From 94dcdcb03a2a454e04b96cb72535645464f596a4 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 01:09:47 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2003/1xxx/CVE-2003-1399.json | 140 +++++++-------- 2004/0xxx/CVE-2004-0096.json | 150 ++++++++--------- 2004/0xxx/CVE-2004-0099.json | 150 ++++++++--------- 2004/0xxx/CVE-2004-0407.json | 180 ++++++++++---------- 2004/0xxx/CVE-2004-0744.json | 160 +++++++++--------- 2004/1xxx/CVE-2004-1634.json | 150 ++++++++--------- 2004/1xxx/CVE-2004-1765.json | 180 ++++++++++---------- 2004/1xxx/CVE-2004-1813.json | 140 +++++++-------- 2004/2xxx/CVE-2004-2076.json | 140 +++++++-------- 2004/2xxx/CVE-2004-2573.json | 140 +++++++-------- 2004/2xxx/CVE-2004-2634.json | 200 +++++++++++----------- 2008/2xxx/CVE-2008-2307.json | 300 ++++++++++++++++----------------- 2008/2xxx/CVE-2008-2681.json | 150 ++++++++--------- 2008/2xxx/CVE-2008-2915.json | 160 +++++++++--------- 2008/6xxx/CVE-2008-6049.json | 34 ++-- 2008/6xxx/CVE-2008-6170.json | 190 ++++++++++----------- 2008/6xxx/CVE-2008-6678.json | 170 +++++++++---------- 2008/6xxx/CVE-2008-6796.json | 150 ++++++++--------- 2008/7xxx/CVE-2008-7022.json | 130 +++++++------- 2008/7xxx/CVE-2008-7088.json | 140 +++++++-------- 2012/5xxx/CVE-2012-5034.json | 34 ++-- 2012/5xxx/CVE-2012-5036.json | 120 ++++++------- 2012/5xxx/CVE-2012-5139.json | 150 ++++++++--------- 2012/5xxx/CVE-2012-5353.json | 130 +++++++------- 2017/11xxx/CVE-2017-11214.json | 160 +++++++++--------- 2017/11xxx/CVE-2017-11512.json | 132 +++++++-------- 2017/11xxx/CVE-2017-11592.json | 120 ++++++------- 2017/15xxx/CVE-2017-15177.json | 34 ++-- 2017/15xxx/CVE-2017-15201.json | 150 ++++++++--------- 2017/3xxx/CVE-2017-3177.json | 34 ++-- 2017/3xxx/CVE-2017-3667.json | 34 ++-- 2017/3xxx/CVE-2017-3686.json | 34 ++-- 2017/3xxx/CVE-2017-3691.json | 34 ++-- 2017/8xxx/CVE-2017-8052.json | 130 +++++++------- 2017/8xxx/CVE-2017-8545.json | 140 +++++++-------- 2017/8xxx/CVE-2017-8869.json | 120 ++++++------- 2017/8xxx/CVE-2017-8876.json | 120 ++++++------- 2018/12xxx/CVE-2018-12200.json | 122 +++++++------- 2018/12xxx/CVE-2018-12517.json | 34 ++-- 2018/12xxx/CVE-2018-12688.json | 120 ++++++------- 2018/12xxx/CVE-2018-12733.json | 34 ++-- 2018/12xxx/CVE-2018-12737.json | 34 ++-- 2018/13xxx/CVE-2018-13371.json | 34 ++-- 2018/13xxx/CVE-2018-13585.json | 130 +++++++------- 2018/13xxx/CVE-2018-13822.json | 132 +++++++-------- 2018/13xxx/CVE-2018-13908.json | 34 ++-- 2018/16xxx/CVE-2018-16543.json | 170 +++++++++---------- 2018/16xxx/CVE-2018-16687.json | 34 ++-- 2018/16xxx/CVE-2018-16746.json | 34 ++-- 2018/17xxx/CVE-2018-17176.json | 120 ++++++------- 2018/17xxx/CVE-2018-17813.json | 34 ++-- 2018/17xxx/CVE-2018-17837.json | 120 ++++++------- 2018/17xxx/CVE-2018-17928.json | 132 +++++++-------- 53 files changed, 3074 insertions(+), 3074 deletions(-) diff --git a/2003/1xxx/CVE-2003-1399.json b/2003/1xxx/CVE-2003-1399.json index e37af1b0ce0..9ab3099e639 100644 --- a/2003/1xxx/CVE-2003-1399.json +++ b/2003/1xxx/CVE-2003-1399.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2003-1399", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "eject 2.0.10, when installed setuid on systems such as SuSE Linux 7.3, generates different error messages depending on whether a specified file exists or not, which allows local users to obtain sensitive information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2003-1399", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20030222 eject 2.0.10 vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2003-02/0278.html" - }, - { - "name" : "6914", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/6914" - }, - { - "name" : "linux-eject-information-disclosure(11380)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11380" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "eject 2.0.10, when installed setuid on systems such as SuSE Linux 7.3, generates different error messages depending on whether a specified file exists or not, which allows local users to obtain sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "6914", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/6914" + }, + { + "name": "20030222 eject 2.0.10 vulnerability", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0278.html" + }, + { + "name": "linux-eject-information-disclosure(11380)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11380" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0096.json b/2004/0xxx/CVE-2004-0096.json index 6803a0dcb45..504b09bc7a5 100644 --- a/2004/0xxx/CVE-2004-0096.json +++ b/2004/0xxx/CVE-2004-0096.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0096", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0096", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[mod_python] 20040122 [ANNOUNCE] Mod_python 2.7.10", - "refsource" : "MLIST", - "url" : "http://www.modpython.org/pipermail/mod_python/2004-January/014879.html" - }, - { - "name" : "GLSA-200401-03", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200401-03.xml" - }, - { - "name" : "RHSA-2004:058", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2004-058.html" - }, - { - "name" : "RHSA-2004:063", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2004-063.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2004:058", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2004-058.html" + }, + { + "name": "RHSA-2004:063", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2004-063.html" + }, + { + "name": "GLSA-200401-03", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200401-03.xml" + }, + { + "name": "[mod_python] 20040122 [ANNOUNCE] Mod_python 2.7.10", + "refsource": "MLIST", + "url": "http://www.modpython.org/pipermail/mod_python/2004-January/014879.html" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0099.json b/2004/0xxx/CVE-2004-0099.json index d9af2c2d1cd..22967897031 100644 --- a/2004/0xxx/CVE-2004-0099.json +++ b/2004/0xxx/CVE-2004-0099.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0099", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "mksnap_ffs in FreeBSD 5.1 and 5.2 only sets the snapshot flag when creating a snapshot for a file system, which causes default values for other flags to be used, possibly disabling security-critical settings and allowing a local user to bypass intended access restrictions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0099", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "FreeBSD-SA-04:01", - "refsource" : "FREEBSD", - "url" : "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:01.mksnap_ffs.asc" - }, - { - "name" : "9533", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/9533" - }, - { - "name" : "freebsd-mksnapffs-bypass-security(15005)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15005" - }, - { - "name" : "3790", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/3790" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "mksnap_ffs in FreeBSD 5.1 and 5.2 only sets the snapshot flag when creating a snapshot for a file system, which causes default values for other flags to be used, possibly disabling security-critical settings and allowing a local user to bypass intended access restrictions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FreeBSD-SA-04:01", + "refsource": "FREEBSD", + "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:01.mksnap_ffs.asc" + }, + { + "name": "3790", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/3790" + }, + { + "name": "freebsd-mksnapffs-bypass-security(15005)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15005" + }, + { + "name": "9533", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/9533" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0407.json b/2004/0xxx/CVE-2004-0407.json index d3b1428571a..f74cd1df272 100644 --- a/2004/0xxx/CVE-2004-0407.json +++ b/2004/0xxx/CVE-2004-0407.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0407", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The HTML form upload capability in ColdFusion MX 6.1 does not reclaim disk space if an upload is interrupted, which allows remote attackers to cause a denial of service (disk consumption) by repeatedly uploading files and interrupting the uploads before they finish." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0407", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040416 [securityzone@macromedia.com: New Macromedia Security Zone Bulletin Posted]", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=108213782629001&w=2" - }, - { - "name" : "http://www.macromedia.com/devnet/security/security_zone/mpsb04-06.html", - "refsource" : "CONFIRM", - "url" : "http://www.macromedia.com/devnet/security/security_zone/mpsb04-06.html" - }, - { - "name" : "10158", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10158" - }, - { - "name" : "5402", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/5402" - }, - { - "name" : "1009825", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1009825" - }, - { - "name" : "11392", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11392" - }, - { - "name" : "coldfusion-upload-file-dos(15882)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15882" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The HTML form upload capability in ColdFusion MX 6.1 does not reclaim disk space if an upload is interrupted, which allows remote attackers to cause a denial of service (disk consumption) by repeatedly uploading files and interrupting the uploads before they finish." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "10158", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10158" + }, + { + "name": "1009825", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1009825" + }, + { + "name": "11392", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11392" + }, + { + "name": "coldfusion-upload-file-dos(15882)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15882" + }, + { + "name": "5402", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/5402" + }, + { + "name": "20040416 [securityzone@macromedia.com: New Macromedia Security Zone Bulletin Posted]", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=108213782629001&w=2" + }, + { + "name": "http://www.macromedia.com/devnet/security/security_zone/mpsb04-06.html", + "refsource": "CONFIRM", + "url": "http://www.macromedia.com/devnet/security/security_zone/mpsb04-06.html" + } + ] + } +} \ No newline at end of file diff --git a/2004/0xxx/CVE-2004-0744.json b/2004/0xxx/CVE-2004-0744.json index b2f4a011ae3..037de82a958 100644 --- a/2004/0xxx/CVE-2004-0744.json +++ b/2004/0xxx/CVE-2004-0744.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0744", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The TCP/IP Networking component in Mac OS X before 10.3.5 allows remote attackers to cause a denial of service (memory and resource consumption) via a \"Rose Attack\" that involves sending a subset of small IP fragments that do not form a complete, larger packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0744", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040331 IPv4 fragmentation --> The Rose Attack", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=108075899619193&w=2" - }, - { - "name" : "20040427 Source Code To Test IPv4 fragmentation --> The Rose Attack", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=108308604119618&w=2" - }, - { - "name" : "http://digital.net/~gandalf/Rose_Frag_Attack_Explained.txt", - "refsource" : "MISC", - "url" : "http://digital.net/~gandalf/Rose_Frag_Attack_Explained.txt" - }, - { - "name" : "APPLE-SA-2004-09-09", - "refsource" : "APPLE", - "url" : "http://www.auscert.org.au/render.html?it=4291" - }, - { - "name" : "macos-tcp-ip-dos(16946)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16946" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The TCP/IP Networking component in Mac OS X before 10.3.5 allows remote attackers to cause a denial of service (memory and resource consumption) via a \"Rose Attack\" that involves sending a subset of small IP fragments that do not form a complete, larger packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "macos-tcp-ip-dos(16946)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16946" + }, + { + "name": "APPLE-SA-2004-09-09", + "refsource": "APPLE", + "url": "http://www.auscert.org.au/render.html?it=4291" + }, + { + "name": "20040331 IPv4 fragmentation --> The Rose Attack", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=108075899619193&w=2" + }, + { + "name": "20040427 Source Code To Test IPv4 fragmentation --> The Rose Attack", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=108308604119618&w=2" + }, + { + "name": "http://digital.net/~gandalf/Rose_Frag_Attack_Explained.txt", + "refsource": "MISC", + "url": "http://digital.net/~gandalf/Rose_Frag_Attack_Explained.txt" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1634.json b/2004/1xxx/CVE-2004-1634.json index 767156ec6b6..165a536093c 100644 --- a/2004/1xxx/CVE-2004-1634.json +++ b/2004/1xxx/CVE-2004-1634.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1634", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "show_bug.cgi in Bugzilla 2.17.1 through 2.18rc2 and 2.19 from CVS, when using the insidergroup feature and exporting a bug to XML, shows comments and attachment summaries which are marked as private, which allows remote attackers to gain sensitive information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1634", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20041025 [BUGZILLA] Vulnerabilities in Bugzilla 2.16.6 and 2.18rc2", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=109872095201238&w=2" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=263780", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=263780" - }, - { - "name" : "11511", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11511" - }, - { - "name" : "bugzilla-xml-information-disclosure(17841)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17841" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "show_bug.cgi in Bugzilla 2.17.1 through 2.18rc2 and 2.19 from CVS, when using the insidergroup feature and exporting a bug to XML, shows comments and attachment summaries which are marked as private, which allows remote attackers to gain sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20041025 [BUGZILLA] Vulnerabilities in Bugzilla 2.16.6 and 2.18rc2", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=109872095201238&w=2" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=263780", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=263780" + }, + { + "name": "bugzilla-xml-information-disclosure(17841)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17841" + }, + { + "name": "11511", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11511" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1765.json b/2004/1xxx/CVE-2004-1765.json index 474458eaabd..2bec168ffda 100644 --- a/2004/1xxx/CVE-2004-1765.json +++ b/2004/1xxx/CVE-2004-1765.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1765", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for Apache 2.x, when SecFilterScanPost is enabled, allows remote attackers to execute arbitrary code via crafted POST requests." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1765", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040316 ModSecurity 1.7.4 for Apache 2.x remote off-by-one overflow", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=107945597331370&w=2" - }, - { - "name" : "http://www.s-quadra.com/advisories/Adv-20040315.txt", - "refsource" : "MISC", - "url" : "http://www.s-quadra.com/advisories/Adv-20040315.txt" - }, - { - "name" : "http://www.modsecurity.org/", - "refsource" : "CONFIRM", - "url" : "http://www.modsecurity.org/" - }, - { - "name" : "VU#779438", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/779438" - }, - { - "name" : "9885", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/9885" - }, - { - "name" : "11138", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11138" - }, - { - "name" : "mod-security-offbyone-bo(15489)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15489" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for Apache 2.x, when SecFilterScanPost is enabled, allows remote attackers to execute arbitrary code via crafted POST requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20040316 ModSecurity 1.7.4 for Apache 2.x remote off-by-one overflow", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=107945597331370&w=2" + }, + { + "name": "9885", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/9885" + }, + { + "name": "mod-security-offbyone-bo(15489)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15489" + }, + { + "name": "11138", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11138" + }, + { + "name": "http://www.s-quadra.com/advisories/Adv-20040315.txt", + "refsource": "MISC", + "url": "http://www.s-quadra.com/advisories/Adv-20040315.txt" + }, + { + "name": "VU#779438", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/779438" + }, + { + "name": "http://www.modsecurity.org/", + "refsource": "CONFIRM", + "url": "http://www.modsecurity.org/" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1813.json b/2004/1xxx/CVE-2004-1813.json index 224aaefa15c..01c9cd6f66b 100644 --- a/2004/1xxx/CVE-2004-1813.json +++ b/2004/1xxx/CVE-2004-1813.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1813", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "VocalTec VGW4/8 Gateway 8.0 allows remote attackers to bypass authentication via an HTTP request to home.asp with a trailing slash (/)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1813", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040315 VocalTec Gateway 8 Reverse Directory Transversal + Authorization Bypass", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=107936739131657&w=2" - }, - { - "name" : "9876", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/9876" - }, - { - "name" : "vgw48-gateway-directory-traversal(15476)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15476" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "VocalTec VGW4/8 Gateway 8.0 allows remote attackers to bypass authentication via an HTTP request to home.asp with a trailing slash (/)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20040315 VocalTec Gateway 8 Reverse Directory Transversal + Authorization Bypass", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=107936739131657&w=2" + }, + { + "name": "vgw48-gateway-directory-traversal(15476)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15476" + }, + { + "name": "9876", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/9876" + } + ] + } +} \ No newline at end of file diff --git a/2004/2xxx/CVE-2004-2076.json b/2004/2xxx/CVE-2004-2076.json index 163f113660e..6737cba560e 100644 --- a/2004/2xxx/CVE-2004-2076.json +++ b/2004/2xxx/CVE-2004-2076.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-2076", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in search.php for Jelsoft vBulletin 3.0.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the query parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-2076", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040213 vBulletin PHP Forum Version", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/353869" - }, - { - "name" : "9656", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/9656" - }, - { - "name" : "vbulletin-search-xss(15208)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15208" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in search.php for Jelsoft vBulletin 3.0.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the query parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20040213 vBulletin PHP Forum Version", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/353869" + }, + { + "name": "9656", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/9656" + }, + { + "name": "vbulletin-search-xss(15208)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15208" + } + ] + } +} \ No newline at end of file diff --git a/2004/2xxx/CVE-2004-2573.json b/2004/2xxx/CVE-2004-2573.json index e5cc00a04d0..330ffac81f7 100644 --- a/2004/2xxx/CVE-2004-2573.json +++ b/2004/2xxx/CVE-2004-2573.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-2573", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in tables_update.inc.php in phpGroupWare 0.9.14.005 and earlier allows remote attackers to execute arbitrary PHP code via an external URL in the appdir parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-2573", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://savannah.gnu.org/bugs/?func=detailitem&item_id=7478", - "refsource" : "CONFIRM", - "url" : "https://savannah.gnu.org/bugs/?func=detailitem&item_id=7478" - }, - { - "name" : "12074", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/12074" - }, - { - "name" : "7599", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/7599" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in tables_update.inc.php in phpGroupWare 0.9.14.005 and earlier allows remote attackers to execute arbitrary PHP code via an external URL in the appdir parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "12074", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/12074" + }, + { + "name": "https://savannah.gnu.org/bugs/?func=detailitem&item_id=7478", + "refsource": "CONFIRM", + "url": "https://savannah.gnu.org/bugs/?func=detailitem&item_id=7478" + }, + { + "name": "7599", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/7599" + } + ] + } +} \ No newline at end of file diff --git a/2004/2xxx/CVE-2004-2634.json b/2004/2xxx/CVE-2004-2634.json index 181fdf1c81f..64a0c1cbb83 100644 --- a/2004/2xxx/CVE-2004-2634.json +++ b/2004/2xxx/CVE-2004-2634.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-2634", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX 5.1 and 5.2 allow local users to overwrite arbitrary files via a symlink attack on temporary files via unknown attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-2634", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs?mode=18&ID=279", - "refsource" : "CONFIRM", - "url" : "https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs?mode=18&ID=279" - }, - { - "name" : "IY55789", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/search.wss?rs=0&q=IY55789&apar=only" - }, - { - "name" : "IY55790", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/search.wss?rs=0&q=IY55790&apar=only" - }, - { - "name" : "10231", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10231" - }, - { - "name" : "5711", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/5711" - }, - { - "name" : "5712", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/5712" - }, - { - "name" : "1009975", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1009975" - }, - { - "name" : "11496", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11496" - }, - { - "name" : "aix-console-commands-symlink(16008)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16008" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) bos.rte.serv_aid or (2) bos.rte.console filesets in IBM AIX 5.1 and 5.2 allow local users to overwrite arbitrary files via a symlink attack on temporary files via unknown attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "5711", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/5711" + }, + { + "name": "5712", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/5712" + }, + { + "name": "11496", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11496" + }, + { + "name": "10231", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10231" + }, + { + "name": "https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs?mode=18&ID=279", + "refsource": "CONFIRM", + "url": "https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs?mode=18&ID=279" + }, + { + "name": "aix-console-commands-symlink(16008)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16008" + }, + { + "name": "IY55790", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY55790&apar=only" + }, + { + "name": "IY55789", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY55789&apar=only" + }, + { + "name": "1009975", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1009975" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2307.json b/2008/2xxx/CVE-2008-2307.json index f732283d3d9..c26f582a25c 100644 --- a/2008/2xxx/CVE-2008-2307.json +++ b/2008/2xxx/CVE-2008-2307.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2307", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as distributed in Mac OS X before 10.5.4, and standalone for Windows and Mac OS X 10.4, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors involving JavaScript arrays that trigger memory corruption." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2307", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT2163", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT2163" - }, - { - "name" : "http://support.apple.com/kb/HT2165", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT2165" - }, - { - "name" : "http://support.apple.com/kb/HT2092", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT2092" - }, - { - "name" : "APPLE-SA-2008-06-19", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008//Jun/msg00001.html" - }, - { - "name" : "APPLE-SA-2008-06-30", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008//Jun/msg00003.html" - }, - { - "name" : "APPLE-SA-2008-07-11", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html" - }, - { - "name" : "FEDORA-2008-6186", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00279.html" - }, - { - "name" : "FEDORA-2008-6220", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00319.html" - }, - { - "name" : "VU#361043", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/361043" - }, - { - "name" : "29836", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29836" - }, - { - "name" : "ADV-2008-1882", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1882/references" - }, - { - "name" : "ADV-2008-1980", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1980" - }, - { - "name" : "ADV-2008-1981", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1981/references" - }, - { - "name" : "ADV-2008-2094", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2094/references" - }, - { - "name" : "1020330", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1020330" - }, - { - "name" : "30775", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30775" - }, - { - "name" : "30801", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30801" - }, - { - "name" : "30992", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30992" - }, - { - "name" : "31074", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31074" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as distributed in Mac OS X before 10.5.4, and standalone for Windows and Mac OS X 10.4, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors involving JavaScript arrays that trigger memory corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.apple.com/kb/HT2163", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT2163" + }, + { + "name": "FEDORA-2008-6220", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00319.html" + }, + { + "name": "ADV-2008-1981", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1981/references" + }, + { + "name": "http://support.apple.com/kb/HT2165", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT2165" + }, + { + "name": "FEDORA-2008-6186", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00279.html" + }, + { + "name": "30775", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30775" + }, + { + "name": "APPLE-SA-2008-06-30", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00003.html" + }, + { + "name": "30801", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30801" + }, + { + "name": "ADV-2008-1882", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1882/references" + }, + { + "name": "http://support.apple.com/kb/HT2092", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT2092" + }, + { + "name": "30992", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30992" + }, + { + "name": "APPLE-SA-2008-07-11", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html" + }, + { + "name": "VU#361043", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/361043" + }, + { + "name": "29836", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29836" + }, + { + "name": "ADV-2008-2094", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2094/references" + }, + { + "name": "APPLE-SA-2008-06-19", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00001.html" + }, + { + "name": "1020330", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1020330" + }, + { + "name": "31074", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31074" + }, + { + "name": "ADV-2008-1980", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1980" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2681.json b/2008/2xxx/CVE-2008-2681.json index 70647a0f820..f7715d8a83e 100644 --- a/2008/2xxx/CVE-2008-2681.json +++ b/2008/2xxx/CVE-2008-2681.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2681", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Realm CMS 2.3 and earlier allows remote attackers to obtain sensitive information via a direct request to _db/compact.asp, which reveals the database path in an error message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2681", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "5766", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/5766" - }, - { - "name" : "http://bugreport.ir/index.php?/40", - "refsource" : "MISC", - "url" : "http://bugreport.ir/index.php?/40" - }, - { - "name" : "30583", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30583" - }, - { - "name" : "realm-compact-information-disclosure(42956)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42956" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Realm CMS 2.3 and earlier allows remote attackers to obtain sensitive information via a direct request to _db/compact.asp, which reveals the database path in an error message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "realm-compact-information-disclosure(42956)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42956" + }, + { + "name": "http://bugreport.ir/index.php?/40", + "refsource": "MISC", + "url": "http://bugreport.ir/index.php?/40" + }, + { + "name": "5766", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/5766" + }, + { + "name": "30583", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30583" + } + ] + } +} \ No newline at end of file diff --git a/2008/2xxx/CVE-2008-2915.json b/2008/2xxx/CVE-2008-2915.json index 1c99308c4e4..3419614fe29 100644 --- a/2008/2xxx/CVE-2008-2915.json +++ b/2008/2xxx/CVE-2008-2915.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-2915", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in jobseekers/JobSearch.php (aka the search module) in Pre Job Board allow remote attackers to execute arbitrary SQL commands via the (1) position or (2) kw parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-2915", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "5809", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/5809" - }, - { - "name" : "http://www.spanish-hackers.com/vuln/joss-42.txt", - "refsource" : "MISC", - "url" : "http://www.spanish-hackers.com/vuln/joss-42.txt" - }, - { - "name" : "29717", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29717" - }, - { - "name" : "30684", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30684" - }, - { - "name" : "prejobboard-jobsearch-sql-injection(43094)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43094" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in jobseekers/JobSearch.php (aka the search module) in Pre Job Board allow remote attackers to execute arbitrary SQL commands via the (1) position or (2) kw parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.spanish-hackers.com/vuln/joss-42.txt", + "refsource": "MISC", + "url": "http://www.spanish-hackers.com/vuln/joss-42.txt" + }, + { + "name": "5809", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/5809" + }, + { + "name": "30684", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30684" + }, + { + "name": "prejobboard-jobsearch-sql-injection(43094)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43094" + }, + { + "name": "29717", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29717" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6049.json b/2008/6xxx/CVE-2008-6049.json index 744061e2fe8..cf3b72ba695 100644 --- a/2008/6xxx/CVE-2008-6049.json +++ b/2008/6xxx/CVE-2008-6049.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6049", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** SQL injection vulnerability in index.php in TinyMCE 2.0.1 allows remote attackers to execute arbitrary SQL commands via the menuID parameter. NOTE: CVE and multiple reliable third parties dispute this issue, since TinyMCE does not contain index.php or any PHP code. This may be an issue in a product that has integrated TinyMCE." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2008-6049", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** SQL injection vulnerability in index.php in TinyMCE 2.0.1 allows remote attackers to execute arbitrary SQL commands via the menuID parameter. NOTE: CVE and multiple reliable third parties dispute this issue, since TinyMCE does not contain index.php or any PHP code. This may be an issue in a product that has integrated TinyMCE." + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6170.json b/2008/6xxx/CVE-2008-6170.json index 89d99bb56b0..33f7aa7be4b 100644 --- a/2008/6xxx/CVE-2008-6170.json +++ b/2008/6xxx/CVE-2008-6170.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6170", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.12 and 6.x before 6.6 allows remote authenticated users with create book content or edit node book hierarchy permissions to inject arbitrary web script or HTML via the book page title." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6170", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://drupal.org/node/324824", - "refsource" : "CONFIRM", - "url" : "http://drupal.org/node/324824" - }, - { - "name" : "FEDORA-2008-9170", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00783.html" - }, - { - "name" : "FEDORA-2008-9213", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00826.html" - }, - { - "name" : "31882", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31882" - }, - { - "name" : "32297", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32297" - }, - { - "name" : "32441", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32441" - }, - { - "name" : "ADV-2008-2913", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2913" - }, - { - "name" : "drupal-book-page-xss(46052)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46052" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.12 and 6.x before 6.6 allows remote authenticated users with create book content or edit node book hierarchy permissions to inject arbitrary web script or HTML via the book page title." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://drupal.org/node/324824", + "refsource": "CONFIRM", + "url": "http://drupal.org/node/324824" + }, + { + "name": "31882", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31882" + }, + { + "name": "32441", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32441" + }, + { + "name": "32297", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32297" + }, + { + "name": "drupal-book-page-xss(46052)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46052" + }, + { + "name": "FEDORA-2008-9170", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00783.html" + }, + { + "name": "FEDORA-2008-9213", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00826.html" + }, + { + "name": "ADV-2008-2913", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2913" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6678.json b/2008/6xxx/CVE-2008-6678.json index 55519a71361..9600f7b06be 100644 --- a/2008/6xxx/CVE-2008-6678.json +++ b/2008/6xxx/CVE-2008-6678.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6678", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in asp/includes/contact.asp in QuickerSite 1.8.5 allows remote attackers to execute arbitrary SQL commands via the sNickName parameter in a profile action to default.asp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6678", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.bugreport.ir/39/exploit.htm", - "refsource" : "MISC", - "url" : "http://www.bugreport.ir/39/exploit.htm" - }, - { - "name" : "http://www.bugreport.ir/index_39.htm", - "refsource" : "MISC", - "url" : "http://www.bugreport.ir/index_39.htm" - }, - { - "name" : "29524", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29524" - }, - { - "name" : "46228", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/46228" - }, - { - "name" : "30501", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30501" - }, - { - "name" : "quickersite-snickname-sql-injection(42866)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42866" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in asp/includes/contact.asp in QuickerSite 1.8.5 allows remote attackers to execute arbitrary SQL commands via the sNickName parameter in a profile action to default.asp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.bugreport.ir/39/exploit.htm", + "refsource": "MISC", + "url": "http://www.bugreport.ir/39/exploit.htm" + }, + { + "name": "46228", + "refsource": "OSVDB", + "url": "http://osvdb.org/46228" + }, + { + "name": "quickersite-snickname-sql-injection(42866)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42866" + }, + { + "name": "http://www.bugreport.ir/index_39.htm", + "refsource": "MISC", + "url": "http://www.bugreport.ir/index_39.htm" + }, + { + "name": "30501", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30501" + }, + { + "name": "29524", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29524" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6796.json b/2008/6xxx/CVE-2008-6796.json index 280314b2e73..a99f933aa9a 100644 --- a/2008/6xxx/CVE-2008-6796.json +++ b/2008/6xxx/CVE-2008-6796.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6796", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in manager/login.php in Pre Projects Pre Real Estate Listings allows remote attackers to execute arbitrary SQL commands via the username1 parameter (aka the Admin field or Username field)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6796", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "7008", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/7008" - }, - { - "name" : "32134", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32134" - }, - { - "name" : "ADV-2008-3026", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/3026" - }, - { - "name" : "prerealestatelistings-login-sql-injection(46394)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46394" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in manager/login.php in Pre Projects Pre Real Estate Listings allows remote attackers to execute arbitrary SQL commands via the username1 parameter (aka the Admin field or Username field)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "prerealestatelistings-login-sql-injection(46394)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46394" + }, + { + "name": "ADV-2008-3026", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/3026" + }, + { + "name": "7008", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/7008" + }, + { + "name": "32134", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32134" + } + ] + } +} \ No newline at end of file diff --git a/2008/7xxx/CVE-2008-7022.json b/2008/7xxx/CVE-2008-7022.json index d90ae51a7c1..6434d06dc57 100644 --- a/2008/7xxx/CVE-2008-7022.json +++ b/2008/7xxx/CVE-2008-7022.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-7022", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Insecure method vulnerability in ChilkatMail_v7_9.dll in the Chilkat Software IMAP ActiveX control (ChilkatMail2.ChilkatMailMan2.1) allows remote attackers to execute arbitrary programs via the LoadXmlEmail method." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-7022", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6600", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6600" - }, - { - "name" : "chilkatimap-loadxmlemail-unauth-access(45532)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45532" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Insecure method vulnerability in ChilkatMail_v7_9.dll in the Chilkat Software IMAP ActiveX control (ChilkatMail2.ChilkatMailMan2.1) allows remote attackers to execute arbitrary programs via the LoadXmlEmail method." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "6600", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6600" + }, + { + "name": "chilkatimap-loadxmlemail-unauth-access(45532)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45532" + } + ] + } +} \ No newline at end of file diff --git a/2008/7xxx/CVE-2008-7088.json b/2008/7xxx/CVE-2008-7088.json index 328847fcfa5..e3344ed9a32 100644 --- a/2008/7xxx/CVE-2008-7088.json +++ b/2008/7xxx/CVE-2008-7088.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-7088", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unrestricted file upload vulnerability in upload.php in PhotoPost vBGallery 2.4.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in a certain path. NOTE: this may be the same vulnerability as CVE-2008-0251, but this is not clear due to lack of details from the vendor." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-7088", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6082", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6082" - }, - { - "name" : "30249", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30249" - }, - { - "name" : "vbgallery-upload-file-upload(43845)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43845" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unrestricted file upload vulnerability in upload.php in PhotoPost vBGallery 2.4.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in a certain path. NOTE: this may be the same vulnerability as CVE-2008-0251, but this is not clear due to lack of details from the vendor." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "30249", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30249" + }, + { + "name": "6082", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6082" + }, + { + "name": "vbgallery-upload-file-upload(43845)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43845" + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5034.json b/2012/5xxx/CVE-2012-5034.json index f6f5f28885a..a0b1aa71fe9 100644 --- a/2012/5xxx/CVE-2012-5034.json +++ b/2012/5xxx/CVE-2012-5034.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5034", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-5034", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5036.json b/2012/5xxx/CVE-2012-5036.json index 8f191f2161f..0822153f467 100644 --- a/2012/5xxx/CVE-2012-5036.json +++ b/2012/5xxx/CVE-2012-5036.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5036", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco IOS before 12.2(50)SY1 allows remote authenticated users to cause a denial of service (memory consumption) via a sequence of VTY management sessions (aka exec sessions), aka Bug ID CSCtn43662." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2012-5036", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SY/release/notes/ol_20679.html", - "refsource" : "CONFIRM", - "url" : "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SY/release/notes/ol_20679.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco IOS before 12.2(50)SY1 allows remote authenticated users to cause a denial of service (memory consumption) via a sequence of VTY management sessions (aka exec sessions), aka Bug ID CSCtn43662." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SY/release/notes/ol_20679.html", + "refsource": "CONFIRM", + "url": "http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SY/release/notes/ol_20679.html" + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5139.json b/2012/5xxx/CVE-2012-5139.json index b5303dbe54b..abe14ddf6ab 100644 --- a/2012/5xxx/CVE-2012-5139.json +++ b/2012/5xxx/CVE-2012-5139.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5139", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to visibility events." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2012-5139", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=158204", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=158204" - }, - { - "name" : "openSUSE-SU-2012:1682", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2012-12/msg00073.html" - }, - { - "name" : "oval:org.mitre.oval:def:16064", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16064" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to visibility events." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:16064", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16064" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=158204", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=158204" + }, + { + "name": "http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2012/12/stable-channel-update.html" + }, + { + "name": "openSUSE-SU-2012:1682", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00073.html" + } + ] + } +} \ No newline at end of file diff --git a/2012/5xxx/CVE-2012-5353.json b/2012/5xxx/CVE-2012-5353.json index 00bbd4edd47..ff3fd1ec8fb 100644 --- a/2012/5xxx/CVE-2012-5353.json +++ b/2012/5xxx/CVE-2012-5353.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-5353", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Eduserv OpenAthens SP 2.0 for Java allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a \"Signature exclusion attack.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-5353", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.nds.rub.de/media/nds/veroeffentlichungen/2012/08/22/BreakingSAML_3.pdf", - "refsource" : "MISC", - "url" : "http://www.nds.rub.de/media/nds/veroeffentlichungen/2012/08/22/BreakingSAML_3.pdf" - }, - { - "name" : "http://status.openathens.net/adv.php", - "refsource" : "CONFIRM", - "url" : "http://status.openathens.net/adv.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Eduserv OpenAthens SP 2.0 for Java allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a \"Signature exclusion attack.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://status.openathens.net/adv.php", + "refsource": "CONFIRM", + "url": "http://status.openathens.net/adv.php" + }, + { + "name": "http://www.nds.rub.de/media/nds/veroeffentlichungen/2012/08/22/BreakingSAML_3.pdf", + "refsource": "MISC", + "url": "http://www.nds.rub.de/media/nds/veroeffentlichungen/2012/08/22/BreakingSAML_3.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11214.json b/2017/11xxx/CVE-2017-11214.json index e791bc546ca..f1562dc98bb 100644 --- a/2017/11xxx/CVE-2017-11214.json +++ b/2017/11xxx/CVE-2017-11214.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@adobe.com", - "DATE_PUBLIC" : "2017-08-08T00:00:00", - "ID" : "CVE-2017-11214", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Acrobat Reader", - "version" : { - "version_data" : [ - { - "version_value" : "2017.009.20058 and earlier" - }, - { - "version_value" : "2017.008.30051 and earlier" - }, - { - "version_value" : "2015.006.30306 and earlier" - }, - { - "version_value" : "11.0.20 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Adobe Systems Incorporated" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to rendering a path. Successful exploitation could lead to arbitrary code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Memory Corruption" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "DATE_PUBLIC": "2017-08-08T00:00:00", + "ID": "CVE-2017-11214", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Acrobat Reader", + "version": { + "version_data": [ + { + "version_value": "2017.009.20058 and earlier" + }, + { + "version_value": "2017.008.30051 and earlier" + }, + { + "version_value": "2015.006.30306 and earlier" + }, + { + "version_value": "11.0.20 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "Adobe Systems Incorporated" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html" - }, - { - "name" : "100179", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100179" - }, - { - "name" : "1039098", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039098" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to rendering a path. Successful exploitation could lead to arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Memory Corruption" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html" + }, + { + "name": "1039098", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039098" + }, + { + "name": "100179", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100179" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11512.json b/2017/11xxx/CVE-2017-11512.json index d1e07ff103e..00cdacaa013 100644 --- a/2017/11xxx/CVE-2017-11512.json +++ b/2017/11xxx/CVE-2017-11512.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vulnreport@tenable.com", - "DATE_PUBLIC" : "2017-11-08T00:00:00", - "ID" : "CVE-2017-11512", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "ManageEngine ServiceDesk", - "version" : { - "version_data" : [ - { - "version_value" : "9.3.9328" - } - ] - } - } - ] - }, - "vendor_name" : "Zoho" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the name parameter for the download-snapshot URL. An unauthenticated remote attacker can use this vulnerability to download arbitrary files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-22: Improper Limitation of a Pathname to a Restricted Directory" - } + "CVE_data_meta": { + "ASSIGNER": "vulnreport@tenable.com", + "DATE_PUBLIC": "2017-11-08T00:00:00", + "ID": "CVE-2017-11512", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ManageEngine ServiceDesk", + "version": { + "version_data": [ + { + "version_value": "9.3.9328" + } + ] + } + } + ] + }, + "vendor_name": "Zoho" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.tenable.com/security/research/tra-2017-31", - "refsource" : "MISC", - "url" : "https://www.tenable.com/security/research/tra-2017-31" - }, - { - "name" : "101789", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101789" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the name parameter for the download-snapshot URL. An unauthenticated remote attacker can use this vulnerability to download arbitrary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.tenable.com/security/research/tra-2017-31", + "refsource": "MISC", + "url": "https://www.tenable.com/security/research/tra-2017-31" + }, + { + "name": "101789", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101789" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11592.json b/2017/11xxx/CVE-2017-11592.json index 0c506e0a462..92304c49af5 100644 --- a/2017/11xxx/CVE-2017-11592.json +++ b/2017/11xxx/CVE-2017-11592.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-11592", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "There is a Mismatched Memory Management Routines vulnerability in the Exiv2::FileIo::seek function of Exiv2 0.26 that will lead to a remote denial of service attack (heap memory corruption) via crafted input." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-11592", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1473889", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1473889" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "There is a Mismatched Memory Management Routines vulnerability in the Exiv2::FileIo::seek function of Exiv2 0.26 that will lead to a remote denial of service attack (heap memory corruption) via crafted input." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1473889", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473889" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15177.json b/2017/15xxx/CVE-2017-15177.json index 95d82b25abd..b67918e2ad6 100644 --- a/2017/15xxx/CVE-2017-15177.json +++ b/2017/15xxx/CVE-2017-15177.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15177", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15177", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15201.json b/2017/15xxx/CVE-2017-15201.json index 4c18463be65..c1f00501de5 100644 --- a/2017/15xxx/CVE-2017-15201.json +++ b/2017/15xxx/CVE-2017-15201.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15201", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tags of a private project of another user." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15201", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://openwall.com/lists/oss-security/2017/10/04/9", - "refsource" : "MISC", - "url" : "http://openwall.com/lists/oss-security/2017/10/04/9" - }, - { - "name" : "https://github.com/kanboard/kanboard/commit/074f6c104f3e49401ef0065540338fc2d4be79f0", - "refsource" : "MISC", - "url" : "https://github.com/kanboard/kanboard/commit/074f6c104f3e49401ef0065540338fc2d4be79f0" - }, - { - "name" : "https://github.com/kanboard/kanboard/commit/3e0f14ae2b0b5a44bd038a472f17eac75f538524", - "refsource" : "MISC", - "url" : "https://github.com/kanboard/kanboard/commit/3e0f14ae2b0b5a44bd038a472f17eac75f538524" - }, - { - "name" : "https://kanboard.net/news/version-1.0.47", - "refsource" : "MISC", - "url" : "https://kanboard.net/news/version-1.0.47" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tags of a private project of another user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/kanboard/kanboard/commit/074f6c104f3e49401ef0065540338fc2d4be79f0", + "refsource": "MISC", + "url": "https://github.com/kanboard/kanboard/commit/074f6c104f3e49401ef0065540338fc2d4be79f0" + }, + { + "name": "http://openwall.com/lists/oss-security/2017/10/04/9", + "refsource": "MISC", + "url": "http://openwall.com/lists/oss-security/2017/10/04/9" + }, + { + "name": "https://kanboard.net/news/version-1.0.47", + "refsource": "MISC", + "url": "https://kanboard.net/news/version-1.0.47" + }, + { + "name": "https://github.com/kanboard/kanboard/commit/3e0f14ae2b0b5a44bd038a472f17eac75f538524", + "refsource": "MISC", + "url": "https://github.com/kanboard/kanboard/commit/3e0f14ae2b0b5a44bd038a472f17eac75f538524" + } + ] + } +} \ No newline at end of file diff --git a/2017/3xxx/CVE-2017-3177.json b/2017/3xxx/CVE-2017-3177.json index 8e524c5f40d..a8073124457 100644 --- a/2017/3xxx/CVE-2017-3177.json +++ b/2017/3xxx/CVE-2017-3177.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-3177", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-3177", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/3xxx/CVE-2017-3667.json b/2017/3xxx/CVE-2017-3667.json index cf61d56aff3..ec25d88359a 100644 --- a/2017/3xxx/CVE-2017-3667.json +++ b/2017/3xxx/CVE-2017-3667.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-3667", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-3667", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/3xxx/CVE-2017-3686.json b/2017/3xxx/CVE-2017-3686.json index 9fad5c05b1d..a294ecbdb45 100644 --- a/2017/3xxx/CVE-2017-3686.json +++ b/2017/3xxx/CVE-2017-3686.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-3686", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-3686", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/3xxx/CVE-2017-3691.json b/2017/3xxx/CVE-2017-3691.json index f340819409c..9ad350b4abb 100644 --- a/2017/3xxx/CVE-2017-3691.json +++ b/2017/3xxx/CVE-2017-3691.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-3691", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-3691", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/8xxx/CVE-2017-8052.json b/2017/8xxx/CVE-2017-8052.json index 7efdf3a32f4..0c7a7bf13a4 100644 --- a/2017/8xxx/CVE-2017-8052.json +++ b/2017/8xxx/CVE-2017-8052.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-8052", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Craft CMS before 2.6.2974 allows XSS attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-8052", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://craftcms.com/changelog#2-6-2974", - "refsource" : "CONFIRM", - "url" : "https://craftcms.com/changelog#2-6-2974" - }, - { - "name" : "https://twitter.com/CraftCMS/status/855535309878112256", - "refsource" : "CONFIRM", - "url" : "https://twitter.com/CraftCMS/status/855535309878112256" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Craft CMS before 2.6.2974 allows XSS attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://craftcms.com/changelog#2-6-2974", + "refsource": "CONFIRM", + "url": "https://craftcms.com/changelog#2-6-2974" + }, + { + "name": "https://twitter.com/CraftCMS/status/855535309878112256", + "refsource": "CONFIRM", + "url": "https://twitter.com/CraftCMS/status/855535309878112256" + } + ] + } +} \ No newline at end of file diff --git a/2017/8xxx/CVE-2017-8545.json b/2017/8xxx/CVE-2017-8545.json index 693feeefdb5..7acd763a822 100644 --- a/2017/8xxx/CVE-2017-8545.json +++ b/2017/8xxx/CVE-2017-8545.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2017-8545", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft Outlook for Mac", - "version" : { - "version_data" : [ - { - "version_value" : "Microsoft Outlook 2016 for Mac." - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A spoofing vulnerability exists in when Microsoft Outlook for Mac does not sanitize html properly, aka \"Microsoft Outlook for Mac Spoofing Vulnerability\"." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Spoofing" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2017-8545", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Outlook for Mac", + "version": { + "version_data": [ + { + "version_value": "Microsoft Outlook 2016 for Mac." + } + ] + } + } + ] + }, + "vendor_name": "Microsoft Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8545", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8545" - }, - { - "name" : "98917", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98917" - }, - { - "name" : "1038664", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038664" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A spoofing vulnerability exists in when Microsoft Outlook for Mac does not sanitize html properly, aka \"Microsoft Outlook for Mac Spoofing Vulnerability\"." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Spoofing" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8545", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8545" + }, + { + "name": "98917", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98917" + }, + { + "name": "1038664", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038664" + } + ] + } +} \ No newline at end of file diff --git a/2017/8xxx/CVE-2017-8869.json b/2017/8xxx/CVE-2017-8869.json index 9e6e366f5b5..1ca5e2096a5 100644 --- a/2017/8xxx/CVE-2017-8869.json +++ b/2017/8xxx/CVE-2017-8869.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-8869", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in MediaCoder 0.8.48.5888 allows remote attackers to execute arbitrary code via a crafted .m3u file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-8869", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "42384", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/42384/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in MediaCoder 0.8.48.5888 allows remote attackers to execute arbitrary code via a crafted .m3u file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "42384", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/42384/" + } + ] + } +} \ No newline at end of file diff --git a/2017/8xxx/CVE-2017-8876.json b/2017/8xxx/CVE-2017-8876.json index 8591b85cdca..17f8e5a2c90 100644 --- a/2017/8xxx/CVE-2017-8876.json +++ b/2017/8xxx/CVE-2017-8876.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-8876", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Symphony 2 2.6.11 has XSS in the meta[navigation_group] parameter to content/content.blueprintssections.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-8876", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/DeuxHuitHuit/symphony-2/commit/cd69a2a516e6503c1a1c7e097ee90d255ec3d6b7", - "refsource" : "MISC", - "url" : "https://github.com/DeuxHuitHuit/symphony-2/commit/cd69a2a516e6503c1a1c7e097ee90d255ec3d6b7" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Symphony 2 2.6.11 has XSS in the meta[navigation_group] parameter to content/content.blueprintssections.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/DeuxHuitHuit/symphony-2/commit/cd69a2a516e6503c1a1c7e097ee90d255ec3d6b7", + "refsource": "MISC", + "url": "https://github.com/DeuxHuitHuit/symphony-2/commit/cd69a2a516e6503c1a1c7e097ee90d255ec3d6b7" + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12200.json b/2018/12xxx/CVE-2018-12200.json index ecabae34e63..b6198048746 100644 --- a/2018/12xxx/CVE-2018-12200.json +++ b/2018/12xxx/CVE-2018-12200.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@intel.com", - "DATE_PUBLIC" : "2019-03-12T00:00:00", - "ID" : "CVE-2018-12200", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", - "version" : { - "version_data" : [ - { - "version_value" : "Multiple versions." - } - ] - } - } - ] - }, - "vendor_name" : "Intel Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Insufficient access control in Intel(R) Capability Licensing Service before version 1.50.638.1 may allow an unprivileged user to potentially escalate privileges via local access." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Escalation of Privilege" - } + "CVE_data_meta": { + "ASSIGNER": "secure@intel.com", + "DATE_PUBLIC": "2019-03-12T00:00:00", + "ID": "CVE-2018-12200", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Intel(R) CSME, Server Platform Services, Trusted Execution Engine and Intel(R) Active Management Technology", + "version": { + "version_data": [ + { + "version_value": "Multiple versions." + } + ] + } + } + ] + }, + "vendor_name": "Intel Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", - "refsource" : "CONFIRM", - "url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Insufficient access control in Intel(R) Capability Licensing Service before version 1.50.638.1 may allow an unprivileged user to potentially escalate privileges via local access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Escalation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html", + "refsource": "CONFIRM", + "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00185.html" + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12517.json b/2018/12xxx/CVE-2018-12517.json index 7a168c91ba9..b294656021a 100644 --- a/2018/12xxx/CVE-2018-12517.json +++ b/2018/12xxx/CVE-2018-12517.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12517", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12517", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12688.json b/2018/12xxx/CVE-2018-12688.json index e92ebd6fe44..6d9bf15fef8 100644 --- a/2018/12xxx/CVE-2018-12688.json +++ b/2018/12xxx/CVE-2018-12688.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12688", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "tinyexr 0.9.5 has a segmentation fault in the wav2Decode function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12688", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/syoyo/tinyexr/issues/83", - "refsource" : "MISC", - "url" : "https://github.com/syoyo/tinyexr/issues/83" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "tinyexr 0.9.5 has a segmentation fault in the wav2Decode function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/syoyo/tinyexr/issues/83", + "refsource": "MISC", + "url": "https://github.com/syoyo/tinyexr/issues/83" + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12733.json b/2018/12xxx/CVE-2018-12733.json index 578d693d52d..aeb83e550e7 100644 --- a/2018/12xxx/CVE-2018-12733.json +++ b/2018/12xxx/CVE-2018-12733.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12733", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12733", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/12xxx/CVE-2018-12737.json b/2018/12xxx/CVE-2018-12737.json index f34e3df6f98..736c048aa05 100644 --- a/2018/12xxx/CVE-2018-12737.json +++ b/2018/12xxx/CVE-2018-12737.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-12737", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-12737", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13371.json b/2018/13xxx/CVE-2018-13371.json index ca2e92a5d9b..1e9a7fe2b91 100644 --- a/2018/13xxx/CVE-2018-13371.json +++ b/2018/13xxx/CVE-2018-13371.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13371", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13371", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13585.json b/2018/13xxx/CVE-2018-13585.json index c54ec1db0f3..807d7cd8292 100644 --- a/2018/13xxx/CVE-2018-13585.json +++ b/2018/13xxx/CVE-2018-13585.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13585", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mintToken function of a smart contract implementation for CHERRYCOIN, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13585", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", - "refsource" : "MISC", - "url" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" - }, - { - "name" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/CHERRYCOIN", - "refsource" : "MISC", - "url" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/CHERRYCOIN" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mintToken function of a smart contract implementation for CHERRYCOIN, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/CHERRYCOIN", + "refsource": "MISC", + "url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/CHERRYCOIN" + }, + { + "name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", + "refsource": "MISC", + "url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13822.json b/2018/13xxx/CVE-2018-13822.json index acdaa7800b8..6ceb3a51fc7 100644 --- a/2018/13xxx/CVE-2018-13822.json +++ b/2018/13xxx/CVE-2018-13822.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vuln@ca.com", - "DATE_PUBLIC" : "2018-08-29T00:00:00", - "ID" : "CVE-2018-13822", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "PPM", - "version" : { - "version_data" : [ - { - "version_value" : "15.3 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "CA Technologies" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Unprotected Storage of Credentials" - } + "CVE_data_meta": { + "ASSIGNER": "vuln@ca.com", + "DATE_PUBLIC": "2018-08-29T00:00:00", + "ID": "CVE-2018-13822", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "PPM", + "version": { + "version_data": [ + { + "version_value": "15.3 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "CA Technologies" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html", - "refsource" : "CONFIRM", - "url" : "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html" - }, - { - "name" : "105297", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105297" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Unprotected Storage of Credentials" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "105297", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105297" + }, + { + "name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html", + "refsource": "CONFIRM", + "url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-01--security-notice-for-ca-ppm.html" + } + ] + } +} \ No newline at end of file diff --git a/2018/13xxx/CVE-2018-13908.json b/2018/13xxx/CVE-2018-13908.json index 439b47ca015..41e61b3138a 100644 --- a/2018/13xxx/CVE-2018-13908.json +++ b/2018/13xxx/CVE-2018-13908.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-13908", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-13908", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16543.json b/2018/16xxx/CVE-2018-16543.json index b0d6e28ec35..b9d429d989b 100644 --- a/2018/16xxx/CVE-2018-16543.json +++ b/2018/16xxx/CVE-2018-16543.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-16543", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-16543", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20180930 [SECURITY] [DLA 1527-1] ghostscript security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/09/msg00038.html" - }, - { - "name" : "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5b5536fa88a9e885032bc0df3852c3439399a5c0", - "refsource" : "MISC", - "url" : "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5b5536fa88a9e885032bc0df3852c3439399a5c0" - }, - { - "name" : "https://bugs.ghostscript.com/show_bug.cgi?id=699670", - "refsource" : "MISC", - "url" : "https://bugs.ghostscript.com/show_bug.cgi?id=699670" - }, - { - "name" : "DSA-4288", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4288" - }, - { - "name" : "GLSA-201811-12", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201811-12" - }, - { - "name" : "USN-3768-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3768-1/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5b5536fa88a9e885032bc0df3852c3439399a5c0", + "refsource": "MISC", + "url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5b5536fa88a9e885032bc0df3852c3439399a5c0" + }, + { + "name": "GLSA-201811-12", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201811-12" + }, + { + "name": "USN-3768-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3768-1/" + }, + { + "name": "DSA-4288", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4288" + }, + { + "name": "https://bugs.ghostscript.com/show_bug.cgi?id=699670", + "refsource": "MISC", + "url": "https://bugs.ghostscript.com/show_bug.cgi?id=699670" + }, + { + "name": "[debian-lts-announce] 20180930 [SECURITY] [DLA 1527-1] ghostscript security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00038.html" + } + ] + } +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16687.json b/2018/16xxx/CVE-2018-16687.json index ccb07fac5e5..9f0946c19f1 100644 --- a/2018/16xxx/CVE-2018-16687.json +++ b/2018/16xxx/CVE-2018-16687.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-16687", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-16687", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/16xxx/CVE-2018-16746.json b/2018/16xxx/CVE-2018-16746.json index 29e888d6f08..2be89c098b7 100644 --- a/2018/16xxx/CVE-2018-16746.json +++ b/2018/16xxx/CVE-2018-16746.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-16746", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-16746", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/17xxx/CVE-2018-17176.json b/2018/17xxx/CVE-2018-17176.json index f75aff08c94..ceaae5df307 100644 --- a/2018/17xxx/CVE-2018-17176.json +++ b/2018/17xxx/CVE-2018-17176.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-17176", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. Manual control mode requires authentication, but once recorded, the authentication (always transmitted in cleartext) can be replayed to /bin/webserver on port 8081. There are no nonces, and timestamps are not checked at all." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-17176", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://media.ccc.de/v/2018-124-pinky-brain-are-taking-over-the-world-with-vacuum-cleaners", - "refsource" : "MISC", - "url" : "https://media.ccc.de/v/2018-124-pinky-brain-are-taking-over-the-world-with-vacuum-cleaners" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. Manual control mode requires authentication, but once recorded, the authentication (always transmitted in cleartext) can be replayed to /bin/webserver on port 8081. There are no nonces, and timestamps are not checked at all." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://media.ccc.de/v/2018-124-pinky-brain-are-taking-over-the-world-with-vacuum-cleaners", + "refsource": "MISC", + "url": "https://media.ccc.de/v/2018-124-pinky-brain-are-taking-over-the-world-with-vacuum-cleaners" + } + ] + } +} \ No newline at end of file diff --git a/2018/17xxx/CVE-2018-17813.json b/2018/17xxx/CVE-2018-17813.json index 87cc1cffc2e..122ad10367b 100644 --- a/2018/17xxx/CVE-2018-17813.json +++ b/2018/17xxx/CVE-2018-17813.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-17813", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-17813", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/17xxx/CVE-2018-17837.json b/2018/17xxx/CVE-2018-17837.json index 8bcc8ab78e9..9271bebf0bd 100644 --- a/2018/17xxx/CVE-2018-17837.json +++ b/2018/17xxx/CVE-2018-17837.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-17837", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in JTBC(PHP) 3.0.1.6. Arbitrary file deletion is possible via a /console/file/manage.php?type=action&action=delete&path=c%3A%2F substring." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-17837", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/AvaterXXX/JTBC/blob/master/README.md#arbitrary-file-deletion", - "refsource" : "MISC", - "url" : "https://github.com/AvaterXXX/JTBC/blob/master/README.md#arbitrary-file-deletion" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in JTBC(PHP) 3.0.1.6. Arbitrary file deletion is possible via a /console/file/manage.php?type=action&action=delete&path=c%3A%2F substring." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/AvaterXXX/JTBC/blob/master/README.md#arbitrary-file-deletion", + "refsource": "MISC", + "url": "https://github.com/AvaterXXX/JTBC/blob/master/README.md#arbitrary-file-deletion" + } + ] + } +} \ No newline at end of file diff --git a/2018/17xxx/CVE-2018-17928.json b/2018/17xxx/CVE-2018-17928.json index e40ee258168..b8771bf29d2 100644 --- a/2018/17xxx/CVE-2018-17928.json +++ b/2018/17xxx/CVE-2018-17928.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "ics-cert@hq.dhs.gov", - "DATE_PUBLIC" : "2018-12-18T00:00:00", - "ID" : "CVE-2018-17928", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "CMS-770", - "version" : { - "version_data" : [ - { - "version_value" : "Software Versions 1.7.1 and prior." - } - ] - } - } - ] - }, - "vendor_name" : "ABB" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The product CMS-770 (Software Versions 1.7.1 and prior)is vulnerable that an attacker can read sensitive configuration files by bypassing the user authentication mechanism." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper Authentication CWE-287" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2018-12-18T00:00:00", + "ID": "CVE-2018-17928", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "CMS-770", + "version": { + "version_data": [ + { + "version_value": "Software Versions 1.7.1 and prior." + } + ] + } + } + ] + }, + "vendor_name": "ABB" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-352-06", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-352-06" - }, - { - "name" : "106244", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106244" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The product CMS-770 (Software Versions 1.7.1 and prior)is vulnerable that an attacker can read sensitive configuration files by bypassing the user authentication mechanism." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Authentication CWE-287" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106244", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106244" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-352-06", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-352-06" + } + ] + } +} \ No newline at end of file