admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 22:59:10 +00:00
parent acbbe8e77b
commit 048f50e052
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
56 changed files with 3778 additions and 3778 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

160
2002/0xxx/CVE-2002-0172.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0172", "ID": "CVE-2002-0172",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "/dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic disruption)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020408-01-I", "description_data": [
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20020408-01-I" "lang": "eng",
}, "value": "/dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic disruption)."
{ }
"name" : "VU#770891", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/770891" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "4648", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/4648" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "4695", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/4695" ]
}, },
{ "references": {
"name" : "irix-ipfilter-dos(8960)", "reference_data": [
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/8960.php" "name": "irix-ipfilter-dos(8960)",
} "refsource": "XF",
] "url": "http://www.iss.net/security_center/static/8960.php"
} },
} {
"name": "4648",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4648"
},
{
"name": "VU#770891",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/770891"
},
{
"name": "4695",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4695"
},
{
"name": "20020408-01-I",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20020408-01-I"
}
]
}
}

160
2002/0xxx/CVE-2002-0313.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0313", "ID": "CVE-2002-0313",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Essentia Web Server 2.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020226 SecurityOffice Security Advisory:// Essentia Web Server Vulnerabilities (Vendor Patch)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://online.securityfocus.com/archive/1/258365" "lang": "eng",
}, "value": "Buffer overflow in Essentia Web Server 2.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long URL."
{ }
"name" : "20020221 SecurityOffice Security Advisory:// Essentia Web Server DoS Vulnerability", ]
"refsource" : "BUGTRAQ", },
"url" : "http://marc.info/?l=bugtraq&m=101440530023617&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20030704 Essentia Web Server 2.12 (Linux)", "description": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006231.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "essentia-server-long-request-dos(8249)", ]
"refsource" : "XF", }
"url" : "http://www.iss.net/security_center/static/8249.php" ]
}, },
{ "references": {
"name" : "4159", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/4159" "name": "20020226 SecurityOffice Security Advisory:// Essentia Web Server Vulnerabilities (Vendor Patch)",
} "refsource": "BUGTRAQ",
] "url": "http://online.securityfocus.com/archive/1/258365"
} },
} {
"name": "20030704 Essentia Web Server 2.12 (Linux)",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/006231.html"
},
{
"name": "essentia-server-long-request-dos(8249)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8249.php"
},
{
"name": "20020221 SecurityOffice Security Advisory:// Essentia Web Server DoS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=101440530023617&w=2"
},
{
"name": "4159",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4159"
}
]
}
}

160
2002/0xxx/CVE-2002-0330.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0330", "ID": "CVE-2002-0330",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting vulnerability in codeparse.php of Open Bulletin Board (OpenBB) 1.0.0 allows remote attackers to execute arbitrary script and steal cookies via Javascript in the IMG tag."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020225 Open Bulletin Board javascript bug.", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=101466092601554&w=2" "lang": "eng",
}, "value": "Cross-site scripting vulnerability in codeparse.php of Open Bulletin Board (OpenBB) 1.0.0 allows remote attackers to execute arbitrary script and steal cookies via Javascript in the IMG tag."
{ }
"name" : "http://community.iansoft.net/read.php?TID=5159", ]
"refsource" : "CONFIRM", },
"url" : "http://community.iansoft.net/read.php?TID=5159" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "4171", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/4171" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "openbb-img-css(8278)", ]
"refsource" : "XF", }
"url" : "http://www.iss.net/security_center/static/8278.php" ]
}, },
{ "references": {
"name" : "5658", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/5658" "name": "20020225 Open Bulletin Board javascript bug.",
} "refsource": "BUGTRAQ",
] "url": "http://marc.info/?l=bugtraq&m=101466092601554&w=2"
} },
} {
"name": "http://community.iansoft.net/read.php?TID=5159",
"refsource": "CONFIRM",
"url": "http://community.iansoft.net/read.php?TID=5159"
},
{
"name": "4171",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4171"
},
{
"name": "openbb-img-css(8278)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8278.php"
},
{
"name": "5658",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5658"
}
]
}
}

260
2002/1xxx/CVE-2002-1220.json
View File

@ -1,132 +1,132 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1220", "ID": "CVE-2002-1220",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20021112 Multiple Remote Vulnerabilities in BIND4 and BIND8", "description_data": [
"refsource" : "ISS", {
"url" : "http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469" "lang": "eng",
}, "value": "BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size."
{ }
"name" : "20021112 [Fwd: Notice of serious vulnerabilities in ISC BIND 4 & 8]", ]
"refsource" : "BUGTRAQ", },
"url" : "http://marc.info/?l=bugtraq&m=103713117612842&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.isc.org/products/BIND/bind-security.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.isc.org/products/BIND/bind-security.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "CA-2002-31", ]
"refsource" : "CERT", }
"url" : "http://www.cert.org/advisories/CA-2002-31.html" ]
}, },
{ "references": {
"name" : "VU#229595", "reference_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/229595" "name": "CA-2002-31",
}, "refsource": "CERT",
{ "url": "http://www.cert.org/advisories/CA-2002-31.html"
"name" : "2002-11-21", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html" "name": "http://www.isc.org/products/BIND/bind-security.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.isc.org/products/BIND/bind-security.html"
"name" : "MDKSA-2002:077", },
"refsource" : "MANDRAKE", {
"url" : "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-077.php" "name": "2002-11-21",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html"
"name" : "DSA-196", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2002/dsa-196" "name": "oval:org.mitre.oval:def:449",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A449"
"name" : "N-013", },
"refsource" : "CIAC", {
"url" : "http://www.ciac.org/ciac/bulletins/n-013.shtml" "name": "DSA-196",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2002/dsa-196"
"name" : "20021115 [OpenPKG-SA-2002.011] OpenPKG Security Advisory (bind, bind8)", },
"refsource" : "BUGTRAQ", {
"url" : "http://online.securityfocus.com/archive/1/300019" "name": "SSRT2408",
}, "refsource": "COMPAQ",
{ "url": "http://online.securityfocus.com/advisories/4999"
"name" : "SSRT2408", },
"refsource" : "COMPAQ", {
"url" : "http://online.securityfocus.com/advisories/4999" "name": "20021118 TSLSA-2002-0076 - bind",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=103763574715133&w=2"
"name" : "20021118 TSLSA-2002-0076 - bind", },
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=103763574715133&w=2" "name": "VU#229595",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/229595"
"name" : "6161", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/6161" "name": "bind-opt-rr-dos(10332)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10332"
"name" : "oval:org.mitre.oval:def:449", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A449" "name": "6161",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/6161"
"name" : "bind-opt-rr-dos(10332)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/10332" "name": "20021115 [OpenPKG-SA-2002.011] OpenPKG Security Advisory (bind, bind8)",
} "refsource": "BUGTRAQ",
] "url": "http://online.securityfocus.com/archive/1/300019"
} },
} {
"name": "20021112 [Fwd: Notice of serious vulnerabilities in ISC BIND 4 & 8]",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=103713117612842&w=2"
},
{
"name": "N-013",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/n-013.shtml"
},
{
"name": "20021112 Multiple Remote Vulnerabilities in BIND4 and BIND8",
"refsource": "ISS",
"url": "http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469"
},
{
"name": "MDKSA-2002:077",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-077.php"
}
]
}
}

