admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:13:01 +00:00
parent bf4be89fe4
commit 017b039138
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
54 changed files with 3488 additions and 3488 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

170
2001/0xxx/CVE-2001-0506.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0506", "ID": "CVE-2001-0506",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the \"SSI privilege elevation\" vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20010817 NSFOCUS SA2001-06 : Microsoft IIS ssinc.dll Buffer Overflow Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=99802093532233&w=2" "lang": "eng",
}, "value": "Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the directory name is added, aka the \"SSI privilege elevation\" vulnerability."
{ }
"name" : "20011127 IIS Server Side Include Buffer overflow exploit code", ]
"refsource" : "BUGTRAQ", },
"url" : "http://online.securityfocus.com/archive/1/242541" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MS01-044", "description": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-044" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "L-132", ]
"refsource" : "CIAC", }
"url" : "http://www.ciac.org/ciac/bulletins/l-132.shtml" ]
}, },
{ "references": {
"name" : "3190", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/3190" "name": "20011127 IIS Server Side Include Buffer overflow exploit code",
}, "refsource": "BUGTRAQ",
{ "url": "http://online.securityfocus.com/archive/1/242541"
"name" : "iis-ssi-directive-bo(6984)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6984" "name": "20010817 NSFOCUS SA2001-06 : Microsoft IIS ssinc.dll Buffer Overflow Vulnerability",
} "refsource": "BUGTRAQ",
] "url": "http://marc.info/?l=bugtraq&m=99802093532233&w=2"
} },
} {
"name": "3190",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3190"
},
{
"name": "iis-ssi-directive-bo(6984)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6984"
},
{
"name": "L-132",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/l-132.shtml"
},
{
"name": "MS01-044",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-044"
}
]
}
}

34
2008/0xxx/CVE-2008-0626.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2008-0626", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2008-0626",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6303. Reason: This candidate is a duplicate of CVE-2007-6303. Notes: All CVE users should reference CVE-2007-6303 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6303. Reason: This candidate is a duplicate of CVE-2007-6303. Notes: All CVE users should reference CVE-2007-6303 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

150
2008/0xxx/CVE-2008-0701.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-0701", "ID": "CVE-2008-0701",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ActivationHandler in Magnolia CE 3.5.x before 3.5.4 does not check permissions during importing, which allows remote attackers to have an unknown impact via activation of a new item, possibly involving addition of arbitrary new content."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://jira.magnolia.info/browse/MAGNOLIA-2021", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://jira.magnolia.info/browse/MAGNOLIA-2021" "lang": "eng",
}, "value": "ActivationHandler in Magnolia CE 3.5.x before 3.5.4 does not check permissions during importing, which allows remote attackers to have an unknown impact via activation of a new item, possibly involving addition of arbitrary new content."
{ }
"name" : "http://sourceforge.net/project/shownotes.php?release_id=573088", ]
"refsource" : "CONFIRM", },
"url" : "http://sourceforge.net/project/shownotes.php?release_id=573088" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "27608", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/27608" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "28745", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/28745" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://sourceforge.net/project/shownotes.php?release_id=573088",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=573088"
},
{
"name": "http://jira.magnolia.info/browse/MAGNOLIA-2021",
"refsource": "CONFIRM",
"url": "http://jira.magnolia.info/browse/MAGNOLIA-2021"
},
{
"name": "27608",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27608"
},
{
"name": "28745",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28745"
}
]
}
}

140
2008/0xxx/CVE-2008-0733.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-0733", "ID": "CVE-2008-0733",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in CS Team Counter Strike Portals allows remote attackers to execute arbitrary SQL commands via the id parameter, as demonstrated using the downloads page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080212 Kommentare zum Download script SQL Injection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/487988/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in CS Team Counter Strike Portals allows remote attackers to execute arbitrary SQL commands via the id parameter, as demonstrated using the downloads page."
{ }
"name" : "27747", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/27747" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "counterstrikeportals-index-sql-injection(40520)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/40520" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "counterstrikeportals-index-sql-injection(40520)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40520"
},
{
"name": "27747",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27747"
},
{
"name": "20080212 Kommentare zum Download script SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487988/100/0/threaded"
}
]
}
}

130
2008/0xxx/CVE-2008-0856.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-0856", "ID": "CVE-2008-0856",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in e-Vision CMS 2.02 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) iframe.php and (2) print.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "27816", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/27816" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in e-Vision CMS 2.02 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) iframe.php and (2) print.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "evisioncms-iframe-print-sql-injection(40859)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/40859" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27816",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27816"
},
{
"name": "evisioncms-iframe-print-sql-injection(40859)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40859"
}
]
}
}

160
2008/0xxx/CVE-2008-0946.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-0946", "ID": "CVE-2008-0946",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to create arbitrary empty files via a .. (dot dot) in the recipient field."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080207 Multiple vulnerabilities in Ipswitch Instant Messaging 2.0.8.1", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/487748/100/200/threaded" "lang": "eng",
}, "value": "Directory traversal vulnerability in the IM Server (aka IMserve or IMserver) in Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote authenticated users to create arbitrary empty files via a .. (dot dot) in the recipient field."
{ }
"name" : "http://aluigi.altervista.org/adv/ipsimene-adv.txt", ]
"refsource" : "MISC", },
"url" : "http://aluigi.altervista.org/adv/ipsimene-adv.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://aluigi.org/poc/ipsimene.zip", "description": [
"refsource" : "MISC", {
"url" : "http://aluigi.org/poc/ipsimene.zip" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "27677", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/27677" ]
}, },
{ "references": {
"name" : "3697", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3697" "name": "http://aluigi.altervista.org/adv/ipsimene-adv.txt",
} "refsource": "MISC",
] "url": "http://aluigi.altervista.org/adv/ipsimene-adv.txt"
} },
} {
"name": "20080207 Multiple vulnerabilities in Ipswitch Instant Messaging 2.0.8.1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487748/100/200/threaded"
},
{
"name": "27677",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27677"
},
{
"name": "3697",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3697"
},
{
"name": "http://aluigi.org/poc/ipsimene.zip",
"refsource": "MISC",
"url": "http://aluigi.org/poc/ipsimene.zip"
}
]
}
}

140
2008/1xxx/CVE-2008-1224.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-1224", "ID": "CVE-2008-1224",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in account.php in BosClassifieds Classified Ads System 3.0 allows remote attackers to inject arbitrary web script or HTML via the returnTo parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "28140", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/28140" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in account.php in BosClassifieds Classified Ads System 3.0 allows remote attackers to inject arbitrary web script or HTML via the returnTo parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "29261", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/29261" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "classifiedads-account-xss(41045)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41045" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "classifiedads-account-xss(41045)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41045"
},
{
"name": "28140",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28140"
},
{
"name": "29261",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29261"
}
]
}
}

170
2008/1xxx/CVE-2008-1353.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-1353", "ID": "CVE-2008-1353",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service (CPU and connection consumption) via multiple vfs.file.cksum commands with a special device node such as /dev/urandom or /dev/zero."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080313 Zabbix (zabbix_agentd) denial of service", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/489506/100/0/threaded" "lang": "eng",
}, "value": "zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service (CPU and connection consumption) via multiple vfs.file.cksum commands with a special device node such as /dev/urandom or /dev/zero."
{ }
"name" : "28244", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/28244" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2008-0878", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0878" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "29383", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/29383" ]
}, },
{ "references": {
"name" : "3747", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3747" "name": "ADV-2008-0878",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/0878"
"name" : "zabbix-zabbixagentd-dos(41196)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41196" "name": "3747",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/3747"
} },
} {
"name": "28244",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28244"
},
{
"name": "zabbix-zabbixagentd-dos(41196)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41196"
},
{
"name": "29383",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29383"
},
{
"name": "20080313 Zabbix (zabbix_agentd) denial of service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/489506/100/0/threaded"
}
]
}
}

300
2008/1xxx/CVE-2008-1552.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-1552", "ID": "CVE-2008-1552",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The silc_pkcs1_decode function in the silccrypt library (silcpkcs1.c) in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.7, SILC Client before 1.1.4, and SILC Server before 1.1.2 allows remote attackers to execute arbitrary code via a crafted PKCS#1 message, which triggers an integer underflow, signedness error, and a buffer overflow. NOTE: the researcher describes this as an integer overflow, but CVE uses the \"underflow\" term in cases of wraparound from unsigned subtraction."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080325 CORE-2007-1212: SILC pkcs_decode buffer overflow", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/490069/100/0/threaded" "lang": "eng",
}, "value": "The silc_pkcs1_decode function in the silccrypt library (silcpkcs1.c) in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.7, SILC Client before 1.1.4, and SILC Server before 1.1.2 allows remote attackers to execute arbitrary code via a crafted PKCS#1 message, which triggers an integer underflow, signedness error, and a buffer overflow. NOTE: the researcher describes this as an integer overflow, but CVE uses the \"underflow\" term in cases of wraparound from unsigned subtraction."
{ }
"name" : "http://www.coresecurity.com/?action=item&id=2206", ]
"refsource" : "MISC", },
"url" : "http://www.coresecurity.com/?action=item&id=2206" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://silcnet.org/general/news/?item=client_20080320_1", "description": [
"refsource" : "CONFIRM", {
"url" : "http://silcnet.org/general/news/?item=client_20080320_1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://silcnet.org/general/news/?item=server_20080320_1", ]
"refsource" : "CONFIRM", }
"url" : "http://silcnet.org/general/news/?item=server_20080320_1" ]
}, },
{ "references": {
"name" : "http://silcnet.org/general/news/?item=toolkit_20080320_1", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://silcnet.org/general/news/?item=toolkit_20080320_1" "name": "29465",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29465"
"name" : "FEDORA-2008-2616", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00513.html" "name": "29622",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29622"
"name" : "FEDORA-2008-2641", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00538.html" "name": "SUSE-SR:2008:008",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html"
"name" : "GLSA-200804-27", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200804-27.xml" "name": "1019690",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1019690"
"name" : "MDVSA-2008:158", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:158" "name": "GLSA-200804-27",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200804-27.xml"
"name" : "SUSE-SR:2008:008", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html" "name": "3795",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/3795"
"name" : "28373", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/28373" "name": "http://silcnet.org/general/news/?item=server_20080320_1",
}, "refsource": "CONFIRM",
{ "url": "http://silcnet.org/general/news/?item=server_20080320_1"
"name" : "29465", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29465" "name": "20080325 CORE-2007-1212: SILC pkcs_decode buffer overflow",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/490069/100/0/threaded"
"name" : "ADV-2008-0974", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0974/references" "name": "http://silcnet.org/general/news/?item=toolkit_20080320_1",
}, "refsource": "CONFIRM",
{ "url": "http://silcnet.org/general/news/?item=toolkit_20080320_1"
"name" : "1019690", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1019690" "name": "29463",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29463"
"name" : "29463", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29463" "name": "FEDORA-2008-2641",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00538.html"
"name" : "29622", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29622" "name": "ADV-2008-0974",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/0974/references"
"name" : "29946", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29946" "name": "29946",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29946"
"name" : "3795", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3795" "name": "28373",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/28373"
"name" : "silc-silcpkcs1decode-bo(41474)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41474" "name": "http://www.coresecurity.com/?action=item&id=2206",
} "refsource": "MISC",
] "url": "http://www.coresecurity.com/?action=item&id=2206"
} },
} {
"name": "http://silcnet.org/general/news/?item=client_20080320_1",
"refsource": "CONFIRM",
"url": "http://silcnet.org/general/news/?item=client_20080320_1"
},
{
"name": "MDVSA-2008:158",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:158"
},
{
"name": "silc-silcpkcs1decode-bo(41474)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41474"
},
{
"name": "FEDORA-2008-2616",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00513.html"
}
]
}
}

210
2008/1xxx/CVE-2008-1599.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-1599", "ID": "CVE-2008-1599",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The nddstat programs on IBM AIX 5.2, 5.3, and 6.1 do not properly handle environment variables, which allows local users to gain privileges by invoking (1) atmstat, (2) entstat, (3) fddistat, (4) hdlcstat, or (5) tokstat."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4156", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4156" "lang": "eng",
}, "value": "The nddstat programs on IBM AIX 5.2, 5.3, and 6.1 do not properly handle environment variables, which allows local users to gain privileges by invoking (1) atmstat, (2) entstat, (3) fddistat, (4) hdlcstat, or (5) tokstat."
{ }
"name" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4157", ]
"refsource" : "CONFIRM", },
"url" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4157" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4158", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4158" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "IZ16975", ]
"refsource" : "AIXAPAR", }
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ16975" ]
}, },
{ "references": {
"name" : "IZ16991", "reference_data": [
"refsource" : "AIXAPAR", {
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ16991" "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4157",
}, "refsource": "CONFIRM",
{ "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4157"
"name" : "IZ17058", },
"refsource" : "AIXAPAR", {
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ17058" "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4156",
}, "refsource": "CONFIRM",
{ "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4156"
"name" : "IZ17059", },
"refsource" : "AIXAPAR", {
"url" : "http://www.ibm.com/support/docview.wss?uid=isg1IZ17059" "name": "IZ16975",
}, "refsource": "AIXAPAR",
{ "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ16975"
"name" : "oval:org.mitre.oval:def:5468", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5468" "name": "1019604",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1019604"
"name" : "ADV-2008-0865", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0865" "name": "oval:org.mitre.oval:def:5468",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5468"
"name" : "1019604", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1019604" "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4158",
} "refsource": "CONFIRM",
] "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=4158"
} },
} {
"name": "IZ17058",
"refsource": "AIXAPAR",
"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ17058"
},
{
"name": "IZ17059",
"refsource": "AIXAPAR",
"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ17059"
},
{
"name": "IZ16991",
"refsource": "AIXAPAR",
"url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ16991"
},
{
"name": "ADV-2008-0865",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0865"
}
]
}
}

