admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 11:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-13 04:00:45 +00:00
parent a8c6ad0a0c
commit 2ffd22c369
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
33 changed files with 1346 additions and 1666 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

221
2012/3xxx/CVE-2012-3494.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3494",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,132 +27,156 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "55082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55082"
},
{
"name": "50530",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50530"
},
{
"name": "51413",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51413"
},
{
"name": "GLSA-201309-24",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "SUSE-SU-2012:1135",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00005.html"
},
{
"name": "http://wiki.xen.org/wiki/Security_Announcements#XSA-12_hypercall_set_debugreg_vulnerability",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html",
"refsource": "MISC",
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-12_hypercall_set_debugreg_vulnerability"
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=851139",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851139"
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html"
},
{
"name": "openSUSE-SU-2012:1572",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
"url": "http://secunia.com/advisories/55082",
"refsource": "MISC",
"name": "http://secunia.com/advisories/55082"
},
{
"name": "50472",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50472"
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "55400",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55400"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00001.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00001.html"
},
{
"name": "[oss-security] 20120905 Xen Security Advisory 12 (CVE-2012-3494) - hypercall set_debugreg vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/5"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"name": "SUSE-SU-2012:1162",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"name": "openSUSE-SU-2012:1174",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00005.html"
},
{
"name": "GLSA-201604-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-03"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html"
},
{
"name": "xen-setdebugreg-dos(78265)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78265"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"name": "SUSE-SU-2012:1132",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"name": "http://support.citrix.com/article/CTX134708",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX134708"
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00000.html",
"refsource": "MISC",
"name": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00000.html"
},
{
"name": "[Xen-announce] 20120905 Xen Security Advisory 12 (CVE-2012-3494) - hypercall set_debugreg vulnerability",
"refsource": "MLIST",
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00000.html"
"url": "http://osvdb.org/85197",
"refsource": "MISC",
"name": "http://osvdb.org/85197"
},
{
"name": "SUSE-SU-2012:1129",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00001.html"
"url": "http://secunia.com/advisories/50472",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50472"
},
{
"name": "SUSE-SU-2012:1133",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
"url": "http://secunia.com/advisories/50530",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50530"
},
{
"name": "85197",
"refsource": "OSVDB",
"url": "http://osvdb.org/85197"
"url": "http://secunia.com/advisories/51413",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51413"
},
{
"name": "1027479",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027479"
"url": "http://support.citrix.com/article/CTX134708",
"refsource": "MISC",
"name": "http://support.citrix.com/article/CTX134708"
},
{
"name": "openSUSE-SU-2012:1573",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-12_hypercall_set_debugreg_vulnerability",
"refsource": "MISC",
"name": "http://wiki.xen.org/wiki/Security_Announcements#XSA-12_hypercall_set_debugreg_vulnerability"
},
{
"name": "openSUSE-SU-2012:1172",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
"url": "http://www.debian.org/security/2012/dsa-2544",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2544"
},
{
"name": "DSA-2544",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2544"
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/05/5"
},
{
"url": "http://www.securityfocus.com/bid/55400",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55400"
},
{
"url": "http://www.securitytracker.com/id?1027479",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1027479"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78265",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78265"
},
{
"url": "https://security.gentoo.org/glsa/201604-03",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201604-03"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851139",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=851139"
}
]
}

151
2012/3xxx/CVE-2012-3495.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3495",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,87 +27,111 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "55082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55082"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
},
{
"name": "http://xenbits.xen.org/hg/xen-4.1-testing.hg/rev/6779ddca8593",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/hg/xen-4.1-testing.hg/rev/6779ddca8593"
"url": "http://secunia.com/advisories/55082",
"refsource": "MISC",
"name": "http://secunia.com/advisories/55082"
},
{
"name": "[Xen-announce] 20120905 Xen Security Advisory 13 (CVE-2012-3495) - hypercall physdev_get_free_pirq vulnerability",
"refsource": "MLIST",
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00001.html"
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "51413",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51413"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"name": "GLSA-201309-24",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"name": "http://wiki.xen.org/wiki/Security_Announcements#XSA-13_hypercall_physdev_get_free_pirq_vulnerability",
"refsource": "CONFIRM",
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-13_hypercall_physdev_get_free_pirq_vulnerability"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"name": "openSUSE-SU-2012:1572",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"name": "55406",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55406"
"url": "http://secunia.com/advisories/51413",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51413"
},
{
"name": "1027480",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027480"
"url": "http://support.citrix.com/article/CTX134708",
"refsource": "MISC",
"name": "http://support.citrix.com/article/CTX134708"
},
{
"name": "GLSA-201604-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-03"
"url": "https://security.gentoo.org/glsa/201604-03",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "SUSE-SU-2012:1132",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00001.html",
"refsource": "MISC",
"name": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00001.html"
},
{
"name": "http://support.citrix.com/article/CTX134708",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX134708"
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-13_hypercall_physdev_get_free_pirq_vulnerability",
"refsource": "MISC",
"name": "http://wiki.xen.org/wiki/Security_Announcements#XSA-13_hypercall_physdev_get_free_pirq_vulnerability"
},
{
"name": "[oss-security] 20120905 Xen Security Advisory 13 (CVE-2012-3495) - hypercall physdev_get_free_pirq vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/6"
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/05/6"
},
{
"name": "SUSE-SU-2012:1133",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
"url": "http://www.securityfocus.com/bid/55406",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55406"
},
{
"name": "openSUSE-SU-2012:1573",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
"url": "http://www.securitytracker.com/id?1027480",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1027480"
},
{
"name": "openSUSE-SU-2012:1172",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
"url": "http://xenbits.xen.org/hg/xen-4.1-testing.hg/rev/6779ddca8593",
"refsource": "MISC",
"name": "http://xenbits.xen.org/hg/xen-4.1-testing.hg/rev/6779ddca8593"
}
]
}

