admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:20:15 +00:00
parent 345be4044f
commit 23fb36cd64
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
58 changed files with 3889 additions and 3889 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
2003/0xxx/CVE-2003-0207.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0207", "ID": "CVE-2003-0207",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "ps2epsi creates insecure temporary files when calling ghostscript, which allows local attackers to overwrite arbitrary files." "value": "ps2epsi creates insecure temporary files when calling ghostscript, which allows local attackers to overwrite arbitrary files."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "DSA-286", "name": "DSA-286",
"refsource" : "DEBIAN", "refsource": "DEBIAN",
"url" : "http://www.debian.org/security/2003/dsa-286" "url": "http://www.debian.org/security/2003/dsa-286"
} }
] ]
} }

80
2003/0xxx/CVE-2003-0471.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0471", "ID": "CVE-2003-0471",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument." "value": "Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20030624 Remote Buffer Overrun WebAdmin.exe", "name": "8024",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://marc.info/?l=bugtraq&m=105647081418155&w=2" "url": "http://www.securityfocus.com/bid/8024"
}, },
{ {
"name" : "20030624 Re: WebAdmin from ALT-N remote exploit PoC", "name": "20030624 Re: WebAdmin from ALT-N remote exploit PoC",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=105648385900792&w=2" "url": "http://marc.info/?l=bugtraq&m=105648385900792&w=2"
}, },
{ {
"name" : "8024", "name": "2207",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/8024" "url": "http://www.osvdb.org/2207"
}, },
{ {
"name" : "2207", "name": "20030624 Remote Buffer Overrun WebAdmin.exe",
"refsource" : "OSVDB", "refsource": "BUGTRAQ",
"url" : "http://www.osvdb.org/2207" "url": "http://marc.info/?l=bugtraq&m=105647081418155&w=2"
} }
] ]
} }

80
2003/0xxx/CVE-2003-0511.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0511", "ID": "CVE-2003-0511",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL." "value": "The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20030728 Cisco Aironet AP 1100 Malformed HTTP Request Crash Vulnerability", "name": "20030728 Cisco Aironet AP 1100 Malformed HTTP Request Crash Vulnerability",
"refsource" : "VULNWATCH", "refsource": "VULNWATCH",
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0055.html" "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0055.html"
}, },
{ {
"name" : "http://www.vigilante.com/inetsecurity/advisories/VIGILANTE-2003001.htm", "name": "20030728 HTTP GET Vulnerability in AP1x00",
"refsource" : "MISC", "refsource": "CISCO",
"url" : "http://www.vigilante.com/inetsecurity/advisories/VIGILANTE-2003001.htm" "url": "http://www.cisco.com/warp/public/707/cisco-sa-20030728-ap1x00.shtml"
}, },
{ {
"name" : "20030728 HTTP GET Vulnerability in AP1x00", "name": "http://www.vigilante.com/inetsecurity/advisories/VIGILANTE-2003001.htm",
"refsource" : "CISCO", "refsource": "MISC",
"url" : "http://www.cisco.com/warp/public/707/cisco-sa-20030728-ap1x00.shtml" "url": "http://www.vigilante.com/inetsecurity/advisories/VIGILANTE-2003001.htm"
}, },
{ {
"name" : "oval:org.mitre.oval:def:5834", "name": "oval:org.mitre.oval:def:5834",
"refsource" : "OVAL", "refsource": "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5834" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5834"
} }
] ]
} }

62
2003/1xxx/CVE-2003-1002.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1002", "ID": "CVE-2003-1002",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set." "value": "Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20031215 Cisco FWSM Vulnerabilities", "name": "20031215 Cisco FWSM Vulnerabilities",
"refsource" : "CISCO", "refsource": "CISCO",
"url" : "http://www.cisco.com/warp/public/707/cisco-sa-20031215-fwsm.shtml" "url": "http://www.cisco.com/warp/public/707/cisco-sa-20031215-fwsm.shtml"
} }
] ]
} }

92
2003/1xxx/CVE-2003-1129.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1129", "ID": "CVE-2003-1129",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in the Yahoo! Audio Conferencing (aka Voice Chat) ActiveX control before 1,0,0,45 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a URL with a long hostname to Yahoo! Messenger or Yahoo! Chat." "value": "Buffer overflow in the Yahoo! Audio Conferencing (aka Voice Chat) ActiveX control before 1,0,0,45 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a URL with a long hostname to Yahoo! Messenger or Yahoo! Chat."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://help.yahoo.com/help/us/mesg/use/use-45.html", "name": "7561",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://help.yahoo.com/help/us/mesg/use/use-45.html" "url": "http://www.securityfocus.com/bid/7561"
}, },
{ {
"name" : "20030530 Yahoo! Security Advisory: Yahoo! Voice Chat", "name": "yahoo-audio-bo(12130)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/323439" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12130"
}, },
{ {
"name" : "VU#272644", "name": "VU#272644",
"refsource" : "CERT-VN", "refsource": "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/272644" "url": "http://www.kb.cert.org/vuls/id/272644"
}, },
{ {
"name" : "7561", "name": "http://help.yahoo.com/help/us/mesg/use/use-45.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/7561" "url": "http://help.yahoo.com/help/us/mesg/use/use-45.html"
}, },
{ {
"name" : "8924", "name": "8924",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/8924" "url": "http://secunia.com/advisories/8924"
}, },
{ {
"name" : "yahoo-audio-bo(12130)", "name": "20030530 Yahoo! Security Advisory: Yahoo! Voice Chat",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/12130" "url": "http://www.securityfocus.com/archive/1/323439"
} }
] ]
} }

74
2003/1xxx/CVE-2003-1498.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1498", "ID": "CVE-2003-1498",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in search.php for WRENSOFT Zoom Search Engine 2.0 Build 1018 and earlier allows remote attackers to inject arbitrary web script or HTML via the zoom_query parameter." "value": "Cross-site scripting (XSS) vulnerability in search.php for WRENSOFT Zoom Search Engine 2.0 Build 1018 and earlier allows remote attackers to inject arbitrary web script or HTML via the zoom_query parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20031014 Cross-Site Scripting Vulnerability in Wrensoft Zoom Search Engine", "name": "zoom-search-xss(13431)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2003-10/0173.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13431"
}, },
{ {
"name" : "8823", "name": "20031014 Cross-Site Scripting Vulnerability in Wrensoft Zoom Search Engine",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/8823" "url": "http://archives.neohapsis.com/archives/bugtraq/2003-10/0173.html"
}, },
{ {
"name" : "zoom-search-xss(13431)", "name": "8823",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/13431" "url": "http://www.securityfocus.com/bid/8823"
} }
] ]
} }

92
2004/0xxx/CVE-2004-0374.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0374", "ID": "CVE-2004-0374",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Interchange before 5.0.1 allows remote attackers to \"expose the content of arbitrary variables\" and read or modify sensitive SQL information via an HTTP request ending with the \"__SQLUSER__\" string." "value": "Interchange before 5.0.1 allows remote attackers to \"expose the content of arbitrary variables\" and read or modify sensitive SQL information via an HTTP request ending with the \"__SQLUSER__\" string."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[interchange-announce] 20040329 Security Problem in Interchange", "name": "[interchange-announce] 20040329 Security Problem in Interchange",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.icdevgroup.org/pipermail/interchange-announce/2004/000043.html" "url": "http://www.icdevgroup.org/pipermail/interchange-announce/2004/000043.html"
}, },
{ {
"name" : "http://ftp.icdevgroup.org/interchange/5.0/WHATSNEW", "name": "10005",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://ftp.icdevgroup.org/interchange/5.0/WHATSNEW" "url": "http://www.securityfocus.com/bid/10005"
}, },
{ {
"name" : "DSA-471", "name": "http://ftp.icdevgroup.org/interchange/5.0/WHATSNEW",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "http://www.debian.org/security/2004/dsa-471" "url": "http://ftp.icdevgroup.org/interchange/5.0/WHATSNEW"
}, },
{ {
"name" : "10005", "name": "interchange-url-obtain-information(15670)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/10005" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15670"
}, },
{ {
"name" : "11234", "name": "11234",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/11234" "url": "http://secunia.com/advisories/11234"
}, },
{ {
"name" : "interchange-url-obtain-information(15670)", "name": "DSA-471",
"refsource" : "XF", "refsource": "DEBIAN",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15670" "url": "http://www.debian.org/security/2004/dsa-471"
} }
] ]
} }

