diff --git a/2001/0xxx/CVE-2001-0125.json b/2001/0xxx/CVE-2001-0125.json index 0de2a6baeeb..f67d3167db7 100644 --- a/2001/0xxx/CVE-2001-0125.json +++ b/2001/0xxx/CVE-2001-0125.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0125", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0125", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001231 Advisory: exmh symlink vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=97846489313059&w=2" - }, - { - "name" : "20010112 exmh security vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=97958594330100&w=2" - }, - { - "name" : "http://www.beedub.com/exmh/symlink.html", - "refsource" : "CONFIRM", - "url" : "http://www.beedub.com/exmh/symlink.html" - }, - { - "name" : "FreeBSD-SA-01:17", - "refsource" : "FREEBSD", - "url" : "http://archives.neohapsis.com/archives/freebsd/2001-01/0543.html" - }, - { - "name" : "MDKSA-2001:015", - "refsource" : "MANDRAKE", - "url" : "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-015.php3" - }, - { - "name" : "DSA-022", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2001/dsa-022" - }, - { - "name" : "exmh-error-symlink(5829)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5829" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDKSA-2001:015", + "refsource": "MANDRAKE", + "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-015.php3" + }, + { + "name": "FreeBSD-SA-01:17", + "refsource": "FREEBSD", + "url": "http://archives.neohapsis.com/archives/freebsd/2001-01/0543.html" + }, + { + "name": "20001231 Advisory: exmh symlink vulnerability", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=97846489313059&w=2" + }, + { + "name": "20010112 exmh security vulnerability", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=97958594330100&w=2" + }, + { + "name": "DSA-022", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2001/dsa-022" + }, + { + "name": "exmh-error-symlink(5829)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5829" + }, + { + "name": "http://www.beedub.com/exmh/symlink.html", + "refsource": "CONFIRM", + "url": "http://www.beedub.com/exmh/symlink.html" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0446.json b/2001/0xxx/CVE-2001-0446.json index db863b36eba..d8a75af5db5 100644 --- a/2001/0xxx/CVE-2001-0446.json +++ b/2001/0xxx/CVE-2001-0446.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0446", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM WCS (WebSphere Commerce Suite) 4.0.1 with Application Server 3.0.2 allows remote attackers to read source code for .jsp files by appending a / to the requested URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0446", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20010328 CHINANSL Security Advisory(CSA-200107)", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=98583082225053&w=2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM WCS (WebSphere Commerce Suite) 4.0.1 with Application Server 3.0.2 allows remote attackers to read source code for .jsp files by appending a / to the requested URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20010328 CHINANSL Security Advisory(CSA-200107)", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=98583082225053&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0837.json b/2001/0xxx/CVE-2001-0837.json index eb8cdac65cb..fed3a1705b5 100644 --- a/2001/0xxx/CVE-2001-0837.json +++ b/2001/0xxx/CVE-2001-0837.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0837", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and (3) the PhoneBook folder." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0837", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20011025 Pc-to-Phone vulnerability - broken by design", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=100403691432052&w=2" - }, - { - "name" : "pc2phone-temp-account-readable(7393)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7393" - }, - { - "name" : "3475", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/3475" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and (3) the PhoneBook folder." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3475", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/3475" + }, + { + "name": "pc2phone-temp-account-readable(7393)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7393" + }, + { + "name": "20011025 Pc-to-Phone vulnerability - broken by design", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=100403691432052&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2001/1xxx/CVE-2001-1120.json b/2001/1xxx/CVE-2001-1120.json index 91d37980def..46e26c68c7a 100644 --- a/2001/1xxx/CVE-2001-1120.json +++ b/2001/1xxx/CVE-2001-1120.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-1120", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-1120", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.allaire.com/handlers/index.cfm?id=21566", - "refsource" : "CONFIRM", - "url" : "http://www.allaire.com/handlers/index.cfm?id=21566" - }, - { - "name" : "VU#135531", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/135531" - }, - { - "name" : "20010712 New Cold Fusion vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/196452" - }, - { - "name" : "coldfusion-unauthorized-file-access(6839)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6839" - }, - { - "name" : "3018", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/3018" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3018", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/3018" + }, + { + "name": "coldfusion-unauthorized-file-access(6839)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6839" + }, + { + "name": "20010712 New Cold Fusion vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/196452" + }, + { + "name": "http://www.allaire.com/handlers/index.cfm?id=21566", + "refsource": "CONFIRM", + "url": "http://www.allaire.com/handlers/index.cfm?id=21566" + }, + { + "name": "VU#135531", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/135531" + } + ] + } +} \ No newline at end of file diff --git a/2001/1xxx/CVE-2001-1378.json b/2001/1xxx/CVE-2001-1378.json index 7aabdac23e8..0be73468cbf 100644 --- a/2001/1xxx/CVE-2001-1378.json +++ b/2001/1xxx/CVE-2001-1378.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-1378", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-1378", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://lists.ccil.org/pipermail/fetchmail-announce/2001-March/000015.html", - "refsource" : "MISC", - "url" : "http://lists.ccil.org/pipermail/fetchmail-announce/2001-March/000015.html" - }, - { - "name" : "RHSA-2001:103", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2001-103.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2001:103", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2001-103.html" + }, + { + "name": "http://lists.ccil.org/pipermail/fetchmail-announce/2001-March/000015.html", + "refsource": "MISC", + "url": "http://lists.ccil.org/pipermail/fetchmail-announce/2001-March/000015.html" + } + ] + } +} \ No newline at end of file diff --git a/2001/1xxx/CVE-2001-1416.json b/2001/1xxx/CVE-2001-1416.json index 1a699163d40..d7f286f0726 100644 --- a/2001/1xxx/CVE-2001-1416.json +++ b/2001/1xxx/CVE-2001-1416.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-1416", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in the log messages in certain Alpha versions of AOL Instant Messenger (AIM) 4.4 allow remote attackers to execute arbitrary web script or HTML via an image in the (1) DATA, (2) STYLE, or (3) BINARY tags." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-1416", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.windowsitpro.com/Articles/Index.cfm?ArticleID=19811&DisplayTab=Article", - "refsource" : "MISC", - "url" : "http://www.windowsitpro.com/Articles/Index.cfm?ArticleID=19811&DisplayTab=Article" - }, - { - "name" : "http://www.kb.cert.org/vuls/id/JARL-56TPBQ", - "refsource" : "CONFIRM", - "url" : "http://www.kb.cert.org/vuls/id/JARL-56TPBQ" - }, - { - "name" : "VU#541384", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/541384" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in the log messages in certain Alpha versions of AOL Instant Messenger (AIM) 4.4 allow remote attackers to execute arbitrary web script or HTML via an image in the (1) DATA, (2) STYLE, or (3) BINARY tags." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.windowsitpro.com/Articles/Index.cfm?ArticleID=19811&DisplayTab=Article", + "refsource": "MISC", + "url": "http://www.windowsitpro.com/Articles/Index.cfm?ArticleID=19811&DisplayTab=Article" + }, + { + "name": "http://www.kb.cert.org/vuls/id/JARL-56TPBQ", + "refsource": "CONFIRM", + "url": "http://www.kb.cert.org/vuls/id/JARL-56TPBQ" + }, + { + "name": "VU#541384", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/541384" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2320.json b/2006/2xxx/CVE-2006-2320.json index 48cb2f1e87f..fad9057f656 100644 --- a/2006/2xxx/CVE-2006-2320.json +++ b/2006/2xxx/CVE-2006-2320.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2320", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in Ideal Science Ideal BB 1.5.4a and earlier allow remote attackers to execute arbitrary SQL commands via multiple unspecified vectors related to stored procedure calls. NOTE: due to lack of details from the researcher, it is not clear whether this overlaps CVE-2004-2209." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2320", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060508 Multiple Vulnerabilities In IdealBB ASP Bulletin Board", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/433248/100/0/threaded" - }, - { - "name" : "http://www.idealscience.com/ibb/posts.aspx?postID=24415", - "refsource" : "MISC", - "url" : "http://www.idealscience.com/ibb/posts.aspx?postID=24415" - }, - { - "name" : "17920", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17920" - }, - { - "name" : "ADV-2006-1729", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1729" - }, - { - "name" : "25457", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/25457" - }, - { - "name" : "20035", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20035" - }, - { - "name" : "871", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/871" - }, - { - "name" : "idealbb-multiple-sql-injection(26354)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26354" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in Ideal Science Ideal BB 1.5.4a and earlier allow remote attackers to execute arbitrary SQL commands via multiple unspecified vectors related to stored procedure calls. NOTE: due to lack of details from the researcher, it is not clear whether this overlaps CVE-2004-2209." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20035", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20035" + }, + { + "name": "25457", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/25457" + }, + { + "name": "ADV-2006-1729", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1729" + }, + { + "name": "20060508 Multiple Vulnerabilities In IdealBB ASP Bulletin Board", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/433248/100/0/threaded" + }, + { + "name": "17920", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17920" + }, + { + "name": "871", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/871" + }, + { + "name": "http://www.idealscience.com/ibb/posts.aspx?postID=24415", + "refsource": "MISC", + "url": "http://www.idealscience.com/ibb/posts.aspx?postID=24415" + }, + { + "name": "idealbb-multiple-sql-injection(26354)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26354" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2593.json b/2006/2xxx/CVE-2006-2593.json index 311b60a97a7..f52fc1f61cf 100644 --- a/2006/2xxx/CVE-2006-2593.json +++ b/2006/2xxx/CVE-2006-2593.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2593", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2581. Reason: This candidate is a duplicate of CVE-2006-2581. Notes: All CVE users should reference CVE-2006-2581 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2006-2593", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2581. Reason: This candidate is a duplicate of CVE-2006-2581. Notes: All CVE users should reference CVE-2006-2581 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2008/5xxx/CVE-2008-5579.json b/2008/5xxx/CVE-2008-5579.json index 8afdd1724ae..0340cb37f68 100644 --- a/2008/5xxx/CVE-2008-5579.json +++ b/2008/5xxx/CVE-2008-5579.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-5579", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Absolute path traversal vulnerability in mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers to read arbitrary files via a full pathname in the sFileName parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-5579", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080207 mini-pub 0.3 multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/487695/100/200/threaded" - }, - { - "name" : "6733", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6733" - }, - { - "name" : "27671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27671" - }, - { - "name" : "4733", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/4733" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Absolute path traversal vulnerability in mini-pub.php/front-end/cat.php in mini-pub 0.3 allows remote attackers to read arbitrary files via a full pathname in the sFileName parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20080207 mini-pub 0.3 multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/487695/100/200/threaded" + }, + { + "name": "27671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27671" + }, + { + "name": "6733", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6733" + }, + { + "name": "4733", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/4733" + } + ] + } +} \ No newline at end of file diff --git a/2008/5xxx/CVE-2008-5777.json b/2008/5xxx/CVE-2008-5777.json index e08b45390fd..e637b177592 100644 --- a/2008/5xxx/CVE-2008-5777.json +++ b/2008/5xxx/CVE-2008-5777.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-5777", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in CadeNix allows remote attackers to execute arbitrary SQL commands via the cid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-5777", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "7480", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/7480" - }, - { - "name" : "32846", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32846" - }, - { - "name" : "4832", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/4832" - }, - { - "name" : "cadenix-index-sql-injection(47344)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47344" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in CadeNix allows remote attackers to execute arbitrary SQL commands via the cid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "cadenix-index-sql-injection(47344)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47344" + }, + { + "name": "7480", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/7480" + }, + { + "name": "4832", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/4832" + }, + { + "name": "32846", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32846" + } + ] + } +} \ No newline at end of file diff --git a/2008/5xxx/CVE-2008-5834.json b/2008/5xxx/CVE-2008-5834.json index 7fb65ba22dc..5ddc5e49280 100644 --- a/2008/5xxx/CVE-2008-5834.json +++ b/2008/5xxx/CVE-2008-5834.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-5834", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-5834", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2718.json b/2011/2xxx/CVE-2011-2718.json index 7cf06124632..21433bfd5b9 100644 --- a/2011/2xxx/CVE-2011-2718.json +++ b/2011/2xxx/CVE-2011-2718.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2718", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple directory traversal vulnerabilities in the relational schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type field, related to (1) libraries/schema/User_Schema.class.php and (2) schema_export.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2011-2718", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20110725 CVE-Request -- phpMyAdmin -- PMASA-2011-11 and PMASA-2011-12", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2011/07/25/4" - }, - { - "name" : "[oss-security] 20110726 Re: CVE-Request -- phpMyAdmin -- PMASA-2011-11 and PMASA-2011-12", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2011/07/26/10" - }, - { - "name" : "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=3ae58f0cd6b89ad4767920f9b214c38d3f6d4393", - "refsource" : "CONFIRM", - "url" : "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=3ae58f0cd6b89ad4767920f9b214c38d3f6d4393" - }, - { - "name" : "http://www.phpmyadmin.net/home_page/security/PMASA-2011-11.php", - "refsource" : "CONFIRM", - "url" : "http://www.phpmyadmin.net/home_page/security/PMASA-2011-11.php" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=725383", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=725383" - }, - { - "name" : "FEDORA-2011-9725", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063410.html" - }, - { - "name" : "FEDORA-2011-9734", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063418.html" - }, - { - "name" : "MDVSA-2011:124", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:124" - }, - { - "name" : "48874", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/48874" - }, - { - "name" : "74111", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/74111" - }, - { - "name" : "45365", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/45365" - }, - { - "name" : "45515", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/45515" - }, - { - "name" : "phpmyadmin-schema-file-include(68768)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/68768" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple directory traversal vulnerabilities in the relational schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type field, related to (1) libraries/schema/User_Schema.class.php and (2) schema_export.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "45515", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/45515" + }, + { + "name": "45365", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/45365" + }, + { + "name": "74111", + "refsource": "OSVDB", + "url": "http://osvdb.org/74111" + }, + { + "name": "48874", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/48874" + }, + { + "name": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=3ae58f0cd6b89ad4767920f9b214c38d3f6d4393", + "refsource": "CONFIRM", + "url": "http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=3ae58f0cd6b89ad4767920f9b214c38d3f6d4393" + }, + { + "name": "MDVSA-2011:124", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:124" + }, + { + "name": "[oss-security] 20110726 Re: CVE-Request -- phpMyAdmin -- PMASA-2011-11 and PMASA-2011-12", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2011/07/26/10" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=725383", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=725383" + }, + { + "name": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-11.php", + "refsource": "CONFIRM", + "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2011-11.php" + }, + { + "name": "FEDORA-2011-9725", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063410.html" + }, + { + "name": "phpmyadmin-schema-file-include(68768)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68768" + }, + { + "name": "FEDORA-2011-9734", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063418.html" + }, + { + "name": "[oss-security] 20110725 CVE-Request -- phpMyAdmin -- PMASA-2011-11 and PMASA-2011-12", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2011/07/25/4" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3056.json b/2011/3xxx/CVE-2011-3056.json index d9dfbb60bb3..599760287fa 100644 --- a/2011/3xxx/CVE-2011-3056.json +++ b/2011/3xxx/CVE-2011-3056.