diff --git a/2002/0xxx/CVE-2002-0498.json b/2002/0xxx/CVE-2002-0498.json index a4aa73cd2dc..fcead2c09ba 100644 --- a/2002/0xxx/CVE-2002-0498.json +++ b/2002/0xxx/CVE-2002-0498.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-0498", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Etnus TotalView 5.0.0-4 installs certain files with UID 5039 and GID 59, which could allow local users with that UID or GID to modify the files and gain privileges as other TotalView users." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-0498", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20020326 Etnus TotalView 5.", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/264085" - }, - { - "name" : "4365", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/4365" - }, - { - "name" : "totalview-insecure-privileges(8635)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/8635.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Etnus TotalView 5.0.0-4 installs certain files with UID 5039 and GID 59, which could allow local users with that UID or GID to modify the files and gain privileges as other TotalView users." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4365", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/4365" + }, + { + "name": "totalview-insecure-privileges(8635)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/8635.php" + }, + { + "name": "20020326 Etnus TotalView 5.", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/264085" + } + ] + } +} \ No newline at end of file diff --git a/2002/0xxx/CVE-2002-0723.json b/2002/0xxx/CVE-2002-0723.json index 4b4481a9de3..f3738840394 100644 --- a/2002/0xxx/CVE-2002-0723.json +++ b/2002/0xxx/CVE-2002-0723.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-0723", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 5.5 and 6.0 does not properly verify the domain of a frame within a browser window, which allows remote attackers to read client files or invoke executable objects via the Object tag, aka \"Cross Domain Verification in Object Tag.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-0723", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS02-047", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-047" - }, - { - "name" : "5196", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/5196" - }, - { - "name" : "ie-object-scripting(9537)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/9537.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 5.5 and 6.0 does not properly verify the domain of a frame within a browser window, which allows remote attackers to read client files or invoke executable objects via the Object tag, aka \"Cross Domain Verification in Object Tag.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ie-object-scripting(9537)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/9537.php" + }, + { + "name": "5196", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/5196" + }, + { + "name": "MS02-047", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-047" + } + ] + } +} \ No newline at end of file diff --git a/2002/0xxx/CVE-2002-0977.json b/2002/0xxx/CVE-2002-0977.json index 978d2f7ccc5..1144c76a1e9 100644 --- a/2002/0xxx/CVE-2002-0977.json +++ b/2002/0xxx/CVE-2002-0977.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-0977", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to execute arbitrary code via a long TS value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-0977", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20020817 Multiple security vulnerabilities inside Microsoft File Transfer Manager ActiveX control (<4.0) [buffer overflow, arbitrary file upload/download]", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2002-08/0189.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to execute arbitrary code via a long TS value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20020817 Multiple security vulnerabilities inside Microsoft File Transfer Manager ActiveX control (<4.0) [buffer overflow, arbitrary file upload/download]", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2002-08/0189.html" + } + ] + } +} \ No newline at end of file diff --git a/2002/1xxx/CVE-2002-1155.json b/2002/1xxx/CVE-2002-1155.json index f7202ef59f7..7bb62432219 100644 --- a/2002/1xxx/CVE-2002-1155.json +++ b/2002/1xxx/CVE-2002-1155.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-1155", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-1155", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "RHSA-2003:047", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2003-047.html" - }, - { - "name" : "RHSA-2003:050", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2003-050.html" - }, - { - "name" : "MDKSA-2003:064", - "refsource" : "MANDRAKE", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2003:064" - }, - { - "name" : "20030603 kon2_exploit!!", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=105474080512376&w=2" - }, - { - "name" : "20030616 Next kon2root - Redhat 9", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=105577912106710&w=2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20030616 Next kon2root - Redhat 9", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=105577912106710&w=2" + }, + { + "name": "RHSA-2003:050", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2003-050.html" + }, + { + "name": "MDKSA-2003:064", + "refsource": "MANDRAKE", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:064" + }, + { + "name": "RHSA-2003:047", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2003-047.html" + }, + { + "name": "20030603 kon2_exploit!!", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=105474080512376&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2002/1xxx/CVE-2002-1924.json b/2002/1xxx/CVE-2002-1924.json index 15c43b797bb..200b01639c4 100644 --- a/2002/1xxx/CVE-2002-1924.json +++ b/2002/1xxx/CVE-2002-1924.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-1924", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PowerChute plus 5.0.2 creates a \"Pwrchute\" directory during installation that is shared and world writeable, which could allow remote attackers to modify or create files in that directory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-1924", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20020620 bugtraq@security.nnov.ru list issues", - "refsource" : "BUGTRAQ", - "url" : "http://online.securityfocus.com/archive/1/277930" - }, - { - "name" : "http://www.security.nnov.ru/news2064.html", - "refsource" : "MISC", - "url" : "http://www.security.nnov.ru/news2064.html" - }, - { - "name" : "5069", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/5069" - }, - { - "name" : "powerchute-dir-world-writeable(9413)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/9413.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PowerChute plus 5.0.2 creates a \"Pwrchute\" directory during installation that is shared and world writeable, which could allow remote attackers to modify or create files in that directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.security.nnov.ru/news2064.html", + "refsource": "MISC", + "url": "http://www.security.nnov.ru/news2064.html" + }, + { + "name": "powerchute-dir-world-writeable(9413)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/9413.php" + }, + { + "name": "20020620 bugtraq@security.nnov.ru list issues", + "refsource": "BUGTRAQ", + "url": "http://online.securityfocus.com/archive/1/277930" + }, + { + "name": "5069", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/5069" + } + ] + } +} \ No newline at end of file diff --git a/2002/2xxx/CVE-2002-2093.json b/2002/2xxx/CVE-2002-2093.json index bbf663c2bbf..ec93092fa60 100644 --- a/2002/2xxx/CVE-2002-2093.json +++ b/2002/2xxx/CVE-2002-2093.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-2093", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is set to \"Output Video\", allows attackers to access a console session by running videoout then videoin." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-2093", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20020103-01-I", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20020103-01-I" - }, - { - "name" : "3974", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/3974" - }, - { - "name" : "irix-o2-vcp-view-information(8016)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/8016" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is set to \"Output Video\", allows attackers to access a console session by running videoout then videoin." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3974", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/3974" + }, + { + "name": "20020103-01-I", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20020103-01-I" + }, + { + "name": "irix-o2-vcp-view-information(8016)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8016" + } + ] + } +} \ No newline at end of file diff --git a/2005/0xxx/CVE-2005-0235.json b/2005/0xxx/CVE-2005-0235.json index 42c063e32c5..b92803ae009 100644 --- a/2005/0xxx/CVE-2005-0235.json +++ b/2005/0xxx/CVE-2005-0235.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-0235", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The International Domain Name (IDN) support in Opera 7.54 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2005-0235", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050206 state of homograph attacks", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html" - }, - { - "name" : "20050208 International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs.", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=110782704923280&w=2" - }, - { - "name" : "http://www.shmoo.com/idn", - "refsource" : "MISC", - "url" : "http://www.shmoo.com/idn" - }, - { - "name" : "http://www.shmoo.com/idn/homograph.txt", - "refsource" : "MISC", - "url" : "http://www.shmoo.com/idn/homograph.txt" - }, - { - "name" : "SUSE-SA:2005:031", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2005_31_opera.html" - }, - { - "name" : "12461", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/12461" - }, - { - "name" : "multiple-browsers-idn-spoof(19236)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19236" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The International Domain Name (IDN) support in Opera 7.54 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.shmoo.com/idn/homograph.txt", + "refsource": "MISC", + "url": "http://www.shmoo.com/idn/homograph.txt" + }, + { + "name": "multiple-browsers-idn-spoof(19236)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19236" + }, + { + "name": "20050206 state of homograph attacks", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html" + }, + { + "name": "http://www.shmoo.com/idn", + "refsource": "MISC", + "url": "http://www.shmoo.com/idn" + }, + { + "name": "SUSE-SA:2005:031", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2005_31_opera.html" + }, + { + "name": "20050208 International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs.", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=110782704923280&w=2" + }, + { + "name": "12461", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/12461" + } + ] + } +} \ No newline at end of file diff --git a/2005/0xxx/CVE-2005-0268.json b/2005/0xxx/CVE-2005-0268.json index bbc2f022fc3..94d5cb7ba05 100644 --- a/2005/0xxx/CVE-2005-0268.json +++ b/2005/0xxx/CVE-2005-0268.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-0268", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Direct code injection vulnerability in FlatNuke 2.5.1 allows remote attackers to execute arbitrary PHP code by placing the code into the url_avatar field." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-0268", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050102 Multiple Vulnerabilities in FlatNuke", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=110477752916772&w=2" - }, - { - "name" : "12150", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/12150" - }, - { - "name" : "flatnuke-indexphp-xss(18746)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18746" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Direct code injection vulnerability in FlatNuke 2.5.1 allows remote attackers to execute arbitrary PHP code by placing the code into the url_avatar field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "12150", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/12150" + }, + { + "name": "20050102 Multiple Vulnerabilities in FlatNuke", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=110477752916772&w=2" + }, + { + "name": "flatnuke-indexphp-xss(18746)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18746" + } + ] + } +} \ No newline at end of file diff --git a/2005/0xxx/CVE-2005-0588.json b/2005/0xxx/CVE-2005-0588.json index e0e8b2f17d6..9ece4022553 100644 --- a/2005/0xxx/CVE-2005-0588.json +++ b/2005/0xxx/CVE-2005-0588.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-0588", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict xsl:include and xsl:import tags in XSLT stylesheets to the current domain, which allows remote attackers to determine the existence of files on the local system." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2005-0588", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/mfsa2005-20.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/mfsa2005-20.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=271209", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=271209" - }, - { - "name" : "GLSA-200503-10", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml" - }, - { - "name" : "GLSA-200503-30", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml" - }, - { - "name" : "RHSA-2005:176", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2005-176.html" - }, - { - "name" : "RHSA-2005:384", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2005-384.html" - }, - { - "name" : "12659", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/12659" - }, - { - "name" : "oval:org.mitre.oval:def:100038", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100038" - }, - { - "name" : "oval:org.mitre.oval:def:10682", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10682" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict xsl:include and xsl:import tags in XSLT stylesheets to the current domain, which allows remote attackers to determine the existence of files on the local system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "12659", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/12659" + }, + { + "name": "oval:org.mitre.oval:def:10682", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10682" + }, + { + "name": "RHSA-2005:176", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2005-176.html" + }, + { + "name": "http://www.mozilla.org/security/announce/mfsa2005-20.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/mfsa2005-20.html" + }, + { + "name": "RHSA-2005:384", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2005-384.html" + }, + { + "name": "GLSA-200503-30", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml" + }, + { + "name": "oval:org.mitre.oval:def:100038", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100038" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=271209", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=271209" + }, + { + "name": "GLSA-200503-10", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml" + } + ] + } +} \ No newline at end of file diff --git a/2005/0xxx/CVE-2005-0699.json b/2005/0xxx/CVE-2005-0699.json index cc6fc3b2a9b..d846693da3b 100644 --- a/2005/0xxx/CVE-2005-0699.json +++ b/2005/0xxx/CVE-2005-0699.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-0699", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-0699", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050308 Ethereal remote buffer overflow", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/392659" - }, - { - "name" : "http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-03-04", - "refsource" : "MISC", - "url" : "http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-03-04" - }, - { - "name" : "20050309 RE: Ethereal remote buffer overflow - addon", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=111038641832400&w=2" - }, - { - "name" : "20050314 Ethereal 0.10.9 and below remote root exploit", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=111083125521813&w=2" - }, - { - "name" : "http://www.ethereal.com/appnotes/enpa-sa-00018.html", - "refsource" : "CONFIRM", - "url" : "http://www.ethereal.com/appnotes/enpa-sa-00018.html" - }, - { - "name" : "FLSA-2006:152922", - "refsource" : "FEDORA", - "url" : "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html" - }, - { - "name" : "GLSA-200503-16", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200503-16.xml" - }, - { - "name" : "MDKSA-2005:053", - "refsource" : "MANDRAKE", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:053" - }, - { - "name" : "RHSA-2005:306", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2005-306.html" - }, - { - "name" : "12759", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/12759" - }, - { - "name" : "oval:org.mitre.oval:def:10147", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10147" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-200503-16", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200503-16.xml" + }, + { + "name": "MDKSA-2005:053", + "refsource": "MANDRAKE", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:053" + }, + { + "name": "http://www.ethereal.com/appnotes/enpa-sa-00018.html", + "refsource": "CONFIRM", + "url": "http://www.ethereal.com/appnotes/enpa-sa-00018.html" + }, + { + "name": "oval:org.mitre.oval:def:10147", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10147" + }, + { + "name": "12759", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/12759" + }, + { + "name": "RHSA-2005:306", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2005-306.html" + }, + { + "name": "http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-03-04", + "refsource": "MISC", + "url": "http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-03-04" + }, + { + "name": "20050314 Ethereal 0.10.9 and below remote root exploit", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=111083125521813&w=2" + }, + { + "name": "20050309 RE: Ethereal remote buffer overflow - addon", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=111038641832400&w=2" + }, + { + "name": "20050308 Ethereal remote buffer overflow", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/392659" + }, + { + "name": "FLSA-2006:152922", + "refsource": "FEDORA", + "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/1xxx/CVE-2005-1524.json b/2005/1xxx/CVE-2005-1524.json index 9bb4c0f198b..11877c36b17 100644 --- a/2005/1xxx/CVE-2005-1524.json +++ b/2005/1xxx/CVE-2005-1524.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-1524", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP file inclusion vulnerability in top_graph_header.php in Cacti 0.8.6d and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the config[library_path] parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-1524", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050622 Multiple Vendor Cacti Remote File Inclusion Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://www.idefense.com/application/poi/display?id=265&type=vulnerabilities&flashstatus=true" - }, - { - "name" : "http://www.cacti.net/release_notes_0_8_6e.php", - "refsource" : "CONFIRM", - "url" : "http://www.cacti.net/release_notes_0_8_6e.php" - }, - { - "name" : "CLSA-2005:978", - "refsource" : "CONECTIVA", - "url" : "http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000978" - }, - { - "name" : "DSA-764", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-764" - }, - { - "name" : "GLSA-200506-20", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml" - }, - { - "name" : "17426", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/17426" - }, - { - "name" : "1014252", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014252" - }, - { - "name" : "15490", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15490" - }, - { - "name" : "15931", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15931" - }, - { - "name" : "16136", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16136" - }, - { - "name" : "cacti-topgraphheader-file-include(21118)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21118" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP file inclusion vulnerability in top_graph_header.php in Cacti 0.8.6d and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the config[library_path] parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20050622 Multiple Vendor Cacti Remote File Inclusion Vulnerability", + "refsource": "IDEFENSE", + "url": "http://www.idefense.com/application/poi/display?id=265&type=vulnerabilities&flashstatus=true" + }, + { + "name": "CLSA-2005:978", + "refsource": "CONECTIVA", + "url": "http://distro.conectiva.com/atualizacoes/index.php?id=a&anuncio=000978" + }, + { + "name": "http://www.cacti.net/release_notes_0_8_6e.php", + "refsource": "CONFIRM", + "url": "http://www.cacti.net/release_notes_0_8_6e.php" + }, + { + "name": "cacti-topgraphheader-file-include(21118)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21118" + }, + { + "name": "GLSA-200506-20", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml" + }, + { + "name": "DSA-764", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-764" + }, + { + "name": "1014252", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014252" + }, + { + "name": "15931", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15931" + }, + { + "name": "15490", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15490" + }, + { + "name": "17426", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/17426" + }, + { + "name": "16136", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16136" + } + ] + } +} \ No newline at end of file diff --git a/2005/1xxx/CVE-2005-1722.json b/2005/1xxx/CVE-2005-1722.json index 40b491b660e..5ff852d46e1 100644 --- a/2005/1xxx/CVE-2005-1722.json +++ b/2005/1xxx/CVE-2005-1722.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-1722", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unknown vulnerability in the CoreGraphics Window Server for Mac OS X 10.4.x up to 10.4.1 allows local users to inject arbitrary commands into root sessions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-1722", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "APPLE-SA-2005-06-08", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unknown vulnerability in the CoreGraphics Window Server for Mac OS X 10.4.x up to 10.4.1 allows local users to inject arbitrary commands into root sessions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2005-06-08", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/1xxx/CVE-2005-1801.json b/2005/1xxx/CVE-2005-1801.json index 1f2f16bff38..29b2bf82275 100644 --- a/2005/1xxx/CVE-2005-1801.json +++ b/2005/1xxx/CVE-2005-1801.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-1801", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The vCard viewer in Nokia 9500 allows attackers to cause a denial of service (crash) via a vCard with a long Name field, which causes the crash when the user views it." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-1801", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.securityfocus.com/infocus/1836", - "refsource" : "MISC", - "url" : "http://www.securityfocus.com/infocus/1836" - }, - { - "name" : "13784", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/13784" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The vCard viewer in Nokia 9500 allows attackers to cause a denial of service (crash) via a vCard with a long Name field, which causes the crash when the user views it." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "13784", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/13784" + }, + { + "name": "http://www.securityfocus.com/infocus/1836", + "refsource": "MISC", + "url": "http://www.securityfocus.com/infocus/1836" + } + ] + } +} \ No newline at end of file diff --git a/2005/1xxx/CVE-2005-1996.json b/2005/1xxx/CVE-2005-1996.json index 626880ee7be..bdc653b874a 100644 --- a/2005/1xxx/CVE-2005-1996.json +++ b/2005/1xxx/CVE-2005-1996.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-1996", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in start.php in Bitrix Site Manager 4.0.x allows remote attackers to execute arbitrary PHP code via the _SERVER[DOCUMENT_ROOT] parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-1996", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050615 Vulnerability: Bitrix Php inclusion", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=111885605913761&w=2" - }, - { - "name" : "http://www.bitrixsoft.com/support/forum/read.php?FID=10&TID=1872", - "refsource" : "CONFIRM", - "url" : "http://www.bitrixsoft.com/support/forum/read.php?FID=10&TID=1872" - }, - { - "name" : "http://www.bitrixsoft.com/sitemanager/versions.php?module=main", - "refsource" : "CONFIRM", - "url" : "http://www.bitrixsoft.com/sitemanager/versions.php?module=main" - }, - { - "name" : "13965", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/13965" - }, - { - "name" : "ADV-2005-0779", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/0779" - }, - { - "name" : "17341", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/17341" - }, - { - "name" : "15726", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15726" - }, - { - "name" : "bitrix-serverdocumentroot-file-include(21018)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21018" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in start.php in Bitrix Site Manager 4.0.x allows remote attackers to execute arbitrary PHP code via the _SERVER[DOCUMENT_ROOT] parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "bitrix-serverdocumentroot-file-include(21018)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21018" + }, + { + "name": "http://www.bitrixsoft.com/sitemanager/versions.php?module=main", + "refsource": "CONFIRM", + "url": "http://www.bitrixsoft.com/sitemanager/versions.php?module=main" + }, + { + "name": "20050615 Vulnerability: Bitrix Php inclusion", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=111885605913761&w=2" + }, + { + "name": "15726", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15726" + }, + { + "name": "13965", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/13965" + }, + { + "name": "ADV-2005-0779", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/0779" + }, + { + "name": "http://www.bitrixsoft.com/support/forum/read.php?FID=10&TID=1872", + "refsource": "CONFIRM", + "url": "http://www.bitrixsoft.com/support/forum/read.php?FID=10&TID=1872" + }, + { + "name": "17341", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/17341" + } + ] + } +} \ No newline at end of file diff --git a/2009/0xxx/CVE-2009-0057.json b/2009/0xxx/CVE-2009-0057.json index 9cb7fa61bc2..0135ee22460 100644 --- a/2009/0xxx/CVE-2009-0057.json +++ b/2009/0xxx/CVE-2009-0057.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-0057", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a TCP session in which the \"client terminates prematurely.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2009-0057", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20090121 Cisco Unified Communications Manager CAPF Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a61928.shtml" - }, - { - "name" : "33379", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/33379" - }, - { - "name" : "ADV-2009-0213", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/0213" - }, - { - "name" : "1021620", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1021620" - }, - { - "name" : "33588", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33588" - }, - { - "name" : "cucm-capf-dos-var1(48139)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48139" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a TCP session in which the \"client terminates prematurely.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33379", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/33379" + }, + { + "name": "1021620", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1021620" + }, + { + "name": "cucm-capf-dos-var1(48139)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48139" + }, + { + "name": "ADV-2009-0213", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/0213" + }, + { + "name": "33588", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33588" + }, + { + "name": "20090121 Cisco Unified Communications Manager CAPF Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a61928.shtml" + } + ] + } +} \ No newline at end of file diff --git a/2009/0xxx/CVE-2009-0480.json b/2009/0xxx/CVE-2009-0480.json index e1e39b84370..88c2832308e 100644 --- a/2009/0xxx/CVE-2009-0480.json +++ b/2009/0xxx/CVE-2009-0480.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-0480", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper arena when allocating minor numbers for sockets, which allows local users to cause a denial of service (32-bit application failure and login outage) by opening a large number of sockets." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-0480", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[onnv-notify] 20081011 6507173 Sockets should allocate minor numbers from higher order arena", - "refsource" : "MLIST", - "url" : "http://mail.opensolaris.org/pipermail/onnv-notify/2008-January/013262.html" - }, - { - "name" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-116965-34-1", - "refsource" : "CONFIRM", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-116965-34-1" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2009-042.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2009-042.htm" - }, - { - "name" : "248026", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-248026-1" - }, - { - "name" : "33550", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/33550" - }, - { - "name" : "oval:org.mitre.oval:def:6038", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6038" - }, - { - "name" : "ADV-2009-0364", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/0364" - }, - { - "name" : "1021653", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1021653" - }, - { - "name" : "33751", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33751" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper arena when allocating minor numbers for sockets, which allows local users to cause a denial of service (32-bit application failure and login outage) by opening a large number of sockets." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[onnv-notify] 20081011 6507173 Sockets should allocate minor numbers from higher order arena", + "refsource": "MLIST", + "url": "http://mail.opensolaris.org/pipermail/onnv-notify/2008-January/013262.html" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-042.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-042.htm" + }, + { + "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-116965-34-1", + "refsource": "CONFIRM", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-116965-34-1" + }, + { + "name": "248026", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-248026-1" + }, + { + "name": "33550", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/33550" + }, + { + "name": "ADV-2009-0364", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/0364" + }, + { + "name": "oval:org.mitre.oval:def:6038", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6038" + }, + { + "name": "33751", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33751" + }, + { + "name": "1021653", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1021653" + } + ] + } +} \ No newline at end of file diff --git a/2009/0xxx/CVE-2009-0561.json b/2009/0xxx/CVE-2009-0561.json index 43dce2b859b..d8bad861d7c 100644 --- a/2009/0xxx/CVE-2009-0561.json +++ b/2009/0xxx/CVE-2009-0561.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-0561", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; and Microsoft Office SharePoint Server 2007 SP1 and SP2 allows remote attackers to execute arbitrary code via an Excel file with a Shared String Table (SST) record with a numeric field that specifies an invalid number of unique strings, which triggers a heap-based buffer overflow, aka \"Record Integer Overflow Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2009-0561", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20090609 Microsoft Excel SST Record Integer Overflow Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=805" - }, - { - "name" : "20090609 Secunia Research: Microsoft Excel String Parsing Integer Overflow Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/504190/100/0/threaded" - }, - { - "name" : "http://secunia.com/secunia_research/2009-12/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2009-12/" - }, - { - "name" : "MS09-021", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-021" - }, - { - "name" : "TA09-160A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA09-160A.html" - }, - { - "name" : "35245", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/35245" - }, - { - "name" : "54957", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/54957" - }, - { - "name" : "oval:org.mitre.oval:def:5925", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5925" - }, - { - "name" : "1022351", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1022351" - }, - { - "name" : "ADV-2009-1540", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1540" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; and Microsoft Office SharePoint Server 2007 SP1 and SP2 allows remote attackers to execute arbitrary code via an Excel file with a Shared String Table (SST) record with a numeric field that specifies an invalid number of unique strings, which triggers a heap-based buffer overflow, aka \"Record Integer Overflow Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2009-1540", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1540" + }, + { + "name": "http://secunia.com/secunia_research/2009-12/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2009-12/" + }, + { + "name": "20090609 Secunia Research: Microsoft Excel String Parsing Integer Overflow Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/504190/100/0/threaded" + }, + { + "name": "20090609 Microsoft Excel SST Record Integer Overflow Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=805" + }, + { + "name": "1022351", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1022351" + }, + { + "name": "oval:org.mitre.oval:def:5925", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5925" + }, + { + "name": "MS09-021", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-021" + }, + { + "name": "TA09-160A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA09-160A.html" + }, + { + "name": "54957", + "refsource": "OSVDB", + "url": "http://osvdb.org/54957" + }, + { + "name": "35245", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/35245" + } + ] + } +} \ No newline at end of file diff --git a/2009/0xxx/CVE-2009-0882.json b/2009/0xxx/CVE-2009-0882.json index aa1b40a7d7a..e0657e3372a 100644 --- a/2009/0xxx/CVE-2009-0882.json +++ b/2009/0xxx/CVE-2009-0882.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-0882", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in nForum 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to showtheme.php and the (2) user parameter to userinfo.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-0882", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20090306 nForum 1.5 Multiple SQL Injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/501560/100/0/threaded" - }, - { - "name" : "34030", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/34030" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in nForum 1.5 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to showtheme.php and the (2) user parameter to userinfo.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "34030", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/34030" + }, + { + "name": "20090306 nForum 1.5 Multiple SQL Injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/501560/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2009/1xxx/CVE-2009-1411.json b/2009/1xxx/CVE-2009-1411.json index 421ce851f16..42831147a2c 100644 --- a/2009/1xxx/CVE-2009-1411.json +++ b/2009/1xxx/CVE-2009-1411.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-1411", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in events/inc/events.inc.php in the Events plugin for Seditio CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the c parameter to plug.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-1411", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "8482", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/8482" - }, - { - "name" : "34608", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/34608" - }, - { - "name" : "53827", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/53827" - }, - { - "name" : "34812", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34812" - }, - { - "name" : "ADV-2009-1112", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1112" - }, - { - "name" : "seditio-events-eventsinc-sql-injection(49975)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49975" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in events/inc/events.inc.php in the Events plugin for Seditio CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the c parameter to plug.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "seditio-events-eventsinc-sql-injection(49975)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49975" + }, + { + "name": "53827", + "refsource": "OSVDB", + "url": "http://osvdb.org/53827" + }, + { + "name": "34608", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/34608" + }, + { + "name": "ADV-2009-1112", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1112" + }, + { + "name": "34812", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34812" + }, + { + "name": "8482", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/8482" + } + ] + } +} \ No newline at end of file diff --git a/2009/1xxx/CVE-2009-1508.json b/2009/1xxx/CVE-2009-1508.json index ccdd533cb46..de43948a5c7 100644 --- a/2009/1xxx/CVE-2009-1508.json +++ b/2009/1xxx/CVE-2009-1508.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-1508", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the xforum_validateUser function in Common.php in X-Forum 0.6.2 allows remote attackers to execute arbitrary SQL commands, as demonstrated via the cookie_username parameter to Configure.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-1508", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "8317", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/8317" - }, - { - "name" : "34302", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/34302" - }, - { - "name" : "xforum-cookieusername-sql-injection(49537)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49537" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the xforum_validateUser function in Common.php in X-Forum 0.6.2 allows remote attackers to execute arbitrary SQL commands, as demonstrated via the cookie_username parameter to Configure.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "34302", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/34302" + }, + { + "name": "xforum-cookieusername-sql-injection(49537)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49537" + }, + { + "name": "8317", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/8317" + } + ] + } +} \ No newline at end of file diff --git a/2009/1xxx/CVE-2009-1726.json b/2009/1xxx/CVE-2009-1726.json index bd12ce62e17..ded543274f9 100644 --- a/2009/1xxx/CVE-2009-1726.json +++ b/2009/1xxx/CVE-2009-1726.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-1726", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image containing an embedded ColorSync profile." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-1726", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT3757", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3757" - }, - { - "name" : "http://support.apple.com/kb/HT4196", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4196" - }, - { - "name" : "http://support.apple.com/kb/HT4220", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4220" - }, - { - "name" : "APPLE-SA-2009-08-05-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html" - }, - { - "name" : "APPLE-SA-2010-06-07-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" - }, - { - "name" : "APPLE-SA-2010-06-16-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html" - }, - { - "name" : "TA09-218A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA09-218A.html" - }, - { - "name" : "35954", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/35954" - }, - { - "name" : "56845", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/56845" - }, - { - "name" : "oval:org.mitre.oval:def:7499", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7499" - }, - { - "name" : "1022674", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1022674" - }, - { - "name" : "36096", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36096" - }, - { - "name" : "40105", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40105" - }, - { - "name" : "40196", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40196" - }, - { - "name" : "ADV-2009-2172", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/2172" - }, - { - "name" : "ADV-2010-1373", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1373" - }, - { - "name" : "ADV-2010-1512", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1512" - }, - { - "name" : "macosx-colorsync-profile-bo(52419)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/52419" - }, - { - "name" : "safari-colorsync-profile-bo(59162)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59162" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in ColorSync in Apple Mac OS X 10.4.11 and 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image containing an embedded ColorSync profile." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.apple.com/kb/HT4220", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4220" + }, + { + "name": "http://support.apple.com/kb/HT3757", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3757" + }, + { + "name": "APPLE-SA-2010-06-07-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" + }, + { + "name": "36096", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36096" + }, + { + "name": "40196", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40196" + }, + { + "name": "40105", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40105" + }, + { + "name": "ADV-2010-1373", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1373" + }, + { + "name": "APPLE-SA-2009-08-05-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html" + }, + { + "name": "safari-colorsync-profile-bo(59162)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59162" + }, + { + "name": "APPLE-SA-2010-06-16-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html" + }, + { + "name": "ADV-2010-1512", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1512" + }, + { + "name": "1022674", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1022674" + }, + { + "name": "35954", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/35954" + }, + { + "name": "56845", + "refsource": "OSVDB", + "url": "http://osvdb.org/56845" + }, + { + "name": "oval:org.mitre.oval:def:7499", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7499" + }, + { + "name": "http://support.apple.com/kb/HT4196", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4196" + }, + { + "name": "ADV-2009-2172", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/2172" + }, + { + "name": "TA09-218A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA09-218A.html" + }, + { + "name": "macosx-colorsync-profile-bo(52419)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52419" + } + ] + } +} \ No newline at end of file diff --git a/2012/2xxx/CVE-2012-2034.json b/2012/2xxx/CVE-2012-2034.json index bc5af5db6b3..374fe8b22c3 100644 --- a/2012/2xxx/CVE-2012-2034.json +++ b/2012/2xxx/CVE-2012-2034.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-2034", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2037." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2012-2034", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb12-14.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb12-14.html" - }, - { - "name" : "RHSA-2012:0722", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-0722.html" - }, - { - "name" : "SUSE-SU-2012:0724", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00007.html" - }, - { - "name" : "openSUSE-SU-2012:0723", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2037." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2012:0722", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-0722.html" + }, + { + "name": "SUSE-SU-2012:0724", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00007.html" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb12-14.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb12-14.html" + }, + { + "name": "openSUSE-SU-2012:0723", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html" + } + ] + } +} \ No newline at end of file diff --git a/2012/2xxx/CVE-2012-2511.json b/2012/2xxx/CVE-2012-2511.json index 6b85280f2c7..854100d0d34 100644 --- a/2012/2xxx/CVE-2012-2511.json +++ b/2012/2xxx/CVE-2012-2511.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-2511", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The DiagTraceAtoms function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-2511", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities", - "refsource" : "MISC", - "url" : "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities" - }, - { - "name" : "https://service.sap.com/sap/support/notes/1687910", - "refsource" : "MISC", - "url" : "https://service.sap.com/sap/support/notes/1687910" - }, - { - "name" : "http://scn.sap.com/docs/DOC-8218", - "refsource" : "CONFIRM", - "url" : "http://scn.sap.com/docs/DOC-8218" - }, - { - "name" : "1027052", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1027052" - }, - { - "name" : "netweaver-diagtraceatoms-dos(75453)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75453" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The DiagTraceAtoms function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://service.sap.com/sap/support/notes/1687910", + "refsource": "MISC", + "url": "https://service.sap.com/sap/support/notes/1687910" + }, + { + "name": "http://scn.sap.com/docs/DOC-8218", + "refsource": "CONFIRM", + "url": "http://scn.sap.com/docs/DOC-8218" + }, + { + "name": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities", + "refsource": "MISC", + "url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities" + }, + { + "name": "1027052", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1027052" + }, + { + "name": "netweaver-diagtraceatoms-dos(75453)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75453" + } + ] + } +} \ No newline at end of file diff --git a/2012/2xxx/CVE-2012-2646.json b/2012/2xxx/CVE-2012-2646.json index fcd61e4a4f5..0ccf6cea002 100644 --- a/2012/2xxx/CVE-2012-2646.json +++ b/2012/2xxx/CVE-2012-2646.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-2646", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Sleipnir Mobile application before 2.1.0 and Sleipnir Mobile Black Edition application before 2.1.0 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2012-2646", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://play.google.com/store/apps/details?id=jp.co.fenrir.android.sleipnir", - "refsource" : "CONFIRM", - "url" : "https://play.google.com/store/apps/details?id=jp.co.fenrir.android.sleipnir" - }, - { - "name" : "https://play.google.com/store/apps/details?id=jp.co.fenrir.android.sleipnir_black", - "refsource" : "CONFIRM", - "url" : "https://play.google.com/store/apps/details?id=jp.co.fenrir.android.sleipnir_black" - }, - { - "name" : "JVN#88643450", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN88643450/index.html" - }, - { - "name" : "JVNDB-2012-000071", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000071" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Sleipnir Mobile application before 2.1.0 and Sleipnir Mobile Black Edition application before 2.1.0 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://play.google.com/store/apps/details?id=jp.co.fenrir.android.sleipnir_black", + "refsource": "CONFIRM", + "url": "https://play.google.com/store/apps/details?id=jp.co.fenrir.android.sleipnir_black" + }, + { + "name": "https://play.google.com/store/apps/details?id=jp.co.fenrir.android.sleipnir", + "refsource": "CONFIRM", + "url": "https://play.google.com/store/apps/details?id=jp.co.fenrir.android.sleipnir" + }, + { + "name": "JVN#88643450", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN88643450/index.html" + }, + { + "name": "JVNDB-2012-000071", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000071" + } + ] + } +} \ No newline at end of file diff --git a/2012/2xxx/CVE-2012-2683.json b/2012/2xxx/CVE-2012-2683.json index a289a2621a7..269ec7d82ec 100644 --- a/2012/2xxx/CVE-2012-2683.json +++ b/2012/2xxx/CVE-2012-2683.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-2683", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) \"error message displays\" or (2) \"in source HTML on certain pages.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2012-2683", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=830243", - "refsource" : "MISC", - "url" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=830243" - }, - { - "name" : "FEDORA-2012-17854", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092543.html" - }, - { - "name" : "FEDORA-2012-17863", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092562.html" - }, - { - "name" : "RHSA-2012:1278", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1278.html" - }, - { - "name" : "RHSA-2012:1281", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1281.html" - }, - { - "name" : "55618", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/55618" - }, - { - "name" : "50660", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/50660" - }, - { - "name" : "cumin-redhat-xss(78772)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/78772" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) \"error message displays\" or (2) \"in source HTML on certain pages.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=830243", + "refsource": "MISC", + "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=830243" + }, + { + "name": "FEDORA-2012-17863", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092562.html" + }, + { + "name": "55618", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/55618" + }, + { + "name": "RHSA-2012:1278", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html" + }, + { + "name": "RHSA-2012:1281", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html" + }, + { + "name": "50660", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/50660" + }, + { + "name": "FEDORA-2012-17854", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092543.html" + }, + { + "name": "cumin-redhat-xss(78772)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78772" + } + ] + } +} \ No newline at end of file diff --git a/2012/3xxx/CVE-2012-3762.json b/2012/3xxx/CVE-2012-3762.json index 1fc53a57169..05fa7a2c364 100644 --- a/2012/3xxx/CVE-2012-3762.json +++ b/2012/3xxx/CVE-2012-3762.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-3762", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-3762", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/4xxx/CVE-2012-4050.json b/2012/4xxx/CVE-2012-4050.json index 97178f2b9dd..06c0fc38077 100644 --- a/2012/4xxx/CVE-2012-4050.json +++ b/2012/4xxx/CVE-2012-4050.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-4050", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Google Chrome OS before 21.0.1180.50 on the Cr-48 and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, have unknown impact and attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-4050", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2012/07/beta-channel-update-for-chrome-os.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2012/07/beta-channel-update-for-chrome-os.html" - }, - { - "name" : "chromeos-multiple-unspecified(77191)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/77191" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Google Chrome OS before 21.0.1180.50 on the Cr-48 and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, have unknown impact and attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://googlechromereleases.blogspot.com/2012/07/beta-channel-update-for-chrome-os.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2012/07/beta-channel-update-for-chrome-os.html" + }, + { + "name": "chromeos-multiple-unspecified(77191)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77191" + } + ] + } +} \ No newline at end of file diff --git a/2012/4xxx/CVE-2012-4086.json b/2012/4xxx/CVE-2012-4086.json index adb553a7432..8b2d55419ae 100644 --- a/2012/4xxx/CVE-2012-4086.json +++ b/2012/4xxx/CVE-2012-4086.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-4086", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A setup script for fabric interconnect devices in Cisco Unified Computing System (UCS) allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20790." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2012-4086", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20130923 Cisco Unified Computing System Fabric Interconnect Devices Arbitrary Command Execution Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4086" - }, - { - "name" : "1029083", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029083" - }, - { - "name" : "cisco-ucs-cve20124086-command-exec(87368)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/87368" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A setup script for fabric interconnect devices in Cisco Unified Computing System (UCS) allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20790." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1029083", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029083" + }, + { + "name": "cisco-ucs-cve20124086-command-exec(87368)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87368" + }, + { + "name": "20130923 Cisco Unified Computing System Fabric Interconnect Devices Arbitrary Command Execution Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4086" + } + ] + } +} \ No newline at end of file diff --git a/2012/4xxx/CVE-2012-4199.json b/2012/4xxx/CVE-2012-4199.json index 17db73352dd..30fd05078a8 100644 --- a/2012/4xxx/CVE-2012-4199.json +++ b/2012/4xxx/CVE-2012-4199.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-4199", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "template/en/default/bug/field-events.js.tmpl in Bugzilla 3.x before 3.6.12, 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 generates JavaScript function calls containing private product names or private component names in certain circumstances involving custom-field visibility control, which allows remote attackers to obtain sensitive information by reading HTML source code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-4199", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.bugzilla.org/security/3.6.11/", - "refsource" : "CONFIRM", - "url" : "http://www.bugzilla.org/security/3.6.11/" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=731178", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=731178" - }, - { - "name" : "MDVSA-2013:066", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:066" - }, - { - "name" : "bugzilla-custom-fields-info-disclosure(80029)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/80029" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "template/en/default/bug/field-events.js.tmpl in Bugzilla 3.x before 3.6.12, 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1 generates JavaScript function calls containing private product names or private component names in certain circumstances involving custom-field visibility control, which allows remote attackers to obtain sensitive information by reading HTML source code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "bugzilla-custom-fields-info-disclosure(80029)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80029" + }, + { + "name": "MDVSA-2013:066", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:066" + }, + { + "name": "http://www.bugzilla.org/security/3.6.11/", + "refsource": "CONFIRM", + "url": "http://www.bugzilla.org/security/3.6.11/" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=731178", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=731178" + } + ] + } +} \ No newline at end of file diff --git a/2012/4xxx/CVE-2012-4684.json b/2012/4xxx/CVE-2012-4684.json index f207948986a..b4ccc68f297 100644 --- a/2012/4xxx/CVE-2012-4684.json +++ b/2012/4xxx/CVE-2012-4684.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-4684", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The alert functionality in bitcoind and Bitcoin-Qt before 0.7.0 supports different character representations of the same signature data, but relies on a hash of this signature, which allows remote attackers to cause a denial of service (resource consumption) via a valid modified signature for a circulating alert." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-4684", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bitcointalk.org/index.php?topic=148109.0", - "refsource" : "CONFIRM", - "url" : "https://bitcointalk.org/index.php?topic=148109.0" - }, - { - "name" : "https://bitcointalk.org/index.php?topic=8392.0", - "refsource" : "CONFIRM", - "url" : "https://bitcointalk.org/index.php?topic=8392.0" - }, - { - "name" : "https://en.bitcoin.it/wiki/CVE-2012-4684", - "refsource" : "CONFIRM", - "url" : "https://en.bitcoin.it/wiki/CVE-2012-4684" - }, - { - "name" : "https://en.bitcoin.it/wiki/CVEs", - "refsource" : "CONFIRM", - "url" : "https://en.bitcoin.it/wiki/CVEs" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The alert functionality in bitcoind and Bitcoin-Qt before 0.7.0 supports different character representations of the same signature data, but relies on a hash of this signature, which allows remote attackers to cause a denial of service (resource consumption) via a valid modified signature for a circulating alert." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://en.bitcoin.it/wiki/CVE-2012-4684", + "refsource": "CONFIRM", + "url": "https://en.bitcoin.it/wiki/CVE-2012-4684" + }, + { + "name": "https://en.bitcoin.it/wiki/CVEs", + "refsource": "CONFIRM", + "url": "https://en.bitcoin.it/wiki/CVEs" + }, + { + "name": "https://bitcointalk.org/index.php?topic=8392.0", + "refsource": "CONFIRM", + "url": "https://bitcointalk.org/index.php?topic=8392.0" + }, + { + "name": "https://bitcointalk.org/index.php?topic=148109.0", + "refsource": "CONFIRM", + "url": "https://bitcointalk.org/index.php?topic=148109.0" + } + ] + } +} \ No newline at end of file diff --git a/2012/6xxx/CVE-2012-6473.json b/2012/6xxx/CVE-2012-6473.json index d8f8d68646d..5e0be18934e 100644 --- a/2012/6xxx/CVE-2012-6473.json +++ b/2012/6xxx/CVE-2012-6473.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-6473", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-6473", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/6xxx/CVE-2012-6504.json b/2012/6xxx/CVE-2012-6504.json index 6e10fccb9e9..5518f4c359d 100644 --- a/2012/6xxx/CVE-2012-6504.json +++ b/2012/6xxx/CVE-2012-6504.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-6504", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in mods/hours/data/get_hours.php in PHP Volunteer Management 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-6504", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20120426 PHP Volunteer Management 'id' 1.0.2 Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2012-04/0206.html" - }, - { - "name" : "18788", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/18788" - }, - { - "name" : "53261", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/53261" - }, - { - "name" : "81494", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/81494" - }, - { - "name" : "48988", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48988" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in mods/hours/data/get_hours.php in PHP Volunteer Management 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "48988", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48988" + }, + { + "name": "53261", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/53261" + }, + { + "name": "18788", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/18788" + }, + { + "name": "20120426 PHP Volunteer Management 'id' 1.0.2 Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2012-04/0206.html" + }, + { + "name": "81494", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/81494" + } + ] + } +} \ No newline at end of file diff --git a/2015/5xxx/CVE-2015-5208.json b/2015/5xxx/CVE-2015-5208.json index 4c835f02750..e1dec746b6e 100644 --- a/2015/5xxx/CVE-2015-5208.json +++ b/2015/5xxx/CVE-2015-5208.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-5208", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apache Cordova iOS before 4.0.0 allows remote attackers to execute arbitrary plugins via a link." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-5208", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160427 CVE-2015-5208 - Arbitrary plugin execution issue in Apache Cordova iOS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/538210/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/136839/Apache-Cordova-iOS-3.9.1-Arbitrary-Plugin-Execution.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/136839/Apache-Cordova-iOS-3.9.1-Arbitrary-Plugin-Execution.html" - }, - { - "name" : "https://cordova.apache.org/announcements/2016/04/27/security.html", - "refsource" : "CONFIRM", - "url" : "https://cordova.apache.org/announcements/2016/04/27/security.html" - }, - { - "name" : "JVN#41772178", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN41772178/index.html" - }, - { - "name" : "JVNDB-2016-000059", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000059.html" - }, - { - "name" : "88797", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/88797" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apache Cordova iOS before 4.0.0 allows remote attackers to execute arbitrary plugins via a link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://cordova.apache.org/announcements/2016/04/27/security.html", + "refsource": "CONFIRM", + "url": "https://cordova.apache.org/announcements/2016/04/27/security.html" + }, + { + "name": "JVN#41772178", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN41772178/index.html" + }, + { + "name": "JVNDB-2016-000059", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000059.html" + }, + { + "name": "88797", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/88797" + }, + { + "name": "http://packetstormsecurity.com/files/136839/Apache-Cordova-iOS-3.9.1-Arbitrary-Plugin-Execution.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/136839/Apache-Cordova-iOS-3.9.1-Arbitrary-Plugin-Execution.html" + }, + { + "name": "20160427 CVE-2015-5208 - Arbitrary plugin execution issue in Apache Cordova iOS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/538210/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2017/2xxx/CVE-2017-2777.json b/2017/2xxx/CVE-2017-2777.json index 20253f39774..acc123b0a01 100644 --- a/2017/2xxx/CVE-2017-2777.json +++ b/2017/2xxx/CVE-2017-2777.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "talos-cna@cisco.com", - "DATE_PUBLIC" : "2017-02-27T00:00:00", - "ID" : "CVE-2017-2777", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Argus", - "version" : { - "version_data" : [ - { - "version_value" : "6.6.05 (Sep 22 2016) NK" - } - ] - } - } - ] - }, - "vendor_name" : "Iceni" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An exploitable heap overflow vulnerability exists in the ipStringCreate function of Iceni Argus Version 6.6.05. A specially crafted pdf file can cause an integer overflow resulting in heap overflow. An attacker can send file to trigger this vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "integer overflow" - } + "CVE_data_meta": { + "ASSIGNER": "talos-cna@cisco.com", + "DATE_PUBLIC": "2017-02-27T00:00:00", + "ID": "CVE-2017-2777", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Argus", + "version": { + "version_data": [ + { + "version_value": "6.6.05 (Sep 22 2016) NK" + } + ] + } + } + ] + }, + "vendor_name": "Iceni" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0271", - "refsource" : "MISC", - "url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0271" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An exploitable heap overflow vulnerability exists in the ipStringCreate function of Iceni Argus Version 6.6.05. A specially crafted pdf file can cause an integer overflow resulting in heap overflow. An attacker can send file to trigger this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "integer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0271", + "refsource": "MISC", + "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0271" + } + ] + } +} \ No newline at end of file diff --git a/2017/2xxx/CVE-2017-2850.json b/2017/2xxx/CVE-2017-2850.json index 2661d3df331..aec59a293a4 100644 --- a/2017/2xxx/CVE-2017-2850.json +++ b/2017/2xxx/CVE-2017-2850.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "talos-cna@cisco.com", - "DATE_PUBLIC" : "2017-06-19T00:00:00", - "ID" : "CVE-2017-2850", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Indoor IP Camera C1 Series", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "Foscam" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary characters in the pureftpd.passwd file during a username change, which in turn allows for bypassing chroot restrictions in the FTP server. An attacker can simply send an HTTP request to the device to trigger this vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "password injection" - } + "CVE_data_meta": { + "ASSIGNER": "talos-cna@cisco.com", + "DATE_PUBLIC": "2017-06-19T00:00:00", + "ID": "CVE-2017-2850", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Indoor IP Camera C1 Series", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Foscam" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0352", - "refsource" : "MISC", - "url" : "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0352" - }, - { - "name" : "99184", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99184" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary characters in the pureftpd.passwd file during a username change, which in turn allows for bypassing chroot restrictions in the FTP server. An attacker can simply send an HTTP request to the device to trigger this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "password injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "99184", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99184" + }, + { + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0352", + "refsource": "MISC", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2017-0352" + } + ] + } +} \ No newline at end of file diff --git a/2017/6xxx/CVE-2017-6413.json b/2017/6xxx/CVE-2017-6413.json index 11b773a166a..74c8386d734 100644 --- a/2017/6xxx/CVE-2017-6413.json +++ b/2017/6xxx/CVE-2017-6413.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-6413", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The \"OpenID Connect Relying Party and OAuth 2.0 Resource Server\" (aka mod_auth_openidc) module before 2.1.6 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an \"AuthType oauth20\" configuration, which allows remote attackers to bypass authentication via crafted HTTP traffic." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-6413", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/pingidentity/mod_auth_openidc/blob/master/ChangeLog", - "refsource" : "CONFIRM", - "url" : "https://github.com/pingidentity/mod_auth_openidc/blob/master/ChangeLog" - }, - { - "name" : "https://github.com/pingidentity/mod_auth_openidc/commit/21e3728a825c41ab41efa75e664108051bb9665e", - "refsource" : "CONFIRM", - "url" : "https://github.com/pingidentity/mod_auth_openidc/commit/21e3728a825c41ab41efa75e664108051bb9665e" - }, - { - "name" : "https://github.com/pingidentity/mod_auth_openidc/releases/tag/v2.1.6", - "refsource" : "CONFIRM", - "url" : "https://github.com/pingidentity/mod_auth_openidc/releases/tag/v2.1.6" - }, - { - "name" : "96549", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96549" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The \"OpenID Connect Relying Party and OAuth 2.0 Resource Server\" (aka mod_auth_openidc) module before 2.1.6 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an \"AuthType oauth20\" configuration, which allows remote attackers to bypass authentication via crafted HTTP traffic." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/pingidentity/mod_auth_openidc/blob/master/ChangeLog", + "refsource": "CONFIRM", + "url": "https://github.com/pingidentity/mod_auth_openidc/blob/master/ChangeLog" + }, + { + "name": "https://github.com/pingidentity/mod_auth_openidc/releases/tag/v2.1.6", + "refsource": "CONFIRM", + "url": "https://github.com/pingidentity/mod_auth_openidc/releases/tag/v2.1.6" + }, + { + "name": "https://github.com/pingidentity/mod_auth_openidc/commit/21e3728a825c41ab41efa75e664108051bb9665e", + "refsource": "CONFIRM", + "url": "https://github.com/pingidentity/mod_auth_openidc/commit/21e3728a825c41ab41efa75e664108051bb9665e" + }, + { + "name": "96549", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96549" + } + ] + } +} \ No newline at end of file diff --git a/2017/6xxx/CVE-2017-6551.json b/2017/6xxx/CVE-2017-6551.json index cdcf3f2dea9..e0dd2edf5d5 100644 --- a/2017/6xxx/CVE-2017-6551.json +++ b/2017/6xxx/CVE-2017-6551.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-6551", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Pexip Infinity before 14.2 allows remote attackers to cause a denial of service (service restart) or execute arbitrary code via vectors related to Conferencing Nodes." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-6551", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.pexip.com/sites/pexip/files/Pexip_Security_Bulletin_2017-04-10.pdf", - "refsource" : "CONFIRM", - "url" : "https://www.pexip.com/sites/pexip/files/Pexip_Security_Bulletin_2017-04-10.pdf" - }, - { - "name" : "97954", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97954" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Pexip Infinity before 14.2 allows remote attackers to cause a denial of service (service restart) or execute arbitrary code via vectors related to Conferencing Nodes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "97954", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97954" + }, + { + "name": "https://www.pexip.com/sites/pexip/files/Pexip_Security_Bulletin_2017-04-10.pdf", + "refsource": "CONFIRM", + "url": "https://www.pexip.com/sites/pexip/files/Pexip_Security_Bulletin_2017-04-10.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2018/11xxx/CVE-2018-11468.json b/2018/11xxx/CVE-2018-11468.json index 4a1f2b90d9a..44d0147b819 100644 --- a/2018/11xxx/CVE-2018-11468.json +++ b/2018/11xxx/CVE-2018-11468.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-11468", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The __mkd_trim_line function in mkdio.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-11468", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20180908 [SECURITY] [DLA 1499-1] discount security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/09/msg00009.html" - }, - { - "name" : "https://github.com/Orc/discount/issues/189", - "refsource" : "MISC", - "url" : "https://github.com/Orc/discount/issues/189" - }, - { - "name" : "DSA-4293", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4293" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The __mkd_trim_line function in mkdio.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/Orc/discount/issues/189", + "refsource": "MISC", + "url": "https://github.com/Orc/discount/issues/189" + }, + { + "name": "[debian-lts-announce] 20180908 [SECURITY] [DLA 1499-1] discount security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00009.html" + }, + { + "name": "DSA-4293", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4293" + } + ] + } +} \ No newline at end of file diff --git a/2018/11xxx/CVE-2018-11693.json b/2018/11xxx/CVE-2018-11693.json index d154b50ee94..09c5b2577d4 100644 --- a/2018/11xxx/CVE-2018-11693.json +++ b/2018/11xxx/CVE-2018-11693.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-11693", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::skip_over_scopes which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-11693", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/sass/libsass/issues/2661", - "refsource" : "MISC", - "url" : "https://github.com/sass/libsass/issues/2661" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::skip_over_scopes which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/sass/libsass/issues/2661", + "refsource": "MISC", + "url": "https://github.com/sass/libsass/issues/2661" + } + ] + } +} \ No newline at end of file diff --git a/2018/11xxx/CVE-2018-11869.json b/2018/11xxx/CVE-2018-11869.json index 68b853ea62d..29b33b39162 100644 --- a/2018/11xxx/CVE-2018-11869.json +++ b/2018/11xxx/CVE-2018-11869.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "ID" : "CVE-2018-11869", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to buffer overflow in WMA handler." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Buffer Copy Without Checking Size of Input in WLAN" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "ID": "CVE-2018-11869", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android for MSM, Firefox OS for MSM, QRD Android", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=e359db47f1e334886eaaf1d71a4754dd312be01c", - "refsource" : "CONFIRM", - "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=e359db47f1e334886eaaf1d71a4754dd312be01c" - }, - { - "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", - "refsource" : "CONFIRM", - "url" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to buffer overflow in WMA handler." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer Copy Without Checking Size of Input in WLAN" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin", + "refsource": "CONFIRM", + "url": "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin" + }, + { + "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=e359db47f1e334886eaaf1d71a4754dd312be01c", + "refsource": "CONFIRM", + "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=e359db47f1e334886eaaf1d71a4754dd312be01c" + } + ] + } +} \ No newline at end of file diff --git a/2018/11xxx/CVE-2018-11954.json b/2018/11xxx/CVE-2018-11954.json index 7133d35f2f7..737f2e48894 100644 --- a/2018/11xxx/CVE-2018-11954.json +++ b/2018/11xxx/CVE-2018-11954.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-11954", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-11954", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/14xxx/CVE-2018-14372.json b/2018/14xxx/CVE-2018-14372.json index 8d16eb55470..8aef699289a 100644 --- a/2018/14xxx/CVE-2018-14372.json +++ b/2018/14xxx/CVE-2018-14372.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-14372", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-14372", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/14xxx/CVE-2018-14564.json b/2018/14xxx/CVE-2018-14564.json index 492299b786c..507898e7cd1 100644 --- a/2018/14xxx/CVE-2018-14564.json +++ b/2018/14xxx/CVE-2018-14564.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-14564", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in libthulac.so in THULAC through 2018-02-25. A SEGV can occur in NGramFeature::find_bases in include/cb_ngram_feature.h." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-14564", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/thunlp/THULAC/issues/35#issuecomment-405788715", - "refsource" : "MISC", - "url" : "https://github.com/thunlp/THULAC/issues/35#issuecomment-405788715" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in libthulac.so in THULAC through 2018-02-25. A SEGV can occur in NGramFeature::find_bases in include/cb_ngram_feature.h." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/thunlp/THULAC/issues/35#issuecomment-405788715", + "refsource": "MISC", + "url": "https://github.com/thunlp/THULAC/issues/35#issuecomment-405788715" + } + ] + } +} \ No newline at end of file diff --git a/2018/15xxx/CVE-2018-15211.json b/2018/15xxx/CVE-2018-15211.json index 7faed2eae5a..9691da168a3 100644 --- a/2018/15xxx/CVE-2018-15211.json +++ b/2018/15xxx/CVE-2018-15211.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-15211", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-15211", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/15xxx/CVE-2018-15235.json b/2018/15xxx/CVE-2018-15235.json index 61c55c2ada1..d1b9c8a230e 100644 --- a/2018/15xxx/CVE-2018-15235.json +++ b/2018/15xxx/CVE-2018-15235.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-15235", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-15235", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/15xxx/CVE-2018-15312.json b/2018/15xxx/CVE-2018-15312.json index 811e7a60c0e..63464582432 100644 --- a/2018/15xxx/CVE-2018-15312.json +++ b/2018/15xxx/CVE-2018-15312.json @@ -1,71 +1,71 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "f5sirt@f5.com", - "DATE_PUBLIC" : "2018-10-17T00:00:00", - "ID" : "CVE-2018-15312", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)", - "version" : { - "version_data" : [ - { - "version_value" : "13.0.0-13.1.1.1" - }, - { - "version_value" : "12.1.0-12.1.3.6" - } - ] - } - } - ] - }, - "vendor_name" : "F5 Networks, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, a reflected Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an authenticated user to execute JavaScript for the currently logged-in user." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "XSS" - } + "CVE_data_meta": { + "ASSIGNER": "f5sirt@f5.com", + "DATE_PUBLIC": "2018-10-17T00:00:00", + "ID": "CVE-2018-15312", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)", + "version": { + "version_data": [ + { + "version_value": "13.0.0-13.1.1.1" + }, + { + "version_value": "12.1.0-12.1.3.6" + } + ] + } + } + ] + }, + "vendor_name": "F5 Networks, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.f5.com/csp/article/K44462254", - "refsource" : "CONFIRM", - "url" : "https://support.f5.com/csp/article/K44462254" - }, - { - "name" : "1041932", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041932" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, a reflected Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an authenticated user to execute JavaScript for the currently logged-in user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "XSS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1041932", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041932" + }, + { + "name": "https://support.f5.com/csp/article/K44462254", + "refsource": "CONFIRM", + "url": "https://support.f5.com/csp/article/K44462254" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20403.json b/2018/20xxx/CVE-2018-20403.json index c8151c377bf..77dfa254538 100644 --- a/2018/20xxx/CVE-2018-20403.json +++ b/2018/20xxx/CVE-2018-20403.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-20403", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20403", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20500.json b/2018/20xxx/CVE-2018-20500.json index 8055a5025a5..cb3971bcd32 100644 --- a/2018/20xxx/CVE-2018-20500.json +++ b/2018/20xxx/CVE-2018-20500.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-20500", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20500", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/8xxx/CVE-2018-8334.json b/2018/8xxx/CVE-2018-8334.json index 2892fee0eae..2273cd4d78f 100644 --- a/2018/8xxx/CVE-2018-8334.json +++ b/2018/8xxx/CVE-2018-8334.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-8334", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-8334", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file