13750.json b/2017/13xxx/CVE-2017-13750.json index 39422f99052..420a5a2b047 100644 --- a/2017/13xxx/CVE-2017-13750.json +++ b/2017/13xxx/CVE-2017-13750.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-13750", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to a remote denial of service attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-13750", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1485280", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1485280" - }, - { - "name" : "100514", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100514" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to a remote denial of service attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1485280", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1485280" + }, + { + "name": "100514", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100514" + } + ] + } +} \ No newline at end of file diff --git a/2017/13xxx/CVE-2017-13932.json b/2017/13xxx/CVE-2017-13932.json index 870cf5ad0b2..7fe9ef290b5 100644 --- a/2017/13xxx/CVE-2017-13932.json +++ b/2017/13xxx/CVE-2017-13932.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-13932", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-13932", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/17xxx/CVE-2017-17022.json b/2017/17xxx/CVE-2017-17022.json index 68d2636c74f..bc413fd743a 100644 --- a/2017/17xxx/CVE-2017-17022.json +++ b/2017/17xxx/CVE-2017-17022.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-17022", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-17022", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/17xxx/CVE-2017-17390.json b/2017/17xxx/CVE-2017-17390.json index f928b929a36..64b185ad2f3 100644 --- a/2017/17xxx/CVE-2017-17390.json +++ b/2017/17xxx/CVE-2017-17390.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-17390", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-17390", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/17xxx/CVE-2017-17615.json b/2017/17xxx/CVE-2017-17615.json index ef118a38701..c34ae2965e3 100644 --- a/2017/17xxx/CVE-2017-17615.json +++ b/2017/17xxx/CVE-2017-17615.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-17615", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-17615", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "43280", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/43280/" - }, - { - "name" : "https://packetstormsecurity.com/files/145320/Facebook-Clone-Script-1.0-SQL-Injection.html", - "refsource" : "MISC", - "url" : "https://packetstormsecurity.com/files/145320/Facebook-Clone-Script-1.0-SQL-Injection.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "43280", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/43280/" + }, + { + "name": "https://packetstormsecurity.com/files/145320/Facebook-Clone-Script-1.0-SQL-Injection.html", + "refsource": "MISC", + "url": "https://packetstormsecurity.com/files/145320/Facebook-Clone-Script-1.0-SQL-Injection.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/17xxx/CVE-2017-17622.json b/2017/17xxx/CVE-2017-17622.json index d66d9b92504..f1f67b51fc5 100644 --- a/2017/17xxx/CVE-2017-17622.json +++ b/2017/17xxx/CVE-2017-17622.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-17622", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Online Exam Test Application Script 1.6 has SQL Injection via the exams.php sort parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-17622", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "43291", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/43291/" - }, - { - "name" : "https://packetstormsecurity.com/files/145329/Online-Exam-Test-Application-Script-1.6-SQL-Injection.html", - "refsource" : "MISC", - "url" : "https://packetstormsecurity.com/files/145329/Online-Exam-Test-Application-Script-1.6-SQL-Injection.html" - }, - { - "name" : "https://packetstormsecurity.com/files/145334/Online-Exam-Test-Application-Script-1.6-SQL-Injection.html", - "refsource" : "MISC", - "url" : "https://packetstormsecurity.com/files/145334/Online-Exam-Test-Application-Script-1.6-SQL-Injection.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Online Exam Test Application Script 1.6 has SQL Injection via the exams.php sort parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://packetstormsecurity.com/files/145329/Online-Exam-Test-Application-Script-1.6-SQL-Injection.html", + "refsource": "MISC", + "url": "https://packetstormsecurity.com/files/145329/Online-Exam-Test-Application-Script-1.6-SQL-Injection.html" + }, + { + "name": "https://packetstormsecurity.com/files/145334/Online-Exam-Test-Application-Script-1.6-SQL-Injection.html", + "refsource": "MISC", + "url": "https://packetstormsecurity.com/files/145334/Online-Exam-Test-Application-Script-1.6-SQL-Injection.html" + }, + { + "name": "43291", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/43291/" + } + ] + } +} \ No newline at end of file diff --git a/2017/17xxx/CVE-2017-17958.json b/2017/17xxx/CVE-2017-17958.json index 5aeada06bd5..6a1ed259014 100644 --- a/2017/17xxx/CVE-2017-17958.json +++ b/2017/17xxx/CVE-2017-17958.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-17958", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the my_wishlist.php fid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-17958", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md", - "refsource" : "MISC", - "url" : "https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the my_wishlist.php fid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md", + "refsource": "MISC", + "url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/PHP%20Multivendor%20Ecommerce.md" + } + ] + } +} \ No newline at end of file diff --git a/2018/18xxx/CVE-2018-18011.json b/2018/18xxx/CVE-2018-18011.json index 4d987a03e72..f15a85b2ada 100644 --- a/2018/18xxx/CVE-2018-18011.json +++ b/2018/18xxx/CVE-2018-18011.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-18011", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-18011", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/18xxx/CVE-2018-18059.json b/2018/18xxx/CVE-2018-18059.json index a1142f16c91..c61de1e6012 100644 --- a/2018/18xxx/CVE-2018-18059.json +++ b/2018/18xxx/CVE-2018-18059.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-18059", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-18059", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/18xxx/CVE-2018-18136.json b/2018/18xxx/CVE-2018-18136.json index 6de86283380..b8d63136f32 100644 --- a/2018/18xxx/CVE-2018-18136.json +++ b/2018/18xxx/CVE-2018-18136.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-18136", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-18136", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/18xxx/CVE-2018-18303.json b/2018/18xxx/CVE-2018-18303.json index 28e47d5bf05..6c98789cba9 100644 --- a/2018/18xxx/CVE-2018-18303.json +++ b/2018/18xxx/CVE-2018-18303.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-18303", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-18303", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/19xxx/CVE-2018-19655.json b/2018/19xxx/CVE-2018-19655.json index 4cb9ce09b9a..643c7e438b0 100644 --- a/2018/19xxx/CVE-2018-19655.json +++ b/2018/19xxx/CVE-2018-19655.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-19655", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-19655", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890086", - "refsource" : "MISC", - "url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890086" - }, - { - "name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906529", - "refsource" : "MISC", - "url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906529" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906529", + "refsource": "MISC", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906529" + }, + { + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890086", + "refsource": "MISC", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890086" + } + ] + } +} \ No newline at end of file diff --git a/2018/19xxx/CVE-2018-19677.json b/2018/19xxx/CVE-2018-19677.json index cc7043895b4..7ab5dfa76ac 100644 --- a/2018/19xxx/CVE-2018-19677.json +++ b/2018/19xxx/CVE-2018-19677.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-19677", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-19677", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/19xxx/CVE-2018-19768.json b/2018/19xxx/CVE-2018-19768.json index b27e4edd178..2f2ae7ffe9c 100644 --- a/2018/19xxx/CVE-2018-19768.json +++ b/2018/19xxx/CVE-2018-19768.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-19768", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page \"SubPagePackages.jsp\" has reflected XSS via the ConnPoolName and GroupId parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-19768", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20181207 [CVE-2018-19649, CVE-2018-19765 to CVE-2018-19775, CVE-2018-19809 to CVE-2018-19822] - Multiple Cross Site Scripting in VistaPortal SE Version 5.1 (build 51029)", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2018/Dec/20" - }, - { - "name" : "http://packetstormsecurity.com/files/150690/VistaPortal-SE-5.1-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/150690/VistaPortal-SE-5.1-Cross-Site-Scripting.