admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:51:47 +00:00
parent fa4c4381c3
commit 269d145fc6
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
54 changed files with 3477 additions and 3477 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
2002/1xxx/CVE-2002-1021.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1021", "ID": "CVE-2002-1021",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte." "value": "BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020712 Three BadBlue Vulnerabilities", "name": "badblue-null-file-disclosure(9557)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-07/0143.html" "url": "http://www.iss.net/security_center/static/9557.php"
}, },
{ {
"name" : "5226", "name": "5226",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/5226" "url": "http://www.securityfocus.com/bid/5226"
}, },
{ {
"name" : "badblue-null-file-disclosure(9557)", "name": "20020712 Three BadBlue Vulnerabilities",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "http://www.iss.net/security_center/static/9557.php" "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0143.html"
} }
] ]
} }

22
2002/1xxx/CVE-2002-1249.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1249", "ID": "CVE-2002-1249",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

74
2002/1xxx/CVE-2002-1554.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1554", "ID": "CVE-2002-1554",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cisco ONS15454 and ONS15327 running ONS before 3.4 stores usernames and passwords in cleartext in the image database for the TCC, TCC+ or XTC, which could allow attackers to gain privileges by obtaining the passwords from the image database or a backup." "value": "Cisco ONS15454 and ONS15327 running ONS before 3.4 stores usernames and passwords in cleartext in the image database for the TCC, TCC+ or XTC, which could allow attackers to gain privileges by obtaining the passwords from the image database or a backup."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20021031 Cisco ONS15454 and Cisco ONS15327 Vulnerabilities", "name": "cisco-ons-plaintext-accounts(10506)",
"refsource" : "CISCO", "refsource": "XF",
"url" : "http://www.cisco.com/warp/public/707/ons-multiple-vuln-pub.shtml" "url": "http://www.iss.net/security_center/static/10506.php"
}, },
{ {
"name" : "cisco-ons-plaintext-accounts(10506)", "name": "6078",
"refsource" : "XF", "refsource": "BID",
"url" : "http://www.iss.net/security_center/static/10506.php" "url": "http://www.securityfocus.com/bid/6078"
}, },
{ {
"name" : "6078", "name": "20021031 Cisco ONS15454 and Cisco ONS15327 Vulnerabilities",
"refsource" : "BID", "refsource": "CISCO",
"url" : "http://www.securityfocus.com/bid/6078" "url": "http://www.cisco.com/warp/public/707/ons-multiple-vuln-pub.shtml"
} }
] ]
} }

74
2002/1xxx/CVE-2002-1792.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1792", "ID": "CVE-2002-1792",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in Fake Identd 0.9 through 1.4 allows remote attackers to execute arbitrary code as root via a long request that is split into multiple packets." "value": "Buffer overflow in Fake Identd 0.9 through 1.4 allows remote attackers to execute arbitrary code as root via a long request that is split into multiple packets."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020729 Fake Identd - Remote root exploit", "name": "20020729 Fake Identd - Remote root exploit",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://online.securityfocus.com/archive/1/284953" "url": "http://online.securityfocus.com/archive/1/284953"
}, },
{ {
"name" : "5351", "name": "5351",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/5351" "url": "http://www.securityfocus.com/bid/5351"
}, },
{ {
"name" : "fake-identd-bo(9731)", "name": "fake-identd-bo(9731)",
"refsource" : "XF", "refsource": "XF",
"url" : "http://www.iss.net/security_center/static/9731.php" "url": "http://www.iss.net/security_center/static/9731.php"
} }
] ]
} }

22
2003/0xxx/CVE-2003-0229.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0229", "ID": "CVE-2003-0229",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

104
2003/0xxx/CVE-2003-0240.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0240", "ID": "CVE-2003-0240",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The web-based administration capability for various Axis Network Camera products allows remote attackers to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash)." "value": "The web-based administration capability for various Axis Network Camera products allows remote attackers to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20030527 CORE-2003-0403: Axis Network Camera HTTP Authentication Bypass", "name": "1006854",
"refsource" : "BUGTRAQ", "refsource": "SECTRACK",
"url" : "http://marc.info/?l=bugtraq&m=105406374731579&w=2" "url": "http://securitytracker.com/id?1006854"
}, },
{ {
"name" : "http://www.coresecurity.com/common/showdoc.php?idx=329&idxseccion=10", "name": "axis-admin-authentication-bypass(12104)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://www.coresecurity.com/common/showdoc.php?idx=329&idxseccion=10" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12104"
}, },
{ {
"name" : "VU#799060", "name": "http://www.coresecurity.com/common/showdoc.php?idx=329&idxseccion=10",
"refsource" : "CERT-VN", "refsource": "MISC",
"url" : "http://www.kb.cert.org/vuls/id/799060" "url": "http://www.coresecurity.com/common/showdoc.php?idx=329&idxseccion=10"
}, },
{ {
"name" : "7652", "name": "7652",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/7652" "url": "http://www.securityfocus.com/bid/7652"
}, },
{ {
"name" : "4804", "name": "20030527 CORE-2003-0403: Axis Network Camera HTTP Authentication Bypass",
"refsource" : "OSVDB", "refsource": "BUGTRAQ",
"url" : "http://www.osvdb.org/4804" "url": "http://marc.info/?l=bugtraq&m=105406374731579&w=2"
}, },
{ {
"name" : "1006854", "name": "VU#799060",
"refsource" : "SECTRACK", "refsource": "CERT-VN",
"url" : "http://securitytracker.com/id?1006854" "url": "http://www.kb.cert.org/vuls/id/799060"
}, },
{ {
"name" : "8876", "name": "4804",
"refsource" : "SECUNIA", "refsource": "OSVDB",
"url" : "http://secunia.com/advisories/8876" "url": "http://www.osvdb.org/4804"
}, },
{ {
"name" : "axis-admin-authentication-bypass(12104)", "name": "8876",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/12104" "url": "http://secunia.com/advisories/8876"
} }
] ]
} }

92
2003/0xxx/CVE-2003-0551.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0551", "ID": "CVE-2003-0551",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service." "value": "The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "RHSA-2003:198", "name": "RHSA-2003:238",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2003-198.html" "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html"
}, },
{ {
"name" : "RHSA-2003:238", "name": "DSA-423",
"refsource" : "REDHAT", "refsource": "DEBIAN",
"url" : "http://www.redhat.com/support/errata/RHSA-2003-238.html" "url": "http://www.debian.org/security/2004/dsa-423"
}, },
{ {
"name" : "DSA-358", "name": "RHSA-2003:198",
"refsource" : "DEBIAN", "refsource": "REDHAT",
"url" : "http://www.debian.org/security/2004/dsa-358" "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html"
}, },
{ {
"name" : "DSA-423", "name": "RHSA-2003:239",
"refsource" : "DEBIAN", "refsource": "REDHAT",
"url" : "http://www.debian.org/security/2004/dsa-423" "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html"
}, },
{ {
"name" : "RHSA-2003:239", "name": "DSA-358",
"refsource" : "REDHAT", "refsource": "DEBIAN",
"url" : "http://www.redhat.com/support/errata/RHSA-2003-239.html" "url": "http://www.debian.org/security/2004/dsa-358"
}, },
{ {
"name" : "oval:org.mitre.oval:def:384", "name": "oval:org.mitre.oval:def:384",
"refsource" : "OVAL", "refsource": "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A384" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A384"
} }
] ]
} }

80
2003/0xxx/CVE-2003-0665.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0665", "ID": "CVE-2003-0665",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in the ActiveX control for Microsoft Access Snapshot Viewer for Access 97, 2000, and 2002 allows remote attackers to execute arbitrary code via long parameters to the control." "value": "Buffer overflow in the ActiveX control for Microsoft Access Snapshot Viewer for Access 97, 2000, and 2002 allows remote attackers to execute arbitrary code via long parameters to the control."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS03-038", "name": "8536",
"refsource" : "MS", "refsource": "BID",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-038" "url": "http://www.securityfocus.com/bid/8536"
}, },
{ {
"name" : "VU#992132", "name": "VU#992132",
"refsource" : "CERT-VN", "refsource": "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/992132" "url": "http://www.kb.cert.org/vuls/id/992132"
}, },
{ {
"name" : "8536", "name": "MS03-038",
"refsource" : "BID", "refsource": "MS",
"url" : "http://www.securityfocus.com/bid/8536" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-038"
}, },
{ {
"name" : "9668", "name": "9668",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/9668" "url": "http://secunia.com/advisories/9668"
} }
] ]
} }

80
2003/1xxx/CVE-2003-1458.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1458", "ID": "CVE-2003-1458",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in Profile.php in ttCMS 2.2 and ttForum allows remote attackers to execute arbitrary SQL commands via the member name." "value": "SQL injection vulnerability in Profile.php in ttCMS 2.2 and ttForum allows remote attackers to execute arbitrary SQL commands via the member name."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20030509 ttcms and ttforum exploits", "name": "ttcms-profile-sql-injection(12273)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/321000" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12273"
}, },
{ {
"name" : "7543", "name": "3278",
"refsource" : "BID", "refsource": "SREASON",
"url" : "http://www.securityfocus.com/bid/7543" "url": "http://securityreason.com/securityalert/3278"
}, },
{ {
"name" : "3278", "name": "7543",
"refsource" : "SREASON", "refsource": "BID",
"url" : "http://securityreason.com/securityalert/3278" "url": "http://www.securityfocus.com/bid/7543"
}, },
{ {
"name" : "ttcms-profile-sql-injection(12273)", "name": "20030509 ttcms and ttforum exploits",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/12273" "url": "http://www.securityfocus.com/archive/1/321000"
} }
] ]
} }

74
2004/0xxx/CVE-2004-0085.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0085", "ID": "CVE-2004-0085",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unknown vulnerability in the Mail application for Mac OS X 10.1.5 and 10.2.8 with unknown impact, a different vulnerability than CVE-2004-0086." "value": "Unknown vulnerability in the Mail application for Mac OS X 10.1.5 and 10.2.8 with unknown impact, a different vulnerability than CVE-2004-0086."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "APPLE-SA-2004-01-26", "name": "APPLE-SA-2004-01-26",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html" "url": "http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html"
}, },
{ {
"name" : "9504", "name": "9504",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/9504" "url": "http://www.securityfocus.com/bid/9504"
}, },
{ {
"name" : "macosx-mail-undisclosed(14992)", "name": "macosx-mail-undisclosed(14992)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/14992" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14992"
} }
] ]
} }

80
2004/2xxx/CVE-2004-2135.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2135", "ID": "CVE-2004-2135",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain \"IV computation\" weaknesses that allow watermarked files to be detected without decryption." "value": "cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain \"IV computation\" weaknesses that allow watermarked files to be detected without decryption."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[linux-kernel] 20040219 Re: Oopsing cryptoapi (or loop device?) on 2.6.*", "name": "http://mareichelt.de/pub/notmine/diskenc.pdf",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://marc.info/?l=linux-kernel&m=107719798631935&w=2" "url": "http://mareichelt.de/pub/notmine/diskenc.pdf"
}, },
{ {
"name" : "http://mareichelt.de/pub/notmine/diskenc.pdf", "name": "13775",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://mareichelt.de/pub/notmine/diskenc.pdf" "url": "http://www.securityfocus.com/bid/13775"
}, },
{ {
"name" : "http://www.securiteam.com/exploits/5UP0P1PFPM.html", "name": "http://www.securiteam.com/exploits/5UP0P1PFPM.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.securiteam.com/exploits/5UP0P1PFPM.html" "url": "http://www.securiteam.com/exploits/5UP0P1PFPM.html"
}, },
{ {
"name" : "13775", "name": "[linux-kernel] 20040219 Re: Oopsing cryptoapi (or loop device?) on 2.6.*",
"refsource" : "BID", "refsource": "MLIST",
"url" : "http://www.securityfocus.com/bid/13775" "url": "http://marc.info/?l=linux-kernel&m=107719798631935&w=2"
} }
] ]
} }

86
2004/2xxx/CVE-2004-2272.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2272", "ID": "CVE-2004-2272",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in the sockFinger_DataArrival function in efFingerD 0.2.12 allows remote attackers to cause a denial of service (daemon crash) via a long finger command." "value": "Buffer overflow in the sockFinger_DataArrival function in efFingerD 0.2.12 allows remote attackers to cause a denial of service (daemon crash) via a long finger command."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://members.lycos.co.uk/r34ct/main/efFingerD.txt", "name": "http://members.lycos.co.uk/r34ct/main/efFingerD.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://members.lycos.co.uk/r34ct/main/efFingerD.txt" "url": "http://members.lycos.co.uk/r34ct/main/efFingerD.txt"
}, },
{ {
"name" : "5991", "name": "5991",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/5991" "url": "http://www.osvdb.org/5991"
}, },
{ {
"name" : "1010094", "name": "11573",
"refsource" : "SECTRACK", "refsource": "SECUNIA",
"url" : "http://securitytracker.com/id?1010094" "url": "http://secunia.com/advisories/11573"
}, },
{ {
"name" : "11573", "name": "effingerd-sockfingerdataarrival-bo(16097)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/11573" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16097"
}, },
{ {
"name" : "effingerd-sockfingerdataarrival-bo(16097)", "name": "1010094",
"refsource" : "XF", "refsource": "SECTRACK",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16097" "url": "http://securitytracker.com/id?1010094"
} }
] ]
} }

