admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:20:28 +00:00
parent 23fb36cd64
commit 46812b4ddd
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
59 changed files with 3720 additions and 3720 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

220
2004/0xxx/CVE-2004-0445.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0445", "ID": "CVE-2004-0445",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040512 EEYE: Symantec Multiple Firewall DNS Response Denial-of-Service", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html" "lang": "eng",
}, "value": "The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself."
{ }
"name" : "http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html", ]
"refsource" : "CONFIRM", },
"url" : "http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#682110", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/682110" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "O-141", ]
"refsource" : "CIAC", }
"url" : "http://www.ciac.org/ciac/bulletins/o-141.shtml" ]
}, },
{ "references": {
"name" : "6100", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/6100" "name": "1010146",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1010146"
"name" : "1010144", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1010144" "name": "1010145",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1010145"
"name" : "1010145", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1010145" "name": "O-141",
}, "refsource": "CIAC",
{ "url": "http://www.ciac.org/ciac/bulletins/o-141.shtml"
"name" : "1010146", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1010146" "name": "VU#682110",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/682110"
"name" : "11066", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/11066" "name": "6100",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/6100"
"name" : "10336", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/10336" "name": "symantec-firewall-dns-dos(16132)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16132"
"name" : "symantec-firewall-dns-dos(16132)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16132" "name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html",
} "refsource": "CONFIRM",
] "url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html"
} },
} {
"name": "20040512 EEYE: Symantec Multiple Firewall DNS Response Denial-of-Service",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html"
},
{
"name": "1010144",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1010144"
},
{
"name": "11066",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11066"
},
{
"name": "10336",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10336"
}
]
}
}

190
2004/0xxx/CVE-2004-0689.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0689", "ID": "CVE-2004-0689",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "KDE before 3.3.0 does not properly handle when certain symbolic links point to \"stale\" locations, which could allow local users to create or truncate arbitrary files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040811 KDE Security Advisories: Temporary File and Konqueror Frame Injection Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=109225538901170&w=2" "lang": "eng",
}, "value": "KDE before 3.3.0 does not properly handle when certain symbolic links point to \"stale\" locations, which could allow local users to create or truncate arbitrary files."
{ }
"name" : "http://www.kde.org/info/security/advisory-20040811-1.txt", ]
"refsource" : "CONFIRM", },
"url" : "http://www.kde.org/info/security/advisory-20040811-1.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "CLA-2004:864", "description": [
"refsource" : "CONECTIVA", {
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-539", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2004/dsa-539" ]
}, },
{ "references": {
"name" : "200408-13", "reference_data": [
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200408-13.xml" "name": "oval:org.mitre.oval:def:9334",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9334"
"name" : "oval:org.mitre.oval:def:9334", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9334" "name": "CLA-2004:864",
}, "refsource": "CONECTIVA",
{ "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864"
"name" : "12276", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/12276/" "name": "12276",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/12276/"
"name" : "kde-application-symlink(16963)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16963" "name": "kde-application-symlink(16963)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16963"
} },
} {
"name": "DSA-539",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-539"
},
{
"name": "200408-13",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200408-13.xml"
},
{
"name": "20040811 KDE Security Advisories: Temporary File and Konqueror Frame Injection Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=109225538901170&w=2"
},
{
"name": "http://www.kde.org/info/security/advisory-20040811-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20040811-1.txt"
}
]
}
}

170
2004/0xxx/CVE-2004-0956.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0956", "ID": "CVE-2004-0956",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://bugs.mysql.com/bug.php?id=3870", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://bugs.mysql.com/bug.php?id=3870" "lang": "eng",
}, "value": "MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote."
{ }
"name" : "http://lists.mysql.com/packagers/202", ]
"refsource" : "CONFIRM", },
"url" : "http://lists.mysql.com/packagers/202" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-200410-22", "description": [
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SUSE-SR:2004:001", ]
"refsource" : "SUSE", }
"url" : "http://www.novell.com/linux/security/advisories/2004_01_sr.html" ]
}, },
{ "references": {
"name" : "2004-0054", "reference_data": [
"refsource" : "TRUSTIX", {
"url" : "http://www.trustix.net/errata/2004/0054/" "name": "2004-0054",
}, "refsource": "TRUSTIX",
{ "url": "http://www.trustix.net/errata/2004/0054/"
"name" : "mysql-match-against-dos(17768)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17768" "name": "http://lists.mysql.com/packagers/202",
} "refsource": "CONFIRM",
] "url": "http://lists.mysql.com/packagers/202"
} },
} {
"name": "GLSA-200410-22",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-22.xml"
},
{
"name": "mysql-match-against-dos(17768)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17768"
},
{
"name": "SUSE-SR:2004:001",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_01_sr.html"
},
{
"name": "http://bugs.mysql.com/bug.php?id=3870",
"refsource": "CONFIRM",
"url": "http://bugs.mysql.com/bug.php?id=3870"
}
]
}
}

280
2004/1xxx/CVE-2004-1074.json
View File

@ -1,142 +1,142 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1074", "ID": "CVE-2004-1074",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The binfmt functionality in the Linux kernel, when \"memory overcommit\" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[linux-kernel] 20041111 a.out issue", "description_data": [
"refsource" : "MLIST", {
"url" : "http://marc.info/?l=linux-kernel&m=110021173607372&w=2" "lang": "eng",
}, "value": "The binfmt functionality in the Linux kernel, when \"memory overcommit\" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary."
{ }
"name" : "CLA-2005:930", ]
"refsource" : "CONECTIVA", },
"url" : "http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-1070", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-1070" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-1067", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2006/dsa-1067" ]
}, },
{ "references": {
"name" : "DSA-1069", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-1069" "name": "20041216 [USN-39-1] Linux amd64 kernel vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=110322596918807&w=2"
"name" : "DSA-1082", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-1082" "name": "20163",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20163"
"name" : "FLSA:2336", },
"refsource" : "FEDORA", {
"url" : "https://bugzilla.fedora.us/show_bug.cgi?id=2336" "name": "DSA-1082",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2006/dsa-1082"
"name" : "MDKSA-2005:022", },
"refsource" : "MANDRAKE", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022" "name": "MDKSA-2005:022",
}, "refsource": "MANDRAKE",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022"
"name" : "2005-0001", },
"refsource" : "TRUSTIX", {
"url" : "http://www.trustix.org/errata/2005/0001/" "name": "linux-aout-binary-dos(18290)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18290"
"name" : "20041216 [USN-39-1] Linux amd64 kernel vulnerability", },
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=110322596918807&w=2" "name": "[linux-kernel] 20041111 a.out issue",
}, "refsource": "MLIST",
{ "url": "http://marc.info/?l=linux-kernel&m=110021173607372&w=2"
"name" : "11754", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/11754" "name": "FLSA:2336",
}, "refsource": "FEDORA",
{ "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336"
"name" : "oval:org.mitre.oval:def:9751", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9751" "name": "DSA-1070",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2006/dsa-1070"
"name" : "20162", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20162" "name": "20162",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20162"
"name" : "20163", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20163" "name": "2005-0001",
}, "refsource": "TRUSTIX",
{ "url": "http://www.trustix.org/errata/2005/0001/"
"name" : "20202", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20202" "name": "11754",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/11754"
"name" : "20338", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20338" "name": "DSA-1067",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2006/dsa-1067"
"name" : "linux-aout-binary-dos(18290)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18290" "name": "DSA-1069",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2006/dsa-1069"
} },
} {
"name": "oval:org.mitre.oval:def:9751",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9751"
},
{
"name": "CLA-2005:930",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930"
},
{
"name": "20202",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20202"
},
{
"name": "20338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20338"
}
]
}
}

160
2004/1xxx/CVE-2004-1118.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1118", "ID": "CVE-2004-1118",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the WodFtpDLX.ocx (WeOnlyDo!) ActiveX component before 2.3.2.97, as used by CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10, and possibly other applications, allows remote attackers to execute arbitrary code via a long filename."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20041122 WeOnlyDo! COM Ftp DELUXE ActiveX Control Buffer Overflow Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=110114233323417&w=2" "lang": "eng",
}, "value": "Buffer overflow in the WodFtpDLX.ocx (WeOnlyDo!) ActiveX component before 2.3.2.97, as used by CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10, and possibly other applications, allows remote attackers to execute arbitrary code via a long filename."
{ }
"name" : "20041122 WeOnlyDo! COM Ftp DELUXE ActiveX Control Buffer Overflow Vulnerability", ]
"refsource" : "FULLDISC", },
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029243.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20041122 CoffeeCup FTP Clients Buffer Overflow Vulnerability", "description": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029244.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "11721", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/11721" ]
}, },
{ "references": {
"name" : "wodftpdlx-long-filename-bo(18190)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18190" "name": "11721",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/11721"
} },
} {
"name": "20041122 WeOnlyDo! COM Ftp DELUXE ActiveX Control Buffer Overflow Vulnerability",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029243.html"
},
{
"name": "20041122 WeOnlyDo! COM Ftp DELUXE ActiveX Control Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110114233323417&w=2"
},
{
"name": "20041122 CoffeeCup FTP Clients Buffer Overflow Vulnerability",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029244.html"
},
{
"name": "wodftpdlx-long-filename-bo(18190)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18190"
}
]
}
}

160
2004/1xxx/CVE-2004-1534.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1534", "ID": "CVE-2004-1534",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, allows remote web sites to cause a denial of service (application instability or system hang) via certain JavaScript."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20041118 Zone Labs Ad-Blocking Instability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=110088808402495&w=2" "lang": "eng",
}, "value": "ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, allows remote web sites to cause a denial of service (application instability or system hang) via certain JavaScript."
{ }
"name" : "http://download.zonelabs.com/bin/free/securityAlert/18.html", ]
"refsource" : "CONFIRM", },
"url" : "http://download.zonelabs.com/bin/free/securityAlert/18.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "11706", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/11706" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "13244", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/13244/" ]
}, },
{ "references": {
"name" : "zonealarm-adblock-dos(18159)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18159" "name": "13244",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/13244/"
} },
} {
"name": "20041118 Zone Labs Ad-Blocking Instability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110088808402495&w=2"
},
{
"name": "http://download.zonelabs.com/bin/free/securityAlert/18.html",
"refsource": "CONFIRM",
"url": "http://download.zonelabs.com/bin/free/securityAlert/18.html"
},
{
"name": "11706",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11706"
},
{
"name": "zonealarm-adblock-dos(18159)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18159"
}
]
}
}

140
2004/1xxx/CVE-2004-1879.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1879", "ID": "CVE-2004-1879",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows allows remote attackers to inject arbitrary web script or HTML via forum messages."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040330 phpkit suffers (reale stupid) XSS vuln.", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=108067894822358&w=2" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows allows remote attackers to inject arbitrary web script or HTML via forum messages."
{ }
"name" : "10013", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/10013" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "phpkit-forum-message-xss(15681)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15681" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "phpkit-forum-message-xss(15681)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15681"
},
{
"name": "10013",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10013"
},
{
"name": "20040330 phpkit suffers (reale stupid) XSS vuln.",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=108067894822358&w=2"
}
]
}
}

150
2008/2xxx/CVE-2008-2458.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2458", "ID": "CVE-2008-2458",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php in Starsgames Control Panel 4.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the st parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080520 Starsgames Control Panel <= 4.6.2 Remote XSS Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/492264/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in index.php in Starsgames Control Panel 4.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the st parameter."
{ }
"name" : "29295", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/29295" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "30321", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30321" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "starsgamescontrolpanel-index-xss(42544)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42544" ]
} },
] "references": {
} "reference_data": [
} {
"name": "starsgamescontrolpanel-index-xss(42544)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42544"
},
{
"name": "29295",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29295"
},
{
"name": "20080520 Starsgames Control Panel <= 4.6.2 Remote XSS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/492264/100/0/threaded"
},
{
"name": "30321",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30321"
}
]
}
}

170
2008/2xxx/CVE-2008-2707.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2707", "ID": "CVE-2008-2707",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the e1000g driver in Sun Solaris 10 and OpenSolaris before snv_93 allows remote attackers to cause a denial of service (network connectivity loss) via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "238250", "description_data": [
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238250-1" "lang": "eng",
}, "value": "Unspecified vulnerability in the e1000g driver in Sun Solaris 10 and OpenSolaris before snv_93 allows remote attackers to cause a denial of service (network connectivity loss) via unknown vectors."
{ }
"name" : "29730", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/29730" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2008-1835", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1835" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1020290", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1020290" ]
}, },
{ "references": {
"name" : "30700", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30700" "name": "238250",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238250-1"
"name" : "solaris-e1000ggigabit-dos(43096)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43096" "name": "1020290",
} "refsource": "SECTRACK",
] "url": "http://securitytracker.com/id?1020290"
} },
} {
"name": "ADV-2008-1835",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1835"
},
{
"name": "30700",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30700"
},
{
"name": "29730",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29730"
},
{
"name": "solaris-e1000ggigabit-dos(43096)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43096"
}
]
}
}

190
2008/3xxx/CVE-2008-3325.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3325", "ID": "CVE-2008-3325",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in Moodle 1.6.x before 1.6.7 and 1.7.x before 1.7.5 allows remote attackers to modify profile settings and gain privileges as other users via a link or IMG tag to the user edit profile page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080722 PR08-16: CSRF (Cross-site Request Forgery) on Moodle edit profile page", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/494658/100/0/threaded" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in Moodle 1.6.x before 1.6.7 and 1.7.x before 1.7.5 allows remote attackers to modify profile settings and gain privileges as other users via a link or IMG tag to the user edit profile page."
{ }
"name" : "http://www.procheckup.com/Vulnerability_PR08-16.php", ]
"refsource" : "MISC", },
"url" : "http://www.procheckup.com/Vulnerability_PR08-16.php" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://moodle.org/mod/forum/discuss.php?d=101405", "description": [
"refsource" : "CONFIRM", {
"url" : "http://moodle.org/mod/forum/discuss.php?d=101405" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-1691", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2008/dsa-1691" ]
}, },
{ "references": {
"name" : "SUSE-SR:2008:016", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html" "name": "http://moodle.org/mod/forum/discuss.php?d=101405",
}, "refsource": "CONFIRM",
{ "url": "http://moodle.org/mod/forum/discuss.php?d=101405"
"name" : "31196", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31196" "name": "http://www.procheckup.com/Vulnerability_PR08-16.php",
}, "refsource": "MISC",
{ "url": "http://www.procheckup.com/Vulnerability_PR08-16.php"
"name" : "31339", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31339" "name": "SUSE-SR:2008:016",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html"
"name" : "moodle-editprofile-csrf(43964)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43964" "name": "moodle-editprofile-csrf(43964)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43964"
} },
} {
"name": "31196",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31196"
},
{
"name": "DSA-1691",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1691"
},
{
"name": "20080722 PR08-16: CSRF (Cross-site Request Forgery) on Moodle edit profile page",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/494658/100/0/threaded"
},
{
"name": "31339",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31339"
}
]
}
}

240
2008/3xxx/CVE-2008-3456.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3456", "ID": "CVE-2008-3456",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://yehg.net/lab/pr0js/advisories/Cross-Site_Framing_inphpMyAdmin2.11.7.pdf", "description_data": [
"refsource" : "MISC", {
"url" : "http://yehg.net/lab/pr0js/advisories/Cross-Site_Framing_inphpMyAdmin2.11.7.pdf" "lang": "eng",
}, "value": "phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack."
{ }
"name" : "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-6", ]
"refsource" : "CONFIRM", },
"url" : "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-6" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-1641", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2008/dsa-1641" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2008-6810", ]
"refsource" : "FEDORA", }
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01239.html" ]
}, },
{ "references": {
"name" : "FEDORA-2008-6868", "reference_data": [
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01316.html" "name": "MDVSA-2008:202",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:202"
"name" : "MDVSA-2008:202", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:202" "name": "FEDORA-2008-6868",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01316.html"
"name" : "SUSE-SR:2008:026", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html" "name": "http://yehg.net/lab/pr0js/advisories/Cross-Site_Framing_inphpMyAdmin2.11.7.pdf",
}, "refsource": "MISC",
{ "url": "http://yehg.net/lab/pr0js/advisories/Cross-Site_Framing_inphpMyAdmin2.11.7.pdf"
"name" : "30420", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/30420" "name": "FEDORA-2008-6810",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01239.html"
"name" : "ADV-2008-2226", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/2226/references" "name": "phpmyadmin-multiple-weak-security(44050)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44050"
"name" : "31263", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31263" "name": "32834",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/32834"
"name" : "31312", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31312" "name": "ADV-2008-2226",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/2226/references"
"name" : "32834", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/32834" "name": "DSA-1641",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2008/dsa-1641"
"name" : "phpmyadmin-multiple-weak-security(44050)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44050" "name": "31312",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/31312"
} },
} {
"name": "31263",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31263"
},
{
"name": "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-6",
"refsource": "CONFIRM",
"url": "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-6"
},
{
"name": "30420",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30420"
},
{
"name": "SUSE-SR:2008:026",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html"
}
]
}
}

170
2008/3xxx/CVE-2008-3967.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-3967", "ID": "CVE-2008-3967",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "moderation.php in MyBB (aka MyBulletinBoard) before 1.4.1 does not properly check for moderator privileges, which has unknown impact and remote attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20080909 CVE request: mybb < 1.4.1", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2008/09/09/1" "lang": "eng",
}, "value": "moderation.php in MyBB (aka MyBulletinBoard) before 1.4.1 does not properly check for moderator privileges, which has unknown impact and remote attack vectors."
{ }
"name" : "[oss-security] 20080909 Re: CVE request: mybb < 1.4.1", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2008/09/09/9" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://community.mybboard.net/attachment.php?aid=10579", "description": [
"refsource" : "CONFIRM", {
"url" : "http://community.mybboard.net/attachment.php?aid=10579" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://community.mybboard.net/showthread.php?tid=36022", ]
"refsource" : "CONFIRM", }
"url" : "http://community.mybboard.net/showthread.php?tid=36022" ]
}, },
{ "references": {
"name" : "31104", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/31104" "name": "[oss-security] 20080909 CVE request: mybb < 1.4.1",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2008/09/09/1"
"name" : "31760", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31760" "name": "31760",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/31760"
} },
} {
"name": "http://community.mybboard.net/showthread.php?tid=36022",
"refsource": "CONFIRM",
"url": "http://community.mybboard.net/showthread.php?tid=36022"
},
{
"name": "31104",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31104"
},
{
"name": "http://community.mybboard.net/attachment.php?aid=10579",
"refsource": "CONFIRM",
"url": "http://community.mybboard.net/attachment.php?aid=10579"
},
{
"name": "[oss-security] 20080909 Re: CVE request: mybb < 1.4.1",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/09/09/9"
}
]
}
}

180
2008/4xxx/CVE-2008-4679.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-4679", "ID": "CVE-2008-4679",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Web Services Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.31 and 6.1 before 6.1.0.19, when Certificate Store Collections is configured to use Certificate Revocation Lists (CRL), does not call the setRevocationEnabled method on the PKIXBuilderParameters object, which prevents the \"Java security method\" from checking the revocation status of X.509 certificates and allows remote attackers to bypass intended access restrictions via a SOAP message with a revoked certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg27006876", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg27006876" "lang": "eng",
}, "value": "The Web Services Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.31 and 6.1 before 6.1.0.19, when Certificate Store Collections is configured to use Certificate Revocation Lists (CRL), does not call the setRevocationEnabled method on the PKIXBuilderParameters object, which prevents the \"Java security method\" from checking the revocation status of X.509 certificates and allows remote attackers to bypass intended access restrictions via a SOAP message with a revoked certificate."
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg27007951", ]
"refsource" : "CONFIRM", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg27007951" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "PK61258", "description": [
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1PK61258" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "31839", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/31839" ]
}, },
{ "references": {
"name" : "ADV-2008-2871", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/2871" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg27007951",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27007951"
"name" : "32296", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/32296" "name": "ADV-2008-2871",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/2871"
"name" : "websphere-crl-weak-security(46002)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46002" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg27006876",
} "refsource": "CONFIRM",
] "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27006876"
} },
} {
"name": "PK61258",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK61258"
},
{
"name": "32296",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32296"
},
{
"name": "31839",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31839"
},
{
"name": "websphere-crl-weak-security(46002)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46002"
}
]
}
}

150
2008/6xxx/CVE-2008-6350.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6350", "ID": "CVE-2008-6350",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to execute arbitrary SQL commands via the r parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "7035", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/7035" "lang": "eng",
}, "value": "SQL injection vulnerability in listtest.php in TurnkeyForms Local Classifieds allows remote attackers to execute arbitrary SQL commands via the r parameter."
{ }
"name" : "32176", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/32176" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "32591", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/32591" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "localclassifieds-listtest-sql-injection(46417)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46417" ]
} },
] "references": {
} "reference_data": [
} {
"name": "localclassifieds-listtest-sql-injection(46417)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46417"
},
{
"name": "7035",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7035"
},
{
"name": "32591",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32591"
},
{
"name": "32176",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32176"
}
]
}
}

150
2008/6xxx/CVE-2008-6753.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6753", "ID": "CVE-2008-6753",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in SilverStripe before 2.2.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to AjaxUniqueTextField."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20090413 CVE request: silverstripe - two sql injections", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2009/04/13/2" "lang": "eng",
}, "value": "SQL injection vulnerability in SilverStripe before 2.2.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to AjaxUniqueTextField."
{ }
"name" : "http://silverstripe.org/archive/show/43794", ]
"refsource" : "CONFIRM", },
"url" : "http://silverstripe.org/archive/show/43794" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "34852", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/34852" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "silverstripe-ajaxuniquetext-sql-injection(50368)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50368" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://silverstripe.org/archive/show/43794",
"refsource": "CONFIRM",
"url": "http://silverstripe.org/archive/show/43794"
},
{
"name": "silverstripe-ajaxuniquetext-sql-injection(50368)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50368"
},
{
"name": "[oss-security] 20090413 CVE request: silverstripe - two sql injections",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/04/13/2"
},
{
"name": "34852",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34852"
}
]
}
}

150
2008/6xxx/CVE-2008-6989.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6989", "ID": "CVE-2008-6989",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 allows remote attackers to execute arbitrary SQL commands via the username parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080910 Ezphotogallery 2.1 Multiple Vulnerabilities ( Xss/Login Bypass/Sql injection Exploit/File Disclosure)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/496220/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in gallery.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 allows remote attackers to execute arbitrary SQL commands via the username parameter."
{ }
"name" : "6428", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/6428" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "48315", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/48315" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "31774", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/31774" ]
} },
] "references": {
} "reference_data": [
} {
"name": "31774",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31774"
},
{
"name": "6428",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6428"
},
{
"name": "48315",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/48315"
},
{
"name": "20080910 Ezphotogallery 2.1 Multiple Vulnerabilities ( Xss/Login Bypass/Sql injection Exploit/File Disclosure)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/496220/100/0/threaded"
}
]
}
}

34
2008/7xxx/CVE-2008-7272.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-7272", "ID": "CVE-2008-7272",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2008/7xxx/CVE-2008-7275.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-7275", "ID": "CVE-2008-7275",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Request System (OTRS) before 2.3.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) AgentTicketMailbox or (2) CustomerTicketOverView."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://bugs.otrs.org/show_bug.cgi?id=3287", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://bugs.otrs.org/show_bug.cgi?id=3287" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Request System (OTRS) before 2.3.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) AgentTicketMailbox or (2) CustomerTicketOverView."
{ }
"name" : "http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807", ]
"refsource" : "CONFIRM", },
"url" : "http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bugs.otrs.org/show_bug.cgi?id=3287",
"refsource": "CONFIRM",
"url": "http://bugs.otrs.org/show_bug.cgi?id=3287"
},
{
"name": "http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807",
"refsource": "CONFIRM",
"url": "http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807"
}
]
}
}

34
2013/2xxx/CVE-2013-2016.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-2016", "ID": "CVE-2013-2016",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2013/2xxx/CVE-2013-2398.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-2398", "ID": "CVE-2013-2398",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Open UI Client."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Open UI Client."
{ }
"name" : "MDVSA-2013:150", ]
"refsource" : "MANDRIVA", },
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
]
}
}

300
2013/2xxx/CVE-2013-2421.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-2421", "ID": "CVE-2013-2421",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect MethodHandle lookups, which allows remote attackers to bypass Java sandbox restrictions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[distro-pkg-dev] 20130417 [SECURITY] IcedTea 1.11.10 for OpenJDK 6 Released!", "description_data": [
"refsource" : "MLIST", {
"url" : "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect MethodHandle lookups, which allows remote attackers to bypass Java sandbox restrictions."
{ }
"name" : "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/hotspot/rev/663b5c744e82", ]
"refsource" : "MISC", },
"url" : "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/hotspot/rev/663b5c744e82" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=952649", "description": [
"refsource" : "MISC", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=952649" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" ]
}, },
{ "references": {
"name" : "http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/" "name": "GLSA-201406-32",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
"name" : "http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/", },
"refsource" : "CONFIRM", {
"url" : "http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/" "name": "oval:org.mitre.oval:def:16258",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16258"
"name" : "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124", },
"refsource" : "CONFIRM", {
"url" : "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124" "name": "[distro-pkg-dev] 20130417 [SECURITY] IcedTea 1.11.10 for OpenJDK 6 Released!",
}, "refsource": "MLIST",
{ "url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html"
"name" : "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130", },
"refsource" : "CONFIRM", {
"url" : "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=952649",
}, "refsource": "MISC",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952649"
"name" : "GLSA-201406-32", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" "name": "MDVSA-2013:145",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:145"
"name" : "MDVSA-2013:145", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:145" "name": "TA13-107A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/ncas/alerts/TA13-107A"
"name" : "MDVSA-2013:161", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:161" "name": "http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/",
}, "refsource": "CONFIRM",
{ "url": "http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/"
"name" : "RHSA-2013:0752", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0752.html" "name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130",
}, "refsource": "CONFIRM",
{ "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130"
"name" : "RHSA-2013:0757", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0757.html" "name": "RHSA-2013:0757",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-0757.html"
"name" : "SUSE-SU-2013:0814", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00007.html" "name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124",
}, "refsource": "CONFIRM",
{ "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124"
"name" : "openSUSE-SU-2013:0777", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2013-05/msg00017.html" "name": "openSUSE-SU-2013:0777",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2013-05/msg00017.html"
"name" : "openSUSE-SU-2013:0964", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html" "name": "MDVSA-2013:161",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:161"
"name" : "USN-1806-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1806-1" "name": "openSUSE-SU-2013:0964",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html"
"name" : "TA13-107A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/ncas/alerts/TA13-107A" "name": "RHSA-2013:0752",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-0752.html"
"name" : "oval:org.mitre.oval:def:16258", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16258" "name": "USN-1806-1",
} "refsource": "UBUNTU",
] "url": "http://www.ubuntu.com/usn/USN-1806-1"
} },
} {
"name": "SUSE-SU-2013:0814",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00007.html"
},
{
"name": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/hotspot/rev/663b5c744e82",
"refsource": "MISC",
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/hotspot/rev/663b5c744e82"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html"
},
{
"name": "http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/",
"refsource": "CONFIRM",
"url": "http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/"
}
]
}
}

122
2017/11xxx/CVE-2017-11029.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2017-11-01T00:00:00", "DATE_PUBLIC": "2017-11-01T00:00:00",
"ID" : "CVE-2017-11029", "ID": "CVE-2017-11029",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", "product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, camera application triggers \"user-memory-access\" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in user space. An unchecked userspace value (ioctl_ptr->len) is used to copy contents to a kernel buffer which can lead to kernel buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer Copy without Checking Size of Input in Camera"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/pixel/2017-11-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/pixel/2017-11-01" "lang": "eng",
} "value": "In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, camera application triggers \"user-memory-access\" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in user space. An unchecked userspace value (ioctl_ptr->len) is used to copy contents to a kernel buffer which can lead to kernel buffer overflow."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Copy without Checking Size of Input in Camera"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/pixel/2017-11-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/pixel/2017-11-01"
}
]
}
}

160
2017/11xxx/CVE-2017-11108.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-11108", "ID": "CVE-2017-11108",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1468504", "description_data": [
"refsource" : "MISC", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1468504" "lang": "eng",
}, "value": "tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. The crash occurs in the EXTRACT_16BITS function, called from the stp_print function for the Spanning Tree Protocol."
{ }
"name" : "https://support.apple.com/HT208221", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT208221" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3971", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2017/dsa-3971" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201709-23", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201709-23" ]
}, },
{ "references": {
"name" : "RHEA-2018:0705", "reference_data": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHEA-2018:0705" "name": "GLSA-201709-23",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201709-23"
} },
} {
"name": "https://support.apple.com/HT208221",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208221"
},
{
"name": "DSA-3971",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3971"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1468504",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1468504"
},
{
"name": "RHEA-2018:0705",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHEA-2018:0705"
}
]
}
}

34
2017/11xxx/CVE-2017-11371.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-11371", "ID": "CVE-2017-11371",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2017/11xxx/CVE-2017-11860.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-11860", "ID": "CVE-2017-11860",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2017/11xxx/CVE-2017-11995.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-11995", "ID": "CVE-2017-11995",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2017/14xxx/CVE-2017-14005.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "ics-cert@hq.dhs.gov", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2017-14005", "ID": "CVE-2017-14005",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "ProMinent MultiFLEX M10a Controller", "product_name": "ProMinent MultiFLEX M10a Controller",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "ProMinent MultiFLEX M10a Controller" "version_value": "ProMinent MultiFLEX M10a Controller"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An Unverified Password Change issue was discovered in ProMinent MultiFLEX M10a Controller web interface. When setting a new password for a user, the application does not require the user to know the original password. An attacker who is authenticated could change a user's password, enabling future access and possible configuration changes."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-620"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-285-01", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-285-01" "lang": "eng",
}, "value": "An Unverified Password Change issue was discovered in ProMinent MultiFLEX M10a Controller web interface. When setting a new password for a user, the application does not require the user to know the original password. An attacker who is authenticated could change a user's password, enabling future access and possible configuration changes."
{ }
"name" : "101259", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/101259" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "CWE-620"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101259",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101259"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-285-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-285-01"
}
]
}
}

34
2017/14xxx/CVE-2017-14157.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14157", "ID": "CVE-2017-14157",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2017/14xxx/CVE-2017-14613.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14613", "ID": "CVE-2017-14613",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

132
2017/14xxx/CVE-2017-14876.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-03-26T00:00:00", "DATE_PUBLIC": "2018-03-26T00:00:00",
"ID" : "CVE-2017-14876", "ID": "CVE-2017-14876",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", "product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In msm_ispif_config_stereo() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-21, the parameter params->entries[i].vfe_intf comes from userspace without any bounds check which could potentially result in a kernel out-of-bounds write."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Improper Validation of Array Index in Camera"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=f26dbd9d9491333766ba383044064b1304127ac0", "description_data": [
"refsource" : "MISC", {
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=f26dbd9d9491333766ba383044064b1304127ac0" "lang": "eng",
}, "value": "In msm_ispif_config_stereo() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-21, the parameter params->entries[i].vfe_intf comes from userspace without any bounds check which could potentially result in a kernel out-of-bounds write."
{ }
"name" : "https://source.android.com/security/bulletin/pixel/2018-02-01", ]
"refsource" : "CONFIRM", },
"url" : "https://source.android.com/security/bulletin/pixel/2018-02-01" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Improper Validation of Array Index in Camera"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=f26dbd9d9491333766ba383044064b1304127ac0",
"refsource": "MISC",
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=f26dbd9d9491333766ba383044064b1304127ac0"
},
{
"name": "https://source.android.com/security/bulletin/pixel/2018-02-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/pixel/2018-02-01"
}
]
}
}

160
2017/14xxx/CVE-2017-14919.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14919", "ID": "CVE-2017-14919",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Node.js before 4.8.5, 6.x before 6.11.5, and 8.x before 8.8.0 allows remote attackers to cause a denial of service (uncaught exception and crash) by leveraging a change in the zlib module 1.2.9 making 8 an invalid value for the windowBits parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://nodejs.org/en/blog/release/v4.8.5/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://nodejs.org/en/blog/release/v4.8.5/" "lang": "eng",
}, "value": "Node.js before 4.8.5, 6.x before 6.11.5, and 8.x before 8.8.0 allows remote attackers to cause a denial of service (uncaught exception and crash) by leveraging a change in the zlib module 1.2.9 making 8 an invalid value for the windowBits parameter."
{ }
"name" : "https://nodejs.org/en/blog/release/v6.11.5/", ]
"refsource" : "CONFIRM", },
"url" : "https://nodejs.org/en/blog/release/v6.11.5/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://nodejs.org/en/blog/release/v8.8.0/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://nodejs.org/en/blog/release/v8.8.0/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://nodejs.org/en/blog/vulnerability/oct-2017-dos/", ]
"refsource" : "CONFIRM", }
"url" : "https://nodejs.org/en/blog/vulnerability/oct-2017-dos/" ]
}, },
{ "references": {
"name" : "101881", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/101881" "name": "101881",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/101881"
} },
} {
"name": "https://nodejs.org/en/blog/vulnerability/oct-2017-dos/",
"refsource": "CONFIRM",
"url": "https://nodejs.org/en/blog/vulnerability/oct-2017-dos/"
},
{
"name": "https://nodejs.org/en/blog/release/v8.8.0/",
"refsource": "CONFIRM",
"url": "https://nodejs.org/en/blog/release/v8.8.0/"
},
{
"name": "https://nodejs.org/en/blog/release/v6.11.5/",
"refsource": "CONFIRM",
"url": "https://nodejs.org/en/blog/release/v6.11.5/"
},
{
"name": "https://nodejs.org/en/blog/release/v4.8.5/",
"refsource": "CONFIRM",
"url": "https://nodejs.org/en/blog/release/v4.8.5/"
}
]
}
}

150
2017/14xxx/CVE-2017-14976.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-14976", "ID": "CVE-2017-14976",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a heap-based buffer over-read vulnerability if an out-of-bounds font dictionary index is encountered, which allows an attacker to launch a denial of service attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20171118 [SECURITY] [DLA 1177-1] poppler security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html" "lang": "eng",
}, "value": "The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a heap-based buffer over-read vulnerability if an out-of-bounds font dictionary index is encountered, which allows an attacker to launch a denial of service attack."
{ }
"name" : "https://bugzilla.freedesktop.org/show_bug.cgi?id=102724", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.freedesktop.org/show_bug.cgi?id=102724" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://cgit.freedesktop.org/poppler/poppler/commit/?id=da63c35549e8852a410946ab016a3f25ac701bdf", "description": [
"refsource" : "CONFIRM", {
"url" : "https://cgit.freedesktop.org/poppler/poppler/commit/?id=da63c35549e8852a410946ab016a3f25ac701bdf" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-4079", ]
"refsource" : "DEBIAN", }
"url" : "https://www.debian.org/security/2018/dsa-4079" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://cgit.freedesktop.org/poppler/poppler/commit/?id=da63c35549e8852a410946ab016a3f25ac701bdf",
"refsource": "CONFIRM",
"url": "https://cgit.freedesktop.org/poppler/poppler/commit/?id=da63c35549e8852a410946ab016a3f25ac701bdf"
},
{
"name": "DSA-4079",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4079"
},
{
"name": "https://bugzilla.freedesktop.org/show_bug.cgi?id=102724",
"refsource": "CONFIRM",
"url": "https://bugzilla.freedesktop.org/show_bug.cgi?id=102724"
},
{
"name": "[debian-lts-announce] 20171118 [SECURITY] [DLA 1177-1] poppler security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html"
}
]
}
}

128
2017/15xxx/CVE-2017-15322.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@huawei.com", "ASSIGNER": "psirt@huawei.com",
"DATE_PUBLIC" : "2017-11-08T00:00:00", "DATE_PUBLIC": "2017-11-08T00:00:00",
"ID" : "CVE-2017-15322", "ID": "CVE-2017-15322",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Baggio-L03A", "product_name": "Baggio-L03A",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "BGO-L03C158B003CUSTC158D001" "version_value": "BGO-L03C158B003CUSTC158D001"
}, },
{ {
"version_value" : "BGO-L03C331B009CUSTC331D001" "version_value": "BGO-L03C331B009CUSTC331D001"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Huawei Technologies Co., Ltd." "vendor_name": "Huawei Technologies Co., Ltd."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Some Huawei smartphones with software of BGO-L03C158B003CUSTC158D001 and BGO-L03C331B009CUSTC331D001 have a DoS vulnerability due to insufficient input validation. An attacker could exploit this vulnerability by sending specially crafted NFC messages to the target device. Successful exploit could make a service crash."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "DoS"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-01-nfc-en", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-01-nfc-en" "lang": "eng",
} "value": "Some Huawei smartphones with software of BGO-L03C158B003CUSTC158D001 and BGO-L03C331B009CUSTC331D001 have a DoS vulnerability due to insufficient input validation. An attacker could exploit this vulnerability by sending specially crafted NFC messages to the target device. Successful exploit could make a service crash."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-01-nfc-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-01-nfc-en"
}
]
}
}

34
2017/15xxx/CVE-2017-15493.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-15493", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-15493",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
} }
] ]
} }
} }

150
2017/15xxx/CVE-2017-15571.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-15571", "ID": "CVE-2017-15571",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/views/issues/_list.html.erb via crafted column data."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/redmine/redmine/commit/273dd9cb3bcfb1e0a0b90570b3b34eafa07d67aa", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/redmine/redmine/commit/273dd9cb3bcfb1e0a0b90570b3b34eafa07d67aa" "lang": "eng",
}, "value": "In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/views/issues/_list.html.erb via crafted column data."
{ }
"name" : "https://www.redmine.org/issues/27186", ]
"refsource" : "CONFIRM", },
"url" : "https://www.redmine.org/issues/27186" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.redmine.org/projects/redmine/wiki/Security_Advisories", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.redmine.org/projects/redmine/wiki/Security_Advisories" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-4191", ]
"refsource" : "DEBIAN", }
"url" : "https://www.debian.org/security/2018/dsa-4191" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://www.redmine.org/projects/redmine/wiki/Security_Advisories",
"refsource": "CONFIRM",
"url": "https://www.redmine.org/projects/redmine/wiki/Security_Advisories"
},
{
"name": "DSA-4191",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4191"
},
{
"name": "https://www.redmine.org/issues/27186",
"refsource": "CONFIRM",
"url": "https://www.redmine.org/issues/27186"
},
{
"name": "https://github.com/redmine/redmine/commit/273dd9cb3bcfb1e0a0b90570b3b34eafa07d67aa",
"refsource": "CONFIRM",
"url": "https://github.com/redmine/redmine/commit/273dd9cb3bcfb1e0a0b90570b3b34eafa07d67aa"
}
]
}
}

132
2017/15xxx/CVE-2017-15830.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-03-05T00:00:00", "DATE_PUBLIC": "2018-03-05T00:00:00",
"ID" : "CVE-2017-15830", "ID": "CVE-2017-15830",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper ch_list array index initialization in function sme_set_plm_request() causes potential buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=8a7a2a9c5d203e3395811963061c79d3bc257ebe", "description_data": [
"refsource" : "MISC", {
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=8a7a2a9c5d203e3395811963061c79d3bc257ebe" "lang": "eng",
}, "value": "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper ch_list array index initialization in function sme_set_plm_request() causes potential buffer overflow."
{ }
"name" : "https://source.android.com/security/bulletin/pixel/2018-03-01", ]
"refsource" : "CONFIRM", },
"url" : "https://source.android.com/security/bulletin/pixel/2018-03-01" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=8a7a2a9c5d203e3395811963061c79d3bc257ebe",
"refsource": "MISC",
"url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=8a7a2a9c5d203e3395811963061c79d3bc257ebe"
},
{
"name": "https://source.android.com/security/bulletin/pixel/2018-03-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/pixel/2018-03-01"
}
]
}
}

130
2017/15xxx/CVE-2017-15976.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-15976", "ID": "CVE-2017-15976",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "43083", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/43083/" "lang": "eng",
}, "value": "ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604."
{ }
"name" : "https://packetstormsecurity.com/files/144446/ZeeBuddy-2x-SQL-Injection.html", ]
"refsource" : "MISC", },
"url" : "https://packetstormsecurity.com/files/144446/ZeeBuddy-2x-SQL-Injection.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43083",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43083/"
},
{
"name": "https://packetstormsecurity.com/files/144446/ZeeBuddy-2x-SQL-Injection.html",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/144446/ZeeBuddy-2x-SQL-Injection.html"
}
]
}
}

140
2017/8xxx/CVE-2017-8453.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-8453", "ID": "CVE-2017-8453",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-17-134/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-17-134/" "lang": "eng",
}, "value": "Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document."
{ }
"name" : "https://www.foxitsoftware.com/support/security-bulletins.php", ]
"refsource" : "CONFIRM", },
"url" : "https://www.foxitsoftware.com/support/security-bulletins.php" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "98317", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/98317" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "98317",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98317"
},
{
"name": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource": "CONFIRM",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-134/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-134/"
}
]
}
}

120
2017/9xxx/CVE-2017-9496.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-9496", "ID": "CVE-2017-9496",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to access an SNMP server by connecting a cable to the Ethernet port, and then establishing communication with the device's link-local IPv6 address."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-40.ethernet-snmp.txt", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-40.ethernet-snmp.txt" "lang": "eng",
} "value": "The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to access an SNMP server by connecting a cable to the Ethernet port, and then establishing communication with the device's link-local IPv6 address."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-40.ethernet-snmp.txt",
"refsource": "MISC",
"url": "https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-40.ethernet-snmp.txt"
}
]
}
}

120
2017/9xxx/CVE-2017-9553.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@synology.com", "ASSIGNER": "security@synology.com",
"ID" : "CVE-2017-9553", "ID": "CVE-2017-9553",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A design flaw in SYNO.API.Encryption in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to bypass the encryption protection mechanism via the crafted version parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.synology.com/en-global/support/security/Synology_SA_17_29_DSM", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.synology.com/en-global/support/security/Synology_SA_17_29_DSM" "lang": "eng",
} "value": "A design flaw in SYNO.API.Encryption in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to bypass the encryption protection mechanism via the crafted version parameter."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/en-global/support/security/Synology_SA_17_29_DSM",
"refsource": "CONFIRM",
"url": "https://www.synology.com/en-global/support/security/Synology_SA_17_29_DSM"
}
]
}
}

150
2017/9xxx/CVE-2017-9775.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-9775", "ID": "CVE-2017-9775",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.freedesktop.org/show_bug.cgi?id=101540", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.freedesktop.org/show_bug.cgi?id=101540" "lang": "eng",
}, "value": "Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document."
{ }
"name" : "DSA-4079", ]
"refsource" : "DEBIAN", },
"url" : "https://www.debian.org/security/2018/dsa-4079" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2017:2551", "description": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:2551" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "99241", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/99241" ]
} },
] "references": {
} "reference_data": [
} {
"name": "99241",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99241"
},
{
"name": "https://bugs.freedesktop.org/show_bug.cgi?id=101540",
"refsource": "CONFIRM",
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=101540"
},
{
"name": "RHSA-2017:2551",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2551"
},
{
"name": "DSA-4079",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4079"
}
]
}
}

130
2018/0xxx/CVE-2018-0185.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2018-0185", "ID": "CVE-2018-0185",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco IOS XE", "product_name": "Cisco IOS XE",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Cisco IOS XE" "version_value": "Cisco IOS XE"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. The vulnerabilities exist because the affected software does not sufficiently sanitize command arguments before passing commands to the Linux shell for execution. An attacker could exploit these vulnerabilities by submitting a malicious CLI command to the affected software. A successful exploit could allow the attacker to break from the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell on an affected device and execute arbitrary commands with root privileges on the device. Cisco Bug IDs: CSCuz03145, CSCuz56419, CSCva31971, CSCvb09542."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-78"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-cmdinj", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-cmdinj" "lang": "eng",
}, "value": "Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. The vulnerabilities exist because the affected software does not sufficiently sanitize command arguments before passing commands to the Linux shell for execution. An attacker could exploit these vulnerabilities by submitting a malicious CLI command to the affected software. A successful exploit could allow the attacker to break from the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell on an affected device and execute arbitrary commands with root privileges on the device. Cisco Bug IDs: CSCuz03145, CSCuz56419, CSCva31971, CSCvb09542."
{ }
"name" : "103547", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103547" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-cmdinj",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-cmdinj"
},
{
"name": "103547",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103547"
}
]
}
}

136
2018/1000xxx/CVE-2018-1000546.json
View File

@ -1,70 +1,70 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "kurt@seifried.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2018-06-23T11:22:33.067690", "DATE_ASSIGNED": "2018-06-23T11:22:33.067690",
"DATE_REQUESTED" : "2018-06-01T15:36:27", "DATE_REQUESTED": "2018-06-01T15:36:27",
"ID" : "CVE-2018-1000546", "ID": "CVE-2018-1000546",
"REQUESTER" : "Melbourne@sectalks.org", "REQUESTER": "Melbourne@sectalks.org",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Triplea", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "<= 1.9.0.0.10291" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Triplea" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Triplea version <= 1.9.0.0.10291 contains a XML External Entity (XXE) vulnerability in Importing game data that can result in Possible information disclosure, server-side request forgery, or remote code execution. This attack appear to be exploitable via Specially crafted game data file (XML)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "XML External Entity (XXE)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://0dd.zone/2018/05/31/TripleA-XXE/", "description_data": [
"refsource" : "MISC", {
"url" : "https://0dd.zone/2018/05/31/TripleA-XXE/" "lang": "eng",
}, "value": "Triplea version <= 1.9.0.0.10291 contains a XML External Entity (XXE) vulnerability in Importing game data that can result in Possible information disclosure, server-side request forgery, or remote code execution. This attack appear to be exploitable via Specially crafted game data file (XML)."
{ }
"name" : "https://github.com/triplea-game/triplea/issues/3442", ]
"refsource" : "MISC", },
"url" : "https://github.com/triplea-game/triplea/issues/3442" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/triplea-game/triplea/issues/3442",
"refsource": "MISC",
"url": "https://github.com/triplea-game/triplea/issues/3442"
},
{
"name": "https://0dd.zone/2018/05/31/TripleA-XXE/",
"refsource": "MISC",
"url": "https://0dd.zone/2018/05/31/TripleA-XXE/"
}
]
}
}

34
2018/12xxx/CVE-2018-12128.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12128", "ID": "CVE-2018-12128",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/12xxx/CVE-2018-12135.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12135", "ID": "CVE-2018-12135",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

200
2018/12xxx/CVE-2018-12232.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12232", "ID": "CVE-2018-12232",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat does not increment the file descriptor reference count, which allows close to set the socket to NULL during fchownat's execution, leading to a NULL pointer dereference and system crash."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6d8c50dcb029872b298eea68cc6209c866fd3e14", "description_data": [
"refsource" : "MISC", {
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6d8c50dcb029872b298eea68cc6209c866fd3e14" "lang": "eng",
}, "value": "In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat does not increment the file descriptor reference count, which allows close to set the socket to NULL during fchownat's execution, leading to a NULL pointer dereference and system crash."
{ }
"name" : "https://github.com/torvalds/linux/commit/6d8c50dcb029872b298eea68cc6209c866fd3e14", ]
"refsource" : "MISC", },
"url" : "https://github.com/torvalds/linux/commit/6d8c50dcb029872b298eea68cc6209c866fd3e14" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://lkml.org/lkml/2018/6/5/14", "description": [
"refsource" : "MISC", {
"url" : "https://lkml.org/lkml/2018/6/5/14" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://patchwork.ozlabs.org/patch/926519/", ]
"refsource" : "MISC", }
"url" : "https://patchwork.ozlabs.org/patch/926519/" ]
}, },
{ "references": {
"name" : "RHSA-2018:2948", "reference_data": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2948" "name": "USN-3752-2",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3752-2/"
"name" : "USN-3752-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3752-1/" "name": "USN-3752-3",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3752-3/"
"name" : "USN-3752-2", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3752-2/" "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6d8c50dcb029872b298eea68cc6209c866fd3e14",
}, "refsource": "MISC",
{ "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6d8c50dcb029872b298eea68cc6209c866fd3e14"
"name" : "USN-3752-3", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3752-3/" "name": "https://patchwork.ozlabs.org/patch/926519/",
}, "refsource": "MISC",
{ "url": "https://patchwork.ozlabs.org/patch/926519/"
"name" : "104453", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/104453" "name": "RHSA-2018:2948",
} "refsource": "REDHAT",
] "url": "https://access.redhat.com/errata/RHSA-2018:2948"
} },
} {
"name": "https://lkml.org/lkml/2018/6/5/14",
"refsource": "MISC",
"url": "https://lkml.org/lkml/2018/6/5/14"
},
{
"name": "104453",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104453"
},
{
"name": "USN-3752-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3752-1/"
},
{
"name": "https://github.com/torvalds/linux/commit/6d8c50dcb029872b298eea68cc6209c866fd3e14",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/6d8c50dcb029872b298eea68cc6209c866fd3e14"
}
]
}
}

120
2018/12xxx/CVE-2018-12311.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12311", "ID": "CVE-2018-12311",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting vulnerability in File Explorer in ASUSTOR ADM version 3.1.1 allows attackers to execute arbitrary JavaScript when a file is moved via a malicious filename."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://blog.securityevaluators.com/over-a-dozen-vulnerabilities-discovered-in-asustor-as-602t-8dd5832a82cc", "description_data": [
"refsource" : "MISC", {
"url" : "https://blog.securityevaluators.com/over-a-dozen-vulnerabilities-discovered-in-asustor-as-602t-8dd5832a82cc" "lang": "eng",
} "value": "Cross-site scripting vulnerability in File Explorer in ASUSTOR ADM version 3.1.1 allows attackers to execute arbitrary JavaScript when a file is moved via a malicious filename."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.securityevaluators.com/over-a-dozen-vulnerabilities-discovered-in-asustor-as-602t-8dd5832a82cc",
"refsource": "MISC",
"url": "https://blog.securityevaluators.com/over-a-dozen-vulnerabilities-discovered-in-asustor-as-602t-8dd5832a82cc"
}
]
}
}

130
2018/12xxx/CVE-2018-12696.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12696", "ID": "CVE-2018-12696",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "mao10cms 6 allows XSS via the article page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/chenrui1896/mao10cms_xss/wiki/The-xss-vulnerability-of-mao10cms", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/chenrui1896/mao10cms_xss/wiki/The-xss-vulnerability-of-mao10cms" "lang": "eng",
}, "value": "mao10cms 6 allows XSS via the article page."
{ }
"name" : "https://github.com/nsmaomao/mao10cms/issues/3", ]
"refsource" : "MISC", },
"url" : "https://github.com/nsmaomao/mao10cms/issues/3" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/nsmaomao/mao10cms/issues/3",
"refsource": "MISC",
"url": "https://github.com/nsmaomao/mao10cms/issues/3"
},
{
"name": "https://github.com/chenrui1896/mao10cms_xss/wiki/The-xss-vulnerability-of-mao10cms",
"refsource": "MISC",
"url": "https://github.com/chenrui1896/mao10cms_xss/wiki/The-xss-vulnerability-of-mao10cms"
}
]
}
}

130
2018/13xxx/CVE-2018-13194.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13194", "ID": "CVE-2018-13194",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The mintToken function of a smart contract implementation for TongTong Coin (TTCoin), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" "lang": "eng",
}, "value": "The mintToken function of a smart contract implementation for TongTong Coin (TTCoin), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
{ }
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/TTCoin", ]
"refsource" : "MISC", },
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/TTCoin" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md",
"refsource": "MISC",
"url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md"
},
{
"name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/TTCoin",
"refsource": "MISC",
"url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/TTCoin"
}
]
}
}

130
2018/13xxx/CVE-2018-13530.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13530", "ID": "CVE-2018-13530",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The mintToken function of a smart contract implementation for HunterCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" "lang": "eng",
}, "value": "The mintToken function of a smart contract implementation for HunterCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
{ }
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/HunterCoin", ]
"refsource" : "MISC", },
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/HunterCoin" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md",
"refsource": "MISC",
"url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md"
},
{
"name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/HunterCoin",
"refsource": "MISC",
"url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/HunterCoin"
}
]
}
}

34
2018/16xxx/CVE-2018-16279.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16279", "ID": "CVE-2018-16279",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/16xxx/CVE-2018-16584.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16584", "ID": "CVE-2018-16584",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2018/16xxx/CVE-2018-16759.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16759", "ID": "CVE-2018-16759",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The removeXSS function in App/Common/common.php (called from App/Modules/Index/Action/SearchAction.class.php) in EasyCMS v1.4 allows XSS via an onhashchange event."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/teameasy/EasyCMS/issues/4", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/teameasy/EasyCMS/issues/4" "lang": "eng",
} "value": "The removeXSS function in App/Common/common.php (called from App/Modules/Index/Action/SearchAction.class.php) in EasyCMS v1.4 allows XSS via an onhashchange event."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/teameasy/EasyCMS/issues/4",
"refsource": "MISC",
"url": "https://github.com/teameasy/EasyCMS/issues/4"
}
]
}
}

190
2018/4xxx/CVE-2018-4209.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2018-4209", "ID": "CVE-2018-4209",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT208693,", "description_data": [
"refsource" : "MISC", {
"url" : "https://support.apple.com/HT208693," "lang": "eng",
}, "value": "In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks."
{ }
"name" : "https://support.apple.com/HT208695,", ]
"refsource" : "MISC", },
"url" : "https://support.apple.com/HT208695," "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT208696,", "description": [
"refsource" : "MISC", {
"url" : "https://support.apple.com/HT208696," "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://support.apple.com/HT208697,", ]
"refsource" : "MISC", }
"url" : "https://support.apple.com/HT208697," ]
}, },
{ "references": {
"name" : "https://support.apple.com/HT208698,", "reference_data": [
"refsource" : "MISC", {
"url" : "https://support.apple.com/HT208698," "name": "https://support.apple.com/HT208695,",
}, "refsource": "MISC",
{ "url": "https://support.apple.com/HT208695,"
"name" : "https://support.apple.com/HT208694", },
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT208694" "name": "https://support.apple.com/HT208697,",
}, "refsource": "MISC",
{ "url": "https://support.apple.com/HT208697,"
"name" : "GLSA-201812-04", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201812-04" "name": "https://support.apple.com/HT208696,",
}, "refsource": "MISC",
{ "url": "https://support.apple.com/HT208696,"
"name" : "USN-3781-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3781-1/" "name": "USN-3781-1",
} "refsource": "UBUNTU",
] "url": "https://usn.ubuntu.com/3781-1/"
} },
} {
"name": "https://support.apple.com/HT208698,",
"refsource": "MISC",
"url": "https://support.apple.com/HT208698,"
},
{
"name": "GLSA-201812-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201812-04"
},
{
"name": "https://support.apple.com/HT208694",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208694"
},
{
"name": "https://support.apple.com/HT208693,",
"refsource": "MISC",
"url": "https://support.apple.com/HT208693,"
}
]
}
}

34
2018/4xxx/CVE-2018-4336.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4336", "ID": "CVE-2018-4336",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/4xxx/CVE-2018-4388.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4388", "ID": "CVE-2018-4388",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/4xxx/CVE-2018-4732.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-4732", "ID": "CVE-2018-4732",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2018/4xxx/CVE-2018-4919.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2018-4919", "ID": "CVE-2018-4919",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Flash Player 28.0.0.161 and earlier versions", "product_name": "Adobe Flash Player 28.0.0.161 and earlier versions",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe Flash Player 28.0.0.161 and earlier versions" "version_value": "Adobe Flash Player 28.0.0.161 and earlier versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable use after free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Use After Free"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb18-05.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb18-05.html" "lang": "eng",
}, "value": "Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable use after free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user."
{ }
"name" : "RHSA-2018:0520", ]
"refsource" : "REDHAT", },
"url" : "https://access.redhat.com/errata/RHSA-2018:0520" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "103385", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/103385" "lang": "eng",
}, "value": "Use After Free"
{ }
"name" : "1040509", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1040509" ]
} },
] "references": {
} "reference_data": [
} {
"name": "RHSA-2018:0520",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0520"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb18-05.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb18-05.html"
},
{
"name": "103385",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103385"
},
{
"name": "1040509",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040509"
}
]
}
}

140
2018/4xxx/CVE-2018-4973.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2018-4973", "ID": "CVE-2018-4973",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions", "product_name": "Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions" "version_value": "Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Out-of-bounds read"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb18-09.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb18-09.html" "lang": "eng",
}, "value": "Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure."
{ }
"name" : "104175", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/104175" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1040920", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040920" "lang": "eng",
} "value": "Out-of-bounds read"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb18-09.html",
"refsource": "MISC",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb18-09.html"
},
{
"name": "1040920",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040920"
},
{
"name": "104175",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104175"
}
]
}
}