admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:36:31 +00:00
parent 18c3961f83
commit 39ac38b0c7
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
63 changed files with 3749 additions and 3731 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
2004/0xxx/CVE-2004-0220.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0220", "ID": "CVE-2004-0220",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via an ISAKMP packet with a malformed Cert Request payload, which causes an integer underflow that is used in a malloc operation that is not properly handled, as demonstrated by the Striker ISAKMP Protocol Test Suite." "value": "isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via an ISAKMP packet with a malformed Cert Request payload, which causes an integer underflow that is used in a malloc operation that is not properly handled, as demonstrated by the Striker ISAKMP Protocol Test Suite."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20040323 R7-0018: OpenBSD isakmpd payload handling denial-of-service vulnerabilities", "name": "1009468",
"refsource" : "BUGTRAQ", "refsource": "SECTRACK",
"url" : "http://marc.info/?l=bugtraq&m=108008530028019&w=2" "url": "http://www.securitytracker.com/alerts/2004/Mar/1009468.html"
}, },
{ {
"name" : "http://www.rapid7.com/advisories/R7-0018.html", "name": "9907",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://www.rapid7.com/advisories/R7-0018.html" "url": "http://www.securityfocus.com/bid/9907"
}, },
{ {
"name" : "20040317 015: RELIABILITY FIX: March 17, 2004", "name": "20040317 015: RELIABILITY FIX: March 17, 2004",
"refsource" : "OPENBSD", "refsource": "OPENBSD",
"url" : "http://www.openbsd.org/errata.html" "url": "http://www.openbsd.org/errata.html"
}, },
{ {
"name" : "VU#223273", "name": "20040323 R7-0018: OpenBSD isakmpd payload handling denial-of-service vulnerabilities",
"refsource" : "CERT-VN", "refsource": "BUGTRAQ",
"url" : "http://www.kb.cert.org/vuls/id/223273" "url": "http://marc.info/?l=bugtraq&m=108008530028019&w=2"
}, },
{ {
"name" : "9907", "name": "VU#223273",
"refsource" : "BID", "refsource": "CERT-VN",
"url" : "http://www.securityfocus.com/bid/9907" "url": "http://www.kb.cert.org/vuls/id/223273"
}, },
{ {
"name" : "1009468", "name": "openbsd-isakmp-integer-underflow(15629)",
"refsource" : "SECTRACK", "refsource": "XF",
"url" : "http://www.securitytracker.com/alerts/2004/Mar/1009468.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15629"
}, },
{ {
"name" : "openbsd-isakmp-integer-underflow(15629)", "name": "http://www.rapid7.com/advisories/R7-0018.html",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15629" "url": "http://www.rapid7.com/advisories/R7-0018.html"
} }
] ]
} }

74
2004/0xxx/CVE-2004-0581.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0581", "ID": "CVE-2004-0581",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp." "value": "ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MDKSA-2004:060", "name": "10516",
"refsource" : "MANDRAKE", "refsource": "BID",
"url" : "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:060" "url": "http://www.securityfocus.com/bid/10516"
}, },
{ {
"name" : "10516", "name": "ksymoops-symlink(16392)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/10516" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16392"
}, },
{ {
"name" : "ksymoops-symlink(16392)", "name": "MDKSA-2004:060",
"refsource" : "XF", "refsource": "MANDRAKE",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16392" "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:060"
} }
] ]
} }

74
2004/0xxx/CVE-2004-0640.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0640", "ID": "CVE-2004-0640",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Format string vulnerability in the SSL_set_verify function in telnetd.c for SSLtelnet daemon (SSLtelnetd) 0.13 allows remote attackers to execute arbitrary code." "value": "Format string vulnerability in the SSL_set_verify function in telnetd.c for SSLtelnet daemon (SSLtelnetd) 0.13 allows remote attackers to execute arbitrary code."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.idefense.com/application/poi/display?id=114&type=vulnerabilities", "name": "ssltelnetd-format-string(16653)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://www.idefense.com/application/poi/display?id=114&type=vulnerabilities" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16653"
}, },
{ {
"name" : "DSA-529", "name": "http://www.idefense.com/application/poi/display?id=114&type=vulnerabilities",
"refsource" : "DEBIAN", "refsource": "MISC",
"url" : "http://www.debian.org/security/2004/dsa-529" "url": "http://www.idefense.com/application/poi/display?id=114&type=vulnerabilities"
}, },
{ {
"name" : "ssltelnetd-format-string(16653)", "name": "DSA-529",
"refsource" : "XF", "refsource": "DEBIAN",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16653" "url": "http://www.debian.org/security/2004/dsa-529"
} }
] ]
} }

92
2004/1xxx/CVE-2004-1151.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1151", "ID": "CVE-2004-1151",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm86_warning functions in sys_ia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges." "value": "Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm86_warning functions in sys_ia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[linux-kernel] 20041130 Buffer overrun in arch/x86_64/sys_ia32.c:sys32_ni_syscall()", "name": "http://linux.bkbits.net:8080/linux-2.6/cset@1.2079",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://www.ussg.iu.edu/hypermail/linux/kernel/0411.3/1467.html" "url": "http://linux.bkbits.net:8080/linux-2.6/cset@1.2079"
}, },
{ {
"name" : "http://linux.bkbits.net:8080/linux-2.6/cset@1.2079", "name": "MDKSA-2005:022",
"refsource" : "MISC", "refsource": "MANDRAKE",
"url" : "http://linux.bkbits.net:8080/linux-2.6/cset@1.2079" "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
}, },
{ {
"name" : "http://linux.bkbits.net:8080/linux-2.6/gnupatch@41ae6af1cR3mJYlW6D8EHxCKSxuJiQ", "name": "20041214 [USN-38-1] Linux kernel vulnerabilities",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://linux.bkbits.net:8080/linux-2.6/gnupatch@41ae6af1cR3mJYlW6D8EHxCKSxuJiQ" "url": "http://marc.info/?l=bugtraq&m=110306397320336&w=2"
}, },
{ {
"name" : "MDKSA-2005:022", "name": "SUSE-SA:2004:044",
"refsource" : "MANDRAKE", "refsource": "SUSE",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022" "url": "http://www.novell.com/linux/security/advisories/2004_44_kernel.html"
}, },
{ {
"name" : "20041214 [USN-38-1] Linux kernel vulnerabilities", "name": "http://linux.bkbits.net:8080/linux-2.6/gnupatch@41ae6af1cR3mJYlW6D8EHxCKSxuJiQ",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://marc.info/?l=bugtraq&m=110306397320336&w=2" "url": "http://linux.bkbits.net:8080/linux-2.6/gnupatch@41ae6af1cR3mJYlW6D8EHxCKSxuJiQ"
}, },
{ {
"name" : "SUSE-SA:2004:044", "name": "[linux-kernel] 20041130 Buffer overrun in arch/x86_64/sys_ia32.c:sys32_ni_syscall()",
"refsource" : "SUSE", "refsource": "MLIST",
"url" : "http://www.novell.com/linux/security/advisories/2004_44_kernel.html" "url": "http://www.ussg.iu.edu/hypermail/linux/kernel/0411.3/1467.html"
} }
] ]
} }

104
2004/1xxx/CVE-2004-1379.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1379", "ID": "CVE-2004-1379",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Heap-based buffer overflow in the DVD subpicture decoder in xine xine-lib 1-rc5 and earlier allows remote attackers to execute arbitrary code via a (1) DVD or (2) MPEG subpicture header where the second field reuses RLE data from the end of the first field." "value": "Heap-based buffer overflow in the DVD subpicture decoder in xine xine-lib 1-rc5 and earlier allows remote attackers to execute arbitrary code via a (1) DVD or (2) MPEG subpicture header where the second field reuses RLE data from the end of the first field."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20040906 XSA-2004-5: heap overflow in DVD subpicture decoder", "name": "xine-dvd-subpicture-bo(17423)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/375482/2004-09-02/2004-09-08/0" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17423"
}, },
{ {
"name" : "http://xinehq.de/index.php/security/XSA-2004-5", "name": "SSA:2004-266",
"refsource" : "CONFIRM", "refsource": "SLACKWARE",
"url" : "http://xinehq.de/index.php/security/XSA-2004-5" "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.320308"
}, },
{ {
"name" : "DSA-657", "name": "http://xinehq.de/index.php/security/XSA-2004-5",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "http://www.debian.org/security/2005/dsa-657" "url": "http://xinehq.de/index.php/security/XSA-2004-5"
}, },
{ {
"name" : "GLSA-200409-30", "name": "DSA-657",
"refsource" : "GENTOO", "refsource": "DEBIAN",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200409-30.xml" "url": "http://www.debian.org/security/2005/dsa-657"
}, },
{ {
"name" : "SSA:2004-266", "name": "11205",
"refsource" : "SLACKWARE", "refsource": "BID",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.320308" "url": "http://www.securityfocus.com/bid/11205"
}, },
{ {
"name" : "http://www.vuxml.org/freebsd/131bd7c4-64a3-11d9-829a-000a95bc6fae.html", "name": "20040906 XSA-2004-5: heap overflow in DVD subpicture decoder",
"refsource" : "CONFIRM", "refsource": "BUGTRAQ",
"url" : "http://www.vuxml.org/freebsd/131bd7c4-64a3-11d9-829a-000a95bc6fae.html" "url": "http://www.securityfocus.com/archive/1/375482/2004-09-02/2004-09-08/0"
}, },
{ {
"name" : "11205", "name": "GLSA-200409-30",
"refsource" : "BID", "refsource": "GENTOO",
"url" : "http://www.securityfocus.com/bid/11205" "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-30.xml"
}, },
{ {
"name" : "xine-dvd-subpicture-bo(17423)", "name": "http://www.vuxml.org/freebsd/131bd7c4-64a3-11d9-829a-000a95bc6fae.html",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17423" "url": "http://www.vuxml.org/freebsd/131bd7c4-64a3-11d9-829a-000a95bc6fae.html"
} }
] ]
} }

86
2004/1xxx/CVE-2004-1647.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1647", "ID": "CVE-2004-1647",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in Password Protect allows remote attackers to execute arbitrary SQL statements and bypass authentication via (1) admin or Pass parameter to index_next.asp, (2) LoginId, OPass, or NPass to CPassChangePassword.asp, (3) users_edit.asp, or (4) users_add.asp." "value": "SQL injection vulnerability in Password Protect allows remote attackers to execute arbitrary SQL statements and bypass authentication via (1) admin or Pass parameter to index_next.asp, (2) LoginId, OPass, or NPass to CPassChangePassword.asp, (3) users_edit.asp, or (4) users_add.asp."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20040830 Password Protect XSS and SQL-Injection vulnerabilities.", "name": "11073",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://marc.info/?l=bugtraq&m=109414967003192&w=2" "url": "http://www.securityfocus.com/bid/11073"
}, },
{ {
"name" : "http://www.criolabs.net/advisories/passprotect.txt", "name": "20040830 Password Protect XSS and SQL-Injection vulnerabilities.",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://www.criolabs.net/advisories/passprotect.txt" "url": "http://marc.info/?l=bugtraq&m=109414967003192&w=2"
}, },
{ {
"name" : "11073", "name": "password-protect-sql-injection(17188)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/11073" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17188"
}, },
{ {
"name" : "12407", "name": "12407",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/12407" "url": "http://secunia.com/advisories/12407"
}, },
{ {
"name" : "password-protect-sql-injection(17188)", "name": "http://www.criolabs.net/advisories/passprotect.txt",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17188" "url": "http://www.criolabs.net/advisories/passprotect.txt"
} }
] ]
} }

98
2004/2xxx/CVE-2004-2322.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2322", "ID": "CVE-2004-2322",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in the (1) announce and (2) notes modules of phpWebSite before 0.9.3-2 allows remote attackers to execute arbitrary SQL queries, as demonstrated using the ANN_id parameter to the announce module." "value": "SQL injection vulnerability in the (1) announce and (2) notes modules of phpWebSite before 0.9.3-2 allows remote attackers to execute arbitrary SQL queries, as demonstrated using the ANN_id parameter to the announce module."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.systemsecure.org/advisories/ssadvisory13022004.php", "name": "10878",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://www.systemsecure.org/advisories/ssadvisory13022004.php" "url": "http://secunia.com/advisories/10878/"
}, },
{ {
"name" : "http://www.zone-h.com/advisories/read/id=3955", "name": "phpwebsite-announce-sql-injection(15219)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://www.zone-h.com/advisories/read/id=3955" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15219"
}, },
{ {
"name" : "http://sourceforge.net/tracker/index.php?func=detail&aid=892174&group_id=15539&atid=115539", "name": "http://www.systemsecure.org/advisories/ssadvisory13022004.php",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://sourceforge.net/tracker/index.php?func=detail&aid=892174&group_id=15539&atid=115539" "url": "http://www.systemsecure.org/advisories/ssadvisory13022004.php"
}, },
{ {
"name" : "3852", "name": "http://www.zone-h.com/advisories/read/id=3955",
"refsource" : "OSVDB", "refsource": "MISC",
"url" : "http://www.osvdb.org/3852" "url": "http://www.zone-h.com/advisories/read/id=3955"
}, },
{ {
"name" : "1009045", "name": "1009045",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/alerts/2004/Feb/1009045.html" "url": "http://www.securitytracker.com/alerts/2004/Feb/1009045.html"
}, },
{ {
"name" : "10878", "name": "http://sourceforge.net/tracker/index.php?func=detail&aid=892174&group_id=15539&atid=115539",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/10878/" "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=892174&group_id=15539&atid=115539"
}, },
{ {
"name" : "phpwebsite-announce-sql-injection(15219)", "name": "3852",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15219" "url": "http://www.osvdb.org/3852"
} }
] ]
} }

98
2004/2xxx/CVE-2004-2585.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2585", "ID": "CVE-2004-2585",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in frmCompose.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to inject arbitrary web script or HTML via Javascript to the \"check spelling\" feature in the compose area." "value": "Cross-site scripting (XSS) vulnerability in frmCompose.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote attackers to inject arbitrary web script or HTML via Javascript to the \"check spelling\" feature in the compose area."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://members.lycos.co.uk/r34ct/main/smarter_mail%203.1/smarter_mail.txt", "name": "9805",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://members.lycos.co.uk/r34ct/main/smarter_mail%203.1/smarter_mail.txt" "url": "http://www.securityfocus.com/bid/9805"
}, },
{ {
"name" : "http://www.zone-h.org/advisories/read/id=4098", "name": "http://www.zone-h.org/advisories/read/id=4098",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.zone-h.org/advisories/read/id=4098" "url": "http://www.zone-h.org/advisories/read/id=4098"
}, },
{ {
"name" : "9805", "name": "smartermail-spellchecker-xss(15393)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/9805" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15393"
}, },
{ {
"name" : "4145", "name": "4145",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/4145" "url": "http://www.osvdb.org/4145"
}, },
{ {
"name" : "1009307", "name": "http://members.lycos.co.uk/r34ct/main/smarter_mail%203.1/smarter_mail.txt",
"refsource" : "SECTRACK", "refsource": "MISC",
"url" : "http://securitytracker.com/id?1009307" "url": "http://members.lycos.co.uk/r34ct/main/smarter_mail%203.1/smarter_mail.txt"
}, },
{ {
"name" : "11042", "name": "1009307",
"refsource" : "SECUNIA", "refsource": "SECTRACK",
"url" : "http://secunia.com/advisories/11042" "url": "http://securitytracker.com/id?1009307"
}, },
{ {
"name" : "smartermail-spellchecker-xss(15393)", "name": "11042",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15393" "url": "http://secunia.com/advisories/11042"
} }
] ]
} }

98
2008/2xxx/CVE-2008-2002.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2002", "ID": "CVE-2008-2002",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities on Motorola Surfboard with software SB5100-2.3.3.0-SCM00-NOSH allow remote attackers to (1) cause a denial of service (device reboot) via the \"Restart Cable Modem\" value in the BUTTON_INPUT parameter to configdata.html, and (2) cause a denial of service (hard reset) via the \"Reset All Defaults\" value in the BUTTON_INPUT parameter to configdata.html." "value": "Multiple cross-site request forgery (CSRF) vulnerabilities on Motorola Surfboard with software SB5100-2.3.3.0-SCM00-NOSH allow remote attackers to (1) cause a denial of service (device reboot) via the \"Restart Cable Modem\" value in the BUTTON_INPUT parameter to configdata.html, and (2) cause a denial of service (hard reset) via the \"Reset All Defaults\" value in the BUTTON_INPUT parameter to configdata.html."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20080418 Sea-Surfing on the Motorola Surfboard", "name": "3839",
"refsource" : "BUGTRAQ", "refsource": "SREASON",
"url" : "http://www.securityfocus.com/archive/1/491143/100/0/threaded" "url": "http://securityreason.com/securityalert/3839"
}, },
{ {
"name" : "http://www.rooksecurity.com/blog/?p=4", "name": "ADV-2008-1390",
"refsource" : "MISC", "refsource": "VUPEN",
"url" : "http://www.rooksecurity.com/blog/?p=4" "url": "http://www.vupen.com/english/advisories/2008/1390/references"
}, },
{ {
"name" : "VU#643049", "name": "http://www.rooksecurity.com/blog/?p=4",
"refsource" : "CERT-VN", "refsource": "MISC",
"url" : "http://www.kb.cert.org/vuls/id/643049" "url": "http://www.rooksecurity.com/blog/?p=4"
}, },
{ {
"name" : "ADV-2008-1390", "name": "surfboard-configdata-csrf(42091)",
"refsource" : "VUPEN", "refsource": "XF",
"url" : "http://www.vupen.com/english/advisories/2008/1390/references" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42091"
}, },
{ {
"name" : "30026", "name": "VU#643049",
"refsource" : "SECUNIA", "refsource": "CERT-VN",
"url" : "http://secunia.com/advisories/30026" "url": "http://www.kb.cert.org/vuls/id/643049"
}, },
{ {
"name" : "3839", "name": "30026",
"refsource" : "SREASON", "refsource": "SECUNIA",
"url" : "http://securityreason.com/securityalert/3839" "url": "http://secunia.com/advisories/30026"
}, },
{ {
"name" : "surfboard-configdata-csrf(42091)", "name": "20080418 Sea-Surfing on the Motorola Surfboard",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42091" "url": "http://www.securityfocus.com/archive/1/491143/100/0/threaded"
} }
] ]
} }

92
2008/2xxx/CVE-2008-2060.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2008-2060", "ID": "CVE-2008-2060",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in Cisco Intrusion Prevention System (IPS) 5.x before 5.1(8)E2 and 6.x before 6.0(5)E2, when inline mode and jumbo Ethernet support are enabled, allows remote attackers to cause a denial of service (panic), and possibly bypass intended restrictions on network traffic, via a \"specific series of jumbo Ethernet frames.\"" "value": "Unspecified vulnerability in Cisco Intrusion Prevention System (IPS) 5.x before 5.1(8)E2 and 6.x before 6.0(5)E2, when inline mode and jumbo Ethernet support are enabled, allows remote attackers to cause a denial of service (panic), and possibly bypass intended restrictions on network traffic, via a \"specific series of jumbo Ethernet frames.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20080618 Cisco Intrusion Prevention System Jumbo Frame Denial of Service", "name": "20080618 Cisco Intrusion Prevention System Jumbo Frame Denial of Service",
"refsource" : "CISCO", "refsource": "CISCO",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a00809b3842.shtml" "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809b3842.shtml"
}, },
{ {
"name" : "29791", "name": "1020326",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/29791" "url": "http://www.securitytracker.com/id?1020326"
}, },
{ {
"name" : "ADV-2008-1872", "name": "29791",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2008/1872/references" "url": "http://www.securityfocus.com/bid/29791"
}, },
{ {
"name" : "1020326", "name": "ADV-2008-1872",
"refsource" : "SECTRACK", "refsource": "VUPEN",
"url" : "http://www.securitytracker.com/id?1020326" "url": "http://www.vupen.com/english/advisories/2008/1872/references"
}, },
{ {
"name" : "30767", "name": "30767",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/30767" "url": "http://secunia.com/advisories/30767"
}, },
{ {
"name" : "cisco-ips-ethernetframes-dos(43166)", "name": "cisco-ips-ethernetframes-dos(43166)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43166" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43166"
} }
] ]
} }

86
2008/2xxx/CVE-2008-2207.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2207", "ID": "CVE-2008-2207",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in admin/index.php in Maian Gallery 2.0 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a search action." "value": "Cross-site scripting (XSS) vulnerability in admin/index.php in Maian Gallery 2.0 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a search action."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20080503 Maian Gallery v2.0 XSS Vulnerability", "name": "20080503 Maian Gallery v2.0 XSS Vulnerability",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/491583/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/491583/100/0/threaded"
}, },
{ {
"name" : "29032", "name": "3885",
"refsource" : "BID", "refsource": "SREASON",
"url" : "http://www.securityfocus.com/bid/29032" "url": "http://securityreason.com/securityalert/3885"
}, },
{ {
"name" : "30070", "name": "29032",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/30070" "url": "http://www.securityfocus.com/bid/29032"
}, },
{ {
"name" : "3885", "name": "30070",
"refsource" : "SREASON", "refsource": "SECUNIA",
"url" : "http://securityreason.com/securityalert/3885" "url": "http://secunia.com/advisories/30070"
}, },
{ {
"name" : "maian-gallery-keywords-xss(42195)", "name": "maian-gallery-keywords-xss(42195)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42195" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42195"
} }
] ]
} }

86
2008/2xxx/CVE-2008-2391.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2391", "ID": "CVE-2008-2391",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SubSonic allows remote attackers to bypass pagesize limits and cause a denial of service (CPU consumption) via a pageindex (aka data page number) of -1." "value": "SubSonic allows remote attackers to bypass pagesize limits and cause a denial of service (CPU consumption) via a pageindex (aka data page number) of -1."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20080519 DoS attacks using SQL Wildcards - White Paper", "name": "3898",
"refsource" : "BUGTRAQ", "refsource": "SREASON",
"url" : "http://www.securityfocus.com/archive/1/492233/100/0/threaded" "url": "http://securityreason.com/securityalert/3898"
}, },
{ {
"name" : "http://www.codeplex.com/subsonic/WorkItem/View.aspx?WorkItemId=16112", "name": "http://www.portcullis-security.com/uplds/wildcard_attacks.pdf",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.codeplex.com/subsonic/WorkItem/View.aspx?WorkItemId=16112" "url": "http://www.portcullis-security.com/uplds/wildcard_attacks.pdf"
}, },
{ {
"name" : "http://www.portcullis-security.com/uplds/wildcard_attacks.pdf", "name": "http://www.codeplex.com/subsonic/WorkItem/View.aspx?WorkItemId=16112",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.portcullis-security.com/uplds/wildcard_attacks.pdf" "url": "http://www.codeplex.com/subsonic/WorkItem/View.aspx?WorkItemId=16112"
}, },
{ {
"name" : "3898", "name": "20080519 DoS attacks using SQL Wildcards - White Paper",
"refsource" : "SREASON", "refsource": "BUGTRAQ",
"url" : "http://securityreason.com/securityalert/3898" "url": "http://www.securityfocus.com/archive/1/492233/100/0/threaded"
}, },
{ {
"name" : "subsonic-pagesize-dos(42562)", "name": "subsonic-pagesize-dos(42562)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42562" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42562"
} }
] ]
} }

98
2008/2xxx/CVE-2008-2408.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2408", "ID": "CVE-2008-2408",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Heap-based buffer overflow in the XML parsing functionality in talk.dll in Cerulean Studios Trillian Pro before 3.1.10.0 allows remote attackers to execute arbitrary code via a malformed attribute in an IMG tag." "value": "Heap-based buffer overflow in the XML parsing functionality in talk.dll in Cerulean Studios Trillian Pro before 3.1.10.0 allows remote attackers to execute arbitrary code via a malformed attribute in an IMG tag."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20080521 ZDI-08-030: Trillian Multiple Protocol XML Parsing Memory Corruption Vulnerability", "name": "ADV-2008-1622",
"refsource" : "BUGTRAQ", "refsource": "VUPEN",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2008-05/0284.html" "url": "http://www.vupen.com/english/advisories/2008/1622"
}, },
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-08-030/", "name": "20080521 ZDI-08-030: Trillian Multiple Protocol XML Parsing Memory Corruption Vulnerability",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-08-030/" "url": "http://archives.neohapsis.com/archives/bugtraq/2008-05/0284.html"
}, },
{ {
"name" : "29330", "name": "29330",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/29330" "url": "http://www.securityfocus.com/bid/29330"
}, },
{ {
"name" : "ADV-2008-1622", "name": "30336",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2008/1622" "url": "http://secunia.com/advisories/30336"
}, },
{ {
"name" : "1020105", "name": "1020105",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://securitytracker.com/id?1020105" "url": "http://securitytracker.com/id?1020105"
}, },
{ {
"name" : "30336", "name": "http://www.zerodayinitiative.com/advisories/ZDI-08-030/",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/30336" "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-030/"
}, },
{ {
"name" : "trillian-talk-bo(42581)", "name": "trillian-talk-bo(42581)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42581" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42581"
} }
] ]
} }

80
2008/3xxx/CVE-2008-3059.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3059", "ID": "CVE-2008-3059",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "member/settings_account.php in Octeth Oempro 3.5.5.1, and possibly other versions before 4, uses cleartext to transmit a password entered in the FormValue_Password field, which makes it easier for remote attackers to obtain sensitive information by sniffing the network, related to the \"Settings - Account Information\" tab." "value": "member/settings_account.php in Octeth Oempro 3.5.5.1, and possibly other versions before 4, uses cleartext to transmit a password entered in the FormValue_Password field, which makes it easier for remote attackers to obtain sensitive information by sniffing the network, related to the \"Settings - Account Information\" tab."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://octeth.com/blog/category/oempro4/", "name": "http://osvdb.org/ref/50/oempro.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://octeth.com/blog/category/oempro4/" "url": "http://osvdb.org/ref/50/oempro.txt"
}, },
{ {
"name" : "http://osvdb.org/ref/50/oempro.txt", "name": "50324",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://osvdb.org/ref/50/oempro.txt" "url": "http://www.osvdb.org/50324"
}, },
{ {
"name" : "50324", "name": "http://octeth.com/blog/category/oempro4/",
"refsource" : "OSVDB", "refsource": "MISC",
"url" : "http://www.osvdb.org/50324" "url": "http://octeth.com/blog/category/oempro4/"
}, },
{ {
"name" : "oempro-settingsaccount-info-disclosure(47115)", "name": "oempro-settingsaccount-info-disclosure(47115)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47115" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47115"
} }
] ]
} }

110
2008/3xxx/CVE-2008-3066.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3066", "ID": "CVE-2008-3066",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Stack-based buffer overflow in a certain ActiveX control in rjbdll.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 allows remote attackers to execute arbitrary code by importing a file into a media library and then deleting this file." "value": "Stack-based buffer overflow in a certain ActiveX control in rjbdll.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 allows remote attackers to execute arbitrary code by importing a file into a media library and then deleting this file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20080725 http://www.zerodayinitiative.com/advisories/ZDI-08-046", "name": "20080725 http://www.zerodayinitiative.com/advisories/ZDI-08-046",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/494778/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/494778/100/0/threaded"
}, },
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-08-046/", "name": "ADV-2008-2194",
"refsource" : "MISC", "refsource": "VUPEN",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-08-046/" "url": "http://www.vupen.com/english/advisories/2008/2194/references"
}, },
{ {
"name" : "http://service.real.com/realplayer/security/07252008_player/en/", "name": "VU#461187",
"refsource" : "CONFIRM", "refsource": "CERT-VN",
"url" : "http://service.real.com/realplayer/security/07252008_player/en/" "url": "http://www.kb.cert.org/vuls/id/461187"
}, },
{ {
"name" : "VU#461187", "name": "http://service.real.com/realplayer/security/07252008_player/en/",
"refsource" : "CERT-VN", "refsource": "CONFIRM",
"url" : "http://www.kb.cert.org/vuls/id/461187" "url": "http://service.real.com/realplayer/security/07252008_player/en/"
}, },
{ {
"name" : "30376", "name": "1020565",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/30376" "url": "http://securitytracker.com/id?1020565"
}, },
{ {
"name" : "30379", "name": "30379",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/30379" "url": "http://www.securityfocus.com/bid/30379"
}, },
{ {
"name" : "ADV-2008-2194", "name": "30376",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2008/2194/references" "url": "http://www.securityfocus.com/bid/30376"
}, },
{ {
"name" : "1020565", "name": "realplayer-rjbdll-activex-bo(44013)",
"refsource" : "SECTRACK", "refsource": "XF",
"url" : "http://securitytracker.com/id?1020565" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44013"
}, },
{ {
"name" : "realplayer-rjbdll-activex-bo(44013)", "name": "http://www.zerodayinitiative.com/advisories/ZDI-08-046/",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44013" "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-046/"
} }
] ]
} }

98
2008/3xxx/CVE-2008-3543.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3543", "ID": "CVE-2008-3543",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in NFS / ONCplus B.11.31_04 and earlier on HP-UX B.11.31 allows remote attackers to cause a denial of service via unknown attack vectors." "value": "Unspecified vulnerability in NFS / ONCplus B.11.31_04 and earlier on HP-UX B.11.31 allows remote attackers to cause a denial of service via unknown attack vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "HPSBUX02375", "name": "1020993",
"refsource" : "HP", "refsource": "SECTRACK",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01570585" "url": "http://www.securitytracker.com/id?1020993"
}, },
{ {
"name" : "SSRT080122", "name": "32161",
"refsource" : "HP", "refsource": "SECUNIA",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01570585" "url": "http://secunia.com/advisories/32161"
}, },
{ {
"name" : "31607", "name": "ADV-2008-2748",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/31607" "url": "http://www.vupen.com/english/advisories/2008/2748"
}, },
{ {
"name" : "ADV-2008-2748", "name": "SSRT080122",
"refsource" : "VUPEN", "refsource": "HP",
"url" : "http://www.vupen.com/english/advisories/2008/2748" "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01570585"
}, },
{ {
"name" : "1020993", "name": "hpux-nfsoncplus-dos(45695)",
"refsource" : "SECTRACK", "refsource": "XF",
"url" : "http://www.securitytracker.com/id?1020993" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45695"
}, },
{ {
"name" : "32161", "name": "HPSBUX02375",
"refsource" : "SECUNIA", "refsource": "HP",
"url" : "http://secunia.com/advisories/32161" "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01570585"
}, },
{ {
"name" : "hpux-nfsoncplus-dos(45695)", "name": "31607",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45695" "url": "http://www.securityfocus.com/bid/31607"
} }
] ]
} }

74
2008/6xxx/CVE-2008-6021.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6021", "ID": "CVE-2008-6021",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple unspecified vulnerabilities in Attachmate Reflection for Secure IT UNIX Client and Server before 7.0 SP1 have unknown impact and attack vectors, aka \"security vulnerabilities found by 3rd party analysis.\"" "value": "Multiple unspecified vulnerabilities in Attachmate Reflection for Secure IT UNIX Client and Server before 7.0 SP1 have unknown impact and attack vectors, aka \"security vulnerabilities found by 3rd party analysis.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.attachmate.com/techdocs/2374.html", "name": "http://support.attachmate.com/techdocs/2374.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.attachmate.com/techdocs/2374.html" "url": "http://support.attachmate.com/techdocs/2374.html"
}, },
{ {
"name" : "30723", "name": "attachmate-multiple-unspecified(48536)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/30723" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48536"
}, },
{ {
"name" : "attachmate-multiple-unspecified(48536)", "name": "30723",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48536" "url": "http://www.securityfocus.com/bid/30723"
} }
] ]
} }

86
2008/6xxx/CVE-2008-6230.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6230", "ID": "CVE-2008-6230",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in Tour.php in Pre Projects Pre Podcast Portal allows remote attackers to execute arbitrary SQL commands via the id parameter." "value": "SQL injection vulnerability in Tour.php in Pre Projects Pre Podcast Portal allows remote attackers to execute arbitrary SQL commands via the id parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "6997", "name": "ADV-2008-3016",
"refsource" : "EXPLOIT-DB", "refsource": "VUPEN",
"url" : "https://www.exploit-db.com/exploits/6997" "url": "http://www.vupen.com/english/advisories/2008/3016"
}, },
{ {
"name" : "32124", "name": "32563",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/32124" "url": "http://secunia.com/advisories/32563"
}, },
{ {
"name" : "ADV-2008-3016", "name": "6997",
"refsource" : "VUPEN", "refsource": "EXPLOIT-DB",
"url" : "http://www.vupen.com/english/advisories/2008/3016" "url": "https://www.exploit-db.com/exploits/6997"
}, },
{ {
"name" : "32563", "name": "32124",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/32563" "url": "http://www.securityfocus.com/bid/32124"
}, },
{ {
"name" : "prepodcastportal-tour-sql-injection(46386)", "name": "prepodcastportal-tour-sql-injection(46386)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46386" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46386"
} }
] ]
} }

86
2008/6xxx/CVE-2008-6263.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6263", "ID": "CVE-2008-6263",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in lib/user/t_user.php in SaturnCMS allows remote attackers to execute arbitrary SQL commands via the username parameter to the _userLoggedIn function. NOTE: some of these details are obtained from third party information." "value": "SQL injection vulnerability in lib/user/t_user.php in SaturnCMS allows remote attackers to execute arbitrary SQL commands via the username parameter to the _userLoggedIn function. NOTE: some of these details are obtained from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "7147", "name": "saturncms-username-sql-injection(46651)",
"refsource" : "EXPLOIT-DB", "refsource": "XF",
"url" : "https://www.exploit-db.com/exploits/7147" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46651"
}, },
{ {
"name" : "32336", "name": "32336",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/32336" "url": "http://www.securityfocus.com/bid/32336"
}, },
{ {
"name" : "32726", "name": "7147",
"refsource" : "SECUNIA", "refsource": "EXPLOIT-DB",
"url" : "http://secunia.com/advisories/32726" "url": "https://www.exploit-db.com/exploits/7147"
}, },
{ {
"name" : "saturncms-username-sql-injection(46651)", "name": "32726",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46651" "url": "http://secunia.com/advisories/32726"
}, },
{ {
"name" : "saturncms-tuser-sql-injection(48952)", "name": "saturncms-tuser-sql-injection(48952)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48952" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48952"
} }
] ]
} }

86
2008/6xxx/CVE-2008-6269.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6269", "ID": "CVE-2008-6269",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Joovili 3.1.4 allows remote attackers to bypass authentication and gain privileges as other users, including the administrator, by setting the (1) session_id, session_logged_in, and session_username cookies for user privileges; (2) session_admin_id, session_admin_username, and session_admin cookies for admin privileges; and (3) session_staff_id, session_staff_username, and session_staff cookies for staff users." "value": "Joovili 3.1.4 allows remote attackers to bypass authentication and gain privileges as other users, including the administrator, by setting the (1) session_id, session_logged_in, and session_username cookies for user privileges; (2) session_admin_id, session_admin_username, and session_admin cookies for admin privileges; and (3) session_staff_id, session_staff_username, and session_staff cookies for staff users."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "6955", "name": "joovili-multiple-cookie-security-bypass(46272)",
"refsource" : "EXPLOIT-DB", "refsource": "XF",
"url" : "https://www.exploit-db.com/exploits/6955" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46272"
}, },
{ {
"name" : "32058", "name": "32491",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/32058" "url": "http://secunia.com/advisories/32491"
}, },
{ {
"name" : "32491", "name": "6955",
"refsource" : "SECUNIA", "refsource": "EXPLOIT-DB",
"url" : "http://secunia.com/advisories/32491" "url": "https://www.exploit-db.com/exploits/6955"
}, },
{ {
"name" : "ADV-2008-2978", "name": "32058",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2008/2978" "url": "http://www.securityfocus.com/bid/32058"
}, },
{ {
"name" : "joovili-multiple-cookie-security-bypass(46272)", "name": "ADV-2008-2978",
"refsource" : "XF", "refsource": "VUPEN",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46272" "url": "http://www.vupen.com/english/advisories/2008/2978"
} }
] ]
} }

104
2008/7xxx/CVE-2008-7177.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-7177", "ID": "CVE-2008-7177",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719." "value": "Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=607497", "name": "ADV-2008-1939",
"refsource" : "CONFIRM", "refsource": "VUPEN",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=607497" "url": "http://www.vupen.com/english/advisories/2008/1939"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=452800", "name": "29955",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=452800" "url": "http://www.securityfocus.com/bid/29955"
}, },
{ {
"name" : "FEDORA-2008-5473", "name": "FEDORA-2008-5473",
"refsource" : "FEDORA", "refsource": "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg01000.html" "url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg01000.html"
}, },
{ {
"name" : "29955", "name": "30836",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/29955" "url": "http://secunia.com/advisories/30836"
}, },
{ {
"name" : "1020378", "name": "nasm-listingmodule-bo(43441)",
"refsource" : "SECTRACK", "refsource": "XF",
"url" : "http://www.securitytracker.com/id?1020378" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43441"
}, },
{ {
"name" : "30836", "name": "1020378",
"refsource" : "SECUNIA", "refsource": "SECTRACK",
"url" : "http://secunia.com/advisories/30836" "url": "http://www.securitytracker.com/id?1020378"
}, },
{ {
"name" : "ADV-2008-1939", "name": "http://sourceforge.net/project/shownotes.php?release_id=607497",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2008/1939" "url": "http://sourceforge.net/project/shownotes.php?release_id=607497"
}, },
{ {
"name" : "nasm-listingmodule-bo(43441)", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=452800",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43441" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=452800"
} }
] ]
} }

68
2008/7xxx/CVE-2008-7207.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-7207", "ID": "CVE-2008-7207",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "RivetTracker before 1.0 stores passwords in cleartext in config.php, which allows local users to discover passwords by reading config.php." "value": "RivetTracker before 1.0 stores passwords in cleartext in config.php, which allows local users to discover passwords by reading config.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.rivetcode.com/files/rivettracker/rivettracker_1-0.zip", "name": "http://www.rivetcode.com/files/rivettracker/rivettracker_1-0.zip",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.rivetcode.com/files/rivettracker/rivettracker_1-0.zip" "url": "http://www.rivetcode.com/files/rivettracker/rivettracker_1-0.zip"
}, },
{ {
"name" : "42433", "name": "42433",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/42433" "url": "http://osvdb.org/42433"
} }
] ]
} }

22
2012/5xxx/CVE-2012-5042.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-5042", "ID": "CVE-2012-5042",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2012/5xxx/CVE-2012-5059.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2012-5059", "ID": "CVE-2012-5059",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Products 8.51 and 8.52 allows remote attackers to affect integrity via unknown vectors related to Portal, a different vulnerability than CVE-2013-0392." "value": "Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Products 8.51 and 8.52 allows remote attackers to affect integrity via unknown vectors related to Portal, a different vulnerability than CVE-2013-0392."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html", "name": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html" "url": "http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html"
}, },
{ {
"name" : "MDVSA-2013:150", "name": "MDVSA-2013:150",
"refsource" : "MANDRIVA", "refsource": "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
} }
] ]
} }

62
2012/5xxx/CVE-2012-5992.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2012-5992", "ID": "CVE-2012-5992",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allow remote attackers to hijack the authentication of administrators for requests that (1) add administrative accounts via screens/aaa/mgmtuser_create.html or (2) insert XSS sequences via the headline parameter to screens/base/web_auth_custom.html, aka Bug ID CSCud50283." "value": "Multiple cross-site request forgery (CSRF) vulnerabilities on Cisco Wireless LAN Controller (WLC) devices with software 7.2.110.0 allow remote attackers to hijack the authentication of administrators for requests that (1) add administrative accounts via screens/aaa/mgmtuser_create.html or (2) insert XSS sequences via the headline parameter to screens/base/web_auth_custom.html, aka Bug ID CSCud50283."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://infosec42.blogspot.dk/2012/12/cisco-wlc-csrf-dos-and-persistent-xss.html", "name": "http://infosec42.blogspot.dk/2012/12/cisco-wlc-csrf-dos-and-persistent-xss.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://infosec42.blogspot.dk/2012/12/cisco-wlc-csrf-dos-and-persistent-xss.html" "url": "http://infosec42.blogspot.dk/2012/12/cisco-wlc-csrf-dos-and-persistent-xss.html"
} }
] ]
} }

62
2017/11xxx/CVE-2017-11134.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-11134", "ID": "CVE-2017-11134",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The login credentials are written into a log file on the device. Hence, an attacker with access to the logs can read them." "value": "An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The login credentials are written into a log file on the device. Hence, an attacker with access to the logs can read them."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://seclists.org/fulldisclosure/2017/Jul/90", "name": "http://seclists.org/fulldisclosure/2017/Jul/90",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://seclists.org/fulldisclosure/2017/Jul/90" "url": "http://seclists.org/fulldisclosure/2017/Jul/90"
} }
] ]
} }

22
2017/11xxx/CVE-2017-11700.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-11700", "ID": "CVE-2017-11700",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2017/11xxx/CVE-2017-11734.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-11734", "ID": "CVE-2017-11734",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A heap-based buffer over-read was found in the function decompileCALLFUNCTION in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file." "value": "A heap-based buffer over-read was found in the function decompileCALLFUNCTION in util/decompile.c in Ming 0.4.8, which allows attackers to cause a denial of service via a crafted file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in_24.html", "name": "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in_24.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in_24.html" "url": "http://somevulnsofadlab.blogspot.jp/2017/07/libmingheap-buffer-overflow-in_24.html"
}, },
{ {
"name" : "https://github.com/libming/libming/issues/83", "name": "https://github.com/libming/libming/issues/83",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/libming/libming/issues/83" "url": "https://github.com/libming/libming/issues/83"
} }
] ]
} }

76
2017/11xxx/CVE-2017-11781.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC" : "2017-10-10T00:00:00", "DATE_PUBLIC": "2017-10-10T00:00:00",
"ID" : "CVE-2017-11781", "ID": "CVE-2017-11781",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Server Block Message (SMB)", "product_name": "Server Block Message (SMB)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016" "version_value": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows a denial of service vulnerability when an attacker sends specially crafted requests to the server, aka \"Windows SMB Denial of Service Vulnerability\"." "value": "The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows a denial of service vulnerability when an attacker sends specially crafted requests to the server, aka \"Windows SMB Denial of Service Vulnerability\"."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Denial of Service" "value": "Denial of Service"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11781", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11781",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11781" "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11781"
}, },
{ {
"name" : "101140", "name": "1039528",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/101140" "url": "http://www.securitytracker.com/id/1039528"
}, },
{ {
"name" : "1039528", "name": "101140",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1039528" "url": "http://www.securityfocus.com/bid/101140"
} }
] ]
} }

76
2017/11xxx/CVE-2017-11808.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC" : "2017-10-10T00:00:00", "DATE_PUBLIC": "2017-10-10T00:00:00",
"ID" : "CVE-2017-11808", "ID": "CVE-2017-11808",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "ChakraCore, Microsoft Edge", "product_name": "ChakraCore, Microsoft Edge",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "ChakraCore, Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016." "version_value": "ChakraCore, Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821." "value": "ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Remote Code Execution" "value": "Remote Code Execution"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11808", "name": "101135",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11808" "url": "http://www.securityfocus.com/bid/101135"
}, },
{ {
"name" : "101135", "name": "1039529",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/101135" "url": "http://www.securitytracker.com/id/1039529"
}, },
{ {
"name" : "1039529", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11808",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1039529" "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11808"
} }
] ]
} }

62
2017/14xxx/CVE-2017-14428.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14428", "ID": "CVE-2017-14428",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/run/hostapd* permissions." "value": "D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware through FW208WWb02) devices have 0666 /var/run/hostapd* permissions."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://pierrekim.github.io/blog/2017-09-08-dlink-850l-mydlink-cloud-0days-vulnerabilities.html", "name": "https://pierrekim.github.io/blog/2017-09-08-dlink-850l-mydlink-cloud-0days-vulnerabilities.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://pierrekim.github.io/blog/2017-09-08-dlink-850l-mydlink-cloud-0days-vulnerabilities.html" "url": "https://pierrekim.github.io/blog/2017-09-08-dlink-850l-mydlink-cloud-0days-vulnerabilities.html"
} }
] ]
} }

74
2017/14xxx/CVE-2017-14639.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14639", "ID": "CVE-2017-14639",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617 uses incorrect character data types, which causes a stack-based buffer underflow and out-of-bounds write, leading to denial of service (application crash) or possibly unspecified other impact." "value": "AP4_VisualSampleEntry::ReadFields in Core/Ap4SampleEntry.cpp in Bento4 1.5.0-617 uses incorrect character data types, which causes a stack-based buffer underflow and out-of-bounds write, leading to denial of service (application crash) or possibly unspecified other impact."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://blogs.gentoo.org/ago/2017/09/14/bento4-stack-based-buffer-underflow-in-ap4_visualsampleentryreadfields-ap4sampleentry-cpp/", "name": "https://blogs.gentoo.org/ago/2017/09/14/bento4-stack-based-buffer-underflow-in-ap4_visualsampleentryreadfields-ap4sampleentry-cpp/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://blogs.gentoo.org/ago/2017/09/14/bento4-stack-based-buffer-underflow-in-ap4_visualsampleentryreadfields-ap4sampleentry-cpp/" "url": "https://blogs.gentoo.org/ago/2017/09/14/bento4-stack-based-buffer-underflow-in-ap4_visualsampleentryreadfields-ap4sampleentry-cpp/"
}, },
{ {
"name" : "https://github.com/axiomatic-systems/Bento4/commit/03d1222ab9c2ce779cdf01bdb96cdd69cbdcfeda", "name": "https://github.com/axiomatic-systems/Bento4/issues/190",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/axiomatic-systems/Bento4/commit/03d1222ab9c2ce779cdf01bdb96cdd69cbdcfeda" "url": "https://github.com/axiomatic-systems/Bento4/issues/190"
}, },
{ {
"name" : "https://github.com/axiomatic-systems/Bento4/issues/190", "name": "https://github.com/axiomatic-systems/Bento4/commit/03d1222ab9c2ce779cdf01bdb96cdd69cbdcfeda",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/axiomatic-systems/Bento4/issues/190" "url": "https://github.com/axiomatic-systems/Bento4/commit/03d1222ab9c2ce779cdf01bdb96cdd69cbdcfeda"
} }
] ]
} }

76
2017/14xxx/CVE-2017-14911.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-01-02T00:00:00", "DATE_PUBLIC": "2018-01-02T00:00:00",
"ID" : "CVE-2017-14911", "ID": "CVE-2017-14911",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon IoT, Snapdragon Mobile, Snapdragon Automobile", "product_name": "Snapdragon IoT, Snapdragon Mobile, Snapdragon Automobile",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "APQ8096AU, MDM9206, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 625, SD 650/52, SD 820, SD 835" "version_value": "APQ8096AU, MDM9206, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 625, SD 650/52, SD 820, SD 835"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile, Snapdragon Automobile APQ8096AU, MDM9206, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 625, SD 650/52, SD 820, SD 835, it is possible for the XBL loader to skip the authentication of device config." "value": "In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile, Snapdragon Automobile APQ8096AU, MDM9206, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 625, SD 650/52, SD 820, SD 835, it is possible for the XBL loader to skip the authentication of device config."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Improper Authentication in Boot" "value": "Improper Authentication in Boot"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.android.com/security/bulletin/2018-01-01", "name": "102386",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://source.android.com/security/bulletin/2018-01-01" "url": "http://www.securityfocus.com/bid/102386"
}, },
{ {
"name" : "102386", "name": "https://source.android.com/security/bulletin/2018-01-01",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/102386" "url": "https://source.android.com/security/bulletin/2018-01-01"
}, },
{ {
"name" : "1040106", "name": "1040106",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1040106" "url": "http://www.securitytracker.com/id/1040106"
} }
] ]
} }

76
2017/14xxx/CVE-2017-14912.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-01-02T00:00:00", "DATE_PUBLIC": "2018-01-02T00:00:00",
"ID" : "CVE-2017-14912", "ID": "CVE-2017-14912",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon IoT, Snapdragon Mobile", "product_name": "Snapdragon IoT, Snapdragon Mobile",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "MDM9206, MDM9607, MDM9650, MSM8909W, SD 200, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 835" "version_value": "MDM9206, MDM9607, MDM9650, MSM8909W, SD 200, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 835"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile [VERSION]: MDM9206, MDM9607, MDM9650, MSM8909W, SD 200, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 835, the attributes of buffers in Secure Display were not marked properly." "value": "In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile [VERSION]: MDM9206, MDM9607, MDM9650, MSM8909W, SD 200, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 835, the attributes of buffers in Secure Display were not marked properly."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Improper Access Control in TrustZone" "value": "Improper Access Control in TrustZone"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.android.com/security/bulletin/2018-01-01", "name": "102386",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://source.android.com/security/bulletin/2018-01-01" "url": "http://www.securityfocus.com/bid/102386"
}, },
{ {
"name" : "102386", "name": "https://source.android.com/security/bulletin/2018-01-01",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/102386" "url": "https://source.android.com/security/bulletin/2018-01-01"
}, },
{ {
"name" : "1040106", "name": "1040106",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1040106" "url": "http://www.securitytracker.com/id/1040106"
} }
] ]
} }

80
2017/14xxx/CVE-2017-14938.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14938", "ID": "CVE-2017-14938",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "_bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file." "value": "_bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://blogs.gentoo.org/ago/2017/09/26/binutils-memory-allocation-failure-in-_bfd_elf_slurp_version_tables-elf-c/", "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=22166",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://blogs.gentoo.org/ago/2017/09/26/binutils-memory-allocation-failure-in-_bfd_elf_slurp_version_tables-elf-c/" "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22166"
}, },
{ {
"name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=22166", "name": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bd61e135492ecf624880e6b78e5fcde3c9716df6",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=22166" "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bd61e135492ecf624880e6b78e5fcde3c9716df6"
}, },
{ {
"name" : "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bd61e135492ecf624880e6b78e5fcde3c9716df6", "name": "https://blogs.gentoo.org/ago/2017/09/26/binutils-memory-allocation-failure-in-_bfd_elf_slurp_version_tables-elf-c/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bd61e135492ecf624880e6b78e5fcde3c9716df6" "url": "https://blogs.gentoo.org/ago/2017/09/26/binutils-memory-allocation-failure-in-_bfd_elf_slurp_version_tables-elf-c/"
}, },
{ {
"name" : "101212", "name": "101212",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/101212" "url": "http://www.securityfocus.com/bid/101212"
} }
] ]
} }

22
2017/15xxx/CVE-2017-15557.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-15557", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-15557",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

62
2017/15xxx/CVE-2017-15755.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-15755", "ID": "CVE-2017-15755",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to \"Data from Faulting Address controls Branch Selection starting at verifier!AVrfpDphFindBusyMemoryNoCheck+0x0000000000000091.\"" "value": "IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to \"Data from Faulting Address controls Branch Selection starting at verifier!AVrfpDphFindBusyMemoryNoCheck+0x0000000000000091.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15755", "name": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15755",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15755" "url": "https://github.com/wlinzi/security_advisories/tree/master/CVE-2017-15755"
} }
] ]
} }

70
2017/15xxx/CVE-2017-15826.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-03-26T00:00:00", "DATE_PUBLIC": "2018-03-26T00:00:00",
"ID" : "CVE-2017-15826", "ID": "CVE-2017-15826",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", "product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Due to a race condition in MDSS rotator in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-20, a double free vulnerability may potentially exist when two threads free the same perf structures." "value": "Due to a race condition in MDSS rotator in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-20, a double free vulnerability may potentially exist when two threads free the same perf structures."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Double free in mdss_rotator_release_from_work_distribution()" "value": "Double free in mdss_rotator_release_from_work_distribution()"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=5ac3e9d038a7ee7edf77dde2dffae6f8ba528848", "name": "https://source.android.com/security/bulletin/pixel/2018-02-01",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=5ac3e9d038a7ee7edf77dde2dffae6f8ba528848" "url": "https://source.android.com/security/bulletin/pixel/2018-02-01"
}, },
{ {
"name" : "https://source.android.com/security/bulletin/pixel/2018-02-01", "name": "https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=5ac3e9d038a7ee7edf77dde2dffae6f8ba528848",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01" "url": "https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=5ac3e9d038a7ee7edf77dde2dffae6f8ba528848"
} }
] ]
} }

74
2017/8xxx/CVE-2017-8082.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-8082", "ID": "CVE-2017-8082",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "concrete5 8.1.0 has CSRF in Thumbnail Editor in the File Manager, which allows remote attackers to disable the entire installation by merely tricking an admin into viewing a malicious page involving the /tools/required/files/importers/imageeditor?fID=1&imgData= URI. This results in a site-wide denial of service making the site not accessible to any users or any administrators." "value": "concrete5 8.1.0 has CSRF in Thumbnail Editor in the File Manager, which allows remote attackers to disable the entire installation by merely tricking an admin into viewing a malicious page involving the /tools/required/files/importers/imageeditor?fID=1&imgData= URI. This results in a site-wide denial of service making the site not accessible to any users or any administrators."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://zeroday.insecurity.zone/exploits/concrete5_csrf_dos.txt", "name": "https://drive.google.com/open?id=0B3vXUYdNMECWZTd3SFRnUjllWk0",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://zeroday.insecurity.zone/exploits/concrete5_csrf_dos.txt" "url": "https://drive.google.com/open?id=0B3vXUYdNMECWZTd3SFRnUjllWk0"
}, },
{ {
"name" : "https://drive.google.com/open?id=0B3vXUYdNMECWZTd3SFRnUjllWk0", "name": "http://zeroday.insecurity.zone/exploits/concrete5_csrf_dos.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://drive.google.com/open?id=0B3vXUYdNMECWZTd3SFRnUjllWk0" "url": "http://zeroday.insecurity.zone/exploits/concrete5_csrf_dos.txt"
}, },
{ {
"name" : "https://twitter.com/insecurity/status/856066923146215425", "name": "https://twitter.com/insecurity/status/856066923146215425",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://twitter.com/insecurity/status/856066923146215425" "url": "https://twitter.com/insecurity/status/856066923146215425"
} }
] ]
} }

22
2017/8xxx/CVE-2017-8409.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-8409", "ID": "CVE-2017-8409",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

82
2017/8xxx/CVE-2017-8640.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC" : "2017-08-08T00:00:00", "DATE_PUBLIC": "2017-08-08T00:00:00",
"ID" : "CVE-2017-8640", "ID": "CVE-2017-8640",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Microsoft Scripting Engine", "product_name": "Microsoft Scripting Engine",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016." "version_value": "Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674." "value": "Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Remote Code Execution" "value": "Remote Code Execution"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "42476", "name": "100051",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "https://www.exploit-db.com/exploits/42476/" "url": "http://www.securityfocus.com/bid/100051"
}, },
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8640", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8640",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8640" "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8640"
}, },
{ {
"name" : "100051", "name": "42476",
"refsource" : "BID", "refsource": "EXPLOIT-DB",
"url" : "http://www.securityfocus.com/bid/100051" "url": "https://www.exploit-db.com/exploits/42476/"
}, },
{ {
"name" : "1039095", "name": "1039095",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1039095" "url": "http://www.securitytracker.com/id/1039095"
} }
] ]
} }

62
2017/8xxx/CVE-2017-8854.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-8854", "ID": "CVE-2017-8854",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "wolfSSL before 3.10.2 has an out-of-bounds memory access with loading crafted DH parameters, aka a buffer overflow triggered by a malformed temporary DH file." "value": "wolfSSL before 3.10.2 has an out-of-bounds memory access with loading crafted DH parameters, aka a buffer overflow triggered by a malformed temporary DH file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/wolfSSL/wolfssl/releases/tag/v3.10.2-stable", "name": "https://github.com/wolfSSL/wolfssl/releases/tag/v3.10.2-stable",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/wolfSSL/wolfssl/releases/tag/v3.10.2-stable" "url": "https://github.com/wolfSSL/wolfssl/releases/tag/v3.10.2-stable"
} }
] ]
} }

70
2017/8xxx/CVE-2017-8972.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security-alert@hpe.com", "ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC" : "2017-11-13T00:00:00", "DATE_PUBLIC": "2017-11-13T00:00:00",
"ID" : "CVE-2017-8972", "ID": "CVE-2017-8972",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Matrix Operating Environment", "product_name": "Matrix Operating Environment",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "7.6 LR1" "version_value": "7.6 LR1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Hewlett Packard Enterprise" "vendor_name": "Hewlett Packard Enterprise"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A clickjacking vulnerability in HPE Matrix Operating Environment version 7.6 LR1 was found." "value": "A clickjacking vulnerability in HPE Matrix Operating Environment version 7.6 LR1 was found."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Clickjacking" "value": "Clickjacking"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03795en_us", "name": "101938",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03795en_us" "url": "http://www.securityfocus.com/bid/101938"
}, },
{ {
"name" : "101938", "name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03795en_us",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/101938" "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03795en_us"
} }
] ]
} }

64
2018/12xxx/CVE-2018-12201.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@intel.com", "ASSIGNER": "secure@intel.com",
"DATE_PUBLIC" : "2019-03-12T00:00:00", "DATE_PUBLIC": "2019-03-12T00:00:00",
"ID" : "CVE-2018-12201", "ID": "CVE-2018-12201",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Intel Platform Sample / Silicon Reference firmware", "product_name": "Intel Platform Sample / Silicon Reference firmware",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Multiple versions." "version_value": "Multiple versions."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Intel Corporation" "vendor_name": "Intel Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow vulnerability in Platform Sample / Silicon Reference firmware for 8th Generation Intel(R) Core Processor, 7th Generation Intel(R) Core Processor, Intel(R) Pentium(R) Silver J5005 Processor, Intel(R) Pentium(R) Silver N5000 Processor, Intel(R) Celeron(R) J4105 Processor, Intel(R) Celeron(R) J4005 Processor, Intel Celeron(R) N4100 Processor and Intel(R) Celeron N4000 Processor may allow privileged user to potentially execute arbitrary code via local access." "value": "Buffer overflow vulnerability in Platform Sample / Silicon Reference firmware for 8th Generation Intel(R) Core Processor, 7th Generation Intel(R) Core Processor, Intel(R) Pentium(R) Silver J5005 Processor, Intel(R) Pentium(R) Silver N5000 Processor, Intel(R) Celeron(R) J4105 Processor, Intel(R) Celeron(R) J4005 Processor, Intel Celeron(R) N4100 Processor and Intel(R) Celeron N4000 Processor may allow privileged user to potentially execute arbitrary code via local access."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Escalation of privilege" "value": "Escalation of privilege"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00191.html", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00191.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00191.html" "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00191.html"
} }
] ]
} }

22
2018/12xxx/CVE-2018-12487.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12487", "ID": "CVE-2018-12487",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/12xxx/CVE-2018-12550.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12550", "ID": "CVE-2018-12550",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2018/12xxx/CVE-2018-12689.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12689", "ID": "CVE-2018-12689",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "phpLDAPadmin 1.2.2 allows LDAP injection via a crafted server_id parameter in a cmd.php?cmd=login_form request, or a crafted username and password in the login panel." "value": "phpLDAPadmin 1.2.2 allows LDAP injection via a crafted server_id parameter in a cmd.php?cmd=login_form request, or a crafted username and password in the login panel."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "44926", "name": "44926",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/44926/" "url": "https://www.exploit-db.com/exploits/44926/"
} }
] ]
} }

22
2018/12xxx/CVE-2018-12727.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12727", "ID": "CVE-2018-12727",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/12xxx/CVE-2018-12968.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12968", "ID": "CVE-2018-12968",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2018/13xxx/CVE-2018-13070.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13070", "ID": "CVE-2018-13070",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The mintToken function of a smart contract implementation for EncryptedToken (ECC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value." "value": "The mintToken function of a smart contract implementation for EncryptedToken (ECC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/VenusADLab/EtherTokens/blob/master/EncryptedToken/EncryptedToken.md", "name": "https://github.com/VenusADLab/EtherTokens/blob/master/EncryptedToken/EncryptedToken.md",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/VenusADLab/EtherTokens/blob/master/EncryptedToken/EncryptedToken.md" "url": "https://github.com/VenusADLab/EtherTokens/blob/master/EncryptedToken/EncryptedToken.md"
} }
] ]
} }

62
2018/13xxx/CVE-2018-13331.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13331", "ID": "CVE-2018-13331",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing users by placing JavaScript in their usernames." "value": "Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing users by placing JavaScript in their usernames."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://blog.securityevaluators.com/vulnerabilities-in-terramaster-tos-3-1-03-fb99cf88b86a", "name": "https://blog.securityevaluators.com/vulnerabilities-in-terramaster-tos-3-1-03-fb99cf88b86a",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://blog.securityevaluators.com/vulnerabilities-in-terramaster-tos-3-1-03-fb99cf88b86a" "url": "https://blog.securityevaluators.com/vulnerabilities-in-terramaster-tos-3-1-03-fb99cf88b86a"
} }
] ]
} }

72
2018/13xxx/CVE-2018-13398.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@atlassian.com", "ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC" : "2018-09-17T00:00:00", "DATE_PUBLIC": "2018-09-17T00:00:00",
"ID" : "CVE-2018-13398", "ID": "CVE-2018-13398",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Fisheye and Crucible", "product_name": "Fisheye and Crucible",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "4.5.4" "version_value": "4.5.4"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Atlassian" "vendor_name": "Atlassian"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The administrative smart-commits resource in Atlassian Fisheye and Crucible before version 4.5.4 allows remote attackers to modify smart-commit settings via a Cross-site request forgery (CSRF) vulnerability." "value": "The administrative smart-commits resource in Atlassian Fisheye and Crucible before version 4.5.4 allows remote attackers to modify smart-commit settings via a Cross-site request forgery (CSRF) vulnerability."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-Site Request Forgery (CSRF)" "value": "Cross-Site Request Forgery (CSRF)"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://jira.atlassian.com/browse/CRUC-8312", "name": "https://jira.atlassian.com/browse/FE-7100",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://jira.atlassian.com/browse/CRUC-8312" "url": "https://jira.atlassian.com/browse/FE-7100"
}, },
{ {
"name" : "https://jira.atlassian.com/browse/FE-7100", "name": "https://jira.atlassian.com/browse/CRUC-8312",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://jira.atlassian.com/browse/FE-7100" "url": "https://jira.atlassian.com/browse/CRUC-8312"
} }
] ]
} }

68
2018/13xxx/CVE-2018-13735.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13735", "ID": "CVE-2018-13735",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The mintToken function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value." "value": "The mintToken function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", "name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" "url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md"
}, },
{ {
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/EnterToken", "name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/EnterToken",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/EnterToken" "url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/EnterToken"
} }
] ]
} }

22
2018/13xxx/CVE-2018-13890.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13890", "ID": "CVE-2018-13890",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2018/16xxx/CVE-2018-16162.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vultures@jpcert.or.jp", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2018-16162", "ID": "CVE-2018-16162",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "OpenDolphin", "product_name": "OpenDolphin",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.7.0 and earlier" "version_value": "2.7.0 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Life Sciences Computing Corporation" "vendor_name": "Life Sciences Computing Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "OpenDolphin 2.7.0 and earlier allows authenticated attackers to obtain other users credentials such as a user ID and/or its password via unspecified vectors." "value": "OpenDolphin 2.7.0 and earlier allows authenticated attackers to obtain other users credentials such as a user ID and/or its password via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Information Disclosure" "value": "Information Disclosure"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.opendolphin.com/security20181023.html", "name": "JVN#59394343",
"refsource" : "MISC", "refsource": "JVN",
"url" : "http://www.opendolphin.com/security20181023.html" "url": "http://jvn.jp/en/jp/JVN59394343/index.html"
}, },
{ {
"name" : "JVN#59394343", "name": "http://www.opendolphin.com/security20181023.html",
"refsource" : "JVN", "refsource": "MISC",
"url" : "http://jvn.jp/en/jp/JVN59394343/index.html" "url": "http://www.opendolphin.com/security20181023.html"
} }
] ]
} }

22
2018/16xxx/CVE-2018-16300.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16300", "ID": "CVE-2018-16300",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/16xxx/CVE-2018-16963.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16963", "ID": "CVE-2018-16963",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/17xxx/CVE-2018-17343.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17343", "ID": "CVE-2018-17343",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/17xxx/CVE-2018-17381.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17381", "ID": "CVE-2018-17381",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/4xxx/CVE-2018-4320.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4320", "ID": "CVE-2018-4320",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/4xxx/CVE-2018-4625.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4625", "ID": "CVE-2018-4625",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

76
2018/4xxx/CVE-2018-4836.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "productcert@siemens.com", "ASSIGNER": "productcert@siemens.com",
"DATE_PUBLIC" : "2018-01-25T00:00:00", "DATE_PUBLIC": "2018-01-25T00:00:00",
"ID" : "CVE-2018-4836", "ID": "CVE-2018-4836",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "TeleControl Server Basic", "product_name": "TeleControl Server Basic",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions < V3.1" "version_value": "All versions < V3.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Siemens AG" "vendor_name": "Siemens AG"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A vulnerability has been identified in TeleControl Server Basic < V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic's port 8000/tcp could escalate his privileges and perform administrative operations." "value": "A vulnerability has been identified in TeleControl Server Basic < V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic's port 8000/tcp could escalate his privileges and perform administrative operations."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-287: Improper Authentication" "value": "CWE-287: Improper Authentication"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf", "name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf" "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf"
}, },
{ {
"name" : "102897", "name": "102904",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/102897" "url": "http://www.securityfocus.com/bid/102904"
}, },
{ {
"name" : "102904", "name": "102897",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/102904" "url": "http://www.securityfocus.com/bid/102897"
} }
] ]
} }

18
2019/9xxx/CVE-2019-9851.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-9851",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}