140
2002/1xxx/CVE-2002-1824.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1824", "ID": "CVE-2002-1824",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6.0, when handling an expired CA-CERT in a webserver's certificate chain during a SSL/TLS handshake, does not prompt the user before searching for and finding a newer certificate, which may allow attackers to perform a man-in-the-middle attack. NOTE: it is not clear whether this poses a vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020923 IE6 SSL Certificate Chain Verification", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://online.securityfocus.com/archive/1/292842" "lang": "eng",
}, "value": "Microsoft Internet Explorer 6.0, when handling an expired CA-CERT in a webserver's certificate chain during a SSL/TLS handshake, does not prompt the user before searching for and finding a newer certificate, which may allow attackers to perform a man-in-the-middle attack. NOTE: it is not clear whether this poses a vulnerability."
{ }
"name" : "5778", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/5778" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ie-ssl-certificate-expired(10180)", "description": [
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/10180.php" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "ie-ssl-certificate-expired(10180)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10180.php"
},
{
"name": "20020923 IE6 SSL Certificate Chain Verification",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/292842"
},
{
"name": "5778",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5778"
}
]
}
}

120
2002/2xxx/CVE-2002-2430.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-2430", "ID": "CVE-2002-2430",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "GoAhead WebServer before 2.1.1 allows remote attackers to cause a denial of service (CPU consumption) by performing a socket disconnect to terminate a request before it has been fully processed by the server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://data.goahead.com/Software/Webserver/2.1.8/release.htm#cpu-utilization-hangs-at-100-on-a-socket-disconnect-bug01865", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://data.goahead.com/Software/Webserver/2.1.8/release.htm#cpu-utilization-hangs-at-100-on-a-socket-disconnect-bug01865" "lang": "eng",
} "value": "GoAhead WebServer before 2.1.1 allows remote attackers to cause a denial of service (CPU consumption) by performing a socket disconnect to terminate a request before it has been fully processed by the server."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://data.goahead.com/Software/Webserver/2.1.8/release.htm#cpu-utilization-hangs-at-100-on-a-socket-disconnect-bug01865",
"refsource": "CONFIRM",
"url": "http://data.goahead.com/Software/Webserver/2.1.8/release.htm#cpu-utilization-hangs-at-100-on-a-socket-disconnect-bug01865"
}
]
}
}

120
2005/1xxx/CVE-2005-1196.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1196", "ID": "CVE-2005-1196",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in kb.php in the Knowledge Base module for phpBB allows remote attackers to obtain sensitive information and execute SQL commands via the cat parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050418 phpBB - Knowledge Base MOD - SQL-Injection and Full Path Disclosure", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=111384185116335&w=2" "lang": "eng",
} "value": "SQL injection vulnerability in kb.php in the Knowledge Base module for phpBB allows remote attackers to obtain sensitive information and execute SQL commands via the cat parameter."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050418 phpBB - Knowledge Base MOD - SQL-Injection and Full Path Disclosure",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111384185116335&w=2"
}
]
}
}

150
2005/1xxx/CVE-2005-1254.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1254", "ID": "CVE-2005-1254",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the IMAP server for Ipswitch IMail 8.12 and 8.13, and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to cause a denial of service (crash) via a SELECT command with a large argument."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050524 Ipswitch IMail IMAP SELECT Command DoS Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "http://www.idefense.com/application/poi/display?id=241&type=vulnerabilities" "lang": "eng",
}, "value": "Stack-based buffer overflow in the IMAP server for Ipswitch IMail 8.12 and 8.13, and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to cause a denial of service (crash) via a SELECT command with a large argument."
{ }
"name" : "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "13727", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/13727" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1014047", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1014047" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html",
"refsource": "CONFIRM",
"url": "http://www.ipswitch.com/support/imail/releases/imail_professional/im82hf2.html"
},
{
"name": "13727",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13727"
},
{
"name": "1014047",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014047"
},
{
"name": "20050524 Ipswitch IMail IMAP SELECT Command DoS Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=241&type=vulnerabilities"
}
]
}
}

210
2005/1xxx/CVE-2005-1403.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1403", "ID": "CVE-2005-1403",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in JustWilliam's Amazon Webstore 04050100 allow remote attackers to inject arbitrary web script or HTML via the (1) image parameter to closeup.php, the (2) currentIsExpanded or (3) searchFor parameters to index.php, (4) the currentNumber parameter to software_CAD_Technical_60002_uk.htm, or (5) a cookie."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://lostmon.blogspot.com/2005/04/amazon-webstore-script-injection-and.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://lostmon.blogspot.com/2005/04/amazon-webstore-script-injection-and.html" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in JustWilliam's Amazon Webstore 04050100 allow remote attackers to inject arbitrary web script or HTML via the (1) image parameter to closeup.php, the (2) currentIsExpanded or (3) searchFor parameters to index.php, (4) the currentNumber parameter to software_CAD_Technical_60002_uk.htm, or (5) a cookie."
{ }
"name" : "13427", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/13427" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "13426", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/13426" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "13425", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/13425" ]
}, },
{ "references": {
"name" : "13419", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/13419" "name": "13419",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/13419"
"name" : "15893", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/15893" "name": "13425",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/13425"
"name" : "15894", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/15894" "name": "13426",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/13426"
"name" : "15892", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/15892" "name": "15894",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/15894"
"name" : "1013836", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1013836" "name": "13427",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/13427"
"name" : "15155", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/15155" "name": "15893",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/15893"
} },
} {
"name": "15892",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/15892"
},
{
"name": "http://lostmon.blogspot.com/2005/04/amazon-webstore-script-injection-and.html",
"refsource": "MISC",
"url": "http://lostmon.blogspot.com/2005/04/amazon-webstore-script-injection-and.html"
},
{
"name": "15155",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15155"
},
{
"name": "1013836",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013836"
}
]
}
}

220
2005/1xxx/CVE-2005-1579.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1579", "ID": "CVE-2005-1579",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to obtain sensitive information via a .mov file with a Quartz Composer composition (.qtz) file that uses certain patches to read local information, then other patches to send the information to the attacker."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050511 [DR018] Quartz Composer / QuickTime 7 information leakage", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2005-05/0265.html" "lang": "eng",
}, "value": "Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to obtain sensitive information via a .mov file with a Quartz Composer composition (.qtz) file that uses certain patches to read local information, then other patches to send the information to the attacker."
{ }
"name" : "http://remahl.se/david/vuln/018", ]
"refsource" : "MISC", },
"url" : "http://remahl.se/david/vuln/018" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[quartzcomposer-dev] 20050510 Quartz Quicktime embedded in remote webpages...", "description": [
"refsource" : "MLIST", {
"url" : "http://lists.apple.com/archives/quartzcomposer-dev/2005/May/msg00250.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[quartzcomposer-dev] 20050511 Re: Quartz Quicktime embedded in remote webpages...", ]
"refsource" : "MLIST", }
"url" : "http://lists.apple.com/archives/quartzcomposer-dev/2005/May/msg00263.html" ]
}, },
{ "references": {
"name" : "http://docs.info.apple.com/article.html?artnum=301714", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=301714" "name": "http://docs.info.apple.com/article.html?artnum=301714",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=301714"
"name" : "APPLE-SA-2005-05-31", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2005/May/msg00006.html" "name": "ADV-2005-0531",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2005/0531"
"name" : "13603", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/13603" "name": "http://remahl.se/david/vuln/018",
}, "refsource": "MISC",
{ "url": "http://remahl.se/david/vuln/018"
"name" : "ADV-2005-0531", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/0531" "name": "13603",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/13603"
"name" : "16376", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/16376" "name": "20050511 [DR018] Quartz Composer / QuickTime 7 information leakage",
}, "refsource": "FULLDISC",
{ "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-05/0265.html"
"name" : "1013961", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1013961" "name": "15307",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/15307"
"name" : "15307", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/15307" "name": "APPLE-SA-2005-05-31",
} "refsource": "APPLE",
] "url": "http://lists.apple.com/archives/security-announce/2005/May/msg00006.html"
} },
} {
"name": "[quartzcomposer-dev] 20050510 Quartz Quicktime embedded in remote webpages...",
"refsource": "MLIST",
"url": "http://lists.apple.com/archives/quartzcomposer-dev/2005/May/msg00250.html"
},
{
"name": "1013961",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013961"
},
{
"name": "16376",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/16376"
},
{
"name": "[quartzcomposer-dev] 20050511 Re: Quartz Quicktime embedded in remote webpages...",
"refsource": "MLIST",
"url": "http://lists.apple.com/archives/quartzcomposer-dev/2005/May/msg00263.html"
}
]
}
}

160
2005/1xxx/CVE-2005-1843.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1843", "ID": "CVE-2005-1843",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, allows local users to load arbitrary libraries and execute arbitrary code via the -lib command line argument."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050829 Adobe Version Cue VCNative Arbitrary Library Loading Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "http://www.idefense.com/application/poi/display?id=296&type=vulnerabilities" "lang": "eng",
}, "value": "VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, allows local users to load arbitrary libraries and execute arbitrary code via the -lib command line argument."
{ }
"name" : "http://www.adobe.com/support/techdocs/327129.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.adobe.com/support/techdocs/327129.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "14638", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/14638" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1014776", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1014776" ]
}, },
{ "references": {
"name" : "16541", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16541" "name": "14638",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/14638"
} },
} {
"name": "http://www.adobe.com/support/techdocs/327129.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/techdocs/327129.html"
},
{
"name": "1014776",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014776"
},
{
"name": "16541",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16541"
},
{
"name": "20050829 Adobe Version Cue VCNative Arbitrary Library Loading Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=296&type=vulnerabilities"
}
]
}
}

130
2005/1xxx/CVE-2005-1935.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1935", "ID": "CVE-2005-1935",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as demonstrated using a SPNEGO token with a constructed bit string during HTTP authentication, and a different vulnerability than CVE-2003-0818. NOTE: the researcher has claimed that MS:MS04-007 fixes this issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.phreedom.org/solar/exploits/msasn1-bitstring/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.phreedom.org/solar/exploits/msasn1-bitstring/" "lang": "eng",
}, "value": "Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to a realloc of a non-null pointer and causes the function to overwrite previously freed memory, as demonstrated using a SPNEGO token with a constructed bit string during HTTP authentication, and a different vulnerability than CVE-2003-0818. NOTE: the researcher has claimed that MS:MS04-007 fixes this issue."
{ }
"name" : "asn1-constructed-heap-overflow(20870)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/20870" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "asn1-constructed-heap-overflow(20870)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20870"
},
{
"name": "http://www.phreedom.org/solar/exploits/msasn1-bitstring/",
"refsource": "MISC",
"url": "http://www.phreedom.org/solar/exploits/msasn1-bitstring/"
}
]
}
}

160
2005/1xxx/CVE-2005-1994.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1994", "ID": "CVE-2005-1994",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Finjan SurfinGate 7.0SP2 and SP3 allows remote attackers to download blocked files via hex-encoded characters in a filename, as demonstrated using \"%2e\"."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050614 URL-Encoding Problem in Finjan SurfinGate", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=111877410528692&w=2" "lang": "eng",
}, "value": "Finjan SurfinGate 7.0SP2 and SP3 allows remote attackers to download blocked files via hex-encoded characters in a filename, as demonstrated using \"%2e\"."
{ }
"name" : "ADV-2005-0778", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2005/0778" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "17324", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/17324" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "15711", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/15711" ]
}, },
{ "references": {
"name" : "finjan-surfingate-security-bypass(21010)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21010" "name": "17324",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/17324"
} },
} {
"name": "finjan-surfingate-security-bypass(21010)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21010"
},
{
"name": "20050614 URL-Encoding Problem in Finjan SurfinGate",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111877410528692&w=2"
},
{
"name": "ADV-2005-0778",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/0778"
},
{
"name": "15711",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15711"
}
]
}
}

120
2009/0xxx/CVE-2009-0766.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0766", "ID": "CVE-2009-0766",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "33832", "description_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33832" "lang": "eng",
} "value": "Directory traversal vulnerability in default.php in Kipper 2.01 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the configfile parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33832",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33832"
}
]
}
}

420
2009/1xxx/CVE-2009-1194.json
View File

@ -1,212 +1,212 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2009-1194", "ID": "CVE-2009-1194",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location value in Firefox."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090507 [oCERT-2009-001] Pango integer overflow in heap allocation size calculations", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/503349/100/0/threaded" "lang": "eng",
}, "value": "Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location value in Firefox."
{ }
"name" : "[oss-security] 20090507 [oCERT-2009-001] Pango integer overflow in heap allocation size calculations", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2009/05/07/1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.ocert.org/advisories/ocert-2009-001.html", "description": [
"refsource" : "MISC", {
"url" : "http://www.ocert.org/advisories/ocert-2009-001.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://github.com/bratsche/pango/commit/4de30e5500eaeb49f4bf0b7a07f718e149a2ed5e", ]
"refsource" : "CONFIRM", }
"url" : "http://github.com/bratsche/pango/commit/4de30e5500eaeb49f4bf0b7a07f718e149a2ed5e" ]
}, },
{ "references": {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=480134", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=480134" "name": "35038",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35038"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=496887", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=496887" "name": "DSA-1798",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2009/dsa-1798"
"name" : "https://launchpad.net/bugs/cve/2009-1194", },
"refsource" : "CONFIRM", {
"url" : "https://launchpad.net/bugs/cve/2009-1194" "name": "http://github.com/bratsche/pango/commit/4de30e5500eaeb49f4bf0b7a07f718e149a2ed5e",
}, "refsource": "CONFIRM",
{ "url": "http://github.com/bratsche/pango/commit/4de30e5500eaeb49f4bf0b7a07f718e149a2ed5e"
"name" : "http://www.mozilla.org/security/announce/2009/mfsa2009-36.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2009/mfsa2009-36.html" "name": "RHSA-2009:0476",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2009-0476.html"
"name" : "DSA-1798", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2009/dsa-1798" "name": "36145",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/36145"
"name" : "RHSA-2009:0476", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2009-0476.html" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=480134",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=480134"
"name" : "264308", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1" "name": "http://www.ocert.org/advisories/ocert-2009-001.html",
}, "refsource": "MISC",
{ "url": "http://www.ocert.org/advisories/ocert-2009-001.html"
"name" : "SUSE-SR:2009:012", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" "name": "35018",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35018"
"name" : "SUSE-SA:2009:042", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html" "name": "35021",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35021"
"name" : "SUSE-SA:2009:039", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html" "name": "34870",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/34870"
"name" : "USN-773-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-773-1" "name": "1022196",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1022196"
"name" : "34870", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/34870" "name": "54279",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/54279"
"name" : "35758", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/35758" "name": "SUSE-SA:2009:039",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html"
"name" : "54279", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/54279" "name": "[oss-security] 20090507 [oCERT-2009-001] Pango integer overflow in heap allocation size calculations",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2009/05/07/1"
"name" : "oval:org.mitre.oval:def:10137", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10137" "name": "ADV-2009-1269",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/1269"
"name" : "1022196", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1022196" "name": "35758",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/35758"
"name" : "35018", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35018" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=496887",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=496887"
"name" : "35021", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35021" "name": "36005",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/36005"
"name" : "35027", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35027" "name": "https://launchpad.net/bugs/cve/2009-1194",
}, "refsource": "CONFIRM",
{ "url": "https://launchpad.net/bugs/cve/2009-1194"
"name" : "35038", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35038" "name": "35685",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35685"
"name" : "35685", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35685" "name": "http://www.mozilla.org/security/announce/2009/mfsa2009-36.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-36.html"
"name" : "35914", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35914" "name": "USN-773-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-773-1"
"name" : "36145", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36145" "name": "SUSE-SA:2009:042",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html"
"name" : "36005", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36005" "name": "SUSE-SR:2009:012",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
"name" : "ADV-2009-1269", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/1269" "name": "oval:org.mitre.oval:def:10137",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10137"
"name" : "ADV-2009-1972", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/1972" "name": "35914",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35914"
"name" : "pango-pangoglyphstringsetsize-bo(50397)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50397" "name": "ADV-2009-1972",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2009/1972"
} },
} {
"name": "35027",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35027"
},
{
"name": "20090507 [oCERT-2009-001] Pango integer overflow in heap allocation size calculations",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/503349/100/0/threaded"
},
{
"name": "pango-pangoglyphstringsetsize-bo(50397)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50397"
},
{
"name": "264308",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1"
}
]
}
}