80
2004/2xxx/CVE-2004-2081.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2081", "ID": "CVE-2004-2081",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The samiftp.dll library in Sami FTP Server 1.1.3 allows local users to cause a denial of service (pmsystem.exe crash) by issuing (1) a CD command with a tilde (~) character or dot dot (/../) or (2) a GET command for an unavailable file." "value": "The samiftp.dll library in Sami FTP Server 1.1.3 allows local users to cause a denial of service (pmsystem.exe crash) by issuing (1) a CD command with a tilde (~) character or dot dot (/../) or (2) a GET command for an unavailable file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20040213 Sami FTP Server 1.1.3 multiple vulnerabilities", "name": "20040213 Sami FTP Server 1.1.3 multiple vulnerabilities",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/353753" "url": "http://www.securityfocus.com/archive/1/353753"
}, },
{ {
"name" : "http://www.karja.com/samiftp/news.html", "name": "9657",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://www.karja.com/samiftp/news.html" "url": "http://www.securityfocus.com/bid/9657"
}, },
{ {
"name" : "9657", "name": "sami-cd-get-dos(15204)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/9657" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15204"
}, },
{ {
"name" : "sami-cd-get-dos(15204)", "name": "http://www.karja.com/samiftp/news.html",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15204" "url": "http://www.karja.com/samiftp/news.html"
} }
] ]
} }

92
2004/2xxx/CVE-2004-2156.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2156", "ID": "CVE-2004-2156",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple unknown vulnerabilities in Online Recruitment Agency 1.0 have unknown impact and attack vectors." "value": "Multiple unknown vulnerabilities in Online Recruitment Agency 1.0 have unknown impact and attack vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://archives.neohapsis.com/archives/apps/freshmeat/2004-09/0030.html", "name": "11306",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://archives.neohapsis.com/archives/apps/freshmeat/2004-09/0030.html" "url": "http://www.securityfocus.com/bid/11306"
}, },
{ {
"name" : "11306", "name": "12720",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/11306" "url": "http://secunia.com/advisories/12720/"
}, },
{ {
"name" : "10479", "name": "10479",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/10479" "url": "http://www.osvdb.org/10479"
}, },
{ {
"name" : "12720", "name": "http://archives.neohapsis.com/archives/apps/freshmeat/2004-09/0030.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/12720/" "url": "http://archives.neohapsis.com/archives/apps/freshmeat/2004-09/0030.html"
}, },
{ {
"name" : "1011539", "name": "1011539",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://securitytracker.com/id?1011539" "url": "http://securitytracker.com/id?1011539"
}, },
{ {
"name" : "online-recruitment-agency(17586)", "name": "online-recruitment-agency(17586)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17586" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17586"
} }
] ]
} }

86
2004/2xxx/CVE-2004-2493.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2493", "ID": "CVE-2004-2493",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) 2 and 3, and Desktop 5, 6, and Desktop for Jichitai allows remote authenticated users to read arbitrary .html files via the template name parameter." "value": "Directory traversal vulnerability in Groupmax World Wide Web (GmaxWWW) 2 and 3, and Desktop 5, 6, and Desktop for Jichitai allows remote authenticated users to read arbitrary .html files via the template name parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.hitachi-support.com/security_e/vuls_e/HS04-007_e/01-e.html", "name": "http://www.hitachi-support.com/security_e/vuls_e/HS04-007_e/01-e.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.hitachi-support.com/security_e/vuls_e/HS04-007_e/01-e.html" "url": "http://www.hitachi-support.com/security_e/vuls_e/HS04-007_e/01-e.html"
}, },
{ {
"name" : "11773", "name": "12153",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/11773" "url": "http://www.osvdb.org/12153"
}, },
{ {
"name" : "12153", "name": "groupmax-directory-traversal(18278)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://www.osvdb.org/12153" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18278"
}, },
{ {
"name" : "13321", "name": "13321",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/13321" "url": "http://secunia.com/advisories/13321"
}, },
{ {
"name" : "groupmax-directory-traversal(18278)", "name": "11773",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18278" "url": "http://www.securityfocus.com/bid/11773"
} }
] ]
} }

104
2008/2xxx/CVE-2008-2591.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2591", "ID": "CVE-2008-2591",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors." "value": "Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html", "name": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html" "url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
}, },
{ {
"name" : "HPSBMA02133", "name": "ADV-2008-2115",
"refsource" : "HP", "refsource": "VUPEN",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143" "url": "http://www.vupen.com/english/advisories/2008/2115"
}, },
{ {
"name" : "SSRT061201", "name": "SSRT061201",
"refsource" : "HP", "refsource": "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143" "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
}, },
{ {
"name" : "ADV-2008-2115", "name": "HPSBMA02133",
"refsource" : "VUPEN", "refsource": "HP",
"url" : "http://www.vupen.com/english/advisories/2008/2115" "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
}, },
{ {
"name" : "ADV-2008-2109", "name": "ADV-2008-2109",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/2109/references" "url": "http://www.vupen.com/english/advisories/2008/2109/references"
}, },
{ {
"name" : "1020499", "name": "1020499",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id?1020499" "url": "http://www.securitytracker.com/id?1020499"
}, },
{ {
"name" : "31113", "name": "31087",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/31113" "url": "http://secunia.com/advisories/31087"
}, },
{ {
"name" : "31087", "name": "31113",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/31087" "url": "http://secunia.com/advisories/31113"
} }
] ]
} }

242
2008/2xxx/CVE-2008-2713.json
View File

@ -1,211 +1,211 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2713", "ID": "CVE-2008-2713",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read." "value": "libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20080615 CVE id request: Clamav", "name": "31437",
"refsource" : "MLIST", "refsource": "SECUNIA",
"url" : "http://www.openwall.com/lists/oss-security/2008/06/15/2" "url": "http://secunia.com/advisories/31437"
}, },
{ {
"name" : "[oss-security] 20080617 Re: CVE id request: Clamav", "name": "APPLE-SA-2008-09-15",
"refsource" : "MLIST", "refsource": "APPLE",
"url" : "http://www.openwall.com/lists/oss-security/2008/06/17/8" "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
}, },
{ {
"name" : "http://svn.clamav.net/websvn/diff.php?repname=clamav-devel&path=/branches/0.93/libclamav/petite.c&rev=3886", "name": "http://up2date.astaro.com/2008/08/up2date_asg_v7300_ga_released.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://svn.clamav.net/websvn/diff.php?repname=clamav-devel&path=/branches/0.93/libclamav/petite.c&rev=3886" "url": "http://up2date.astaro.com/2008/08/up2date_asg_v7300_ga_released.html"
}, },
{ {
"name" : "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1000", "name": "MDVSA-2008:122",
"refsource" : "CONFIRM", "refsource": "MANDRIVA",
"url" : "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1000" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:122"
}, },
{ {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=605577&group_id=86638", "name": "TA08-260A",
"refsource" : "CONFIRM", "refsource": "CERT",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=605577&group_id=86638" "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
}, },
{ {
"name" : "http://kolab.org/security/kolab-vendor-notice-21.txt", "name": "SUSE-SR:2008:015",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "http://kolab.org/security/kolab-vendor-notice-21.txt" "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html"
}, },
{ {
"name" : "http://up2date.astaro.com/2008/08/up2date_asg_v7300_ga_released.html", "name": "30785",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://up2date.astaro.com/2008/08/up2date_asg_v7300_ga_released.html" "url": "http://secunia.com/advisories/30785"
}, },
{ {
"name" : "APPLE-SA-2008-09-15", "name": "ADV-2008-2584",
"refsource" : "APPLE", "refsource": "VUPEN",
"url" : "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html" "url": "http://www.vupen.com/english/advisories/2008/2584"
}, },
{ {
"name" : "DSA-1616", "name": "[oss-security] 20080615 CVE id request: Clamav",
"refsource" : "DEBIAN", "refsource": "MLIST",
"url" : "http://www.debian.org/security/2008/dsa-1616" "url": "http://www.openwall.com/lists/oss-security/2008/06/15/2"
}, },
{ {
"name" : "FEDORA-2008-5476", "name": "ADV-2008-1855",
"refsource" : "FEDORA", "refsource": "VUPEN",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00763.html" "url": "http://www.vupen.com/english/advisories/2008/1855/references"
}, },
{ {
"name" : "FEDORA-2008-6422", "name": "30967",
"refsource" : "FEDORA", "refsource": "SECUNIA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00617.html" "url": "http://secunia.com/advisories/30967"
}, },
{ {
"name" : "GLSA-200808-07", "name": "31882",
"refsource" : "GENTOO", "refsource": "SECUNIA",
"url" : "http://security.gentoo.org/glsa/glsa-200808-07.xml" "url": "http://secunia.com/advisories/31882"
}, },
{ {
"name" : "MDVSA-2008:122", "name": "31091",
"refsource" : "MANDRIVA", "refsource": "SECUNIA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:122" "url": "http://secunia.com/advisories/31091"
}, },
{ {
"name" : "SUSE-SR:2008:014", "name": "30657",
"refsource" : "SUSE", "refsource": "SECUNIA",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html" "url": "http://secunia.com/advisories/30657"
}, },
{ {
"name" : "SUSE-SR:2008:015", "name": "http://kolab.org/security/kolab-vendor-notice-21.txt",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html" "url": "http://kolab.org/security/kolab-vendor-notice-21.txt"
}, },
{ {
"name" : "TA08-260A", "name": "clamav-petite-dos(43133)",
"refsource" : "CERT", "refsource": "XF",
"url" : "http://www.us-cert.gov/cas/techalerts/TA08-260A.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43133"
}, },
{ {
"name" : "29750", "name": "SUSE-SR:2008:014",
"refsource" : "BID", "refsource": "SUSE",
"url" : "http://www.securityfocus.com/bid/29750" "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
}, },
{ {
"name" : "31167", "name": "DSA-1616",
"refsource" : "SECUNIA", "refsource": "DEBIAN",
"url" : "http://secunia.com/advisories/31167" "url": "http://www.debian.org/security/2008/dsa-1616"
}, },
{ {
"name" : "ADV-2008-1855", "name": "FEDORA-2008-5476",
"refsource" : "VUPEN", "refsource": "FEDORA",
"url" : "http://www.vupen.com/english/advisories/2008/1855/references" "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00763.html"
}, },
{ {
"name" : "ADV-2008-2584", "name": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1000",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2008/2584" "url": "https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1000"
}, },
{ {
"name" : "1020305", "name": "[oss-security] 20080617 Re: CVE id request: Clamav",
"refsource" : "SECTRACK", "refsource": "MLIST",
"url" : "http://www.securitytracker.com/id?1020305" "url": "http://www.openwall.com/lists/oss-security/2008/06/17/8"
}, },
{ {
"name" : "30657", "name": "GLSA-200808-07",
"refsource" : "SECUNIA", "refsource": "GENTOO",
"url" : "http://secunia.com/advisories/30657" "url": "http://security.gentoo.org/glsa/glsa-200808-07.xml"
}, },
{ {
"name" : "30785", "name": "29750",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/30785" "url": "http://www.securityfocus.com/bid/29750"
}, },
{ {
"name" : "30829", "name": "30829",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/30829" "url": "http://secunia.com/advisories/30829"
}, },
{ {
"name" : "30967", "name": "1020305",
"refsource" : "SECUNIA", "refsource": "SECTRACK",
"url" : "http://secunia.com/advisories/30967" "url": "http://www.securitytracker.com/id?1020305"
}, },
{ {
"name" : "31091", "name": "FEDORA-2008-6422",
"refsource" : "SECUNIA", "refsource": "FEDORA",
"url" : "http://secunia.com/advisories/31091" "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00617.html"
}, },
{ {
"name" : "31206", "name": "31167",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/31206" "url": "http://secunia.com/advisories/31167"
}, },
{ {
"name" : "31437", "name": "31576",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/31437" "url": "http://secunia.com/advisories/31576"
}, },
{ {
"name" : "31576", "name": "http://svn.clamav.net/websvn/diff.php?repname=clamav-devel&path=/branches/0.93/libclamav/petite.c&rev=3886",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/31576" "url": "http://svn.clamav.net/websvn/diff.php?repname=clamav-devel&path=/branches/0.93/libclamav/petite.c&rev=3886"
}, },
{ {
"name" : "31882", "name": "http://sourceforge.net/project/shownotes.php?release_id=605577&group_id=86638",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/31882" "url": "http://sourceforge.net/project/shownotes.php?release_id=605577&group_id=86638"
}, },
{ {
"name" : "clamav-petite-dos(43133)", "name": "31206",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43133" "url": "http://secunia.com/advisories/31206"
} }
] ]
} }

80
2012/0xxx/CVE-2012-0182.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2012-0182", "ID": "CVE-2012-0182",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft Word 2007 SP2 and SP3 does not properly handle memory during the parsing of Word documents, which allows remote attackers to execute arbitrary code via a crafted document, aka \"Word PAPX Section Corruption Vulnerability.\"" "value": "Microsoft Word 2007 SP2 and SP3 does not properly handle memory during the parsing of Word documents, which allows remote attackers to execute arbitrary code via a crafted document, aka \"Word PAPX Section Corruption Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS12-064", "name": "55780",
"refsource" : "MS", "refsource": "BID",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-064" "url": "http://www.securityfocus.com/bid/55780"
}, },
{ {
"name" : "TA12-283A", "name": "oval:org.mitre.oval:def:15426",
"refsource" : "CERT", "refsource": "OVAL",
"url" : "http://www.us-cert.gov/cas/techalerts/TA12-283A.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15426"
}, },
{ {
"name" : "55780", "name": "TA12-283A",
"refsource" : "BID", "refsource": "CERT",
"url" : "http://www.securityfocus.com/bid/55780" "url": "http://www.us-cert.gov/cas/techalerts/TA12-283A.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:15426", "name": "MS12-064",
"refsource" : "OVAL", "refsource": "MS",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15426" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-064"
} }
] ]
} }

68
2012/0xxx/CVE-2012-0370.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2012-0370", "ID": "CVE-2012-0370",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service (device reload) via a sequence of (1) HTTP or (2) HTTPS packets, aka Bug ID CSCtt47435." "value": "Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.0 and 7.1 before 7.1.91.0, when WebAuth is enabled, allow remote attackers to cause a denial of service (device reload) via a sequence of (1) HTTP or (2) HTTPS packets, aka Bug ID CSCtt47435."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20120229 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers", "name": "20120229 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"refsource" : "BUGTRAQ", "refsource": "CISCO",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html" "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc"
}, },
{ {
"name" : "20120229 Multiple Vulnerabilities in Cisco Wireless LAN Controllers", "name": "20120229 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
"refsource" : "CISCO", "refsource": "BUGTRAQ",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-wlc" "url": "http://archives.neohapsis.com/archives/bugtraq/2012-02/0188.html"
} }
] ]
} }

62
2012/0xxx/CVE-2012-0404.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2012-0404", "ID": "CVE-2012-0404",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in EMC Documentum eRoom before 7.4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." "value": "Cross-site scripting (XSS) vulnerability in EMC Documentum eRoom before 7.4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20120313 ESA-2012-012: EMC Documentum eRoom Multiple Vulnerabilities", "name": "20120313 ESA-2012-012: EMC Documentum eRoom Multiple Vulnerabilities",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2012-03/0057.html" "url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0057.html"
} }
] ]
} }

92
2012/0xxx/CVE-2012-0426.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-0426", "ID": "CVE-2012-0426",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Race condition in sap_suse_cluster_connector before 1.0.0-0.8.1 in SUSE Linux Enterprise for SAP Applications 11 SP2 allows local users to have an unspecified impact via vectors related to a tmp/ directory." "value": "Race condition in sap_suse_cluster_connector before 1.0.0-0.8.1 in SUSE Linux Enterprise for SAP Applications 11 SP2 allows local users to have an unspecified impact via vectors related to a tmp/ directory."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=763793", "name": "https://bugzilla.novell.com/show_bug.cgi?id=777453",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=763793" "url": "https://bugzilla.novell.com/show_bug.cgi?id=777453"
}, },
{ {
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=777453", "name": "https://support.novell.com/security/cve/CVE-2012-0426.html",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=777453" "url": "https://support.novell.com/security/cve/CVE-2012-0426.html"
}, },
{ {
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=778273", "name": "https://bugzilla.novell.com/show_bug.cgi?id=778273",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=778273" "url": "https://bugzilla.novell.com/show_bug.cgi?id=778273"
}, },
{ {
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=778293", "name": "http://download.novell.com/Download?buildid=DshQViDsMLE~",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=778293" "url": "http://download.novell.com/Download?buildid=DshQViDsMLE~"
}, },
{ {
"name" : "http://download.novell.com/Download?buildid=DshQViDsMLE~", "name": "https://bugzilla.novell.com/show_bug.cgi?id=778293",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://download.novell.com/Download?buildid=DshQViDsMLE~" "url": "https://bugzilla.novell.com/show_bug.cgi?id=778293"
}, },
{ {
"name" : "https://support.novell.com/security/cve/CVE-2012-0426.html", "name": "https://bugzilla.novell.com/show_bug.cgi?id=763793",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://support.novell.com/security/cve/CVE-2012-0426.html" "url": "https://bugzilla.novell.com/show_bug.cgi?id=763793"
} }
] ]
} }

86
2012/0xxx/CVE-2012-0731.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2012-0731", "ID": "CVE-2012-0731",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not prevent service-account impersonation, which allows remote authenticated users to read arbitrary files via unspecified vectors." "value": "IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not prevent service-account impersonation, which allows remote authenticated users to read arbitrary files via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21592188", "name": "48967",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21592188" "url": "http://secunia.com/advisories/48967"
}, },
{ {
"name" : "53247", "name": "http://www.ibm.com/support/docview.wss?uid=swg21592188",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/53247" "url": "http://www.ibm.com/support/docview.wss?uid=swg21592188"
}, },
{ {
"name" : "48967", "name": "48968",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/48967" "url": "http://secunia.com/advisories/48968"
}, },
{ {
"name" : "48968", "name": "53247",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/48968" "url": "http://www.securityfocus.com/bid/53247"
}, },
{ {
"name" : "ae-config-info-disclosure(74371)", "name": "ae-config-info-disclosure(74371)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/74371" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74371"
} }
] ]
} }

104
2012/0xxx/CVE-2012-0768.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2012-0768", "ID": "CVE-2012-0768",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors." "value": "The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.adobe.com/support/security/bulletins/apsb12-05.html", "name": "oval:org.mitre.oval:def:15922",
"refsource" : "CONFIRM", "refsource": "OVAL",
"url" : "http://www.adobe.com/support/security/bulletins/apsb12-05.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15922"
}, },
{ {
"name" : "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf", "name": "http://www.adobe.com/support/security/bulletins/apsb12-05.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf" "url": "http://www.adobe.com/support/security/bulletins/apsb12-05.html"
}, },
{ {
"name" : "GLSA-201204-07", "name": "oval:org.mitre.oval:def:15058",
"refsource" : "GENTOO", "refsource": "OVAL",
"url" : "http://security.gentoo.org/glsa/glsa-201204-07.xml" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15058"
}, },
{ {
"name" : "SUSE-SU-2012:0332", "name": "GLSA-201204-07",
"refsource" : "SUSE", "refsource": "GENTOO",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00006.html" "url": "http://security.gentoo.org/glsa/glsa-201204-07.xml"
}, },
{ {
"name" : "openSUSE-SU-2012:0331", "name": "SUSE-SU-2012:0332",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00005.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00006.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:15058", "name": "openSUSE-SU-2012:0331",
"refsource" : "OVAL", "refsource": "SUSE",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15058" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00005.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:15922", "name": "48819",
"refsource" : "OVAL", "refsource": "SECUNIA",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15922" "url": "http://secunia.com/advisories/48819"
}, },
{ {
"name" : "48819", "name": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/48819" "url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"
} }
] ]
} }

86
2012/1xxx/CVE-2012-1247.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2012-1247", "ID": "CVE-2012-1247",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and earlier, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML by leveraging support for Cascading Style Sheets (CSS) expressions." "value": "Cross-site scripting (XSS) vulnerability in KENT-WEB WEB MART 1.7 and earlier, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML by leveraging support for Cascading Style Sheets (CSS) expressions."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.kent-web.com/cart/mart.html", "name": "JVNDB-2012-000042",
"refsource" : "CONFIRM", "refsource": "JVNDB",
"url" : "http://www.kent-web.com/cart/mart.html" "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000042"
}, },
{ {
"name" : "JVN#63941302", "name": "53541",
"refsource" : "JVN", "refsource": "BID",
"url" : "http://jvn.jp/en/jp/JVN63941302/index.html" "url": "http://www.securityfocus.com/bid/53541"
}, },
{ {
"name" : "JVNDB-2012-000042", "name": "webmart-internetexplorer-cssexpr-xss(75674)",
"refsource" : "JVNDB", "refsource": "XF",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000042" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75674"
}, },
{ {
"name" : "53541", "name": "JVN#63941302",
"refsource" : "BID", "refsource": "JVN",
"url" : "http://www.securityfocus.com/bid/53541" "url": "http://jvn.jp/en/jp/JVN63941302/index.html"
}, },
{ {
"name" : "webmart-internetexplorer-cssexpr-xss(75674)", "name": "http://www.kent-web.com/cart/mart.html",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75674" "url": "http://www.kent-web.com/cart/mart.html"
} }
] ]
} }

104
2012/1xxx/CVE-2012-1464.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-1464", "ID": "CVE-2012-1464",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Dashboard Server for NetMechanica NetDecision before 4.6.1 allows remote attackers to obtain the installation path via a request with a trailing \"?\" character, which causes Dashboard to attempt to access a non-existent resource. NOTE: some of these details are obtained from third party information." "value": "Dashboard Server for NetMechanica NetDecision before 4.6.1 allows remote attackers to obtain the installation path via a request with a trailing \"?\" character, which causes Dashboard to attempt to access a non-existent resource. NOTE: some of these details are obtained from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "18543", "name": "18543",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/18543" "url": "http://www.exploit-db.com/exploits/18543"
}, },
{ {
"name" : "http://secpod.org/advisories/SecPod_Netmechanica_NetDecision_Dashboard_Server_Info_Disc_Vuln.txt", "name": "netdecision-info-disclosure(73549)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://secpod.org/advisories/SecPod_Netmechanica_NetDecision_Dashboard_Server_Info_Disc_Vuln.txt" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73549"
}, },
{ {
"name" : "http://secpod.org/blog/?p=478", "name": "http://secpod.org/blog/?p=478",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://secpod.org/blog/?p=478" "url": "http://secpod.org/blog/?p=478"
}, },
{ {
"name" : "http://www.netmechanica.com/news/?news_id=26", "name": "79653",
"refsource" : "CONFIRM", "refsource": "OSVDB",
"url" : "http://www.netmechanica.com/news/?news_id=26" "url": "http://osvdb.org/79653"
}, },
{ {
"name" : "52645", "name": "52645",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/52645" "url": "http://www.securityfocus.com/bid/52645"
}, },
{ {
"name" : "79653", "name": "http://www.netmechanica.com/news/?news_id=26",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://osvdb.org/79653" "url": "http://www.netmechanica.com/news/?news_id=26"
}, },
{ {
"name" : "48168", "name": "http://secpod.org/advisories/SecPod_Netmechanica_NetDecision_Dashboard_Server_Info_Disc_Vuln.txt",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/48168" "url": "http://secpod.org/advisories/SecPod_Netmechanica_NetDecision_Dashboard_Server_Info_Disc_Vuln.txt"
}, },
{ {
"name" : "netdecision-info-disclosure(73549)", "name": "48168",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/73549" "url": "http://secunia.com/advisories/48168"
} }
] ]
} }

104
2012/1xxx/CVE-2012-1466.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-1466", "ID": "CVE-2012-1466",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Traffic Grapher Server for NetMechanica NetDecision before 4.6.1 allows remote attackers to obtain the source code of NtDecision script files with a .nd extension via an invalid version number in an HTTP request, as demonstrated using default.nd. NOTE: some of these details are obtained from third party information." "value": "The Traffic Grapher Server for NetMechanica NetDecision before 4.6.1 allows remote attackers to obtain the source code of NtDecision script files with a .nd extension via an invalid version number in an HTTP request, as demonstrated using default.nd. NOTE: some of these details are obtained from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "18542", "name": "http://secpod.org/blog/?p=481",
"refsource" : "EXPLOIT-DB", "refsource": "MISC",
"url" : "http://www.exploit-db.com/exploits/18542" "url": "http://secpod.org/blog/?p=481"
}, },
{ {
"name" : "http://secpod.org/advisories/SecPod_Netmechanica_NetDecision_Traffic_Grapher_Server_SourceCode_Disc_Vuln.txt", "name": "79652",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://secpod.org/advisories/SecPod_Netmechanica_NetDecision_Traffic_Grapher_Server_SourceCode_Disc_Vuln.txt" "url": "http://osvdb.org/79652"
}, },
{ {
"name" : "http://secpod.org/blog/?p=481", "name": "netdecision-traffic-nd-source-disclosure(73531)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://secpod.org/blog/?p=481" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73531"
}, },
{ {
"name" : "http://www.netmechanica.com/news/?news_id=26", "name": "52196",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.netmechanica.com/news/?news_id=26" "url": "http://www.securityfocus.com/bid/52196"
}, },
{ {
"name" : "52196", "name": "18542",
"refsource" : "BID", "refsource": "EXPLOIT-DB",
"url" : "http://www.securityfocus.com/bid/52196" "url": "http://www.exploit-db.com/exploits/18542"
}, },
{ {
"name" : "79652", "name": "http://www.netmechanica.com/news/?news_id=26",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://osvdb.org/79652" "url": "http://www.netmechanica.com/news/?news_id=26"
}, },
{ {
"name" : "48168", "name": "48168",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/48168" "url": "http://secunia.com/advisories/48168"
}, },
{ {
"name" : "netdecision-traffic-nd-source-disclosure(73531)", "name": "http://secpod.org/advisories/SecPod_Netmechanica_NetDecision_Traffic_Grapher_Server_SourceCode_Disc_Vuln.txt",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/73531" "url": "http://secpod.org/advisories/SecPod_Netmechanica_NetDecision_Traffic_Grapher_Server_SourceCode_Disc_Vuln.txt"
} }
] ]
} }

22
2012/1xxx/CVE-2012-1592.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-1592", "ID": "CVE-2012-1592",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

80
2012/1xxx/CVE-2012-1812.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2012-1812", "ID": "CVE-2012-1812",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "eosfailoverservice.exe in C3-ilex EOScada before 11.0.19.2 allows remote attackers to obtain sensitive cleartext information via a session on TCP port 12000." "value": "eosfailoverservice.exe in C3-ilex EOScada before 11.0.19.2 allows remote attackers to obtain sensitive cleartext information via a session on TCP port 12000."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-271-01.pdf", "name": "eoscada-eosfailoverservive-info-disc(79756)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-271-01.pdf" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79756"
}, },
{ {
"name" : "56364", "name": "51171",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/56364" "url": "http://secunia.com/advisories/51171"
}, },
{ {
"name" : "51171", "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-271-01.pdf",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/51171" "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-271-01.pdf"
}, },
{ {
"name" : "eoscada-eosfailoverservive-info-disc(79756)", "name": "56364",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/79756" "url": "http://www.securityfocus.com/bid/56364"
} }
] ]
} }

22
2012/4xxx/CVE-2012-4900.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-4900", "ID": "CVE-2012-4900",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

74
2012/5xxx/CVE-2012-5098.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-5098", "ID": "CVE-2012-5098",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple SQL injection vulnerabilities in Php-X-Links, possibly 1.0, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to rate.php, (2) cid parameter to view.php, or (3) t parameter to pop.php." "value": "Multiple SQL injection vulnerabilities in Php-X-Links, possibly 1.0, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to rate.php, (2) cid parameter to view.php, or (3) t parameter to pop.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "18298", "name": "51223",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "http://www.exploit-db.com/exploits/18298" "url": "http://www.securityfocus.com/bid/51223"
}, },
{ {
"name" : "51223", "name": "phpxlinks-multiple-sql-injection(72066)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/51223" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72066"
}, },
{ {
"name" : "phpxlinks-multiple-sql-injection(72066)", "name": "18298",
"refsource" : "XF", "refsource": "EXPLOIT-DB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72066" "url": "http://www.exploit-db.com/exploits/18298"
} }
] ]
} }

134
2012/5xxx/CVE-2012-5482.json
View File

@ -1,121 +1,121 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-5482", "ID": "CVE-2012-5482",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The v2 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4573." "value": "The v2 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-4573."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20121107 [OSSA 2012-017] Authentication bypass for image deletion (CVE-2012-4573)", "name": "51174",
"refsource" : "MLIST", "refsource": "SECUNIA",
"url" : "http://www.openwall.com/lists/oss-security/2012/11/07/6" "url": "http://secunia.com/advisories/51174"
}, },
{ {
"name" : "[oss-security] 20121108 Re: [OSSA 2012-017] Authentication bypass for image deletion (CVE-2012-4573)", "name": "https://github.com/openstack/glance/commit/b591304b8980d8aca8fa6cda9ea1621aca000c88",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2012/11/08/2" "url": "https://github.com/openstack/glance/commit/b591304b8980d8aca8fa6cda9ea1621aca000c88"
}, },
{ {
"name" : "[oss-security] 20121109 Re: Re: [OSSA 2012-017] Authentication bypass for image deletion (CVE-2012-4573)", "name": "[oss-security] 20121108 Re: [OSSA 2012-017] Authentication bypass for image deletion (CVE-2012-4573)",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/11/09/1" "url": "http://www.openwall.com/lists/oss-security/2012/11/08/2"
}, },
{ {
"name" : "[oss-security] 20121109 [OSSA 2012-017.1] Authentication bypass for image deletion (CVE-2012-4573, CVE-2012-5482) ERRATA 1", "name": "https://bugs.launchpad.net/glance/+bug/1076506",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2012/11/09/5" "url": "https://bugs.launchpad.net/glance/+bug/1076506"
}, },
{ {
"name" : "https://bugs.launchpad.net/glance/+bug/1076506", "name": "56437",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://bugs.launchpad.net/glance/+bug/1076506" "url": "http://www.securityfocus.com/bid/56437"
}, },
{ {
"name" : "https://github.com/openstack/glance/commit/b591304b8980d8aca8fa6cda9ea1621aca000c88", "name": "glance-v2api-security-bypass(80019)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "https://github.com/openstack/glance/commit/b591304b8980d8aca8fa6cda9ea1621aca000c88" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80019"
}, },
{ {
"name" : "https://github.com/openstack/glance/commit/fc0ee7623ec59c87ac6fc671e95a9798d6f2e2c3", "name": "FEDORA-2012-17901",
"refsource" : "CONFIRM", "refsource": "FEDORA",
"url" : "https://github.com/openstack/glance/commit/fc0ee7623ec59c87ac6fc671e95a9798d6f2e2c3" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092192.html"
}, },
{ {
"name" : "FEDORA-2012-17901", "name": "[oss-security] 20121107 [OSSA 2012-017] Authentication bypass for image deletion (CVE-2012-4573)",
"refsource" : "FEDORA", "refsource": "MLIST",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092192.html" "url": "http://www.openwall.com/lists/oss-security/2012/11/07/6"
}, },
{ {
"name" : "SUSE-SU-2012:1455", "name": "[oss-security] 20121109 [OSSA 2012-017.1] Authentication bypass for image deletion (CVE-2012-4573, CVE-2012-5482) ERRATA 1",
"refsource" : "SUSE", "refsource": "MLIST",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00002.html" "url": "http://www.openwall.com/lists/oss-security/2012/11/09/5"
}, },
{ {
"name" : "56437", "name": "87248",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/56437" "url": "http://osvdb.org/87248"
}, },
{ {
"name" : "87248", "name": "https://github.com/openstack/glance/commit/fc0ee7623ec59c87ac6fc671e95a9798d6f2e2c3",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://osvdb.org/87248" "url": "https://github.com/openstack/glance/commit/fc0ee7623ec59c87ac6fc671e95a9798d6f2e2c3"
}, },
{ {
"name" : "51174", "name": "[oss-security] 20121109 Re: Re: [OSSA 2012-017] Authentication bypass for image deletion (CVE-2012-4573)",
"refsource" : "SECUNIA", "refsource": "MLIST",
"url" : "http://secunia.com/advisories/51174" "url": "http://www.openwall.com/lists/oss-security/2012/11/09/1"
}, },
{ {
"name" : "glance-v2api-security-bypass(80019)", "name": "SUSE-SU-2012:1455",
"refsource" : "XF", "refsource": "SUSE",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/80019" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00002.html"
} }
] ]
} }

88
2017/3xxx/CVE-2017-3598.json
View File

@ -1,84 +1,84 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2017-3598", "ID": "CVE-2017-3598",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "WebCenter Sites", "product_name": "WebCenter Sites",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "11.1.1.8.0" "version_value": "11.1.1.8.0"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.1.0.0" "version_value": "12.2.1.0.0"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.1.1.0" "version_value": "12.2.1.1.0"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.1.2.0" "version_value": "12.2.1.2.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Supported versions that are affected are 11.1.1.8.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Sites accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)." "value": "Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Supported versions that are affected are 11.1.1.8.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Sites accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Sites accessible data." "value": "Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Sites accessible data."
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "name": "1038291",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html" "url": "http://www.securitytracker.com/id/1038291"
}, },
{ {
"name" : "97905", "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/97905" "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
}, },
{ {
"name" : "1038291", "name": "97905",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1038291" "url": "http://www.securityfocus.com/bid/97905"
} }
] ]
} }

82
2017/3xxx/CVE-2017-3645.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2017-3645", "ID": "CVE-2017-3645",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Server", "product_name": "MySQL Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.7.18 and earlier" "version_value": "5.7.18 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "name": "99783",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" "url": "http://www.securityfocus.com/bid/99783"
}, },
{ {
"name" : "RHSA-2017:2886", "name": "1038928",
"refsource" : "REDHAT", "refsource": "SECTRACK",
"url" : "https://access.redhat.com/errata/RHSA-2017:2886" "url": "http://www.securitytracker.com/id/1038928"
}, },
{ {
"name" : "99783", "name": "RHSA-2017:2886",
"refsource" : "BID", "refsource": "REDHAT",
"url" : "http://www.securityfocus.com/bid/99783" "url": "https://access.redhat.com/errata/RHSA-2017:2886"
}, },
{ {
"name" : "1038928", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1038928" "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
} }
] ]
} }

22
2017/3xxx/CVE-2017-3981.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-3981", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-3981",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

104
2017/6xxx/CVE-2017-6542.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-6542", "ID": "CVE-2017-6542",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow." "value": "The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "42137", "name": "97156",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "https://www.exploit-db.com/exploits/42137/" "url": "http://www.securityfocus.com/bid/97156"
}, },
{ {
"name" : "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html", "name": "42137",
"refsource" : "CONFIRM", "refsource": "EXPLOIT-DB",
"url" : "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html" "url": "https://www.exploit-db.com/exploits/42137/"
}, },
{ {
"name" : "https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=4ff22863d895cb7ebfced4cf923a012a614adaa8", "name": "GLSA-201703-03",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=4ff22863d895cb7ebfced4cf923a012a614adaa8" "url": "https://security.gentoo.org/glsa/201703-03"
}, },
{ {
"name" : "GLSA-201703-03", "name": "https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=4ff22863d895cb7ebfced4cf923a012a614adaa8",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "https://security.gentoo.org/glsa/201703-03" "url": "https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=4ff22863d895cb7ebfced4cf923a012a614adaa8"
}, },
{ {
"name" : "GLSA-201706-09", "name": "1038067",
"refsource" : "GENTOO", "refsource": "SECTRACK",
"url" : "https://security.gentoo.org/glsa/201706-09" "url": "http://www.securitytracker.com/id/1038067"
}, },
{ {
"name" : "openSUSE-SU-2017:0741", "name": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-updates/2017-03/msg00055.html" "url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html"
}, },
{ {
"name" : "97156", "name": "openSUSE-SU-2017:0741",
"refsource" : "BID", "refsource": "SUSE",
"url" : "http://www.securityfocus.com/bid/97156" "url": "http://lists.opensuse.org/opensuse-updates/2017-03/msg00055.html"
}, },
{ {
"name" : "1038067", "name": "GLSA-201706-09",
"refsource" : "SECTRACK", "refsource": "GENTOO",
"url" : "http://www.securitytracker.com/id/1038067" "url": "https://security.gentoo.org/glsa/201706-09"
} }
] ]
} }

92
2017/6xxx/CVE-2017-6837.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-6837", "ID": "CVE-2017-6837",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via vectors related to a large number of coefficients." "value": "WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via vectors related to a large number of coefficients."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20170313 Re: audiofile: multiple ubsan crashes", "name": "97314",
"refsource" : "MLIST", "refsource": "BID",
"url" : "http://www.openwall.com/lists/oss-security/2017/03/13/9" "url": "http://www.securityfocus.com/bid/97314"
}, },
{ {
"name" : "https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/", "name": "DSA-3814",
"refsource" : "MISC", "refsource": "DEBIAN",
"url" : "https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/" "url": "http://www.debian.org/security/2017/dsa-3814"
}, },
{ {
"name" : "https://github.com/antlarr/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0", "name": "https://github.com/antlarr/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/antlarr/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0" "url": "https://github.com/antlarr/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0"
}, },
{ {
"name" : "https://github.com/mpruett/audiofile/issues/41", "name": "[oss-security] 20170313 Re: audiofile: multiple ubsan crashes",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "https://github.com/mpruett/audiofile/issues/41" "url": "http://www.openwall.com/lists/oss-security/2017/03/13/9"
}, },
{ {
"name" : "DSA-3814", "name": "https://github.com/mpruett/audiofile/issues/41",
"refsource" : "DEBIAN", "refsource": "MISC",
"url" : "http://www.debian.org/security/2017/dsa-3814" "url": "https://github.com/mpruett/audiofile/issues/41"
}, },
{ {
"name" : "97314", "name": "https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/97314" "url": "https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/"
} }
] ]
} }

80
2017/6xxx/CVE-2017-6973.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-6973", "ID": "CVE-2017-6973",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A cross-site scripting (XSS) vulnerability in the MantisBT Configuration Report page (adm_config_report.php) allows remote attackers to inject arbitrary code through a crafted 'action' parameter. This is fixed in 1.3.8, 2.1.2, and 2.2.2." "value": "A cross-site scripting (XSS) vulnerability in the MantisBT Configuration Report page (adm_config_report.php) allows remote attackers to inject arbitrary code through a crafted 'action' parameter. This is fixed in 1.3.8, 2.1.2, and 2.2.2."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://openwall.com/lists/oss-security/2017/03/30/4", "name": "http://openwall.com/lists/oss-security/2017/03/30/4",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://openwall.com/lists/oss-security/2017/03/30/4" "url": "http://openwall.com/lists/oss-security/2017/03/30/4"
}, },
{ {
"name" : "http://www.mantisbt.org/bugs/view.php?id=22537", "name": "1038169",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://www.mantisbt.org/bugs/view.php?id=22537" "url": "http://www.securitytracker.com/id/1038169"
}, },
{ {
"name" : "97252", "name": "http://www.mantisbt.org/bugs/view.php?id=22537",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/97252" "url": "http://www.mantisbt.org/bugs/view.php?id=22537"
}, },
{ {
"name" : "1038169", "name": "97252",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1038169" "url": "http://www.securityfocus.com/bid/97252"
} }
] ]
} }

92
2017/7xxx/CVE-2017-7038.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2017-7038", "ID": "CVE-2017-7038",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A DOMParser XSS issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected. The issue involves the \"WebKit\" component." "value": "A DOMParser XSS issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. tvOS before 10.2.2 is affected. The issue involves the \"WebKit\" component."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/HT207921", "name": "https://support.apple.com/HT207924",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT207921" "url": "https://support.apple.com/HT207924"
}, },
{ {
"name" : "https://support.apple.com/HT207923", "name": "99888",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://support.apple.com/HT207923" "url": "http://www.securityfocus.com/bid/99888"
}, },
{ {
"name" : "https://support.apple.com/HT207924", "name": "https://support.apple.com/HT207921",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT207924" "url": "https://support.apple.com/HT207921"
}, },
{ {
"name" : "GLSA-201710-14", "name": "https://support.apple.com/HT207923",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "https://security.gentoo.org/glsa/201710-14" "url": "https://support.apple.com/HT207923"
}, },
{ {
"name" : "99888", "name": "GLSA-201710-14",
"refsource" : "BID", "refsource": "GENTOO",
"url" : "http://www.securityfocus.com/bid/99888" "url": "https://security.gentoo.org/glsa/201710-14"
}, },
{ {
"name" : "1038950", "name": "1038950",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038950" "url": "http://www.securitytracker.com/id/1038950"
} }
] ]
} }

92
2017/7xxx/CVE-2017-7430.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@microfocus.com", "ASSIGNER": "security@suse.com",
"ID" : "CVE-2017-7430", "ID": "CVE-2017-7430",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1", "product_name": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1" "version_value": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a persistent XSS vulnerability in Framework." "value": "Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a persistent XSS vulnerability in Framework."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "XSS" "value": "XSS"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=1024959", "name": "https://bugzilla.novell.com/show_bug.cgi?id=1024959",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=1024959" "url": "https://bugzilla.novell.com/show_bug.cgi?id=1024959"
}, },
{ {
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=1030691", "name": "https://www.novell.com/support/kb/doc.php?id=7010166",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=1030691" "url": "https://www.novell.com/support/kb/doc.php?id=7010166"
}, },
{ {
"name" : "https://dl.netiq.com/Download?buildid=24FxpmqdThE~", "name": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://dl.netiq.com/Download?buildid=24FxpmqdThE~" "url": "https://dl.netiq.com/Download?buildid=24FxpmqdThE~"
}, },
{ {
"name" : "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~", "name": "https://www.netiq.com/support/kb/doc.php?id=7016795",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~" "url": "https://www.netiq.com/support/kb/doc.php?id=7016795"
}, },
{ {
"name" : "https://www.netiq.com/support/kb/doc.php?id=7016795", "name": "https://bugzilla.novell.com/show_bug.cgi?id=1030691",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.netiq.com/support/kb/doc.php?id=7016795" "url": "https://bugzilla.novell.com/show_bug.cgi?id=1030691"
}, },
{ {
"name" : "https://www.novell.com/support/kb/doc.php?id=7010166", "name": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.novell.com/support/kb/doc.php?id=7010166" "url": "https://dl.netiq.com/Download?buildid=wpS1UqIlx-o~"
} }
] ]
} }

68
2017/7xxx/CVE-2017-7721.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-7721", "ID": "CVE-2017-7721",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IrfanView version 4.44 (32bit) with FPX Plugin before 4.45 has an Access Violation and crash in processing a FlashPix (.FPX) file." "value": "IrfanView version 4.44 (32bit) with FPX Plugin before 4.45 has an Access Violation and crash in processing a FlashPix (.FPX) file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-7721", "name": "http://www.irfanview.com/plugins.htm",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-7721" "url": "http://www.irfanview.com/plugins.htm"
}, },
{ {
"name" : "http://www.irfanview.com/plugins.htm", "name": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-7721",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://www.irfanview.com/plugins.htm" "url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-7721"
} }
] ]
} }

144
2017/7xxx/CVE-2017-7792.json
View File

@ -1,134 +1,134 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@mozilla.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2017-7792", "ID": "CVE-2017-7792",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Thunderbird", "product_name": "Thunderbird",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "52.3" "version_value": "52.3"
} }
] ]
} }
}, },
{ {
"product_name" : "Firefox ESR", "product_name": "Firefox ESR",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "52.3" "version_value": "52.3"
} }
] ]
} }
}, },
{ {
"product_name" : "Firefox", "product_name": "Firefox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "55" "version_value": "55"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Mozilla" "vendor_name": "Mozilla"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier (OID). This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55." "value": "A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier (OID). This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow viewing certificates with an extremely long OID" "value": "Buffer overflow viewing certificates with an extremely long OID"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1368652", "name": "https://www.mozilla.org/security/advisories/mfsa2017-19/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1368652" "url": "https://www.mozilla.org/security/advisories/mfsa2017-19/"
}, },
{ {
"name" : "https://www.mozilla.org/security/advisories/mfsa2017-18/", "name": "https://www.mozilla.org/security/advisories/mfsa2017-20/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2017-18/" "url": "https://www.mozilla.org/security/advisories/mfsa2017-20/"
}, },
{ {
"name" : "https://www.mozilla.org/security/advisories/mfsa2017-19/", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1368652",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2017-19/" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1368652"
}, },
{ {
"name" : "https://www.mozilla.org/security/advisories/mfsa2017-20/", "name": "DSA-3968",
"refsource" : "CONFIRM", "refsource": "DEBIAN",
"url" : "https://www.mozilla.org/security/advisories/mfsa2017-20/" "url": "https://www.debian.org/security/2017/dsa-3968"
}, },
{ {
"name" : "DSA-3928", "name": "https://www.mozilla.org/security/advisories/mfsa2017-18/",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "https://www.debian.org/security/2017/dsa-3928" "url": "https://www.mozilla.org/security/advisories/mfsa2017-18/"
}, },
{ {
"name" : "DSA-3968", "name": "RHSA-2017:2456",
"refsource" : "DEBIAN", "refsource": "REDHAT",
"url" : "https://www.debian.org/security/2017/dsa-3968" "url": "https://access.redhat.com/errata/RHSA-2017:2456"
}, },
{ {
"name" : "GLSA-201803-14", "name": "RHSA-2017:2534",
"refsource" : "GENTOO", "refsource": "REDHAT",
"url" : "https://security.gentoo.org/glsa/201803-14" "url": "https://access.redhat.com/errata/RHSA-2017:2534"
}, },
{ {
"name" : "RHSA-2017:2456", "name": "100206",
"refsource" : "REDHAT", "refsource": "BID",
"url" : "https://access.redhat.com/errata/RHSA-2017:2456" "url": "http://www.securityfocus.com/bid/100206"
}, },
{ {
"name" : "RHSA-2017:2534", "name": "1039124",
"refsource" : "REDHAT", "refsource": "SECTRACK",
"url" : "https://access.redhat.com/errata/RHSA-2017:2534" "url": "http://www.securitytracker.com/id/1039124"
}, },
{ {
"name" : "100206", "name": "GLSA-201803-14",
"refsource" : "BID", "refsource": "GENTOO",
"url" : "http://www.securityfocus.com/bid/100206" "url": "https://security.gentoo.org/glsa/201803-14"
}, },
{ {
"name" : "1039124", "name": "DSA-3928",
"refsource" : "SECTRACK", "refsource": "DEBIAN",
"url" : "http://www.securitytracker.com/id/1039124" "url": "https://www.debian.org/security/2017/dsa-3928"
} }
] ]
} }

68
2017/8xxx/CVE-2017-8236.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"ID" : "CVE-2017-8236", "ID": "CVE-2017-8236",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "All Qualcomm products", "product_name": "All Qualcomm products",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an IPA driver." "value": "In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an IPA driver."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer Copy without Checking Size of Input in IPA" "value": "Buffer Copy without Checking Size of Input in IPA"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.android.com/security/bulletin/2017-06-01", "name": "https://source.android.com/security/bulletin/2017-06-01",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-06-01" "url": "https://source.android.com/security/bulletin/2017-06-01"
}, },
{ {
"name" : "1038623", "name": "1038623",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038623" "url": "http://www.securitytracker.com/id/1038623"
} }
] ]
} }

22
2017/8xxx/CVE-2017-8910.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-8910", "ID": "CVE-2017-8910",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/10xxx/CVE-2018-10012.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10012", "ID": "CVE-2018-10012",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/10xxx/CVE-2018-10043.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10043", "ID": "CVE-2018-10043",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/10xxx/CVE-2018-10146.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-10146", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2018-10146",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }

62
2018/10xxx/CVE-2018-10305.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10305", "ID": "CVE-2018-10305",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The MessageSearch2 function in PersonalMessage.php in Simple Machines Forum (SMF) before 2.0.15 does not properly use the possible_users variable in a query, which might allow attackers to bypass intended access restrictions." "value": "The MessageSearch2 function in PersonalMessage.php in Simple Machines Forum (SMF) before 2.0.15 does not properly use the possible_users variable in a query, which might allow attackers to bypass intended access restrictions."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.simplemachines.org/community/index.php?topic=557176.0", "name": "https://www.simplemachines.org/community/index.php?topic=557176.0",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.simplemachines.org/community/index.php?topic=557176.0" "url": "https://www.simplemachines.org/community/index.php?topic=557176.0"
} }
] ]
} }

22
2018/10xxx/CVE-2018-10338.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10338", "ID": "CVE-2018-10338",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2018/10xxx/CVE-2018-10806.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10806", "ID": "CVE-2018-10806",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in Frog CMS 0.9.5. There is a reflected Cross Site Scripting Vulnerability via the file[current_name] parameter to the admin/?/plugin/file_manager/rename URI. This can be used in conjunction with CSRF." "value": "An issue was discovered in Frog CMS 0.9.5. There is a reflected Cross Site Scripting Vulnerability via the file[current_name] parameter to the admin/?/plugin/file_manager/rename URI. This can be used in conjunction with CSRF."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/philippe/FrogCMS/issues/10", "name": "https://github.com/philippe/FrogCMS/issues/10",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/philippe/FrogCMS/issues/10" "url": "https://github.com/philippe/FrogCMS/issues/10"
} }
] ]
} }

22
2018/10xxx/CVE-2018-10909.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10909", "ID": "CVE-2018-10909",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

86
2018/13xxx/CVE-2018-13109.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13109", "ID": "CVE-2018-13109",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "All ADB broadband gateways / routers based on the Epicentro platform are affected by an authorization bypass vulnerability where attackers are able to access and manipulate settings within the web interface that are forbidden to end users (e.g., by the ISP). An attacker would be able to enable the TELNET server or other settings as well." "value": "All ADB broadband gateways / routers based on the Epicentro platform are affected by an authorization bypass vulnerability where attackers are able to access and manipulate settings within the web interface that are forbidden to end users (e.g., by the ISP). An attacker would be able to enable the TELNET server or other settings as well."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20180704 SEC Consult SA-20180704-1 :: Authorization Bypass in all ADB Broadband Gateways / Routers", "name": "20180704 SEC Consult SA-20180704-1 :: Authorization Bypass in all ADB Broadband Gateways / Routers",
"refsource" : "BUGTRAQ", "refsource": "FULLDISC",
"url" : "http://www.securityfocus.com/archive/1/542119/100/0/threaded" "url": "http://seclists.org/fulldisclosure/2018/Jul/18"
}, },
{ {
"name" : "44982", "name": "44982",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/44982/" "url": "https://www.exploit-db.com/exploits/44982/"
}, },
{ {
"name" : "20180704 SEC Consult SA-20180704-1 :: Authorization Bypass in all ADB Broadband Gateways / Routers", "name": "http://packetstormsecurity.com/files/148429/ADB-Authorization-Bypass.html",
"refsource" : "FULLDISC", "refsource": "MISC",
"url" : "http://seclists.org/fulldisclosure/2018/Jul/18" "url": "http://packetstormsecurity.com/files/148429/ADB-Authorization-Bypass.html"
}, },
{ {
"name" : "http://packetstormsecurity.com/files/148429/ADB-Authorization-Bypass.html", "name": "20180704 SEC Consult SA-20180704-1 :: Authorization Bypass in all ADB Broadband Gateways / Routers",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://packetstormsecurity.com/files/148429/ADB-Authorization-Bypass.html" "url": "http://www.securityfocus.com/archive/1/542119/100/0/threaded"
}, },
{ {
"name" : "https://www.sec-consult.com/en/blog/advisories/authorization-bypass-in-all-adb-broadband-gateways-routers/", "name": "https://www.sec-consult.com/en/blog/advisories/authorization-bypass-in-all-adb-broadband-gateways-routers/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.sec-consult.com/en/blog/advisories/authorization-bypass-in-all-adb-broadband-gateways-routers/" "url": "https://www.sec-consult.com/en/blog/advisories/authorization-bypass-in-all-adb-broadband-gateways-routers/"
} }
] ]
} }

68
2018/13xxx/CVE-2018-13217.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13217", "ID": "CVE-2018-13217",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The sell function of a smart contract implementation for CoinToken, an Ethereum token, has an integer overflow in which \"amount * sellPrice\" can be zero, consequently reducing a seller's assets." "value": "The sell function of a smart contract implementation for CoinToken, an Ethereum token, has an integer overflow in which \"amount * sellPrice\" can be zero, consequently reducing a seller's assets."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/ETHEREUMBLACK/sell%20integer%20overflow.md", "name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/CoinToken",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/ETHEREUMBLACK/sell%20integer%20overflow.md" "url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/CoinToken"
}, },
{ {
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/CoinToken", "name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/ETHEREUMBLACK/sell%20integer%20overflow.md",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/CoinToken" "url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/ETHEREUMBLACK/sell%20integer%20overflow.md"
} }
] ]
} }

68
2018/13xxx/CVE-2018-13222.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13222", "ID": "CVE-2018-13222",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The sell function of a smart contract implementation for ObjectToken (OBJ), an Ethereum token, has an integer overflow in which \"amount * sellPrice\" can be zero, consequently reducing a seller's assets." "value": "The sell function of a smart contract implementation for ObjectToken (OBJ), an Ethereum token, has an integer overflow in which \"amount * sellPrice\" can be zero, consequently reducing a seller's assets."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/ETHEREUMBLACK/sell%20integer%20overflow.md", "name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/ObjectToken",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/ETHEREUMBLACK/sell%20integer%20overflow.md" "url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/ObjectToken"
}, },
{ {
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/ObjectToken", "name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/ETHEREUMBLACK/sell%20integer%20overflow.md",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/ObjectToken" "url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/ETHEREUMBLACK/sell%20integer%20overflow.md"
} }
] ]
} }

72
2018/13xxx/CVE-2018-13389.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@atlassian.com", "ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC" : "2018-07-09T00:00:00", "DATE_PUBLIC": "2018-07-09T00:00:00",
"ID" : "CVE-2018-13389", "ID": "CVE-2018-13389",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Confluence", "product_name": "Confluence",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "6.6.1" "version_value": "6.6.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Atlassian" "vendor_name": "Atlassian"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The attachment resource in Atlassian Confluence before version 6.6.1 allows remote attackers to spoof web content in the Mozilla Firefox Browser through attachments that have a content-type of application/rdf+xml." "value": "The attachment resource in Atlassian Confluence before version 6.6.1 allows remote attackers to spoof web content in the Mozilla Firefox Browser through attachments that have a content-type of application/rdf+xml."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Content Spoofing" "value": "Content Spoofing"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://jira.atlassian.com/browse/CONFSERVER-54906", "name": "https://jira.atlassian.com/browse/CONFSERVER-54906",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://jira.atlassian.com/browse/CONFSERVER-54906" "url": "https://jira.atlassian.com/browse/CONFSERVER-54906"
}, },
{ {
"name" : "104755", "name": "104755",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/104755" "url": "http://www.securityfocus.com/bid/104755"
} }
] ]
} }

68
2018/13xxx/CVE-2018-13836.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13836", "ID": "CVE-2018-13836",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An integer overflow vulnerability exists in the function multiTransfer of Rocket Coin (XRC), an Ethereum token smart contract. An attacker could use it to set any user's balance." "value": "An integer overflow vulnerability exists in the function multiTransfer of Rocket Coin (XRC), an Ethereum token smart contract. An attacker could use it to set any user's balance."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/VenusADLab/EtherTokens/blob/master/SHARKTECH/SHARKTECH.md", "name": "https://github.com/VenusADLab/EtherTokens/tree/master/Rocket%20Coin(XRC)",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/VenusADLab/EtherTokens/blob/master/SHARKTECH/SHARKTECH.md" "url": "https://github.com/VenusADLab/EtherTokens/tree/master/Rocket%20Coin(XRC)"
}, },
{ {
"name" : "https://github.com/VenusADLab/EtherTokens/tree/master/Rocket%20Coin(XRC)", "name": "https://github.com/VenusADLab/EtherTokens/blob/master/SHARKTECH/SHARKTECH.md",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/VenusADLab/EtherTokens/tree/master/Rocket%20Coin(XRC)" "url": "https://github.com/VenusADLab/EtherTokens/blob/master/SHARKTECH/SHARKTECH.md"
} }
] ]
} }

74
2018/17xxx/CVE-2018-17075.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17075", "ID": "CVE-2018-17075",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The html package (aka x/net/html) before 2018-07-13 in Go mishandles \"in frameset\" insertion mode, leading to a \"panic: runtime error\" for html.Parse of <template><object>, <template><applet>, or <template><marquee>. This is related to HTMLTreeBuilder.cpp in WebKit." "value": "The html package (aka x/net/html) before 2018-07-13 in Go mishandles \"in frameset\" insertion mode, leading to a \"panic: runtime error\" for html.Parse of <template><object>, <template><applet>, or <template><marquee>. This is related to HTMLTreeBuilder.cpp in WebKit."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugs.chromium.org/p/chromium/issues/detail?id=829668", "name": "https://github.com/golang/net/commit/aaf60122140d3fcf75376d319f0554393160eb50",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://bugs.chromium.org/p/chromium/issues/detail?id=829668" "url": "https://github.com/golang/net/commit/aaf60122140d3fcf75376d319f0554393160eb50"
}, },
{ {
"name" : "https://github.com/golang/go/issues/27016", "name": "https://bugs.chromium.org/p/chromium/issues/detail?id=829668",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/golang/go/issues/27016" "url": "https://bugs.chromium.org/p/chromium/issues/detail?id=829668"
}, },
{ {
"name" : "https://github.com/golang/net/commit/aaf60122140d3fcf75376d319f0554393160eb50", "name": "https://github.com/golang/go/issues/27016",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/golang/net/commit/aaf60122140d3fcf75376d319f0554393160eb50" "url": "https://github.com/golang/go/issues/27016"
} }
] ]
} }

62
2018/17xxx/CVE-2018-17085.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17085", "ID": "CVE-2018-17085",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in OTCMS 3.61. XSS exists in admin/users.php via these parameters: dataTypeCN dataMode dataModeStr." "value": "An issue was discovered in OTCMS 3.61. XSS exists in admin/users.php via these parameters: dataTypeCN dataMode dataModeStr."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://secwk.blogspot.com/2018/09/otcms-361-reflected-xss-usersphp.html", "name": "http://secwk.blogspot.com/2018/09/otcms-361-reflected-xss-usersphp.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://secwk.blogspot.com/2018/09/otcms-361-reflected-xss-usersphp.html" "url": "http://secwk.blogspot.com/2018/09/otcms-361-reflected-xss-usersphp.html"
} }
] ]
} }

22
2018/17xxx/CVE-2018-17514.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17514", "ID": "CVE-2018-17514",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2018/17xxx/CVE-2018-17936.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "ics-cert@hq.dhs.gov", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2018-17936", "ID": "CVE-2018-17936",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "NUUO CMS", "product_name": "NUUO CMS",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions 3.3 and prior" "version_value": "All versions 3.3 and prior"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "NUUO CMS All versions 3.3 and prior the application allows the upload of arbitrary files that can modify or overwrite configuration files to the server, which could allow remote code execution." "value": "NUUO CMS All versions 3.3 and prior the application allows the upload of arbitrary files that can modify or overwrite configuration files to the server, which could allow remote code execution."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "UNRESTRICTED UPLOAD OF FILE WITH DANGEROUS TYPE CWE-434" "value": "UNRESTRICTED UPLOAD OF FILE WITH DANGEROUS TYPE CWE-434"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-284-02", "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-284-02",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-284-02" "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-284-02"
} }
] ]
} }

68
2018/20xxx/CVE-2018-20461.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-20461", "ID": "CVE-2018-20461",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c allows attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting a binary file." "value": "In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c allows attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting a binary file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/radare/radare2/commit/a1bc65c3db593530775823d6d7506a457ed95267", "name": "https://github.com/radare/radare2/commit/a1bc65c3db593530775823d6d7506a457ed95267",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/radare/radare2/commit/a1bc65c3db593530775823d6d7506a457ed95267" "url": "https://github.com/radare/radare2/commit/a1bc65c3db593530775823d6d7506a457ed95267"
}, },
{ {
"name" : "https://github.com/radare/radare2/issues/12375", "name": "https://github.com/radare/radare2/issues/12375",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/radare/radare2/issues/12375" "url": "https://github.com/radare/radare2/issues/12375"
} }
] ]
} }

22
2018/20xxx/CVE-2018-20698.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-20698", "ID": "CVE-2018-20698",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

76
2018/9xxx/CVE-2018-9445.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"DATE_PUBLIC" : "2018-10-31T00:00:00", "DATE_PUBLIC": "2018-10-31T00:00:00",
"ID" : "CVE-2018-9445", "ID": "CVE-2018-9445",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1" "version_value": "Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In readMetadata of Utils.cpp, there is a possible path traversal bug due to a confused deputy. This could lead to local escalation of privilege when mounting a USB device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-80436257." "value": "In readMetadata of Utils.cpp, there is a possible path traversal bug due to a confused deputy. This could lead to local escalation of privilege when mounting a USB device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-80436257."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Elevation of privilege" "value": "Elevation of privilege"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "45192", "name": "https://source.android.com/security/bulletin/2018-08-01",
"refsource" : "EXPLOIT-DB", "refsource": "CONFIRM",
"url" : "https://www.exploit-db.com/exploits/45192/" "url": "https://source.android.com/security/bulletin/2018-08-01"
}, },
{ {
"name" : "https://source.android.com/security/bulletin/2018-08-01", "name": "1041432",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://source.android.com/security/bulletin/2018-08-01" "url": "http://www.securitytracker.com/id/1041432"
}, },
{ {
"name" : "1041432", "name": "45192",
"refsource" : "SECTRACK", "refsource": "EXPLOIT-DB",
"url" : "http://www.securitytracker.com/id/1041432" "url": "https://www.exploit-db.com/exploits/45192/"
} }
] ]
} }

22
2018/9xxx/CVE-2018-9888.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9888", "ID": "CVE-2018-9888",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }