admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-05 10:18:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-01-02 19:01:05 +00:00
parent 630b31cd8a
commit 0487d24b14
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
12 changed files with 591 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
2010/3xxx/CVE-2010-3782.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3782",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "obs-server before 1.7.7 allows logins by 'unconfirmed' accounts due to a bug in the REST api implementation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00001.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00001.html"
}
]
}

60
2013/3xxx/CVE-2013-3944.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2013-3944",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,61 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Stack-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via an IMAGE tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IrfanView",
"product": {
"product_data": [
{
"product_name": "MrSID plugin",
"version": {
"version_data": [
{
"version_value": "before 4.37"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/64385",
"url": "http://www.securityfocus.com/bid/64385"
},
{
"refsource": "CONFIRM",
"name": "https://www.irfanview.com/history_old.htm",
"url": "https://www.irfanview.com/history_old.htm"
},
{
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89804",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89804"
}
]
}

55
2013/3xxx/CVE-2013-3945.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2013-3945",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IrfanView",
"product": {
"product_data": [
{
"product_name": "MrSID plugin",
"version": {
"version_data": [
{
"version_value": "before 4.37"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a nband tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89805",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89805"
},
{
"refsource": "CONFIRM",
"name": "https://www.irfanview.com/history_old.htm",
"url": "https://www.irfanview.com/history_old.htm"
}
]
}

55
2013/3xxx/CVE-2013-3946.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2013-3946",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IrfanView",
"product": {
"product_data": [
{
"product_name": "MrSID plugin",
"version": {
"version_data": [
{
"version_value": "before 4.37"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Heap-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a levels header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89806",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89806"
},
{
"refsource": "CONFIRM",
"name": "https://www.irfanview.com/history_old.htm",
"url": "https://www.irfanview.com/history_old.htm"
}
]
}

68
2013/6xxx/CVE-2013-6242.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-6242",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,71 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting (XSS) vulnerability in the frontend in Open-Xchange (OX) AppSuite 6.22.3 before 6.22.3-rev5 and 6.22.4 before 6.22.4-rev12 allows remote attackers to inject arbitrary web script or HTML via the subject of an email. NOTE: the vulnerabilities related to the body of the email and the publication name were SPLIT from this CVE ID because they affect different sets of versions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/124185/Open-Xchange-frontend6-6.22.4-backend-7.4.0-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/124185/Open-Xchange-frontend6-6.22.4-backend-7.4.0-Cross-Site-Scripting.html"
},
{
"refsource": "MISC",
"name": "http://seclists.org/bugtraq/2013/Nov/127",
"url": "http://seclists.org/bugtraq/2013/Nov/127"
},
{
"refsource": "MISC",
"name": "https://forum.open-xchange.com/showthread.php?8115-Open-Xchange-releases-Security-Patch-2013-11-12-for-v7-2-2-v6-22-3-and-v7-4-0-v6",
"url": "https://forum.open-xchange.com/showthread.php?8115-Open-Xchange-releases-Security-Patch-2013-11-12-for-v7-2-2-v6-22-3-and-v7-4-0-v6"
},
{
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1029394",
"url": "http://www.securitytracker.com/id/1029394"
},
{
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89250",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89250"
}
]
}

73
2013/7xxx/CVE-2013-7062.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-7062",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,76 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Zope, as used in Plone 3.3.x through 3.3.6, 4.0.x through 4.0.9, 4.1.x through 4.1.6, 4.2.x through 4.2.7, and 4.3 through 4.3.2, allow remote attackers to inject arbitrary web script or HTML via unspecified input in the (1) browser_id_manager or (2) OFS.Image method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://plone.org/security/20131210/zope-xss-in-OFS",
"url": "https://plone.org/security/20131210/zope-xss-in-OFS"
},
{
"refsource": "CONFIRM",
"name": "https://plone.org/security/20131210/zope-xss-in-browseridmanager",
"url": "https://plone.org/security/20131210/zope-xss-in-browseridmanager"
},
{
"refsource": "MISC",
"name": "http://seclists.org/oss-sec/2013/q4/467",
"url": "http://seclists.org/oss-sec/2013/q4/467"
},
{
"refsource": "MISC",
"name": "http://seclists.org/oss-sec/2013/q4/485",
"url": "http://seclists.org/oss-sec/2013/q4/485"
},
{
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89623",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89623"
},
{
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89627",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89627"
}
]
}

