- Synchronized data.

2025-06-12 02:05:39 +00:00 · 2018-04-25 09:04:13 -04:00 · 2018-04-25 09:04:13 -04:00 · 7ad6322939
commit 7ad6322939
parent 6d8c1a88e8
6 changed files with 79 additions and 75 deletions
--- a/2017/12xxx/CVE-2017-12712.json
+++ b/2017/12xxx/CVE-2017-12712.json
@ -54,6 +54,8 @@
   "references" : {
      "reference_data" : [
         {
+            "name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-17-241-01",
+            "refsource" : "MISC",
            "url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-17-241-01"
         }
      ]
--- a/2017/12xxx/CVE-2017-12714.json
+++ b/2017/12xxx/CVE-2017-12714.json
@ -54,6 +54,8 @@
   "references" : {
      "reference_data" : [
         {
+            "name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-17-241-01",
+            "refsource" : "MISC",
            "url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-17-241-01"
         }
      ]
--- a/2017/12xxx/CVE-2017-12716.json
+++ b/2017/12xxx/CVE-2017-12716.json
@ -54,6 +54,8 @@
   "references" : {
      "reference_data" : [
         {
+            "name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-17-241-01",
+            "refsource" : "MISC",
            "url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-17-241-01"
         }
      ]
--- a/2017/1xxx/CVE-2017-1750.json
+++ b/2017/1xxx/CVE-2017-1750.json
@ -1,30 +1,14 @@
 {
-   "problemtype" : {
-      "problemtype_data" : [
-         {
-            "description" : [
-               {
-                  "lang" : "eng",
-                  "value" : "Cross-Site Scripting"
-               }
-            ]
-         }
-      ]
+   "CVE_data_meta" : {
+      "ASSIGNER" : "psirt@us.ibm.com",
+      "DATE_PUBLIC" : "2018-04-23T00:00:00",
+      "ID" : "CVE-2017-1750",
+      "STATE" : "PUBLIC"
   },
-   "description" : {
-      "description_data" : [
-         {
-            "lang" : "eng",
-            "value" : "IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  135523."
-         }
-      ]
-   },
-   "data_format" : "MITRE",
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
-               "vendor_name" : "IBM",
               "product" : {
                  "product_data" : [
                     {
@ -62,33 +46,47 @@
                        }
                     }
                  ]
-               }
+               },
+               "vendor_name" : "IBM"
            }
         ]
      }
   },
-   "references" : {
-      "reference_data" : [
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
         {
-            "url" : "http://www.ibm.com/support/docview.wss?uid=swg22015712",
-            "name" : "http://www.ibm.com/support/docview.wss?uid=swg22015712",
-            "refsource" : "CONFIRM",
-            "title" : "IBM Security Bulletin 2015712 (Jazz Reporting Service)"
-         },
-         {
-            "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/135523",
-            "refsource" : "XF",
-            "name" : "X-Force Vulnerability Report",
-            "title" : "ibm-jazz-cve20171750-xss(135523)"
+            "lang" : "eng",
+            "value" : "IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 135523."
         }
      ]
   },
-   "data_type" : "CVE",
-   "CVE_data_meta" : {
-      "STATE" : "PUBLIC",
-      "DATE_PUBLIC" : "2018-04-23T00:00:00",
-      "ASSIGNER" : "psirt@us.ibm.com",
-      "ID" : "CVE-2017-1750"
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "Cross-Site Scripting"
+               }
+            ]
+         }
+      ]
   },
-   "data_version" : "4.0"
+   "references" : {
+      "reference_data" : [
+         {
+            "name" : "http://www.ibm.com/support/docview.wss?uid=swg22015712",
+            "refsource" : "CONFIRM",
+            "url" : "http://www.ibm.com/support/docview.wss?uid=swg22015712"
+         },
+         {
+            "name" : "ibm-jazz-cve20171750-xss(135523)",
+            "refsource" : "XF",
+            "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/135523"
+         }
+      ]
+   }
 }
--- a/2017/7xxx/CVE-2017-7652.json
+++ b/2017/7xxx/CVE-2017-7652.json
@ -4,17 +4,6 @@
      "ID" : "CVE-2017-7652",
      "STATE" : "PUBLIC"
   },
-   "data_format" : "MITRE",
-   "data_type" : "CVE",
-   "data_version" : "4.0",
-   "description" : {
-      "description_data" : [
-         {
-            "lang" : "eng",
-            "value" : "If a Mosquitto instance is set running with a configuration file, then sending a HUP signal to server triggers the configuration to be reloaded from disk. If there are lots of clients connected so that there are no more file descriptors/sockets available (default limit typically 1024 file descriptors on Linux), then openingthe configuration file will fail."
-         }
-      ]
-   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
@ -38,6 +27,17 @@
         ]
      }
   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running with a configuration file, then sending a HUP signal to server triggers the configuration to be reloaded from disk. If there are lots of clients connected so that there are no more file descriptors/sockets available (default limit typically 1024 file descriptors on Linux), then opening the configuration file will fail."
+         }
+      ]
+   },
   "problemtype" : {
      "problemtype_data" : [
         {
@ -53,8 +53,10 @@
   "references" : {
      "reference_data" : [
         {
+            "name" : "https://bugs.eclipse.org/bugs/show_bug.cgi?id=530102",
+            "refsource" : "CONFIRM",
            "url" : "https://bugs.eclipse.org/bugs/show_bug.cgi?id=530102"
         }
      ]
   }
-}
+}
--- a/2018/1xxx/CVE-2018-1363.json
+++ b/2018/1xxx/CVE-2018-1363.json
@ -1,4 +1,10 @@
 {
+   "CVE_data_meta" : {
+      "ASSIGNER" : "psirt@us.ibm.com",
+      "DATE_PUBLIC" : "2018-04-23T00:00:00",
+      "ID" : "CVE-2018-1363",
+      "STATE" : "PUBLIC"
+   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
@ -46,9 +52,17 @@
         ]
      }
   },
+   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
-   "data_format" : "MITRE",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 137448."
+         }
+      ]
+   },
   "problemtype" : {
      "problemtype_data" : [
         {
@ -61,33 +75,17 @@
         }
      ]
   },
-   "CVE_data_meta" : {
-      "STATE" : "PUBLIC",
-      "ASSIGNER" : "psirt@us.ibm.com",
-      "ID" : "CVE-2018-1363",
-      "DATE_PUBLIC" : "2018-04-23T00:00:00"
-   },
   "references" : {
      "reference_data" : [
         {
-            "title" : "IBM Security Bulletin 2015712 (Jazz Reporting Service)",
-            "url" : "http://www.ibm.com/support/docview.wss?uid=swg22015712",
            "name" : "http://www.ibm.com/support/docview.wss?uid=swg22015712",
-            "refsource" : "CONFIRM"
+            "refsource" : "CONFIRM",
+            "url" : "http://www.ibm.com/support/docview.wss?uid=swg22015712"
         },
         {
-            "name" : "X-Force Vulnerability Report",
-            "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/137448",
-            "title" : "ibm-jazz-cve20181363-xss(137448)",
-            "refsource" : "XF"
-         }
-      ]
-   },
-   "description" : {
-      "description_data" : [
-         {
-            "value" : "IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  137448.",
-            "lang" : "eng"
+            "name" : "ibm-jazz-cve20181363-xss(137448)",
+            "refsource" : "XF",
+            "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/137448"
         }
      ]
   }