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3056", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a \"magic iframe.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-3056", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=117550", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=117550" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html" - }, - { - "name" : "http://support.apple.com/kb/HT5282", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT5282" - }, - { - "name" : "APPLE-SA-2012-05-07-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2012/May/msg00000.html" - }, - { - "name" : "APPLE-SA-2012-05-09-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2012/May/msg00002.html" - }, - { - "name" : "GLSA-201203-19", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201203-19.xml" - }, - { - "name" : "openSUSE-SU-2012:0466", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html" - }, - { - "name" : "52674", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/52674" - }, - { - "name" : "80294", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/80294" - }, - { - "name" : "81794", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/81794" - }, - { - "name" : "oval:org.mitre.oval:def:14962", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14962" - }, - { - "name" : "1026841", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1026841" - }, - { - "name" : "47292", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/47292" - }, - { - "name" : "48512", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48512" - }, - { - "name" : "48527", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48527" - }, - { - "name" : "google-magic-iframe-sec-bypass(74216)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/74216" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a \"magic iframe.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://code.google.com/p/chromium/issues/detail?id=117550", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=117550" + }, + { + "name": "81794", + "refsource": "OSVDB", + "url": "http://osvdb.org/81794" + }, + { + "name": "48527", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48527" + }, + { + "name": "APPLE-SA-2012-05-07-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00000.html" + }, + { + "name": "openSUSE-SU-2012:0466", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html" + }, + { + "name": "oval:org.mitre.oval:def:14962", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14962" + }, + { + "name": "http://support.apple.com/kb/HT5282", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT5282" + }, + { + "name": "APPLE-SA-2012-05-09-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2012/May/msg00002.html" + }, + { + "name": "80294", + "refsource": "OSVDB", + "url": "http://osvdb.org/80294" + }, + { + "name": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html" + }, + { + "name": "1026841", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1026841" + }, + { + "name": "52674", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/52674" + }, + { + "name": "GLSA-201203-19", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201203-19.xml" + }, + { + "name": "google-magic-iframe-sec-bypass(74216)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74216" + }, + { + "name": "48512", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48512" + }, + { + "name": "47292", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/47292" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3470.json b/2011/3xxx/CVE-2011-3470.json index 128c781363c..27613fd2eed 100644 --- a/2011/3xxx/CVE-2011-3470.json +++ b/2011/3xxx/CVE-2011-3470.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3470", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-3470", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/0xxx/CVE-2013-0023.json b/2013/0xxx/CVE-2013-0023.json index 1a01da7f164..46cb9a42090 100644 --- a/2013/0xxx/CVE-2013-0023.json +++ b/2013/0xxx/CVE-2013-0023.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-0023", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka \"Internet Explorer CDispNode Use After Free Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2013-0023", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS13-009", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-009" - }, - { - "name" : "TA13-043B", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA13-043B.html" - }, - { - "name" : "oval:org.mitre.oval:def:16470", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16470" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka \"Internet Explorer CDispNode Use After Free Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS13-009", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-009" + }, + { + "name": "TA13-043B", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA13-043B.html" + }, + { + "name": "oval:org.mitre.oval:def:16470", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16470" + } + ] + } +} \ No newline at end of file diff --git a/2013/0xxx/CVE-2013-0037.json b/2013/0xxx/CVE-2013-0037.json index 8f2ca6d9bec..8ae3e5efb64 100644 --- a/2013/0xxx/CVE-2013-0037.json +++ b/2013/0xxx/CVE-2013-0037.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-0037", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2013-0037", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2013/0xxx/CVE-2013-0569.json b/2013/0xxx/CVE-2013-0569.json index 4844b092c1f..81b9b7df912 100644 --- a/2013/0xxx/CVE-2013-0569.json +++ b/2013/0xxx/CVE-2013-0569.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-0569", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Communities component in IBM Connections 4.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2013-0569", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21635059", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21635059" - }, - { - "name" : "LO74629", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1LO74629" - }, - { - "name" : "ibm-communities-cve20130569-xss(83354)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/83354" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Communities component in IBM Connections 4.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "LO74629", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1LO74629" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21635059", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635059" + }, + { + "name": "ibm-communities-cve20130569-xss(83354)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83354" + } + ] + } +} \ No newline at end of file diff --git a/2013/0xxx/CVE-2013-0789.json b/2013/0xxx/CVE-2013-0789.json index 96cc2a706c5..f4432e32b04 100644 --- a/2013/0xxx/CVE-2013-0789.json +++ b/2013/0xxx/CVE-2013-0789.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-0789", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0 and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsContentUtils::HoldJSObjects function and the nsAutoPtr class, and other vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2013-0789", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2013/mfsa2013-30.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2013/mfsa2013-30.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=808736", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=808736" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=815315", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=815315" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=817841", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=817841" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=824643", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=824643" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=824856", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=824856" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=827596", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=827596" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=830595", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=830595" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=831055", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=831055" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=835499", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=835499" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=837714", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=837714" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=839209", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=839209" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=842300", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=842300" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=849014", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=849014" - }, - { - "name" : "openSUSE-SU-2013:0630", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html" - }, - { - "name" : "SUSE-SU-2013:0645", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html" - }, - { - "name" : "openSUSE-SU-2013:0631", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html" - }, - { - "name" : "openSUSE-SU-2013:0875", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2013-06/msg00012.html" - }, - { - "name" : "oval:org.mitre.oval:def:17079", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17079" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0 and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsContentUtils::HoldJSObjects function and the nsAutoPtr class, and other vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=830595", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=830595" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=837714", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=837714" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=835499", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=835499" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=824856", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=824856" + }, + { + "name": "openSUSE-SU-2013:0630", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=824643", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=824643" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=831055", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=831055" + }, + { + "name": "http://www.mozilla.org/security/announce/2013/mfsa2013-30.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-30.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=839209", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=839209" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=842300", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=842300" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=817841", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=817841" + }, + { + "name": "openSUSE-SU-2013:0631", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=849014", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=849014" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=808736", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=808736" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=827596", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=827596" + }, + { + "name": "oval:org.mitre.oval:def:17079", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17079" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=815315", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=815315" + }, + { + "name": "SUSE-SU-2013:0645", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html" + }, + { + "name": "openSUSE-SU-2013:0875", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00012.html" + } + ] + } +} \ No newline at end of file diff --git a/2013/0xxx/CVE-2013-0897.json b/2013/0xxx/CVE-2013-0897.json index d0f6ff7b97b..c8b9b2f3082 100644 --- a/2013/0xxx/CVE-2013-0897.json +++ b/2013/0xxx/CVE-2013-0897.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-0897", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Off-by-one error in the PDF functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service via a crafted document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2013-0897", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=165537", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=165537" - }, - { - "name" : "openSUSE-SU-2013:0454", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html" - }, - { - "name" : "oval:org.mitre.oval:def:16153", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16153" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Off-by-one error in the PDF functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service via a crafted document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=165537", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=165537" + }, + { + "name": "oval:org.mitre.oval:def:16153", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16153" + }, + { + "name": "openSUSE-SU-2013:0454", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html" + } + ] + } +} \ No newline at end of file diff --git a/2013/1xxx/CVE-2013-1062.json b/2013/1xxx/CVE-2013-1062.json index 34b578af5cf..f6ad0d68dab 100644 --- a/2013/1xxx/CVE-2013-1062.json +++ b/2013/1xxx/CVE-2013-1062.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-1062", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ubuntu-system-service 0.2.4 before 0.2.4.1. 0.2.3 before 0.2.3.1, and 0.2.2 before 0.2.2.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@ubuntu.com", + "ID": "CVE-2013-1062", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "USN-1962-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1962-1" - }, - { - "name" : "54907", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/54907" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ubuntu-system-service 0.2.4 before 0.2.4.1. 0.2.3 before 0.2.3.1, and 0.2.2 before 0.2.2.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-1962-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1962-1" + }, + { + "name": "54907", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/54907" + } + ] + } +} \ No newline at end of file diff --git a/2013/1xxx/CVE-2013-1615.json b/2013/1xxx/CVE-2013-1615.json index fd300ca2bc2..fe56bf8efb5 100644 --- a/2013/1xxx/CVE-2013-1615.json +++ b/2013/1xxx/CVE-2013-1615.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-1615", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allows remote attackers to obtain sensitive information via unspecified web-GUI API calls." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@symantec.com", + "ID": "CVE-2013-1615", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130701_00", - "refsource" : "CONFIRM", - "url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130701_00" - }, - { - "name" : "60798", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/60798" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allows remote attackers to obtain sensitive information via unspecified web-GUI API calls." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130701_00", + "refsource": "CONFIRM", + "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130701_00" + }, + { + "name": "60798", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/60798" + } + ] + } +} \ No newline at end of file diff --git a/2013/1xxx/CVE-2013-1657.json b/2013/1xxx/CVE-2013-1657.json index 5a58a5d11c7..2b67f8e1968 100644 --- a/2013/1xxx/CVE-2013-1657.json +++ b/2013/1xxx/CVE-2013-1657.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-1657", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-1657", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/1xxx/CVE-2013-1831.json b/2013/1xxx/CVE-2013-1831.json index a769ee9ae1a..fdd19f80013 100644 --- a/2013/1xxx/CVE-2013-1831.json +++ b/2013/1xxx/CVE-2013-1831.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-1831", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "lib/setuplib.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the absolute path in an exception message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2013-1831", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20130325 Moodle security notifications public", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2013/03/25/2" - }, - { - "name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36901", - "refsource" : "CONFIRM", - "url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36901" - }, - { - "name" : "https://moodle.org/mod/forum/discuss.php?d=225342", - "refsource" : "CONFIRM", - "url" : "https://moodle.org/mod/forum/discuss.php?d=225342" - }, - { - "name" : "FEDORA-2013-4387", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html" - }, - { - "name" : "FEDORA-2013-4404", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "lib/setuplib.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the absolute path in an exception message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2013-4387", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html" + }, + { + "name": "FEDORA-2013-4404", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html" + }, + { + "name": "[oss-security] 20130325 Moodle security notifications public", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2013/03/25/2" + }, + { + "name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36901", + "refsource": "CONFIRM", + "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36901" + }, + { + "name": "https://moodle.org/mod/forum/discuss.php?d=225342", + "refsource": "CONFIRM", + "url": "https://moodle.org/mod/forum/discuss.php?d=225342" + } + ] + } +} \ No newline at end of file diff --git a/2013/4xxx/CVE-2013-4322.json b/2013/4xxx/CVE-2013-4322.json index 9a9cea6287d..50ce5abe262 100644 --- a/2013/4xxx/CVE-2013-4322.json +++ b/2013/4xxx/CVE-2013-4322.json @@ -1,232 +1,232 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-4322", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2013-4322", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/534161/100/0/threaded" - }, - { - "name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Dec/23" - }, - { - "name" : "http://svn.apache.org/viewvc?view=revision&revision=1521834", - "refsource" : "CONFIRM", - "url" : "http://svn.apache.org/viewvc?view=revision&revision=1521834" - }, - { - "name" : "http://svn.apache.org/viewvc?view=revision&revision=1521864", - "refsource" : "CONFIRM", - "url" : "http://svn.apache.org/viewvc?view=revision&revision=1521864" - }, - { - "name" : "http://svn.apache.org/viewvc?view=revision&revision=1549522", - "refsource" : "CONFIRM", - "url" : "http://svn.apache.org/viewvc?view=revision&revision=1549522" - }, - { - "name" : "http://svn.apache.org/viewvc?view=revision&revision=1549523", - "refsource" : "CONFIRM", - "url" : "http://svn.apache.org/viewvc?view=revision&revision=1549523" - }, - { - "name" : "http://svn.apache.org/viewvc?view=revision&revision=1556540", - "refsource" : "CONFIRM", - "url" : "http://svn.apache.org/viewvc?view=revision&revision=1556540" - }, - { - "name" : "http://tomcat.apache.org/security-6.html", - "refsource" : "CONFIRM", - "url" : "http://tomcat.apache.org/security-6.html" - }, - { - "name" : "http://tomcat.apache.org/security-7.html", - "refsource" : "CONFIRM", - "url" : "http://tomcat.apache.org/security-7.html" - }, - { - "name" : "http://tomcat.apache.org/security-8.html", - "refsource" : "CONFIRM", - "url" : "http://tomcat.apache.org/security-8.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1069905", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1069905" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21667883", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21667883" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21675886", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21675886" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21677147", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21677147" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21678113", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21678113" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21678231", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21678231" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" - }, - { - "name" : "http://advisories.mageia.org/MGASA-2014-0148.html", - "refsource" : "CONFIRM", - "url" : "http://advisories.mageia.org/MGASA-2014-0148.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013", - "refsource" : "CONFIRM", - "url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2014-0008.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2014-0008.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" - }, - { - "name" : "DSA-3530", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3530" - }, - { - "name" : "HPSBOV03503", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=144498216801440&w=2" - }, - { - "name" : "MDVSA-2015:052", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:052" - }, - { - "name" : "MDVSA-2015:084", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084" - }, - { - "name" : "RHSA-2014:0686", - "refsource" : "REDHAT", - "url" : "https://rhn.redhat.com/errata/RHSA-2014-0686.html" - }, - { - "name" : "USN-2130-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2130-1" - }, - { - "name" : "65767", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/65767" - }, - { - "name" : "59036", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59036" - }, - { - "name" : "59722", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59722" - }, - { - "name" : "59724", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59724" - }, - { - "name" : "59873", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59873" - }, - { - "name" : "59675", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59675" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of service by streaming data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3544." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.vmware.com/security/advisories/VMSA-2014-0008.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2014-0008.html" + }, + { + "name": "http://svn.apache.org/viewvc?view=revision&revision=1549522", + "refsource": "CONFIRM", + "url": "http://svn.apache.org/viewvc?view=revision&revision=1549522" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" + }, + { + "name": "RHSA-2014:0686", + "refsource": "REDHAT", + "url": "https://rhn.redhat.com/errata/RHSA-2014-0686.html" + }, + { + "name": "MDVSA-2015:052", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:052" + }, + { + "name": "http://svn.apache.org/viewvc?view=revision&revision=1549523", + "refsource": "CONFIRM", + "url": "http://svn.apache.org/viewvc?view=revision&revision=1549523" + }, + { + "name": "59724", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59724" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1069905", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1069905" + }, + { + "name": "MDVSA-2015:084", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:084" + }, + { + "name": "DSA-3530", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3530" + }, + { + "name": "http://tomcat.apache.org/security-7.html", + "refsource": "CONFIRM", + "url": "http://tomcat.apache.org/security-7.html" + }, + { + "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21678113", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678113" + }, + { + "name": "http://tomcat.apache.org/security-8.html", + "refsource": "CONFIRM", + "url": "http://tomcat.apache.org/security-8.html" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677147", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677147" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21678231" + }, + { + "name": "http://advisories.mageia.org/MGASA-2014-0148.html", + "refsource": "CONFIRM", + "url": "http://advisories.mageia.org/MGASA-2014-0148.html" + }, + { + "name": "59722", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59722" + }, + { + "name": "http://tomcat.apache.org/security-6.html", + "refsource": "CONFIRM", + "url": "http://tomcat.apache.org/security-6.html" + }, + { + "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013", + "refsource": "CONFIRM", + "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013" + }, + { + "name": "59675", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59675" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" + }, + { + "name": "USN-2130-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2130-1" + }, + { + "name": "59873", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59873" + }, + { + "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Dec/23" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21667883", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21667883" + }, + { + "name": "http://svn.apache.org/viewvc?view=revision&revision=1556540", + "refsource": "CONFIRM", + "url": "http://svn.apache.org/viewvc?view=revision&revision=1556540" + }, + { + "name": "HPSBOV03503", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=144498216801440&w=2" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" + }, + { + "name": "65767", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/65767" + }, + { + "name": "http://svn.apache.org/viewvc?view=revision&revision=1521834", + "refsource": "CONFIRM", + "url": "http://svn.apache.org/viewvc?view=revision&revision=1521834" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21675886", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675886" + }, + { + "name": "http://svn.apache.org/viewvc?view=revision&revision=1521864", + "refsource": "CONFIRM", + "url": "http://svn.apache.org/viewvc?view=revision&revision=1521864" + }, + { + "name": "59036", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59036" + } + ] + } +} \ No newline at end of file diff --git a/2013/4xxx/CVE-2013-4574.json b/2013/4xxx/CVE-2013-4574.json index e92eb4cc225..17ab9924cc1 100644 --- a/2013/4xxx/CVE-2013-4574.json +++ b/2013/4xxx/CVE-2013-4574.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-4574", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the TimeMediaHandler extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to videos." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2013-4574", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[MediaWiki-announce] 20140114 MediaWiki Security Releases: 1.22.1, 1.21.4 and 1.19.10", - "refsource" : "MLIST", - "url" : "http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-January/000138.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the TimeMediaHandler extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to videos." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[MediaWiki-announce] 20140114 MediaWiki Security Releases: 1.22.1, 1.21.4 and 1.19.10", + "refsource": "MLIST", + "url": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-January/000138.html" + } + ] + } +} \ No newline at end of file diff --git a/2013/4xxx/CVE-2013-4790.json b/2013/4xxx/CVE-2013-4790.json index 174f17e0582..7fe5bc7d527 100644 --- a/2013/4xxx/CVE-2013-4790.json +++ b/2013/4xxx/CVE-2013-4790.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-4790", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Open-Xchange AppSuite before 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 before rev10, and 7.2.2 before rev9 relies on user-supplied data to predict the IMAP server hostname for an external domain name, which allows remote authenticated users to discover e-mail credentials of other users in opportunistic circumstances via a manual-mode association of a personal e-mail address with the hostname of a crafted IMAP server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-4790", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20130731 Open-Xchange Security Advisory 2013-07-31", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2013-07/0204.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Open-Xchange AppSuite before 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 before rev10, and 7.2.2 before rev9 relies on user-supplied data to predict the IMAP server hostname for an external domain name, which allows remote authenticated users to discover e-mail credentials of other users in opportunistic circumstances via a manual-mode association of a personal e-mail address with the hostname of a crafted IMAP server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20130731 Open-Xchange Security Advisory 2013-07-31", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0204.html" + } + ] + } +} \ No newline at end of file diff --git a/2013/4xxx/CVE-2013-4977.json b/2013/4xxx/CVE-2013-4977.json index b0e45dc7876..eb5b96ebdc2 100644 --- a/2013/4xxx/CVE-2013-4977.json +++ b/2013/4xxx/CVE-2013-4977.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-4977", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the RTSP Packet Handler in Hikvision DS-2CD7153-E IP camera with firmware 4.1.0 b130111 (Jan 2013), and possibly other devices, allows remote attackers to cause a denial of service (device crash and reboot) and possibly execute arbitrary code via a long string in the Range header field in an RTSP transaction." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-4977", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20130806 CORE-2013-0708 - Hikvision IP Cameras Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2013-08/0046.html" - }, - { - "name" : "http://packetstormsecurity.com/files/122718/Hikvision-IP-Cameras-Overflow-Bypass-Privilege-Escalation.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/122718/Hikvision-IP-Cameras-Overflow-Bypass-Privilege-Escalation.html" - }, - { - "name" : "http://www.coresecurity.com/advisories/hikvision-ip-cameras-multiple-vulnerabilities", - "refsource" : "MISC", - "url" : "http://www.coresecurity.com/advisories/hikvision-ip-cameras-multiple-vulnerabilities" - }, - { - "name" : "61642", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/61642" - }, - { - "name" : "ds2cd7153e-cve20134977-bo(86292)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/86292" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the RTSP Packet Handler in Hikvision DS-2CD7153-E IP camera with firmware 4.1.0 b130111 (Jan 2013), and possibly other devices, allows remote attackers to cause a denial of service (device crash and reboot) and possibly execute arbitrary code via a long string in the Range header field in an RTSP transaction." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "61642", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/61642" + }, + { + "name": "http://www.coresecurity.com/advisories/hikvision-ip-cameras-multiple-vulnerabilities", + "refsource": "MISC", + "url": "http://www.coresecurity.com/advisories/hikvision-ip-cameras-multiple-vulnerabilities" + }, + { + "name": "20130806 CORE-2013-0708 - Hikvision IP Cameras Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0046.html" + }, + { + "name": "http://packetstormsecurity.com/files/122718/Hikvision-IP-Cameras-Overflow-Bypass-Privilege-Escalation.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/122718/Hikvision-IP-Cameras-Overflow-Bypass-Privilege-Escalation.html" + }, + { + "name": "ds2cd7153e-cve20134977-bo(86292)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86292" + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5164.json b/2013/5xxx/CVE-2013-5164.json index ae4953d1101..f8be1e9ae77 100644 --- a/2013/5xxx/CVE-2013-5164.json +++ b/2013/5xxx/CVE-2013-5164.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5164", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple race conditions in the Phone app in Apple iOS before 7.0.3 allow physically proximate attackers to bypass the locked state, and dial the telephone numbers in arbitrary Contacts entries, by visiting the Contacts pane." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2013-5164", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "APPLE-SA-2013-10-22-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2013/Oct/msg00002.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple race conditions in the Phone app in Apple iOS before 7.0.3 allow physically proximate attackers to bypass the locked state, and dial the telephone numbers in arbitrary Contacts entries, by visiting the Contacts pane." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2013-10-22-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00002.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/1000xxx/CVE-2017-1000398.json b/2017/1000xxx/CVE-2017-1000398.json index 1d47ca749a1..ed24526e73d 100644 --- a/2017/1000xxx/CVE-2017-1000398.json +++ b/2017/1000xxx/CVE-2017-1000398.json @@ -1,64 +1,64 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve-assign@distributedweaknessfiling.org", - "DATE_ASSIGNED" : "2017-11-17", - "ID" : "CVE-2017-1000398", - "REQUESTER" : "ml@beckweb.net", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Jenkins", - "version" : { - "version_data" : [ - { - "version_value" : "2.73.1 and earlier, 2.83 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Jenkins" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The remote API in Jenkins 2.73.1 and earlier, 2.83 and earlier at /computer/(agent-name)/api showed information about tasks (typically builds) currently running on that agent. This included information about tasks that the current user otherwise has no access to, e.g. due to lack of Item/Read permission. This has been fixed, and the API now only shows information about accessible tasks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Incorrect Access Control" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "DATE_ASSIGNED": "2017-11-17", + "ID": "CVE-2017-1000398", + "REQUESTER": "ml@beckweb.net", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://jenkins.io/security/advisory/2017-10-11/", - "refsource" : "CONFIRM", - "url" : "https://jenkins.io/security/advisory/2017-10-11/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The remote API in Jenkins 2.73.1 and earlier, 2.83 and earlier at /computer/(agent-name)/api showed information about tasks (typically builds) currently running on that agent. This included information about tasks that the current user otherwise has no access to, e.g. due to lack of Item/Read permission. This has been fixed, and the API now only shows information about accessible tasks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://jenkins.io/security/advisory/2017-10-11/", + "refsource": "CONFIRM", + "url": "https://jenkins.io/security/advisory/2017-10-11/" + } + ] + } +} \ No newline at end of file diff --git a/2017/1000xxx/CVE-2017-1000450.json b/2017/1000xxx/CVE-2017-1000450.json index 19f6f35206e..dcec7747ad9 100644 --- a/2017/1000xxx/CVE-2017-1000450.json +++ b/2017/1000xxx/CVE-2017-1000450.json @@ -1,79 +1,79 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve-assign@distributedweaknessfiling.org", - "DATE_ASSIGNED" : "2017-12-29", - "ID" : "CVE-2017-1000450", - "REQUESTER" : "btiszka@gmail.com", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Opencv", - "version" : { - "version_data" : [ - { - "version_value" : "3.3.0" - } - ] - } - } - ] - }, - "vendor_name" : "Opencv" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Buffer Overflow" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "DATE_ASSIGNED": "2017-12-29", + "ID": "CVE-2017-1000450", + "REQUESTER": "btiszka@gmail.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20180108 [SECURITY] [DLA 1235-1] opencv security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/01/msg00008.html" - }, - { - "name" : "[debian-lts-announce] 20180722 [SECURITY] [DLA 1438-1] opencv security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html" - }, - { - "name" : "https://github.com/blendin/pocs/blob/master/opencv/0.OOB_Write_FillUniColor", - "refsource" : "MISC", - "url" : "https://github.com/blendin/pocs/blob/master/opencv/0.OOB_Write_FillUniColor" - }, - { - "name" : "https://github.com/opencv/opencv/issues/9723", - "refsource" : "MISC", - "url" : "https://github.com/opencv/opencv/issues/9723" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[debian-lts-announce] 20180722 [SECURITY] [DLA 1438-1] opencv security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html" + }, + { + "name": "https://github.com/blendin/pocs/blob/master/opencv/0.OOB_Write_FillUniColor", + "refsource": "MISC", + "url": "https://github.com/blendin/pocs/blob/master/opencv/0.OOB_Write_FillUniColor" + }, + { + "name": "[debian-lts-announce] 20180108 [SECURITY] [DLA 1235-1] opencv security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00008.html" + }, + { + "name": "https://github.com/opencv/opencv/issues/9723", + "refsource": "MISC", + "url": "https://github.com/opencv/opencv/issues/9723" + } + ] + } +} \ No newline at end of file diff --git a/2017/12xxx/CVE-2017-12365.json b/2017/12xxx/CVE-2017-12365.json index ae02b898855..36a33f2694c 100644 --- a/2017/12xxx/CVE-2017-12365.json +++ b/2017/12xxx/CVE-2017-12365.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@cisco.com", - "ID" : "CVE-2017-12365", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cisco WebEx Event Center", - "version" : { - "version_data" : [ - { - "version_value" : "Cisco WebEx Event Center" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in Cisco WebEx Event Center could allow an authenticated, remote attacker to view unlisted meeting information. The vulnerability is due to a design flaw in the product. An attacker could execute a query on an Event Center site to view scheduled meetings. A successful query would show both listed and unlisted meetings in the displayed information. An attacker could use this information to attend meetings that are not available for their attendance. Cisco Bug IDs: CSCvg33629." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-200" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2017-12365", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco WebEx Event Center", + "version": { + "version_data": [ + { + "version_value": "Cisco WebEx Event Center" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex4", - "refsource" : "CONFIRM", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex4" - }, - { - "name" : "101999", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101999" - }, - { - "name" : "1039920", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039920" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in Cisco WebEx Event Center could allow an authenticated, remote attacker to view unlisted meeting information. The vulnerability is due to a design flaw in the product. An attacker could execute a query on an Event Center site to view scheduled meetings. A successful query would show both listed and unlisted meetings in the displayed information. An attacker could use this information to attend meetings that are not available for their attendance. Cisco Bug IDs: CSCvg33629." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-200" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "101999", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101999" + }, + { + "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex4", + "refsource": "CONFIRM", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex4" + }, + { + "name": "1039920", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039920" + } + ] + } +} \ No newline at end of file diff --git a/2017/12xxx/CVE-2017-12653.json b/2017/12xxx/CVE-2017-12653.json index 7e7c48f2ad6..cf426e327c3 100644 --- a/2017/12xxx/CVE-2017-12653.json +++ b/2017/12xxx/CVE-2017-12653.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-12653", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "360 Total Security 9.0.0.1202 before 2017-07-07 allows Privilege Escalation via a Trojan horse Shcore.dll file in any directory in the PATH, as demonstrated by the C:\\Python27 directory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-12653", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blogs.securiteam.com/index.php/archives/3314#more-3314", - "refsource" : "MISC", - "url" : "https://blogs.securiteam.com/index.php/archives/3314#more-3314" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "360 Total Security 9.0.0.1202 before 2017-07-07 allows Privilege Escalation via a Trojan horse Shcore.dll file in any directory in the PATH, as demonstrated by the C:\\Python27 directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://blogs.securiteam.com/index.php/archives/3314#more-3314", + "refsource": "MISC", + "url": "https://blogs.securiteam.com/index.php/archives/3314#more-3314" + } + ] + } +} \ No newline at end of file diff --git a/2017/12xxx/CVE-2017-12748.json b/2017/12xxx/CVE-2017-12748.json index 4eac77ba5ad..b63b0e9daff 100644 --- a/2017/12xxx/CVE-2017-12748.json +++ b/2017/12xxx/CVE-2017-12748.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-12748", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-12748", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/12xxx/CVE-2017-12849.json b/2017/12xxx/CVE-2017-12849.json index af98b5de948..6f73a271128 100644 --- a/2017/12xxx/CVE-2017-12849.json +++ b/2017/12xxx/CVE-2017-12849.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-12849", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Response discrepancy in the login and password reset forms in SilverStripe CMS before 3.5.5 and 3.6.x before 3.6.1 allows remote attackers to enumerate users via timing attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-12849", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.silverstripe.org/download/security-releases/ss-2017-005", - "refsource" : "CONFIRM", - "url" : "https://www.silverstripe.org/download/security-releases/ss-2017-005" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Response discrepancy in the login and password reset forms in SilverStripe CMS before 3.5.5 and 3.6.x before 3.6.1 allows remote attackers to enumerate users via timing attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.silverstripe.org/download/security-releases/ss-2017-005", + "refsource": "CONFIRM", + "url": "https://www.silverstripe.org/download/security-releases/ss-2017-005" + } + ] + } +} \ No newline at end of file diff --git a/2017/13xxx/CVE-2017-13154.json b/2017/13xxx/CVE-2017-13154.json index b21cd90040f..86676b6605c 100644 --- a/2017/13xxx/CVE-2017-13154.json +++ b/2017/13xxx/CVE-2017-13154.json @@ -1,81 +1,81 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "DATE_PUBLIC" : "2017-12-04T00:00:00", - "ID" : "CVE-2017-13154", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "5.1.1" - }, - { - "version_value" : "6.0" - }, - { - "version_value" : "6.0.1" - }, - { - "version_value" : "7.0" - }, - { - "version_value" : "7.1.1" - }, - { - "version_value" : "7.1.2" - }, - { - "version_value" : "8.0" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63666573." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of privilege" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "DATE_PUBLIC": "2017-12-04T00:00:00", + "ID": "CVE-2017-13154", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "5.1.1" + }, + { + "version_value": "6.0" + }, + { + "version_value": "6.0.1" + }, + { + "version_value": "7.0" + }, + { + "version_value": "7.1.1" + }, + { + "version_value": "7.1.2" + }, + { + "version_value": "8.0" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/pixel/2017-12-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/pixel/2017-12-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-63666573." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/pixel/2017-12-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/pixel/2017-12-01" + } + ] + } +} \ No newline at end of file diff --git a/2017/13xxx/CVE-2017-13961.json b/2017/13xxx/CVE-2017-13961.json index f35d5ecc6ec..950cdaf6587 100644 --- a/2017/13xxx/CVE-2017-13961.json +++ b/2017/13xxx/CVE-2017-13961.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-13961", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-13961", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/16xxx/CVE-2017-16163.json b/2017/16xxx/CVE-2017-16163.json index 0fb64444a75..6bff8e3f8d3 100644 --- a/2017/16xxx/CVE-2017-16163.json +++ b/2017/16xxx/CVE-2017-16163.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2017-16163", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "dylmomo node module", - "version" : { - "version_data" : [ - { - "version_value" : "All versions" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "dylmomo is a simple file server. dylmomo is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing \"../\" in the url." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Path Traversal (CWE-22)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2017-16163", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "dylmomo node module", + "version": { + "version_data": [ + { + "version_value": "All versions" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/dylmomo", - "refsource" : "MISC", - "url" : "https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/dylmomo" - }, - { - "name" : "https://nodesecurity.io/advisories/396", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/396" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "dylmomo is a simple file server. dylmomo is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing \"../\" in the url." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Path Traversal (CWE-22)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nodesecurity.io/advisories/396", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/396" + }, + { + "name": "https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/dylmomo", + "refsource": "MISC", + "url": "https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/dylmomo" + } + ] + } +} \ No newline at end of file diff --git a/2017/16xxx/CVE-2017-16347.json b/2017/16xxx/CVE-2017-16347.json index 4bfd076992c..79645c089e0 100644 --- a/2017/16xxx/CVE-2017-16347.json +++ b/2017/16xxx/CVE-2017-16347.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "talos-cna@cisco.com", - "ID" : "CVE-2017-16347", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Insteon", - "version" : { - "version_data" : [ - { - "version_value" : "Insteon Hub 2245-222 - Firmware version 1012" - } - ] - } - } - ] - }, - "vendor_name" : "Insteon" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01e7d4 the value for the s_vol key is copied using strcpy to the buffer at 0xa0001700. This buffer is maximum 12 bytes large (this is the maximum size it could be, it is possible other global variables are stored between this variable and the next one that we could identify), sending anything longer will cause a buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Buffer overflow" - } + "CVE_data_meta": { + "ASSIGNER": "talos-cna@cisco.com", + "ID": "CVE-2017-16347", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Insteon", + "version": { + "version_data": [ + { + "version_value": "Insteon Hub 2245-222 - Firmware version 1012" + } + ] + } + } + ] + }, + "vendor_name": "Insteon" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0484", - "refsource" : "MISC", - "url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0484" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01e7d4 the value for the s_vol key is copied using strcpy to the buffer at 0xa0001700. This buffer is maximum 12 bytes large (this is the maximum size it could be, it is possible other global variables are stored between this variable and the next one that we could identify), sending anything longer will cause a buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0484", + "refsource": "MISC", + "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0484" + } + ] + } +} \ No newline at end of file diff --git a/2017/16xxx/CVE-2017-16450.json b/2017/16xxx/CVE-2017-16450.json index 3b15f3f6b6e..f00ab5e58ed 100644 --- a/2017/16xxx/CVE-2017-16450.json +++ b/2017/16xxx/CVE-2017-16450.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-16450", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-16450", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/16xxx/CVE-2017-16739.json b/2017/16xxx/CVE-2017-16739.json index 5d3e078bb41..314ae8a814b 100644 --- a/2017/16xxx/CVE-2017-16739.json +++ b/2017/16xxx/CVE-2017-16739.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "ics-cert@hq.dhs.gov", - "ID" : "CVE-2017-16739", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "WECON Technology Co., Ltd. LeviStudio HMI Editor", - "version" : { - "version_data" : [ - { - "version_value" : "WECON Technology Co., Ltd. LeviStudio HMI Editor" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in WECON Technology LEVI Studio HMI Editor v1.8.29 and prior. Specially-crafted malicious files may be able to cause stack-based buffer overflow vulnerabilities, which may allow remote code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-121" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2017-16739", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "WECON Technology Co., Ltd. LeviStudio HMI Editor", + "version": { + "version_data": [ + { + "version_value": "WECON Technology Co., Ltd. LeviStudio HMI Editor" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-011-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-011-01" - }, - { - "name" : "102493", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102493" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in WECON Technology LEVI Studio HMI Editor v1.8.29 and prior. Specially-crafted malicious files may be able to cause stack-based buffer overflow vulnerabilities, which may allow remote code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "102493", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102493" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-011-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-011-01" + } + ] + } +} \ No newline at end of file diff --git a/2017/16xxx/CVE-2017-16800.json b/2017/16xxx/CVE-2017-16800.json index 68d9fd48b32..d0de842f421 100644 --- a/2017/16xxx/CVE-2017-16800.json +++ b/2017/16xxx/CVE-2017-16800.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-16800", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-16800", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/16xxx/CVE-2017-16985.json b/2017/16xxx/CVE-2017-16985.json index 36cf79582e5..e79ea7ce6e3 100644 --- a/2017/16xxx/CVE-2017-16985.json +++ b/2017/16xxx/CVE-2017-16985.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-16985", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-16985", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4266.json b/2017/4xxx/CVE-2017-4266.json index 228a536ebbf..9c7f9262f51 100644 --- a/2017/4xxx/CVE-2017-4266.json +++ b/2017/4xxx/CVE-2017-4266.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4266", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4266", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4297.json b/2017/4xxx/CVE-2017-4297.json index 784d8ea4508..7f448bdfd1c 100644 --- a/2017/4xxx/CVE-2017-4297.json +++ b/2017/4xxx/CVE-2017-4297.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4297", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4297", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4376.json b/2017/4xxx/CVE-2017-4376.json index d83957a5e26..022cbc182f5 100644 --- a/2017/4xxx/CVE-2017-4376.json +++ b/2017/4xxx/CVE-2017-4376.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4376", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4376", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4739.json b/2017/4xxx/CVE-2017-4739.json index 14126ae231c..704a8c342d9 100644 --- a/2017/4xxx/CVE-2017-4739.json +++ b/2017/4xxx/CVE-2017-4739.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4739", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4739", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/18xxx/CVE-2018-18255.json b/2018/18xxx/CVE-2018-18255.json index b810d441721..992ac0b53d5 100644 --- a/2018/18xxx/CVE-2018-18255.json +++ b/2018/18xxx/CVE-2018-18255.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-18255", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in CapMon Access Manager 5.4.1.1005. The client applications of AccessManagerCoreService.exe communicate with this server through named pipes. A user can initiate communication with the server by creating a named pipe and sending commands to achieve elevated privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-18255", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://improsec.com/tech-blog/cam1", - "refsource" : "MISC", - "url" : "https://improsec.com/tech-blog/cam1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in CapMon Access Manager 5.4.1.1005. The client applications of AccessManagerCoreService.exe communicate with this server through named pipes. A user can initiate communication with the server by creating a named pipe and sending commands to achieve elevated privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://improsec.com/tech-blog/cam1", + "refsource": "MISC", + "url": "https://improsec.com/tech-blog/cam1" + } + ] + } +} \ No newline at end of file diff --git a/2018/18xxx/CVE-2018-18334.json b/2018/18xxx/CVE-2018-18334.json index 8dfc2051c1f..9f974061750 100644 --- a/2018/18xxx/CVE-2018-18334.json +++ b/2018/18xxx/CVE-2018-18334.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@trendmicro.com", - "ID" : "CVE-2018-18334", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Trend Micro Dr. Safety for Android (Consumer)", - "version" : { - "version_data" : [ - { - "version_value" : "Before 3.0.1478" - } - ] - } - } - ] - }, - "vendor_name" : "Trend Micro" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in the Private Browser of Trend Micro Dr. Safety for Android (Consumer) versions below 3.0.1478 could allow an remote attacker to bypass the Same Origin Policy (SOP) and obtain sensitive information via crafted JavaScript code on vulnerable installations." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "SOP Bypass" - } + "CVE_data_meta": { + "ASSIGNER": "security@trendmicro.com", + "ID": "CVE-2018-18334", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Trend Micro Dr. Safety for Android (Consumer)", + "version": { + "version_data": [ + { + "version_value": "Before 3.0.1478" + } + ] + } + } + ] + }, + "vendor_name": "Trend Micro" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1121933.aspx", - "refsource" : "CONFIRM", - "url" : "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1121933.aspx" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in the Private Browser of Trend Micro Dr. Safety for Android (Consumer) versions below 3.0.1478 could allow an remote attacker to bypass the Same Origin Policy (SOP) and obtain sensitive information via crafted JavaScript code on vulnerable installations." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SOP Bypass" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1121933.aspx", + "refsource": "CONFIRM", + "url": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1121933.aspx" + } + ] + } +} \ No newline at end of file diff --git a/2018/18xxx/CVE-2018-18471.json b/2018/18xxx/CVE-2018-18471.json index 0f9e52e92de..4030ad540f0 100644 --- a/2018/18xxx/CVE-2018-18471.json +++ b/2018/18xxx/CVE-2018-18471.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-18471", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-18471", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/18xxx/CVE-2018-18615.json b/2018/18xxx/CVE-2018-18615.json index f5c1298cd81..21efacf7b03 100644 --- a/2018/18xxx/CVE-2018-18615.json +++ b/2018/18xxx/CVE-2018-18615.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-18615", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-18615", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/18xxx/CVE-2018-18734.json b/2018/18xxx/CVE-2018-18734.json index ba811680805..ec43fcc1e0f 100644 --- a/2018/18xxx/CVE-2018-18734.json +++ b/2018/18xxx/CVE-2018-18734.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-18734", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A CSRF issue was discovered in admin/Index/addmanageuser.html in Catfish CMS 4.8.30." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-18734", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/AvaterXXX/catfish/blob/master/catfishcms.md#csrf", - "refsource" : "MISC", - "url" : "https://github.com/AvaterXXX/catfish/blob/master/catfishcms.md#csrf" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A CSRF issue was discovered in admin/Index/addmanageuser.html in Catfish CMS 4.8.30." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/AvaterXXX/catfish/blob/master/catfishcms.md#csrf", + "refsource": "MISC", + "url": "https://github.com/AvaterXXX/catfish/blob/master/catfishcms.md#csrf" + } + ] + } +} \ No newline at end of file diff --git a/2018/5xxx/CVE-2018-5355.json b/2018/5xxx/CVE-2018-5355.json index 8d6f3d2ab93..9d4fd0aca32 100644 --- a/2018/5xxx/CVE-2018-5355.json +++ b/2018/5xxx/CVE-2018-5355.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-5355", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-5355", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/5xxx/CVE-2018-5742.json b/2018/5xxx/CVE-2018-5742.json index 950214ac8c7..81a38886029 100644 --- a/2018/5xxx/CVE-2018-5742.json +++ b/2018/5xxx/CVE-2018-5742.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-5742", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-5742", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/5xxx/CVE-2018-5910.json b/2018/5xxx/CVE-2018-5910.json index 313c9e1193a..7163c91a677 100644 --- a/2018/5xxx/CVE-2018-5910.json +++ b/2018/5xxx/CVE-2018-5910.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "ID" : "CVE-2018-5910", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a memory corruption can occur in kernel due to improper check in callers count parameter in display handlers." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "ID": "CVE-2018-5910", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=b67e04e3696f05411b7434c8b194895d273b00c5", - "refsource" : "CONFIRM", - "url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=b67e04e3696f05411b7434c8b194895d273b00c5" - }, - { - "name" : "https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=d9344c2f4b60cf5d4c747c11f3cb0b6f1558db78", - "refsource" : "CONFIRM", - "url" : "https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=d9344c2f4b60cf5d4c747c11f3cb0b6f1558db78" - }, - { - "name" : "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin", - "refsource" : "CONFIRM", - "url" : "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a memory corruption can occur in kernel due to improper check in callers count parameter in display handlers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=b67e04e3696f05411b7434c8b194895d273b00c5", + "refsource": "CONFIRM", + "url": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=b67e04e3696f05411b7434c8b194895d273b00c5" + }, + { + "name": "https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=d9344c2f4b60cf5d4c747c11f3cb0b6f1558db78", + "refsource": "CONFIRM", + "url": "https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=d9344c2f4b60cf5d4c747c11f3cb0b6f1558db78" + }, + { + "name": "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin", + "refsource": "CONFIRM", + "url": "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin" + } + ] + } +} \ No newline at end of file diff --git a/2018/5xxx/CVE-2018-5948.json b/2018/5xxx/CVE-2018-5948.json index 9944047335d..45f83b5fa43 100644 --- a/2018/5xxx/CVE-2018-5948.json +++ b/2018/5xxx/CVE-2018-5948.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-5948", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-5948", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file