170
2009/1xxx/CVE-2009-1534.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2009-1534", "ID": "CVE-2009-1534",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000 Web Components SP3, Office XP Web Components SP3, BizTalk Server 2002, and Visual Studio .NET 2003 SP1 allows remote attackers to execute arbitrary code via crafted property values, aka \"Office Web Components Buffer Overflow Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS09-043", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-043" "lang": "eng",
}, "value": "Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000 Web Components SP3, Office XP Web Components SP3, BizTalk Server 2002, and Visual Studio .NET 2003 SP1 allows remote attackers to execute arbitrary code via crafted property values, aka \"Office Web Components Buffer Overflow Vulnerability.\""
{ }
"name" : "TA09-223A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-223A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "35992", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/35992" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "56916", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/56916" ]
}, },
{ "references": {
"name" : "oval:org.mitre.oval:def:6326", "reference_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6326" "name": "56916",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/56916"
"name" : "1022708", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1022708" "name": "TA09-223A",
} "refsource": "CERT",
] "url": "http://www.us-cert.gov/cas/techalerts/TA09-223A.html"
} },
} {
"name": "oval:org.mitre.oval:def:6326",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6326"
},
{
"name": "35992",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35992"
},
{
"name": "1022708",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022708"
},
{
"name": "MS09-043",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-043"
}
]
}
}

160
2009/1xxx/CVE-2009-1548.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1548", "ID": "CVE-2009-1548",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in BluSky CMS allows remote attackers to execute arbitrary SQL commands via the news_id parameter in a read action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "8600", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/8600" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in BluSky CMS allows remote attackers to execute arbitrary SQL commands via the news_id parameter in a read action."
{ }
"name" : "34811", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/34811" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "54221", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/54221" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "34998", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/34998" ]
}, },
{ "references": {
"name" : "ADV-2009-1246", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/1246" "name": "ADV-2009-1246",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2009/1246"
} },
} {
"name": "54221",
"refsource": "OSVDB",
"url": "http://osvdb.org/54221"
},
{
"name": "8600",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8600"
},
{
"name": "34998",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34998"
},
{
"name": "34811",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34811"
}
]
}
}

190
2009/1xxx/CVE-2009-1584.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1584", "ID": "CVE-2009-1584",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in TemaTres 1.0.3 and 1.031, when magic_quotes_gpc is disabled, allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the (1) mail, (2) password, and (3) letra parameters to index.php; (4) y and (5) m parameters to sobre.php; and the (6) dcTema, (7) madsTema, (8) zthesTema, (9) skosTema, and (10) xtmTema parameters to xml.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090505 BLIND SQL INJECTION EXPLOIT--TemaTres 1.0.3-->", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/503256" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in TemaTres 1.0.3 and 1.031, when magic_quotes_gpc is disabled, allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the (1) mail, (2) password, and (3) letra parameters to index.php; (4) y and (5) m parameters to sobre.php; and the (6) dcTema, (7) madsTema, (8) zthesTema, (9) skosTema, and (10) xtmTema parameters to xml.php."
{ }
"name" : "20090505 MULTIPLE REMOTE VULNERABILITIES--TemaTres 1.0.3-->", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/503252/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "8615", "description": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/8615" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "8616", ]
"refsource" : "EXPLOIT-DB", }
"url" : "https://www.exploit-db.com/exploits/8616" ]
}, },
{ "references": {
"name" : "34830", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/34830" "name": "20090505 BLIND SQL INJECTION EXPLOIT--TemaTres 1.0.3-->",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/503256"
"name" : "54245", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/54245" "name": "8615",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/8615"
"name" : "54246", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/54246" "name": "54246",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/54246"
"name" : "34983", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34983" "name": "34830",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/34830"
} },
} {
"name": "54245",
"refsource": "OSVDB",
"url": "http://osvdb.org/54245"
},
{
"name": "8616",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8616"
},
{
"name": "20090505 MULTIPLE REMOTE VULNERABILITIES--TemaTres 1.0.3-->",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/503252/100/0/threaded"
},
{
"name": "34983",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34983"
}
]
}
}

440
2009/1xxx/CVE-2009-1832.json
View File

@ -1,222 +1,222 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2009-1832", "ID": "CVE-2009-1832",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors involving \"double frame construction.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2009/mfsa2009-24.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2009/mfsa2009-24.html" "lang": "eng",
}, "value": "Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors involving \"double frame construction.\""
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=484031", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=484031" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=503569", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=503569" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-1820", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2009/dsa-1820" ]
}, },
{ "references": {
"name" : "DSA-1830", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2009/dsa-1830" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=484031",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=484031"
"name" : "FEDORA-2009-6366", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00574.html" "name": "265068",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-265068-1"
"name" : "FEDORA-2009-6411", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00657.html" "name": "ADV-2009-1572",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/1572"
"name" : "FEDORA-2009-7567", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00444.html" "name": "1020800",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020800.1-1"
"name" : "FEDORA-2009-7614", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00504.html" "name": "SSA:2009-178-01",
}, "refsource": "SLACKWARE",
{ "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.454275"
"name" : "MDVSA-2009:141", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:141" "name": "DSA-1830",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2009/dsa-1830"
"name" : "RHSA-2009:1095", },
"refsource" : "REDHAT", {
"url" : "https://rhn.redhat.com/errata/RHSA-2009-1095.html" "name": "oval:org.mitre.oval:def:10237",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10237"
"name" : "SSA:2009-167-01", },
"refsource" : "SLACKWARE", {
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468" "name": "35602",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35602"
"name" : "SSA:2009-176-01", },
"refsource" : "SLACKWARE", {
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.425408" "name": "FEDORA-2009-7614",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00504.html"
"name" : "SSA:2009-178-01", },
"refsource" : "SLACKWARE", {
"url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.454275" "name": "35326",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/35326"
"name" : "265068", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-265068-1" "name": "35440",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35440"
"name" : "1020800", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020800.1-1" "name": "FEDORA-2009-6411",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00657.html"
"name" : "35326", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/35326" "name": "35431",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35431"
"name" : "35371", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/35371" "name": "55148",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/55148"
"name" : "55148", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/55148" "name": "FEDORA-2009-7567",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00444.html"
"name" : "oval:org.mitre.oval:def:10237", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10237" "name": "35331",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35331"
"name" : "1022376", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1022376" "name": "35468",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35468"
"name" : "1022397", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1022397" "name": "ADV-2009-2152",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/2152"
"name" : "35331", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35331" "name": "35439",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35439"
"name" : "35431", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35431" "name": "35882",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35882"
"name" : "35439", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35439" "name": "FEDORA-2009-6366",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00574.html"
"name" : "35440", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35440" "name": "MDVSA-2009:141",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:141"
"name" : "35468", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35468" "name": "35415",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35415"
"name" : "35415", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35415" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=503569",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=503569"
"name" : "35561", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35561" "name": "RHSA-2009:1095",
}, "refsource": "REDHAT",
{ "url": "https://rhn.redhat.com/errata/RHSA-2009-1095.html"
"name" : "35602", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35602" "name": "1022376",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1022376"
"name" : "35882", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35882" "name": "SSA:2009-167-01",
}, "refsource": "SLACKWARE",
{ "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468"
"name" : "ADV-2009-1572", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/1572" "name": "35561",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35561"
"name" : "ADV-2009-2152", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/2152" "name": "http://www.mozilla.org/security/announce/2009/mfsa2009-24.html",
} "refsource": "CONFIRM",
] "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-24.html"
} },
} {
"name": "SSA:2009-176-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.425408"
},
{
"name": "DSA-1820",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1820"
},
{
"name": "1022397",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022397"
},
{
"name": "35371",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35371"
}
]
}
}