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page \"SubPagePackages.jsp\" has reflected XSS via the ConnPoolName and GroupId parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/150690/VistaPortal-SE-5.1-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/150690/VistaPortal-SE-5.1-Cross-Site-Scripting.html" + }, + { + "name": "20181207 [CVE-2018-19649, CVE-2018-19765 to CVE-2018-19775, CVE-2018-19809 to CVE-2018-19822] - Multiple Cross Site Scripting in VistaPortal SE Version 5.1 (build 51029)", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2018/Dec/20" + } + ] + } +} \ No newline at end of file diff --git a/2018/19xxx/CVE-2018-19794.json b/2018/19xxx/CVE-2018-19794.json index 42e8bc14ee7..2fe0f217438 100644 --- a/2018/19xxx/CVE-2018-19794.json +++ b/2018/19xxx/CVE-2018-19794.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-19794", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in UiV2Public.index in Internet2 Grouper 2.2 and 2.3 allows remote attackers to inject arbitrary web script or HTML via the code parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-19794", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.internet2.edu/jira/browse/GRP-1838", - "refsource" : "MISC", - "url" : "https://bugs.internet2.edu/jira/browse/GRP-1838" - }, - { - "name" : "https://lists.internet2.edu/sympa/arc/grouper-dev/2018-07/msg00005.html", - "refsource" : "MISC", - "url" : "https://lists.internet2.edu/sympa/arc/grouper-dev/2018-07/msg00005.html" - }, - { - "name" : "https://spaces.at.internet2.edu/display/Grouper/v2.4+issues", - "refsource" : "MISC", - "url" : "https://spaces.at.internet2.edu/display/Grouper/v2.4+issues" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in UiV2Public.index in Internet2 Grouper 2.2 and 2.3 allows remote attackers to inject arbitrary web script or HTML via the code parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.internet2.edu/jira/browse/GRP-1838", + "refsource": "MISC", + "url": "https://bugs.internet2.edu/jira/browse/GRP-1838" + }, + { + "name": "https://spaces.at.internet2.edu/display/Grouper/v2.4+issues", + "refsource": "MISC", + "url": "https://spaces.at.internet2.edu/display/Grouper/v2.4+issues" + }, + { + "name": "https://lists.internet2.edu/sympa/arc/grouper-dev/2018-07/msg00005.html", + "refsource": "MISC", + "url": "https://lists.internet2.edu/sympa/arc/grouper-dev/2018-07/msg00005.html" + } + ] + } +} \ No newline at end of file diff --git a/2018/19xxx/CVE-2018-19926.json b/2018/19xxx/CVE-2018-19926.json index 8523275516d..315df6f540c 100644 --- a/2018/19xxx/CVE-2018-19926.json +++ b/2018/19xxx/CVE-2018-19926.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-19926", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Zenitel Norway IP-StationWeb before 4.2.3.9 allows reflected XSS via the goform/ PATH_INFO." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-19926", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://misteralfa-hack.blogspot.com/2018/12/zenitel-ip-stationweb-cross-site-script.html", - "refsource" : "MISC", - "url" : "https://misteralfa-hack.blogspot.com/2018/12/zenitel-ip-stationweb-cross-site-script.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Zenitel Norway IP-StationWeb before 4.2.3.9 allows reflected XSS via the goform/ PATH_INFO." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://misteralfa-hack.blogspot.com/2018/12/zenitel-ip-stationweb-cross-site-script.html", + "refsource": "MISC", + "url": "https://misteralfa-hack.blogspot.com/2018/12/zenitel-ip-stationweb-cross-site-script.html" + } + ] + } +} \ No newline at end of file diff --git a/2018/19xxx/CVE-2018-19979.json b/2018/19xxx/CVE-2018-19979.json index a7e322a6043..86beecef94a 100644 --- a/2018/19xxx/CVE-2018-19979.json +++ b/2018/19xxx/CVE-2018-19979.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-19979", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-19979", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/1xxx/CVE-2018-1175.json b/2018/1xxx/CVE-2018-1175.json index d011b93a534..57de8833a8f 100644 --- a/2018/1xxx/CVE-2018-1175.json +++ b/2018/1xxx/CVE-2018-1175.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "zdi-disclosures@trendmicro.com", - "ID" : "CVE-2018-1175", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Foxit Reader", - "version" : { - "version_data" : [ - { - "version_value" : "9.0.0.29935" - } - ] - } - } - ] - }, - "vendor_name" : "Foxit" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the interactive attribute of PrintParams objects. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-5438." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-665-Improper Initialization" - } + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2018-1175", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Foxit Reader", + "version": { + "version_data": [ + { + "version_value": "9.0.0.29935" + } + ] + } + } + ] + }, + "vendor_name": "Foxit" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://zerodayinitiative.com/advisories/ZDI-18-313", - "refsource" : "MISC", - "url" : "https://zerodayinitiative.com/advisories/ZDI-18-313" - }, - { - "name" : "https://www.foxitsoftware.com/support/security-bulletins.php", - "refsource" : "CONFIRM", - "url" : "https://www.foxitsoftware.com/support/security-bulletins.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the interactive attribute of PrintParams objects. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-5438." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-665-Improper Initialization" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://zerodayinitiative.com/advisories/ZDI-18-313", + "refsource": "MISC", + "url": "https://zerodayinitiative.com/advisories/ZDI-18-313" + }, + { + "name": "https://www.foxitsoftware.com/support/security-bulletins.php", + "refsource": "CONFIRM", + "url": "https://www.foxitsoftware.com/support/security-bulletins.php" + } + ] + } +} \ No newline at end of file diff --git a/2018/1xxx/CVE-2018-1387.json b/2018/1xxx/CVE-2018-1387.json index f9112b16989..5dbf7a23394 100644 --- a/2018/1xxx/CVE-2018-1387.json +++ b/2018/1xxx/CVE-2018-1387.json @@ -1,91 +1,91 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2018-03-02T00:00:00", - "ID" : "CVE-2018-1387", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Monitoring", - "version" : { - "version_data" : [ - { - "version_value" : "8.1.3" - }, - { - "version_value" : "8.1.4" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Application Performance Management for Monitoring & Diagnostics (IBM Monitoring 8.1.3 and 8.1.4) may release sensitive personal data to the staff who can access to the database of this product. IBM X-Force ID: 138210." - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "A" : "N", - "AC" : "L", - "AV" : "N", - "C" : "L", - "I" : "N", - "PR" : "N", - "S" : "U", - "SCORE" : "5.300", - "UI" : "N" - } - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2018-03-02T00:00:00", + "ID": "CVE-2018-1387", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Monitoring", + "version": { + "version_data": [ + { + "version_value": "8.1.3" + }, + { + "version_value": "8.1.4" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22014035", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22014035" - }, - { - "name" : "103403", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103403" - }, - { - "name" : "ibm-apm-cve20181387-info-disc(138210)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/138210" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Application Performance Management for Monitoring & Diagnostics (IBM Monitoring 8.1.3 and 8.1.4) may release sensitive personal data to the staff who can access to the database of this product. IBM X-Force ID: 138210." + } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "A": "N", + "AC": "L", + "AV": "N", + "C": "L", + "I": "N", + "PR": "N", + "S": "U", + "SCORE": "5.300", + "UI": "N" + } + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22014035", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22014035" + }, + { + "name": "ibm-apm-cve20181387-info-disc(138210)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/138210" + }, + { + "name": "103403", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103403" + } + ] + } +} \ No newline at end of file diff --git a/2018/1xxx/CVE-2018-1409.json b/2018/1xxx/CVE-2018-1409.json index 2dda099ee44..e1e11bf6cd1 100644 --- a/2018/1xxx/CVE-2018-1409.json +++ b/2018/1xxx/CVE-2018-1409.json @@ -1,101 +1,101 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2018-02-13T00:00:00", - "ID" : "CVE-2018-1409", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Client Application Access", - "version" : { - "version_data" : [ - { - "version_value" : "1.0.0.1" - }, - { - "version_value" : "1.0.1" - }, - { - "version_value" : "1.0.1.2" - } - ] - } - }, - { - "product_name" : "Notes", - "version" : { - "version_data" : [ - { - "version_value" : "8.5.3.6" - }, - { - "version_value" : "8.5.1.5" - }, - { - "version_value" : "8.5.2.4" - }, - { - "version_value" : "9.0" - }, - { - "version_value" : "9.0.1.9" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138708." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Gain Privileges" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2018-02-13T00:00:00", + "ID": "CVE-2018-1409", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Client Application Access", + "version": { + "version_data": [ + { + "version_value": "1.0.0.1" + }, + { + "version_value": "1.0.1" + }, + { + "version_value": "1.0.1.2" + } + ] + } + }, + { + "product_name": "Notes", + "version": { + "version_data": [ + { + "version_value": "8.5.3.6" + }, + { + "version_value": "8.5.1.5" + }, + { + "version_value": "8.5.2.4" + }, + { + "version_value": "9.0" + }, + { + "version_value": "9.0.1.9" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/138708", - "refsource" : "MISC", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/138708" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22010766", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22010766" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22010767", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22010767" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138708." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Gain Privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22010766", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22010766" + }, + { + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/138708", + "refsource": "MISC", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/138708" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22010767", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22010767" + } + ] + } +} \ No newline at end of file diff --git a/2018/1xxx/CVE-2018-1635.json b/2018/1xxx/CVE-2018-1635.json index 3c1bfb954f2..1d4e1d91c86 100644 --- a/2018/1xxx/CVE-2018-1635.json +++ b/2018/1xxx/CVE-2018-1635.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-1635", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-1635", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/5xxx/CVE-2018-5027.json b/2018/5xxx/CVE-2018-5027.json index 953c3ad56d4..32ab59f1b70 100644 --- a/2018/5xxx/CVE-2018-5027.json +++ b/2018/5xxx/CVE-2018-5027.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@adobe.com", - "ID" : "CVE-2018-5027", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions", - "version" : { - "version_data" : [ - { - "version_value" : "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Out-of-bounds read" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2018-5027", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions", + "version": { + "version_data": [ + { + "version_value": "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb18-21.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb18-21.html" - }, - { - "name" : "104699", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104699" - }, - { - "name" : "1041250", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041250" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds read" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb18-21.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb18-21.html" + }, + { + "name": "104699", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104699" + }, + { + "name": "1041250", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041250" + } + ] + } +} \ No newline at end of file diff --git a/2018/5xxx/CVE-2018-5689.json b/2018/5xxx/CVE-2018-5689.json index 82d031fc07b..f1333798259 100644 --- a/2018/5xxx/CVE-2018-5689.json +++ b/2018/5xxx/CVE-2018-5689.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-5689", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in admin/auth.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the malicious user's email." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-5689", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://dev.dotclear.org/2.0/changeset/3b0b868d58b00a1b216e0dc13c461bb3550ed3da", - "refsource" : "CONFIRM", - "url" : "http://dev.dotclear.org/2.0/changeset/3b0b868d58b00a1b216e0dc13c461bb3550ed3da" - }, - { - "name" : "https://hg.dotclear.org/dotclear/rev/3b0b868d58b0", - "refsource" : "CONFIRM", - "url" : "https://hg.dotclear.org/dotclear/rev/3b0b868d58b0" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in admin/auth.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the malicious user's email." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://hg.dotclear.org/dotclear/rev/3b0b868d58b0", + "refsource": "CONFIRM", + "url": "https://hg.dotclear.org/dotclear/rev/3b0b868d58b0" + }, + { + "name": "http://dev.dotclear.org/2.0/changeset/3b0b868d58b00a1b216e0dc13c461bb3550ed3da", + "refsource": "CONFIRM", + "url": "http://dev.dotclear.org/2.0/changeset/3b0b868d58b00a1b216e0dc13c461bb3550ed3da" + } + ] + } +} \ No newline at end of file