150
2008/1xxx/CVE-2008-1652.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-1652", "ID": "CVE-2008-1652",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the _serve_request_multiple function in lib/Perlbal/ClientHTTPBase.pm in Perlbal before 1.70, when concat get is enabled, allows remote attackers to read arbitrary files in a parent directory via a directory traversal sequence in an unspecified parameter. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://search.cpan.org/src/BRADFITZ/Perlbal-1.70/CHANGES", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://search.cpan.org/src/BRADFITZ/Perlbal-1.70/CHANGES" "lang": "eng",
}, "value": "Directory traversal vulnerability in the _serve_request_multiple function in lib/Perlbal/ClientHTTPBase.pm in Perlbal before 1.70, when concat get is enabled, allows remote attackers to read arbitrary files in a parent directory via a directory traversal sequence in an unspecified parameter. NOTE: some of these details are obtained from third party information."
{ }
"name" : "ADV-2008-1045", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2008/1045/references" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "29565", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29565" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "perlbal-serverequestmultiple-dir-traversal(41540)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41540" ]
} },
] "references": {
} "reference_data": [
} {
"name": "perlbal-serverequestmultiple-dir-traversal(41540)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41540"
},
{
"name": "ADV-2008-1045",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1045/references"
},
{
"name": "http://search.cpan.org/src/BRADFITZ/Perlbal-1.70/CHANGES",
"refsource": "CONFIRM",
"url": "http://search.cpan.org/src/BRADFITZ/Perlbal-1.70/CHANGES"
},
{
"name": "29565",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29565"
}
]
}
}

330
2008/5xxx/CVE-2008-5416.json
View File

@ -1,167 +1,167 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-5416", "ID": "CVE-2008-5416",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows Internal Database (WYukon) SP2 allows remote authenticated users to cause a denial of service (access violation exception) or execute arbitrary code by calling the sp_replwritetovarbin extended stored procedure with a set of invalid parameters that trigger memory overwrite, aka \"SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20081209 SEC Consult SA-20081109-0 :: Microsoft SQL Server 2000 sp_replwritetovarbin limited memory overwrite vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/499042/100/0/threaded" "lang": "eng",
}, "value": "Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows Internal Database (WYukon) SP2 allows remote authenticated users to cause a denial of service (access violation exception) or execute arbitrary code by calling the sp_replwritetovarbin extended stored procedure with a set of invalid parameters that trigger memory overwrite, aka \"SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability.\""
{ }
"name" : "20081210 Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite(update to SEC Consult SA-20081209)", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/499085/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/516397/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20081210 Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite (update to SEC Consult SA-20081209)", ]
"refsource" : "FULLDISC", }
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0304.html" ]
}, },
{ "references": {
"name" : "7501", "reference_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/7501" "name": "http://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt",
}, "refsource": "MISC",
{ "url": "http://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt"
"name" : "http://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt", },
"refsource" : "MISC", {
"url" : "http://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt" "name": "ADV-2008-3380",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/3380"
"name" : "http://www.microsoft.com/technet/security/advisory/961040.mspx", },
"refsource" : "CONFIRM", {
"url" : "http://www.microsoft.com/technet/security/advisory/961040.mspx" "name": "33034",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33034"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2009-055.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2009-055.htm" "name": "50917",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/50917"
"name" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" "name": "1021363",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1021363"
"name" : "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html" "name": "7501",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/7501"
"name" : "MS09-004", },
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-004" "name": "1021490",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1021490"
"name" : "TA09-041A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-041A.html" "name": "mssql-spreplwritetovarbin-bo(47182)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47182"
"name" : "VU#696644", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/696644" "name": "VU#696644",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/696644"
"name" : "32710", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/32710" "name": "20081209 SEC Consult SA-20081109-0 :: Microsoft SQL Server 2000 sp_replwritetovarbin limited memory overwrite vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/499042/100/0/threaded"
"name" : "50917", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/50917" "name": "20081210 Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite(update to SEC Consult SA-20081209)",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/499085/100/0/threaded"
"name" : "oval:org.mitre.oval:def:6217", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6217" "name": "MS09-004",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-004"
"name" : "ADV-2008-3380", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/3380" "name": "4706",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/4706"
"name" : "1021363", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1021363" "name": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
"name" : "1021490", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1021490" "name": "http://www.microsoft.com/technet/security/advisory/961040.mspx",
}, "refsource": "CONFIRM",
{ "url": "http://www.microsoft.com/technet/security/advisory/961040.mspx"
"name" : "33034", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33034" "name": "32710",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/32710"
"name" : "4706", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/4706" "name": "oval:org.mitre.oval:def:6217",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6217"
"name" : "mssql-spreplwritetovarbin-bo(47182)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47182" "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
} "refsource": "CONFIRM",
] "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
} },
} {
"name": "TA09-041A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-041A.html"
},
{
"name": "20081210 Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite (update to SEC Consult SA-20081209)",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0304.html"
},
{
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2009-055.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-055.htm"
}
]
}
}

220
2008/5xxx/CVE-2008-5518.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2008-5518", "ID": "CVE-2008-5518",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3) version, or (4) fileType parameter to console/portal//Services/Repository (aka the Services/Repository portlet); the (5) createDB parameter to console/portal/Embedded DB/DB Manager (aka the Embedded DB/DB Manager portlet); or the (6) filename parameter to the createKeystore script in the Security/Keystores portlet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090416 [DSECRG-09-018] Apache Geronimo - Directory Traversal vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/502733/100/0/threaded" "lang": "eng",
}, "value": "Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload files to arbitrary directories via directory traversal sequences in the (1) group, (2) artifact, (3) version, or (4) fileType parameter to console/portal//Services/Repository (aka the Services/Repository portlet); the (5) createDB parameter to console/portal/Embedded DB/DB Manager (aka the Embedded DB/DB Manager portlet); or the (6) filename parameter to the createKeystore script in the Security/Keystores portlet."
{ }
"name" : "8458", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/8458" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://dsecrg.com/pages/vul/show.php?id=118", "description": [
"refsource" : "MISC", {
"url" : "http://dsecrg.com/pages/vul/show.php?id=118" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-214", ]
"refsource" : "CONFIRM", }
"url" : "http://geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-214" ]
}, },
{ "references": {
"name" : "http://issues.apache.org/jira/browse/GERONIMO-4597", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://issues.apache.org/jira/browse/GERONIMO-4597" "name": "geronimo-keystores-directory-traversal(49900)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49900"
"name" : "34562", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/34562" "name": "geronimo-dbmanager-directory-traversal(49899)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49899"
"name" : "34715", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34715" "name": "http://geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-214",
}, "refsource": "CONFIRM",
{ "url": "http://geronimo.apache.org/21x-security-report.html#2.1.xSecurityReport-214"
"name" : "ADV-2009-1089", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/1089" "name": "ADV-2009-1089",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/1089"
"name" : "geronimo-dbmanager-directory-traversal(49899)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49899" "name": "34562",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/34562"
"name" : "geronimo-keystores-directory-traversal(49900)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49900" "name": "http://issues.apache.org/jira/browse/GERONIMO-4597",
}, "refsource": "CONFIRM",
{ "url": "http://issues.apache.org/jira/browse/GERONIMO-4597"
"name" : "geronimo-repository-directory-traversal(49898)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49898" "name": "34715",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/34715"
} },
} {
"name": "geronimo-repository-directory-traversal(49898)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49898"
},
{
"name": "8458",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8458"
},
{
"name": "20090416 [DSECRG-09-018] Apache Geronimo - Directory Traversal vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502733/100/0/threaded"
},
{
"name": "http://dsecrg.com/pages/vul/show.php?id=118",
"refsource": "MISC",
"url": "http://dsecrg.com/pages/vul/show.php?id=118"
}
]
}
}

190
2008/5xxx/CVE-2008-5674.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-5674", "ID": "CVE-2008-5674",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple array index errors in the HTTP server in Darkwet Network webcamXP 3.72.440.0 and earlier and beta 4.05.280 and earlier allow remote attackers to cause a denial of service (device crash) and read portions of memory via (1) an invalid camnum parameter to the pocketpc component and (2) an invalid id parameter to the show_gallery_pic component."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080219 Access violation and limited informations disclosure in webcamXP 3.72.440.0", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/488364/100/200/threaded" "lang": "eng",
}, "value": "Multiple array index errors in the HTTP server in Darkwet Network webcamXP 3.72.440.0 and earlier and beta 4.05.280 and earlier allow remote attackers to cause a denial of service (device crash) and read portions of memory via (1) an invalid camnum parameter to the pocketpc component and (2) an invalid id parameter to the show_gallery_pic component."
{ }
"name" : "http://aluigi.altervista.org/adv/webcamxp-adv.txt", ]
"refsource" : "MISC", },
"url" : "http://aluigi.altervista.org/adv/webcamxp-adv.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "27875", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/27875" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "42927", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/42927" ]
}, },
{ "references": {
"name" : "42928", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/42928" "name": "27875",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/27875"
"name" : "42929", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/42929" "name": "20080219 Access violation and limited informations disclosure in webcamXP 3.72.440.0",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/488364/100/200/threaded"
"name" : "29007", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29007" "name": "4788",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/4788"
"name" : "4788", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/4788" "name": "http://aluigi.altervista.org/adv/webcamxp-adv.txt",
} "refsource": "MISC",
] "url": "http://aluigi.altervista.org/adv/webcamxp-adv.txt"
} },
} {
"name": "42929",
"refsource": "OSVDB",
"url": "http://osvdb.org/42929"
},
{
"name": "29007",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29007"
},
{
"name": "42927",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/42927"
},
{
"name": "42928",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/42928"
}
]
}
}

150
2013/0xxx/CVE-2013-0222.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-0222", "ID": "CVE-2013-0222",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=796243", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=796243" "lang": "eng",
}, "value": "The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=903465", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=903465" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://build.opensuse.org/request/show/149348#diff_headline_coreutils-i18n-patch_diff_action_0_submit_0_19", "description": [
"refsource" : "CONFIRM", {
"url" : "https://build.opensuse.org/request/show/149348#diff_headline_coreutils-i18n-patch_diff_action_0_submit_0_19" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2013:1652", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1652.html" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=903465",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=903465"
},
{
"name": "RHSA-2013:1652",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1652.html"
},
{
"name": "https://build.opensuse.org/request/show/149348#diff_headline_coreutils-i18n-patch_diff_action_0_submit_0_19",
"refsource": "CONFIRM",
"url": "https://build.opensuse.org/request/show/149348#diff_headline_coreutils-i18n-patch_diff_action_0_submit_0_19"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=796243",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=796243"
}
]
}
}

300
2013/3xxx/CVE-2013-3012.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2013-3012", "ID": "CVE-2013-3012",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3011."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21644197", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21644197" "lang": "eng",
}, "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3011."
{ }
"name" : "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21642336", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21642336" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "IV44796", ]
"refsource" : "AIXAPAR", }
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44796" ]
}, },
{ "references": {
"name" : "IV44797", "reference_data": [
"refsource" : "AIXAPAR", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44797" "name": "RHSA-2013:1060",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
"name" : "IV44798", },
"refsource" : "AIXAPAR", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44798" "name": "ibm-java-cve20133012(84153)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84153"
"name" : "PM91730", },
"refsource" : "AIXAPAR", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91730" "name": "IV44798",
}, "refsource": "AIXAPAR",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44798"
"name" : "RHSA-2013:1081", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1081.html" "name": "SUSE-SU-2013:1264",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
"name" : "RHSA-2013:1060", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1060.html" "name": "SUSE-SU-2013:1257",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
"name" : "RHSA-2013:1059", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1059.html" "name": "IV44796",
}, "refsource": "AIXAPAR",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44796"
"name" : "SUSE-SU-2013:1305", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html" "name": "SUSE-SU-2013:1256",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
"name" : "SUSE-SU-2013:1293", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html" "name": "54154",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/54154"
"name" : "SUSE-SU-2013:1255", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html" "name": "SUSE-SU-2013:1263",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
"name" : "SUSE-SU-2013:1256", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html" "name": "RHSA-2013:1059",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
"name" : "SUSE-SU-2013:1257", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
"name" : "SUSE-SU-2013:1263", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html" "name": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013",
}, "refsource": "CONFIRM",
{ "url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
"name" : "SUSE-SU-2013:1264", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html" "name": "SUSE-SU-2013:1293",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
"name" : "54154", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/54154" "name": "RHSA-2013:1081",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
"name" : "ibm-java-cve20133012(84153)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/84153" "name": "PM91730",
} "refsource": "AIXAPAR",
] "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91730"
} },
} {
"name": "SUSE-SU-2013:1255",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"name": "IV44797",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44797"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"name": "SUSE-SU-2013:1305",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
}
]
}
}

140
2013/3xxx/CVE-2013-3468.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2013-3468", "ID": "CVE-2013-3468",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Cisco Unified IP Phone 8945 with software 9.3(2) allows remote attackers to cause a denial of service (device hang) via a malformed PNG file, aka Bug ID CSCud04270."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20130828 Cisco Unified IP Phone 8945 Crafted PNG Image Lockup Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3468" "lang": "eng",
}, "value": "The Cisco Unified IP Phone 8945 with software 9.3(2) allows remote attackers to cause a denial of service (device hang) via a malformed PNG file, aka Bug ID CSCud04270."
{ }
"name" : "96669", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/96669" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1028964", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1028964" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1028964",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028964"
},
{
"name": "96669",
"refsource": "OSVDB",
"url": "http://osvdb.org/96669"
},
{
"name": "20130828 Cisco Unified IP Phone 8945 Crafted PNG Image Lockup Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3468"
}
]
}
}

140
2013/3xxx/CVE-2013-3471.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2013-3471", "ID": "CVE-2013-3471",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The captive portal application in Cisco Identity Services Engine (ISE) allows remote attackers to discover cleartext usernames and passwords by leveraging unspecified use of hidden form fields in an HTML document, aka Bug ID CSCug02515."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=30524", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=30524" "lang": "eng",
}, "value": "The captive portal application in Cisco Identity Services Engine (ISE) allows remote attackers to discover cleartext usernames and passwords by leveraging unspecified use of hidden form fields in an HTML document, aka Bug ID CSCug02515."
{ }
"name" : "20130828 Cisco ISE Captive Portal Application Plaintext Credentials Exposure Vulnerability", ]
"refsource" : "CISCO", },
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3471" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1028965", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1028965" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20130828 Cisco ISE Captive Portal Application Plaintext Credentials Exposure Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3471"
},
{
"name": "1028965",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028965"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30524",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30524"
}
]
}
}

150
2013/3xxx/CVE-2013-3530.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-3530", "ID": "CVE-2013-3530",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in playlist.php in the Spiffy XSPF Player plugin 0.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the playlist_id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.com/files/121204/WordPress-Spiffy-XSPF-Player-0.1-SQL-Injection.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/121204/WordPress-Spiffy-XSPF-Player-0.1-SQL-Injection.html" "lang": "eng",
}, "value": "SQL injection vulnerability in playlist.php in the Spiffy XSPF Player plugin 0.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the playlist_id parameter."
{ }
"name" : "58976", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/58976" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "92258", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/92258" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "wp-spiffyxspfplayer-playlist-sql-injection(83345)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/83345" ]
} },
] "references": {
} "reference_data": [
} {
"name": "wp-spiffyxspfplayer-playlist-sql-injection(83345)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83345"
},
{
"name": "http://packetstormsecurity.com/files/121204/WordPress-Spiffy-XSPF-Player-0.1-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/121204/WordPress-Spiffy-XSPF-Player-0.1-SQL-Injection.html"
},
{
"name": "92258",
"refsource": "OSVDB",
"url": "http://osvdb.org/92258"
},
{
"name": "58976",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/58976"
}
]
}
}

170
2013/4xxx/CVE-2013-4540.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-4540", "ID": "CVE-2013-4540",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in scoop_gpio_handler_update in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a large (1) prev_level, (2) gpio_level, or (3) gpio_dir value in a savevm image."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[Qemu-devel] 20131213 [PATCH 00/23] qemu state loading issues", "description_data": [
"refsource" : "MLIST", {
"url" : "http://lists.gnu.org/archive/html/qemu-devel/2013-12/msg00394.html" "lang": "eng",
}, "value": "Buffer overflow in scoop_gpio_handler_update in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a large (1) prev_level, (2) gpio_level, or (3) gpio_dir value in a savevm image."
{ }
"name" : "[Qemu-stable] 20140723 [ANNOUNCE] QEMU 1.7.2 Stable released", ]
"refsource" : "MLIST", },
"url" : "http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://git.qemu.org/?p=qemu.git;a=commit;h=52f91c3723932f8340fe36c8ec8b18a757c37b2b", "description": [
"refsource" : "CONFIRM", {
"url" : "http://git.qemu.org/?p=qemu.git;a=commit;h=52f91c3723932f8340fe36c8ec8b18a757c37b2b" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2014-6288", ]
"refsource" : "FEDORA", }
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2014:1279", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html" "name": "openSUSE-SU-2014:1281",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html"
"name" : "openSUSE-SU-2014:1281", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html" "name": "[Qemu-stable] 20140723 [ANNOUNCE] QEMU 1.7.2 Stable released",
} "refsource": "MLIST",
] "url": "http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html"
} },
} {
"name": "openSUSE-SU-2014:1279",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html"
},
{
"name": "[Qemu-devel] 20131213 [PATCH 00/23] qemu state loading issues",
"refsource": "MLIST",
"url": "http://lists.gnu.org/archive/html/qemu-devel/2013-12/msg00394.html"
},
{
"name": "FEDORA-2014-6288",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html"
},
{
"name": "http://git.qemu.org/?p=qemu.git;a=commit;h=52f91c3723932f8340fe36c8ec8b18a757c37b2b",
"refsource": "CONFIRM",
"url": "http://git.qemu.org/?p=qemu.git;a=commit;h=52f91c3723932f8340fe36c8ec8b18a757c37b2b"
}
]
}
}

190
2013/4xxx/CVE-2013-4554.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-4554", "ID": "CVE-2013-4554",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20131126 Xen Security Advisory 76 (CVE-2013-4554) - Hypercalls exposed to privilege rings 1 and 2 of HVM guests", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2013/11/26/9" "lang": "eng",
}, "value": "Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2."
{ }
"name" : "GLSA-201407-03", ]
"refsource" : "GENTOO", },
"url" : "http://security.gentoo.org/glsa/glsa-201407-03.xml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2014:0285", "description": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0285.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "openSUSE-SU-2013:1876", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-updates/2013-12/msg00059.html" ]
}, },
{ "references": {
"name" : "SUSE-SU-2014:0411", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html" "name": "SUSE-SU-2014:0470",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html"
"name" : "SUSE-SU-2014:0372", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html" "name": "RHSA-2014:0285",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-0285.html"
"name" : "SUSE-SU-2014:0446", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html" "name": "GLSA-201407-03",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201407-03.xml"
"name" : "SUSE-SU-2014:0470", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html" "name": "[oss-security] 20131126 Xen Security Advisory 76 (CVE-2013-4554) - Hypercalls exposed to privilege rings 1 and 2 of HVM guests",
} "refsource": "MLIST",
] "url": "http://www.openwall.com/lists/oss-security/2013/11/26/9"
} },
} {
"name": "SUSE-SU-2014:0372",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html"
},
{
"name": "SUSE-SU-2014:0446",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
},
{
"name": "SUSE-SU-2014:0411",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html"
},
{
"name": "openSUSE-SU-2013:1876",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00059.html"
}
]
}
}

34
2013/4xxx/CVE-2013-4657.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-4657", "ID": "CVE-2013-4657",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2013/6xxx/CVE-2013-6101.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2013-6101", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2013-6101",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none."
} }
] ]
} }
} }

160
2013/7xxx/CVE-2013-7273.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-7273", "ID": "CVE-2013-7273",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "GNOME Display Manager (gdm) 3.4.1 and earlier, when disable-user-list is set to true, allows local users to cause a denial of service (unable to login) by pressing the cancel button after entering a user name."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140107 CVE Re: request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/01/07/10" "lang": "eng",
}, "value": "GNOME Display Manager (gdm) 3.4.1 and earlier, when disable-user-list is set to true, allows local users to cause a denial of service (unable to login) by pressing the cancel button after entering a user name."
{ }
"name" : "[oss-security] 20140107 CVE Re: request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2014/01/07/16" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.gnome.org/show_bug.cgi?id=704284", "description": [
"refsource" : "MISC", {
"url" : "https://bugzilla.gnome.org/show_bug.cgi?id=704284" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683338", ]
"refsource" : "CONFIRM", }
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683338" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1050745", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1050745" "name": "[oss-security] 20140107 CVE Re: request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference",
} "refsource": "MLIST",
] "url": "http://www.openwall.com/lists/oss-security/2014/01/07/10"
} },
} {
"name": "https://bugzilla.gnome.org/show_bug.cgi?id=704284",
"refsource": "MISC",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=704284"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683338",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683338"
},
{
"name": "[oss-security] 20140107 CVE Re: request: lightdm-gtk-greeter - local DOS due to NULL pointer dereference",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/01/07/16"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1050745",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1050745"
}
]
}
}

34
2013/7xxx/CVE-2013-7371.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-7371", "ID": "CVE-2013-7371",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2017/10xxx/CVE-2017-10526.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-10526", "ID": "CVE-2017-10526",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2017/10xxx/CVE-2017-10537.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-10537", "ID": "CVE-2017-10537",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2017/10xxx/CVE-2017-10699.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-10699", "ID": "CVE-2017-10699",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before 2017-06-29, allows out-of-bounds heap memory write due to calling memcpy() with a wrong size, leading to a denial of service (application crash) or possibly code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://trac.videolan.org/vlc/ticket/18467", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://trac.videolan.org/vlc/ticket/18467" "lang": "eng",
}, "value": "avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before 2017-06-29, allows out-of-bounds heap memory write due to calling memcpy() with a wrong size, leading to a denial of service (application crash) or possibly code execution."
{ }
"name" : "DSA-4045", ]
"refsource" : "DEBIAN", },
"url" : "https://www.debian.org/security/2017/dsa-4045" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038816", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038816" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1038816",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038816"
},
{
"name": "DSA-4045",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4045"
},
{
"name": "https://trac.videolan.org/vlc/ticket/18467",
"refsource": "CONFIRM",
"url": "https://trac.videolan.org/vlc/ticket/18467"
}
]
}
}

120
2017/10xxx/CVE-2017-10758.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-10758", "ID": "CVE-2017-10758",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to \"Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpCoalesceFreeBlocks+0x00000000000004b4.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10758", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10758" "lang": "eng",
} "value": "XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to \"Data from Faulting Address controls Branch Selection starting at ntdll_77df0000!RtlpCoalesceFreeBlocks+0x00000000000004b4.\""
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10758",
"refsource": "MISC",
"url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-10758"
}
]
}
}

160
2017/10xxx/CVE-2017-10915.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-10915", "ID": "CVE-2017-10915",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://xenbits.xen.org/xsa/advisory-219.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://xenbits.xen.org/xsa/advisory-219.html" "lang": "eng",
}, "value": "The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219."
{ }
"name" : "DSA-3969", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2017/dsa-3969" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201708-03", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201708-03" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201710-17", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201710-17" ]
}, },
{ "references": {
"name" : "99174", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/99174" "name": "GLSA-201708-03",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201708-03"
} },
} {
"name": "DSA-3969",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3969"
},
{
"name": "99174",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99174"
},
{
"name": "https://xenbits.xen.org/xsa/advisory-219.html",
"refsource": "CONFIRM",
"url": "https://xenbits.xen.org/xsa/advisory-219.html"
},
{
"name": "GLSA-201710-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201710-17"
}
]
}
}

140
2017/12xxx/CVE-2017-12281.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2017-12281", "ID": "CVE-2017-12281",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco Aironet 1800, 2800, and 3800 Series Access Points", "product_name": "Cisco Aironet 1800, 2800, and 3800 Series Access Points",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Cisco Aironet 1800, 2800, and 3800 Series Access Points" "version_value": "Cisco Aironet 1800, 2800, and 3800 Series Access Points"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in the implementation of Protected Extensible Authentication Protocol (PEAP) functionality for standalone configurations of Cisco Aironet 1800, 2800, and 3800 Series Access Points could allow an unauthenticated, adjacent attacker to bypass authentication and connect to an affected device. The vulnerability exists because the affected device uses an incorrect default configuration setting of fail open when running in standalone mode. An attacker could exploit this vulnerability by attempting to connect to an affected device. A successful exploit could allow the attacker to bypass authentication and connect to the affected device. This vulnerability affects Cisco Aironet 1800, 2800, and 3800 Series Access Points that are running a vulnerable software release and use WLAN configuration settings that include FlexConnect local switching and central authentication with MAC filtering. Cisco Bug IDs: CSCvd46314."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-287"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-aironet3", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-aironet3" "lang": "eng",
}, "value": "A vulnerability in the implementation of Protected Extensible Authentication Protocol (PEAP) functionality for standalone configurations of Cisco Aironet 1800, 2800, and 3800 Series Access Points could allow an unauthenticated, adjacent attacker to bypass authentication and connect to an affected device. The vulnerability exists because the affected device uses an incorrect default configuration setting of fail open when running in standalone mode. An attacker could exploit this vulnerability by attempting to connect to an affected device. A successful exploit could allow the attacker to bypass authentication and connect to the affected device. This vulnerability affects Cisco Aironet 1800, 2800, and 3800 Series Access Points that are running a vulnerable software release and use WLAN configuration settings that include FlexConnect local switching and central authentication with MAC filtering. Cisco Bug IDs: CSCvd46314."
{ }
"name" : "101649", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/101649" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1039725", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039725" "lang": "eng",
} "value": "CWE-287"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "101649",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101649"
},
{
"name": "1039725",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039725"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-aironet3",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-aironet3"
}
]
}
}

130
2017/12xxx/CVE-2017-12699.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "ics-cert@hq.dhs.gov", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2017-12699", "ID": "CVE-2017-12699",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "AzeoTech DAQFactory", "product_name": "AzeoTech DAQFactory",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "AzeoTech DAQFactory" "version_value": "AzeoTech DAQFactory"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An Incorrect Default Permissions issue was discovered in AzeoTech DAQFactory versions prior to 17.1. Local, non-administrative users may be able to replace or modify original application files with malicious ones."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-276"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-241-01", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-241-01" "lang": "eng",
}, "value": "An Incorrect Default Permissions issue was discovered in AzeoTech DAQFactory versions prior to 17.1. Local, non-administrative users may be able to replace or modify original application files with malicious ones."
{ }
"name" : "100522", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/100522" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "CWE-276"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100522",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100522"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-241-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-241-01"
}
]
}
}

34
2017/12xxx/CVE-2017-12884.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-12884", "ID": "CVE-2017-12884",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2017/13xxx/CVE-2017-13114.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-13114", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-13114",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/13xxx/CVE-2017-13409.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-13409", "ID": "CVE-2017-13409",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2017/13xxx/CVE-2017-13455.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-13455", "ID": "CVE-2017-13455",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2017/13xxx/CVE-2017-13581.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-13581", "ID": "CVE-2017-13581",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2017/13xxx/CVE-2017-13781.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-13781", "ID": "CVE-2017-13781",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

180
2017/13xxx/CVE-2017-13788.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2017-13788", "ID": "CVE-2017-13788",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT208219", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT208219" "lang": "eng",
}, "value": "An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
{ }
"name" : "https://support.apple.com/HT208222", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT208222" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT208223", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT208223" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://support.apple.com/HT208224", ]
"refsource" : "CONFIRM", }
"url" : "https://support.apple.com/HT208224" ]
}, },
{ "references": {
"name" : "https://support.apple.com/HT208225", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT208225" "name": "https://support.apple.com/HT208225",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT208225"
"name" : "GLSA-201712-01", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201712-01" "name": "https://support.apple.com/HT208222",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT208222"
"name" : "1039703", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039703" "name": "https://support.apple.com/HT208219",
} "refsource": "CONFIRM",
] "url": "https://support.apple.com/HT208219"
} },
} {
"name": "https://support.apple.com/HT208224",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208224"
},
{
"name": "GLSA-201712-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201712-01"
},
{
"name": "1039703",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039703"
},
{
"name": "https://support.apple.com/HT208223",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208223"
}
]
}
}

34
2017/17xxx/CVE-2017-17706.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-17706", "ID": "CVE-2017-17706",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2017/17xxx/CVE-2017-17773.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"ID" : "CVE-2017-17773", "ID": "CVE-2017-17773",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Snapdragon Automobile, Snapdragon Wearable and Snapdragon Mobile MDM9206,MDM9607,MDM9650,SD 210/SD 212/SD 205,SD 400,SD 410/12,SD 425,SD 430,SD 450,SD 600,SD 602A,SD 615/16/SD 415,SD 617,SD 625,SD 650/52,SD 800,SD 808,SD 810,SD 820,SD 820Am,SD 835,SD 845,MSM8909W, improper input validation in video_fmt_mp4r_process_atom_avc1() causes a potential buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2018-03-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2018-03-01" "lang": "eng",
}, "value": "In Snapdragon Automobile, Snapdragon Wearable and Snapdragon Mobile MDM9206,MDM9607,MDM9650,SD 210/SD 212/SD 205,SD 400,SD 410/12,SD 425,SD 430,SD 450,SD 600,SD 602A,SD 615/16/SD 415,SD 617,SD 625,SD 650/52,SD 800,SD 808,SD 810,SD 820,SD 820Am,SD 835,SD 845,MSM8909W, improper input validation in video_fmt_mp4r_process_atom_avc1() causes a potential buffer overflow."
{ }
"name" : "103292", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103292" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-03-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-03-01"
},
{
"name": "103292",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103292"
}
]
}
}

130
2017/17xxx/CVE-2017-17818.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-17818", "ID": "CVE-2017-17818",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in paste_tokens in asm/preproc.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.nasm.us/show_bug.cgi?id=3392428", "description_data": [
"refsource" : "MISC", {
"url" : "https://bugzilla.nasm.us/show_bug.cgi?id=3392428" "lang": "eng",
}, "value": "In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in paste_tokens in asm/preproc.c."
{ }
"name" : "USN-3694-1", ]
"refsource" : "UBUNTU", },
"url" : "https://usn.ubuntu.com/3694-1/" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3694-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3694-1/"
},
{
"name": "https://bugzilla.nasm.us/show_bug.cgi?id=3392428",
"refsource": "MISC",
"url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392428"
}
]
}
}

34
2018/0xxx/CVE-2018-0246.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-0246", "ID": "CVE-2018-0246",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/0xxx/CVE-2018-0725.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-0725", "ID": "CVE-2018-0725",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

170
2018/18xxx/CVE-2018-18264.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-18264", "ID": "CVE-2018-18264",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/kubernetes/dashboard/pull/3289", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/kubernetes/dashboard/pull/3289" "lang": "eng",
}, "value": "Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster."
{ }
"name" : "https://github.com/kubernetes/dashboard/pull/3400", ]
"refsource" : "MISC", },
"url" : "https://github.com/kubernetes/dashboard/pull/3400" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/kubernetes/dashboard/releases/tag/v1.10.1", "description": [
"refsource" : "MISC", {
"url" : "https://github.com/kubernetes/dashboard/releases/tag/v1.10.1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://groups.google.com/forum/#!topic/kubernetes-announce/yBrFf5nmvfI", ]
"refsource" : "MISC", }
"url" : "https://groups.google.com/forum/#!topic/kubernetes-announce/yBrFf5nmvfI" ]
}, },
{ "references": {
"name" : "https://sysdig.com/blog/privilege-escalation-kubernetes-dashboard/", "reference_data": [
"refsource" : "MISC", {
"url" : "https://sysdig.com/blog/privilege-escalation-kubernetes-dashboard/" "name": "https://sysdig.com/blog/privilege-escalation-kubernetes-dashboard/",
}, "refsource": "MISC",
{ "url": "https://sysdig.com/blog/privilege-escalation-kubernetes-dashboard/"
"name" : "106493", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/106493" "name": "106493",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/106493"
} },
} {
"name": "https://groups.google.com/forum/#!topic/kubernetes-announce/yBrFf5nmvfI",
"refsource": "MISC",
"url": "https://groups.google.com/forum/#!topic/kubernetes-announce/yBrFf5nmvfI"
},
{
"name": "https://github.com/kubernetes/dashboard/releases/tag/v1.10.1",
"refsource": "MISC",
"url": "https://github.com/kubernetes/dashboard/releases/tag/v1.10.1"
},
{
"name": "https://github.com/kubernetes/dashboard/pull/3400",
"refsource": "MISC",
"url": "https://github.com/kubernetes/dashboard/pull/3400"
},
{
"name": "https://github.com/kubernetes/dashboard/pull/3289",
"refsource": "MISC",
"url": "https://github.com/kubernetes/dashboard/pull/3289"
}
]
}
}

160
2018/18xxx/CVE-2018-18820.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-18820", "ID": "CVE-2018-18820",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20181101 Icecast 2.4.4 - CVE-2018-18820 - buffer overflow in url-auth", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2018/11/01/3" "lang": "eng",
}, "value": "A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution."
{ }
"name" : "[debian-lts-announce] 20181126 [SECURITY] [DLA-1588-1] icecast2 security update", ]
"refsource" : "MLIST", },
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00033.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-4333", "description": [
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2018/dsa-4333" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201811-09", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201811-09" ]
}, },
{ "references": {
"name" : "1042019", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1042019" "name": "1042019",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1042019"
} },
} {
"name": "GLSA-201811-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201811-09"
},
{
"name": "[debian-lts-announce] 20181126 [SECURITY] [DLA-1588-1] icecast2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00033.html"
},
{
"name": "[oss-security] 20181101 Icecast 2.4.4 - CVE-2018-18820 - buffer overflow in url-auth",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2018/11/01/3"
},
{
"name": "DSA-4333",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4333"
}
]
}
}

130
2018/19xxx/CVE-2018-19182.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-19182", "ID": "CVE-2018-19182",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Engelsystem before commit hash 2e28336 allows CSRF."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/MyIgel/engelsystem/commit/2e28336818183e2c63c8015fb476bc01c822f50a", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/MyIgel/engelsystem/commit/2e28336818183e2c63c8015fb476bc01c822f50a" "lang": "eng",
}, "value": "Engelsystem before commit hash 2e28336 allows CSRF."
{ }
"name" : "https://github.com/engelsystem/engelsystem/issues/494", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/engelsystem/engelsystem/issues/494" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/MyIgel/engelsystem/commit/2e28336818183e2c63c8015fb476bc01c822f50a",
"refsource": "CONFIRM",
"url": "https://github.com/MyIgel/engelsystem/commit/2e28336818183e2c63c8015fb476bc01c822f50a"
},
{
"name": "https://github.com/engelsystem/engelsystem/issues/494",
"refsource": "CONFIRM",
"url": "https://github.com/engelsystem/engelsystem/issues/494"
}
]
}
}

120
2018/19xxx/CVE-2018-19693.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-19693", "ID": "CVE-2018-19693",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in tp5cms through 2017-05-25. admin.php/system/set.html has XSS via the title parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/fmsdwifull/tp5cms/issues/6", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/fmsdwifull/tp5cms/issues/6" "lang": "eng",
} "value": "An issue was discovered in tp5cms through 2017-05-25. admin.php/system/set.html has XSS via the title parameter."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/fmsdwifull/tp5cms/issues/6",
"refsource": "MISC",
"url": "https://github.com/fmsdwifull/tp5cms/issues/6"
}
]
}
}

34
2018/19xxx/CVE-2018-19855.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-19855", "ID": "CVE-2018-19855",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

132
2018/1xxx/CVE-2018-1337.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@apache.org", "ASSIGNER": "security@apache.org",
"DATE_PUBLIC" : "2018-07-10T00:00:00", "DATE_PUBLIC": "2018-07-10T00:00:00",
"ID" : "CVE-2018-1337", "ID": "CVE-2018-1337",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Apache Directory", "product_name": "Apache Directory",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "LDAP API prior to 1.0.2" "version_value": "LDAP API prior to 1.0.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Apache Software Foundation" "vendor_name": "Apache Software Foundation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any information contained in this request (including the credentials when sending a BIND request)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Plaintext Password Disclosure in Secured Channel"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[directory-dev] 20180710 [Annoucement] CVE-2018-1337 Plaintext Password Disclosure in Secured Channel", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.apache.org/thread.html/d66081195e9a02ee7cc20fb243b60467d1419586eed28297d820768f@%3Cdev.directory.apache.org%3E" "lang": "eng",
}, "value": "In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any information contained in this request (including the credentials when sending a BIND request)."
{ }
"name" : "104744", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/104744" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Plaintext Password Disclosure in Secured Channel"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104744",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104744"
},
{
"name": "[directory-dev] 20180710 [Annoucement] CVE-2018-1337 Plaintext Password Disclosure in Secured Channel",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/d66081195e9a02ee7cc20fb243b60467d1419586eed28297d820768f@%3Cdev.directory.apache.org%3E"
}
]
}
}

286
2018/1xxx/CVE-2018-1652.json
View File

@ -1,145 +1,145 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-12-10T00:00:00", "DATE_PUBLIC": "2018-12-10T00:00:00",
"ID" : "CVE-2018-1652", "ID": "CVE-2018-1652",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "DataPower Gateways", "product_name": "DataPower Gateways",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "7.1.0.0" "version_value": "7.1.0.0"
}, },
{ {
"version_value" : "7.2.0.0" "version_value": "7.2.0.0"
}, },
{ {
"version_value" : "7.5.0.0" "version_value": "7.5.0.0"
}, },
{ {
"version_value" : "7.5.1.0" "version_value": "7.5.1.0"
}, },
{ {
"version_value" : "7.6.0.0" "version_value": "7.6.0.0"
}, },
{ {
"version_value" : "7.5.2.0" "version_value": "7.5.2.0"
}, },
{ {
"version_value" : "7.6.0.2" "version_value": "7.6.0.2"
}, },
{ {
"version_value" : "7.5.2.9" "version_value": "7.5.2.9"
}, },
{ {
"version_value" : "7.5.1.9" "version_value": "7.5.1.9"
}, },
{ {
"version_value" : "7.5.0.10" "version_value": "7.5.0.10"
}, },
{ {
"version_value" : "7.2.0.16" "version_value": "7.2.0.16"
}, },
{ {
"version_value" : "7.1.0.19" "version_value": "7.1.0.19"
} }
] ]
} }
}, },
{ {
"product_name" : "MQ Appliance", "product_name": "MQ Appliance",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.0.1" "version_value": "9.0.1"
}, },
{ {
"version_value" : "9.0.5" "version_value": "9.0.5"
}, },
{ {
"version_value" : "8.0.0.0" "version_value": "8.0.0.0"
}, },
{ {
"version_value" : "8.0.0.8" "version_value": "8.0.0.8"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM DataPower Gateway 7.1.0.0 through 7.1.0.19, 7.2.0.0 through 7.2.0.16, 7.5.0.0 through 7.5.0.10, 7.5.1.0 through 7.5.1.9, 7.5.2.0 through 7.5.2.9, and 7.6.0.0 through 7.6.0.2 and IBM MQ Appliance 8.0.0.0 through 8.0.0.8 and 9.0.1 through 9.0.5 could allow a local user to cause a denial of service through unknown vectors. IBM X-Force ID: 144724."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "H",
"AC" : "L",
"AV" : "L",
"C" : "N",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "6.200",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10717483", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10717483" "lang": "eng",
}, "value": "IBM DataPower Gateway 7.1.0.0 through 7.1.0.19, 7.2.0.0 through 7.2.0.16, 7.5.0.0 through 7.5.0.10, 7.5.1.0 through 7.5.1.9, 7.5.2.0 through 7.5.2.9, and 7.6.0.0 through 7.6.0.2 and IBM MQ Appliance 8.0.0.0 through 8.0.0.8 and 9.0.1 through 9.0.5 could allow a local user to cause a denial of service through unknown vectors. IBM X-Force ID: 144724."
{ }
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10744557", ]
"refsource" : "CONFIRM", },
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10744557" "impact": {
}, "cvssv3": {
{ "BM": {
"name" : "ibm-mq-cve20181652-dos(144724)", "A": "H",
"refsource" : "XF", "AC": "L",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/144724" "AV": "L",
} "C": "N",
] "I": "N",
} "PR": "N",
} "S": "U",
"SCORE": "6.200",
"UI": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-mq-cve20181652-dos(144724)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144724"
},
{
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10717483",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10717483"
},
{
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10744557",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10744557"
}
]
}
}

194
2018/1xxx/CVE-2018-1871.json
View File

@ -1,99 +1,99 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-12-04T00:00:00", "DATE_PUBLIC": "2018-12-04T00:00:00",
"ID" : "CVE-2018-1871", "ID": "CVE-2018-1871",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Financial Transaction Manager", "product_name": "Financial Transaction Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "3.0.2" "version_value": "3.0.2"
}, },
{ {
"version_value" : "3.0.5" "version_value": "3.0.5"
}, },
{ {
"version_value" : "3.0.0" "version_value": "3.0.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.0, 3.0.2, and 3.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 151329."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "L",
"PR" : "L",
"S" : "C",
"SCORE" : "5.400",
"UI" : "R"
},
"TM" : {
"E" : "H",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10743123", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10743123" "lang": "eng",
}, "value": "IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.0, 3.0.2, and 3.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 151329."
{ }
"name" : "106149", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/106149" "impact": {
}, "cvssv3": {
{ "BM": {
"name" : "ibm-ftm-cve20181871-xss(151329)", "A": "N",
"refsource" : "XF", "AC": "L",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/151329" "AV": "N",
} "C": "L",
] "I": "L",
} "PR": "L",
} "S": "C",
"SCORE": "5.400",
"UI": "R"
},
"TM": {
"E": "H",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10743123",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10743123"
},
{
"name": "106149",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106149"
},
{
"name": "ibm-ftm-cve20181871-xss(151329)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/151329"
}
]
}
}

130
2018/5xxx/CVE-2018-5315.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-5315", "ID": "CVE-2018-5315",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Wachipi WP Events Calendar plugin 1.0 for WordPress has SQL Injection via the event_id parameter to event.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "43479", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/43479/" "lang": "eng",
}, "value": "The Wachipi WP Events Calendar plugin 1.0 for WordPress has SQL Injection via the event_id parameter to event.php."
{ }
"name" : "http://packetstormsecurity.com/files/145833/WordPress-Events-Calendar-1.0-SQL-Injection.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/145833/WordPress-Events-Calendar-1.0-SQL-Injection.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/145833/WordPress-Events-Calendar-1.0-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/145833/WordPress-Events-Calendar-1.0-SQL-Injection.html"
},
{
"name": "43479",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43479/"
}
]
}
}

120
2018/5xxx/CVE-2018-5669.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-5669", "ID": "CVE-2018-5669",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in the read-and-understood plugin 2.1 for WordPress. CSRF exists via wp-admin/options-general.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/d4wner/Vulnerabilities-Report/blob/master/read-and-understood.md", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/d4wner/Vulnerabilities-Report/blob/master/read-and-understood.md" "lang": "eng",
} "value": "An issue was discovered in the read-and-understood plugin 2.1 for WordPress. CSRF exists via wp-admin/options-general.php."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/read-and-understood.md",
"refsource": "MISC",
"url": "https://github.com/d4wner/Vulnerabilities-Report/blob/master/read-and-understood.md"
}
]
}
}