80
2004/2xxx/CVE-2004-2471.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2471", "ID": "CVE-2004-2471",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in the sloth TCL script in QuoteEngine before 1.2.0 allow remote attackers to execute arbitrary SQL commands via unknown vectors." "value": "SQL injection vulnerability in the sloth TCL script in QuoteEngine before 1.2.0 allow remote attackers to execute arbitrary SQL commands via unknown vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=227554", "name": "11255",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=227554" "url": "http://secunia.com/advisories/11255"
}, },
{ {
"name" : "10017", "name": "quoteengine-sql-injection(15685)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/10017" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15685"
}, },
{ {
"name" : "11255", "name": "http://sourceforge.net/project/shownotes.php?release_id=227554",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/11255" "url": "http://sourceforge.net/project/shownotes.php?release_id=227554"
}, },
{ {
"name" : "quoteengine-sql-injection(15685)", "name": "10017",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15685" "url": "http://www.securityfocus.com/bid/10017"
} }
] ]
} }

92
2012/0xxx/CVE-2012-0004.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2012-0004", "ID": "CVE-2012-0004",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in DirectShow in DirectX in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted media file, related to Quartz.dll, Qdvd.dll, closed captioning, and the Line21 DirectShow filter, aka \"DirectShow Remote Code Execution Vulnerability.\"" "value": "Unspecified vulnerability in DirectShow in DirectX in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted media file, related to Quartz.dll, Qdvd.dll, closed captioning, and the Line21 DirectShow filter, aka \"DirectShow Remote Code Execution Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS12-004", "name": "oval:org.mitre.oval:def:14832",
"refsource" : "MS", "refsource": "OVAL",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-004" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14832"
}, },
{ {
"name" : "TA12-010A", "name": "TA12-010A",
"refsource" : "CERT", "refsource": "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA12-010A.html" "url": "http://www.us-cert.gov/cas/techalerts/TA12-010A.html"
}, },
{ {
"name" : "51295", "name": "MS12-004",
"refsource" : "BID", "refsource": "MS",
"url" : "http://www.securityfocus.com/bid/51295" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-004"
}, },
{ {
"name" : "oval:org.mitre.oval:def:14832", "name": "47485",
"refsource" : "OVAL", "refsource": "SECUNIA",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14832" "url": "http://secunia.com/advisories/47485"
}, },
{ {
"name" : "1026492", "name": "51295",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id?1026492" "url": "http://www.securityfocus.com/bid/51295"
}, },
{ {
"name" : "47485", "name": "1026492",
"refsource" : "SECUNIA", "refsource": "SECTRACK",
"url" : "http://secunia.com/advisories/47485" "url": "http://www.securitytracker.com/id?1026492"
} }
] ]
} }

116
2012/0xxx/CVE-2012-0102.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2012-0102", "ID": "CVE-2012-0102",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0101." "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0101."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html", "name": "mysql-serveruns2-dos(72521)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72521"
}, },
{ {
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659687", "name": "USN-1397-1",
"refsource" : "CONFIRM", "refsource": "UBUNTU",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659687" "url": "http://www.ubuntu.com/usn/USN-1397-1"
}, },
{ {
"name" : "DSA-2429", "name": "78379",
"refsource" : "DEBIAN", "refsource": "OSVDB",
"url" : "http://www.debian.org/security/2012/dsa-2429" "url": "http://osvdb.org/78379"
}, },
{ {
"name" : "GLSA-201308-06", "name": "53372",
"refsource" : "GENTOO", "refsource": "SECUNIA",
"url" : "http://security.gentoo.org/glsa/glsa-201308-06.xml" "url": "http://secunia.com/advisories/53372"
}, },
{ {
"name" : "SUSE-SU-2012:0984", "name": "GLSA-201308-06",
"refsource" : "SUSE", "refsource": "GENTOO",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00007.html" "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
}, },
{ {
"name" : "USN-1397-1", "name": "48250",
"refsource" : "UBUNTU", "refsource": "SECUNIA",
"url" : "http://www.ubuntu.com/usn/USN-1397-1" "url": "http://secunia.com/advisories/48250"
}, },
{ {
"name" : "78379", "name": "SUSE-SU-2012:0984",
"refsource" : "OSVDB", "refsource": "SUSE",
"url" : "http://osvdb.org/78379" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00007.html"
}, },
{ {
"name" : "53372", "name": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/53372" "url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"
}, },
{ {
"name" : "48250", "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659687",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/48250" "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659687"
}, },
{ {
"name" : "mysql-serveruns2-dos(72521)", "name": "DSA-2429",
"refsource" : "XF", "refsource": "DEBIAN",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72521" "url": "http://www.debian.org/security/2012/dsa-2429"
} }
] ]
} }

74
2012/0xxx/CVE-2012-0123.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2012-0123", "ID": "CVE-2012-0123",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1498." "value": "Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1498."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "HPSBMU02746", "name": "SSRT100781",
"refsource" : "HP", "refsource": "HP",
"url" : "http://www.securityfocus.com/archive/1/521944" "url": "http://www.securityfocus.com/archive/1/521944"
}, },
{ {
"name" : "SSRT100781", "name": "hp-dataprotector-code-execution(73947)",
"refsource" : "HP", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/521944" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73947"
}, },
{ {
"name" : "hp-dataprotector-code-execution(73947)", "name": "HPSBMU02746",
"refsource" : "XF", "refsource": "HP",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/73947" "url": "http://www.securityfocus.com/archive/1/521944"
} }
] ]
} }

74
2012/0xxx/CVE-2012-0137.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2012-0137", "ID": "CVE-2012-0137",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka \"VSD File Format Memory Corruption Vulnerability,\" a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0136, and CVE-2012-0138." "value": "Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka \"VSD File Format Memory Corruption Vulnerability,\" a different vulnerability than CVE-2012-0019, CVE-2012-0020, CVE-2012-0136, and CVE-2012-0138."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS12-015", "name": "TA12-045A",
"refsource" : "MS", "refsource": "CERT",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-015" "url": "http://www.us-cert.gov/cas/techalerts/TA12-045A.html"
}, },
{ {
"name" : "TA12-045A", "name": "oval:org.mitre.oval:def:14602",
"refsource" : "CERT", "refsource": "OVAL",
"url" : "http://www.us-cert.gov/cas/techalerts/TA12-045A.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14602"
}, },
{ {
"name" : "oval:org.mitre.oval:def:14602", "name": "MS12-015",
"refsource" : "OVAL", "refsource": "MS",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14602" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-015"
} }
] ]
} }

80
2012/0xxx/CVE-2012-0277.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID" : "CVE-2012-0277", "ID": "CVE-2012-0277",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PCT image." "value": "Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PCT image."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "19336", "name": "19336",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/19336" "url": "http://www.exploit-db.com/exploits/19336"
}, },
{ {
"name" : "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=50", "name": "http://newsgroup.xnview.com/viewtopic.php?f=35&t=25858",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=50" "url": "http://newsgroup.xnview.com/viewtopic.php?f=35&t=25858"
}, },
{ {
"name" : "http://newsgroup.xnview.com/viewtopic.php?f=35&t=25858", "name": "48666",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://newsgroup.xnview.com/viewtopic.php?f=35&t=25858" "url": "http://secunia.com/advisories/48666"
}, },
{ {
"name" : "48666", "name": "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=50",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/48666" "url": "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=50"
} }
] ]
} }

74
2012/1xxx/CVE-2012-1537.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-1537", "ID": "CVE-2012-1537",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Heap-based buffer overflow in DirectPlay in DirectX 9.0 through 11.1 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a crafted Office document, aka \"DirectPlay Heap Overflow Vulnerability.\"" "value": "Heap-based buffer overflow in DirectPlay in DirectX 9.0 through 11.1 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a crafted Office document, aka \"DirectPlay Heap Overflow Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS12-082", "name": "TA12-346A",
"refsource" : "MS", "refsource": "CERT",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-082" "url": "http://www.us-cert.gov/cas/techalerts/TA12-346A.html"
}, },
{ {
"name" : "TA12-346A", "name": "MS12-082",
"refsource" : "CERT", "refsource": "MS",
"url" : "http://www.us-cert.gov/cas/techalerts/TA12-346A.html" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-082"
}, },
{ {
"name" : "oval:org.mitre.oval:def:16086", "name": "oval:org.mitre.oval:def:16086",
"refsource" : "OVAL", "refsource": "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16086" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16086"
} }
] ]
} }

80
2012/1xxx/CVE-2012-1564.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-1564", "ID": "CVE-2012-1564",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in administration/create_album.php in YVS Image Gallery allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." "value": "Cross-site scripting (XSS) vulnerability in administration/create_album.php in YVS Image Gallery allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20120227 Case YVS Image Gallery", "name": "[oss-security] 20120319 Re: Case YVS Image Gallery",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/02/27/7" "url": "http://www.openwall.com/lists/oss-security/2012/03/19/12"
}, },
{ {
"name" : "[oss-security] 20120227 Re: Case YVS Image Gallery", "name": "yvsimagegallery-createalbum-xsss(79529)",
"refsource" : "MLIST", "refsource": "XF",
"url" : "http://www.openwall.com/lists/oss-security/2012/02/27/27" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79529"
}, },
{ {
"name" : "[oss-security] 20120319 Re: Case YVS Image Gallery", "name": "[oss-security] 20120227 Case YVS Image Gallery",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/03/19/12" "url": "http://www.openwall.com/lists/oss-security/2012/02/27/7"
}, },
{ {
"name" : "yvsimagegallery-createalbum-xsss(79529)", "name": "[oss-security] 20120227 Re: Case YVS Image Gallery",
"refsource" : "XF", "refsource": "MLIST",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/79529" "url": "http://www.openwall.com/lists/oss-security/2012/02/27/27"
} }
] ]
} }

104
2012/1xxx/CVE-2012-1652.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-1652", "ID": "CVE-2012-1652",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Hierarchical Select module 6.x-3.x before 6.x-3.8 for Drupal allows remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML via unspecified vectors related to \"the vocabulary's help text.\"" "value": "Cross-site scripting (XSS) vulnerability in the Hierarchical Select module 6.x-3.x before 6.x-3.8 for Drupal allows remote authenticated users with administer taxonomy permissions to inject arbitrary web script or HTML via unspecified vectors related to \"the vocabulary's help text.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20120406 CVE's for Drupal Contrib 2012 001 through 057 (67 new CVE assignments)", "name": "http://drupal.org/node/1461318",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2012/04/07/1" "url": "http://drupal.org/node/1461318"
}, },
{ {
"name" : "http://drupal.org/node/1461318", "name": "http://drupal.org/node/1461724",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://drupal.org/node/1461318" "url": "http://drupal.org/node/1461724"
}, },
{ {
"name" : "http://drupal.org/node/1461724", "name": "48235",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://drupal.org/node/1461724" "url": "http://secunia.com/advisories/48235"
}, },
{ {
"name" : "http://drupalcode.org/project/hierarchical_select.git/commit/be32dceb17d25553e474c295a8c3db69eab95cee", "name": "79683",
"refsource" : "CONFIRM", "refsource": "OSVDB",
"url" : "http://drupalcode.org/project/hierarchical_select.git/commit/be32dceb17d25553e474c295a8c3db69eab95cee" "url": "http://osvdb.org/79683"
}, },
{ {
"name" : "52228", "name": "[oss-security] 20120406 CVE's for Drupal Contrib 2012 001 through 057 (67 new CVE assignments)",
"refsource" : "BID", "refsource": "MLIST",
"url" : "http://www.securityfocus.com/bid/52228" "url": "http://www.openwall.com/lists/oss-security/2012/04/07/1"
}, },
{ {
"name" : "79683", "name": "http://drupalcode.org/project/hierarchical_select.git/commit/be32dceb17d25553e474c295a8c3db69eab95cee",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://osvdb.org/79683" "url": "http://drupalcode.org/project/hierarchical_select.git/commit/be32dceb17d25553e474c295a8c3db69eab95cee"
}, },
{ {
"name" : "48235", "name": "52228",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/48235" "url": "http://www.securityfocus.com/bid/52228"
}, },
{ {
"name" : "hierarchicalselect-textvocabularies-xss(73611)", "name": "hierarchicalselect-textvocabularies-xss(73611)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/73611" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73611"
} }
] ]
} }

152
2012/5xxx/CVE-2012-5087.json
View File

@ -1,136 +1,136 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2012-5087", "ID": "CVE-2012-5087",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans." "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "name": "SUSE-SU-2012:1398",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"
}, },
{ {
"name" : "GLSA-201406-32", "name": "GLSA-201406-32",
"refsource" : "GENTOO", "refsource": "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
}, },
{ {
"name" : "HPSBUX02832", "name": "RHSA-2012:1386",
"refsource" : "HP", "refsource": "REDHAT",
"url" : "http://marc.info/?l=bugtraq&m=135542848327757&w=2" "url": "http://rhn.redhat.com/errata/RHSA-2012-1386.html"
}, },
{ {
"name" : "SSRT101042", "name": "SSRT101043",
"refsource" : "HP", "refsource": "HP",
"url" : "http://marc.info/?l=bugtraq&m=135542848327757&w=2" "url": "http://marc.info/?l=bugtraq&m=135758563611658&w=2"
}, },
{ {
"name" : "HPSBOV02833", "name": "RHSA-2012:1391",
"refsource" : "HP", "refsource": "REDHAT",
"url" : "http://marc.info/?l=bugtraq&m=135758563611658&w=2" "url": "http://rhn.redhat.com/errata/RHSA-2012-1391.html"
}, },
{ {
"name" : "SSRT101043", "name": "51029",
"refsource" : "HP", "refsource": "SECUNIA",
"url" : "http://marc.info/?l=bugtraq&m=135758563611658&w=2" "url": "http://secunia.com/advisories/51029"
}, },
{ {
"name" : "RHSA-2012:1386", "name": "HPSBOV02833",
"refsource" : "REDHAT", "refsource": "HP",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1386.html" "url": "http://marc.info/?l=bugtraq&m=135758563611658&w=2"
}, },
{ {
"name" : "RHSA-2012:1391", "name": "51390",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1391.html" "url": "http://secunia.com/advisories/51390"
}, },
{ {
"name" : "RHSA-2012:1467", "name": "javaruntimeenvironment-beans-cve20125087(79415)",
"refsource" : "REDHAT", "refsource": "XF",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1467.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79415"
}, },
{ {
"name" : "SUSE-SU-2012:1398", "name": "oval:org.mitre.oval:def:16560",
"refsource" : "SUSE", "refsource": "OVAL",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16560"
}, },
{ {
"name" : "56043", "name": "RHSA-2012:1467",
"refsource" : "BID", "refsource": "REDHAT",
"url" : "http://www.securityfocus.com/bid/56043" "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:16560", "name": "SSRT101042",
"refsource" : "OVAL", "refsource": "HP",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16560" "url": "http://marc.info/?l=bugtraq&m=135542848327757&w=2"
}, },
{ {
"name" : "51029", "name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/51029" "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html"
}, },
{ {
"name" : "51326", "name": "51326",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/51326" "url": "http://secunia.com/advisories/51326"
}, },
{ {
"name" : "51390", "name": "56043",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/51390" "url": "http://www.securityfocus.com/bid/56043"
}, },
{ {
"name" : "javaruntimeenvironment-beans-cve20125087(79415)", "name": "HPSBUX02832",
"refsource" : "XF", "refsource": "HP",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/79415" "url": "http://marc.info/?l=bugtraq&m=135542848327757&w=2"
} }
] ]
} }

80
2012/5xxx/CVE-2012-5264.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2012-5264", "ID": "CVE-2012-5264",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22." "value": "Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.adobe.com/support/security/bulletins/apsb12-22.html", "name": "openSUSE-SU-2013:0370",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "http://www.adobe.com/support/security/bulletins/apsb12-22.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00034.html"
}, },
{ {
"name" : "openSUSE-SU-2013:0370", "name": "http://www.adobe.com/support/security/bulletins/apsb12-22.html",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00034.html" "url": "http://www.adobe.com/support/security/bulletins/apsb12-22.html"
}, },
{ {
"name" : "86041", "name": "86041",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/86041" "url": "http://osvdb.org/86041"
}, },
{ {
"name" : "adobe-cve20125264-bo(79085)", "name": "adobe-cve20125264-bo(79085)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/79085" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79085"
} }
] ]
} }

128
2012/5xxx/CVE-2012-5574.json
View File

@ -1,116 +1,116 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-5574", "ID": "CVE-2012-5574",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "lib/form/sfForm.class.php in Symfony CMS before 1.4.20 allows remote attackers to read arbitrary files via a crafted upload request." "value": "lib/form/sfForm.class.php in Symfony CMS before 1.4.20 allows remote attackers to read arbitrary files via a crafted upload request."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20121126 Re: CVE Request -- Symfony (php-symfony-symfony) < 1.4.20: Ability to read arbitrary files on the server, readable with the web server privileges", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=880240",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://www.openwall.com/lists/oss-security/2012/11/26/12" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=880240"
}, },
{ {
"name" : "https://bugs.gentoo.org/show_bug.cgi?id=444696", "name": "FEDORA-2012-19235",
"refsource" : "MISC", "refsource": "FEDORA",
"url" : "https://bugs.gentoo.org/show_bug.cgi?id=444696" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093920.html"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=880240", "name": "FEDORA-2012-19076",
"refsource" : "MISC", "refsource": "FEDORA",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=880240" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093698.html"
}, },
{ {
"name" : "http://symfony.com/blog/security-release-symfony-1-4-20-released", "name": "http://symfony.com/blog/security-release-symfony-1-4-20-released",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://symfony.com/blog/security-release-symfony-1-4-20-released" "url": "http://symfony.com/blog/security-release-symfony-1-4-20-released"
}, },
{ {
"name" : "http://trac.symfony-project.org/changeset/33598", "name": "56685",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://trac.symfony-project.org/changeset/33598" "url": "http://www.securityfocus.com/bid/56685"
}, },
{ {
"name" : "FEDORA-2012-19076", "name": "https://bugs.gentoo.org/show_bug.cgi?id=444696",
"refsource" : "FEDORA", "refsource": "MISC",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093698.html" "url": "https://bugs.gentoo.org/show_bug.cgi?id=444696"
}, },
{ {
"name" : "FEDORA-2012-19195", "name": "87869",
"refsource" : "FEDORA", "refsource": "OSVDB",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093922.html" "url": "http://www.osvdb.org/87869"
}, },
{ {
"name" : "FEDORA-2012-19235", "name": "FEDORA-2012-19195",
"refsource" : "FEDORA", "refsource": "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093920.html" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/093922.html"
}, },
{ {
"name" : "56685", "name": "51372",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/56685" "url": "http://secunia.com/advisories/51372"
}, },
{ {
"name" : "87869", "name": "symfony-unspecified-information-disclosure(80309)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://www.osvdb.org/87869" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80309"
}, },
{ {
"name" : "51372", "name": "[oss-security] 20121126 Re: CVE Request -- Symfony (php-symfony-symfony) < 1.4.20: Ability to read arbitrary files on the server, readable with the web server privileges",
"refsource" : "SECUNIA", "refsource": "MLIST",
"url" : "http://secunia.com/advisories/51372" "url": "http://www.openwall.com/lists/oss-security/2012/11/26/12"
}, },
{ {
"name" : "symfony-unspecified-information-disclosure(80309)", "name": "http://trac.symfony-project.org/changeset/33598",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/80309" "url": "http://trac.symfony-project.org/changeset/33598"
} }
] ]
} }

100
2017/3xxx/CVE-2017-3085.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC" : "2017-08-08T00:00:00", "DATE_PUBLIC": "2017-08-08T00:00:00",
"ID" : "CVE-2017-3085", "ID": "CVE-2017-3085",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Flash Player", "product_name": "Flash Player",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "26.0.0.137 and earlier." "version_value": "26.0.0.137 and earlier."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Adobe Systems Incorporated" "vendor_name": "Adobe Systems Incorporated"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect." "value": "Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that leads to information disclosure when performing URL redirect."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Security Bypass" "value": "Security Bypass"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-17-634/", "name": "1039088",
"refsource" : "MISC", "refsource": "SECTRACK",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-17-634/" "url": "http://www.securitytracker.com/id/1039088"
}, },
{ {
"name" : "https://blog.bjornweb.nl/2017/08/flash-remote-sandbox-escape-windows-user-credentials-leak/", "name": "GLSA-201709-16",
"refsource" : "MISC", "refsource": "GENTOO",
"url" : "https://blog.bjornweb.nl/2017/08/flash-remote-sandbox-escape-windows-user-credentials-leak/" "url": "https://security.gentoo.org/glsa/201709-16"
}, },
{ {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb17-23.html", "name": "RHSA-2017:2457",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb17-23.html" "url": "https://access.redhat.com/errata/RHSA-2017:2457"
}, },
{ {
"name" : "GLSA-201709-16", "name": "https://helpx.adobe.com/security/products/flash-player/apsb17-23.html",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "https://security.gentoo.org/glsa/201709-16" "url": "https://helpx.adobe.com/security/products/flash-player/apsb17-23.html"
}, },
{ {
"name" : "RHSA-2017:2457", "name": "http://www.zerodayinitiative.com/advisories/ZDI-17-634/",
"refsource" : "REDHAT", "refsource": "MISC",
"url" : "https://access.redhat.com/errata/RHSA-2017:2457" "url": "http://www.zerodayinitiative.com/advisories/ZDI-17-634/"
}, },
{ {
"name" : "100191", "name": "https://blog.bjornweb.nl/2017/08/flash-remote-sandbox-escape-windows-user-credentials-leak/",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/100191" "url": "https://blog.bjornweb.nl/2017/08/flash-remote-sandbox-escape-windows-user-credentials-leak/"
}, },
{ {
"name" : "1039088", "name": "100191",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1039088" "url": "http://www.securityfocus.com/bid/100191"
} }
] ]
} }

80
2017/3xxx/CVE-2017-3519.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2017-3519", "ID": "CVE-2017-3519",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "PeopleSoft Enterprise PT PeopleTools", "product_name": "PeopleSoft Enterprise PT PeopleTools",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.54" "version_value": "8.54"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.55" "version_value": "8.55"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Security). Supported versions that are affected are 8.54 and 8.55. Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)." "value": "Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Security). Supported versions that are affected are 8.54 and 8.55. Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data." "value": "Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data."
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html" "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
}, },
{ {
"name" : "97885", "name": "1038301",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/97885" "url": "http://www.securitytracker.com/id/1038301"
}, },
{ {
"name" : "1038301", "name": "97885",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1038301" "url": "http://www.securityfocus.com/bid/97885"
} }
] ]
} }

98
2017/3xxx/CVE-2017-3557.json
View File

@ -1,93 +1,93 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2017-3557", "ID": "CVE-2017-3557",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "One-to-One Fulfillment", "product_name": "One-to-One Fulfillment",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.1.3" "version_value": "12.1.3"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.3" "version_value": "12.2.3"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.4" "version_value": "12.2.4"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.5" "version_value": "12.2.5"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.6" "version_value": "12.2.6"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Print Server). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle One-to-One Fulfillment, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle One-to-One Fulfillment accessible data as well as unauthorized update, insert or delete access to some of Oracle One-to-One Fulfillment accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N)." "value": "Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Print Server). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle One-to-One Fulfillment, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle One-to-One Fulfillment accessible data as well as unauthorized update, insert or delete access to some of Oracle One-to-One Fulfillment accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle One-to-One Fulfillment, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle One-to-One Fulfillment accessible data as well as unauthorized update, insert or delete access to some of Oracle One-to-One Fulfillment accessible data." "value": "Easily \"exploitable\" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle One-to-One Fulfillment, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle One-to-One Fulfillment accessible data as well as unauthorized update, insert or delete access to some of Oracle One-to-One Fulfillment accessible data."
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://erpscan.io/advisories/erpscan-17-026-xss-oracle-e-business-suite-jtffmprintserver/", "name": "97773",
"refsource" : "MISC", "refsource": "BID",
"url" : "https://erpscan.io/advisories/erpscan-17-026-xss-oracle-e-business-suite-jtffmprintserver/" "url": "http://www.securityfocus.com/bid/97773"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html" "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
}, },
{ {
"name" : "97773", "name": "1038299",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/97773" "url": "http://www.securitytracker.com/id/1038299"
}, },
{ {
"name" : "1038299", "name": "https://erpscan.io/advisories/erpscan-17-026-xss-oracle-e-business-suite-jtffmprintserver/",
"refsource" : "SECTRACK", "refsource": "MISC",
"url" : "http://www.securitytracker.com/id/1038299" "url": "https://erpscan.io/advisories/erpscan-17-026-xss-oracle-e-business-suite-jtffmprintserver/"
} }
] ]
} }

22
2017/3xxx/CVE-2017-3707.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-3707", "ID": "CVE-2017-3707",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2017/6xxx/CVE-2017-6572.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-6572", "ID": "CVE-2017-6572",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/add_member.php with the GET Parameter: filter_list." "value": "A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects ./inc/lists/add_member.php with the GET Parameter: filter_list."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/hamkovic/Mail-Masta-Wordpress-Plugin", "name": "96783",
"refsource" : "MISC", "refsource": "BID",
"url" : "https://github.com/hamkovic/Mail-Masta-Wordpress-Plugin" "url": "http://www.securityfocus.com/bid/96783"
}, },
{ {
"name" : "96783", "name": "https://github.com/hamkovic/Mail-Masta-Wordpress-Plugin",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/96783" "url": "https://github.com/hamkovic/Mail-Masta-Wordpress-Plugin"
} }
] ]
} }

68
2017/6xxx/CVE-2017-6695.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2017-6695", "ID": "CVE-2017-6695",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco Ultra Services Platform", "product_name": "Cisco Ultra Services Platform",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Cisco Ultra Services Platform" "version_value": "Cisco Ultra Services Platform"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A vulnerability in the ConfD server in Cisco Ultra Services Platform could allow an authenticated, local attacker to view sensitive information. More Information: CSCvd29398. Known Affected Releases: 21.0.v0.65839." "value": "A vulnerability in the ConfD server in Cisco Ultra Services Platform could allow an authenticated, local attacker to view sensitive information. More Information: CSCvd29398. Known Affected Releases: 21.0.v0.65839."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Information Disclosure Vulnerability" "value": "Information Disclosure Vulnerability"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usp2", "name": "98963",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usp2" "url": "http://www.securityfocus.com/bid/98963"
}, },
{ {
"name" : "98963", "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usp2",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/98963" "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usp2"
} }
] ]
} }

74
2017/7xxx/CVE-2017-7033.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2017-7033", "ID": "CVE-2017-7033",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the \"afclip\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted audio file." "value": "An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the \"afclip\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted audio file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/HT207922", "name": "1038951",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://support.apple.com/HT207922" "url": "http://www.securitytracker.com/id/1038951"
}, },
{ {
"name" : "99882", "name": "99882",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/99882" "url": "http://www.securityfocus.com/bid/99882"
}, },
{ {
"name" : "1038951", "name": "https://support.apple.com/HT207922",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1038951" "url": "https://support.apple.com/HT207922"
} }
] ]
} }

104
2017/7xxx/CVE-2017-7081.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2017-7081", "ID": "CVE-2017-7081",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site." "value": "An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/HT208112", "name": "https://support.apple.com/HT208141",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT208112" "url": "https://support.apple.com/HT208141"
}, },
{ {
"name" : "https://support.apple.com/HT208113", "name": "1039384",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://support.apple.com/HT208113" "url": "http://www.securitytracker.com/id/1039384"
}, },
{ {
"name" : "https://support.apple.com/HT208116", "name": "100985",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://support.apple.com/HT208116" "url": "http://www.securityfocus.com/bid/100985"
}, },
{ {
"name" : "https://support.apple.com/HT208141", "name": "https://support.apple.com/HT208142",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT208141" "url": "https://support.apple.com/HT208142"
}, },
{ {
"name" : "https://support.apple.com/HT208142", "name": "https://support.apple.com/HT208113",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT208142" "url": "https://support.apple.com/HT208113"
}, },
{ {
"name" : "100985", "name": "https://support.apple.com/HT208112",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/100985" "url": "https://support.apple.com/HT208112"
}, },
{ {
"name" : "1039384", "name": "1039428",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1039384" "url": "http://www.securitytracker.com/id/1039428"
}, },
{ {
"name" : "1039428", "name": "https://support.apple.com/HT208116",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1039428" "url": "https://support.apple.com/HT208116"
} }
] ]
} }

68
2017/7xxx/CVE-2017-7307.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-7307", "ID": "CVE-2017-7307",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Riverbed RiOS before 9.0.1 does not properly restrict shell access in single-user mode, which makes it easier for physically proximate attackers to obtain root privileges and access decrypted data by replacing the /opt/tms/bin/cli file." "value": "Riverbed RiOS before 9.0.1 does not properly restrict shell access in single-user mode, which makes it easier for physically proximate attackers to obtain root privileges and access decrypted data by replacing the /opt/tms/bin/cli file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://seclists.org/fulldisclosure/2017/Feb/25", "name": "http://seclists.org/fulldisclosure/2017/Feb/25",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://seclists.org/fulldisclosure/2017/Feb/25" "url": "http://seclists.org/fulldisclosure/2017/Feb/25"
}, },
{ {
"name" : "https://supportkb.riverbed.com/support/index?page=content&id=S30065", "name": "https://supportkb.riverbed.com/support/index?page=content&id=S30065",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://supportkb.riverbed.com/support/index?page=content&id=S30065" "url": "https://supportkb.riverbed.com/support/index?page=content&id=S30065"
} }
] ]
} }

68
2017/7xxx/CVE-2017-7387.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-7387", "ID": "CVE-2017-7387",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "TheFirstQuestion/HelpMeWatchWho before 2017-03-28 is vulnerable to a reflected XSS in HelpMeWatchWho-master/unaired.php (episodeID parameter)." "value": "TheFirstQuestion/HelpMeWatchWho before 2017-03-28 is vulnerable to a reflected XSS in HelpMeWatchWho-master/unaired.php (episodeID parameter)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/TheFirstQuestion/HelpMeWatchWho/issues/1", "name": "https://github.com/TheFirstQuestion/HelpMeWatchWho/issues/1",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/TheFirstQuestion/HelpMeWatchWho/issues/1" "url": "https://github.com/TheFirstQuestion/HelpMeWatchWho/issues/1"
}, },
{ {
"name" : "97309", "name": "97309",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/97309" "url": "http://www.securityfocus.com/bid/97309"
} }
] ]
} }

74
2017/7xxx/CVE-2017-7553.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2017-7553", "ID": "CVE-2017-7553",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The external_request api call in App Studio (millicore) allows server side request forgery (SSRF). An attacker could use this flaw to probe the network internal resources, and access restricted endpoints." "value": "The external_request api call in App Studio (millicore) allows server side request forgery (SSRF). An attacker could use this flaw to probe the network internal resources, and access restricted endpoints."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1478792", "name": "RHSA-2017:2674",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1478792" "url": "https://access.redhat.com/errata/RHSA-2017:2674"
}, },
{ {
"name" : "RHSA-2017:2674", "name": "RHSA-2017:2675",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:2674" "url": "https://access.redhat.com/errata/RHSA-2017:2675"
}, },
{ {
"name" : "RHSA-2017:2675", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1478792",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "https://access.redhat.com/errata/RHSA-2017:2675" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478792"
} }
] ]
} }

82
2017/7xxx/CVE-2017-7821.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@mozilla.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2017-7821", "ID": "CVE-2017-7821",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Firefox", "product_name": "Firefox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "56" "version_value": "56"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Mozilla" "vendor_name": "Mozilla"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A vulnerability where WebExtensions can download and attempt to open a file of some non-executable file types. This can be triggered without specific user interaction for the file download and open actions. This could be used to trigger known vulnerabilities in the programs that handle those document types. This vulnerability affects Firefox < 56." "value": "A vulnerability where WebExtensions can download and attempt to open a file of some non-executable file types. This can be triggered without specific user interaction for the file download and open actions. This could be used to trigger known vulnerabilities in the programs that handle those document types. This vulnerability affects Firefox < 56."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "WebExtensions can download and open non-executable files without user interaction" "value": "WebExtensions can download and open non-executable files without user interaction"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1346515", "name": "1039465",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1346515" "url": "http://www.securitytracker.com/id/1039465"
}, },
{ {
"name" : "https://www.mozilla.org/security/advisories/mfsa2017-21/", "name": "https://www.mozilla.org/security/advisories/mfsa2017-21/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2017-21/" "url": "https://www.mozilla.org/security/advisories/mfsa2017-21/"
}, },
{ {
"name" : "101057", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1346515",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/101057" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1346515"
}, },
{ {
"name" : "1039465", "name": "101057",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1039465" "url": "http://www.securityfocus.com/bid/101057"
} }
] ]
} }

86
2017/7xxx/CVE-2017-7867.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-7867", "ID": "CVE-2017-7867",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function." "value": "International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://bugs.icu-project.org/trac/changeset/39671", "name": "http://bugs.icu-project.org/trac/changeset/39671",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://bugs.icu-project.org/trac/changeset/39671" "url": "http://bugs.icu-project.org/trac/changeset/39671"
}, },
{ {
"name" : "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=213", "name": "DSA-3830",
"refsource" : "MISC", "refsource": "DEBIAN",
"url" : "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=213" "url": "http://www.debian.org/security/2017/dsa-3830"
}, },
{ {
"name" : "DSA-3830", "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=213",
"refsource" : "DEBIAN", "refsource": "MISC",
"url" : "http://www.debian.org/security/2017/dsa-3830" "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=213"
}, },
{ {
"name" : "GLSA-201710-03", "name": "GLSA-201710-03",
"refsource" : "GENTOO", "refsource": "GENTOO",
"url" : "https://security.gentoo.org/glsa/201710-03" "url": "https://security.gentoo.org/glsa/201710-03"
}, },
{ {
"name" : "97672", "name": "97672",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/97672" "url": "http://www.securityfocus.com/bid/97672"
} }
] ]
} }

64
2017/8xxx/CVE-2017-8117.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@huawei.com", "ASSIGNER": "psirt@huawei.com",
"DATE_PUBLIC" : "2017-11-15T00:00:00", "DATE_PUBLIC": "2017-11-15T00:00:00",
"ID" : "CVE-2017-8117", "ID": "CVE-2017-8117",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "UMA", "product_name": "UMA",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "V200R001 and V300R001" "version_value": "V200R001 and V300R001"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Huawei Technologies Co., Ltd." "vendor_name": "Huawei Technologies Co., Ltd."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges." "value": "The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "privilege elevation" "value": "privilege elevation"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170612-01-uma-en", "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170612-01-uma-en",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170612-01-uma-en" "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170612-01-uma-en"
} }
] ]
} }

62
2017/8xxx/CVE-2017-8400.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-8400", "ID": "CVE-2017-8400",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in the function png_load() in lib/png.c:755. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS; it might cause arbitrary code execution." "value": "In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in the function png_load() in lib/png.c:755. This issue can be triggered by a malformed PNG file that is mishandled by png2swf. Attackers could exploit this issue for DoS; it might cause arbitrary code execution."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/matthiaskramm/swftools/issues/13", "name": "https://github.com/matthiaskramm/swftools/issues/13",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/matthiaskramm/swftools/issues/13" "url": "https://github.com/matthiaskramm/swftools/issues/13"
} }
] ]
} }

22
2018/10xxx/CVE-2018-10543.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10543", "ID": "CVE-2018-10543",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/10xxx/CVE-2018-10558.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10558", "ID": "CVE-2018-10558",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/13xxx/CVE-2018-13143.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13143", "ID": "CVE-2018-13143",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2018/13xxx/CVE-2018-13166.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13166", "ID": "CVE-2018-13166",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The mintToken function of a smart contract implementation for AthletiCoin (ATHA), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value." "value": "The mintToken function of a smart contract implementation for AthletiCoin (ATHA), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", "name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/AthletiCoin",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" "url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/AthletiCoin"
}, },
{ {
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/AthletiCoin", "name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/AthletiCoin" "url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md"
} }
] ]
} }

62
2018/13xxx/CVE-2018-13893.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"ID" : "CVE-2018-13893", "ID": "CVE-2018-13893",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", "product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Out of bound mask range access caused by using possible old value of msg mask table count while copying masks to userspace." "value": "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Out of bound mask range access caused by using possible old value of msg mask table count while copying masks to userspace."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Untrusted Pointer Dereference in DIAG Services" "value": "Untrusted Pointer Dereference in DIAG Services"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.codeaurora.org/security-bulletin/2019/01/07/january-2019-code-aurora-security-bulletin", "name": "https://www.codeaurora.org/security-bulletin/2019/01/07/january-2019-code-aurora-security-bulletin",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.codeaurora.org/security-bulletin/2019/01/07/january-2019-code-aurora-security-bulletin" "url": "https://www.codeaurora.org/security-bulletin/2019/01/07/january-2019-code-aurora-security-bulletin"
} }
] ]
} }

22
2018/13xxx/CVE-2018-13995.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13995", "ID": "CVE-2018-13995",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2018/17xxx/CVE-2018-17064.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17064", "ID": "CVE-2018-17064",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/sylogapply route. This could lead to command injection via the syslogIp parameter after /goform/clearlog is invoked." "value": "An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/sylogapply route. This could lead to command injection via the syslogIp parameter after /goform/clearlog is invoked."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/PAGalaxyLab/VulInfo/tree/master/D-Link/DIR-816/cmd_injection_2", "name": "https://github.com/PAGalaxyLab/VulInfo/tree/master/D-Link/DIR-816/cmd_injection_2",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/PAGalaxyLab/VulInfo/tree/master/D-Link/DIR-816/cmd_injection_2" "url": "https://github.com/PAGalaxyLab/VulInfo/tree/master/D-Link/DIR-816/cmd_injection_2"
} }
] ]
} }

22
2018/17xxx/CVE-2018-17163.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-17163", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2018-17163",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none."
} }
] ]
} }

22
2018/17xxx/CVE-2018-17851.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-17851", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2018-17851",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
} }
] ]
} }

22
2018/17xxx/CVE-2018-17990.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17990", "ID": "CVE-2018-17990",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2018/20xxx/CVE-2018-20533.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-20533", "ID": "CVE-2018-20533",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service." "value": "There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1652599", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1652599",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1652599" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1652599"
}, },
{ {
"name" : "https://github.com/openSUSE/libsolv/pull/291", "name": "https://github.com/openSUSE/libsolv/pull/291",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/openSUSE/libsolv/pull/291" "url": "https://github.com/openSUSE/libsolv/pull/291"
} }
] ]
} }

80
2018/20xxx/CVE-2018-20549.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-20549", "ID": "CVE-2018-20549",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19." "value": "There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[debian-lts-announce] 20190109 [SECURITY] [DLA 1631-1] libcaca security update", "name": "USN-3860-2",
"refsource" : "MLIST", "refsource": "UBUNTU",
"url" : "https://lists.debian.org/debian-lts-announce/2019/01/msg00007.html" "url": "https://usn.ubuntu.com/3860-2/"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1652628", "name": "[debian-lts-announce] 20190109 [SECURITY] [DLA 1631-1] libcaca security update",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1652628" "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00007.html"
}, },
{ {
"name" : "USN-3860-1", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1652628",
"refsource" : "UBUNTU", "refsource": "MISC",
"url" : "https://usn.ubuntu.com/3860-1/" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1652628"
}, },
{ {
"name" : "USN-3860-2", "name": "USN-3860-1",
"refsource" : "UBUNTU", "refsource": "UBUNTU",
"url" : "https://usn.ubuntu.com/3860-2/" "url": "https://usn.ubuntu.com/3860-1/"
} }
] ]
} }

62
2018/9xxx/CVE-2018-9135.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9135", "ID": "CVE-2018-9135",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c." "value": "In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/ImageMagick/ImageMagick/issues/1009", "name": "https://github.com/ImageMagick/ImageMagick/issues/1009",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/ImageMagick/ImageMagick/issues/1009" "url": "https://github.com/ImageMagick/ImageMagick/issues/1009"
} }
] ]
} }

68
2018/9xxx/CVE-2018-9248.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9248", "ID": "CVE-2018-9248",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass via a \"Cookie: Name=0admin\" header." "value": "FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass via a \"Cookie: Name=0admin\" header."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "44413", "name": "44413",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/44413/" "url": "https://www.exploit-db.com/exploits/44413/"
}, },
{ {
"name" : "https://gist.github.com/pak0s/cd7ac9c2ee659138816f92693d2df602", "name": "https://gist.github.com/pak0s/cd7ac9c2ee659138816f92693d2df602",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://gist.github.com/pak0s/cd7ac9c2ee659138816f92693d2df602" "url": "https://gist.github.com/pak0s/cd7ac9c2ee659138816f92693d2df602"
} }
] ]
} }

22
2018/9xxx/CVE-2018-9761.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9761", "ID": "CVE-2018-9761",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }