admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:32:01 +00:00
parent c4e1504e35
commit 002b8e6be8
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
49 changed files with 3375 additions and 3375 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

160
2005/0xxx/CVE-2005-0286.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0286", "ID": "CVE-2005-0286",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "eMotion MediaPartner Web Server 5.0 and 5.1 allows remote attackers to obtain sensitive information via an HTTP request for a .bhtml file that contains a (1) . (dot) or (2) + (plus sign) at the end, which returns the source code for that file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050110 Portcullis Security Advisory 05-004", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=110547824902053&w=2" "lang": "eng",
}, "value": "eMotion MediaPartner Web Server 5.0 and 5.1 allows remote attackers to obtain sensitive information via an HTTP request for a .bhtml file that contains a (1) . (dot) or (2) + (plus sign) at the end, which returns the source code for that file."
{ }
"name" : "12236", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/12236" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1012855", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1012855" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "13820", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/13820" ]
}, },
{ "references": {
"name" : "mediapartner-bhtml-source-disclosure(18861)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18861" "name": "12236",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/12236"
} },
} {
"name": "13820",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13820"
},
{
"name": "1012855",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012855"
},
{
"name": "20050110 Portcullis Security Advisory 05-004",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110547824902053&w=2"
},
{
"name": "mediapartner-bhtml-source-disclosure(18861)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18861"
}
]
}
}

140
2005/0xxx/CVE-2005-0302.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0302", "ID": "CVE-2005-0302",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in default.asp in BackOffice Lite 6.0 and 6.01 allows remote attackers to execute arbitrary SQL commands via the referer field in the HTTP header."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050121 bug report comersus Back Office Lite 6.0 and 6.0.1", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=110636597832556&w=2" "lang": "eng",
}, "value": "SQL injection vulnerability in default.asp in BackOffice Lite 6.0 and 6.01 allows remote attackers to execute arbitrary SQL commands via the referer field in the HTTP header."
{ }
"name" : "http://www.securiteam.com/windowsntfocus/5TP0Q0UEKI.html", ]
"refsource" : "MISC", },
"url" : "http://www.securiteam.com/windowsntfocus/5TP0Q0UEKI.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "backoffice-lite-sql-injection(19013)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19013" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20050121 bug report comersus Back Office Lite 6.0 and 6.0.1",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110636597832556&w=2"
},
{
"name": "http://www.securiteam.com/windowsntfocus/5TP0Q0UEKI.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/windowsntfocus/5TP0Q0UEKI.html"
},
{
"name": "backoffice-lite-sql-injection(19013)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19013"
}
]
}
}

150
2005/0xxx/CVE-2005-0465.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0465", "ID": "CVE-2005-0465",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050407 SGI IRIX gr_osview File Overwrite Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "http://www.idefense.com/application/poi/display?id=225&type=vulnerabilities" "lang": "eng",
}, "value": "gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option."
{ }
"name" : "20050402-01-P", ]
"refsource" : "SGI", },
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20050402-01-P" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1013662", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1013662" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "14875", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/14875" ]
} },
] "references": {
} "reference_data": [
} {
"name": "1013662",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013662"
},
{
"name": "20050402-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20050402-01-P"
},
{
"name": "20050407 SGI IRIX gr_osview File Overwrite Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=225&type=vulnerabilities"
},
{
"name": "14875",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14875"
}
]
}
}

170
2005/0xxx/CVE-2005-0543.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0543", "ID": "CVE-2005-0543",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via (1) the strServer, cfg[BgcolorOne], or strServerChoice parameters in select_server.lib.php, (2) the bg_color or row_no parameters in display_tbl_links.lib.php, the left_font_family parameter in theme_left.css.php, or the right_font_family parameter in theme_right.css.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050224 [SECURITYREASON.COM] phpMyAdmin 2.6.1 Remote file inclusion and XSS cXIb8O3.4", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=110929725801154&w=2" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via (1) the strServer, cfg[BgcolorOne], or strServerChoice parameters in select_server.lib.php, (2) the bg_color or row_no parameters in display_tbl_links.lib.php, the left_font_family parameter in theme_left.css.php, or the right_font_family parameter in theme_right.css.php."
{ }
"name" : "http://sourceforge.net/tracker/index.php?func=detail&aid=1149383&group_id=23067&atid=377408", ]
"refsource" : "CONFIRM", },
"url" : "http://sourceforge.net/tracker/index.php?func=detail&aid=1149383&group_id=23067&atid=377408" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-200503-07", "description": [
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200503-07.xml" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "12644", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/12644" ]
}, },
{ "references": {
"name" : "14382", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/14382" "name": "14382",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/14382"
"name" : "phpmyadmin-multiple-php-xss(19462)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19462" "name": "phpmyadmin-multiple-php-xss(19462)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19462"
} },
} {
"name": "http://sourceforge.net/tracker/index.php?func=detail&aid=1149383&group_id=23067&atid=377408",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1149383&group_id=23067&atid=377408"
},
{
"name": "12644",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12644"
},
{
"name": "GLSA-200503-07",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200503-07.xml"
},
{
"name": "20050224 [SECURITYREASON.COM] phpMyAdmin 2.6.1 Remote file inclusion and XSS cXIb8O3.4",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110929725801154&w=2"
}
]
}
}

140
2005/0xxx/CVE-2005-0829.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0829", "ID": "CVE-2005-0829",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in setuser.php of the Digitanium addon to PHP-Fusion 5.01 allows remote attackers to inject arbitrary web script or HTML via the (1) user_name or (2) user_pass parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050319 [PersianHacker.NET 200503-10]PHP-Fusion v5.01 Html Injection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=111125692513645&w=2" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in setuser.php of the Digitanium addon to PHP-Fusion 5.01 allows remote attackers to inject arbitrary web script or HTML via the (1) user_name or (2) user_pass parameters."
{ }
"name" : "20050319 Fw: [PersianHacker.NET 200503-10]PHP-Fusion v5.01 Html Injection Vulnerability", ]
"refsource" : "BUGTRAQ", },
"url" : "http://marc.info/?l=bugtraq&m=111142752220155&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20050319 Re: [PersianHacker.NET 200503-10]PHP-Fusion v5.01 Html Injection", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=111142918711745&w=2" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20050319 [PersianHacker.NET 200503-10]PHP-Fusion v5.01 Html Injection",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111125692513645&w=2"
},
{
"name": "20050319 Re: [PersianHacker.NET 200503-10]PHP-Fusion v5.01 Html Injection",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111142918711745&w=2"
},
{
"name": "20050319 Fw: [PersianHacker.NET 200503-10]PHP-Fusion v5.01 Html Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111142752220155&w=2"
}
]
}
}

180
2005/1xxx/CVE-2005-1470.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2005-1470", "ID": "CVE-2005-1470",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, (4) SMB, or (5) Bittorrent dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ethereal.com/appnotes/enpa-sa-00019.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ethereal.com/appnotes/enpa-sa-00019.html" "lang": "eng",
}, "value": "Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, (4) SMB, or (5) Bittorrent dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors."
{ }
"name" : "http://www.ethereal.com/news/item_20050504_01.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ethereal.com/news/item_20050504_01.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "CLSA-2005:963", "description": [
"refsource" : "CONECTIVA", {
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000963" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FLSA-2006:152922", ]
"refsource" : "FEDORA", }
"url" : "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html" ]
}, },
{ "references": {
"name" : "RHSA-2005:427", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-427.html" "name": "13504",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/13504"
"name" : "13504", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/13504" "name": "RHSA-2005:427",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-427.html"
"name" : "oval:org.mitre.oval:def:11804", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11804" "name": "http://www.ethereal.com/appnotes/enpa-sa-00019.html",
} "refsource": "CONFIRM",
] "url": "http://www.ethereal.com/appnotes/enpa-sa-00019.html"
} },
} {
"name": "FLSA-2006:152922",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html"
},
{
"name": "CLSA-2005:963",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000963"
},
{
"name": "http://www.ethereal.com/news/item_20050504_01.html",
"refsource": "CONFIRM",
"url": "http://www.ethereal.com/news/item_20050504_01.html"
},
{
"name": "oval:org.mitre.oval:def:11804",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11804"
}
]
}
}

130
2005/1xxx/CVE-2005-1637.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1637", "ID": "CVE-2005-1637",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in NPDS 4.8 and 5.0 allow remote attackers to execute arbitrary SQL commands via the thold parameter to (1) comments.php or (2) pollcomments.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.npds.org/article.php?sid=1258", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.npds.org/article.php?sid=1258" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in NPDS 4.8 and 5.0 allow remote attackers to execute arbitrary SQL commands via the thold parameter to (1) comments.php or (2) pollcomments.php."
{ }
"name" : "1013973", ]
"refsource" : "SECTRACK", },
"url" : "http://securitytracker.com/id?1013973" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.npds.org/article.php?sid=1258",
"refsource": "CONFIRM",
"url": "http://www.npds.org/article.php?sid=1258"
},
{
"name": "1013973",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013973"
}
]
}
}

34
2005/3xxx/CVE-2005-3605.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3605", "ID": "CVE-2005-3605",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

180
2005/4xxx/CVE-2005-4071.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4071", "ID": "CVE-2005-4071",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in CFMagic Magic Forum Personal 2.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ForumID parameter in view_forum.cfm, and (2) ForumID, (3) Thread, and (4) ThreadID parameters in view_thread.cfm."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pridels0.blogspot.com/2005/12/magic-forum-personal-sqlxss-vuln.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://pridels0.blogspot.com/2005/12/magic-forum-personal-sqlxss-vuln.html" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in CFMagic Magic Forum Personal 2.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ForumID parameter in view_forum.cfm, and (2) ForumID, (3) Thread, and (4) ThreadID parameters in view_thread.cfm."
{ }
"name" : "15774", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/15774" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2005-2794", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2794" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "21501", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/21501" ]
}, },
{ "references": {
"name" : "21502", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/21502" "name": "magicforumpersonal-viewforum-sql-injection(23514)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23514"
"name" : "17935", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17935" "name": "ADV-2005-2794",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2005/2794"
"name" : "magicforumpersonal-viewforum-sql-injection(23514)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23514" "name": "17935",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/17935"
} },
} {
"name": "http://pridels0.blogspot.com/2005/12/magic-forum-personal-sqlxss-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2005/12/magic-forum-personal-sqlxss-vuln.html"
},
{
"name": "15774",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15774"
},
{
"name": "21501",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21501"
},
{
"name": "21502",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21502"
}
]
}
}

140
2005/4xxx/CVE-2005-4718.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4718", "ID": "CVE-2005-4718",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Opera 8.02 and earlier allows remote attackers to cause a denial of service (client crash) via (1) a crafted HTML file with a \"content: url(0);\" style attribute, a \"bodyA\" tag, a long string, and a \"u\" tag with a long attribute, as demonstrated by opera.html; and (2) a BGSOUND element with a \"margin:-99;\" STYLE attribute."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.addict3d.org/index.php?page=viewarticle&type=security&ID=5054", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.addict3d.org/index.php?page=viewarticle&type=security&ID=5054" "lang": "eng",
}, "value": "Opera 8.02 and earlier allows remote attackers to cause a denial of service (client crash) via (1) a crafted HTML file with a \"content: url(0);\" style attribute, a \"bodyA\" tag, a long string, and a \"u\" tag with a long attribute, as demonstrated by opera.html; and (2) a BGSOUND element with a \"margin:-99;\" STYLE attribute."
{ }
"name" : "http://www.addict3d.org/index.php?page=viewarticle&type=security&ID=5055", ]
"refsource" : "MISC", },
"url" : "http://www.addict3d.org/index.php?page=viewarticle&type=security&ID=5055" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1015067", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015067" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1015067",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015067"
},
{
"name": "http://www.addict3d.org/index.php?page=viewarticle&type=security&ID=5055",
"refsource": "MISC",
"url": "http://www.addict3d.org/index.php?page=viewarticle&type=security&ID=5055"
},
{
"name": "http://www.addict3d.org/index.php?page=viewarticle&type=security&ID=5054",
"refsource": "MISC",
"url": "http://www.addict3d.org/index.php?page=viewarticle&type=security&ID=5054"
}
]
}
}

120
2005/4xxx/CVE-2005-4884.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4884", "ID": "CVE-2005-4884",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 10.1.0.4 (10g) allows remote authenticated attackers to affect availability via unknown vectors, aka DB02."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html" "lang": "eng",
} "value": "Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 10.1.0.4 (10g) allows remote authenticated attackers to affect availability via unknown vectors, aka DB02."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html"
}
]
}
}

140
2009/0xxx/CVE-2009-0298.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0298", "ID": "CVE-2009-0298",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in MW6 Technologies Barcode ActiveX control (Barcode.MW6Barcode.1, Barcode.dll) 3.0.0.1 allows remote attackers to execute arbitrary code via a long Supplement property."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "7869", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/7869" "lang": "eng",
}, "value": "Heap-based buffer overflow in MW6 Technologies Barcode ActiveX control (Barcode.MW6Barcode.1, Barcode.dll) 3.0.0.1 allows remote attackers to execute arbitrary code via a long Supplement property."
{ }
"name" : "33451", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/33451" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "33663", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33663" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "33663",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33663"
},
{
"name": "33451",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33451"
},
{
"name": "7869",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7869"
}
]
}
}

180
2009/0xxx/CVE-2009-0629.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2009-0629", "ID": "CVE-2009-0629",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging (RSRB), (7) Point to Point Tunneling Protocol (PPTP), (8) X.25 for Record Boundary Preservation (RBP), (9) X.25 over TCP (XOT), and (10) X.25 Routing features in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (device reload) via a series of crafted TCP packets."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml" "lang": "eng",
}, "value": "The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging (RSRB), (7) Point to Point Tunneling Protocol (PPTP), (8) X.25 for Record Boundary Preservation (RBP), (9) X.25 over TCP (XOT), and (10) X.25 Routing features in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (device reload) via a series of crafted TCP packets."
{ }
"name" : "20090325 Cisco IOS Software Multiple Features Crafted TCP Sequence Vulnerability", ]
"refsource" : "CISCO", },
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a904cb.shtml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "34238", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/34238" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1021903", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1021903" ]
}, },
{ "references": {
"name" : "34438", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34438" "name": "20090325 Cisco IOS Software Multiple Features Crafted TCP Sequence Vulnerability",
}, "refsource": "CISCO",
{ "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a904cb.shtml"
"name" : "ADV-2009-0851", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/0851" "name": "1021903",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1021903"
"name" : "ios-tcp-dos(49420)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49420" "name": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml",
} "refsource": "CONFIRM",
] "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml"
} },
} {
"name": "ios-tcp-dos(49420)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49420"
},
{
"name": "34438",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34438"
},
{
"name": "34238",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34238"
},
{
"name": "ADV-2009-0851",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0851"
}
]
}
}

180
2009/0xxx/CVE-2009-0893.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0893", "ID": "CVE-2009-0893",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple heap-based buffer overflows in xvidcore/src/decoder.c in the xvidcore library in Xvid before 1.2.2, as used by Windows Media Player and other applications, allow remote attackers to execute arbitrary code by providing a crafted macroblock (aka MBlock) number in a video stream in a crafted movie file that triggers heap memory corruption, related to a \"missing resync marker range check\" and the (1) decoder_iframe, (2) decoder_pframe, and (3) decoder_bframe functions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4634&selyear=2009&menutype=menupublic", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4634&selyear=2009&menutype=menupublic" "lang": "eng",
}, "value": "Multiple heap-based buffer overflows in xvidcore/src/decoder.c in the xvidcore library in Xvid before 1.2.2, as used by Windows Media Player and other applications, allow remote attackers to execute arbitrary code by providing a crafted macroblock (aka MBlock) number in a video stream in a crafted movie file that triggers heap memory corruption, related to a \"missing resync marker range check\" and the (1) decoder_iframe, (2) decoder_pframe, and (3) decoder_bframe functions."
{ }
"name" : "http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/decoder.c", ]
"refsource" : "CONFIRM", },
"url" : "http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/decoder.c" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/decoder.c?r1=1.80&r2=1.81", "description": [
"refsource" : "CONFIRM", {
"url" : "http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/decoder.c?r1=1.80&r2=1.81" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.xvid.org/News.64.0.html?&cHash=0170b4e439&tx_ttnews[backPid]=64&tx_ttnews[tt_news]=7", ]
"refsource" : "CONFIRM", }
"url" : "http://www.xvid.org/News.64.0.html?&cHash=0170b4e439&tx_ttnews[backPid]=64&tx_ttnews[tt_news]=7" ]
}, },
{ "references": {
"name" : "35156", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/35156" "name": "35274",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35274"
"name" : "35274", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35274" "name": "ADV-2009-1468",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/1468"
"name" : "ADV-2009-1468", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/1468" "name": "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4634&selyear=2009&menutype=menupublic",
} "refsource": "MISC",
] "url": "https://www.it-isac.org/postings/cyber/alertdetail.php?id=4634&selyear=2009&menutype=menupublic"
} },
} {
"name": "35156",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35156"
},
{
"name": "http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/decoder.c",
"refsource": "CONFIRM",
"url": "http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/decoder.c"
},
{
"name": "http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/decoder.c?r1=1.80&r2=1.81",
"refsource": "CONFIRM",
"url": "http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/decoder.c?r1=1.80&r2=1.81"
},
{
"name": "http://www.xvid.org/News.64.0.html?&cHash=0170b4e439&tx_ttnews[backPid]=64&tx_ttnews[tt_news]=7",
"refsource": "CONFIRM",
"url": "http://www.xvid.org/News.64.0.html?&cHash=0170b4e439&tx_ttnews[backPid]=64&tx_ttnews[tt_news]=7"
}
]
}
}

190
2009/0xxx/CVE-2009-0925.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0925", "ID": "CVE-2009-0925",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Sun Solaris 10 on SPARC sun4v systems, and OpenSolaris snv_47 through snv_85, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6425723."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2009-103.htm", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2009-103.htm" "lang": "eng",
}, "value": "Unspecified vulnerability in Sun Solaris 10 on SPARC sun4v systems, and OpenSolaris snv_47 through snv_85, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6425723."
{ }
"name" : "254628", ]
"refsource" : "SUNALERT", },
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-254628-1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "34137", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/34137" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1021850", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1021850" ]
}, },
{ "references": {
"name" : "34331", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34331" "name": "254628",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-254628-1"
"name" : "ADV-2009-0742", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/0742" "name": "1021850",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1021850"
"name" : "ADV-2009-0876", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/0876" "name": "solaris-ufs-filesystem-sun4vdos(49282)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49282"
"name" : "solaris-ufs-filesystem-sun4vdos(49282)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49282" "name": "ADV-2009-0742",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2009/0742"
} },
} {
"name": "34331",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34331"
},
{
"name": "34137",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34137"
},
{
"name": "ADV-2009-0876",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0876"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2009-103.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-103.htm"
}
]
}
}

180
2009/1xxx/CVE-2009-1569.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID" : "CVE-2009-1569", "ID": "CVE-2009-1569",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in Novell iPrint Client 4.38, 5.30, and possibly other versions before 5.32 allow remote attackers to execute arbitrary code via vectors related to (1) Date and (2) Time."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20091208 Secunia Research: Novell iPrint Client Date/Time Parsing Buffer Overflow", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/508288/100/0/threaded" "lang": "eng",
}, "value": "Multiple stack-based buffer overflows in Novell iPrint Client 4.38, 5.30, and possibly other versions before 5.32 allow remote attackers to execute arbitrary code via vectors related to (1) Date and (2) Time."
{ }
"name" : "http://secunia.com/secunia_research/2009-44/", ]
"refsource" : "MISC", },
"url" : "http://secunia.com/secunia_research/2009-44/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://download.novell.com/Download?buildid=29T3EFRky18~", "description": [
"refsource" : "CONFIRM", {
"url" : "http://download.novell.com/Download?buildid=29T3EFRky18~" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "37242", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/37242" ]
}, },
{ "references": {
"name" : "35004", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35004" "name": "http://download.novell.com/Download?buildid=29T3EFRky18~",
}, "refsource": "CONFIRM",
{ "url": "http://download.novell.com/Download?buildid=29T3EFRky18~"
"name" : "37169", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37169" "name": "20091208 Secunia Research: Novell iPrint Client Date/Time Parsing Buffer Overflow",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/508288/100/0/threaded"
"name" : "ADV-2009-3429", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/3429" "name": "ADV-2009-3429",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2009/3429"
} },
} {
"name": "37242",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37242"
},
{
"name": "35004",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35004"
},
{
"name": "http://secunia.com/secunia_research/2009-44/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2009-44/"
},
{
"name": "37169",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37169"
}
]
}
}

210
2009/1xxx/CVE-2009-1723.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1723", "ID": "CVE-2009-1723",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CFNetwork in Apple Mac OS X 10.5 before 10.5.8 places an incorrect URL in a certificate warning in certain 302 redirection scenarios, which makes it easier for remote attackers to trick a user into visiting an arbitrary https web site by leveraging an open redirect vulnerability, a different issue than CVE-2009-2062."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT3757", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT3757" "lang": "eng",
}, "value": "CFNetwork in Apple Mac OS X 10.5 before 10.5.8 places an incorrect URL in a certificate warning in certain 302 redirection scenarios, which makes it easier for remote attackers to trick a user into visiting an arbitrary https web site by leveraging an open redirect vulnerability, a different issue than CVE-2009-2062."
{ }
"name" : "http://support.apple.com/kb/HT4225", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT4225" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2009-08-05-1", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2010-06-21-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" ]
}, },
{ "references": {
"name" : "TA09-218A", "reference_data": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-218A.html" "name": "http://support.apple.com/kb/HT3757",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT3757"
"name" : "35954", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/35954" "name": "http://support.apple.com/kb/HT4225",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT4225"
"name" : "56846", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/56846" "name": "36096",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/36096"
"name" : "36096", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36096" "name": "macosx-cfnetwork-weak-security(52418)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52418"
"name" : "ADV-2009-2172", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/2172" "name": "APPLE-SA-2009-08-05-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html"
"name" : "macosx-cfnetwork-weak-security(52418)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/52418" "name": "35954",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/35954"
} },
} {
"name": "56846",
"refsource": "OSVDB",
"url": "http://osvdb.org/56846"
},
{
"name": "ADV-2009-2172",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2172"
},
{
"name": "APPLE-SA-2010-06-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html"
},
{
"name": "TA09-218A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-218A.html"
}
]
}
}

34
2009/1xxx/CVE-2009-1794.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1794", "ID": "CVE-2009-1794",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

160
2009/3xxx/CVE-2009-3785.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3785", "ID": "CVE-2009-3785",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in Simplenews Statistics 6.x before 6.x-2.0, a module for Drupal, allow remote attackers to hijack the authentication of arbitrary users via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://drupal.org/node/590098", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://drupal.org/node/590098" "lang": "eng",
}, "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Simplenews Statistics 6.x before 6.x-2.0, a module for Drupal, allow remote attackers to hijack the authentication of arbitrary users via unknown vectors."
{ }
"name" : "http://drupal.org/node/611002", ]
"refsource" : "CONFIRM", },
"url" : "http://drupal.org/node/611002" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36790", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36790" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "37128", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/37128" ]
}, },
{ "references": {
"name" : "simplenews-unspecified-csrf(53906)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/53906" "name": "37128",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/37128"
} },
} {
"name": "http://drupal.org/node/611002",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/611002"
},
{
"name": "http://drupal.org/node/590098",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/590098"
},
{
"name": "simplenews-unspecified-csrf(53906)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53906"
},
{
"name": "36790",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36790"
}
]
}
}

190
2009/3xxx/CVE-2009-3832.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3832", "ID": "CVE-2009-3832",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.opera.com/docs/changelogs/windows/1001/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.opera.com/docs/changelogs/windows/1001/" "lang": "eng",
}, "value": "Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site."
{ }
"name" : "http://www.opera.com/support/kb/view/940/", ]
"refsource" : "CONFIRM", },
"url" : "http://www.opera.com/support/kb/view/940/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36850", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36850" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "59359", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/59359" ]
}, },
{ "references": {
"name" : "oval:org.mitre.oval:def:6384", "reference_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6384" "name": "59359",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/59359"
"name" : "37182", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37182" "name": "ADV-2009-3073",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/3073"
"name" : "ADV-2009-3073", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/3073" "name": "http://www.opera.com/support/kb/view/940/",
}, "refsource": "CONFIRM",
{ "url": "http://www.opera.com/support/kb/view/940/"
"name" : "opera-web-fonts-spoofing(54022)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54022" "name": "37182",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/37182"
} },
} {
"name": "36850",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36850"
},
{
"name": "opera-web-fonts-spoofing(54022)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54022"
},
{
"name": "oval:org.mitre.oval:def:6384",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6384"
},
{
"name": "http://www.opera.com/docs/changelogs/windows/1001/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/windows/1001/"
}
]
}
}

260
2009/4xxx/CVE-2009-4245.json
View File

@ -1,132 +1,132 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4245", "ID": "CVE-2009-4245",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[datatype-cvs] 20080722 image/gif/common gifcodec.cpp, 1.6, 1.7 gifimage.cpp, 1.5, 1.6", "description_data": [
"refsource" : "MLIST", {
"url" : "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-July/008455.html" "lang": "eng",
}, "value": "Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a compressed GIF file, related to gifcodec.cpp and gifimage.cpp."
{ }
"name" : "http://service.real.com/realplayer/security/01192010_player/en/", ]
"refsource" : "CONFIRM", },
"url" : "http://service.real.com/realplayer/security/01192010_player/en/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=561441", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=561441" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7", ]
"refsource" : "CONFIRM", }
"url" : "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7" ]
}, },
{ "references": {
"name" : "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6" "name": "RHSA-2010:0094",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2010-0094.html"
"name" : "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5", },
"refsource" : "CONFIRM", {
"url" : "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5" "name": "[datatype-cvs] 20080722 image/gif/common gifcodec.cpp, 1.6, 1.7 gifimage.cpp, 1.5, 1.6",
}, "refsource": "MLIST",
{ "url": "http://lists.helixcommunity.org/pipermail/datatype-cvs/2008-July/008455.html"
"name" : "RHSA-2010:0094", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0094.html" "name": "ADV-2010-0178",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/0178"
"name" : "37880", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/37880" "name": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7",
}, "refsource": "CONFIRM",
{ "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifcodec.cpp?view=log#rev1.7"
"name" : "61969", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/61969" "name": "61969",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/61969"
"name" : "oval:org.mitre.oval:def:9998", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9998" "name": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6",
}, "refsource": "CONFIRM",
{ "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/gifimage.cpp?view=log#rev1.6"
"name" : "1023489", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1023489" "name": "1023489",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1023489"
"name" : "38218", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38218" "name": "http://service.real.com/realplayer/security/01192010_player/en/",
}, "refsource": "CONFIRM",
{ "url": "http://service.real.com/realplayer/security/01192010_player/en/"
"name" : "38450", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38450" "name": "38450",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/38450"
"name" : "ADV-2010-0178", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/0178" "name": "oval:org.mitre.oval:def:9998",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9998"
"name" : "realplayer-gifimage-bo(55800)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55800" "name": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5",
} "refsource": "CONFIRM",
] "url": "https://helixcommunity.org/viewcvs/datatype/image/gif/common/pub/gifcodec.h?view=log#rev1.5"
} },
} {
"name": "38218",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38218"
},
{
"name": "realplayer-gifimage-bo(55800)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55800"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=561441",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=561441"
},
{
"name": "37880",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37880"
}
]
}
}

170
2009/4xxx/CVE-2009-4473.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4473", "ID": "CVE-2009-4473",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in WorkArea/ContentDesigner/ekformsiframe.aspx in Ektron CMS400.NET 7.6.1.53 and 7.6.6.47, and possibly 7.52 through 7.66sp2, allow remote attackers to inject arbitrary web script or HTML via the (1) css, (2) eca, (3) id, and (4) skin parameters. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://dev.ektron.com/forum.aspx?g=posts&t=28048", "description_data": [
"refsource" : "MISC", {
"url" : "http://dev.ektron.com/forum.aspx?g=posts&t=28048" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in WorkArea/ContentDesigner/ekformsiframe.aspx in Ektron CMS400.NET 7.6.1.53 and 7.6.6.47, and possibly 7.52 through 7.66sp2, allow remote attackers to inject arbitrary web script or HTML via the (1) css, (2) eca, (3) id, and (4) skin parameters. NOTE: some of these details are obtained from third party information."
{ }
"name" : "http://dev.ektron.com/notices.aspx?id=19074", ]
"refsource" : "MISC", },
"url" : "http://dev.ektron.com/notices.aspx?id=19074" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36279", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36279" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "57667", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/57667" ]
}, },
{ "references": {
"name" : "36591", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36591" "name": "36279",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/36279"
"name" : "cms400-ekformsiframe-xss(53043)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/53043" "name": "http://dev.ektron.com/notices.aspx?id=19074",
} "refsource": "MISC",
] "url": "http://dev.ektron.com/notices.aspx?id=19074"
} },
} {
"name": "57667",
"refsource": "OSVDB",
"url": "http://osvdb.org/57667"
},
{
"name": "cms400-ekformsiframe-xss(53043)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53043"
},
{
"name": "http://dev.ektron.com/forum.aspx?g=posts&t=28048",
"refsource": "MISC",
"url": "http://dev.ektron.com/forum.aspx?g=posts&t=28048"
},
{
"name": "36591",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36591"
}
]
}
}

160
2009/4xxx/CVE-2009-4585.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4585", "ID": "CVE-2009-4585",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "UranyumSoft Listing Service stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/db.mdb."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.org/0912-exploits/uranyumsoft-disclose.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.org/0912-exploits/uranyumsoft-disclose.txt" "lang": "eng",
}, "value": "UranyumSoft Listing Service stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/db.mdb."
{ }
"name" : "10823", ]
"refsource" : "EXPLOIT-DB", },
"url" : "http://www.exploit-db.com/exploits/10823" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "61396", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/61396" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "37912", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/37912" ]
}, },
{ "references": {
"name" : "uslistingservice-db-info-disclosure(55220)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55220" "name": "10823",
} "refsource": "EXPLOIT-DB",
] "url": "http://www.exploit-db.com/exploits/10823"
} },
} {
"name": "61396",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/61396"
},
{
"name": "37912",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37912"
},
{
"name": "http://packetstormsecurity.org/0912-exploits/uranyumsoft-disclose.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0912-exploits/uranyumsoft-disclose.txt"
},
{
"name": "uslistingservice-db-info-disclosure(55220)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55220"
}
]
}
}

140
2009/4xxx/CVE-2009-4627.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4627", "ID": "CVE-2009-4627",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in sources/_template_parser.php in Moa Gallery 1.2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the p_filename parameter, a different issue than CVE-2009-4614."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "9525", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/9525" "lang": "eng",
}, "value": "Directory traversal vulnerability in sources/_template_parser.php in Moa Gallery 1.2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the p_filename parameter, a different issue than CVE-2009-4614."
{ }
"name" : "ADV-2009-2430", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2009/2430" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "moagallery-pfilename-dir-traversal(52778)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/52778" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "moagallery-pfilename-dir-traversal(52778)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52778"
},
{
"name": "9525",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9525"
},
{
"name": "ADV-2009-2430",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2430"
}
]
}
}

140
2009/4xxx/CVE-2009-4714.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4714", "ID": "CVE-2009-4714",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the quiz module for XOOPS Celepar allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to cadastro_usuario.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.org/0907-exploits/xoopsceleparquiz-xss.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.org/0907-exploits/xoopsceleparquiz-xss.txt" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the quiz module for XOOPS Celepar allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to cadastro_usuario.php."
{ }
"name" : "56598", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/56598" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "35966", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35966" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "56598",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/56598"
},
{
"name": "http://packetstormsecurity.org/0907-exploits/xoopsceleparquiz-xss.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0907-exploits/xoopsceleparquiz-xss.txt"
},
{
"name": "35966",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35966"
}
]
}
}

140
2009/4xxx/CVE-2009-4821.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4821", "ID": "CVE-2009-4821",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The D-Link DIR-615 with firmware 3.10NA does not require administrative authentication for apply.cgi, which allows remote attackers to (1) change the admin password via the admin_password parameter, (2) disable the security requirement for the Wi-Fi network via unspecified vectors, or (3) modify DNS settings via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.hiredhacker.com/2009/12/15/d-link-dir-615-remote-exploit/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.hiredhacker.com/2009/12/15/d-link-dir-615-remote-exploit/" "lang": "eng",
}, "value": "The D-Link DIR-615 with firmware 3.10NA does not require administrative authentication for apply.cgi, which allows remote attackers to (1) change the admin password via the admin_password parameter, (2) disable the security requirement for the Wi-Fi network via unspecified vectors, or (3) modify DNS settings via unspecified vectors."
{ }
"name" : "37415", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/37415" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "37777", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37777" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "37415",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37415"
},
{
"name": "37777",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37777"
},
{
"name": "http://www.hiredhacker.com/2009/12/15/d-link-dir-615-remote-exploit/",
"refsource": "MISC",
"url": "http://www.hiredhacker.com/2009/12/15/d-link-dir-615-remote-exploit/"
}
]
}
}

120
2012/2xxx/CVE-2012-2439.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-2439", "ID": "CVE-2012-2439",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The default configuration of the NETGEAR ProSafe FVS318N firewall enables web-based administration on the WAN interface, which allows remote attackers to establish an HTTP connection and possibly have unspecified other impact via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "VU#928795", "description_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/928795" "lang": "eng",
} "value": "The default configuration of the NETGEAR ProSafe FVS318N firewall enables web-based administration on the WAN interface, which allows remote attackers to establish an HTTP connection and possibly have unspecified other impact via unknown vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#928795",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/928795"
}
]
}
}

170
2012/2xxx/CVE-2012-2601.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2012-2601", "ID": "CVE-2012-2601",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in WrVMwareHostList.asp in Ipswitch WhatsUp Gold 15.02 allows remote attackers to execute arbitrary SQL commands via the sGroupList parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20035", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/20035" "lang": "eng",
}, "value": "SQL injection vulnerability in WrVMwareHostList.asp in Ipswitch WhatsUp Gold 15.02 allows remote attackers to execute arbitrary SQL commands via the sGroupList parameter."
{ }
"name" : "http://www.whatsupgold.com/blog/2012/07/23/keeping-whatsup-gold-secure/", ]
"refsource" : "MISC", },
"url" : "http://www.whatsupgold.com/blog/2012/07/23/keeping-whatsup-gold-secure/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#777007", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/777007" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "54626", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/54626" ]
}, },
{ "references": {
"name" : "1027325", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1027325" "name": "ipswitch-wrvmwarehostlist-sql-injection(77152)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77152"
"name" : "ipswitch-wrvmwarehostlist-sql-injection(77152)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/77152" "name": "1027325",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1027325"
} },
} {
"name": "54626",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54626"
},
{
"name": "20035",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/20035"
},
{
"name": "VU#777007",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/777007"
},
{
"name": "http://www.whatsupgold.com/blog/2012/07/23/keeping-whatsup-gold-secure/",
"refsource": "MISC",
"url": "http://www.whatsupgold.com/blog/2012/07/23/keeping-whatsup-gold-secure/"
}
]
}
}

350
2012/2xxx/CVE-2012-2687.json
View File

@ -1,177 +1,177 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-2687", "ID": "CVE-2012-2687",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[announce] 20120821 [ANNOUNCEMENT] Apache HTTP Server 2.4.3 Released", "description_data": [
"refsource" : "MLIST", {
"url" : "http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3C0BFFEA9B-801B-4BAA-9534-56F640268E30@apache.org%3E" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted filename that is not properly handled during construction of a variant list."
{ }
"name" : "http://httpd.apache.org/security/vulnerabilities_24.html", ]
"refsource" : "CONFIRM", },
"url" : "http://httpd.apache.org/security/vulnerabilities_24.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.apache.org/dist/httpd/CHANGES_2.4.3", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.apache.org/dist/httpd/CHANGES_2.4.3" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf", ]
"refsource" : "CONFIRM", }
"url" : "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf" ]
}, },
{ "references": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html" "name": "SSRT101139",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=136612293908376&w=2"
"name" : "http://support.apple.com/kb/HT5880", },
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT5880" "name": "50894",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/50894"
"name" : "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html" "name": "55131",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/55131"
"name" : "SE53614", },
"refsource" : "AIXAPAR", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=nas2a2b50a0ca011b37c86257a96003c9a4f" "name": "http://httpd.apache.org/security/vulnerabilities_24.html",
}, "refsource": "CONFIRM",
{ "url": "http://httpd.apache.org/security/vulnerabilities_24.html"
"name" : "APPLE-SA-2013-09-12-1", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html" "name": "oval:org.mitre.oval:def:19539",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19539"
"name" : "HPSBUX02866", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=136612293908376&w=2" "name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
"name" : "SSRT101139", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=136612293908376&w=2" "name": "RHSA-2012:1594",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-1594.html"
"name" : "RHSA-2012:1591", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1591.html" "name": "USN-1627-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1627-1"
"name" : "RHSA-2012:1592", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1592.html" "name": "51607",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51607"
"name" : "RHSA-2012:1594", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1594.html" "name": "SE53614",
}, "refsource": "AIXAPAR",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=nas2a2b50a0ca011b37c86257a96003c9a4f"
"name" : "RHSA-2013:0130", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0130.html" "name": "openSUSE-SU-2013:0245",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00011.html"
"name" : "openSUSE-SU-2013:0243", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html" "name": "APPLE-SA-2013-09-12-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html"
"name" : "openSUSE-SU-2013:0245", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2013-02/msg00011.html" "name": "[announce] 20120821 [ANNOUNCEMENT] Apache HTTP Server 2.4.3 Released",
}, "refsource": "MLIST",
{ "url": "http://mail-archives.apache.org/mod_mbox/www-announce/201208.mbox/%3C0BFFEA9B-801B-4BAA-9534-56F640268E30@apache.org%3E"
"name" : "openSUSE-SU-2013:0248", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html" "name": "RHSA-2012:1592",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-1592.html"
"name" : "USN-1627-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1627-1" "name": "http://www.apache.org/dist/httpd/CHANGES_2.4.3",
}, "refsource": "CONFIRM",
{ "url": "http://www.apache.org/dist/httpd/CHANGES_2.4.3"
"name" : "55131", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/55131" "name": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html"
"name" : "oval:org.mitre.oval:def:18832", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18832" "name": "RHSA-2013:0130",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-0130.html"
"name" : "oval:org.mitre.oval:def:19539", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19539" "name": "RHSA-2012:1591",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-1591.html"
"name" : "51607", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51607" "name": "openSUSE-SU-2013:0248",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00012.html"
"name" : "50894", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/50894" "name": "oval:org.mitre.oval:def:18832",
} "refsource": "OVAL",
] "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18832"
} },
} {
"name": "HPSBUX02866",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=136612293908376&w=2"
},
{
"name": "openSUSE-SU-2013:0243",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00009.html"
},
{
"name": "http://support.apple.com/kb/HT5880",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5880"
},
{
"name": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf",
"refsource": "CONFIRM",
"url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"
}
]
}
}

170
2012/2xxx/CVE-2012-2774.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2012-2774", "ID": "CVE-2012-2774",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ff_MPV_frame_start function in libavcodec/mpegvideo.c in FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors, related to starting \"a frame outside SETUP state.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20120831 Information on security issues fixed in ffmpeg 0.11?", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2012/08/31/3" "lang": "eng",
}, "value": "The ff_MPV_frame_start function in libavcodec/mpegvideo.c in FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors, related to starting \"a frame outside SETUP state.\""
{ }
"name" : "[oss-security] 20120902 Re: Information on security issues fixed in ffmpeg 0.11?", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2012/09/02/4" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://ffmpeg.org/security.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://ffmpeg.org/security.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=59a4b73531428d2f420b4dad545172c8483ced0f", ]
"refsource" : "CONFIRM", }
"url" : "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=59a4b73531428d2f420b4dad545172c8483ced0f" ]
}, },
{ "references": {
"name" : "55355", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/55355" "name": "[oss-security] 20120902 Re: Information on security issues fixed in ffmpeg 0.11?",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2012/09/02/4"
"name" : "50468", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/50468" "name": "55355",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/55355"
} },
} {
"name": "[oss-security] 20120831 Information on security issues fixed in ffmpeg 0.11?",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/08/31/3"
},
{
"name": "http://ffmpeg.org/security.html",
"refsource": "CONFIRM",
"url": "http://ffmpeg.org/security.html"
},
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=59a4b73531428d2f420b4dad545172c8483ced0f",
"refsource": "CONFIRM",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=59a4b73531428d2f420b4dad545172c8483ced0f"
},
{
"name": "50468",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50468"
}
]
}
}

210
2012/3xxx/CVE-2012-3710.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2012-3710", "ID": "CVE-2012-3710",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT5485", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT5485" "lang": "eng",
}, "value": "WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1."
{ }
"name" : "http://support.apple.com/kb/HT5502", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT5502" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/kb/HT5503", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT5503" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2012-09-12-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2012-09-19-1", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html" "name": "APPLE-SA-2012-09-19-3",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00005.html"
"name" : "APPLE-SA-2012-09-19-3", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00005.html" "name": "http://support.apple.com/kb/HT5485",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT5485"
"name" : "55534", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/55534" "name": "APPLE-SA-2012-09-19-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
"name" : "85393", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/85393" "name": "http://support.apple.com/kb/HT5503",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT5503"
"name" : "oval:org.mitre.oval:def:17559", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17559" "name": "http://support.apple.com/kb/HT5502",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT5502"
"name" : "apple-itunes-webkit-cve20123710(78519)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/78519" "name": "85393",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/85393"
} },
} {
"name": "55534",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55534"
},
{
"name": "oval:org.mitre.oval:def:17559",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17559"
},
{
"name": "APPLE-SA-2012-09-12-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
},
{
"name": "apple-itunes-webkit-cve20123710(78519)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78519"
}
]
}
}

34
2012/6xxx/CVE-2012-6386.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6386", "ID": "CVE-2012-6386",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2012/6xxx/CVE-2012-6398.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6398", "ID": "CVE-2012-6398",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2015/1xxx/CVE-2015-1392.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-1392", "ID": "CVE-2015-1392",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allow remote administrators to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-006.txt", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-006.txt" "lang": "eng",
} "value": "Multiple SQL injection vulnerabilities in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allow remote administrators to execute arbitrary SQL commands via unspecified vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-006.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-006.txt"
}
]
}
}

190
2015/1xxx/CVE-2015-1431.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-1431", "ID": "CVE-2015-1431",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in includes/startup.php in phpBB before 3.0.13 allows remote attackers to inject arbitrary web script or HTML via vectors related to \"Relative Path Overwrite.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150131 Re: CVE request: phpbb3 CSRF and CSS injection", "description_data": [
"refsource" : "MLIST", {
"url" : "http://seclists.org/oss-sec/2015/q1/373" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in includes/startup.php in phpBB before 3.0.13 allows remote attackers to inject arbitrary web script or HTML via vectors related to \"Relative Path Overwrite.\""
{ }
"name" : "https://github.com/phpbb/phpbb/commit/eaeb88133f1f028fa06f0ebe5639668436fd469e", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/phpbb/phpbb/commit/eaeb88133f1f028fa06f0ebe5639668436fd469e" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/phpbb/phpbb/pull/3316", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/phpbb/phpbb/pull/3316" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://tracker.phpbb.com/browse/PHPBB3-13531", ]
"refsource" : "CONFIRM", }
"url" : "https://tracker.phpbb.com/browse/PHPBB3-13531" ]
}, },
{ "references": {
"name" : "https://wiki.phpbb.com/Release_Highlights/3.0.13", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://wiki.phpbb.com/Release_Highlights/3.0.13" "name": "https://github.com/phpbb/phpbb/pull/3316",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/phpbb/phpbb/pull/3316"
"name" : "GLSA-201701-25", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-25" "name": "https://tracker.phpbb.com/browse/PHPBB3-13531",
}, "refsource": "CONFIRM",
{ "url": "https://tracker.phpbb.com/browse/PHPBB3-13531"
"name" : "72405", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/72405" "name": "[oss-security] 20150131 Re: CVE request: phpbb3 CSRF and CSS injection",
}, "refsource": "MLIST",
{ "url": "http://seclists.org/oss-sec/2015/q1/373"
"name" : "phpbb3-cve20151431-xss(100670)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100670" "name": "https://wiki.phpbb.com/Release_Highlights/3.0.13",
} "refsource": "CONFIRM",
] "url": "https://wiki.phpbb.com/Release_Highlights/3.0.13"
} },
} {
"name": "GLSA-201701-25",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-25"
},
{
"name": "72405",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72405"
},
{
"name": "phpbb3-cve20151431-xss(100670)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100670"
},
{
"name": "https://github.com/phpbb/phpbb/commit/eaeb88133f1f028fa06f0ebe5639668436fd469e",
"refsource": "CONFIRM",
"url": "https://github.com/phpbb/phpbb/commit/eaeb88133f1f028fa06f0ebe5639668436fd469e"
}
]
}
}

160
2015/1xxx/CVE-2015-1928.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-1928", "ID": "CVE-2015-1928",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Engineering Lifecycle Manager (RELM) 4.0.3 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; Rational Rhapsody Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; and Rational Software Architect Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0 allows remote authenticated users to conduct clickjacking attacks via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21973200", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21973200" "lang": "eng",
}, "value": "Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.x before 6.0.0 IF4; Rational Quality Manager (RQM) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Team Concert (RTC) 3.x before 3.0.1.6 IF7, 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Requirements Composer (RRC) 3.x before 3.0.1.6 IF7 and 4.x before 4.0.7 IF9; Rational DOORS Next Generation (RDNG) 4.x before 4.0.7 IF9, 5.x before 5.0.2 IF11, and 6.0 before 6.0.0 IF4; Rational Engineering Lifecycle Manager (RELM) 4.0.3 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; Rational Rhapsody Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0; and Rational Software Architect Design Manager (DM) 4.0 through 4.0.7, 5.0 through 5.0.2, and 6.0.0 allows remote authenticated users to conduct clickjacking attacks via a crafted web site."
{ }
"name" : "1034565", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034565" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1034566", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034566" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1034567", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1034567" ]
}, },
{ "references": {
"name" : "1034568", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034568" "name": "1034568",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1034568"
} },
} {
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21973200",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973200"
},
{
"name": "1034566",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034566"
},
{
"name": "1034565",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034565"
},
{
"name": "1034567",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034567"
}
]
}
}

130
2015/5xxx/CVE-2015-5331.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-5331", "ID": "CVE-2015-5331",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Moodle 2.9.x before 2.9.3 does not properly check the contact list before authorizing message transmission, which allows remote authenticated users to bypass intended access restrictions and conduct spam attacks via the messaging API."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50426", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50426" "lang": "eng",
}, "value": "Moodle 2.9.x before 2.9.3 does not properly check the contact list before authorizing message transmission, which allows remote authenticated users to bypass intended access restrictions and conduct spam attacks via the messaging API."
{ }
"name" : "https://moodle.org/mod/forum/discuss.php?d=323228", ]
"refsource" : "CONFIRM", },
"url" : "https://moodle.org/mod/forum/discuss.php?d=323228" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50426",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50426"
},
{
"name": "https://moodle.org/mod/forum/discuss.php?d=323228",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=323228"
}
]
}
}

150
2015/5xxx/CVE-2015-5750.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-5750", "ID": "CVE-2015-5750",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Data Detectors Engine in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted series of Unicode characters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/kb/HT205031", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT205031" "lang": "eng",
}, "value": "Data Detectors Engine in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted series of Unicode characters."
{ }
"name" : "APPLE-SA-2015-08-13-2", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "76340", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76340" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1033276", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1033276" ]
} },
] "references": {
} "reference_data": [
} {
"name": "76340",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76340"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "1033276",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033276"
}
]
}
}

34
2018/11xxx/CVE-2018-11107.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11107", "ID": "CVE-2018-11107",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/11xxx/CVE-2018-11431.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11431", "ID": "CVE-2018-11431",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/11xxx/CVE-2018-11673.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11673", "ID": "CVE-2018-11673",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/15xxx/CVE-2018-15069.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15069", "ID": "CVE-2018-15069",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/3xxx/CVE-2018-3350.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-3350", "ID": "CVE-2018-3350",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

122
2018/3xxx/CVE-2018-3641.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@intel.com", "ASSIGNER": "secure@intel.com",
"DATE_PUBLIC" : "2018-04-03T00:00:00", "DATE_PUBLIC": "2018-04-03T00:00:00",
"ID" : "CVE-2018-3641", "ID": "CVE-2018-3641",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Intel Remote Keyboard", "product_name": "Intel Remote Keyboard",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All" "version_value": "All"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Intel Corporation" "vendor_name": "Intel Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Escalation of privilege in all versions of the Intel Remote Keyboard allows a network attacker to inject keystrokes as a local user."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Escalation of Privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00122&languageid=en-fr", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00122&languageid=en-fr" "lang": "eng",
} "value": "Escalation of privilege in all versions of the Intel Remote Keyboard allows a network attacker to inject keystrokes as a local user."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00122&languageid=en-fr",
"refsource": "CONFIRM",
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00122&languageid=en-fr"
}
]
}
}

34
2018/7xxx/CVE-2018-7024.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-7024", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-7024",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

180
2018/7xxx/CVE-2018-7537.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7537", "ID": "CVE-2018-7537",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20180308 [SECURITY] [DLA 1303-1] python-django security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2018/03/msg00006.html" "lang": "eng",
}, "value": "An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable."
{ }
"name" : "https://www.djangoproject.com/weblog/2018/mar/06/security-releases/", ]
"refsource" : "CONFIRM", },
"url" : "https://www.djangoproject.com/weblog/2018/mar/06/security-releases/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-4161", "description": [
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2018/dsa-4161" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2018:2927", ]
"refsource" : "REDHAT", }
"url" : "https://access.redhat.com/errata/RHSA-2018:2927" ]
}, },
{ "references": {
"name" : "RHSA-2019:0265", "reference_data": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2019:0265" "name": "USN-3591-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3591-1/"
"name" : "USN-3591-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3591-1/" "name": "[debian-lts-announce] 20180308 [SECURITY] [DLA 1303-1] python-django security update",
}, "refsource": "MLIST",
{ "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00006.html"
"name" : "103357", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/103357" "name": "https://www.djangoproject.com/weblog/2018/mar/06/security-releases/",
} "refsource": "CONFIRM",
] "url": "https://www.djangoproject.com/weblog/2018/mar/06/security-releases/"
} },
} {
"name": "RHSA-2018:2927",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2927"
},
{
"name": "103357",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103357"
},
{
"name": "RHSA-2019:0265",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:0265"
},
{
"name": "DSA-4161",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4161"
}
]
}
}

120
2018/8xxx/CVE-2018-8106.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8106", "ID": "CVE-2018-8106",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://forum.xpdfreader.com/viewtopic.php?f=3&t=652", "description_data": [
"refsource" : "MISC", {
"url" : "https://forum.xpdfreader.com/viewtopic.php?f=3&t=652" "lang": "eng",
} "value": "The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=652",
"refsource": "MISC",
"url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=652"
}
]
}
}

234
2018/8xxx/CVE-2018-8454.json
View File

@ -1,119 +1,119 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8454", "ID": "CVE-2018-8454",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Windows 10 Servers", "product_name": "Windows 10 Servers",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "version 1709 (Server Core Installation)" "version_value": "version 1709 (Server Core Installation)"
}, },
{ {
"version_value" : "version 1803 (Server Core Installation)" "version_value": "version 1803 (Server Core Installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 10", "product_name": "Windows 10",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Version 1709 for 32-bit Systems" "version_value": "Version 1709 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1709 for ARM64-based Systems" "version_value": "Version 1709 for ARM64-based Systems"
}, },
{ {
"version_value" : "Version 1709 for x64-based Systems" "version_value": "Version 1709 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1803 for 32-bit Systems" "version_value": "Version 1803 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1803 for ARM64-based Systems" "version_value": "Version 1803 for ARM64-based Systems"
}, },
{ {
"version_value" : "Version 1803 for x64-based Systems" "version_value": "Version 1803 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1809 for 32-bit Systems" "version_value": "Version 1809 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1809 for ARM64-based Systems" "version_value": "Version 1809 for ARM64-based Systems"
}, },
{ {
"version_value" : "Version 1809 for x64-based Systems" "version_value": "Version 1809 for x64-based Systems"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2019", "product_name": "Windows Server 2019",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability exists when Windows Audio Service fails to properly handle objects in memory, aka \"Windows Audio Service Information Disclosure Vulnerability.\" This affects Windows 10 Servers, Windows 10, Windows Server 2019."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8454", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8454" "lang": "eng",
}, "value": "An information disclosure vulnerability exists when Windows Audio Service fails to properly handle objects in memory, aka \"Windows Audio Service Information Disclosure Vulnerability.\" This affects Windows 10 Servers, Windows 10, Windows Server 2019."
{ }
"name" : "105799", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/105799" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1042122", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1042122" "lang": "eng",
} "value": "Information Disclosure"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8454",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8454"
},
{
"name": "105799",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105799"
},
{
"name": "1042122",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1042122"
}
]
}
}

34
2018/8xxx/CVE-2018-8752.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8752", "ID": "CVE-2018-8752",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }