admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:21:26 +00:00
parent b20de003dc
commit 056679991b
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
58 changed files with 3591 additions and 3591 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
2001/0xxx/CVE-2001-0003.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2001-0003",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0003",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the \"Web Client NTLM Authentication\" vulnerability."
"lang": "eng",
"value": "Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the \"Web Client NTLM Authentication\" vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS01-001",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-001"
"name": "wec-ntlm-authentication(5920)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5920"
},
{
"name" : "wec-ntlm-authentication(5920)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5920"
"name": "MS01-001",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-001"
},
{
"name" : "2199",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/2199"
"name": "2199",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2199"
}
]
}

80
2001/0xxx/CVE-2001-0084.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2001-0084",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0084",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "GTK+ library allows local users to specify arbitrary modules via the GTK_MODULES environmental variable, which could allow local users to gain privileges if GTK+ is used by a setuid/setgid program."
"lang": "eng",
"value": "GTK+ library allows local users to specify arbitrary modules via the GTK_MODULES environmental variable, which could allow local users to gain privileges if GTK+ is used by a setuid/setgid program."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20010102 gtk+ security hole.",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-12/0498.html"
"name": "2165",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2165"
},
{
"name" : "20010103 Claimed vulnerability in GTK_MODULES",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2001-01/0027.html"
"name": "20010102 gtk+ security hole.",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0498.html"
},
{
"name" : "2165",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/2165"
"name": "20010103 Claimed vulnerability in GTK_MODULES",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0027.html"
},
{
"name" : "http://www.gtk.org/setuid.html",
"refsource" : "MISC",
"url" : "http://www.gtk.org/setuid.html"
"name": "http://www.gtk.org/setuid.html",
"refsource": "MISC",
"url": "http://www.gtk.org/setuid.html"
}
]
}

86
2001/0xxx/CVE-2001-0237.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2001-0237",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0237",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Memory leak in Microsoft 2000 domain controller allows remote attackers to cause a denial of service by repeatedly connecting to the Kerberos service and then disconnecting without sending any data."
"lang": "eng",
"value": "Memory leak in Microsoft 2000 domain controller allows remote attackers to cause a denial of service by repeatedly connecting to the Kerberos service and then disconnecting without sending any data."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20010509 def-2001-24: Windows 2000 Kerberos DoS",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=98942093221908&w=2"
"name": "MS01-024",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-024"
},
{
"name" : "MS01-024",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-024"
"name": "win2k-kerberos-dos(6506)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6506"
},
{
"name" : "L-079",
"refsource" : "CIAC",
"url" : "http://ciac.llnl.gov/ciac/bulletins/l-079.shtml"
"name": "20010509 def-2001-24: Windows 2000 Kerberos DoS",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=98942093221908&w=2"
},
{
"name" : "win2k-kerberos-dos(6506)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6506"
"name": "L-079",
"refsource": "CIAC",
"url": "http://ciac.llnl.gov/ciac/bulletins/l-079.shtml"
},
{
"name" : "2707",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/2707"
"name": "2707",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2707"
}
]
}

98
2001/0xxx/CVE-2001-0241.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2001-0241",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0241",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0."
"lang": "eng",
"value": "Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20010501 Windows 2000 IIS 5.0 Remote buffer overflow vulnerability (Remote SYSTEM Level Access)",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=98874912915948&w=2"
"name": "2674",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2674"
},
{
"name" : "MS01-023",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-023"
"name": "oval:org.mitre.oval:def:1068",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1068"
},
{
"name" : "CA-2001-10",
"refsource" : "CERT",
"url" : "http://www.cert.org/advisories/CA-2001-10.html"
"name": "3323",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3323"
},
{
"name" : "2674",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/2674"
"name": "iis-isapi-printer-bo(6485)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6485"
},
{
"name" : "iis-isapi-printer-bo(6485)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6485"
"name": "MS01-023",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-023"
},
{
"name" : "3323",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/3323"
"name": "CA-2001-10",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2001-10.html"
},
{
"name" : "oval:org.mitre.oval:def:1068",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1068"
"name": "20010501 Windows 2000 IIS 5.0 Remote buffer overflow vulnerability (Remote SYSTEM Level Access)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=98874912915948&w=2"
}
]
}

68
2001/0xxx/CVE-2001-0264.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2001-0264",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0264",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection."
"lang": "eng",
"value": "Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "A040301-1",
"refsource" : "ATSTAKE",
"url" : "http://www.atstake.com/research/advisories/2001/a040301-1.txt"
"name": "2534",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2534"
},
{
"name" : "2534",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/2534"
"name": "A040301-1",
"refsource": "ATSTAKE",
"url": "http://www.atstake.com/research/advisories/2001/a040301-1.txt"
}
]
}

92
2001/0xxx/CVE-2001-0318.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2001-0318",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0318",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to execute arbitrary commands by shutting down the FTP server while using a malformed working directory (cwd)."
"lang": "eng",
"value": "Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to execute arbitrary commands by shutting down the FTP server while using a malformed working directory (cwd)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20010110 proftpd 1.2.0rc2 -- example of bad coding",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=97916525715657&w=2"
"name": "MDKSA-2001:021",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-021.php3"
},
{
"name" : "20010206 Response to ProFTPD issues",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2001-02/0117.html"
"name": "CLA-2001:380",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000380"
},
{
"name" : "MDKSA-2001:021",
"refsource" : "MANDRAKE",
"url" : "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-021.php3"
"name": "proftpd-format-string(6433)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6433"
},
{
"name" : "DSA-029",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2001/dsa-029"
"name": "20010110 proftpd 1.2.0rc2 -- example of bad coding",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=97916525715657&w=2"
},
{
"name" : "CLA-2001:380",
"refsource" : "CONECTIVA",
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000380"
"name": "20010206 Response to ProFTPD issues",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0117.html"
},
{
"name" : "proftpd-format-string(6433)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6433"
"name": "DSA-029",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2001/dsa-029"
}
]
}

74
2001/0xxx/CVE-2001-0452.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2001-0452",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0452",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a \"CD *\" command followed by an ls command."
"lang": "eng",
"value": "BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a \"CD *\" command followed by an ls command."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20010428 Vulnerabilities in BRS WebWeaver",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/180506"
"name": "http://members.nbci.com/_XMCM/BSoutham/WebWeaver/WebWeaverHistory.html",
"refsource": "CONFIRM",
"url": "http://members.nbci.com/_XMCM/BSoutham/WebWeaver/WebWeaverHistory.html"
},
{
"name" : "http://members.nbci.com/_XMCM/BSoutham/WebWeaver/WebWeaverHistory.html",
"refsource" : "CONFIRM",
"url" : "http://members.nbci.com/_XMCM/BSoutham/WebWeaver/WebWeaverHistory.html"
"name": "2676",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2676"
},
{
"name" : "2676",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/2676"
"name": "20010428 Vulnerabilities in BRS WebWeaver",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/180506"
}
]
}

80
2001/0xxx/CVE-2001-0746.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2001-0746",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0746",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in Web Publisher in iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request for a long URI with (1) GETPROPERTIES, (2) GETATTRIBUTENAMES, or other methods."
"lang": "eng",
"value": "Buffer overflow in Web Publisher in iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request for a long URI with (1) GETPROPERTIES, (2) GETATTRIBUTENAMES, or other methods."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20010515 iPlanet - Netscape Enterprise Web Publisher Buffer Overflow ",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2001-05/0132.html"
"refsource": "BUGTRAQ",
"name": "20010515 iPlanet - Netscape Enterprise Web Publisher Buffer Overflow",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-05/0132.html"
},
{
"name" : "http://iplanet.com/products/iplanet_web_enterprise/iwsalert5.11.html",
"refsource" : "CONFIRM",
"url" : "http://iplanet.com/products/iplanet_web_enterprise/iwsalert5.11.html"
"name": "2732",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2732"
},
{
"name" : "netscape-enterprise-uri-bo(6554)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6554"
"name": "http://iplanet.com/products/iplanet_web_enterprise/iwsalert5.11.html",
"refsource": "CONFIRM",
"url": "http://iplanet.com/products/iplanet_web_enterprise/iwsalert5.11.html"
},
{
"name" : "2732",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/2732"
"name": "netscape-enterprise-uri-bo(6554)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6554"
}
]
}

22
2001/1xxx/CVE-2001-1588.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2001-1588",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1588",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

362
2008/1xxx/CVE-2008-1235.json
View File

@ -1,311 +1,311 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2008-1235",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-1235",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via unknown vectors that cause JavaScript to execute with the wrong principal, aka \"Privilege escalation via incorrect principals.\""
"lang": "eng",
"value": "Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via unknown vectors that cause JavaScript to execute with the wrong principal, aka \"Privilege escalation via incorrect principals.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20080327 rPSA-2008-0128-1 firefox",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/490196/100/0/threaded"
"name": "20080327 rPSA-2008-0128-1 firefox",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490196/100/0/threaded"
},
{
"name" : "http://www.mozilla.org/security/announce/2008/mfsa2008-14.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2008/mfsa2008-14.html"
"name": "oval:org.mitre.oval:def:10980",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10980"
},
{
"name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128",
"refsource" : "CONFIRM",
"url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128"
"name": "29541",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29541"
},
{
"name" : "DSA-1532",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1532"
"name": "29539",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29539"
},
{
"name" : "DSA-1534",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1534"
"name": "http://www.mozilla.org/security/announce/2008/mfsa2008-14.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2008/mfsa2008-14.html"
},
{
"name" : "DSA-1535",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1535"
"name": "ADV-2008-0999",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0999/references"
},
{
"name" : "DSA-1574",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1574"
"name": "30620",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30620"
},
{
"name" : "FEDORA-2008-3519",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00058.html"
"name": "29560",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29560"
},
{
"name" : "FEDORA-2008-3557",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00074.html"
"name": "DSA-1532",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1532"
},
{
"name" : "GLSA-200805-18",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml"
"name": "mozilla-principal-code-execution(41457)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41457"
},
{
"name" : "MDVSA-2008:080",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:080"
"name": "30327",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30327"
},
{
"name" : "MDVSA-2008:155",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:155"
"name": "238492",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1"
},
{
"name" : "RHSA-2008:0208",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2008-0208.html"
"name": "USN-592-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-592-1"
},
{
"name" : "RHSA-2008:0207",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0207.html"
"name": "29616",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29616"
},
{
"name" : "RHSA-2008:0209",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0209.html"
"name": "1019694",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019694"
},
{
"name" : "SSA:2008-128-02",
"refsource" : "SLACKWARE",
"url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.447313"
"name": "29550",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29550"
},
{
"name" : "239546",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239546-1"
"name": "29645",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29645"
},
{
"name" : "238492",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1"
"name": "USN-605-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-605-1"
},
{
"name" : "SUSE-SA:2008:019",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html"
"name": "29607",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29607"
},
{
"name" : "USN-592-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-592-1"
"name": "239546",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239546-1"
},
{
"name" : "USN-605-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-605-1"
"name": "MDVSA-2008:155",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:155"
},
{
"name" : "TA08-087A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA08-087A.html"
"name": "ADV-2008-1793",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1793/references"
},
{
"name" : "VU#466521",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/466521"
"name": "DSA-1574",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1574"
},
{
"name" : "28448",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/28448"
"name": "29558",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29558"
},
{
"name" : "oval:org.mitre.oval:def:10980",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10980"
"name": "29548",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29548"
},
{
"name" : "ADV-2008-0999",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0999/references"
"name": "30370",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30370"
},
{
"name" : "ADV-2008-0998",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0998/references"
"name": "RHSA-2008:0208",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0208.html"
},
{
"name" : "ADV-2008-2091",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/2091/references"
"name": "29526",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29526"
},
{
"name" : "ADV-2008-1793",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/1793/references"
"name": "ADV-2008-2091",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2091/references"
},
{
"name" : "1019694",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1019694"
"name": "SUSE-SA:2008:019",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html"
},
{
"name" : "29391",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29391"
"name": "TA08-087A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-087A.html"
},
{
"name" : "29560",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29560"
"name": "29391",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29391"
},
{
"name" : "29548",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29548"
"name": "30192",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30192"
},
{
"name" : "29550",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29550"
"name": "VU#466521",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/466521"
},
{
"name" : "29539",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29539"
"name": "SSA:2008-128-02",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.447313"
},
{
"name" : "29558",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29558"
"name": "RHSA-2008:0209",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0209.html"
},
{
"name" : "29616",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29616"
"name": "28448",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28448"
},
{
"name" : "29526",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29526"
"name": "RHSA-2008:0207",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0207.html"
},
{
"name" : "29541",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29541"
"name": "30016",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30016"
},
{
"name" : "29547",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29547"
"name": "DSA-1534",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1534"
},
{
"name" : "29645",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29645"
"name": "FEDORA-2008-3519",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00058.html"
},
{
"name" : "29607",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29607"
"name": "29547",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29547"
},
{
"name" : "30016",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30016"
"name": "30105",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30105"
},
{
"name" : "30094",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30094"
"name": "30094",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30094"
},
{
"name" : "30327",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30327"
"name": "GLSA-200805-18",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml"
},
{
"name" : "30370",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30370"
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128"
},
{
"name" : "31043",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31043"
"name": "31043",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31043"
},
{
"name" : "30192",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30192"
"name": "FEDORA-2008-3557",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00074.html"
},
{
"name" : "30620",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30620"
"name": "ADV-2008-0998",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0998/references"
},
{
"name" : "30105",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30105"
"name": "DSA-1535",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1535"
},
{
"name" : "mozilla-principal-code-execution(41457)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41457"
"name": "MDVSA-2008:080",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:080"
}
]
}

62
2008/1xxx/CVE-2008-1342.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2008-1342",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1342",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the search feature in Polymita BPM-Suite and CollagePortal allow remote attackers to inject arbitrary web script or HTML via the (1) _q and (2) lucene_index_field_value parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the search feature in Polymita BPM-Suite and CollagePortal allow remote attackers to inject arbitrary web script or HTML via the (1) _q and (2) lucene_index_field_value parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "29355",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29355"
"name": "29355",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29355"
}
]
}

92
2008/1xxx/CVE-2008-1383.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2008-1383",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1383",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The docert function in ssl-cert.eclass, when used by src_compile or src_install on Gentoo Linux, stores the SSL key in a binpkg, which allows local users to extract the key from the binpkg, and causes multiple systems that use this binpkg to have the same SSL key and certificate."
"lang": "eng",
"value": "The docert function in ssl-cert.eclass, when used by src_compile or src_install on Gentoo Linux, stores the SSL key in a binpkg, which allows local users to extract the key from the binpkg, and causes multiple systems that use this binpkg to have the same SSL key and certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugs.gentoo.org/show_bug.cgi?id=174759",
"refsource" : "CONFIRM",
"url" : "https://bugs.gentoo.org/show_bug.cgi?id=174759"
"name": "29436",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29436"
},
{
"name" : "GLSA-200803-30",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200803-30.xml"
"name": "https://bugs.gentoo.org/show_bug.cgi?id=174759",
"refsource": "CONFIRM",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=174759"
},
{
"name" : "28350",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/28350"
"name": "28350",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28350"
},
{
"name" : "43479",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/43479"
"name": "gentoo-docert-sslkey-weak-security(41336)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41336"
},
{
"name" : "29436",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29436"
"name": "43479",
"refsource": "OSVDB",
"url": "http://osvdb.org/43479"
},
{
"name" : "gentoo-docert-sslkey-weak-security(41336)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41336"
"name": "GLSA-200803-30",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200803-30.xml"
}
]
}

116
2008/1xxx/CVE-2008-1434.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2008-1434",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2008-1434",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (CSS) selectors, related to a \"memory handling error\" that triggers memory corruption."
"lang": "eng",
"value": "Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (CSS) selectors, related to a \"memory handling error\" that triggers memory corruption."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20080513 Microsoft Word CSS Processing Memory Corruption Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=700"
"name": "1020014",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020014"
},
{
"name" : "HPSBST02336",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=121129490723574&w=2"
"name": "MS08-026",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-026"
},
{
"name" : "SSRT080071",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=121129490723574&w=2"
"name": "ADV-2008-1504",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1504/references"
},
{
"name" : "MS08-026",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-026"
"name": "20080513 Microsoft Word CSS Processing Memory Corruption Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=700"
},
{
"name" : "TA08-134A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA08-134A.html"
"name": "SSRT080071",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=121129490723574&w=2"
},
{
"name" : "29105",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/29105"
"name": "30143",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30143"
},
{
"name" : "oval:org.mitre.oval:def:5012",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5012"
"name": "TA08-134A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-134A.html"
},
{
"name" : "ADV-2008-1504",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/1504/references"
"name": "29105",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29105"
},
{
"name" : "1020014",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1020014"
"name": "HPSBST02336",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=121129490723574&w=2"
},
{
"name" : "30143",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30143"
"name": "oval:org.mitre.oval:def:5012",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5012"
}
]
}

98
2008/1xxx/CVE-2008-1898.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2008-1898",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1898",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A certain ActiveX control in WkImgSrv.dll 7.03.0616.0, as distributed in Microsoft Works 7 and Microsoft Office 2003 and 2007, allows remote attackers to execute arbitrary code or cause a denial of service (browser crash) via an invalid WksPictureInterface property value, which triggers an improper function call."
"lang": "eng",
"value": "A certain ActiveX control in WkImgSrv.dll 7.03.0616.0, as distributed in Microsoft Works 7 and Microsoft Office 2003 and 2007, allows remote attackers to execute arbitrary code or cause a denial of service (browser crash) via an invalid WksPictureInterface property value, which triggers an improper function call."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20080417 Microsoft Works 7 WkImgSrv.dll crash POC",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/491027/100/0/threaded"
"name": "http://blogs.technet.com/swi/archive/2008/06/05/why-there-wont-be-a-security-update-for-wkimgsrv-dll.aspx",
"refsource": "MISC",
"url": "http://blogs.technet.com/swi/archive/2008/06/05/why-there-wont-be-a-security-update-for-wkimgsrv-dll.aspx"
},
{
"name" : "20080502 Microsoft Work ActiveX Insecure Method Exploit",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2008-05/0029.html"
"name": "5530",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5530"
},
{
"name" : "5460",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/5460"
"name": "28820",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28820"
},
{
"name" : "5530",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/5530"
"name": "20080502 Microsoft Work ActiveX Insecure Method Exploit",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-05/0029.html"
},
{
"name" : "http://blogs.technet.com/swi/archive/2008/06/05/why-there-wont-be-a-security-update-for-wkimgsrv-dll.aspx",
"refsource" : "MISC",
"url" : "http://blogs.technet.com/swi/archive/2008/06/05/why-there-wont-be-a-security-update-for-wkimgsrv-dll.aspx"
"name": "20080417 Microsoft Works 7 WkImgSrv.dll crash POC",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/491027/100/0/threaded"
},
{
"name" : "28820",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/28820"
"name": "5460",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5460"
},
{
"name" : "microsoft-works-wkimgsrv-dos(41876)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41876"
"name": "microsoft-works-wkimgsrv-dos(41876)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41876"
}
]
}

92
2008/5xxx/CVE-2008-5008.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2008-5008",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5008",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or libsamplerate) before 0.1.4, when \"extreme low conversion ratios\" are used, allows user-assisted attackers to have an unknown impact via a crafted audio file."
"lang": "eng",
"value": "Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or libsamplerate) before 0.1.4, when \"extreme low conversion ratios\" are used, allows user-assisted attackers to have an unknown impact via a crafted audio file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20081103 CVE Request (libsamplerate)",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2008/11/03/6"
"name": "[oss-security] 20081103 CVE Request (libsamplerate)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/11/03/6"
},
{
"name" : "http://www.mega-nerd.com/SRC/ChangeLog",
"refsource" : "CONFIRM",
"url" : "http://www.mega-nerd.com/SRC/ChangeLog"
"name": "secretrabbitcode-srcsinc-bo(46542)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46542"
},
{
"name" : "GLSA-200812-05",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200812-05.xml"
"name": "GLSA-200812-05",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200812-05.xml"
},
{
"name" : "MDVSA-2008:238",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:238"
"name": "http://www.mega-nerd.com/SRC/ChangeLog",
"refsource": "CONFIRM",
"url": "http://www.mega-nerd.com/SRC/ChangeLog"
},
{
"name" : "32090",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/32090"
"name": "32090",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32090"
},
{
"name" : "secretrabbitcode-srcsinc-bo(46542)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46542"
"name": "MDVSA-2008:238",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:238"
}
]
}

104
2008/5xxx/CVE-2008-5316.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2008-5316",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5316",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka lcms) before 1.16 allows attackers to have an unknown impact via vectors related to a length parameter inconsistency involving the contents of \"the input file,\" a different vulnerability than CVE-2007-2741."
"lang": "eng",
"value": "Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka lcms) before 1.16 allows attackers to have an unknown impact via vectors related to a length parameter inconsistency involving the contents of \"the input file,\" a different vulnerability than CVE-2007-2741."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20081128 CVE request: lcms (old issues)",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2008/11/28/3"
"name": "http://lcms.cvs.sourceforge.net/viewvc/lcms/lcms/src/cmsio1.c?r1=1.33&r2=1.34",
"refsource": "CONFIRM",
"url": "http://lcms.cvs.sourceforge.net/viewvc/lcms/lcms/src/cmsio1.c?r1=1.33&r2=1.34"
},
{
"name" : "http://lcms.cvs.sourceforge.net/viewvc/lcms/lcms/src/cmsio1.c?r1=1.33&r2=1.34",
"refsource" : "CONFIRM",
"url" : "http://lcms.cvs.sourceforge.net/viewvc/lcms/lcms/src/cmsio1.c?r1=1.33&r2=1.34"
"name": "32708",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32708"
},
{
"name" : "DSA-1684",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1684"
"name": "33066",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33066"
},
{
"name" : "RHSA-2009:0011",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2009-0011.html"
"name": "DSA-1684",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1684"
},
{
"name" : "32708",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/32708"
"name": "oval:org.mitre.oval:def:10531",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10531"
},
{
"name" : "oval:org.mitre.oval:def:10531",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10531"
"name": "[oss-security] 20081128 CVE request: lcms (old issues)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/11/28/3"
},
{
"name" : "33066",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/33066"
"name": "RHSA-2009:0011",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0011.html"
},
{
"name" : "lcms-readembeddedtexttag-bo(47119)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47119"
"name": "lcms-readembeddedtexttag-bo(47119)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47119"
}
]
}

22
2008/5xxx/CVE-2008-5471.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2008-5471",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2008-5471",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2008. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2008. Notes: none."
}
]
}

74
2008/5xxx/CVE-2008-5941.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2008-5941",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5941",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in MODx 0.9.6.1p2 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors."
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in MODx 0.9.6.1p2 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://svn.modxcms.com/svn/tattoo/tattoo/releases/0.9.6.3/install/changelog.txt",
"refsource" : "CONFIRM",
"url" : "http://svn.modxcms.com/svn/tattoo/tattoo/releases/0.9.6.3/install/changelog.txt"
"name": "JVN#66828183",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN66828183/index.html"
},
{
"name" : "JVN#66828183",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN66828183/index.html"
"name": "http://svn.modxcms.com/svn/tattoo/tattoo/releases/0.9.6.3/install/changelog.txt",
"refsource": "CONFIRM",
"url": "http://svn.modxcms.com/svn/tattoo/tattoo/releases/0.9.6.3/install/changelog.txt"
},
{
"name" : "JVNDB-2009-000004",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000004.html"
"name": "JVNDB-2009-000004",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000004.html"
}
]
}

22
2011/2xxx/CVE-2011-2195.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-2195",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-2195",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

86
2011/2xxx/CVE-2011-2628.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-2628",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-2628",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Opera before 11.11 does not properly implement FRAMESET elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to page unload."
"lang": "eng",
"value": "Opera before 11.11 does not properly implement FRAMESET elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to page unload."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.opera.com/docs/changelogs/mac/1111/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/mac/1111/"
"name": "http://www.opera.com/docs/changelogs/unix/1111/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/unix/1111/"
},
{
"name" : "http://www.opera.com/docs/changelogs/unix/1111/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/unix/1111/"
"name": "http://www.opera.com/docs/changelogs/windows/1111/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/windows/1111/"
},
{
"name" : "http://www.opera.com/docs/changelogs/windows/1111/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/windows/1111/"
"name": "http://www.opera.com/support/kb/view/992/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/support/kb/view/992/"
},
{
"name" : "http://www.opera.com/support/kb/view/992/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/support/kb/view/992/"
"name": "8425",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8425"
},
{
"name" : "8425",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8425"
"name": "http://www.opera.com/docs/changelogs/mac/1111/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/mac/1111/"
}
]
}

128
2011/2xxx/CVE-2011-2764.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-2764",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-2764",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The FS_CheckFilenameIsNotExecutable function in qcommon/files.c in the ioQuake3 engine 1.36 and earlier, as used in World of Padman, Smokin' Guns, OpenArena, Tremulous, and ioUrbanTerror, does not properly determine dangerous file extensions, which allows remote attackers to execute arbitrary code via a crafted third-party addon that creates a Trojan horse DLL file."
"lang": "eng",
"value": "The FS_CheckFilenameIsNotExecutable function in qcommon/files.c in the ioQuake3 engine 1.36 and earlier, as used in World of Padman, Smokin' Guns, OpenArena, Tremulous, and ioUrbanTerror, does not properly determine dangerous file extensions, which allows remote attackers to execute arbitrary code via a crafted third-party addon that creates a Trojan horse DLL file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20110728 Two security issues fixed in ioQuake3 engine",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/519051/100/0/threaded"
"name": "20110728 Two security issues fixed in ioQuake3 engine",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-07/0338.html"
},
{
"name" : "20110728 Two security issues fixed in ioQuake3 engine",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2011-07/0338.html"
"name": "http://svn.icculus.org/quake3?view=rev&revision=2098",
"refsource": "CONFIRM",
"url": "http://svn.icculus.org/quake3?view=rev&revision=2098"
},
{
"name" : "http://svn.icculus.org/quake3?view=rev&revision=2098",
"refsource" : "CONFIRM",
"url" : "http://svn.icculus.org/quake3?view=rev&revision=2098"
"name": "45540",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45540"
},
{
"name" : "http://thilo.tjps.eu/download/patches/ioq3-svn-r2098.diff",
"refsource" : "CONFIRM",
"url" : "http://thilo.tjps.eu/download/patches/ioq3-svn-r2098.diff"
"name": "ioquake-gamecode-code-execution(68870)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68870"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=725951",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=725951"
"name": "45539",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45539"
},
{
"name" : "FEDORA-2011-9898",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063460.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=725951",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=725951"
},
{
"name" : "GLSA-201706-23",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201706-23"
"name": "http://thilo.tjps.eu/download/patches/ioq3-svn-r2098.diff",
"refsource": "CONFIRM",
"url": "http://thilo.tjps.eu/download/patches/ioq3-svn-r2098.diff"
},
{
"name" : "48915",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/48915"
"name": "48915",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48915"
},
{
"name" : "45539",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/45539"
"name": "20110728 Two security issues fixed in ioQuake3 engine",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/519051/100/0/threaded"
},
{
"name" : "45540",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/45540"
"name": "8324",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8324"
},
{
"name" : "8324",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8324"
"name": "GLSA-201706-23",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-23"
},
{
"name" : "ioquake-gamecode-code-execution(68870)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/68870"
"name": "FEDORA-2011-9898",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063460.html"
}
]
}

22
2013/0xxx/CVE-2013-0552.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-0552",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-0552",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2013/0xxx/CVE-2013-0820.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-0820",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-0820",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2013/0xxx/CVE-2013-0851.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-0851",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2013-0851",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-bounds array access."
"lang": "eng",
"value": "The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-bounds array access."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=63ac64864c6e0e84355aa3caa5b92208997a9a8d",
"refsource" : "CONFIRM",
"url" : "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=63ac64864c6e0e84355aa3caa5b92208997a9a8d"
"name": "http://www.ffmpeg.org/security.html",
"refsource": "CONFIRM",
"url": "http://www.ffmpeg.org/security.html"
},
{
"name" : "http://www.ffmpeg.org/security.html",
"refsource" : "CONFIRM",
"url" : "http://www.ffmpeg.org/security.html"
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=63ac64864c6e0e84355aa3caa5b92208997a9a8d",
"refsource": "CONFIRM",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=63ac64864c6e0e84355aa3caa5b92208997a9a8d"
}
]
}

62
2013/1xxx/CVE-2013-1140.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-1140",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-1140",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The XML parser in Cisco Security Monitoring, Analysis, and Response System (MARS) allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCue55093."
"lang": "eng",
"value": "The XML parser in Cisco Security Monitoring, Analysis, and Response System (MARS) allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCue55093."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20130304 Cisco MARS Information Disclosure Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1140"
"name": "20130304 Cisco MARS Information Disclosure Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1140"
}
]
}

80
2013/1xxx/CVE-2013-1331.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-1331",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2013-1331",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka \"Office Buffer Overflow Vulnerability.\""
"lang": "eng",
"value": "Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka \"Office Buffer Overflow Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS13-051",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-051"
"name": "oval:org.mitre.oval:def:16713",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16713"
},
{
"name" : "TA13-168A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/ncas/alerts/TA13-168A"
"name": "TA13-168A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/ncas/alerts/TA13-168A"
},
{
"name" : "oval:org.mitre.oval:def:16713",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16713"
"name": "oval:org.mitre.oval:def:16732",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16732"
},
{
"name" : "oval:org.mitre.oval:def:16732",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16732"
"name": "MS13-051",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-051"
}
]
}

74
2013/1xxx/CVE-2013-1630.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-1630",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1630",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "pyshop before 0.7.1 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a download operation."
"lang": "eng",
"value": "pyshop before 0.7.1 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a download operation."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.reddit.com/r/Python/comments/17rfh7/warning_dont_use_pip_in_an_untrusted_network_a/",
"refsource" : "MISC",
"url" : "http://www.reddit.com/r/Python/comments/17rfh7/warning_dont_use_pip_in_an_untrusted_network_a/"
"name": "https://github.com/mardiros/pyshop/commit/ffadb0bcdef1e385884571670210cfd6ba351784",
"refsource": "CONFIRM",
"url": "https://github.com/mardiros/pyshop/commit/ffadb0bcdef1e385884571670210cfd6ba351784"
},
{
"name" : "https://github.com/mardiros/pyshop/blob/master/CHANGES.txt",
"refsource" : "CONFIRM",
"url" : "https://github.com/mardiros/pyshop/blob/master/CHANGES.txt"
"name": "https://github.com/mardiros/pyshop/blob/master/CHANGES.txt",
"refsource": "CONFIRM",
"url": "https://github.com/mardiros/pyshop/blob/master/CHANGES.txt"
},
{
"name" : "https://github.com/mardiros/pyshop/commit/ffadb0bcdef1e385884571670210cfd6ba351784",
"refsource" : "CONFIRM",
"url" : "https://github.com/mardiros/pyshop/commit/ffadb0bcdef1e385884571670210cfd6ba351784"
"name": "http://www.reddit.com/r/Python/comments/17rfh7/warning_dont_use_pip_in_an_untrusted_network_a/",
"refsource": "MISC",
"url": "http://www.reddit.com/r/Python/comments/17rfh7/warning_dont_use_pip_in_an_untrusted_network_a/"
}
]
}

22
2013/1xxx/CVE-2013-1644.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-1644",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1644",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

92
2013/1xxx/CVE-2013-1925.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-1925",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1925",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Chaos Tool Suite (ctools) module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict node access, which allows remote authenticated users with the \"access content\" permission to read restricted node titles via an autocomplete list."
"lang": "eng",
"value": "The Chaos Tool Suite (ctools) module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict node access, which allows remote authenticated users with the \"access content\" permission to read restricted node titles via an autocomplete list."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20130403 [Security-news] SA-CONTRIB-2013-041 - Chaos tool suite (ctools) - Access bypass",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2013/Apr/8"
"name": "http://packetstormsecurity.com/files/121072/Drupal-Chaos-Tool-Suite-7.x-Access-Bypass.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/121072/Drupal-Chaos-Tool-Suite-7.x-Access-Bypass.html"
},
{
"name" : "http://packetstormsecurity.com/files/121072/Drupal-Chaos-Tool-Suite-7.x-Access-Bypass.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/121072/Drupal-Chaos-Tool-Suite-7.x-Access-Bypass.html"
"name": "https://drupal.org/node/1960406",
"refsource": "MISC",
"url": "https://drupal.org/node/1960406"
},
{
"name" : "https://drupal.org/node/1960406",
"refsource" : "MISC",
"url" : "https://drupal.org/node/1960406"
"name": "91986",
"refsource": "OSVDB",
"url": "http://osvdb.org/91986"
},
{
"name" : "https://drupal.org/node/1960424",
"refsource" : "CONFIRM",
"url" : "https://drupal.org/node/1960424"
"name": "drupal-chaostool-node-security-bypass(83254)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83254"
},
{
"name" : "91986",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/91986"
"name": "https://drupal.org/node/1960424",
"refsource": "CONFIRM",
"url": "https://drupal.org/node/1960424"
},
{
"name" : "drupal-chaostool-node-security-bypass(83254)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/83254"
"name": "20130403 [Security-news] SA-CONTRIB-2013-041 - Chaos tool suite (ctools) - Access bypass",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2013/Apr/8"
}
]
}

62
2013/3xxx/CVE-2013-3450.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-3450",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-3450",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in the User WebDialer page in Cisco Unified Communications Manager (Unified CM) allows remote attackers to hijack the authentication of arbitrary users for requests that dial calls, aka Bug ID CSCui13028."
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in the User WebDialer page in Cisco Unified Communications Manager (Unified CM) allows remote attackers to hijack the authentication of arbitrary users for requests that dial calls, aka Bug ID CSCui13028."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20130802 Cisco Unified Communications Manager User Web Dialer Vulnerable to CSRF Attack",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3450"
"name": "20130802 Cisco Unified Communications Manager User Web Dialer Vulnerable to CSRF Attack",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3450"
}
]
}

68
2013/4xxx/CVE-2013-4482.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-4482",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4482",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in python-paste-script (aka paster) in Luci 0.26.0, when started using the initscript, allows local users to gain privileges via a Trojan horse .egg-info file in the (1) current working directory or (2) its parent directories."
"lang": "eng",
"value": "Untrusted search path vulnerability in python-paste-script (aka paster) in Luci 0.26.0, when started using the initscript, allows local users to gain privileges via a Trojan horse .egg-info file in the (1) current working directory or (2) its parent directories."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=990321",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=990321"
"name": "RHSA-2013:1603",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1603.html"
},
{
"name" : "RHSA-2013:1603",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1603.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=990321",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=990321"
}
]
}

68
2013/4xxx/CVE-2013-4846.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-4846",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2013-4846",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.3 allows remote attackers to obtain sensitive information via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.3 allows remote attackers to obtain sensitive information via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "HPSBMU02947",
"refsource" : "HP",
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
"name": "SSRT101285",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
},
{
"name" : "SSRT101285",
"refsource" : "HP",
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
"name": "HPSBMU02947",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04039138"
}
]
}

22
2017/12xxx/CVE-2017-12384.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-12384",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12384",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2017/12xxx/CVE-2017-12385.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-12385",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12385",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2017/12xxx/CVE-2017-12462.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-12462",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12462",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2017/12xxx/CVE-2017-12906.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-12906",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-12906",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in NexusPHP allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) cheaters.php or (2) confirm_resend.php."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in NexusPHP allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) cheaters.php or (2) confirm_resend.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://loid.online/cve/cve.txt",
"refsource" : "MISC",
"url" : "http://loid.online/cve/cve.txt"
"name": "http://loid.online/cve/cve.txt",
"refsource": "MISC",
"url": "http://loid.online/cve/cve.txt"
},
{
"name" : "http://www.sstrunk.com/cve/confirm_resend.html",
"refsource" : "MISC",
"url" : "http://www.sstrunk.com/cve/confirm_resend.html"
"name": "http://www.sstrunk.com/cve/confirm_resend.html",
"refsource": "MISC",
"url": "http://www.sstrunk.com/cve/confirm_resend.html"
}
]
}

70
2017/13xxx/CVE-2017-13150.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"DATE_PUBLIC" : "2017-12-04T00:00:00",
"ID" : "CVE-2017-13150",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"DATE_PUBLIC": "2017-12-04T00:00:00",
"ID": "CVE-2017-13150",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "7.0"
"version_value": "7.0"
},
{
"version_value" : "7.1.1"
"version_value": "7.1.1"
},
{
"version_value" : "7.1.2"
"version_value": "7.1.2"
},
{
"version_value" : "8.0"
"version_value": "8.0"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-38328132."
"lang": "eng",
"value": "An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-38328132."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Information disclosure"
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/pixel/2017-12-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/pixel/2017-12-01"
"name": "https://source.android.com/security/bulletin/pixel/2017-12-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/pixel/2017-12-01"
}
]
}

64
2017/13xxx/CVE-2017-13172.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"DATE_PUBLIC" : "2017-12-04T00:00:00",
"ID" : "CVE-2017-13172",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"DATE_PUBLIC": "2017-12-04T00:00:00",
"ID": "CVE-2017-13172",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "Android kernel"
"version_value": "Android kernel"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the MediaTek bluetooth driver. Product: Android. Versions: Android kernel. Android ID A-36493287. References: M-ALPS03495791."
"lang": "eng",
"value": "An elevation of privilege vulnerability in the MediaTek bluetooth driver. Product: Android. Versions: Android kernel. Android ID A-36493287. References: M-ALPS03495791."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Elevation of privilege"
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/pixel/2017-12-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/pixel/2017-12-01"
"name": "https://source.android.com/security/bulletin/pixel/2017-12-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/pixel/2017-12-01"
}
]
}

74
2017/13xxx/CVE-2017-13743.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-13743",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-13743",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "There is a buffer overflow in Liblouis 3.2.0, triggered in the function _lou_showString() in utils.c, that will lead to a remote denial of service attack."
"lang": "eng",
"value": "There is a buffer overflow in Liblouis 3.2.0, triggered in the function _lou_showString() in utils.c, that will lead to a remote denial of service attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1484335",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1484335"
"name": "100607",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100607"
},
{
"name" : "RHSA-2017:3111",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:3111"
"name": "RHSA-2017:3111",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3111"
},
{
"name" : "100607",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/100607"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1484335",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484335"
}
]
}

70
2017/16xxx/CVE-2017-16149.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00",
"ID" : "CVE-2017-16149",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC": "2018-04-26T00:00:00",
"ID": "CVE-2017-16149",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "zwserver node module",
"version" : {
"version_data" : [
"product_name": "zwserver node module",
"version": {
"version_data": [
{
"version_value" : "All versions"
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name" : "HackerOne"
"vendor_name": "HackerOne"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "zwserver is a weather web server. zwserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing \"../\" in the url."
"lang": "eng",
"value": "zwserver is a weather web server. zwserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing \"../\" in the url."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Path Traversal (CWE-22)"
"lang": "eng",
"value": "Path Traversal (CWE-22)"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/zwserver",
"refsource" : "MISC",
"url" : "https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/zwserver"
"name": "https://nodesecurity.io/advisories/372",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/372"
},
{
"name" : "https://nodesecurity.io/advisories/372",
"refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/372"
"name": "https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/zwserver",
"refsource": "MISC",
"url": "https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/zwserver"
}
]
}

22
2017/16xxx/CVE-2017-16480.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-16480",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-16480",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
}
]
}

22
2017/16xxx/CVE-2017-16508.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-16508",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-16508",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
}
]
}

22
2017/16xxx/CVE-2017-16937.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-16937",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-16937",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2017/17xxx/CVE-2017-17113.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-17113",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-17113",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a NULL pointer dereference via a 0x830000c4 DeviceIoControl request."
"lang": "eng",
"value": "ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a NULL pointer dereference via a 0x830000c4 DeviceIoControl request."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/k0keoyo/Driver-Loaded-PoC/tree/master/IKARUS-Antivirus/Null_Pointer_Dereference_1",
"refsource" : "MISC",
"url" : "https://github.com/k0keoyo/Driver-Loaded-PoC/tree/master/IKARUS-Antivirus/Null_Pointer_Dereference_1"
"name": "https://github.com/k0keoyo/Driver-Loaded-PoC/tree/master/IKARUS-Antivirus/Null_Pointer_Dereference_1",
"refsource": "MISC",
"url": "https://github.com/k0keoyo/Driver-Loaded-PoC/tree/master/IKARUS-Antivirus/Null_Pointer_Dereference_1"
}
]
}

68
2017/17xxx/CVE-2017-17734.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-17734",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-17734",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in sessions."
"lang": "eng",
"value": "CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in sessions."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://forum.cmsmadesimple.org/viewtopic.php?f=1&t=77737",
"refsource" : "CONFIRM",
"url" : "https://forum.cmsmadesimple.org/viewtopic.php?f=1&t=77737"
"name": "https://forum.cmsmadesimple.org/viewtopic.php?f=1&t=77737",
"refsource": "CONFIRM",
"url": "https://forum.cmsmadesimple.org/viewtopic.php?f=1&t=77737"
},
{
"name" : "https://www.cmsmadesimple.org/2017/12/Announcing-CMSMS-v2.2.5-Wawa",
"refsource" : "CONFIRM",
"url" : "https://www.cmsmadesimple.org/2017/12/Announcing-CMSMS-v2.2.5-Wawa"
"name": "https://www.cmsmadesimple.org/2017/12/Announcing-CMSMS-v2.2.5-Wawa",
"refsource": "CONFIRM",
"url": "https://www.cmsmadesimple.org/2017/12/Announcing-CMSMS-v2.2.5-Wawa"
}
]
}

22
2017/4xxx/CVE-2017-4189.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-4189",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-4189",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

22
2017/4xxx/CVE-2017-4442.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-4442",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-4442",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

22
2017/4xxx/CVE-2017-4678.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-4678",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-4678",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

22
2018/18xxx/CVE-2018-18153.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-18153",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18153",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2018/18xxx/CVE-2018-18441.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-18441",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18441",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L, and many more. There are many affected firmware versions starting from 1.00 and above. The configuration file can be accessed remotely through: <Camera-IP>/common/info.cgi, with no authentication. The configuration file include the following fields: model, product, brand, version, build, hw_version, nipca version, device name, location, MAC address, IP address, gateway IP address, wireless status, input/output settings, speaker, and sensor settings."
"lang": "eng",
"value": "D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L, and many more. There are many affected firmware versions starting from 1.00 and above. The configuration file can be accessed remotely through: <Camera-IP>/common/info.cgi, with no authentication. The configuration file include the following fields: model, product, brand, version, build, hw_version, nipca version, device name, location, MAC address, IP address, gateway IP address, wireless status, input/output settings, speaker, and sensor settings."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://dojo.bullguard.com/dojo-by-bullguard/blog/i-got-my-eyeon-you-security-vulnerabilities-in-baby-monitor/",
"refsource" : "MISC",
"url" : "https://dojo.bullguard.com/dojo-by-bullguard/blog/i-got-my-eyeon-you-security-vulnerabilities-in-baby-monitor/"
"name": "https://dojo.bullguard.com/dojo-by-bullguard/blog/i-got-my-eyeon-you-security-vulnerabilities-in-baby-monitor/",
"refsource": "MISC",
"url": "https://dojo.bullguard.com/dojo-by-bullguard/blog/i-got-my-eyeon-you-security-vulnerabilities-in-baby-monitor/"
}
]
}

74
2018/18xxx/CVE-2018-18566.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-18566",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18566",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allow remote attackers to obtain sensitive phone configuration information by leveraging use with an on-premise installation with Skype for Business."
"lang": "eng",
"value": "The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allow remote attackers to obtain sensitive phone configuration information by leveraging use with an on-premise installation with Skype for Business."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20181023 [SYSS-2018-028] information leakage with Polycom VVX Phones (Skype for Business, on-premise) - CVE-2018-18566",
"refsource" : "BUGTRAQ",
"url" : "https://seclists.org/bugtraq/2018/Oct/33"
"name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-028.txt",
"refsource": "MISC",
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-028.txt"
},
{
"name" : "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-028.txt",
"refsource" : "MISC",
"url" : "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-028.txt"
"name": "105746",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105746"
},
{
"name" : "105746",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/105746"
"name": "20181023 [SYSS-2018-028] information leakage with Polycom VVX Phones (Skype for Business, on-premise) - CVE-2018-18566",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2018/Oct/33"
}
]
}

22
2018/18xxx/CVE-2018-18691.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-18691",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18691",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

106
2018/1xxx/CVE-2018-1738.json
View File

@ -1,93 +1,93 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-10-04T00:00:00",
"ID" : "CVE-2018-1738",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-10-04T00:00:00",
"ID": "CVE-2018-1738",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Security Key Lifecycle Manager",
"version" : {
"version_data" : [
"product_name": "Security Key Lifecycle Manager",
"version": {
"version_data": [
{
"version_value" : "2.6"
"version_value": "2.6"
},
{
"version_value" : "2.7"
"version_value": "2.7"
},
{
"version_value" : "3.0"
"version_value": "3.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Security Key Lifecycle Manager 2.6, 2.7, 3.0 could allow an authenticated user to obtain highly sensitive information or jeopardize system integrity due to improper authentication mechanisms. IBM X-Force ID: 147907."
"lang": "eng",
"value": "IBM Security Key Lifecycle Manager 2.6, 2.7, 3.0 could allow an authenticated user to obtain highly sensitive information or jeopardize system integrity due to improper authentication mechanisms. IBM X-Force ID: 147907."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "H",
"I" : "L",
"PR" : "L",
"S" : "U",
"SCORE" : "7.100",
"UI" : "N"
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"AV": "N",
"C": "H",
"I": "L",
"PR": "L",
"S": "U",
"SCORE": "7.100",
"UI": "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Gain Access"
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10733309",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10733309"
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10733309",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10733309"
},
{
"name" : "ibm-tivoli-cve20181738-improper-auth(147907)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/147907"
"name": "ibm-tivoli-cve20181738-improper-auth(147907)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/147907"
}
]
}

102
2018/1xxx/CVE-2018-1876.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-10-30T00:00:00",
"ID" : "CVE-2018-1876",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-10-30T00:00:00",
"ID": "CVE-2018-1876",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Robotic Process Automation with Automation Anywhere",
"version" : {
"version_data" : [
"product_name": "Robotic Process Automation with Automation Anywhere",
"version": {
"version_data": [
{
"version_value" : "11"
"version_value": "11"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the password in a Control Room log file after installation. IBM X-Force ID: 151707."
"lang": "eng",
"value": "IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the password in a Control Room log file after installation. IBM X-Force ID: 151707."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "L",
"C" : "H",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "6.200",
"UI" : "N"
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"AV": "L",
"C": "H",
"I": "N",
"PR": "N",
"S": "U",
"SCORE": "6.200",
"UI": "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Obtain Information"
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10735967",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10735967"
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10735967",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10735967"
},
{
"name" : "ibm-rpa-cve20181876-info-disc(151707)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/151707"
"name": "ibm-rpa-cve20181876-info-disc(151707)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/151707"
}
]
}

74
2018/5xxx/CVE-2018-5033.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@adobe.com",
"ID" : "CVE-2018-5033",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2018-5033",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions",
"version" : {
"version_data" : [
"product_name": "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions",
"version": {
"version_data": [
{
"version_value" : "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions"
"version_value": "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure."
"lang": "eng",
"value": "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Out-of-bounds read"
"lang": "eng",
"value": "Out-of-bounds read"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb18-21.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb18-21.html"
"name": "https://helpx.adobe.com/security/products/acrobat/apsb18-21.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb18-21.html"
},
{
"name" : "104699",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/104699"
"name": "104699",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104699"
},
{
"name" : "1041250",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041250"
"name": "1041250",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041250"
}
]
}

88
2018/5xxx/CVE-2018-5116.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@mozilla.org",
"ID" : "CVE-2018-5116",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2018-5116",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Firefox",
"version" : {
"version_data" : [
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected" : "<",
"version_value" : "58"
"version_affected": "<",
"version_value": "58"
}
]
}
}
]
},
"vendor_name" : "Mozilla"
"vendor_name": "Mozilla"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "WebExtensions with the \"ActiveTab\" permission are able to access frames hosted within the active tab even if the frames are cross-origin. Malicious extensions can inject frames from arbitrary origins into the loaded page and then interact with them, bypassing same-origin user expectations with this permission. This vulnerability affects Firefox < 58."
"lang": "eng",
"value": "WebExtensions with the \"ActiveTab\" permission are able to access frames hosted within the active tab even if the frames are cross-origin. Malicious extensions can inject frames from arbitrary origins into the loaded page and then interact with them, bypassing same-origin user expectations with this permission. This vulnerability affects Firefox < 58."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "WebExtension ActiveTab permission allows cross-origin frame content access"
"lang": "eng",
"value": "WebExtension ActiveTab permission allows cross-origin frame content access"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1396399",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1396399"
"name": "1040270",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040270"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-02/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-02/"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1396399",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1396399"
},
{
"name" : "USN-3544-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3544-1/"
"name": "USN-3544-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3544-1/"
},
{
"name" : "102786",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/102786"
"name": "102786",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102786"
},
{
"name" : "1040270",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1040270"
"name": "https://www.mozilla.org/security/advisories/mfsa2018-02/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2018-02/"
}
]
}

62
2018/5xxx/CVE-2018-5373.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-5373",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-5373",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Smooth Slider plugin through 2.8.6 for WordPress has SQL Injection via smooth-slider.php (trid parameter)."
"lang": "eng",
"value": "The Smooth Slider plugin through 2.8.6 for WordPress has SQL Injection via smooth-slider.php (trid parameter)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.defensecode.com/advisories/DC-2018-01-004_WordPress_Smooth_Slider_Plugin_Advisory.pdf",
"refsource" : "MISC",
"url" : "http://www.defensecode.com/advisories/DC-2018-01-004_WordPress_Smooth_Slider_Plugin_Advisory.pdf"
"name": "http://www.defensecode.com/advisories/DC-2018-01-004_WordPress_Smooth_Slider_Plugin_Advisory.pdf",
"refsource": "MISC",
"url": "http://www.defensecode.com/advisories/DC-2018-01-004_WordPress_Smooth_Slider_Plugin_Advisory.pdf"
}
]
}

82
2018/5xxx/CVE-2018-5924.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "hp-security-alert@hp.com",
"DATE_PUBLIC" : "2018-08-01T00:00:00",
"ID" : "CVE-2018-5924",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"DATE_PUBLIC": "2018-08-01T00:00:00",
"ID": "CVE-2018-5924",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "HP inkjet printers",
"version" : {
"version_data" : [
"product_name": "HP inkjet printers",
"version": {
"version_data": [
{
"version_value" : "Various (see reference)"
"version_value": "Various (see reference)"
}
]
}
}
]
},
"vendor_name" : "HP Inc."
"vendor_name": "HP Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a stack buffer overflow, which could allow remote code execution."
"lang": "eng",
"value": "A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a stack buffer overflow, which could allow remote code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Remote code execution"
"lang": "eng",
"value": "Remote code execution"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://research.checkpoint.com/sending-fax-back-to-the-dark-ages/",
"refsource" : "MISC",
"url" : "https://research.checkpoint.com/sending-fax-back-to-the-dark-ages/"
"name": "105010",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105010"
},
{
"name" : "HPSBHF03589",
"refsource" : "HP",
"url" : "https://support.hp.com/us-en/document/c06097712"
"name": "1041415",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041415"
},
{
"name" : "105010",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/105010"
"name": "https://research.checkpoint.com/sending-fax-back-to-the-dark-ages/",
"refsource": "MISC",
"url": "https://research.checkpoint.com/sending-fax-back-to-the-dark-ages/"
},
{
"name" : "1041415",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041415"
"name": "HPSBHF03589",
"refsource": "HP",
"url": "https://support.hp.com/us-en/document/c06097712"
}
]
}