83
2013/7xxx/CVE-2013-7485.json
View File

@ -5,13 +5,92 @@
"CVE_data_meta": {
"ID": "CVE-2013-7485",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "OSVDB",
"name": "100385",
"url": "http://osvdb.org/100385"
},
{
"refsource": "SECTRACK",
"name": "1029394",
"url": "http://www.securitytracker.com/id/1029394"
},
{
"refsource": "XF",
"name": "openxchange-appsuite-url-xss(89251)",
"url": "http://xforce.iss.net/xforce/xfdb/89251"
},
{
"refsource": "SECUNIA",
"name": "55837",
"url": "http://secunia.com/advisories/55837"
},
{
"refsource": "XF",
"name": "openxchange-cve20136242-xss(89250)",
"url": "http://xforce.iss.net/xforce/xfdb/89250"
},
{
"refsource": "BUGTRAQ",
"name": "20131125 Open-Xchange Security Advisory 2013-11-25",
"url": "http://seclists.org/bugtraq/2013/Nov/127"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/124185/Open-Xchange-frontend6-6.22.4-backend-7.4.0-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/124185/Open-Xchange-frontend6-6.22.4-backend-7.4.0-Cross-Site-Scripting.html"
},
{
"refsource": "CONFIRM",
"name": "https://forum.open-xchange.com/showthread.php?8090-Open-Xchange-releases-Security-Patch-2013-10-30-for-v7-2-2-and-v7-4-0",
"url": "https://forum.open-xchange.com/showthread.php?8090-Open-Xchange-releases-Security-Patch-2013-10-30-for-v7-2-2-and-v7-4-0"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX) AppSuite 7.2.x before 7.2.2-rev26 and 7.4.x before 7.4.0-rev16 allows remote attackers to inject arbitrary web script or HTML via the publication name, which is not properly handled in an error message. NOTE: this vulnerability was SPLIT from CVE-2013-6242 because it affects different sets of versions."
}
]
}

68
2013/7xxx/CVE-2013-7486.json
View File

@ -5,13 +5,77 @@
"CVE_data_meta": {
"ID": "CVE-2013-7486",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "SECTRACK",
"name": "1029394",
"url": "http://www.securitytracker.com/id/1029394"
},
{
"refsource": "XF",
"name": "openxchange-cve20136242-xss(89250)",
"url": "http://xforce.iss.net/xforce/xfdb/89250"
},
{
"refsource": "BUGTRAQ",
"name": "20131125 Open-Xchange Security Advisory 2013-11-25",
"url": "http://seclists.org/bugtraq/2013/Nov/127"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/124185/Open-Xchange-frontend6-6.22.4-backend-7.4.0-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/124185/Open-Xchange-frontend6-6.22.4-backend-7.4.0-Cross-Site-Scripting.html"
},
{
"refsource": "CONFIRM",
"name": "https://forum.open-xchange.com/showthread.php?8115-Open-Xchange-releases-Security-Patch-2013-11-12-for-v7-2-2-v6-22-3-and-v7-4-0-v6",
"url": "https://forum.open-xchange.com/showthread.php?8115-Open-Xchange-releases-Security-Patch-2013-11-12-for-v7-2-2-v6-22-3-and-v7-4-0-v6"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX) AppSuite 7.2.x before 7.2.2-rev27 and 7.4.x before 7.4.0-rev20 allows remote attackers to inject arbitrary web script or HTML via the body of an email. NOTE: this vulnerability was SPLIT from CVE-2013-6242 because it affects different sets of versions."
}
]
}

48
2014/4xxx/CVE-2014-4553.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4553",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site Scripting (XSS) in the spreadshirt-rss-3d-cube-flash-gallery plugin 2014 for WordPress allows remote attackers to execute arbitrary web script or HTML via unspecified parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://codevigilant.com/disclosure/wp-plugin-spreadshirt-rss-3d-cube-flash-gallery-a3-cross-site-scripting-xss/",
"refsource": "MISC",
"name": "http://codevigilant.com/disclosure/wp-plugin-spreadshirt-rss-3d-cube-flash-gallery-a3-cross-site-scripting-xss/"
}
]
}

18
2020/5xxx/CVE-2020-5198.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-5198",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/5xxx/CVE-2020-5199.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-5199",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/5xxx/CVE-2020-5200.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-5200",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}