admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-02-06 14:01:12 +00:00
parent a45bbe5e63
commit 231b15d846
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
6 changed files with 330 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
2012/2xxx/CVE-2012-2593.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-2593",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,56 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting (XSS) vulnerability in the administrative interface in Atmail Webmail Server 6.4 allows remote attackers to inject arbitrary web script or HTML via the Date field of an email."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Atmail",
"product": {
"product_data": [
{
"product_name": "Atmail Webmail Server",
"version": {
"version_data": [
{
"version_value": "6.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/20009",
"url": "http://www.exploit-db.com/exploits/20009"
},
{
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/54630",
"url": "http://www.securityfocus.com/bid/54630"
}
]
}

60
2015/6xxx/CVE-2015-6000.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-6000",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,61 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.3.0 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in test/logo/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "File Upload"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Vtiger",
"product": {
"product_data": [
{
"product_name": "Vtiger CRM",
"version": {
"version_data": [
{
"version_value": "6.3.0 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://b.fl7.de/2015/09/vtiger-crm-authenticated-rce-cve-2015-6000.html",
"url": "http://b.fl7.de/2015/09/vtiger-crm-authenticated-rce-cve-2015-6000.html"
},
{
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/38345/",
"url": "https://www.exploit-db.com/exploits/38345/"
},
{
"refsource": "MISC",
"name": "http://www.securityfocus.com//archive/1/536563/100/0/threaded",
"url": "http://www.securityfocus.com//archive/1/536563/100/0/threaded"
}
]
}

65
2016/7xxx/CVE-2016-7523.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "security@debian.org",
"ID": "CVE-2016-7523",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,66 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ImageMagick",
"product": {
"product_data": [
{
"product_name": "ImageMagick",
"version": {
"version_data": [
{
"version_value": "before 7.0.1-0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2016/09/22/2",
"url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
},
{
"refsource": "MISC",
"name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537420",
"url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537420"
},
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378754",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378754"
},
{
"refsource": "MISC",
"name": "https://github.com/ImageMagick/ImageMagick/issues/94",
"url": "https://github.com/ImageMagick/ImageMagick/issues/94"
}
]
}

75
2016/7xxx/CVE-2016-7524.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "security@debian.org",
"ID": "CVE-2016-7524",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,76 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ImageMagick",
"product": {
"product_data": [
{
"product_name": "ImageMagick",
"version": {
"version_data": [
{
"version_value": "before 7.0.1-0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/ImageMagick/ImageMagick/issues/96",
"url": "https://github.com/ImageMagick/ImageMagick/issues/96"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2016/09/22/2",
"url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
},
{
"refsource": "MISC",
"name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537422",
"url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537422"
},
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378762"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/ImageMagick/ImageMagick/commit/f8c318d462270b03e77f082e2a3a32867cacd3c6",
"url": "https://github.com/ImageMagick/ImageMagick/commit/f8c318d462270b03e77f082e2a3a32867cacd3c6"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/ImageMagick/ImageMagick/commit/97c9f438a9b3454d085895f4d1f66389fd22a0fb",
"url": "https://github.com/ImageMagick/ImageMagick/commit/97c9f438a9b3454d085895f4d1f66389fd22a0fb"
}
]
}

85
2016/9xxx/CVE-2016-9928.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "security@debian.org",
"ID": "CVE-2016-9928",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,86 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XMPP packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "MCabber",
"product": {
"product_data": [
{
"product_name": "MCabber",
"version": {
"version_data": [
{
"version_value": "before 1.0.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1403790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1403790"
},
{
"refsource": "CONFIRM",
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845258",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845258"
},
{
"refsource": "CONFIRM",
"name": "https://bitbucket.org/McKael/mcabber-crew/commits/6e1ead98930d7dd0a520ad17c720ae4908429033/raw",
"url": "https://bitbucket.org/McKael/mcabber-crew/commits/6e1ead98930d7dd0a520ad17c720ae4908429033/raw"
},
{
"refsource": "MISC",
"name": "https://gultsch.de/gajim_roster_push_and_message_interception.html",
"url": "https://gultsch.de/gajim_roster_push_and_message_interception.html"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2017/02/09/29",
"url": "http://www.openwall.com/lists/oss-security/2017/02/09/29"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2016/12/11/2",
"url": "http://www.openwall.com/lists/oss-security/2016/12/11/2"
},
{
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/94862",
"url": "http://www.securityfocus.com/bid/94862"
},
{
"refsource": "CONFIRM",
"name": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00130.html",
"url": "http://lists.opensuse.org/opensuse-updates/2017-01/msg00130.html"
}
]
}

5
2020/1xxx/CVE-2020-1940.json
View File

@ -88,6 +88,11 @@
"refsource": "MLIST",
"name": "[jackrabbit-oak-commits] 20200205 svn commit: r1873622 - /jackrabbit/oak/trunk/oak-doc/src/site/markdown/security/reports.md",
"url": "https://lists.apache.org/thread.html/rc35a57ecdeae342d46f729d6bc9750ba860c101f450cc171798dba28@%3Coak-commits.jackrabbit.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[jackrabbit-commits] 20200206 svn commit: r1873705 [4/5] - in /jackrabbit/site/live/oak/docs: ./ META-INF/ architecture/ coldstandby/ features/ nodestore/ nodestore/document/ nodestore/segment/ oak_api/ plugins/ query/ security/ security/accesscontrol/ security/authentication/ secu...",
"url": "https://lists.apache.org/thread.html/rbef4701b5ce4d827182e70ad7b4d987a9157682ba3643e05a9ef5a7b@%3Ccommits.jackrabbit.apache.org%3E"
}
]
},