From f1735d8115143a2a8c3fbb8e4f018ddcf46ca8f7 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 01:13:58 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2002/0xxx/CVE-2002-0085.json | 170 ++++++++++++------------- 2002/0xxx/CVE-2002-0542.json | 170 ++++++++++++------------- 2002/0xxx/CVE-2002-0543.json | 150 +++++++++++----------- 2002/0xxx/CVE-2002-0588.json | 150 +++++++++++----------- 2002/1xxx/CVE-2002-1308.json | 170 ++++++++++++------------- 2002/1xxx/CVE-2002-1314.json | 34 ++--- 2002/1xxx/CVE-2002-1454.json | 150 +++++++++++----------- 2002/1xxx/CVE-2002-1572.json | 140 ++++++++++----------- 2002/1xxx/CVE-2002-1954.json | 150 +++++++++++----------- 2002/2xxx/CVE-2002-2032.json | 130 +++++++++---------- 2002/2xxx/CVE-2002-2345.json | 140 ++++++++++----------- 2005/1xxx/CVE-2005-1062.json | 140 ++++++++++----------- 2005/1xxx/CVE-2005-1407.json | 120 +++++++++--------- 2005/1xxx/CVE-2005-1724.json | 130 +++++++++---------- 2005/1xxx/CVE-2005-1805.json | 150 +++++++++++----------- 2005/1xxx/CVE-2005-1874.json | 160 ++++++++++++------------ 2005/1xxx/CVE-2005-1910.json | 140 ++++++++++----------- 2009/0xxx/CVE-2009-0926.json | 190 ++++++++++++++-------------- 2012/0xxx/CVE-2012-0265.json | 160 ++++++++++++------------ 2012/0xxx/CVE-2012-0417.json | 150 +++++++++++----------- 2012/2xxx/CVE-2012-2529.json | 140 ++++++++++----------- 2012/2xxx/CVE-2012-2752.json | 180 +++++++++++++-------------- 2012/3xxx/CVE-2012-3038.json | 34 ++--- 2012/3xxx/CVE-2012-3113.json | 180 +++++++++++++-------------- 2012/3xxx/CVE-2012-3179.json | 150 +++++++++++----------- 2012/3xxx/CVE-2012-3532.json | 150 +++++++++++----------- 2012/3xxx/CVE-2012-3721.json | 140 ++++++++++----------- 2012/4xxx/CVE-2012-4084.json | 160 ++++++++++++------------ 2012/4xxx/CVE-2012-4742.json | 130 +++++++++---------- 2012/4xxx/CVE-2012-4793.json | 34 ++--- 2012/6xxx/CVE-2012-6030.json | 220 ++++++++++++++++----------------- 2012/6xxx/CVE-2012-6064.json | 180 +++++++++++++-------------- 2012/6xxx/CVE-2012-6145.json | 150 +++++++++++----------- 2012/6xxx/CVE-2012-6487.json | 34 ++--- 2017/2xxx/CVE-2017-2131.json | 130 +++++++++---------- 2017/2xxx/CVE-2017-2180.json | 120 +++++++++--------- 2017/2xxx/CVE-2017-2413.json | 140 ++++++++++----------- 2017/2xxx/CVE-2017-2763.json | 34 ++--- 2017/6xxx/CVE-2017-6175.json | 34 ++--- 2017/6xxx/CVE-2017-6301.json | 160 ++++++++++++------------ 2017/6xxx/CVE-2017-6361.json | 160 ++++++++++++------------ 2018/11xxx/CVE-2018-11053.json | 206 +++++++++++++++--------------- 2018/11xxx/CVE-2018-11875.json | 120 +++++++++--------- 2018/14xxx/CVE-2018-14000.json | 34 ++--- 2018/14xxx/CVE-2018-14102.json | 34 ++--- 2018/14xxx/CVE-2018-14678.json | 160 ++++++++++++------------ 2018/14xxx/CVE-2018-14902.json | 120 +++++++++--------- 2018/15xxx/CVE-2018-15040.json | 34 ++--- 2018/15xxx/CVE-2018-15841.json | 34 ++--- 2018/15xxx/CVE-2018-15950.json | 140 ++++++++++----------- 2018/20xxx/CVE-2018-20329.json | 130 +++++++++---------- 2018/20xxx/CVE-2018-20433.json | 130 +++++++++---------- 2018/20xxx/CVE-2018-20637.json | 34 ++--- 2018/20xxx/CVE-2018-20711.json | 34 ++--- 2018/9xxx/CVE-2018-9111.json | 120 +++++++++--------- 2018/9xxx/CVE-2018-9327.json | 120 +++++++++--------- 56 files changed, 3502 insertions(+), 3502 deletions(-) diff --git a/2002/0xxx/CVE-2002-0085.json b/2002/0xxx/CVE-2002-0085.json index 483dbf6b7c9..efacee14a6a 100644 --- a/2002/0xxx/CVE-2002-0085.json +++ b/2002/0xxx/CVE-2002-0085.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-0085", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-0085", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20020429 eSecurityOnline Security Advisory 2397 - Sun Solaris admintool -d and PRODVERS buffer overflow vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://online.securityfocus.com/archive/1/270122" - }, - { - "name" : "20020429 eSecurityOnline Security Advisory 4197 - Sun Solaris cachefsd denial of service vulnerability", - "refsource" : "VULNWATCH", - "url" : "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0047.html" - }, - { - "name" : "http://www.esecurityonline.com/advisories/eSO4197.asp", - "refsource" : "MISC", - "url" : "http://www.esecurityonline.com/advisories/eSO4197.asp" - }, - { - "name" : "4634", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/4634" - }, - { - "name" : "oval:org.mitre.oval:def:4329", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4329" - }, - { - "name" : "solaris-cachefsd-rpc-dos(8956)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/8956" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "solaris-cachefsd-rpc-dos(8956)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8956" + }, + { + "name": "oval:org.mitre.oval:def:4329", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4329" + }, + { + "name": "20020429 eSecurityOnline Security Advisory 4197 - Sun Solaris cachefsd denial of service vulnerability", + "refsource": "VULNWATCH", + "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0047.html" + }, + { + "name": "http://www.esecurityonline.com/advisories/eSO4197.asp", + "refsource": "MISC", + "url": "http://www.esecurityonline.com/advisories/eSO4197.asp" + }, + { + "name": "4634", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/4634" + }, + { + "name": "20020429 eSecurityOnline Security Advisory 2397 - Sun Solaris admintool -d and PRODVERS buffer overflow vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://online.securityfocus.com/archive/1/270122" + } + ] + } +} \ No newline at end of file diff --git a/2002/0xxx/CVE-2002-0542.json b/2002/0xxx/CVE-2002-0542.json index c578d3ca708..34afd247ba5 100644 --- a/2002/0xxx/CVE-2002-0542.json +++ b/2002/0xxx/CVE-2002-0542.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-0542", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-0542", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20020411 local root compromise in openbsd 3.0 and below", - "refsource" : "BUGTRAQ", - "url" : "http://online.securityfocus.com/archive/1/267089" - }, - { - "name" : "20020411 OpenBSD Local Root Compromise", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=101855467811695&w=2" - }, - { - "name" : "http://www.openbsd.org/errata30.html#mail", - "refsource" : "CONFIRM", - "url" : "http://www.openbsd.org/errata30.html#mail" - }, - { - "name" : "openbsd-mail-root-privileges(8818)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/8818.php" - }, - { - "name" : "4495", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/4495" - }, - { - "name" : "5269", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/5269" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cron." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.openbsd.org/errata30.html#mail", + "refsource": "CONFIRM", + "url": "http://www.openbsd.org/errata30.html#mail" + }, + { + "name": "20020411 OpenBSD Local Root Compromise", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=101855467811695&w=2" + }, + { + "name": "4495", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/4495" + }, + { + "name": "openbsd-mail-root-privileges(8818)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/8818.php" + }, + { + "name": "20020411 local root compromise in openbsd 3.0 and below", + "refsource": "BUGTRAQ", + "url": "http://online.securityfocus.com/archive/1/267089" + }, + { + "name": "5269", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/5269" + } + ] + } +} \ No newline at end of file diff --git a/2002/0xxx/CVE-2002-0543.json b/2002/0xxx/CVE-2002-0543.json index a1cd47ca4dc..f91e6bef5af 100644 --- a/2002/0xxx/CVE-2002-0543.json +++ b/2002/0xxx/CVE-2002-0543.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-0543", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in Aprelium Abyss Web Server (abyssws) before 1.0.0.2 allows remote attackers to read files outside the web root, including the abyss.conf file, via URL-encoded .. (dot dot) sequences in the HTTP request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-0543", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20020409 Abyss Webserver 1.0 Administration password file retrieval exploit", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2002-04/0110.html" - }, - { - "name" : "http://www.aprelium.com/forum/viewtopic.php?t=24", - "refsource" : "CONFIRM", - "url" : "http://www.aprelium.com/forum/viewtopic.php?t=24" - }, - { - "name" : "4466", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/4466" - }, - { - "name" : "abyss-unicode-directory-traversal(8805)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/8805.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in Aprelium Abyss Web Server (abyssws) before 1.0.0.2 allows remote attackers to read files outside the web root, including the abyss.conf file, via URL-encoded .. (dot dot) sequences in the HTTP request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.aprelium.com/forum/viewtopic.php?t=24", + "refsource": "CONFIRM", + "url": "http://www.aprelium.com/forum/viewtopic.php?t=24" + }, + { + "name": "abyss-unicode-directory-traversal(8805)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/8805.php" + }, + { + "name": "20020409 Abyss Webserver 1.0 Administration password file retrieval exploit", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0110.html" + }, + { + "name": "4466", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/4466" + } + ] + } +} \ No newline at end of file diff --git a/2002/0xxx/CVE-2002-0588.json b/2002/0xxx/CVE-2002-0588.json index 6460a47c292..deb3e3076f9 100644 --- a/2002/0xxx/CVE-2002-0588.json +++ b/2002/0xxx/CVE-2002-0588.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-0588", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PVote before 1.9 does not authenticate users for restricted operations, which allows remote attackers to add or delete polls by modifying parameters to (1) add.php or (2) del.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-0588", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20020418 [[ TH 026 Inc. ]] SA #1 - Multiple vulnerabilities in PVote 1.5", - "refsource" : "BUGTRAQ", - "url" : "http://online.securityfocus.com/archive/1/268231" - }, - { - "name" : "http://orbit-net.net:8001/php/pvote/", - "refsource" : "CONFIRM", - "url" : "http://orbit-net.net:8001/php/pvote/" - }, - { - "name" : "pvote-add-delete-polls(8877)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/8877.php" - }, - { - "name" : "4540", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/4540" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PVote before 1.9 does not authenticate users for restricted operations, which allows remote attackers to add or delete polls by modifying parameters to (1) add.php or (2) del.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "pvote-add-delete-polls(8877)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/8877.php" + }, + { + "name": "4540", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/4540" + }, + { + "name": "20020418 [[ TH 026 Inc. ]] SA #1 - Multiple vulnerabilities in PVote 1.5", + "refsource": "BUGTRAQ", + "url": "http://online.securityfocus.com/archive/1/268231" + }, + { + "name": "http://orbit-net.net:8001/php/pvote/", + "refsource": "CONFIRM", + "url": "http://orbit-net.net:8001/php/pvote/" + } + ] + } +} \ No newline at end of file diff --git a/2002/1xxx/CVE-2002-1308.json b/2002/1xxx/CVE-2002-1308.json index 974aa71d03e..180294f9efa 100644 --- a/2002/1xxx/CVE-2002-1308.json +++ b/2002/1xxx/CVE-2002-1308.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-1308", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-1308", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20021114 Netscape/Mozilla: Exploitable heap corruption via jar: URI handler.", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=103730181813075&w=2" - }, - { - "name" : "http://bugzilla.mozilla.org/show_bug.cgi?id=157646", - "refsource" : "MISC", - "url" : "http://bugzilla.mozilla.org/show_bug.cgi?id=157646" - }, - { - "name" : "RHSA-2003:162", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2003-162.html" - }, - { - "name" : "RHSA-2003:163", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2003-163.html" - }, - { - "name" : "mozilla-netscape-jar-bo(10636)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/10636" - }, - { - "name" : "6185", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/6185" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20021114 Netscape/Mozilla: Exploitable heap corruption via jar: URI handler.", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=103730181813075&w=2" + }, + { + "name": "mozilla-netscape-jar-bo(10636)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10636" + }, + { + "name": "6185", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/6185" + }, + { + "name": "http://bugzilla.mozilla.org/show_bug.cgi?id=157646", + "refsource": "MISC", + "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=157646" + }, + { + "name": "RHSA-2003:163", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2003-163.html" + }, + { + "name": "RHSA-2003:162", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2003-162.html" + } + ] + } +} \ No newline at end of file diff --git a/2002/1xxx/CVE-2002-1314.json b/2002/1xxx/CVE-2002-1314.json index 378d62261d7..8437373e994 100644 --- a/2002/1xxx/CVE-2002-1314.json +++ b/2002/1xxx/CVE-2002-1314.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-1314", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-1314", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2002/1xxx/CVE-2002-1454.json b/2002/1xxx/CVE-2002-1454.json index aa11affc043..f1cc0358437 100644 --- a/2002/1xxx/CVE-2002-1454.json +++ b/2002/1xxx/CVE-2002-1454.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-1454", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "MyWebServer 1.0.2 allows remote attackers to determine the absolute path of the web document root via a request for a directory that does not exist, which leaks the pathname in an error message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-1454", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20020814 new bugs in MyWebServer", - "refsource" : "VULNWATCH", - "url" : "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0077.html" - }, - { - "name" : "20020814 new bugs in MyWebServer", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=102935720109934&w=2" - }, - { - "name" : "mywebserver-invalid-path-disclosure(9862)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/9862.php" - }, - { - "name" : "5471", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/5471" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "MyWebServer 1.0.2 allows remote attackers to determine the absolute path of the web document root via a request for a directory that does not exist, which leaks the pathname in an error message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20020814 new bugs in MyWebServer", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=102935720109934&w=2" + }, + { + "name": "20020814 new bugs in MyWebServer", + "refsource": "VULNWATCH", + "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0077.html" + }, + { + "name": "5471", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/5471" + }, + { + "name": "mywebserver-invalid-path-disclosure(9862)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/9862.php" + } + ] + } +} \ No newline at end of file diff --git a/2002/1xxx/CVE-2002-1572.json b/2002/1xxx/CVE-2002-1572.json index f5dcfa15ebb..f157b0ae985 100644 --- a/2002/1xxx/CVE-2002-1572.json +++ b/2002/1xxx/CVE-2002-1572.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-1572", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-1572", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://linux.bkbits.net:8080/linux-2.4/cset@3d6badc0mxsPaOTT_GuPVxCp1_ormw", - "refsource" : "CONFIRM", - "url" : "http://linux.bkbits.net:8080/linux-2.4/cset@3d6badc0mxsPaOTT_GuPVxCp1_ormw" - }, - { - "name" : "RHSA-2002:205", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2002-205.html" - }, - { - "name" : "RHSA-2002:206", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2002-206.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2002:206", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2002-206.html" + }, + { + "name": "http://linux.bkbits.net:8080/linux-2.4/cset@3d6badc0mxsPaOTT_GuPVxCp1_ormw", + "refsource": "CONFIRM", + "url": "http://linux.bkbits.net:8080/linux-2.4/cset@3d6badc0mxsPaOTT_GuPVxCp1_ormw" + }, + { + "name": "RHSA-2002:205", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2002-205.html" + } + ] + } +} \ No newline at end of file diff --git a/2002/1xxx/CVE-2002-1954.json b/2002/1xxx/CVE-2002-1954.json index c6bfc345909..db0a5255b40 100644 --- a/2002/1xxx/CVE-2002-1954.json +++ b/2002/1xxx/CVE-2002-1954.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-1954", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.2.3 allows remote attackers to inject arbitrary web script or HTML via the query string argument, as demonstrated using soinfo.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-1954", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20021013 PHP Information Functions May Allow Cross-Site Scripting", - "refsource" : "VULNWATCH", - "url" : "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0021.html" - }, - { - "name" : "20030603 PHP XSS exploit in phpinfo()", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2003-06/0027.html" - }, - { - "name" : "http://www.techie.hopto.org/vulns/2002-36.txt", - "refsource" : "MISC", - "url" : "http://www.techie.hopto.org/vulns/2002-36.txt" - }, - { - "name" : "php-phpinfo-xss(10355)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/10355.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.2.3 allows remote attackers to inject arbitrary web script or HTML via the query string argument, as demonstrated using soinfo.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20030603 PHP XSS exploit in phpinfo()", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2003-06/0027.html" + }, + { + "name": "20021013 PHP Information Functions May Allow Cross-Site Scripting", + "refsource": "VULNWATCH", + "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0021.html" + }, + { + "name": "php-phpinfo-xss(10355)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/10355.php" + }, + { + "name": "http://www.techie.hopto.org/vulns/2002-36.txt", + "refsource": "MISC", + "url": "http://www.techie.hopto.org/vulns/2002-36.txt" + } + ] + } +} \ No newline at end of file diff --git a/2002/2xxx/CVE-2002-2032.json b/2002/2xxx/CVE-2002-2032.json index 4a4972bb9a9..6eaddd22193 100644 --- a/2002/2xxx/CVE-2002-2032.json +++ b/2002/2xxx/CVE-2002-2032.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-2032", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "sql_layer.php in PHP-Nuke 5.4 and earlier does not restrict access to debugging features, which allows remote attackers to gain SQL query information by setting the sql_debug parameter to (1) index.php and (2) modules.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-2032", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.securityfaq.com/unixfocus/5OP041P6BE.html", - "refsource" : "MISC", - "url" : "http://www.securityfaq.com/unixfocus/5OP041P6BE.html" - }, - { - "name" : "3906", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/3906" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "sql_layer.php in PHP-Nuke 5.4 and earlier does not restrict access to debugging features, which allows remote attackers to gain SQL query information by setting the sql_debug parameter to (1) index.php and (2) modules.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3906", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/3906" + }, + { + "name": "http://www.securityfaq.com/unixfocus/5OP041P6BE.html", + "refsource": "MISC", + "url": "http://www.securityfaq.com/unixfocus/5OP041P6BE.html" + } + ] + } +} \ No newline at end of file diff --git a/2002/2xxx/CVE-2002-2345.json b/2002/2xxx/CVE-2002-2345.json index 8726c445ed6..9424b40d4aa 100644 --- a/2002/2xxx/CVE-2002-2345.json +++ b/2002/2xxx/CVE-2002-2345.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2002-2345", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Oracle 9i Application Server 9.0.2 stores the web cache administrator interface password in plaintext, which allows remote attackers to gain access." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2002-2345", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://otn.oracle.com/deploy/security/pdf/2002alert39rev1.pdf", - "refsource" : "CONFIRM", - "url" : "http://otn.oracle.com/deploy/security/pdf/2002alert39rev1.pdf" - }, - { - "name" : "7395", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/7395" - }, - { - "name" : "oracle-appserver-webcachepw-unencrypted(9841)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/9841.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Oracle 9i Application Server 9.0.2 stores the web cache administrator interface password in plaintext, which allows remote attackers to gain access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "7395", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/7395" + }, + { + "name": "oracle-appserver-webcachepw-unencrypted(9841)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/9841.php" + }, + { + "name": "http://otn.oracle.com/deploy/security/pdf/2002alert39rev1.pdf", + "refsource": "CONFIRM", + "url": "http://otn.oracle.com/deploy/security/pdf/2002alert39rev1.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2005/1xxx/CVE-2005-1062.json b/2005/1xxx/CVE-2005-1062.json index a3690f56fdb..21d36b9e729 100644 --- a/2005/1xxx/CVE-2005-1062.json +++ b/2005/1xxx/CVE-2005-1062.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-1062", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to quickly obtain passwords that are 5 characters or less via brute force methods." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-1062", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050429 [CAN-2005-1062] Administration protocol abuse allows local/remote password cracking", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/397221" - }, - { - "name" : "http://research.tic.udc.es/scg/advisories/20050429-1.txt", - "refsource" : "MISC", - "url" : "http://research.tic.udc.es/scg/advisories/20050429-1.txt" - }, - { - "name" : "http://www.kerio.com/security_advisory.html", - "refsource" : "CONFIRM", - "url" : "http://www.kerio.com/security_advisory.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to quickly obtain passwords that are 5 characters or less via brute force methods." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://research.tic.udc.es/scg/advisories/20050429-1.txt", + "refsource": "MISC", + "url": "http://research.tic.udc.es/scg/advisories/20050429-1.txt" + }, + { + "name": "20050429 [CAN-2005-1062] Administration protocol abuse allows local/remote password cracking", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/397221" + }, + { + "name": "http://www.kerio.com/security_advisory.html", + "refsource": "CONFIRM", + "url": "http://www.kerio.com/security_advisory.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/1xxx/CVE-2005-1407.json b/2005/1xxx/CVE-2005-1407.json index 2fe9ac42176..473ef8cb97e 100644 --- a/2005/1xxx/CVE-2005-1407.json +++ b/2005/1xxx/CVE-2005-1407.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-1407", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the identity check for an authorized application, then call arbitrary Skype API functions by modifying or replacing that application." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-1407", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.skype.com/security/ssa-2005-01.html", - "refsource" : "CONFIRM", - "url" : "http://www.skype.com/security/ssa-2005-01.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the identity check for an authorized application, then call arbitrary Skype API functions by modifying or replacing that application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.skype.com/security/ssa-2005-01.html", + "refsource": "CONFIRM", + "url": "http://www.skype.com/security/ssa-2005-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/1xxx/CVE-2005-1724.json b/2005/1xxx/CVE-2005-1724.json index b6c7d6bbdff..b6604f75b38 100644 --- a/2005/1xxx/CVE-2005-1724.json +++ b/2005/1xxx/CVE-2005-1724.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-1724", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NFS on Apple Mac OS X 10.4.x up to 10.4.1 does not properly obey the -network or -mask flags for a filesystem and exports it to everyone, which allows remote attackers to bypass intended access restrictions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-1724", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "APPLE-SA-2005-06-08", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html" - }, - { - "name" : "1014142", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014142" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NFS on Apple Mac OS X 10.4.x up to 10.4.1 does not properly obey the -network or -mask flags for a filesystem and exports it to everyone, which allows remote attackers to bypass intended access restrictions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2005-06-08", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html" + }, + { + "name": "1014142", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014142" + } + ] + } +} \ No newline at end of file diff --git a/2005/1xxx/CVE-2005-1805.json b/2005/1xxx/CVE-2005-1805.json index 347a948deb1..777c0033031 100644 --- a/2005/1xxx/CVE-2005-1805.json +++ b/2005/1xxx/CVE-2005-1805.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-1805", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in login.asp in an unknown product by Online Solutions for Educators (OS4E) allows remote attackers to execute arbitrary SQL commands via the password." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-1805", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.under9round.com/os4e.txt", - "refsource" : "MISC", - "url" : "http://www.under9round.com/os4e.txt" - }, - { - "name" : "13804", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/13804" - }, - { - "name" : "ADV-2005-0645", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/0645" - }, - { - "name" : "1014072", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014072" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in login.asp in an unknown product by Online Solutions for Educators (OS4E) allows remote attackers to execute arbitrary SQL commands via the password." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "13804", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/13804" + }, + { + "name": "1014072", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014072" + }, + { + "name": "http://www.under9round.com/os4e.txt", + "refsource": "MISC", + "url": "http://www.under9round.com/os4e.txt" + }, + { + "name": "ADV-2005-0645", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/0645" + } + ] + } +} \ No newline at end of file diff --git a/2005/1xxx/CVE-2005-1874.json b/2005/1xxx/CVE-2005-1874.json index 3a95041fa80..0e22b6a474f 100644 --- a/2005/1xxx/CVE-2005-1874.json +++ b/2005/1xxx/CVE-2005-1874.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-1874", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in Dzip before 2.9 allows remote attackers to create arbitrary files via a filename containing a .. (dot dot) in a .dz archive." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-1874", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=93079", - "refsource" : "MISC", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=93079" - }, - { - "name" : "GLSA-200506-03", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200506-03.xml" - }, - { - "name" : "ADV-2005-0692", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/0692" - }, - { - "name" : "15599", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15599" - }, - { - "name" : "15614", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15614" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in Dzip before 2.9 allows remote attackers to create arbitrary files via a filename containing a .. (dot dot) in a .dz archive." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-200506-03", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200506-03.xml" + }, + { + "name": "15599", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15599" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=93079", + "refsource": "MISC", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=93079" + }, + { + "name": "ADV-2005-0692", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/0692" + }, + { + "name": "15614", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15614" + } + ] + } +} \ No newline at end of file diff --git a/2005/1xxx/CVE-2005-1910.json b/2005/1xxx/CVE-2005-1910.json index 79fded4bb75..80345489283 100644 --- a/2005/1xxx/CVE-2005-1910.json +++ b/2005/1xxx/CVE-2005-1910.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-1910", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in login.asp for WWWeb Concepts Events System 1.0 allows remote attackers to execute arbitrary SQL commands via the password." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-1910", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.under9round.com/wecs.txt", - "refsource" : "MISC", - "url" : "http://www.under9round.com/wecs.txt" - }, - { - "name" : "1014104", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014104" - }, - { - "name" : "15595", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15595" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in login.asp for WWWeb Concepts Events System 1.0 allows remote attackers to execute arbitrary SQL commands via the password." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "15595", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15595" + }, + { + "name": "1014104", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014104" + }, + { + "name": "http://www.under9round.com/wecs.txt", + "refsource": "MISC", + "url": "http://www.under9round.com/wecs.txt" + } + ] + } +} \ No newline at end of file diff --git a/2009/0xxx/CVE-2009-0926.json b/2009/0xxx/CVE-2009-0926.json index 4a63137d97e..b5856c5d509 100644 --- a/2009/0xxx/CVE-2009-0926.json +++ b/2009/0xxx/CVE-2009-0926.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-0926", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the UFS filesystem functionality in Sun OpenSolaris snv_86 through snv_91, when running in 32-bit mode on x86 systems, allows local users to cause a denial of service (panic) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6679732." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-0926", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2009-103.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2009-103.htm" - }, - { - "name" : "254628", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-254628-1" - }, - { - "name" : "34137", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/34137" - }, - { - "name" : "1021850", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1021850" - }, - { - "name" : "34331", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34331" - }, - { - "name" : "ADV-2009-0742", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/0742" - }, - { - "name" : "ADV-2009-0876", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/0876" - }, - { - "name" : "solaris-ufs-filesystem-32bit-dos(49283)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49283" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the UFS filesystem functionality in Sun OpenSolaris snv_86 through snv_91, when running in 32-bit mode on x86 systems, allows local users to cause a denial of service (panic) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6679732." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "254628", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-254628-1" + }, + { + "name": "1021850", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1021850" + }, + { + "name": "solaris-ufs-filesystem-32bit-dos(49283)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49283" + }, + { + "name": "ADV-2009-0742", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/0742" + }, + { + "name": "34331", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34331" + }, + { + "name": "34137", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/34137" + }, + { + "name": "ADV-2009-0876", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/0876" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-103.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-103.htm" + } + ] + } +} \ No newline at end of file diff --git a/2012/0xxx/CVE-2012-0265.json b/2012/0xxx/CVE-2012-0265.json index 985e0f881d6..7c1b62e1c4e 100644 --- a/2012/0xxx/CVE-2012-0265.json +++ b/2012/0xxx/CVE-2012-0265.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-0265", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pathname for a file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", + "ID": "CVE-2012-0265", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT5261", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT5261" - }, - { - "name" : "APPLE-SA-2012-05-15-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2012/May/msg00005.html" - }, - { - "name" : "53578", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/53578" - }, - { - "name" : "oval:org.mitre.oval:def:16170", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16170" - }, - { - "name" : "1027065", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1027065" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pathname for a file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1027065", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1027065" + }, + { + "name": "http://support.apple.com/kb/HT5261", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT5261" + }, + { + "name": "oval:org.mitre.oval:def:16170", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16170" + }, + { + "name": "53578", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/53578" + }, + { + "name": "APPLE-SA-2012-05-15-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00005.html" + } + ] + } +} \ No newline at end of file diff --git a/2012/0xxx/CVE-2012-0417.json b/2012/0xxx/CVE-2012-0417.json index db27af448bd..7c514661c6f 100644 --- a/2012/0xxx/CVE-2012-0417.json +++ b/2012/0xxx/CVE-2012-0417.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-0417", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-0417", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://download.novell.com/Download?buildid=O5hTjIiMdMo~", - "refsource" : "CONFIRM", - "url" : "http://download.novell.com/Download?buildid=O5hTjIiMdMo~" - }, - { - "name" : "http://www.novell.com/support/kb/doc.php?id=7010770", - "refsource" : "CONFIRM", - "url" : "http://www.novell.com/support/kb/doc.php?id=7010770" - }, - { - "name" : "https://bugzilla.novell.com/show_bug.cgi?id=740041", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.novell.com/show_bug.cgi?id=740041" - }, - { - "name" : "1027599", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1027599" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.novell.com/show_bug.cgi?id=740041", + "refsource": "CONFIRM", + "url": "https://bugzilla.novell.com/show_bug.cgi?id=740041" + }, + { + "name": "http://www.novell.com/support/kb/doc.php?id=7010770", + "refsource": "CONFIRM", + "url": "http://www.novell.com/support/kb/doc.php?id=7010770" + }, + { + "name": "1027599", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1027599" + }, + { + "name": "http://download.novell.com/Download?buildid=O5hTjIiMdMo~", + "refsource": "CONFIRM", + "url": "http://download.novell.com/Download?buildid=O5hTjIiMdMo~" + } + ] + } +} \ No newline at end of file diff --git a/2012/2xxx/CVE-2012-2529.json b/2012/2xxx/CVE-2012-2529.json index aa49b6711fb..ff7373a9fd2 100644 --- a/2012/2xxx/CVE-2012-2529.json +++ b/2012/2xxx/CVE-2012-2529.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-2529", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka \"Windows Kernel Integer Overflow Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2012-2529", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS12-068", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-068" - }, - { - "name" : "TA12-283A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA12-283A.html" - }, - { - "name" : "oval:org.mitre.oval:def:15867", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15867" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, aka \"Windows Kernel Integer Overflow Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS12-068", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-068" + }, + { + "name": "TA12-283A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA12-283A.html" + }, + { + "name": "oval:org.mitre.oval:def:15867", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15867" + } + ] + } +} \ No newline at end of file diff --git a/2012/2xxx/CVE-2012-2752.json b/2012/2xxx/CVE-2012-2752.json index d504cb3f613..ba5ab86c41a 100644 --- a/2012/2xxx/CVE-2012-2752.json +++ b/2012/2xxx/CVE-2012-2752.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-2752", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in VMware vMA 4.x and 5.x before 5.0.0.2 allows local users to gain privileges via a Trojan horse DLL in the current working directory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-2752", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2012-0010.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2012-0010.html" - }, - { - "name" : "53697", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/53697" - }, - { - "name" : "82276", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/82276" - }, - { - "name" : "1027099", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1027099" - }, - { - "name" : "49300", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/49300" - }, - { - "name" : "49322", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/49322" - }, - { - "name" : "vmware-vma-unspec-priv-esc(75891)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75891" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in VMware vMA 4.x and 5.x before 5.0.0.2 allows local users to gain privileges via a Trojan horse DLL in the current working directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1027099", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1027099" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2012-0010.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2012-0010.html" + }, + { + "name": "49300", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/49300" + }, + { + "name": "53697", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/53697" + }, + { + "name": "82276", + "refsource": "OSVDB", + "url": "http://osvdb.org/82276" + }, + { + "name": "49322", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/49322" + }, + { + "name": "vmware-vma-unspec-priv-esc(75891)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75891" + } + ] + } +} \ No newline at end of file diff --git a/2012/3xxx/CVE-2012-3038.json b/2012/3xxx/CVE-2012-3038.json index 544eb586215..47a867c7fa6 100644 --- a/2012/3xxx/CVE-2012-3038.json +++ b/2012/3xxx/CVE-2012-3038.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-3038", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-3038", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2012/3xxx/CVE-2012-3113.json b/2012/3xxx/CVE-2012-3113.json index a4456de321a..a518fb56ff9 100644 --- a/2012/3xxx/CVE-2012-3113.json +++ b/2012/3xxx/CVE-2012-3113.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-3113", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.0.20 allows remote authenticated users to affect confidentiality and integrity, related to EPERF." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2012-3113", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html" - }, - { - "name" : "MDVSA-2013:150", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" - }, - { - "name" : "54522", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/54522" - }, - { - "name" : "83963", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/83963" - }, - { - "name" : "1027265", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1027265" - }, - { - "name" : "49950", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/49950" - }, - { - "name" : "peoplesoftenterprise-hrmseperf-cve20123113(77024)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/77024" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.0.20 allows remote authenticated users to affect confidentiality and integrity, related to EPERF." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "peoplesoftenterprise-hrmseperf-cve20123113(77024)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77024" + }, + { + "name": "54522", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/54522" + }, + { + "name": "49950", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/49950" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html" + }, + { + "name": "83963", + "refsource": "OSVDB", + "url": "http://osvdb.org/83963" + }, + { + "name": "MDVSA-2013:150", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" + }, + { + "name": "1027265", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1027265" + } + ] + } +} \ No newline at end of file diff --git a/2012/3xxx/CVE-2012-3179.json b/2012/3xxx/CVE-2012-3179.json index 8a61f80c3e1..73523d2cf90 100644 --- a/2012/3xxx/CVE-2012-3179.json +++ b/2012/3xxx/CVE-2012-3179.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-3179", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect integrity via unknown vectors related to Tree Manager." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2012-3179", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html" - }, - { - "name" : "MDVSA-2013:150", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" - }, - { - "name" : "1027671", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1027671" - }, - { - "name" : "51001", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/51001" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50, 8.51, and 8.52 allows remote authenticated users to affect integrity via unknown vectors related to Tree Manager." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "51001", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/51001" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html" + }, + { + "name": "1027671", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1027671" + }, + { + "name": "MDVSA-2013:150", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" + } + ] + } +} \ No newline at end of file diff --git a/2012/3xxx/CVE-2012-3532.json b/2012/3xxx/CVE-2012-3532.json index af680f26b7b..09e46e5aabf 100644 --- a/2012/3xxx/CVE-2012-3532.json +++ b/2012/3xxx/CVE-2012-3532.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-3532", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in the GateIn Portal component in JBoss Enterprise Portal Platform 5.2.2 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2012-3532", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=851046", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=851046" - }, - { - "name" : "RHSA-2013:0733", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-0733.html" - }, - { - "name" : "59015", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/59015" - }, - { - "name" : "53005", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/53005" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in the GateIn Portal component in JBoss Enterprise Portal Platform 5.2.2 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2013:0733", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-0733.html" + }, + { + "name": "53005", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/53005" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=851046", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=851046" + }, + { + "name": "59015", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/59015" + } + ] + } +} \ No newline at end of file diff --git a/2012/3xxx/CVE-2012-3721.json b/2012/3xxx/CVE-2012-3721.json index 2d092ec68d3..b9cd5566581 100644 --- a/2012/3xxx/CVE-2012-3721.json +++ b/2012/3xxx/CVE-2012-3721.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-3721", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Profile Manager in Apple Mac OS X before 10.7.5 does not properly perform authentication for the Device Management private interface, which allows attackers to enumerate managed devices via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2012-3721", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT5501", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT5501" - }, - { - "name" : "APPLE-SA-2012-09-19-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html" - }, - { - "name" : "apple-osx-profilemanager-cve20123721(78746)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/78746" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Profile Manager in Apple Mac OS X before 10.7.5 does not properly perform authentication for the Device Management private interface, which allows attackers to enumerate managed devices via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2012-09-19-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html" + }, + { + "name": "http://support.apple.com/kb/HT5501", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT5501" + }, + { + "name": "apple-osx-profilemanager-cve20123721(78746)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78746" + } + ] + } +} \ No newline at end of file diff --git a/2012/4xxx/CVE-2012-4084.json b/2012/4xxx/CVE-2012-4084.json index 5a5706d8a97..6967dba5b85 100644 --- a/2012/4xxx/CVE-2012-4084.json +++ b/2012/4xxx/CVE-2012-4084.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-4084", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in the web-management interface in the fabric interconnect (FI) component in Cisco Unified Computing System (UCS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCtg20755." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2012-4084", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20131004 Cisco Unified Computing System Fabric Interconnect Cross-Site Request Forgery Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4084" - }, - { - "name" : "62851", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/62851" - }, - { - "name" : "98125", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/98125" - }, - { - "name" : "55203", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/55203" - }, - { - "name" : "cisco-ucs-cve20124084-csrf(87679)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/87679" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in the web-management interface in the fabric interconnect (FI) component in Cisco Unified Computing System (UCS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCtg20755." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "98125", + "refsource": "OSVDB", + "url": "http://osvdb.org/98125" + }, + { + "name": "55203", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/55203" + }, + { + "name": "20131004 Cisco Unified Computing System Fabric Interconnect Cross-Site Request Forgery Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4084" + }, + { + "name": "62851", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/62851" + }, + { + "name": "cisco-ucs-cve20124084-csrf(87679)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87679" + } + ] + } +} \ No newline at end of file diff --git a/2012/4xxx/CVE-2012-4742.json b/2012/4xxx/CVE-2012-4742.json index a2f2fa65d1a..39e505e0889 100644 --- a/2012/4xxx/CVE-2012-4742.json +++ b/2012/4xxx/CVE-2012-4742.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-4742", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The web_node_register function in web.pm in PacketFence before 3.0.2 might allow remote attackers to execute arbitrary code via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-4742", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.packetfence.org/bugs/changelog_page.php", - "refsource" : "CONFIRM", - "url" : "http://www.packetfence.org/bugs/changelog_page.php" - }, - { - "name" : "http://www.packetfence.org/bugs/view.php?id=763", - "refsource" : "CONFIRM", - "url" : "http://www.packetfence.org/bugs/view.php?id=763" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The web_node_register function in web.pm in PacketFence before 3.0.2 might allow remote attackers to execute arbitrary code via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.packetfence.org/bugs/view.php?id=763", + "refsource": "CONFIRM", + "url": "http://www.packetfence.org/bugs/view.php?id=763" + }, + { + "name": "http://www.packetfence.org/bugs/changelog_page.php", + "refsource": "CONFIRM", + "url": "http://www.packetfence.org/bugs/changelog_page.php" + } + ] + } +} \ No newline at end of file diff --git a/2012/4xxx/CVE-2012-4793.json b/2012/4xxx/CVE-2012-4793.json index 5104d2ffb70..b1ba202e434 100644 --- a/2012/4xxx/CVE-2012-4793.json +++ b/2012/4xxx/CVE-2012-4793.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-4793", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2012-4793", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2012/6xxx/CVE-2012-6030.json b/2012/6xxx/CVE-2012-6030.json index 8f1fccf3a7b..e16aa68a9f7 100644 --- a/2012/6xxx/CVE-2012-6030.json +++ b/2012/6xxx/CVE-2012-6030.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-6030", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The do_tmem_op function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (host crash) and possibly have other unspecified impacts via unspecified vectors related to \"broken locking checks\" in an \"error path.\" NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-6030", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[Xen-announce] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities", - "refsource" : "MLIST", - "url" : "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html" - }, - { - "name" : "[oss-security] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2012/09/05/8" - }, - { - "name" : "http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities", - "refsource" : "CONFIRM", - "url" : "http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities" - }, - { - "name" : "GLSA-201309-24", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201309-24.xml" - }, - { - "name" : "GLSA-201604-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201604-03" - }, - { - "name" : "55410", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/55410" - }, - { - "name" : "85199", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/85199" - }, - { - "name" : "1027482", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1027482" - }, - { - "name" : "50472", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/50472" - }, - { - "name" : "55082", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/55082" - }, - { - "name" : "xen-tmem-priv-esc(78268)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/78268" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The do_tmem_op function in the Transcendent Memory (TMEM) in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service (host crash) and possibly have other unspecified impacts via unspecified vectors related to \"broken locking checks\" in an \"error path.\" NOTE: this issue was originally published as part of CVE-2012-3497, which was too general; CVE-2012-3497 has been SPLIT into this ID and others." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "55082", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/55082" + }, + { + "name": "1027482", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1027482" + }, + { + "name": "http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities", + "refsource": "CONFIRM", + "url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities" + }, + { + "name": "GLSA-201309-24", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml" + }, + { + "name": "55410", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/55410" + }, + { + "name": "[oss-security] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2012/09/05/8" + }, + { + "name": "xen-tmem-priv-esc(78268)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78268" + }, + { + "name": "85199", + "refsource": "OSVDB", + "url": "http://osvdb.org/85199" + }, + { + "name": "[Xen-announce] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities", + "refsource": "MLIST", + "url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html" + }, + { + "name": "50472", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/50472" + }, + { + "name": "GLSA-201604-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201604-03" + } + ] + } +} \ No newline at end of file diff --git a/2012/6xxx/CVE-2012-6064.json b/2012/6xxx/CVE-2012-6064.json index 076844ee95a..d130c32dba3 100644 --- a/2012/6xxx/CVE-2012-6064.json +++ b/2012/6xxx/CVE-2012-6064.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-6064", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple (CMSMS) before 1.11.2.1 allows remote authenticated administrators to delete arbitrary files via a .. (dot dot) in the deld parameter. NOTE: this can be leveraged using CSRF (CVE-2012-5450) to allow remote attackers to delete arbitrary files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-6064", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20121107 Cross-Site Request Forgery (CSRF) in CMS Made Simple", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2012-11/0035.html" - }, - { - "name" : "http://packetstormsecurity.org/files/117951/CMS-Made-Simple-1.11.2-Cross-Site-Request-Forgery.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/files/117951/CMS-Made-Simple-1.11.2-Cross-Site-Request-Forgery.html" - }, - { - "name" : "https://www.htbridge.com/advisory/HTB23121", - "refsource" : "MISC", - "url" : "https://www.htbridge.com/advisory/HTB23121" - }, - { - "name" : "http://forum.cmsmadesimple.org/viewtopic.php?f=1&t=63545", - "refsource" : "CONFIRM", - "url" : "http://forum.cmsmadesimple.org/viewtopic.php?f=1&t=63545" - }, - { - "name" : "http://viewsvn.cmsmadesimple.org/diff.php?repname=cmsmadesimple&path=%2Ftrunk%2Flib%2Ffilemanager%2FImageManager%2FClasses%2FImageManager.php&rev=8400&peg=8498", - "refsource" : "CONFIRM", - "url" : "http://viewsvn.cmsmadesimple.org/diff.php?repname=cmsmadesimple&path=%2Ftrunk%2Flib%2Ffilemanager%2FImageManager%2FClasses%2FImageManager.php&rev=8400&peg=8498" - }, - { - "name" : "51185", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/51185" - }, - { - "name" : "cmsmadesimple-images-csrf(79881)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/79881" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple (CMSMS) before 1.11.2.1 allows remote authenticated administrators to delete arbitrary files via a .. (dot dot) in the deld parameter. NOTE: this can be leveraged using CSRF (CVE-2012-5450) to allow remote attackers to delete arbitrary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.org/files/117951/CMS-Made-Simple-1.11.2-Cross-Site-Request-Forgery.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/files/117951/CMS-Made-Simple-1.11.2-Cross-Site-Request-Forgery.html" + }, + { + "name": "https://www.htbridge.com/advisory/HTB23121", + "refsource": "MISC", + "url": "https://www.htbridge.com/advisory/HTB23121" + }, + { + "name": "51185", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/51185" + }, + { + "name": "http://forum.cmsmadesimple.org/viewtopic.php?f=1&t=63545", + "refsource": "CONFIRM", + "url": "http://forum.cmsmadesimple.org/viewtopic.php?f=1&t=63545" + }, + { + "name": "cmsmadesimple-images-csrf(79881)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79881" + }, + { + "name": "http://viewsvn.cmsmadesimple.org/diff.php?repname=cmsmadesimple&path=%2Ftrunk%2Flib%2Ffilemanager%2FImageManager%2FClasses%2FImageManager.php&rev=8400&peg=8498", + "refsource": "CONFIRM", + "url": "http://viewsvn.cmsmadesimple.org/diff.php?repname=cmsmadesimple&path=%2Ftrunk%2Flib%2Ffilemanager%2FImageManager%2FClasses%2FImageManager.php&rev=8400&peg=8498" + }, + { + "name": "20121107 Cross-Site Request Forgery (CSRF) in CMS Made Simple", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0035.html" + } + ] + } +} \ No newline at end of file diff --git a/2012/6xxx/CVE-2012-6145.json b/2012/6xxx/CVE-2012-6145.json index 2601a07df84..48999d80b5e 100644 --- a/2012/6xxx/CVE-2012-6145.json +++ b/2012/6xxx/CVE-2012-6145.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-6145", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2012-6145", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20130619 Re: Re: [Ticket#2012111110000015] TYPO3-CORE-SA-2012-005: Several Vulnerabilities in TYPO3 Core", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2013/06/19/4" - }, - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/" - }, - { - "name" : "87116", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/87116" - }, - { - "name" : "typo3-backendhistory-unspecified-xss(79965)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/79965" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "87116", + "refsource": "OSVDB", + "url": "http://osvdb.org/87116" + }, + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/", + "refsource": "CONFIRM", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005/" + }, + { + "name": "typo3-backendhistory-unspecified-xss(79965)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79965" + }, + { + "name": "[oss-security] 20130619 Re: Re: [Ticket#2012111110000015] TYPO3-CORE-SA-2012-005: Several Vulnerabilities in TYPO3 Core", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2013/06/19/4" + } + ] + } +} \ No newline at end of file diff --git a/2012/6xxx/CVE-2012-6487.json b/2012/6xxx/CVE-2012-6487.json index 67f66433a8b..73cd069ae20 100644 --- a/2012/6xxx/CVE-2012-6487.json +++ b/2012/6xxx/CVE-2012-6487.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2012-6487", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2012-6487", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/2xxx/CVE-2017-2131.json b/2017/2xxx/CVE-2017-2131.json index 8c7936acf37..17e13c6a1c6 100644 --- a/2017/2xxx/CVE-2017-2131.json +++ b/2017/2xxx/CVE-2017-2131.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vultures@jpcert.or.jp", - "ID" : "CVE-2017-2131", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to bypass access restrictions to view the configuration menu via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2017-2131", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "JVN#54795166", - "refsource" : "JVN", - "url" : "https://jvn.jp/en/jp/JVN54795166/" - }, - { - "name" : "101581", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101581" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47 allow an attacker to bypass access restrictions to view the configuration menu via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "101581", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101581" + }, + { + "name": "JVN#54795166", + "refsource": "JVN", + "url": "https://jvn.jp/en/jp/JVN54795166/" + } + ] + } +} \ No newline at end of file diff --git a/2017/2xxx/CVE-2017-2180.json b/2017/2xxx/CVE-2017-2180.json index cfc47daeed9..7f81e6f6c2d 100644 --- a/2017/2xxx/CVE-2017-2180.json +++ b/2017/2xxx/CVE-2017-2180.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vultures@jpcert.or.jp", - "ID" : "CVE-2017-2180", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Hands-on Vulnerability Learning Tool \"AppGoat\" for Web Application", - "version" : { - "version_data" : [ - { - "version_value" : "V3.0.2 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN (IPA)" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Hands-on Vulnerability Learning Tool \"AppGoat\" for Web Application V3.0.2 and earlier allow remote attackers to obtain local files via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2017-2180", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Hands-on Vulnerability Learning Tool \"AppGoat\" for Web Application", + "version": { + "version_data": [ + { + "version_value": "V3.0.2 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN (IPA)" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "JVN#32120290", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN32120290/index.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Hands-on Vulnerability Learning Tool \"AppGoat\" for Web Application V3.0.2 and earlier allow remote attackers to obtain local files via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#32120290", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN32120290/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/2xxx/CVE-2017-2413.json b/2017/2xxx/CVE-2017-2413.json index ebd4d3a6e00..5fe1de1bb9f 100644 --- a/2017/2xxx/CVE-2017-2413.json +++ b/2017/2xxx/CVE-2017-2413.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2017-2413", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the \"QuickTime\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted media file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2017-2413", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT207615", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207615" - }, - { - "name" : "97140", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97140" - }, - { - "name" : "1038138", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038138" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the \"QuickTime\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted media file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "97140", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97140" + }, + { + "name": "https://support.apple.com/HT207615", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207615" + }, + { + "name": "1038138", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038138" + } + ] + } +} \ No newline at end of file diff --git a/2017/2xxx/CVE-2017-2763.json b/2017/2xxx/CVE-2017-2763.json index c8d9b76bfc7..f5b49b8d880 100644 --- a/2017/2xxx/CVE-2017-2763.json +++ b/2017/2xxx/CVE-2017-2763.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-2763", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-2763", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/6xxx/CVE-2017-6175.json b/2017/6xxx/CVE-2017-6175.json index d9d8bcfd74b..670e5ad6e80 100644 --- a/2017/6xxx/CVE-2017-6175.json +++ b/2017/6xxx/CVE-2017-6175.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-6175", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-6175", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/6xxx/CVE-2017-6301.json b/2017/6xxx/CVE-2017-6301.json index 8c0454d341f..6924363f4bd 100644 --- a/2017/6xxx/CVE-2017-6301.json +++ b/2017/6xxx/CVE-2017-6301.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-6301", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in ytnef before 1.9.1. This is related to a patch described as \"4 of 9. Out of Bounds Reads.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-6301", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.openwall.com/lists/oss-security/2017/02/15/4", - "refsource" : "MISC", - "url" : "http://www.openwall.com/lists/oss-security/2017/02/15/4" - }, - { - "name" : "https://github.com/Yeraze/ytnef/pull/27", - "refsource" : "MISC", - "url" : "https://github.com/Yeraze/ytnef/pull/27" - }, - { - "name" : "https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/", - "refsource" : "MISC", - "url" : "https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/" - }, - { - "name" : "DSA-3846", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-3846" - }, - { - "name" : "96423", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96423" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in ytnef before 1.9.1. This is related to a patch described as \"4 of 9. Out of Bounds Reads.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "96423", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96423" + }, + { + "name": "http://www.openwall.com/lists/oss-security/2017/02/15/4", + "refsource": "MISC", + "url": "http://www.openwall.com/lists/oss-security/2017/02/15/4" + }, + { + "name": "https://github.com/Yeraze/ytnef/pull/27", + "refsource": "MISC", + "url": "https://github.com/Yeraze/ytnef/pull/27" + }, + { + "name": "DSA-3846", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-3846" + }, + { + "name": "https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/", + "refsource": "MISC", + "url": "https://www.x41-dsec.de/lab/advisories/x41-2017-002-ytnef/" + } + ] + } +} \ No newline at end of file diff --git a/2017/6xxx/CVE-2017-6361.json b/2017/6xxx/CVE-2017-6361.json index 928a5d13f94..fce6012f4db 100644 --- a/2017/6xxx/CVE-2017-6361.json +++ b/2017/6xxx/CVE-2017-6361.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-6361", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "QNAP QTS before 4.2.4 Build 20170313 allows attackers to execute arbitrary commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-6361", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "41842", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/41842/" - }, - { - "name" : "https://www.qnap.com/en/support/con_show.php?cid=113", - "refsource" : "CONFIRM", - "url" : "https://www.qnap.com/en/support/con_show.php?cid=113" - }, - { - "name" : "97059", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97059" - }, - { - "name" : "97072", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97072" - }, - { - "name" : "1038091", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038091" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "QNAP QTS before 4.2.4 Build 20170313 allows attackers to execute arbitrary commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "97072", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97072" + }, + { + "name": "https://www.qnap.com/en/support/con_show.php?cid=113", + "refsource": "CONFIRM", + "url": "https://www.qnap.com/en/support/con_show.php?cid=113" + }, + { + "name": "41842", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/41842/" + }, + { + "name": "1038091", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038091" + }, + { + "name": "97059", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97059" + } + ] + } +} \ No newline at end of file diff --git a/2018/11xxx/CVE-2018-11053.json b/2018/11xxx/CVE-2018-11053.json index 2b2debe866b..34f60a5f6c2 100644 --- a/2018/11xxx/CVE-2018-11053.json +++ b/2018/11xxx/CVE-2018-11053.json @@ -1,105 +1,105 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "Security_Alert@emc.com", - "DATE_PUBLIC" : "2018-06-26T17:00:00.000Z", - "ID" : "CVE-2018-11053", - "STATE" : "PUBLIC", - "TITLE" : " iSM: Dell EMC iDRAC Service Module Improper File Permission Vulnerability " - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "iDRAC Service Module ", - "version" : { - "version_data" : [ - { - "affected" : "=", - "version_name" : "3.0.1", - "version_value" : "3.0.1" - }, - { - "affected" : "=", - "version_name" : "3.0.2", - "version_value" : "3.0.2" - }, - { - "affected" : "=", - "version_name" : "3.1.0", - "version_value" : "3.1.0" - }, - { - "affected" : "=", - "version_name" : "3.2.0", - "version_value" : "3.2.0" - } - ] - } - } - ] - }, - "vendor_name" : "Dell EMC" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Dell EMC iDRAC Service Module for all supported Linux and XenServer versions v3.0.1, v3.0.2, v3.1.0, v3.2.0, when started, changes the default file permission of the hosts file of the host operating system (/etc/hosts) to world writable. A malicious low privileged operating system user or process could modify the host file and potentially redirect traffic from the intended destination to sites hosting malicious or unwanted content." - } - ] - }, - "impact" : { - "cvss" : { - "attackComplexity" : "HIGH", - "attackVector" : "LOCAL", - "availabilityImpact" : "HIGH", - "baseScore" : 6.6, - "baseSeverity" : "MEDIUM", - "confidentialityImpact" : "LOW", - "integrityImpact" : "LOW", - "privilegesRequired" : "LOW", - "scope" : "CHANGED", - "userInteraction" : "REQUIRED", - "vectorString" : "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : " Improper File Permission Vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "DATE_PUBLIC": "2018-06-26T17:00:00.000Z", + "ID": "CVE-2018-11053", + "STATE": "PUBLIC", + "TITLE": " iSM: Dell EMC iDRAC Service Module Improper File Permission Vulnerability " + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "iDRAC Service Module ", + "version": { + "version_data": [ + { + "affected": "=", + "version_name": "3.0.1", + "version_value": "3.0.1" + }, + { + "affected": "=", + "version_name": "3.0.2", + "version_value": "3.0.2" + }, + { + "affected": "=", + "version_name": "3.1.0", + "version_value": "3.1.0" + }, + { + "affected": "=", + "version_name": "3.2.0", + "version_value": "3.2.0" + } + ] + } + } + ] + }, + "vendor_name": "Dell EMC" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.dell.com/support/article/us/en/19/sln310281/ism-dell-emc-idrac-service-module-improper-file-permission-vulnerability?lang=en", - "refsource" : "MISC", - "url" : "http://www.dell.com/support/article/us/en/19/sln310281/ism-dell-emc-idrac-service-module-improper-file-permission-vulnerability?lang=en" - }, - { - "name" : "104567", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104567" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Dell EMC iDRAC Service Module for all supported Linux and XenServer versions v3.0.1, v3.0.2, v3.1.0, v3.2.0, when started, changes the default file permission of the hosts file of the host operating system (/etc/hosts) to world writable. A malicious low privileged operating system user or process could modify the host file and potentially redirect traffic from the intended destination to sites hosting malicious or unwanted content." + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 6.6, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": " Improper File Permission Vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "104567", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104567" + }, + { + "name": "http://www.dell.com/support/article/us/en/19/sln310281/ism-dell-emc-idrac-service-module-improper-file-permission-vulnerability?lang=en", + "refsource": "MISC", + "url": "http://www.dell.com/support/article/us/en/19/sln310281/ism-dell-emc-idrac-service-module-improper-file-permission-vulnerability?lang=en" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2018/11xxx/CVE-2018-11875.json b/2018/11xxx/CVE-2018-11875.json index 73b3f6099a1..63ab0a74845 100644 --- a/2018/11xxx/CVE-2018-11875.json +++ b/2018/11xxx/CVE-2018-11875.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "ID" : "CVE-2018-11875", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile", - "version" : { - "version_data" : [ - { - "version_value" : "SD 845, SD 850" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Lack of check of buffer size before copying in a WLAN function can lead to a buffer overflow in Snapdragon Mobile in version SD 845, SD 850." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Buffer Copy Without Checking Size of Input in WLAN" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "ID": "CVE-2018-11875", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile", + "version": { + "version_data": [ + { + "version_value": "SD 845, SD 850" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.qualcomm.com/company/product-security/bulletins", - "refsource" : "CONFIRM", - "url" : "https://www.qualcomm.com/company/product-security/bulletins" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Lack of check of buffer size before copying in a WLAN function can lead to a buffer overflow in Snapdragon Mobile in version SD 845, SD 850." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer Copy Without Checking Size of Input in WLAN" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.qualcomm.com/company/product-security/bulletins", + "refsource": "CONFIRM", + "url": "https://www.qualcomm.com/company/product-security/bulletins" + } + ] + } +} \ No newline at end of file diff --git a/2018/14xxx/CVE-2018-14000.json b/2018/14xxx/CVE-2018-14000.json index 3adc00f2876..78bfe30dd8c 100644 --- a/2018/14xxx/CVE-2018-14000.json +++ b/2018/14xxx/CVE-2018-14000.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-14000", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-14000", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/14xxx/CVE-2018-14102.json b/2018/14xxx/CVE-2018-14102.json index ee9c364e896..6e1f9cb476f 100644 --- a/2018/14xxx/CVE-2018-14102.json +++ b/2018/14xxx/CVE-2018-14102.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-14102", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-14102", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/14xxx/CVE-2018-14678.json b/2018/14xxx/CVE-2018-14678.json index 37769bb09d1..ee77ddb8bf1 100644 --- a/2018/14xxx/CVE-2018-14678.json +++ b/2018/14xxx/CVE-2018-14678.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-14678", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in arch/x86/entry/entry_64.S does not properly maintain RBX, which allows local users to cause a denial of service (uninitialized memory usage and system crash). Within Xen, 64-bit x86 PV Linux guest OS users can trigger a guest OS crash or possibly gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-14678", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html" - }, - { - "name" : "https://xenbits.xen.org/xsa/advisory-274.html", - "refsource" : "MISC", - "url" : "https://xenbits.xen.org/xsa/advisory-274.html" - }, - { - "name" : "DSA-4308", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4308" - }, - { - "name" : "104924", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104924" - }, - { - "name" : "1041397", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041397" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in arch/x86/entry/entry_64.S does not properly maintain RBX, which allows local users to cause a denial of service (uninitialized memory usage and system crash). Within Xen, 64-bit x86 PV Linux guest OS users can trigger a guest OS crash or possibly gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1041397", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041397" + }, + { + "name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html" + }, + { + "name": "https://xenbits.xen.org/xsa/advisory-274.html", + "refsource": "MISC", + "url": "https://xenbits.xen.org/xsa/advisory-274.html" + }, + { + "name": "104924", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104924" + }, + { + "name": "DSA-4308", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4308" + } + ] + } +} \ No newline at end of file diff --git a/2018/14xxx/CVE-2018-14902.json b/2018/14xxx/CVE-2018-14902.json index 5d7621060f3..bb9a3a4e521 100644 --- a/2018/14xxx/CVE-2018-14902.json +++ b/2018/14xxx/CVE-2018-14902.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-14902", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data access. This allows an attacker's application to read scanned documents." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-14902", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.vdalabs.com/2018/08/26/epson-printer-vulnerabilities/", - "refsource" : "MISC", - "url" : "https://www.vdalabs.com/2018/08/26/epson-printer-vulnerabilities/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data access. This allows an attacker's application to read scanned documents." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.vdalabs.com/2018/08/26/epson-printer-vulnerabilities/", + "refsource": "MISC", + "url": "https://www.vdalabs.com/2018/08/26/epson-printer-vulnerabilities/" + } + ] + } +} \ No newline at end of file diff --git a/2018/15xxx/CVE-2018-15040.json b/2018/15xxx/CVE-2018-15040.json index edad8344c07..685088cbcf0 100644 --- a/2018/15xxx/CVE-2018-15040.json +++ b/2018/15xxx/CVE-2018-15040.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-15040", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-15040", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/15xxx/CVE-2018-15841.json b/2018/15xxx/CVE-2018-15841.json index d25e5bb8e3a..fcba77f806e 100644 --- a/2018/15xxx/CVE-2018-15841.json +++ b/2018/15xxx/CVE-2018-15841.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-15841", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-15841", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/15xxx/CVE-2018-15950.json b/2018/15xxx/CVE-2018-15950.json index fba1367015f..e72e361805b 100644 --- a/2018/15xxx/CVE-2018-15950.json +++ b/2018/15xxx/CVE-2018-15950.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@adobe.com", - "ID" : "CVE-2018-15950", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Adobe Acrobat and Reader", - "version" : { - "version_data" : [ - { - "version_value" : "2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier versions" - } - ] - } - } - ] - }, - "vendor_name" : "Adobe" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Out-of-bounds read" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2018-15950", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Adobe Acrobat and Reader", + "version": { + "version_data": [ + { + "version_value": "2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier versions" + } + ] + } + } + ] + }, + "vendor_name": "Adobe" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb18-30.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb18-30.html" - }, - { - "name" : "105439", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105439" - }, - { - "name" : "1041809", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041809" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds read" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1041809", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041809" + }, + { + "name": "105439", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105439" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb18-30.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb18-30.html" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20329.json b/2018/20xxx/CVE-2018-20329.json index b21b99137fe..5ded9b19f4e 100644 --- a/2018/20xxx/CVE-2018-20329.json +++ b/2018/20xxx/CVE-2018-20329.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-20329", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing users with access to the sessions catalogue (which may optionally be made public) to extract and/or modify database information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20329", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/chamilo/chamilo-lms/commit/bfa1eccfabb457b800618d9d115f12dc614a55df", - "refsource" : "MISC", - "url" : "https://github.com/chamilo/chamilo-lms/commit/bfa1eccfabb457b800618d9d115f12dc614a55df" - }, - { - "name" : "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-33-2018-12-13-Moderate-risk-high-impact-SQL-Injection", - "refsource" : "MISC", - "url" : "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-33-2018-12-13-Moderate-risk-high-impact-SQL-Injection" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing users with access to the sessions catalogue (which may optionally be made public) to extract and/or modify database information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-33-2018-12-13-Moderate-risk-high-impact-SQL-Injection", + "refsource": "MISC", + "url": "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-33-2018-12-13-Moderate-risk-high-impact-SQL-Injection" + }, + { + "name": "https://github.com/chamilo/chamilo-lms/commit/bfa1eccfabb457b800618d9d115f12dc614a55df", + "refsource": "MISC", + "url": "https://github.com/chamilo/chamilo-lms/commit/bfa1eccfabb457b800618d9d115f12dc614a55df" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20433.json b/2018/20xxx/CVE-2018-20433.json index ef6a81f5235..294955bdef7 100644 --- a/2018/20xxx/CVE-2018-20433.json +++ b/2018/20xxx/CVE-2018-20433.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-20433", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "c3p0 0.9.5.2 allows XXE in extractXmlConfigFromInputStream in com/mchange/v2/c3p0/cfg/C3P0ConfigXmlUtils.java during initialization." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20433", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20181228 [SECURITY] [DLA 1621-1] c3p0 security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/12/msg00021.html" - }, - { - "name" : "https://github.com/zhutougg/c3p0/commit/2eb0ea97f745740b18dd45e4a909112d4685f87b", - "refsource" : "MISC", - "url" : "https://github.com/zhutougg/c3p0/commit/2eb0ea97f745740b18dd45e4a909112d4685f87b" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "c3p0 0.9.5.2 allows XXE in extractXmlConfigFromInputStream in com/mchange/v2/c3p0/cfg/C3P0ConfigXmlUtils.java during initialization." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[debian-lts-announce] 20181228 [SECURITY] [DLA 1621-1] c3p0 security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00021.html" + }, + { + "name": "https://github.com/zhutougg/c3p0/commit/2eb0ea97f745740b18dd45e4a909112d4685f87b", + "refsource": "MISC", + "url": "https://github.com/zhutougg/c3p0/commit/2eb0ea97f745740b18dd45e4a909112d4685f87b" + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20637.json b/2018/20xxx/CVE-2018-20637.json index 86bf5bee94a..81b1b8fb256 100644 --- a/2018/20xxx/CVE-2018-20637.json +++ b/2018/20xxx/CVE-2018-20637.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-20637", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20637", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/20xxx/CVE-2018-20711.json b/2018/20xxx/CVE-2018-20711.json index 06043778890..4230a29a355 100644 --- a/2018/20xxx/CVE-2018-20711.json +++ b/2018/20xxx/CVE-2018-20711.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-20711", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-20711", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/9xxx/CVE-2018-9111.json b/2018/9xxx/CVE-2018-9111.json index f82ea10aeb6..9a52ccd5a12 100644 --- a/2018/9xxx/CVE-2018-9111.json +++ b/2018/9xxx/CVE-2018-9111.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-9111", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross Site Scripting (XSS) exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15 via the configuration of a user account. An attacker can execute arbitrary script on an unsuspecting user's browser." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-9111", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://gist.github.com/ChuanYuan-Huang/a92b8b32980123d5fa9bf5a8299114bf", - "refsource" : "MISC", - "url" : "https://gist.github.com/ChuanYuan-Huang/a92b8b32980123d5fa9bf5a8299114bf" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross Site Scripting (XSS) exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15 via the configuration of a user account. An attacker can execute arbitrary script on an unsuspecting user's browser." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://gist.github.com/ChuanYuan-Huang/a92b8b32980123d5fa9bf5a8299114bf", + "refsource": "MISC", + "url": "https://gist.github.com/ChuanYuan-Huang/a92b8b32980123d5fa9bf5a8299114bf" + } + ] + } +} \ No newline at end of file diff --git a/2018/9xxx/CVE-2018-9327.json b/2018/9xxx/CVE-2018-9327.json index 9b98ca8d509..c050bb0c8d6 100644 --- a/2018/9xxx/CVE-2018-9327.json +++ b/2018/9xxx/CVE-2018-9327.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-9327", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Etherpad 1.5.x and 1.6.x before 1.6.4 allows an attacker to execute arbitrary code on the server. The instance has to be configured to use a document database (DirtyDB, CouchDB, MongoDB, or RethinkDB)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-9327", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blog.etherpad.org/2018/04/07/important-release-1-6-4/", - "refsource" : "CONFIRM", - "url" : "http://blog.etherpad.org/2018/04/07/important-release-1-6-4/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Etherpad 1.5.x and 1.6.x before 1.6.4 allows an attacker to execute arbitrary code on the server. The instance has to be configured to use a document database (DirtyDB, CouchDB, MongoDB, or RethinkDB)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://blog.etherpad.org/2018/04/07/important-release-1-6-4/", + "refsource": "CONFIRM", + "url": "http://blog.etherpad.org/2018/04/07/important-release-1-6-4/" + } + ] + } +} \ No newline at end of file