207
2012/3xxx/CVE-2012-3496.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3496",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,122 +27,146 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "55082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55082"
},
{
"name": "50530",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50530"
},
{
"name": "51413",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51413"
},
{
"name": "GLSA-201309-24",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=854590",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=854590"
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
},
{
"name": "1027481",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1027481"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html"
},
{
"name": "openSUSE-SU-2012:1572",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
"url": "http://secunia.com/advisories/55082",
"refsource": "MISC",
"name": "http://secunia.com/advisories/55082"
},
{
"name": "50472",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50472"
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "xen-xenmempopulatephysmap-dos(78267)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78267"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"name": "[oss-security] 20120905 Xen Security Advisory 14 (CVE-2012-3496) - XENMEM_populate_physmap DoS vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/7"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"name": "[Xen-announce] 20120905 Xen Security Advisory 14 (CVE-2012-3496) - XENMEM_populate_physmap DoS vulnerability",
"refsource": "MLIST",
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00002.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html"
},
{
"name": "55412",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55412"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"name": "85200",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/85200"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"name": "SUSE-SU-2012:1162",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html"
"url": "http://secunia.com/advisories/50472",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50472"
},
{
"name": "openSUSE-SU-2012:1174",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html"
"url": "http://secunia.com/advisories/50530",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50530"
},
{
"name": "GLSA-201604-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-03"
"url": "http://secunia.com/advisories/51413",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51413"
},
{
"name": "SUSE-SU-2012:1132",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
"url": "http://support.citrix.com/article/CTX134708",
"refsource": "MISC",
"name": "http://support.citrix.com/article/CTX134708"
},
{
"name": "http://support.citrix.com/article/CTX134708",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX134708"
"url": "http://www.debian.org/security/2012/dsa-2544",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2544"
},
{
"name": "SUSE-SU-2012:1133",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
"url": "https://security.gentoo.org/glsa/201604-03",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "openSUSE-SU-2012:1573",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00002.html",
"refsource": "MISC",
"name": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00002.html"
},
{
"name": "http://wiki.xen.org/wiki/Security_Announcements#XSA-14_XENMEM_populate_physmap_DoS_vulnerability",
"refsource": "CONFIRM",
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-14_XENMEM_populate_physmap_DoS_vulnerability"
"url": "http://securitytracker.com/id?1027481",
"refsource": "MISC",
"name": "http://securitytracker.com/id?1027481"
},
{
"name": "openSUSE-SU-2012:1172",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-14_XENMEM_populate_physmap_DoS_vulnerability",
"refsource": "MISC",
"name": "http://wiki.xen.org/wiki/Security_Announcements#XSA-14_XENMEM_populate_physmap_DoS_vulnerability"
},
{
"name": "DSA-2544",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2544"
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/7",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/05/7"
},
{
"url": "http://www.osvdb.org/85200",
"refsource": "MISC",
"name": "http://www.osvdb.org/85200"
},
{
"url": "http://www.securityfocus.com/bid/55412",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55412"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=854590",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=854590"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78267",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78267"
}
]
}

169
2012/3xxx/CVE-2012-3497.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3497",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,102 +27,126 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "55082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55082"
"url": "http://secunia.com/advisories/55082",
"refsource": "MISC",
"name": "http://secunia.com/advisories/55082"
},
{
"name": "1027482",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027482"
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities",
"refsource": "CONFIRM",
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"name": "51413",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51413"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"name": "GLSA-201309-24",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
"url": "http://secunia.com/advisories/50472",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50472"
},
{
"name": "55410",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55410"
"url": "http://secunia.com/advisories/51413",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51413"
},
{
"name": "SUSE-SU-2012:1486",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html"
"url": "https://security.gentoo.org/glsa/201604-03",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "[oss-security] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/8"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00008.html"
},
{
"name": "xen-tmem-priv-esc(78268)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78268"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html"
},
{
"name": "85199",
"refsource": "OSVDB",
"url": "http://osvdb.org/85199"
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
},
{
"name": "[Xen-announce] 20120905 Xen Security Advisory 15 (CVE-2012-3497) - multiple TMEM hypercall vulnerabilities",
"refsource": "MLIST",
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html"
"url": "http://secunia.com/advisories/51324",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51324"
},
{
"name": "openSUSE-SU-2012:1572",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
"url": "http://secunia.com/advisories/51352",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51352"
},
{
"name": "50472",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50472"
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html",
"refsource": "MISC",
"name": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html"
},
{
"name": "SUSE-SU-2012:1487",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00009.html"
"url": "http://osvdb.org/85199",
"refsource": "MISC",
"name": "http://osvdb.org/85199"
},
{
"name": "SUSE-SU-2014:0446",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities",
"refsource": "MISC",
"name": "http://wiki.xen.org/wiki/Security_Announcements#XSA-15_multiple_TMEM_hypercall_vulnerabilities"
},
{
"name": "51352",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51352"
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/8",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/05/8"
},
{
"name": "51324",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51324"
"url": "http://www.securityfocus.com/bid/55410",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55410"
},
{
"name": "GLSA-201604-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-03"
"url": "http://www.securitytracker.com/id?1027482",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1027482"
},
{
"name": "openSUSE-SU-2012:1573",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78268",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78268"
}
]
}

241
2012/3xxx/CVE-2012-3498.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3498",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,107 +27,131 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "55082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55082"
},
{
"name": "50530",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50530"
},
{
"name": "51413",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51413"
},
{
"name": "GLSA-201309-24",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "55414",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55414"
},
{
"name": "http://wiki.xen.org/wiki/Security_Announcements#XSA-16_PHYSDEVOP_map_pirq_index_vulnerability",
"refsource": "CONFIRM",
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-16_PHYSDEVOP_map_pirq_index_vulnerability"
},
{
"name": "openSUSE-SU-2012:1572",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"name": "50472",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50472"
},
{
"name": "[Xen-announce] 20120905 Xen Security Advisory 16 (CVE-2012-3498) - PHYSDEVOP_map_pirq index vulnerability",
"refsource": "MLIST",
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00005.html"
},
{
"name": "85198",
"refsource": "OSVDB",
"url": "http://osvdb.org/85198"
},
{
"name": "GLSA-201604-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "xen-physdevopmappirq-dos(78269)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78269"
},
{
"name": "SUSE-SU-2012:1132",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"name": "http://support.citrix.com/article/CTX134708",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX134708"
},
{
"name": "SUSE-SU-2012:1133",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"name": "openSUSE-SU-2012:1573",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"name": "[oss-security] 20120905 Xen Security Advisory 16 (CVE-2012-3498) - PHYSDEVOP_map_pirq index vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/9"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=851193",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851193"
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
},
{
"name": "openSUSE-SU-2012:1172",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
"url": "http://secunia.com/advisories/55082",
"refsource": "MISC",
"name": "http://secunia.com/advisories/55082"
},
{
"name": "1027483",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1027483"
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html"
},
{
"url": "http://secunia.com/advisories/50472",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50472"
},
{
"url": "http://secunia.com/advisories/50530",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50530"
},
{
"url": "http://secunia.com/advisories/51413",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51413"
},
{
"url": "http://support.citrix.com/article/CTX134708",
"refsource": "MISC",
"name": "http://support.citrix.com/article/CTX134708"
},
{
"url": "https://security.gentoo.org/glsa/201604-03",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201604-03"
},
{
"url": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00005.html",
"refsource": "MISC",
"name": "http://lists.xen.org/archives/html/xen-announce/2012-09/msg00005.html"
},
{
"url": "http://osvdb.org/85198",
"refsource": "MISC",
"name": "http://osvdb.org/85198"
},
{
"url": "http://securitytracker.com/id?1027483",
"refsource": "MISC",
"name": "http://securitytracker.com/id?1027483"
},
{
"url": "http://wiki.xen.org/wiki/Security_Announcements#XSA-16_PHYSDEVOP_map_pirq_index_vulnerability",
"refsource": "MISC",
"name": "http://wiki.xen.org/wiki/Security_Announcements#XSA-16_PHYSDEVOP_map_pirq_index_vulnerability"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/09/05/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/05/9"
},
{
"url": "http://www.securityfocus.com/bid/55414",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55414"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78269",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78269"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851193",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=851193"
}
]
}

163
2012/3xxx/CVE-2012-3500.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3500",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,82 +27,106 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commit;h=4d23a5e6c90f7a37b0972b30f5d31dce97a93eb0",
"refsource": "CONFIRM",
"url": "http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commit;h=4d23a5e6c90f7a37b0972b30f5d31dce97a93eb0"
},
{
"name": "MDVSA-2013:123",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:123"
},
{
"name": "rpmdevtools-toctou-symlink(78230)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78230"
},
{
"name": "55358",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55358"
},
{
"name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0316",
"refsource": "CONFIRM",
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0316"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=848022",
"url": "http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git%3Ba=commit%3Bh=4d23a5e6c90f7a37b0972b30f5d31dce97a93eb0",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848022"
"name": "http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git%3Ba=commit%3Bh=4d23a5e6c90f7a37b0972b30f5d31dce97a93eb0"
},
{
"name": "FEDORA-2012-13208",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087335.html"
"url": "http://git.fedorahosted.org/cgit/rpmdevtools.git/commit/?id=90b4400c2ab2e80cecfd8dfdf031536376ed2cdb",
"refsource": "MISC",
"name": "http://git.fedorahosted.org/cgit/rpmdevtools.git/commit/?id=90b4400c2ab2e80cecfd8dfdf031536376ed2cdb"
},
{
"name": "DSA-2549",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2549"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086138.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086138.html"
},
{
"name": "FEDORA-2012-13263",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086159.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086159.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086159.html"
},
{
"name": "http://git.fedorahosted.org/cgit/rpmdevtools.git/commit/?id=90b4400c2ab2e80cecfd8dfdf031536376ed2cdb",
"refsource": "CONFIRM",
"url": "http://git.fedorahosted.org/cgit/rpmdevtools.git/commit/?id=90b4400c2ab2e80cecfd8dfdf031536376ed2cdb"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087335.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087335.html"
},
{
"name": "50600",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50600"
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00000.html"
},
{
"name": "FEDORA-2012-13234",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086138.html"
"url": "http://secunia.com/advisories/50600",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50600"
},
{
"name": "USN-1593-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1593-1"
"url": "http://www.debian.org/security/2012/dsa-2549",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2549"
},
{
"name": "[oss-security] 20120831 [Notification] CVE-2012-3500 - rpmdevtools, devscripts: TOCTOU race condition in annotate-output",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/08/31/7"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:123",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:123"
},
{
"name": "openSUSE-SU-2012:1437",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00000.html"
"url": "http://www.openwall.com/lists/oss-security/2012/08/31/7",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/08/31/7"
},
{
"url": "http://www.securityfocus.com/bid/55358",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55358"
},
{
"url": "http://www.ubuntu.com/usn/USN-1593-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1593-1"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78230",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78230"
},
{
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0316",
"refsource": "MISC",
"name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0316"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848022",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=848022"
}
]
}

103
2013/0xxx/CVE-2013-0349.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-0349",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.6",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.6"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0744.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0744.html"
},
{
"name": "USN-1805-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1805-1"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.6",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.6"
},
{
"name": "USN-1808-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1808-1"
"url": "http://www.ubuntu.com/usn/USN-1805-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1805-1"
},
{
"name": "[oss-security] 20130222 Re: CVE request: Linux kernel: Bluetooth HIDP information disclosure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/02/23/3"
"url": "http://www.ubuntu.com/usn/USN-1808-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1808-1"
},
{
"name": "RHSA-2013:0744",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0744.html"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0a9ab9bdb3e891762553f667066190c1d22ad62b",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0a9ab9bdb3e891762553f667066190c1d22ad62b"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=914298",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=914298"
"url": "http://www.openwall.com/lists/oss-security/2013/02/23/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/02/23/3"
},
{
"name": "https://github.com/torvalds/linux/commit/0a9ab9bdb3e891762553f667066190c1d22ad62b",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/0a9ab9bdb3e891762553f667066190c1d22ad62b"
"url": "https://github.com/torvalds/linux/commit/0a9ab9bdb3e891762553f667066190c1d22ad62b",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/0a9ab9bdb3e891762553f667066190c1d22ad62b"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=0a9ab9bdb3e891762553f667066190c1d22ad62b",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=0a9ab9bdb3e891762553f667066190c1d22ad62b"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=914298",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=914298"
}
]
}

52
2013/1xxx/CVE-2013-1763.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-1763 kernel: sock_diag: out-of-bounds access to sock_diag_handlers[]"
"value": "Array index error in the __sock_diag_rcv_msg function in net/core/sock_diag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise MRG 2",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.6.11-rt30.25.el6rt",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -59,11 +58,6 @@
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:176"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0622",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0622"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html",
"refsource": "MISC",
@ -120,44 +114,14 @@
"name": "http://www.ubuntu.com/usn/USN-1751-1"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-1763",
"url": "https://github.com/torvalds/linux/commit/6e601a53566d84e1ffd25e7b6fe0b6894ffd79c0",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-1763"
"name": "https://github.com/torvalds/linux/commit/6e601a53566d84e1ffd25e7b6fe0b6894ffd79c0"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=915052",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=915052"
},
{
"url": "https://github.com/torvalds/linux/commit/6e601a53566d84e1ffd25e7b6fe0b6894ffd79c0",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/6e601a53566d84e1ffd25e7b6fe0b6894ffd79c0"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

91
2013/1xxx/CVE-2013-1764.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1764",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,37 +27,61 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20130225 Re: CVE Request: PackageKit\"update\" allows downgrade of packages when using the \"zypp\" backend",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/02/25/20"
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00026.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00026.html"
},
{
"name": "https://gitorious.org/packagekit/packagekit/source/NEWS",
"refsource": "CONFIRM",
"url": "https://gitorious.org/packagekit/packagekit/source/NEWS"
"url": "http://www.openwall.com/lists/oss-security/2013/02/25/20",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/02/25/20"
},
{
"name": "https://bugs.freedesktop.org/show_bug.cgi?id=61231",
"refsource": "CONFIRM",
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=61231"
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=61231",
"refsource": "MISC",
"name": "https://bugs.freedesktop.org/show_bug.cgi?id=61231"
},
{
"name": "openSUSE-SU-2013:0889",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00026.html"
"url": "https://bugzilla.novell.com/show_bug.cgi?id=804983",
"refsource": "MISC",
"name": "https://bugzilla.novell.com/show_bug.cgi?id=804983"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=804983",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=804983"
"url": "https://gitorious.org/packagekit/packagekit/commit/d3d14631042237bcfe6fb30a60e59bb6d94af425",
"refsource": "MISC",
"name": "https://gitorious.org/packagekit/packagekit/commit/d3d14631042237bcfe6fb30a60e59bb6d94af425"
},
{
"name": "https://gitorious.org/packagekit/packagekit/commit/d3d14631042237bcfe6fb30a60e59bb6d94af425",
"refsource": "CONFIRM",
"url": "https://gitorious.org/packagekit/packagekit/commit/d3d14631042237bcfe6fb30a60e59bb6d94af425"
"url": "https://gitorious.org/packagekit/packagekit/source/NEWS",
"refsource": "MISC",
"name": "https://gitorious.org/packagekit/packagekit/source/NEWS"
}
]
}

100
2013/1xxx/CVE-2013-1767.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-1767 Kernel: tmpfs: fix use-after-free of mempolicy object"
"value": "Use-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service (system crash) by remounting a tmpfs filesystem without specifying a required mpol (aka mempolicy) mount option."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Use After Free",
"cweId": "CWE-416"
"value": "n/a"
}
]
}
@ -32,49 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-358.6.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.2 EUS - Server and Compute Node Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-220.38.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.3 EUS - Server and Compute Node Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-279.31.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "0:3.6.11.2-rt33.39.el6rt",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -107,16 +73,6 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0928.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0882",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0882"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0928",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0928"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html",
"refsource": "MISC",
@ -127,16 +83,6 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0744.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0744",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0744"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0829",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0829"
},
{
"url": "http://www.ubuntu.com/usn/USN-1795-1",
"refsource": "MISC",
@ -198,44 +144,14 @@
"name": "http://www.ubuntu.com/usn/USN-1798-1"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-1767",
"url": "https://github.com/torvalds/linux/commit/5f00110f7273f9ff04ac69a5f85bb535a4fd0987",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-1767"
"name": "https://github.com/torvalds/linux/commit/5f00110f7273f9ff04ac69a5f85bb535a4fd0987"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=915592",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=915592"
},
{
"url": "https://github.com/torvalds/linux/commit/5f00110f7273f9ff04ac69a5f85bb535a4fd0987",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/5f00110f7273f9ff04ac69a5f85bb535a4fd0987"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
]
}

97
2013/1xxx/CVE-2013-1770.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1770",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20130226 Re: CVE request: XSS flaws fixed in ganglia",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/02/26/11"
"url": "http://secunia.com/advisories/52673",
"refsource": "MISC",
"name": "http://secunia.com/advisories/52673"
},
{
"name": "https://github.com/ganglia/ganglia-web/commit/552965f33bf79d41ccbec3f1f26840c8bab54ad6",
"refsource": "CONFIRM",
"url": "https://github.com/ganglia/ganglia-web/commit/552965f33bf79d41ccbec3f1f26840c8bab54ad6"
"url": "http://www.openwall.com/lists/oss-security/2013/02/21/12",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/02/21/12"
},
{
"name": "ganglia-viewsview-xss(82468)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82468"
"url": "http://www.openwall.com/lists/oss-security/2013/02/26/11",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/02/26/11"
},
{
"name": "[oss-security] 20130221 Re: CVE request: XSS flaws fixed in ganglia",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/02/21/12"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82468",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82468"
},
{
"name": "52673",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/52673"
"url": "https://github.com/ganglia/ganglia-web/commit/552965f33bf79d41ccbec3f1f26840c8bab54ad6",
"refsource": "MISC",
"name": "https://github.com/ganglia/ganglia-web/commit/552965f33bf79d41ccbec3f1f26840c8bab54ad6"
},
{
"name": "https://github.com/ganglia/ganglia-web/issues/160",
"refsource": "CONFIRM",
"url": "https://github.com/ganglia/ganglia-web/issues/160"
"url": "https://github.com/ganglia/ganglia-web/issues/160",
"refsource": "MISC",
"name": "https://github.com/ganglia/ganglia-web/issues/160"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=892823",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=892823"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=892823",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=892823"
}
]
}

85
2013/1xxx/CVE-2013-1772.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1772",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/ce0030c00f95cf9110d9cdcd41e901e1fb814417",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/ce0030c00f95cf9110d9cdcd41e901e1fb814417"
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html"
},
{
"name": "openSUSE-SU-2013:1187",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.33",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.33"
},
{
"name": "[oss-security] 20130226 Re: CVE request -- Linux kernel: call_console_drivers() Function Log Prefix Stripping buffer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/02/26/9"
"url": "http://www.openwall.com/lists/oss-security/2013/02/26/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/02/26/9"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=916075",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916075"
"url": "https://github.com/torvalds/linux/commit/ce0030c00f95cf9110d9cdcd41e901e1fb814417",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/ce0030c00f95cf9110d9cdcd41e901e1fb814417"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.33",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.33"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916075",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=916075"
}
]
}

121
2013/1xxx/CVE-2013-1773.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1773",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=916115",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916115"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0928.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0928.html"
},
{
"name": "RHSA-2013:0928",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0928.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0744.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0744.html"
},
{
"name": "[oss-security] 20130226 Re: CVE request - Linux kernel: VFAT slab-based buffer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/02/26/8"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1026.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1026.html"
},
{
"name": "https://github.com/torvalds/linux/commit/0720a06a7518c9d0c0125bd5d1f3b6264c55c3dd",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/0720a06a7518c9d0c0125bd5d1f3b6264c55c3dd"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.3.bz2",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.3.bz2"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=0720a06a7518c9d0c0125bd5d1f3b6264c55c3dd",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=0720a06a7518c9d0c0125bd5d1f3b6264c55c3dd"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0720a06a7518c9d0c0125bd5d1f3b6264c55c3dd",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0720a06a7518c9d0c0125bd5d1f3b6264c55c3dd"
},
{
"name": "23248",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/23248/"
"url": "http://www.exploit-db.com/exploits/23248/",
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/23248/"
},
{
"name": "RHSA-2013:0744",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0744.html"
"url": "http://www.openwall.com/lists/oss-security/2013/02/26/8",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/02/26/8"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.3.bz2",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/patch-3.3.bz2"
"url": "http://www.osvdb.org/88310",
"refsource": "MISC",
"name": "http://www.osvdb.org/88310"
},
{
"name": "58200",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/58200"
"url": "http://www.securityfocus.com/bid/58200",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/58200"
},
{
"name": "88310",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/88310"
"url": "https://github.com/torvalds/linux/commit/0720a06a7518c9d0c0125bd5d1f3b6264c55c3dd",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/0720a06a7518c9d0c0125bd5d1f3b6264c55c3dd"
},
{
"name": "RHSA-2013:1026",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1026.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916115",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=916115"
}
]
}

68
2013/1xxx/CVE-2013-1774.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-1774 Kernel: USB io_ti driver NULL pointer dereference in routine chase_port"
"value": "The chase_port function in drivers/usb/serial/io_ti.c in the Linux kernel before 3.7.4 allows local users to cause a denial of service (NULL pointer dereference and system crash) via an attempted /dev/ttyUSB read or write operation on a disconnected Edgeport USB serial converter."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-358.6.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "0:3.6.11.2-rt33.39.el6rt",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -80,21 +68,11 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0744.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0744",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0744"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0829",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0829"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00016.html",
"refsource": "MISC",
@ -131,44 +109,14 @@
"name": "http://xorl.wordpress.com/2013/05/18/cve-2013-1774-linux-kernel-edgeport-usb-serial-converter-null-pointer-dereference/"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-1774",
"url": "https://github.com/torvalds/linux/commit/1ee0a224bc9aad1de496c795f96bc6ba2c394811",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-1774"
"name": "https://github.com/torvalds/linux/commit/1ee0a224bc9aad1de496c795f96bc6ba2c394811"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=916191",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=916191"
},
{
"url": "https://github.com/torvalds/linux/commit/1ee0a224bc9aad1de496c795f96bc6ba2c394811",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/1ee0a224bc9aad1de496c795f96bc6ba2c394811"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 3.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:H/Au:S/C:N/I:N/A:C",
"version": "2.0"
}
]
}

79
2013/1xxx/CVE-2013-1777.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1777",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21643282",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643282"
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0008.html",
"refsource": "MISC",
"name": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0008.html"
},
{
"name": "https://issues.apache.org/jira/browse/GERONIMO-6477",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/GERONIMO-6477"
"url": "http://geronimo.apache.org/30x-security-report.html",
"refsource": "MISC",
"name": "http://geronimo.apache.org/30x-security-report.html"
},
{
"name": "20130701 [SECURITY] CVE-2013-1777: Apache Geronimo 3 RMI classloader exposure",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0008.html"
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643282",
"refsource": "MISC",
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21643282"
},
{
"name": "http://geronimo.apache.org/30x-security-report.html",
"refsource": "CONFIRM",
"url": "http://geronimo.apache.org/30x-security-report.html"
"url": "https://issues.apache.org/jira/browse/GERONIMO-6477",
"refsource": "MISC",
"name": "https://issues.apache.org/jira/browse/GERONIMO-6477"
}
]
}

73
2013/4xxx/CVE-2013-4284.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4284",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "1029122",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029122"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1294.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1294.html"
},
{
"name": "RHSA-2013:1295",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1295.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1295.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1295.html"
},
{
"name": "RHSA-2013:1294",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1294.html"
"url": "http://www.securitytracker.com/id/1029122",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1029122"
}
]
}

53
2013/4xxx/CVE-2013-4288.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-4288 polkit: unix-process subject for authorization is racy"
"value": "Race condition in PolicyKit (aka polkit) allows local users to bypass intended PolicyKit restrictions and gain privileges by starting a setuid or pkexec process before the authorization check is performed, related to (1) the polkit_unix_process_new API function, (2) the dbus API, or (3) the --process (unix-process) option for authorization to pkcheck."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
"cweId": "CWE-362"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:0.96-5.el6_4",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -103,46 +102,6 @@
"url": "http://www.ubuntu.com/usn/USN-1953-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1953-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:1270",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1270"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-4288",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-4288"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1002375",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1002375"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.9,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

79
2013/4xxx/CVE-2013-4289.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4289",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "62363",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62363"
"url": "http://openjpeg.googlecode.com/svn/tags/version.1.5.2/NEWS",
"refsource": "MISC",
"name": "http://openjpeg.googlecode.com/svn/tags/version.1.5.2/NEWS"
},
{
"name": "57285",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57285"
"url": "http://seclists.org/oss-sec/2013/q3/593",
"refsource": "MISC",
"name": "http://seclists.org/oss-sec/2013/q3/593"
},
{
"name": "http://openjpeg.googlecode.com/svn/tags/version.1.5.2/NEWS",
"refsource": "CONFIRM",
"url": "http://openjpeg.googlecode.com/svn/tags/version.1.5.2/NEWS"
"url": "http://secunia.com/advisories/57285",
"refsource": "MISC",
"name": "http://secunia.com/advisories/57285"
},
{
"name": "[oss-security] 20140911 [seth.arnold () canonical com: CVE Requests openjpeg]",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2013/q3/593"
"url": "http://www.securityfocus.com/bid/62363",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/62363"
}
]
}

79
2013/4xxx/CVE-2013-4290.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4290",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "57285",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57285"
"url": "http://openjpeg.googlecode.com/svn/tags/version.1.5.2/NEWS",
"refsource": "MISC",
"name": "http://openjpeg.googlecode.com/svn/tags/version.1.5.2/NEWS"
},
{
"name": "http://openjpeg.googlecode.com/svn/tags/version.1.5.2/NEWS",
"refsource": "CONFIRM",
"url": "http://openjpeg.googlecode.com/svn/tags/version.1.5.2/NEWS"
"url": "http://seclists.org/oss-sec/2013/q3/593",
"refsource": "MISC",
"name": "http://seclists.org/oss-sec/2013/q3/593"
},
{
"name": "62362",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62362"
"url": "http://secunia.com/advisories/57285",
"refsource": "MISC",
"name": "http://secunia.com/advisories/57285"
},
{
"name": "[oss-security] 20140911 [seth.arnold () canonical com: CVE Requests openjpeg]",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2013/q3/593"
"url": "http://www.securityfocus.com/bid/62362",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/62362"
}
]
}

79
2013/4xxx/CVE-2013-4291.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4291",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1006509",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1006509"
"url": "http://libvirt.org/news.html",
"refsource": "MISC",
"name": "http://libvirt.org/news.html"
},
{
"name": "http://libvirt.org/news.html",
"refsource": "CONFIRM",
"url": "http://libvirt.org/news.html"
"url": "http://wiki.libvirt.org/page/Maintenance_Releases",
"refsource": "MISC",
"name": "http://wiki.libvirt.org/page/Maintenance_Releases"
},
{
"name": "http://wiki.libvirt.org/page/Maintenance_Releases",
"refsource": "CONFIRM",
"url": "http://wiki.libvirt.org/page/Maintenance_Releases"
"url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=fe11d34a6d46d6641ce90dc665164fda7bb6bff8",
"refsource": "MISC",
"name": "http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=fe11d34a6d46d6641ce90dc665164fda7bb6bff8"
},
{
"name": "http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=fe11d34a6d46d6641ce90dc665164fda7bb6bff8",
"refsource": "CONFIRM",
"url": "http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=fe11d34a6d46d6641ce90dc665164fda7bb6bff8"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1006509",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1006509"
}
]
}

79
2013/4xxx/CVE-2013-4292.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4292",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://libvirt.org/news.html",
"refsource": "CONFIRM",
"url": "http://libvirt.org/news.html"
"url": "http://libvirt.org/news.html",
"refsource": "MISC",
"name": "http://libvirt.org/news.html"
},
{
"name": "60895",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60895"
"url": "http://secunia.com/advisories/60895",
"refsource": "MISC",
"name": "http://secunia.com/advisories/60895"
},
{
"name": "GLSA-201412-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
},
{
"name": "[libvirt] 20130829 [PATCH 01/12] Add bounds checking on virDomainMigrate*Params RPC calls (CVE-2013-4292)",
"refsource": "MLIST",
"url": "http://www.mail-archive.com/libvir-list@redhat.com/msg83332.html"
"url": "http://www.mail-archive.com/libvir-list%40redhat.com/msg83332.html",
"refsource": "MISC",
"name": "http://www.mail-archive.com/libvir-list%40redhat.com/msg83332.html"
}
]
}

67
2013/4xxx/CVE-2013-4293.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4293",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1002853",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1002853"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1448.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1448.html"
},
{
"name": "RHSA-2013:1448",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1448.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1002853",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1002853"
}
]
}

59
2013/4xxx/CVE-2013-4294.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-4294 OpenStack: Keystone Token revocation failure using Keystone memcache/KVS backends"
"value": "The (1) mamcache and (2) KVS token backends in OpenStack Identity (Keystone) Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which allow remote attackers to bypass intended access restrictions via a revoked PKI token."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Insufficient Session Expiration",
"cweId": "CWE-613"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OpenStack 3 for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2013.1.3-2.el6ost",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -79,56 +78,10 @@
"refsource": "MISC",
"name": "http://secunia.com/advisories/54706"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:1285",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1285"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-4294",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-4294"
},
{
"url": "https://bugs.launchpad.net/keystone/+bug/1202952",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/keystone/+bug/1202952"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1004452",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1004452"
}
]
},
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Thierry Carrez (OpenStack upstream) for reporting this issue. Upstream acknowledges Kieran Spear (University of Melbourne) as the original reporter."
}
],
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
]
}

79
2013/4xxx/CVE-2013-4297.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4297",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "60895",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60895"
"url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=2dba0323ff0cec31bdcea9dd3b2428af297401f2",
"refsource": "MISC",
"name": "http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=2dba0323ff0cec31bdcea9dd3b2428af297401f2"
},
{
"name": "GLSA-201412-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
"url": "http://secunia.com/advisories/60895",
"refsource": "MISC",
"name": "http://secunia.com/advisories/60895"
},
{
"name": "http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=2dba0323ff0cec31bdcea9dd3b2428af297401f2",
"refsource": "CONFIRM",
"url": "http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=2dba0323ff0cec31bdcea9dd3b2428af297401f2"
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4297",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4297"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4297",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4297"
}
]
}

22
2018/10xxx/CVE-2018-10840.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The Linux kernel is vulnerable to a heap-based buffer overflow in the fs/ext4/xattr.c:ext4_xattr_set_entry() function. An attacker could exploit this by operating on a mounted crafted ext4 image."
"value": "Linux kernel is vulnerable to a heap-based buffer overflow in the fs/ext4/xattr.c:ext4_xattr_set_entry() function. An attacker could exploit this by operating on a mounted crafted ext4 image."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow",
"value": "CWE-122",
"cweId": "CWE-122"
}
]
@ -32,16 +32,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "kernel",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"product_name": "heap-based buffer overflow in fs/ext4/xattr.c",
"version": {
"version_data": [
{
"version_value": "0:4.14.0-115.5.1.el7a",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -79,16 +79,6 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2019:0162"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2018-10840",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2018-10840"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1582346",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1582346"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10840",
"refsource": "MISC",

22
2018/10xxx/CVE-2018-10844.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that GnuTLS's implementation of HMAC-SHA-256 was vulnerable to Lucky Thirteen-style attack. A remote attacker could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets."
"value": "It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data using crafted packets."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Covert Timing Channel",
"value": "CWE-385",
"cweId": "CWE-385"
}
]
@ -32,16 +32,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "[UNKNOWN]",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"product_name": "gnutls",
"version": {
"version_data": [
{
"version_value": "0:3.3.29-8.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -69,16 +69,6 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2018:3505"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2018-10844",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2018-10844"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1582571",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1582571"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10844",
"refsource": "MISC",

22
2018/10xxx/CVE-2018-10845.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that GnuTLS's implementation of HMAC-SHA-384 was vulnerable to a Lucky Thirteen-style attack. A remote attacker could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets."
"value": "It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Covert Timing Channel",
"value": "CWE-385",
"cweId": "CWE-385"
}
]
@ -32,16 +32,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "[UNKNOWN]",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"product_name": "gnutls",
"version": {
"version_data": [
{
"version_value": "0:3.3.29-8.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -99,16 +99,6 @@
"refsource": "MISC",
"name": "https://usn.ubuntu.com/3999-1/"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2018-10845",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2018-10845"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1582572",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1582572"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10845",
"refsource": "MISC",

22
2018/10xxx/CVE-2018-10846.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A cache-based side channel attack was found in the way GnuTLS implements CBC-mode cipher suites. An attacker could use a combination of \"Just in Time\" Prime+probe and Lucky-13 attacks to recover plain text in a cross-VM attack scenario."
"value": "A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of \"Just in Time\" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Covert Timing Channel",
"value": "CWE-385",
"cweId": "CWE-385"
}
]
@ -32,16 +32,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "[UNKNOWN]",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"product_name": "gnutls",
"version": {
"version_data": [
{
"version_value": "0:3.3.29-8.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -99,16 +99,6 @@
"refsource": "MISC",
"name": "https://usn.ubuntu.com/3999-1/"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2018-10846",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2018-10846"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1582574",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1582574"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10846",
"refsource": "MISC",

51
2018/10xxx/CVE-2018-10854.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2018-10854 cloudforms: stored cross-site scripting in Name field"
"value": "cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"value": "CWE-79",
"cweId": "CWE-79"
}
]
@ -36,32 +36,12 @@
"product": {
"product_data": [
{
"product_name": "CloudForms Management Engine 5.10",
"product_name": "cloudforms",
"version": {
"version_data": [
{
"version_value": "0:3.5.2-1.el7at",
"version_affected": "!"
},
{
"version_value": "0:5.10.9.1-1.el7cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.23-1.el7ev",
"version_affected": "!"
},
{
"version_value": "0:1.1.7-1.el7ev",
"version_affected": "!"
},
{
"version_value": "0:1.1.19-1.el7ev",
"version_affected": "!"
},
{
"version_value": "0:1.14.2-1.el7ev",
"version_affected": "!"
"version_affected": "=",
"version_value": "cloudforms 5.8 and cloudforms 5.9"
}
]
}
@ -74,21 +54,6 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2019:2587",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2019:2587"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2018-10854",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2018-10854"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1590538",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1590538"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10854",
"refsource": "MISC",
@ -96,12 +61,6 @@
}
]
},
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Yadnyawalk Tale (Red Hat CloudForms QE)."
}
],
"impact": {
"cvss": [
{

98
2018/10xxx/CVE-2018-10857.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-10857",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "git-annex",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -38,39 +15,72 @@
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "5.9/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200"
"value": "CWE-200",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "[UNKNOWN]",
"product": {
"product_data": [
{
"product_name": "git-annex",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20180905 [SECURITY] [DLA 1495-1] git-annex security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00004.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10857",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10857"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10857",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10857"
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00004.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2018/09/msg00004.html"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
]
}

98
2018/10xxx/CVE-2018-10859.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-10859",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "git-annex",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -38,39 +15,72 @@
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "5.9/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200"
"value": "CWE-200",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "[UNKNOWN]",
"product": {
"product_data": [
{
"product_name": "git-annex",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20180905 [SECURITY] [DLA 1495-1] git-annex security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00004.html"
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00004.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2018/09/msg00004.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10859",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10859"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10859",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10859"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
]
}

30
2018/10xxx/CVE-2018-10864.json
View File

@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption",
"value": "CWE-400",
"cweId": "CWE-400"
}
]
@ -32,20 +32,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "[UNKNOWN]",
"product": {
"product_data": [
{
"product_name": "Red Hat Certification for Red Hat Enterprise Linux 7",
"product_name": "redhat-certification:",
"version": {
"version_data": [
{
"version_value": "0:5.16-20180809.el7",
"version_affected": "!"
},
{
"version_value": "0:5.16-20180809.1.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -63,16 +59,6 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2018:2373"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2018-10864",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2018-10864"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593627",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1593627"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10864",
"refsource": "MISC",
@ -80,12 +66,6 @@
}
]
},
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Riccardo Schirone (Red Hat Product Security)."
}
],
"impact": {
"cvss": [
{

52
2018/10xxx/CVE-2018-10865.json
View File

@ -1,12 +1,33 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-10865",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was discovered that the /configuration view of redhat-certification 7 does not perform an authorization check and it allows an unauthenticated user to call a \"restart\" RPC method on any host accessible by the system, even if not belonging to him."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,6 +40,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "redhat-certification 7"
}
]
@ -30,37 +52,17 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593631",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1593631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593631"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1593631"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2018-10865",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2018-10865",
"url": "https://access.redhat.com/security/cve/CVE-2018-10865"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was discovered that the /configuration view of redhat-certification 7 does not perform an authorization check and it allows an unauthenticated user to call a \"restart\" RPC method on any host accessible by the system, even if not belonging to him."
"name": "https://access.redhat.com/security/cve/CVE-2018-10865"
}
]
}