From 4d7f1f4e7bd34e0e0b70001ffb0f709b1842fe99 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 01:12:41 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2001/1xxx/CVE-2001-1412.json | 170 ++++++------ 2001/1xxx/CVE-2001-1492.json | 34 +-- 2001/1xxx/CVE-2001-1525.json | 140 +++++----- 2001/1xxx/CVE-2001-1547.json | 140 +++++----- 2006/2xxx/CVE-2006-2117.json | 190 ++++++------- 2006/2xxx/CVE-2006-2555.json | 200 +++++++------- 2006/6xxx/CVE-2006-6366.json | 150 +++++------ 2006/6xxx/CVE-2006-6861.json | 130 ++++----- 2006/6xxx/CVE-2006-6863.json | 170 ++++++------ 2006/6xxx/CVE-2006-6890.json | 130 ++++----- 2006/6xxx/CVE-2006-6913.json | 150 +++++------ 2006/7xxx/CVE-2006-7029.json | 170 ++++++------ 2011/0xxx/CVE-2011-0297.json | 34 +-- 2011/0xxx/CVE-2011-0355.json | 230 ++++++++-------- 2011/0xxx/CVE-2011-0707.json | 410 ++++++++++++++--------------- 2011/0xxx/CVE-2011-0718.json | 180 ++++++------- 2011/0xxx/CVE-2011-0916.json | 140 +++++----- 2011/1xxx/CVE-2011-1488.json | 34 +-- 2011/3xxx/CVE-2011-3022.json | 170 ++++++------ 2011/3xxx/CVE-2011-3280.json | 130 ++++----- 2011/3xxx/CVE-2011-3698.json | 140 +++++----- 2011/3xxx/CVE-2011-3912.json | 140 +++++----- 2011/4xxx/CVE-2011-4215.json | 140 +++++----- 2011/4xxx/CVE-2011-4356.json | 150 +++++------ 2011/4xxx/CVE-2011-4652.json | 34 +-- 2011/4xxx/CVE-2011-4980.json | 34 +-- 2013/1xxx/CVE-2013-1186.json | 120 ++++----- 2013/5xxx/CVE-2013-5740.json | 130 ++++----- 2013/5xxx/CVE-2013-5768.json | 120 ++++----- 2014/2xxx/CVE-2014-2451.json | 120 ++++----- 2014/2xxx/CVE-2014-2600.json | 130 ++++----- 2014/2xxx/CVE-2014-2793.json | 34 +-- 2014/6xxx/CVE-2014-6533.json | 150 +++++------ 2014/6xxx/CVE-2014-6651.json | 140 +++++----- 2014/6xxx/CVE-2014-6869.json | 140 +++++----- 2014/7xxx/CVE-2014-7314.json | 140 +++++----- 2017/0xxx/CVE-2017-0065.json | 140 +++++----- 2017/0xxx/CVE-2017-0672.json | 122 ++++----- 2017/0xxx/CVE-2017-0746.json | 132 +++++----- 2017/1000xxx/CVE-2017-1000028.json | 144 +++++----- 2017/1000xxx/CVE-2017-1000235.json | 124 ++++----- 2017/18xxx/CVE-2017-18121.json | 140 +++++----- 2017/18xxx/CVE-2017-18359.json | 150 +++++------ 2017/1xxx/CVE-2017-1059.json | 34 +-- 2017/1xxx/CVE-2017-1066.json | 34 +-- 2017/1xxx/CVE-2017-1767.json | 188 ++++++------- 2017/1xxx/CVE-2017-1853.json | 34 +-- 2017/1xxx/CVE-2017-1981.json | 34 +-- 2017/4xxx/CVE-2017-4547.json | 34 +-- 2017/4xxx/CVE-2017-4656.json | 34 +-- 2017/4xxx/CVE-2017-4657.json | 34 +-- 2017/4xxx/CVE-2017-4759.json | 34 +-- 2017/4xxx/CVE-2017-4824.json | 34 +-- 2017/5xxx/CVE-2017-5941.json | 140 +++++----- 54 files changed, 3275 insertions(+), 3275 deletions(-) diff --git a/2001/1xxx/CVE-2001-1412.json b/2001/1xxx/CVE-2001-1412.json index 129caea8a1f..6222bb50c22 100644 --- a/2001/1xxx/CVE-2001-1412.json +++ b/2001/1xxx/CVE-2001-1412.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-1412", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-1412", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.securemac.com/macosxnidump.php", - "refsource" : "MISC", - "url" : "http://www.securemac.com/macosxnidump.php" - }, - { - "name" : "http://www.securiteam.com/securityreviews/5QP032A4UU.html", - "refsource" : "MISC", - "url" : "http://www.securiteam.com/securityreviews/5QP032A4UU.html" - }, - { - "name" : "20010903 Re: Possible Issue with Netinfo and Mac OS X", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=99953038722104&w=2" - }, - { - "name" : "20020915 nidump on OS X", - "refsource" : "BUGTRAQ", - "url" : "http://lists.insecure.org/lists/bugtraq/2002/Sep/0128.html" - }, - { - "name" : "http://lists.apple.com/mhonarc/security-announce/msg00038.html", - "refsource" : "CONFIRM", - "url" : "http://lists.apple.com/mhonarc/security-announce/msg00038.html" - }, - { - "name" : "1001946", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1001946" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://lists.apple.com/mhonarc/security-announce/msg00038.html", + "refsource": "CONFIRM", + "url": "http://lists.apple.com/mhonarc/security-announce/msg00038.html" + }, + { + "name": "1001946", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1001946" + }, + { + "name": "http://www.securiteam.com/securityreviews/5QP032A4UU.html", + "refsource": "MISC", + "url": "http://www.securiteam.com/securityreviews/5QP032A4UU.html" + }, + { + "name": "http://www.securemac.com/macosxnidump.php", + "refsource": "MISC", + "url": "http://www.securemac.com/macosxnidump.php" + }, + { + "name": "20020915 nidump on OS X", + "refsource": "BUGTRAQ", + "url": "http://lists.insecure.org/lists/bugtraq/2002/Sep/0128.html" + }, + { + "name": "20010903 Re: Possible Issue with Netinfo and Mac OS X", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=99953038722104&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2001/1xxx/CVE-2001-1492.json b/2001/1xxx/CVE-2001-1492.json index a0b081b6281..047a48c013d 100644 --- a/2001/1xxx/CVE-2001-1492.json +++ b/2001/1xxx/CVE-2001-1492.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-1492", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2001-1460. Reason: This candidate is a refinement duplicate of CVE-2001-1460. Notes: All CVE users should reference CVE-2001-1460 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2001-1492", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2001-1460. Reason: This candidate is a refinement duplicate of CVE-2001-1460. Notes: All CVE users should reference CVE-2001-1460 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2001/1xxx/CVE-2001-1525.json b/2001/1xxx/CVE-2001-1525.json index d6842da3e83..d740c53cfbc 100644 --- a/2001/1xxx/CVE-2001-1525.json +++ b/2001/1xxx/CVE-2001-1525.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-1525", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the comments action in easyNews 1.5 and earlier allows remote attackers to modify news.dat, template.dat and possibly other files via a \"..\" in the cid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-1525", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20011201 easynews 1.5 let's remote users modify database", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2001-12/0000.html" - }, - { - "name" : "3643", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/3643" - }, - { - "name" : "easynews-php-modify-data(7657)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/7657.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the comments action in easyNews 1.5 and earlier allows remote attackers to modify news.dat, template.dat and possibly other files via a \"..\" in the cid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3643", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/3643" + }, + { + "name": "easynews-php-modify-data(7657)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/7657.php" + }, + { + "name": "20011201 easynews 1.5 let's remote users modify database", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2001-12/0000.html" + } + ] + } +} \ No newline at end of file diff --git a/2001/1xxx/CVE-2001-1547.json b/2001/1xxx/CVE-2001-1547.json index 19837b3aa6c..bb70e7de743 100644 --- a/2001/1xxx/CVE-2001-1547.json +++ b/2001/1xxx/CVE-2001-1547.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-1547", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Outlook Express 6.0, with \"Do not allow attachments to be saved or opened that could potentially be a virus\" enabled, does not block email attachments from forwarded messages, which could allow remote attackers to execute arbitrary code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-1547", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20011204 Microsoft's Outlook Express 6 \"E-mail attachment security\" Flawed", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/243869" - }, - { - "name" : "http://www.windows-help.net/microsoft/oe6-attach.html", - "refsource" : "MISC", - "url" : "http://www.windows-help.net/microsoft/oe6-attach.html" - }, - { - "name" : "oe-blocked-attachment-forward(7670)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/7670.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Outlook Express 6.0, with \"Do not allow attachments to be saved or opened that could potentially be a virus\" enabled, does not block email attachments from forwarded messages, which could allow remote attackers to execute arbitrary code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oe-blocked-attachment-forward(7670)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/7670.php" + }, + { + "name": "http://www.windows-help.net/microsoft/oe6-attach.html", + "refsource": "MISC", + "url": "http://www.windows-help.net/microsoft/oe6-attach.html" + }, + { + "name": "20011204 Microsoft's Outlook Express 6 \"E-mail attachment security\" Flawed", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/243869" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2117.json b/2006/2xxx/CVE-2006-2117.json index 9dbdb225ed9..de722e3dd52 100644 --- a/2006/2xxx/CVE-2006-2117.json +++ b/2006/2xxx/CVE-2006-2117.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2117", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Thyme 1.3 allows remote attackers to inject arbitrary web script or HTML via the search page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2117", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060429 Thyme 1.3 Cross Site Scripting", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/432588/100/0/threaded" - }, - { - "name" : "http://www.aria-security.net/portals/thyme", - "refsource" : "MISC", - "url" : "http://www.aria-security.net/portals/thyme" - }, - { - "name" : "20060908 Vendor ACK for CVE-2006-2117 (Thyme)", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2006-September/001019.html" - }, - { - "name" : "17746", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17746" - }, - { - "name" : "ADV-2006-1602", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1602" - }, - { - "name" : "19909", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19909" - }, - { - "name" : "822", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/822" - }, - { - "name" : "thyme-index-xss(26188)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26188" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Thyme 1.3 allows remote attackers to inject arbitrary web script or HTML via the search page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.aria-security.net/portals/thyme", + "refsource": "MISC", + "url": "http://www.aria-security.net/portals/thyme" + }, + { + "name": "ADV-2006-1602", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1602" + }, + { + "name": "822", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/822" + }, + { + "name": "19909", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19909" + }, + { + "name": "17746", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17746" + }, + { + "name": "20060429 Thyme 1.3 Cross Site Scripting", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/432588/100/0/threaded" + }, + { + "name": "20060908 Vendor ACK for CVE-2006-2117 (Thyme)", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2006-September/001019.html" + }, + { + "name": "thyme-index-xss(26188)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26188" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2555.json b/2006/2xxx/CVE-2006-2555.json index 8bd8aa8e41b..4351317d8ae 100644 --- a/2006/2xxx/CVE-2006-2555.json +++ b/2006/2xxx/CVE-2006-2555.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2555", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The parse_command function in Genecys 0.2 and earlier allows remote attackers to cause a denial of service (crash) via a command with a missing \":\" (colon) separator, which triggers a null dereference." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2555", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060512 Buffer-overflow and NULL pointer crash in Genecys 0.2", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/433929/30/5010/threaded" - }, - { - "name" : "20060512 Buffer-overflow and NULL pointer crash in Genecys 0.2", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046015.html" - }, - { - "name" : "http://aluigi.altervista.org/adv/genecysbof-adv.txt", - "refsource" : "MISC", - "url" : "http://aluigi.altervista.org/adv/genecysbof-adv.txt" - }, - { - "name" : "17969", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17969" - }, - { - "name" : "ADV-2006-1815", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1815" - }, - { - "name" : "25482", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/25482" - }, - { - "name" : "20099", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20099" - }, - { - "name" : "944", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/944" - }, - { - "name" : "genecys-netparserc-dos(26523)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26523" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The parse_command function in Genecys 0.2 and earlier allows remote attackers to cause a denial of service (crash) via a command with a missing \":\" (colon) separator, which triggers a null dereference." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25482", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/25482" + }, + { + "name": "20099", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20099" + }, + { + "name": "http://aluigi.altervista.org/adv/genecysbof-adv.txt", + "refsource": "MISC", + "url": "http://aluigi.altervista.org/adv/genecysbof-adv.txt" + }, + { + "name": "ADV-2006-1815", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1815" + }, + { + "name": "20060512 Buffer-overflow and NULL pointer crash in Genecys 0.2", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/433929/30/5010/threaded" + }, + { + "name": "944", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/944" + }, + { + "name": "17969", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17969" + }, + { + "name": "genecys-netparserc-dos(26523)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26523" + }, + { + "name": "20060512 Buffer-overflow and NULL pointer crash in Genecys 0.2", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046015.html" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6366.json b/2006/6xxx/CVE-2006-6366.json index 0ffee9f1c60..e9feccf5bcb 100644 --- a/2006/6xxx/CVE-2006-6366.json +++ b/2006/6xxx/CVE-2006-6366.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6366", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in includes/elements/spellcheck/spellwin.php in Cerberus Helpdesk 0.97.3, 2.0 through 2.7, 3.2.1, and 3.3 allows remote attackers to inject arbitrary web script or HTML via the js parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6366", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "21423", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21423" - }, - { - "name" : "ADV-2006-4875", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4875" - }, - { - "name" : "23193", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23193" - }, - { - "name" : "cerberus-spellwin-xss(30719)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30719" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in includes/elements/spellcheck/spellwin.php in Cerberus Helpdesk 0.97.3, 2.0 through 2.7, 3.2.1, and 3.3 allows remote attackers to inject arbitrary web script or HTML via the js parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-4875", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4875" + }, + { + "name": "cerberus-spellwin-xss(30719)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30719" + }, + { + "name": "21423", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21423" + }, + { + "name": "23193", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23193" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6861.json b/2006/6xxx/CVE-2006-6861.json index bb62d100046..7b91690e173 100644 --- a/2006/6xxx/CVE-2006-6861.json +++ b/2006/6xxx/CVE-2006-6861.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6861", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in Outfront Spooky Login 2.7 allow remote attackers to execute arbitrary SQL commands via (1) the UserUpdate parameter to login/register.asp or (2) unspecified parameters to includes/a_register.asp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6861", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061229 Spooky Login Multiple HTML Injection Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/455603/100/0/threaded" - }, - { - "name" : "21822", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21822" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in Outfront Spooky Login 2.7 allow remote attackers to execute arbitrary SQL commands via (1) the UserUpdate parameter to login/register.asp or (2) unspecified parameters to includes/a_register.asp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21822", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21822" + }, + { + "name": "20061229 Spooky Login Multiple HTML Injection Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/455603/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6863.json b/2006/6xxx/CVE-2006-6863.json index 0a7cc069b32..227c8d0ac6f 100644 --- a/2006/6xxx/CVE-2006-6863.json +++ b/2006/6xxx/CVE-2006-6863.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6863", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** PHP remote file inclusion vulnerability in the Enigma2 plugin (Enigma2.php) in Enigma WordPress Bridge allows remote attackers to execute arbitrary PHP code via a URL in the boarddir parameter. NOTE: CVE disputes this issue, since $boarddir is set to a fixed value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6863", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061230 Enigma WordPress Bridge (boarddir) Remote File Include", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/455555/100/0/threaded" - }, - { - "name" : "3051", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3051" - }, - { - "name" : "20070104 CVE dispute of Enigma WordPress RFI", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-January/001207.html" - }, - { - "name" : "21826", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21826" - }, - { - "name" : "017459", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?017459" - }, - { - "name" : "2093", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2093" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** PHP remote file inclusion vulnerability in the Enigma2 plugin (Enigma2.php) in Enigma WordPress Bridge allows remote attackers to execute arbitrary PHP code via a URL in the boarddir parameter. NOTE: CVE disputes this issue, since $boarddir is set to a fixed value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3051", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3051" + }, + { + "name": "20070104 CVE dispute of Enigma WordPress RFI", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-January/001207.html" + }, + { + "name": "2093", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2093" + }, + { + "name": "20061230 Enigma WordPress Bridge (boarddir) Remote File Include", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/455555/100/0/threaded" + }, + { + "name": "017459", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?017459" + }, + { + "name": "21826", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21826" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6890.json b/2006/6xxx/CVE-2006-6890.json index d5e236c4eea..8bd32f32e44 100644 --- a/2006/6xxx/CVE-2006-6890.json +++ b/2006/6xxx/CVE-2006-6890.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6890", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Voodoo chat 1.0RC1b stores sensitive information under the web root with insufficient access control, which allows remote attackers to download passwords via a direct request for data/users.dat." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6890", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3044", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3044" - }, - { - "name" : "voodoo-chat-users-info-disclosure(31221)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31221" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Voodoo chat 1.0RC1b stores sensitive information under the web root with insufficient access control, which allows remote attackers to download passwords via a direct request for data/users.dat." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "voodoo-chat-users-info-disclosure(31221)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31221" + }, + { + "name": "3044", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3044" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6913.json b/2006/6xxx/CVE-2006-6913.json index fd2aec000bf..0b9f7df2eac 100644 --- a/2006/6xxx/CVE-2006-6913.json +++ b/2006/6xxx/CVE-2006-6913.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6913", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to upload arbitrary PHP scripts via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6913", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.phpmyfaq.de/advisory_2006-12-15.php", - "refsource" : "CONFIRM", - "url" : "http://www.phpmyfaq.de/advisory_2006-12-15.php" - }, - { - "name" : "21945", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21945" - }, - { - "name" : "ADV-2007-0077", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0077" - }, - { - "name" : "23651", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23651" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to upload arbitrary PHP scripts via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21945", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21945" + }, + { + "name": "23651", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23651" + }, + { + "name": "http://www.phpmyfaq.de/advisory_2006-12-15.php", + "refsource": "CONFIRM", + "url": "http://www.phpmyfaq.de/advisory_2006-12-15.php" + }, + { + "name": "ADV-2007-0077", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0077" + } + ] + } +} \ No newline at end of file diff --git a/2006/7xxx/CVE-2006-7029.json b/2006/7xxx/CVE-2006-7029.json index bf9f5ba03fe..53fcd8ed1e7 100644 --- a/2006/7xxx/CVE-2006-7029.json +++ b/2006/7xxx/CVE-2006-7029.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-7029", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers to cause a denial of service (crash) via a frameset with only one frame that calls resizeTo with certain arguments. NOTE: this issue might be related to CVE-2006-3637." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-7029", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060520 Microsoft Internet Explorer - Crash on mouse button click", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/434742/30/4830/threaded" - }, - { - "name" : "20060523 RE: Microsoft Internet Explorer - Crash on mouse button click", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/435004/30/4740/threaded" - }, - { - "name" : "20060523 Re: Microsoft Internet Explorer - Crash on mouse button click", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/434903/30/4800/threaded" - }, - { - "name" : "20060524 Re: Microsoft Internet Explorer - Crash on mouse button click", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/435147/30/4680/threaded" - }, - { - "name" : "20060525 Re: Microsoft Internet Explorer - Crash on mouse button click", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/435168/30/4680/threaded" - }, - { - "name" : "20060605 Re: [Full Disclosure] [Kil13r-SA-20060520] Microsoft Internet Explorer Crash Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/435990" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers to cause a denial of service (crash) via a frameset with only one frame that calls resizeTo with certain arguments. NOTE: this issue might be related to CVE-2006-3637." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060523 Re: Microsoft Internet Explorer - Crash on mouse button click", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/434903/30/4800/threaded" + }, + { + "name": "20060605 Re: [Full Disclosure] [Kil13r-SA-20060520] Microsoft Internet Explorer Crash Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/435990" + }, + { + "name": "20060525 Re: Microsoft Internet Explorer - Crash on mouse button click", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/435168/30/4680/threaded" + }, + { + "name": "20060520 Microsoft Internet Explorer - Crash on mouse button click", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/434742/30/4830/threaded" + }, + { + "name": "20060523 RE: Microsoft Internet Explorer - Crash on mouse button click", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/435004/30/4740/threaded" + }, + { + "name": "20060524 Re: Microsoft Internet Explorer - Crash on mouse button click", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/435147/30/4680/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0297.json b/2011/0xxx/CVE-2011-0297.json index 652141877c1..03bc49f3f11 100644 --- a/2011/0xxx/CVE-2011-0297.json +++ b/2011/0xxx/CVE-2011-0297.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0297", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-0297", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0355.json b/2011/0xxx/CVE-2011-0355.json index fff76447389..ff5fa8d8cb1 100644 --- a/2011/0xxx/CVE-2011-0355.json +++ b/2011/0xxx/CVE-2011-0355.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0355", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2011-0355", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20110208 VMSA-2011-0002 Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/516259/100/0/threaded" - }, - { - "name" : "[security-announce] 20110207 VMSA-2011-0002 Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi", - "refsource" : "MLIST", - "url" : "http://lists.vmware.com/pipermail/security-announce/2011/000118.html" - }, - { - "name" : "http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html", - "refsource" : "CONFIRM", - "url" : "http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2011-0002.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2011-0002.html" - }, - { - "name" : "46247", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/46247" - }, - { - "name" : "70837", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/70837" - }, - { - "name" : "1025030", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1025030" - }, - { - "name" : "43084", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43084" - }, - { - "name" : "8090", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/8090" - }, - { - "name" : "ADV-2011-0314", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0314" - }, - { - "name" : "ADV-2011-0315", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0315" - }, - { - "name" : "cisco-nexus-packets-dos(65217)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65217" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi host OS crash) by sending an 802.1Q tagged packet over an access vEthernet port, aka Cisco Bug ID CSCtj17451." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "43084", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43084" + }, + { + "name": "20110208 VMSA-2011-0002 Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/516259/100/0/threaded" + }, + { + "name": "cisco-nexus-packets-dos(65217)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65217" + }, + { + "name": "1025030", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1025030" + }, + { + "name": "ADV-2011-0314", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0314" + }, + { + "name": "46247", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/46247" + }, + { + "name": "[security-announce] 20110207 VMSA-2011-0002 Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi", + "refsource": "MLIST", + "url": "http://lists.vmware.com/pipermail/security-announce/2011/000118.html" + }, + { + "name": "8090", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/8090" + }, + { + "name": "70837", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/70837" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2011-0002.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2011-0002.html" + }, + { + "name": "http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html", + "refsource": "CONFIRM", + "url": "http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_0_4_s_v_1_3_c/release/notes/n1000v_rn.html" + }, + { + "name": "ADV-2011-0315", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0315" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0707.json b/2011/0xxx/CVE-2011-0707.json index e596c252e19..00d94f61516 100644 --- a/2011/0xxx/CVE-2011-0707.json +++ b/2011/0xxx/CVE-2011-0707.json @@ -1,207 +1,207 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0707", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) full name or (2) username field in a confirmation message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2011-0707", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[mailman-announce] 20110213 Mailman Security Patch Announcement", - "refsource" : "MLIST", - "url" : "http://mail.python.org/pipermail/mailman-announce/2011-February/000157.html" - }, - { - "name" : "[mailman-announce] 20110218 Mailman Security Patch Announcement", - "refsource" : "MLIST", - "url" : "http://mail.python.org/pipermail/mailman-announce/2011-February/000158.html" - }, - { - "name" : "http://support.apple.com/kb/HT5002", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT5002" - }, - { - "name" : "APPLE-SA-2011-10-12-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html" - }, - { - "name" : "DSA-2170", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2011/dsa-2170" - }, - { - "name" : "FEDORA-2011-2030", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056399.html" - }, - { - "name" : "FEDORA-2011-2102", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056387.html" - }, - { - "name" : "FEDORA-2011-2125", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056363.html" - }, - { - "name" : "MDVSA-2011:036", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:036" - }, - { - "name" : "RHSA-2011:0307", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0307.html" - }, - { - "name" : "RHSA-2011:0308", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0308.html" - }, - { - "name" : "SUSE-SR:2011:009", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html" - }, - { - "name" : "openSUSE-SU-2011:0424", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2011-05/msg00000.html" - }, - { - "name" : "USN-1069-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1069-1" - }, - { - "name" : "46464", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/46464" - }, - { - "name" : "70936", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/70936" - }, - { - "name" : "1025106", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1025106" - }, - { - "name" : "43294", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43294" - }, - { - "name" : "43389", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43389" - }, - { - "name" : "43425", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43425" - }, - { - "name" : "43549", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43549" - }, - { - "name" : "43580", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43580" - }, - { - "name" : "43829", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43829" - }, - { - "name" : "ADV-2011-0435", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0435" - }, - { - "name" : "ADV-2011-0436", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0436" - }, - { - "name" : "ADV-2011-0460", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0460" - }, - { - "name" : "ADV-2011-0487", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0487" - }, - { - "name" : "ADV-2011-0542", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0542" - }, - { - "name" : "ADV-2011-0720", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0720" - }, - { - "name" : "mailman-fullname-xss(65538)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65538" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) full name or (2) username field in a confirmation message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2011-0487", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0487" + }, + { + "name": "FEDORA-2011-2102", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056387.html" + }, + { + "name": "RHSA-2011:0307", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0307.html" + }, + { + "name": "70936", + "refsource": "OSVDB", + "url": "http://osvdb.org/70936" + }, + { + "name": "43294", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43294" + }, + { + "name": "ADV-2011-0720", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0720" + }, + { + "name": "SUSE-SR:2011:009", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html" + }, + { + "name": "ADV-2011-0435", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0435" + }, + { + "name": "ADV-2011-0460", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0460" + }, + { + "name": "openSUSE-SU-2011:0424", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2011-05/msg00000.html" + }, + { + "name": "DSA-2170", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2011/dsa-2170" + }, + { + "name": "[mailman-announce] 20110213 Mailman Security Patch Announcement", + "refsource": "MLIST", + "url": "http://mail.python.org/pipermail/mailman-announce/2011-February/000157.html" + }, + { + "name": "USN-1069-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1069-1" + }, + { + "name": "RHSA-2011:0308", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0308.html" + }, + { + "name": "ADV-2011-0436", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0436" + }, + { + "name": "APPLE-SA-2011-10-12-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html" + }, + { + "name": "MDVSA-2011:036", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:036" + }, + { + "name": "[mailman-announce] 20110218 Mailman Security Patch Announcement", + "refsource": "MLIST", + "url": "http://mail.python.org/pipermail/mailman-announce/2011-February/000158.html" + }, + { + "name": "46464", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/46464" + }, + { + "name": "1025106", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1025106" + }, + { + "name": "43829", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43829" + }, + { + "name": "43425", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43425" + }, + { + "name": "ADV-2011-0542", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0542" + }, + { + "name": "http://support.apple.com/kb/HT5002", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT5002" + }, + { + "name": "43389", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43389" + }, + { + "name": "mailman-fullname-xss(65538)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65538" + }, + { + "name": "FEDORA-2011-2125", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056363.html" + }, + { + "name": "43580", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43580" + }, + { + "name": "FEDORA-2011-2030", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056399.html" + }, + { + "name": "43549", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43549" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0718.json b/2011/0xxx/CVE-2011-0718.json index 912d36a90f5..e08a46dfb7b 100644 --- a/2011/0xxx/CVE-2011-0718.json +++ b/2011/0xxx/CVE-2011-0718.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0718", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Red Hat Network (RHN) Satellite Server 5.4 does not use a time delay after a failed login attempt, which makes it easier for remote attackers to conduct brute force password guessing attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2011-0718", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=672159", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=672159" - }, - { - "name" : "RHSA-2011:0300", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0300.html" - }, - { - "name" : "46528", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/46528" - }, - { - "name" : "1025116", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1025116" - }, - { - "name" : "43487", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43487" - }, - { - "name" : "ADV-2011-0491", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0491" - }, - { - "name" : "rhnss-weak-security(65657)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65657" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Red Hat Network (RHN) Satellite Server 5.4 does not use a time delay after a failed login attempt, which makes it easier for remote attackers to conduct brute force password guessing attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "46528", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/46528" + }, + { + "name": "ADV-2011-0491", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0491" + }, + { + "name": "RHSA-2011:0300", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0300.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=672159", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=672159" + }, + { + "name": "1025116", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1025116" + }, + { + "name": "rhnss-weak-security(65657)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65657" + }, + { + "name": "43487", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43487" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0916.json b/2011/0xxx/CVE-2011-0916.json index 8ab75a8fbbb..0b5b1ae7b6c 100644 --- a/2011/0xxx/CVE-2011-0916.json +++ b/2011/0xxx/CVE-2011-0916.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0916", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the SMTP service in IBM Lotus Domino allows remote attackers to execute arbitrary code via long arguments in a filename parameter in a malformed MIME e-mail message, aka SPR KLYH889M8H." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-0916", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://zerodayinitiative.com/advisories/ZDI-11-049/", - "refsource" : "MISC", - "url" : "http://zerodayinitiative.com/advisories/ZDI-11-049/" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21461514", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21461514" - }, - { - "name" : "43247", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43247" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the SMTP service in IBM Lotus Domino allows remote attackers to execute arbitrary code via long arguments in a filename parameter in a malformed MIME e-mail message, aka SPR KLYH889M8H." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "43247", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43247" + }, + { + "name": "http://zerodayinitiative.com/advisories/ZDI-11-049/", + "refsource": "MISC", + "url": "http://zerodayinitiative.com/advisories/ZDI-11-049/" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21461514", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21461514" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1488.json b/2011/1xxx/CVE-2011-1488.json index c05a765eaac..26f639bf20c 100644 --- a/2011/1xxx/CVE-2011-1488.json +++ b/2011/1xxx/CVE-2011-1488.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1488", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-1488", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3022.json b/2011/3xxx/CVE-2011-3022.json index 8b1a74e3159..73b3173a779 100644 --- a/2011/3xxx/CVE-2011-3022.json +++ b/2011/3xxx/CVE-2011-3022.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3022", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-3022", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=112236", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=112236" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.html" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2012/02/dev-channel-update_10.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2012/02/dev-channel-update_10.html" - }, - { - "name" : "http://src.chromium.org/viewvc/chrome?view=rev&revision=120113", - "refsource" : "CONFIRM", - "url" : "http://src.chromium.org/viewvc/chrome?view=rev&revision=120113" - }, - { - "name" : "oval:org.mitre.oval:def:15025", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15025" - }, - { - "name" : "48016", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48016" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://src.chromium.org/viewvc/chrome?view=rev&revision=120113", + "refsource": "CONFIRM", + "url": "http://src.chromium.org/viewvc/chrome?view=rev&revision=120113" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=112236", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=112236" + }, + { + "name": "http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.html" + }, + { + "name": "48016", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48016" + }, + { + "name": "http://googlechromereleases.blogspot.com/2012/02/dev-channel-update_10.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2012/02/dev-channel-update_10.html" + }, + { + "name": "oval:org.mitre.oval:def:15025", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15025" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3280.json b/2011/3xxx/CVE-2011-3280.json index 38dfbc7a743..3e8402f22b5 100644 --- a/2011/3xxx/CVE-2011-3280.json +++ b/2011/3xxx/CVE-2011-3280.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3280", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (memory consumption or device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCtj04672." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2011-3280", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=24120", - "refsource" : "CONFIRM", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=24120" - }, - { - "name" : "20110928 Cisco IOS Software Network Address Translation Vulnerabilities", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d4d.shtml" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (memory consumption or device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCtj04672." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=24120", + "refsource": "CONFIRM", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=24120" + }, + { + "name": "20110928 Cisco IOS Software Network Address Translation Vulnerabilities", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d4d.shtml" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3698.json b/2011/3xxx/CVE-2011-3698.json index 545f667cd6c..dd34a722c0c 100644 --- a/2011/3xxx/CVE-2011-3698.json +++ b/2011/3xxx/CVE-2011-3698.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3698", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "AdaptCMS 2.0.2 Beta allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by inc/poll_vote.php and certain other files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-3698", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2011/06/27/6" - }, - { - "name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README", - "refsource" : "MISC", - "url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README" - }, - { - "name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/AdaptCMS_2.0.2_Beta", - "refsource" : "MISC", - "url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/AdaptCMS_2.0.2_Beta" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "AdaptCMS 2.0.2 Beta allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by inc/poll_vote.php and certain other files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2011/06/27/6" + }, + { + "name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/AdaptCMS_2.0.2_Beta", + "refsource": "MISC", + "url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/AdaptCMS_2.0.2_Beta" + }, + { + "name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README", + "refsource": "MISC", + "url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3912.json b/2011/3xxx/CVE-2011-3912.json index 65f90d730d5..e925b45c0fb 100644 --- a/2011/3xxx/CVE-2011-3912.json +++ b/2011/3xxx/CVE-2011-3912.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3912", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2011-3912", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=102359", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=102359" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html" - }, - { - "name" : "oval:org.mitre.oval:def:14519", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14519" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:14519", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14519" + }, + { + "name": "http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=102359", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=102359" + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4215.json b/2011/4xxx/CVE-2011-4215.json index da6416840a1..b5049d249da 100644 --- a/2011/4xxx/CVE-2011-4215.json +++ b/2011/4xxx/CVE-2011-4215.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4215", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in lib/ooz_access.php in OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the cookieName variable." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-4215", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://en.securitylab.ru/lab/PT-2011-21", - "refsource" : "MISC", - "url" : "http://en.securitylab.ru/lab/PT-2011-21" - }, - { - "name" : "VU#800227", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/800227" - }, - { - "name" : "50107", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/50107" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in lib/ooz_access.php in OneOrZero Action & Information Management System (AIMS) 2.7.0 allows remote attackers to execute arbitrary SQL commands via the cookieName variable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://en.securitylab.ru/lab/PT-2011-21", + "refsource": "MISC", + "url": "http://en.securitylab.ru/lab/PT-2011-21" + }, + { + "name": "VU#800227", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/800227" + }, + { + "name": "50107", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/50107" + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4356.json b/2011/4xxx/CVE-2011-4356.json index 3f533d31914..96bad00064f 100644 --- a/2011/4xxx/CVE-2011-4356.json +++ b/2011/4xxx/CVE-2011-4356.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4356", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryd_detach, celeryd-multi, and celeryev, which allows local users to gain privileges via vectors involving crafted code that is executed by the worker process." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2011-4356", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/ask/celery/blob/master/docs/sec/CELERYSA-0001.txt", - "refsource" : "CONFIRM", - "url" : "https://github.com/ask/celery/blob/master/docs/sec/CELERYSA-0001.txt" - }, - { - "name" : "https://github.com/ask/celery/pull/544", - "refsource" : "CONFIRM", - "url" : "https://github.com/ask/celery/pull/544" - }, - { - "name" : "50825", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/50825" - }, - { - "name" : "46973", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/46973" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id during processing of the --uid and --gid arguments to celerybeat, celeryd_detach, celeryd-multi, and celeryev, which allows local users to gain privileges via vectors involving crafted code that is executed by the worker process." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "46973", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/46973" + }, + { + "name": "50825", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/50825" + }, + { + "name": "https://github.com/ask/celery/blob/master/docs/sec/CELERYSA-0001.txt", + "refsource": "CONFIRM", + "url": "https://github.com/ask/celery/blob/master/docs/sec/CELERYSA-0001.txt" + }, + { + "name": "https://github.com/ask/celery/pull/544", + "refsource": "CONFIRM", + "url": "https://github.com/ask/celery/pull/544" + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4652.json b/2011/4xxx/CVE-2011-4652.json index 22d46a9151e..0eac6addacb 100644 --- a/2011/4xxx/CVE-2011-4652.json +++ b/2011/4xxx/CVE-2011-4652.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4652", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-4652", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4980.json b/2011/4xxx/CVE-2011-4980.json index 77ccf3f2fd2..21f6359ce00 100644 --- a/2011/4xxx/CVE-2011-4980.json +++ b/2011/4xxx/CVE-2011-4980.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4980", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2011-4980", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2013/1xxx/CVE-2013-1186.json b/2013/1xxx/CVE-2013-1186.json index 37a7fa7501e..ac3a798ac7c 100644 --- a/2013/1xxx/CVE-2013-1186.json +++ b/2013/1xxx/CVE-2013-1186.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-1186", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Unified Computing System (UCS) 1.x before 1.4(4) and 2.x before 2.0(2m) allows remote attackers to bypass KVM authentication via a crafted authentication request to a Cisco Integrated Management Controller (IMC), aka Bug ID CSCts53746." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2013-1186", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20130424 Multiple Vulnerabilities in Cisco Unified Computing System", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Unified Computing System (UCS) 1.x before 1.4(4) and 2.x before 2.0(2m) allows remote attackers to bypass KVM authentication via a crafted authentication request to a Cisco Integrated Management Controller (IMC), aka Bug ID CSCts53746." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20130424 Multiple Vulnerabilities in Cisco Unified Computing System", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130424-ucsmulti" + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5740.json b/2013/5xxx/CVE-2013-5740.json index 3a76fd402f4..968aa45c947 100644 --- a/2013/5xxx/CVE-2013-5740.json +++ b/2013/5xxx/CVE-2013-5740.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5740", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) before 1.2, as used by the Intel QM77, QS77, Q77 Express, C216, Q67 Express, C202, C204, and C206 chipsets and Mobile Intel QM67 and QS67 chipsets, when the measured launch environment (MLE) is invoked, allows local users to bypass the Trusted Execution Technology protection mechanism and perform other unspecified SINIT ACM functions via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-5740", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.citrix.com/article/CTX138633", - "refsource" : "CONFIRM", - "url" : "http://support.citrix.com/article/CTX138633" - }, - { - "name" : "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00035&languageid=en-fr", - "refsource" : "CONFIRM", - "url" : "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00035&languageid=en-fr" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) before 1.2, as used by the Intel QM77, QS77, Q77 Express, C216, Q67 Express, C202, C204, and C206 chipsets and Mobile Intel QM67 and QS67 chipsets, when the measured launch environment (MLE) is invoked, allows local users to bypass the Trusted Execution Technology protection mechanism and perform other unspecified SINIT ACM functions via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00035&languageid=en-fr", + "refsource": "CONFIRM", + "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00035&languageid=en-fr" + }, + { + "name": "http://support.citrix.com/article/CTX138633", + "refsource": "CONFIRM", + "url": "http://support.citrix.com/article/CTX138633" + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5768.json b/2013/5xxx/CVE-2013-5768.json index b6153e78777..01d445b676c 100644 --- a/2013/5xxx/CVE-2013-5768.json +++ b/2013/5xxx/CVE-2013-5768.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5768", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect integrity via unknown vectors related to ActiveX Controls." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2013-5768", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect integrity via unknown vectors related to ActiveX Controls." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2451.json b/2014/2xxx/CVE-2014-2451.json index a89d66153ac..71a41761410 100644 --- a/2014/2xxx/CVE-2014-2451.json +++ b/2014/2xxx/CVE-2014-2451.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2451", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-2451", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2600.json b/2014/2xxx/CVE-2014-2600.json index 573034ee390..50e4662c6b5 100644 --- a/2014/2xxx/CVE-2014-2600.json +++ b/2014/2xxx/CVE-2014-2600.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2600", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in HP IceWall Identity Manager 4.0 through SP1 and 5.0 and IceWall SSO 10.0 Password Reset Option, when Apache Commons FileUpload is used, allows remote authenticated users to cause a denial of service via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "hp-security-alert@hp.com", + "ID": "CVE-2014-2600", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBGN02986", - "refsource" : "HP", - "url" : "http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04214298" - }, - { - "name" : "SSRT101450", - "refsource" : "HP", - "url" : "http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04214298" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in HP IceWall Identity Manager 4.0 through SP1 and 5.0 and IceWall SSO 10.0 Password Reset Option, when Apache Commons FileUpload is used, allows remote authenticated users to cause a denial of service via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SSRT101450", + "refsource": "HP", + "url": "http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04214298" + }, + { + "name": "HPSBGN02986", + "refsource": "HP", + "url": "http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04214298" + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2793.json b/2014/2xxx/CVE-2014-2793.json index 9e950e0de7f..e6dd7d8ce50 100644 --- a/2014/2xxx/CVE-2014-2793.json +++ b/2014/2xxx/CVE-2014-2793.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2793", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-2793", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6533.json b/2014/6xxx/CVE-2014-6533.json index b06caa37491..bed49d2ae6a 100644 --- a/2014/6xxx/CVE-2014-6533.json +++ b/2014/6xxx/CVE-2014-6533.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6533", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1 and 6.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-6533", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" - }, - { - "name" : "70537", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/70537" - }, - { - "name" : "1031043", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031043" - }, - { - "name" : "61721", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61721" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1 and 6.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1031043", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031043" + }, + { + "name": "61721", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61721" + }, + { + "name": "70537", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/70537" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6651.json b/2014/6xxx/CVE-2014-6651.json index dbb3b2492ef..8b2daa55822 100644 --- a/2014/6xxx/CVE-2014-6651.json +++ b/2014/6xxx/CVE-2014-6651.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6651", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Planet of the Vapes Forum (aka com.tapatalk.planetofthevapescoukforums) application 3.7.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-6651", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#886537", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/886537" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Planet of the Vapes Forum (aka com.tapatalk.planetofthevapescoukforums) application 3.7.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#886537", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/886537" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6869.json b/2014/6xxx/CVE-2014-6869.json index c803808bd31..f43e5b54b66 100644 --- a/2014/6xxx/CVE-2014-6869.json +++ b/2014/6xxx/CVE-2014-6869.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6869", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The barcode scanner (aka tw.com.books.android.plus) application 2.3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-6869", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#703849", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/703849" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The barcode scanner (aka tw.com.books.android.plus) application 2.3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#703849", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/703849" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/7xxx/CVE-2014-7314.json b/2014/7xxx/CVE-2014-7314.json index 4ed822e5a7f..df365a59d7e 100644 --- a/2014/7xxx/CVE-2014-7314.json +++ b/2014/7xxx/CVE-2014-7314.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-7314", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Intelligent SME (aka com.magzter.intelligentsme) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-7314", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#991521", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/991521" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Intelligent SME (aka com.magzter.intelligentsme) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#991521", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/991521" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2017/0xxx/CVE-2017-0065.json b/2017/0xxx/CVE-2017-0065.json index a00cb42e4e0..8ba8e69cbab 100644 --- a/2017/0xxx/CVE-2017-0065.json +++ b/2017/0xxx/CVE-2017-0065.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2017-0065", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Edge", - "version" : { - "version_data" : [ - { - "version_value" : "Edge" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka \"Microsoft Browser Information Disclosure Vulnerability.\" This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0068." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2017-0065", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Edge", + "version": { + "version_data": [ + { + "version_value": "Edge" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0065", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0065" - }, - { - "name" : "96648", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96648" - }, - { - "name" : "1038006", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038006" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka \"Microsoft Browser Information Disclosure Vulnerability.\" This vulnerability is different from those described in CVE-2017-0009, CVE-2017-0011, CVE-2017-0017, and CVE-2017-0068." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0065", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0065" + }, + { + "name": "1038006", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038006" + }, + { + "name": "96648", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96648" + } + ] + } +} \ No newline at end of file diff --git a/2017/0xxx/CVE-2017-0672.json b/2017/0xxx/CVE-2017-0672.json index 769114a1d51..e4dd35a0a87 100644 --- a/2017/0xxx/CVE-2017-0672.json +++ b/2017/0xxx/CVE-2017-0672.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "DATE_PUBLIC" : "2017-07-05T00:00:00", - "ID" : "CVE-2017-0672", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Android-7.0 Android-7.1.1 Android-7.1.2" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A denial of service vulnerability in the Android libraries. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-34778578." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of service" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "DATE_PUBLIC": "2017-07-05T00:00:00", + "ID": "CVE-2017-0672", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-7.0 Android-7.1.1 Android-7.1.2" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-07-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-07-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A denial of service vulnerability in the Android libraries. Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-34778578." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-07-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-07-01" + } + ] + } +} \ No newline at end of file diff --git a/2017/0xxx/CVE-2017-0746.json b/2017/0xxx/CVE-2017-0746.json index 09f1c8c8cc0..fc99dba9b87 100644 --- a/2017/0xxx/CVE-2017-0746.json +++ b/2017/0xxx/CVE-2017-0746.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "DATE_PUBLIC" : "2017-08-07T00:00:00", - "ID" : "CVE-2017-0746", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Android kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A elevation of privilege vulnerability in the Qualcomm ipa driver. Product: Android. Versions: Android kernel. Android ID: A-35467471. References: QC-CR#2029392." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of privilege" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "DATE_PUBLIC": "2017-08-07T00:00:00", + "ID": "CVE-2017-0746", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android kernel" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-08-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-08-01" - }, - { - "name" : "100213", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100213" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A elevation of privilege vulnerability in the Qualcomm ipa driver. Product: Android. Versions: Android kernel. Android ID: A-35467471. References: QC-CR#2029392." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-08-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-08-01" + }, + { + "name": "100213", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100213" + } + ] + } +} \ No newline at end of file diff --git a/2017/1000xxx/CVE-2017-1000028.json b/2017/1000xxx/CVE-2017-1000028.json index 8e187e33dd5..dbbaa161a37 100644 --- a/2017/1000xxx/CVE-2017-1000028.json +++ b/2017/1000xxx/CVE-2017-1000028.json @@ -1,74 +1,74 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve-assign@distributedweaknessfiling.org", - "DATE_ASSIGNED" : "2017-05-06T20:43:28.278042", - "ID" : "CVE-2017-1000028", - "REQUESTER" : "pkarolak@trustwave.com", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "GlassFish Server Open Source Edition", - "version" : { - "version_data" : [ - { - "version_value" : "4.1" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Directory Traversal" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "DATE_ASSIGNED": "2017-05-06T20:43:28.278042", + "ID": "CVE-2017-1000028", + "REQUESTER": "pkarolak@trustwave.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "45196", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/45196/" - }, - { - "name" : "45198", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/45198/" - }, - { - "name" : "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-016/?fid=6904", - "refsource" : "MISC", - "url" : "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-016/?fid=6904" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "45198", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/45198/" + }, + { + "name": "45196", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/45196/" + }, + { + "name": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-016/?fid=6904", + "refsource": "MISC", + "url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-016/?fid=6904" + } + ] + } +} \ No newline at end of file diff --git a/2017/1000xxx/CVE-2017-1000235.json b/2017/1000xxx/CVE-2017-1000235.json index d376375f9ec..02147956456 100644 --- a/2017/1000xxx/CVE-2017-1000235.json +++ b/2017/1000xxx/CVE-2017-1000235.json @@ -1,64 +1,64 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve-assign@distributedweaknessfiling.org", - "DATE_ASSIGNED" : "2017-08-22T17:29:33.463684", - "ID" : "CVE-2017-1000235", - "REQUESTER" : "j.singh@sec-consult.com", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "I, Librarian", - "version" : { - "version_data" : [ - { - "version_value" : "<=4.6 & 4.7" - } - ] - } - } - ] - }, - "vendor_name" : "I, Librarian" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "I, Librarian version <=4.6 & 4.7 is vulnerable to OS Command Injection in batchimport.php resulting the web server being fully compromised." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "OS Command Injection" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "DATE_ASSIGNED": "2017-08-22T17:29:33.463684", + "ID": "CVE-2017-1000235", + "REQUESTER": "j.singh@sec-consult.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170509-0_I_Librarian_Multiple_vulnerabilities_v10.txt", - "refsource" : "MISC", - "url" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170509-0_I_Librarian_Multiple_vulnerabilities_v10.txt" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "I, Librarian version <=4.6 & 4.7 is vulnerable to OS Command Injection in batchimport.php resulting the web server being fully compromised." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170509-0_I_Librarian_Multiple_vulnerabilities_v10.txt", + "refsource": "MISC", + "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170509-0_I_Librarian_Multiple_vulnerabilities_v10.txt" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18121.json b/2017/18xxx/CVE-2017-18121.json index cfb8190ffd2..cf1e6781a81 100644 --- a/2017/18xxx/CVE-2017-18121.json +++ b/2017/18xxx/CVE-2017-18121.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-18121", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The consentAdmin module in SimpleSAMLphp through 1.14.15 is vulnerable to a Cross-Site Scripting attack, allowing an attacker to craft links that could execute arbitrary JavaScript code on the victim's web browser." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18121", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20180209 [SECURITY] [DLA 1273-1] simplesamlphp security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/02/msg00008.html" - }, - { - "name" : "https://simplesamlphp.org/security/201709-01", - "refsource" : "CONFIRM", - "url" : "https://simplesamlphp.org/security/201709-01" - }, - { - "name" : "DSA-4127", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4127" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The consentAdmin module in SimpleSAMLphp through 1.14.15 is vulnerable to a Cross-Site Scripting attack, allowing an attacker to craft links that could execute arbitrary JavaScript code on the victim's web browser." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://simplesamlphp.org/security/201709-01", + "refsource": "CONFIRM", + "url": "https://simplesamlphp.org/security/201709-01" + }, + { + "name": "[debian-lts-announce] 20180209 [SECURITY] [DLA 1273-1] simplesamlphp security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00008.html" + }, + { + "name": "DSA-4127", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4127" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18359.json b/2017/18xxx/CVE-2017-18359.json index 1a784a90142..626d8e16a89 100644 --- a/2017/18xxx/CVE-2017-18359.json +++ b/2017/18xxx/CVE-2017-18359.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-18359", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted ST_AsX3D function input, as demonstrated by an abnormal server termination for \"SELECT ST_AsX3D('LINESTRING EMPTY');\" because empty geometries are mishandled." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18359", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20190131 [SECURITY] [DLA 1653-1] postgis security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2019/01/msg00030.html" - }, - { - "name" : "https://trac.osgeo.org/postgis/changeset/15444", - "refsource" : "MISC", - "url" : "https://trac.osgeo.org/postgis/changeset/15444" - }, - { - "name" : "https://trac.osgeo.org/postgis/changeset/15445", - "refsource" : "MISC", - "url" : "https://trac.osgeo.org/postgis/changeset/15445" - }, - { - "name" : "https://trac.osgeo.org/postgis/ticket/3704", - "refsource" : "MISC", - "url" : "https://trac.osgeo.org/postgis/ticket/3704" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted ST_AsX3D function input, as demonstrated by an abnormal server termination for \"SELECT ST_AsX3D('LINESTRING EMPTY');\" because empty geometries are mishandled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://trac.osgeo.org/postgis/changeset/15444", + "refsource": "MISC", + "url": "https://trac.osgeo.org/postgis/changeset/15444" + }, + { + "name": "https://trac.osgeo.org/postgis/changeset/15445", + "refsource": "MISC", + "url": "https://trac.osgeo.org/postgis/changeset/15445" + }, + { + "name": "[debian-lts-announce] 20190131 [SECURITY] [DLA 1653-1] postgis security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00030.html" + }, + { + "name": "https://trac.osgeo.org/postgis/ticket/3704", + "refsource": "MISC", + "url": "https://trac.osgeo.org/postgis/ticket/3704" + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1059.json b/2017/1xxx/CVE-2017-1059.json index e4615373088..02d2abecfbb 100644 --- a/2017/1xxx/CVE-2017-1059.json +++ b/2017/1xxx/CVE-2017-1059.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-1059", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-1059", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1066.json b/2017/1xxx/CVE-2017-1066.json index 66f3893c56e..c37ca948671 100644 --- a/2017/1xxx/CVE-2017-1066.json +++ b/2017/1xxx/CVE-2017-1066.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-1066", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-1066", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1767.json b/2017/1xxx/CVE-2017-1767.json index ab316e3d543..d016922548a 100644 --- a/2017/1xxx/CVE-2017-1767.json +++ b/2017/1xxx/CVE-2017-1767.json @@ -1,96 +1,96 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2018-03-24T00:00:00", - "ID" : "CVE-2017-1767", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Business Process Manager", - "version" : { - "version_data" : [ - { - "version_value" : "8.6" - }, - { - "version_value" : "8.6.0.CF201712" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Business Process Manager 8.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 136152." - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "A" : "N", - "AC" : "L", - "AV" : "N", - "C" : "L", - "I" : "L", - "PR" : "L", - "S" : "C", - "SCORE" : "5.400", - "UI" : "R" - } - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2018-03-24T00:00:00", + "ID": "CVE-2017-1767", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Business Process Manager", + "version": { + "version_data": [ + { + "version_value": "8.6" + }, + { + "version_value": "8.6.0.CF201712" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/136152", - "refsource" : "MISC", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/136152" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22012396", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22012396" - }, - { - "name" : "103679", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103679" - }, - { - "name" : "1040623", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040623" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Business Process Manager 8.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 136152." + } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "A": "N", + "AC": "L", + "AV": "N", + "C": "L", + "I": "L", + "PR": "L", + "S": "C", + "SCORE": "5.400", + "UI": "R" + } + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22012396", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22012396" + }, + { + "name": "103679", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103679" + }, + { + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/136152", + "refsource": "MISC", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/136152" + }, + { + "name": "1040623", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040623" + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1853.json b/2017/1xxx/CVE-2017-1853.json index d4ce564878f..728a2bd2860 100644 --- a/2017/1xxx/CVE-2017-1853.json +++ b/2017/1xxx/CVE-2017-1853.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-1853", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-1853", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1981.json b/2017/1xxx/CVE-2017-1981.json index eb0ae4de8d2..1c10c57ffe6 100644 --- a/2017/1xxx/CVE-2017-1981.json +++ b/2017/1xxx/CVE-2017-1981.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-1981", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-1981", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4547.json b/2017/4xxx/CVE-2017-4547.json index 353b003b016..1d0f7e98397 100644 --- a/2017/4xxx/CVE-2017-4547.json +++ b/2017/4xxx/CVE-2017-4547.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4547", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4547", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4656.json b/2017/4xxx/CVE-2017-4656.json index 14d07524a1f..b228db3739c 100644 --- a/2017/4xxx/CVE-2017-4656.json +++ b/2017/4xxx/CVE-2017-4656.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4656", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4656", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4657.json b/2017/4xxx/CVE-2017-4657.json index fe3417ae04d..4aab1c4935f 100644 --- a/2017/4xxx/CVE-2017-4657.json +++ b/2017/4xxx/CVE-2017-4657.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4657", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4657", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4759.json b/2017/4xxx/CVE-2017-4759.json index 4408dce0967..1c0f31d36dd 100644 --- a/2017/4xxx/CVE-2017-4759.json +++ b/2017/4xxx/CVE-2017-4759.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4759", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4759", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4824.json b/2017/4xxx/CVE-2017-4824.json index e1b9b3f0bda..f09d6c304ca 100644 --- a/2017/4xxx/CVE-2017-4824.json +++ b/2017/4xxx/CVE-2017-4824.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4824", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4824", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/5xxx/CVE-2017-5941.json b/2017/5xxx/CVE-2017-5941.json index e448c181918..ef211664622 100644 --- a/2017/5xxx/CVE-2017-5941.json +++ b/2017/5xxx/CVE-2017-5941.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-5941", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrusted data passed into the unserialize() function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression (IIFE)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-5941", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://nodesecurity.io/advisories/311", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/311" - }, - { - "name" : "https://opsecx.com/index.php/2017/02/08/exploiting-node-js-deserialization-bug-for-remote-code-execution/", - "refsource" : "MISC", - "url" : "https://opsecx.com/index.php/2017/02/08/exploiting-node-js-deserialization-bug-for-remote-code-execution/" - }, - { - "name" : "96225", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96225" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrusted data passed into the unserialize() function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression (IIFE)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nodesecurity.io/advisories/311", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/311" + }, + { + "name": "https://opsecx.com/index.php/2017/02/08/exploiting-node-js-deserialization-bug-for-remote-code-execution/", + "refsource": "MISC", + "url": "https://opsecx.com/index.php/2017/02/08/exploiting-node-js-deserialization-bug-for-remote-code-execution/" + }, + { + "name": "96225", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96225" + } + ] + } +} \ No newline at end of file