140
2012/0xxx/CVE-2012-0012.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2012-0012", "ID": "CVE-2012-0012",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 9 does not properly handle the creation and initialization of string objects, which allows remote attackers to read data from arbitrary process-memory locations via a crafted web site, aka \"Null Byte Information Disclosure Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS12-010", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-010" "lang": "eng",
}, "value": "Microsoft Internet Explorer 9 does not properly handle the creation and initialization of string objects, which allows remote attackers to read data from arbitrary process-memory locations via a crafted web site, aka \"Null Byte Information Disclosure Vulnerability.\""
{ }
"name" : "TA12-045A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA12-045A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:14870", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14870" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "TA12-045A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA12-045A.html"
},
{
"name": "MS12-010",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-010"
},
{
"name": "oval:org.mitre.oval:def:14870",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14870"
}
]
}
}

150
2012/0xxx/CVE-2012-0290.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-0290", "ID": "CVE-2012-0290",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) do not properly handle the client state after abnormal termination of a remote session, which allows remote attackers to obtain access to the client by leveraging an \"open client session.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00" "lang": "eng",
}, "value": "Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) do not properly handle the client state after abnormal termination of a remote session, which allows remote attackers to obtain access to the client by leveraging an \"open client session.\""
{ }
"name" : "51862", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/51862" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "48092", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48092" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "pcanywhere-unauth-access(72996)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72996" ]
} },
] "references": {
} "reference_data": [
} {
"name": "51862",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51862"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00"
},
{
"name": "pcanywhere-unauth-access(72996)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72996"
},
{
"name": "48092",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48092"
}
]
}
}

200
2012/0xxx/CVE-2012-0625.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2012-0625", "ID": "CVE-2012-0625",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "APPLE-SA-2012-03-07-1", "description_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html" "lang": "eng",
}, "value": "WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2."
{ }
"name" : "APPLE-SA-2012-03-07-2", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2012-03-12-1", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "52365", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/52365" ]
}, },
{ "references": {
"name" : "oval:org.mitre.oval:def:17364", "reference_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17364" "name": "52365",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/52365"
"name" : "1026774", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1026774" "name": "1026774",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1026774"
"name" : "48274", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48274" "name": "48377",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/48377"
"name" : "48288", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48288" "name": "APPLE-SA-2012-03-12-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html"
"name" : "48377", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48377" "name": "48274",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/48274"
} },
} {
"name": "oval:org.mitre.oval:def:17364",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17364"
},
{
"name": "APPLE-SA-2012-03-07-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html"
},
{
"name": "48288",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48288"
},
{
"name": "APPLE-SA-2012-03-07-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html"
}
]
}
}

34
2012/2xxx/CVE-2012-2344.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2012-2344", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2012-2344",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-5099. Reason: This candidate is a duplicate of CVE-2010-5099. Notes: All CVE users should reference CVE-2010-5099 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-5099. Reason: This candidate is a duplicate of CVE-2010-5099. Notes: All CVE users should reference CVE-2010-5099 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

34
2012/3xxx/CVE-2012-3023.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-3023", "ID": "CVE-2012-3023",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2012/3xxx/CVE-2012-3157.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2012-3157", "ID": "CVE-2012-3157",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.0.5, 5.1.0, 5.2.0, 5.3.0 through 5.3.4, 6.0.1, 6.2.0, and 12 allows remote authenticated users to affect integrity, related to BASE."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 5.0.2, 5.0.5, 5.1.0, 5.2.0, 5.3.0 through 5.3.4, 6.0.1, 6.2.0, and 12 allows remote authenticated users to affect integrity, related to BASE."
{ }
"name" : "MDVSA-2013:150", ]
"refsource" : "MANDRIVA", },
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "51019", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51019" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "flexcubedirectbanking-base-cve20123157(79360)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/79360" ]
} },
] "references": {
} "reference_data": [
} {
"name": "flexcubedirectbanking-base-cve20123157(79360)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79360"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"name": "51019",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51019"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
]
}
}

160
2012/3xxx/CVE-2012-3230.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2012-3230", "ID": "CVE-2012-3230",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 allows remote attackers to affect confidentiality via unknown vectors related to Portal Framework."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 allows remote attackers to affect confidentiality via unknown vectors related to Portal Framework."
{ }
"name" : "MDVSA-2013:150", ]
"refsource" : "MANDRIVA", },
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "86383", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/86383" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1027674", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1027674" ]
}, },
{ "references": {
"name" : "51002", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51002" "name": "86383",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/86383"
} },
} {
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"name": "1027674",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027674"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "51002",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51002"
}
]
}
}

160
2012/3xxx/CVE-2012-3387.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-3387", "ID": "CVE-2012-3387",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Moodle 2.3.x before 2.3.1 uses only a client-side check for whether references are permitted in a file upload, which allows remote authenticated users to bypass intended alias (aka shortcut) restrictions via a client that omits this check."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20120717 Moodle security notifications public", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2012/07/17/1" "lang": "eng",
}, "value": "Moodle 2.3.x before 2.3.1 uses only a client-side check for whether references are permitted in a file upload, which allows remote authenticated users to bypass intended alias (aka shortcut) restrictions via a client that omits this check."
{ }
"name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-33948", ]
"refsource" : "CONFIRM", },
"url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-33948" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "54481", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/54481" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "49890", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/49890" ]
}, },
{ "references": {
"name" : "moodle-shortcut-sec-bypass(76954)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/76954" "name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-33948",
} "refsource": "CONFIRM",
] "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-33948"
} },
} {
"name": "49890",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49890"
},
{
"name": "[oss-security] 20120717 Moodle security notifications public",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2012/07/17/1"
},
{
"name": "54481",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54481"
},
{
"name": "moodle-shortcut-sec-bypass(76954)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76954"
}
]
}
}

140
2012/4xxx/CVE-2012-4012.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2012-4012", "ID": "CVE-2012-4012",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The WebView class in the Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://cs.cybozu.co.jp/information/20120910up02.php", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://cs.cybozu.co.jp/information/20120910up02.php" "lang": "eng",
}, "value": "The WebView class in the Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL."
{ }
"name" : "JVN#59652356", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN59652356/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2012-000084", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000084" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2012-000084",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000084"
},
{
"name": "http://cs.cybozu.co.jp/information/20120910up02.php",
"refsource": "CONFIRM",
"url": "http://cs.cybozu.co.jp/information/20120910up02.php"
},
{
"name": "JVN#59652356",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN59652356/index.html"
}
]
}
}

210
2012/4xxx/CVE-2012-4513.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-4513", "ID": "CVE-2012-4513",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20121030 Medium risk security flaws in Konqueror", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html" "lang": "eng",
}, "value": "khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read."
{ }
"name" : "[oss-security] 20121011 Re: Pre-advisory for Konqueror 4.7.3 (other versions may be affected)", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2012/10/11/11" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20121030 Medium risk security flaws in Konqueror", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2012/10/30/6" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc", ]
"refsource" : "MISC", }
"url" : "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc" ]
}, },
{ "references": {
"name" : "http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=1f8b1b034ccf1713a5d123a4c327290f86d17d53", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=1f8b1b034ccf1713a5d123a4c327290f86d17d53" "name": "51145",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/51145"
"name" : "RHSA-2012:1416", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1416.html" "name": "http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=1f8b1b034ccf1713a5d123a4c327290f86d17d53",
}, "refsource": "CONFIRM",
{ "url": "http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=1f8b1b034ccf1713a5d123a4c327290f86d17d53"
"name" : "RHSA-2012:1418", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1418.html" "name": "RHSA-2012:1418",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-1418.html"
"name" : "1027709", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1027709" "name": "RHSA-2012:1416",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-1416.html"
"name" : "51097", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51097" "name": "1027709",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1027709"
"name" : "51145", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51145" "name": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc",
} "refsource": "MISC",
] "url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc"
} },
} {
"name": "[oss-security] 20121011 Re: Pre-advisory for Konqueror 4.7.3 (other versions may be affected)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/11"
},
{
"name": "20121030 Medium risk security flaws in Konqueror",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html"
},
{
"name": "[oss-security] 20121030 Medium risk security flaws in Konqueror",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/10/30/6"
},
{
"name": "51097",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51097"
}
]
}
}

140
2012/4xxx/CVE-2012-4619.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2012-4619", "ID": "CVE-2012-4619",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via transit IP packets, aka Bug ID CSCtr46123."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20120926 Cisco IOS Software Network Address Translation Vulnerabilities", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-nat" "lang": "eng",
}, "value": "The NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via transit IP packets, aka Bug ID CSCtr46123."
{ }
"name" : "55705", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/55705" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1027579", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1027579" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20120926 Cisco IOS Software Network Address Translation Vulnerabilities",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120926-nat"
},
{
"name": "55705",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55705"
},
{
"name": "1027579",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027579"
}
]
}
}

34
2012/4xxx/CVE-2012-4666.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-4666", "ID": "CVE-2012-4666",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2012/4xxx/CVE-2012-4692.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2012-4692", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2012-4692",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none."
} }
] ]
} }
} }

34
2012/6xxx/CVE-2012-6451.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6451", "ID": "CVE-2012-6451",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2012/6xxx/CVE-2012-6660.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6660", "ID": "CVE-2012-6660",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "GE Healthcare Precision MPi has a password of (1) orion for the serviceapp user, (2) orion for the clinical operator user, and (3) PlatinumOne for the administrator user, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/" "lang": "eng",
}, "value": "GE Healthcare Precision MPi has a password of (1) orion for the serviceapp user, (2) orion for the clinical operator user, and (3) PlatinumOne for the administrator user, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value."
{ }
"name" : "https://twitter.com/digitalbond/status/619250429751222277", ]
"refsource" : "MISC", },
"url" : "https://twitter.com/digitalbond/status/619250429751222277" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02", "description": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://apps.gehealthcare.com/servlet/ClientServlet/2407310-100+Vol.+F_Rev1.pdf?REQ=RAA&DIRECTION=2407310-100+Vol.+F&FILENAME=2407310-100%2BVol.%2BF_Rev1.pdf&FILEREV=1&DOCREV_ORG=1", ]
"refsource" : "CONFIRM", }
"url" : "http://apps.gehealthcare.com/servlet/ClientServlet/2407310-100+Vol.+F_Rev1.pdf?REQ=RAA&DIRECTION=2407310-100+Vol.+F&FILENAME=2407310-100%2BVol.%2BF_Rev1.pdf&FILEREV=1&DOCREV_ORG=1" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://apps.gehealthcare.com/servlet/ClientServlet/2407310-100+Vol.+F_Rev1.pdf?REQ=RAA&DIRECTION=2407310-100+Vol.+F&FILENAME=2407310-100%2BVol.%2BF_Rev1.pdf&FILEREV=1&DOCREV_ORG=1",
"refsource": "CONFIRM",
"url": "http://apps.gehealthcare.com/servlet/ClientServlet/2407310-100+Vol.+F_Rev1.pdf?REQ=RAA&DIRECTION=2407310-100+Vol.+F&FILENAME=2407310-100%2BVol.%2BF_Rev1.pdf&FILEREV=1&DOCREV_ORG=1"
},
{
"name": "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/",
"refsource": "MISC",
"url": "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/"
},
{
"name": "https://twitter.com/digitalbond/status/619250429751222277",
"refsource": "MISC",
"url": "https://twitter.com/digitalbond/status/619250429751222277"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02"
}
]
}
}

140
2017/2xxx/CVE-2017-2178.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vultures@jpcert.or.jp", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2017-2178", "ID": "CVE-2017-2178",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Installer of electronic tendering and bid opening system", "product_name": "Installer of electronic tendering and bid opening system",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "available prior to May 25, 2017" "version_value": "available prior to May 25, 2017"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Acquisition, Technology & Logistics Agency" "vendor_name": "Acquisition, Technology & Logistics Agency"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Installer of electronic tendering and bid opening system available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mod.go.jp/atla/souhon/cals/nyusatsu_top.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mod.go.jp/atla/souhon/cals/nyusatsu_top.html" "lang": "eng",
}, "value": "Untrusted search path vulnerability in Installer of electronic tendering and bid opening system available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
{ }
"name" : "JVN#75514460", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN75514460/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "98725", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/98725" "lang": "eng",
} "value": "Untrusted search path vulnerability"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "JVN#75514460",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN75514460/index.html"
},
{
"name": "98725",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98725"
},
{
"name": "http://www.mod.go.jp/atla/souhon/cals/nyusatsu_top.html",
"refsource": "CONFIRM",
"url": "http://www.mod.go.jp/atla/souhon/cals/nyusatsu_top.html"
}
]
}
}

130
2017/2xxx/CVE-2017-2187.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vultures@jpcert.or.jp", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2017-2187", "ID": "CVE-2017-2187",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "WP Live Chat Support", "product_name": "WP Live Chat Support",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "prior to version 7.0.07" "version_value": "prior to version 7.0.07"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "CODECABIN_" "vendor_name": "CODECABIN_"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting vulnerability in WP Live Chat Support prior to version 7.0.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-site scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://plugins.trac.wordpress.org/changeset/1658232/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://plugins.trac.wordpress.org/changeset/1658232/" "lang": "eng",
}, "value": "Cross-site scripting vulnerability in WP Live Chat Support prior to version 7.0.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "JVN#70951878", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN70951878/index.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://plugins.trac.wordpress.org/changeset/1658232/",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/1658232/"
},
{
"name": "JVN#70951878",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN70951878/index.html"
}
]
}
}

34
2017/2xxx/CVE-2017-2677.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-2677", "ID": "CVE-2017-2677",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2017/6xxx/CVE-2017-6130.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "f5sirt@f5.com", "ASSIGNER": "f5sirt@f5.com",
"ID" : "CVE-2017-6130", "ID": "CVE-2017-6130",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0", "product_name": "SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0" "version_value": "SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "F5 Networks" "vendor_name": "F5 Networks"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is vulnerable to a Server-Side Request Forgery (SSRF) attack when deployed using the Dynamic Domain Bypass (DDB) feature feature plus SNAT Auto Map option for egress traffic."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Server-Side Request Forgery"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.f5.com/csp/article/K23001529", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.f5.com/csp/article/K23001529" "lang": "eng",
} "value": "F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is vulnerable to a Server-Side Request Forgery (SSRF) attack when deployed using the Dynamic Domain Bypass (DDB) feature feature plus SNAT Auto Map option for egress traffic."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Server-Side Request Forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K23001529",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K23001529"
}
]
}
}

130
2017/6xxx/CVE-2017-6195.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-6195", "ID": "CVE-2017-6195",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Ipswitch MOVEit Transfer (formerly DMZ) allows pre-authentication blind SQL injection. The fixed versions are MOVEit Transfer 2017 9.0.0.201, MOVEit DMZ 8.3.0.30, and MOVEit DMZ 8.2.0.20."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.siberas.de/assets/papers/ssa-1705_IPSWITCH_SQLinjection.txt", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.siberas.de/assets/papers/ssa-1705_IPSWITCH_SQLinjection.txt" "lang": "eng",
}, "value": "Ipswitch MOVEit Transfer (formerly DMZ) allows pre-authentication blind SQL injection. The fixed versions are MOVEit Transfer 2017 9.0.0.201, MOVEit DMZ 8.3.0.30, and MOVEit DMZ 8.2.0.20."
{ }
"name" : "http://ft.ipswitch.com/rs/751-HBN-596/images/Ipswitch-Security-Bulletin-FT-Vulnerability.pdf", ]
"refsource" : "CONFIRM", },
"url" : "http://ft.ipswitch.com/rs/751-HBN-596/images/Ipswitch-Security-Bulletin-FT-Vulnerability.pdf" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ft.ipswitch.com/rs/751-HBN-596/images/Ipswitch-Security-Bulletin-FT-Vulnerability.pdf",
"refsource": "CONFIRM",
"url": "http://ft.ipswitch.com/rs/751-HBN-596/images/Ipswitch-Security-Bulletin-FT-Vulnerability.pdf"
},
{
"name": "https://www.siberas.de/assets/papers/ssa-1705_IPSWITCH_SQLinjection.txt",
"refsource": "MISC",
"url": "https://www.siberas.de/assets/papers/ssa-1705_IPSWITCH_SQLinjection.txt"
}
]
}
}

122
2017/6xxx/CVE-2017-6251.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@nvidia.com", "ASSIGNER": "psirt@nvidia.com",
"DATE_PUBLIC" : "2017-07-27T00:00:00", "DATE_PUBLIC": "2017-07-27T00:00:00",
"ID" : "CVE-2017-6251", "ID": "CVE-2017-6251",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "NVIDIA Windows GPU Display Driver", "product_name": "NVIDIA Windows GPU Display Driver",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All" "version_value": "All"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Nvidia Corporation" "vendor_name": "Nvidia Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler where a missing permissions check may allow users to gain access to arbitrary physical system memory, which may lead to an escalation of privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Escalation of Privileges"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4525", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4525" "lang": "eng",
} "value": "NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler where a missing permissions check may allow users to gain access to arbitrary physical system memory, which may lead to an escalation of privileges."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4525",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4525"
}
]
}
}

132
2017/6xxx/CVE-2017-6289.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@nvidia.com", "ASSIGNER": "psirt@nvidia.com",
"DATE_PUBLIC" : "2018-05-07T00:00:00", "DATE_PUBLIC": "2018-05-07T00:00:00",
"ID" : "CVE-2017-6289", "ID": "CVE-2017-6289",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "NA" "version_value": "NA"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Nvidia Corporation" "vendor_name": "Nvidia Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before the 2018-05-05 security patch level, NVIDIA Trusted Execution Environment (TEE) contains a memory corruption (due to unusual root cause) vulnerability, which if run within the speculative execution of the TEE, may lead to local escalation of privileges. This issue is rated as critical. Android: A-72830049. Reference: N-CVE-2017-6289."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privileges"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2018-05-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2018-05-01" "lang": "eng",
}, "value": "In Android before the 2018-05-05 security patch level, NVIDIA Trusted Execution Environment (TEE) contains a memory corruption (due to unusual root cause) vulnerability, which if run within the speculative execution of the TEE, may lead to local escalation of privileges. This issue is rated as critical. Android: A-72830049. Reference: N-CVE-2017-6289."
{ }
"name" : "104145", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/104145" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Elevation of privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104145",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104145"
},
{
"name": "https://source.android.com/security/bulletin/2018-05-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-05-01"
}
]
}
}

34
2017/6xxx/CVE-2017-6337.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-6337", "ID": "CVE-2017-6337",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

170
2017/6xxx/CVE-2017-6500.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-6500", "ID": "CVE-2017-6500",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in ImageMagick 6.9.7. A specially crafted sun file triggers a heap-based buffer over-read."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.debian.org/856879", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.debian.org/856879" "lang": "eng",
}, "value": "An issue was discovered in ImageMagick 6.9.7. A specially crafted sun file triggers a heap-based buffer over-read."
{ }
"name" : "https://github.com/ImageMagick/ImageMagick/commit/3007531bfd326c5c1e29cd41d2cd80c166de8528", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/ImageMagick/ImageMagick/commit/3007531bfd326c5c1e29cd41d2cd80c166de8528" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/ImageMagick/ImageMagick/issues/375", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/ImageMagick/ImageMagick/issues/375" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/ImageMagick/ImageMagick/issues/376", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/ImageMagick/ImageMagick/issues/376" ]
}, },
{ "references": {
"name" : "DSA-3808", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2017/dsa-3808" "name": "https://github.com/ImageMagick/ImageMagick/commit/3007531bfd326c5c1e29cd41d2cd80c166de8528",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/ImageMagick/ImageMagick/commit/3007531bfd326c5c1e29cd41d2cd80c166de8528"
"name" : "96592", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/96592" "name": "https://bugs.debian.org/856879",
} "refsource": "CONFIRM",
] "url": "https://bugs.debian.org/856879"
} },
} {
"name": "https://github.com/ImageMagick/ImageMagick/issues/376",
"refsource": "CONFIRM",
"url": "https://github.com/ImageMagick/ImageMagick/issues/376"
},
{
"name": "https://github.com/ImageMagick/ImageMagick/issues/375",
"refsource": "CONFIRM",
"url": "https://github.com/ImageMagick/ImageMagick/issues/375"
},
{
"name": "96592",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96592"
},
{
"name": "DSA-3808",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3808"
}
]
}
}

34
2017/6xxx/CVE-2017-6523.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-6523", "ID": "CVE-2017-6523",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

276
2017/7xxx/CVE-2017-7818.json
View File

@ -1,140 +1,140 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@mozilla.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2017-7818", "ID": "CVE-2017-7818",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Firefox", "product_name": "Firefox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "56" "version_value": "56"
} }
] ]
} }
}, },
{ {
"product_name" : "Firefox ESR", "product_name": "Firefox ESR",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "52.4" "version_value": "52.4"
} }
] ]
} }
}, },
{ {
"product_name" : "Thunderbird", "product_name": "Thunderbird",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "52.4" "version_value": "52.4"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Mozilla" "vendor_name": "Mozilla"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applications (ARIA) elements within containers through the DOM. This results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Use-after-free during ARIA array manipulation"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20171101 [SECURITY] [DLA 1153-1] icedove/thunderbird security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html" "lang": "eng",
}, "value": "A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applications (ARIA) elements within containers through the DOM. This results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1363723", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1363723" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.mozilla.org/security/advisories/mfsa2017-21/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.mozilla.org/security/advisories/mfsa2017-21/" "lang": "eng",
}, "value": "Use-after-free during ARIA array manipulation"
{ }
"name" : "https://www.mozilla.org/security/advisories/mfsa2017-22/", ]
"refsource" : "CONFIRM", }
"url" : "https://www.mozilla.org/security/advisories/mfsa2017-22/" ]
}, },
{ "references": {
"name" : "https://www.mozilla.org/security/advisories/mfsa2017-23/", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.mozilla.org/security/advisories/mfsa2017-23/" "name": "[debian-lts-announce] 20171101 [SECURITY] [DLA 1153-1] icedove/thunderbird security update",
}, "refsource": "MLIST",
{ "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html"
"name" : "DSA-3987", },
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2017/dsa-3987" "name": "https://www.mozilla.org/security/advisories/mfsa2017-22/",
}, "refsource": "CONFIRM",
{ "url": "https://www.mozilla.org/security/advisories/mfsa2017-22/"
"name" : "DSA-4014", },
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2017/dsa-4014" "name": "1039465",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1039465"
"name" : "GLSA-201803-14", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201803-14" "name": "RHSA-2017:2831",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:2831"
"name" : "RHSA-2017:2831", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:2831" "name": "RHSA-2017:2885",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:2885"
"name" : "RHSA-2017:2885", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:2885" "name": "https://www.mozilla.org/security/advisories/mfsa2017-21/",
}, "refsource": "CONFIRM",
{ "url": "https://www.mozilla.org/security/advisories/mfsa2017-21/"
"name" : "101055", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/101055" "name": "101055",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/101055"
"name" : "1039465", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039465" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1363723",
} "refsource": "CONFIRM",
] "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1363723"
} },
} {
"name": "DSA-4014",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-4014"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2017-23/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2017-23/"
},
{
"name": "DSA-3987",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-3987"
},
{
"name": "GLSA-201803-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201803-14"
}
]
}
}

120
2018/11xxx/CVE-2018-11500.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11500", "ID": "CVE-2018-11500",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in PublicCMS V4.0.20180210. There is a CSRF vulnerability in \"admin/sysUser/save.do?callbackType=closeCurrent&navTabId=sysUser/list\" that can add an admin account."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/sanluan/PublicCMS/issues/11", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/sanluan/PublicCMS/issues/11" "lang": "eng",
} "value": "An issue was discovered in PublicCMS V4.0.20180210. There is a CSRF vulnerability in \"admin/sysUser/save.do?callbackType=closeCurrent&navTabId=sysUser/list\" that can add an admin account."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sanluan/PublicCMS/issues/11",
"refsource": "MISC",
"url": "https://github.com/sanluan/PublicCMS/issues/11"
}
]
}
}

130
2018/14xxx/CVE-2018-14291.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "zdi-disclosures@trendmicro.com", "ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID" : "CVE-2018-14291", "ID": "CVE-2018-14291",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Foxit Reader", "product_name": "Foxit Reader",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.0.1.5096" "version_value": "9.0.1.5096"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Foxit" "vendor_name": "Foxit"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF documents. By manipulating a document's elements, an attacker can cause a pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6231."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-416-Use After Free"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://zerodayinitiative.com/advisories/ZDI-18-751", "description_data": [
"refsource" : "MISC", {
"url" : "https://zerodayinitiative.com/advisories/ZDI-18-751" "lang": "eng",
}, "value": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF documents. By manipulating a document's elements, an attacker can cause a pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6231."
{ }
"name" : "https://www.foxitsoftware.com/support/security-bulletins.php", ]
"refsource" : "CONFIRM", },
"url" : "https://www.foxitsoftware.com/support/security-bulletins.php" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "CWE-416-Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://zerodayinitiative.com/advisories/ZDI-18-751",
"refsource": "MISC",
"url": "https://zerodayinitiative.com/advisories/ZDI-18-751"
},
{
"name": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource": "CONFIRM",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
}
]
}
}

120
2018/14xxx/CVE-2018-14396.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14396", "ID": "CVE-2018-14396",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in Creme CRM 1.6.12. The salesman creation page is affected by 10 stored cross-site scripting vulnerabilities involving the firstname, lastname, billing_address-address, billing_address-zipcode, billing_address-city, billing_address-department, shipping_address-address, shipping_address-zipcode, shipping_address-city, and shipping_address-department parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.bishopfox.com/news/2018/08/cremecrm-1-6-12-multiple-vulnerabilities/", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.bishopfox.com/news/2018/08/cremecrm-1-6-12-multiple-vulnerabilities/" "lang": "eng",
} "value": "An issue was discovered in Creme CRM 1.6.12. The salesman creation page is affected by 10 stored cross-site scripting vulnerabilities involving the firstname, lastname, billing_address-address, billing_address-zipcode, billing_address-city, billing_address-department, shipping_address-address, shipping_address-zipcode, shipping_address-city, and shipping_address-department parameters."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.bishopfox.com/news/2018/08/cremecrm-1-6-12-multiple-vulnerabilities/",
"refsource": "MISC",
"url": "https://www.bishopfox.com/news/2018/08/cremecrm-1-6-12-multiple-vulnerabilities/"
}
]
}
}

34
2018/14xxx/CVE-2018-14489.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14489", "ID": "CVE-2018-14489",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/15xxx/CVE-2018-15240.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15240", "ID": "CVE-2018-15240",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2018/15xxx/CVE-2018-15317.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "f5sirt@f5.com", "ASSIGNER": "f5sirt@f5.com",
"ID" : "CVE-2018-15317", "ID": "CVE-2018-15317",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)", "product_name": "BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, 11.2.1-11.5.6" "version_value": "14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, 11.2.1-11.5.6"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "F5 Networks, Inc." "vendor_name": "F5 Networks, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, an attacker sending specially crafted SSL records to a SSL Virtual Server will cause corruption in the SSL data structures leading to intermittent decrypt BAD_RECORD_MAC errors. Clients will be unable to access the application load balanced by a virtual server with an SSL profile until tmm is restarted."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "DoS"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.f5.com/csp/article/K43625118", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.f5.com/csp/article/K43625118" "lang": "eng",
} "value": "In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6, an attacker sending specially crafted SSL records to a SSL Virtual Server will cause corruption in the SSL data structures leading to intermittent decrypt BAD_RECORD_MAC errors. Clients will be unable to access the application load balanced by a virtual server with an SSL profile until tmm is restarted."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K43625118",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K43625118"
}
]
}
}

34
2018/15xxx/CVE-2018-15633.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15633", "ID": "CVE-2018-15633",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/20xxx/CVE-2018-20105.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-20105", "ID": "CVE-2018-20105",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/20xxx/CVE-2018-20416.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-20416", "ID": "CVE-2018-20416",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2018/20xxx/CVE-2018-20710.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-20710", "ID": "CVE-2018-20710",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/jbeder/yaml-cpp/issues/660", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/jbeder/yaml-cpp/issues/660" "lang": "eng",
} "value": "The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/jbeder/yaml-cpp/issues/660",
"refsource": "MISC",
"url": "https://github.com/jbeder/yaml-cpp/issues/660"
}
]
}
}

34
2018/9xxx/CVE-2018-9674.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9674", "ID": "CVE-2018-9674",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }