admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 05:30:50 +00:00
parent 10d231f538
commit 46c1a9f39d
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
57 changed files with 4438 additions and 4438 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
1999/1xxx/CVE-1999-1234.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1234", "ID": "CVE-1999-1234",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19991026 Re: LSA vulnerability on NT40 SP5", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=ntbugtraq&m=94096671308565&w=2" "lang": "eng",
}, "value": "LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo."
{ }
"name" : "msrpc-samr-open-dos(3293)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/3293" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19991026 Re: LSA vulnerability on NT40 SP5",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq&m=94096671308565&w=2"
},
{
"name": "msrpc-samr-open-dos(3293)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3293"
}
]
}
}

140
1999/1xxx/CVE-1999-1451.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1451", "ID": "CVE-1999-1451",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "Q231368", "description_data": [
"refsource" : "MSKB", {
"url" : "http://support.microsoft.com/support/kb/articles/q231/3/68.asp" "lang": "eng",
}, "value": "The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary files."
{ }
"name" : "MS99-013", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-013" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "iis-samples-winmsdp(3271)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/3271" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "Q231368",
"refsource": "MSKB",
"url": "http://support.microsoft.com/support/kb/articles/q231/3/68.asp"
},
{
"name": "iis-samples-winmsdp(3271)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3271"
},
{
"name": "MS99-013",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-013"
}
]
}
}

140
2000/1xxx/CVE-2000-1179.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-1179", "ID": "CVE-2000-1179",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Netopia ISDN Router 650-ST before 4.3.5 allows remote attackers to read system logs without authentication by directly connecting to the login screen and typing certain control characters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20001115 Netopia ISDN Router 650-ST: Viewing of all system logs without login", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=97440068130051&w=2" "lang": "eng",
}, "value": "Netopia ISDN Router 650-ST before 4.3.5 allows remote attackers to read system logs without authentication by directly connecting to the login screen and typing certain control characters."
{ }
"name" : "1952", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1952" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "netopia-view-system-log(5536)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5536" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "netopia-view-system-log(5536)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5536"
},
{
"name": "20001115 Netopia ISDN Router 650-ST: Viewing of all system logs without login",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=97440068130051&w=2"
},
{
"name": "1952",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1952"
}
]
}
}

190
2005/2xxx/CVE-2005-2103.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2005-2103", "ID": "CVE-2005-2103",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://gaim.sourceforge.net/security/?id=22", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://gaim.sourceforge.net/security/?id=22" "lang": "eng",
}, "value": "Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n."
{ }
"name" : "FLSA:158543", ]
"refsource" : "FEDORA", },
"url" : "http://www.securityfocus.com/archive/1/426078/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2005:589", "description": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-589.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2005:627", ]
"refsource" : "REDHAT", }
"url" : "http://www.redhat.com/support/errata/RHSA-2005-627.html" ]
}, },
{ "references": {
"name" : "SUSE-SR:2005:019", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2005_19_sr.html" "name": "http://gaim.sourceforge.net/security/?id=22",
}, "refsource": "CONFIRM",
{ "url": "http://gaim.sourceforge.net/security/?id=22"
"name" : "USN-168-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/168-1/" "name": "FLSA:158543",
}, "refsource": "FEDORA",
{ "url": "http://www.securityfocus.com/archive/1/426078/100/0/threaded"
"name" : "14531", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/14531" "name": "SUSE-SR:2005:019",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
"name" : "oval:org.mitre.oval:def:11477", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11477" "name": "oval:org.mitre.oval:def:11477",
} "refsource": "OVAL",
] "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11477"
} },
} {
"name": "14531",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14531"
},
{
"name": "USN-168-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/168-1/"
},
{
"name": "RHSA-2005:627",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-627.html"
},
{
"name": "RHSA-2005:589",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-589.html"
}
]
}
}

120
2005/2xxx/CVE-2005-2219.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2219", "ID": "CVE-2005-2219",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Hosting Controller 6.1 Hotfix 2.1 allows remote authenticated users to perform unauthorized actions, such as modifying the credit limit, via a direct request to AccountActions.asp and modifying the CreditLimit parameter in an UpdateCreditLimit action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "1014443", "description_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1014443" "lang": "eng",
} "value": "Hosting Controller 6.1 Hotfix 2.1 allows remote authenticated users to perform unauthorized actions, such as modifying the credit limit, via a direct request to AccountActions.asp and modifying the CreditLimit parameter in an UpdateCreditLimit action."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1014443",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014443"
}
]
}
}

180
2005/2xxx/CVE-2005-2395.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2395", "ID": "CVE-2005-2395",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the strongest authentication scheme available as required by RFC2617, which might cause credentials to be sent in plaintext even if an encrypted channel is available."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050719 Mozilla cleartext credentials leak bug report to excuse myself (Re[2]: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/405666" "lang": "eng",
}, "value": "Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the strongest authentication scheme available as required by RFC2617, which might cause credentials to be sent in plaintext even if an encrypted channel is available."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=281851", ]
"refsource" : "MISC", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=281851" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.securiteam.com/securitynews/5PP0L00GUQ.html", "description": [
"refsource" : "MISC", {
"url" : "http://www.securiteam.com/securitynews/5PP0L00GUQ.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "14325", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/14325" ]
}, },
{ "references": {
"name" : "19002", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/19002" "name": "19002",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/19002"
"name" : "8", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/8" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=281851",
}, "refsource": "MISC",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=281851"
"name" : "mozilla-authentication-weakness(22272)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22272" "name": "8",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/8"
} },
} {
"name": "20050719 Mozilla cleartext credentials leak bug report to excuse myself (Re[2]: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/405666"
},
{
"name": "http://www.securiteam.com/securitynews/5PP0L00GUQ.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/securitynews/5PP0L00GUQ.html"
},
{
"name": "mozilla-authentication-weakness(22272)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22272"
},
{
"name": "14325",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14325"
}
]
}
}

300
2005/2xxx/CVE-2005-2558.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2558", "ID": "CVE-2005-2558",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050808 [AppSecInc Advisory MYSQL05-V0002] Buffer Overflow in MySQL User Defined Functions", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=112354450412427&w=2" "lang": "eng",
}, "value": "Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field."
{ }
"name" : "20050808 [AppSecInc Advisory MYSQL05-V0002] Buffer Overflow in MySQL User Defined Functions", ]
"refsource" : "FULLDISC", },
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2005-August/035845.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.appsecinc.com/resources/alerts/mysql/2005-002.html", "description": [
"refsource" : "MISC", {
"url" : "http://www.appsecinc.com/resources/alerts/mysql/2005-002.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-829", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2005/dsa-829" ]
}, },
{ "references": {
"name" : "DSA-831", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2005/dsa-831" "name": "DSA-831",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2005/dsa-831"
"name" : "DSA-833", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2005/dsa-833" "name": "mysql-user-defined-function-bo(21737)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21737"
"name" : "FLSA-2006:167803", },
"refsource" : "FEDORA", {
"url" : "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00005.html" "name": "MDKSA-2005:163",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:163"
"name" : "MDKSA-2005:163", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:163" "name": "20050808 [AppSecInc Advisory MYSQL05-V0002] Buffer Overflow in MySQL User Defined Functions",
}, "refsource": "FULLDISC",
{ "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-August/035845.html"
"name" : "SCOSA-2006.18", },
"refsource" : "SCO", {
"url" : "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.18.1/SCOSA-2006.18.1.txt" "name": "USN-180-2",
}, "refsource": "UBUNTU",
{ "url": "https://www.ubuntu.com/usn/usn-180-2/"
"name" : "236703", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1" "name": "USN-180-1",
}, "refsource": "UBUNTU",
{ "url": "https://www.ubuntu.com/usn/usn-180-1/"
"name" : "SUSE-SR:2005:021", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2005_21_sr.html" "name": "SUSE-SR:2005:021",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2005_21_sr.html"
"name" : "USN-180-1", },
"refsource" : "UBUNTU", {
"url" : "https://www.ubuntu.com/usn/usn-180-1/" "name": "DSA-833",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2005/dsa-833"
"name" : "USN-180-2", },
"refsource" : "UBUNTU", {
"url" : "https://www.ubuntu.com/usn/usn-180-2/" "name": "DSA-829",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2005/dsa-829"
"name" : "14509", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/14509" "name": "20381",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20381"
"name" : "ADV-2008-1326", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1326/references" "name": "14509",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/14509"
"name" : "17027", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17027" "name": "236703",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-236703-1"
"name" : "20381", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20381" "name": "FLSA-2006:167803",
}, "refsource": "FEDORA",
{ "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00005.html"
"name" : "29847", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29847" "name": "http://www.appsecinc.com/resources/alerts/mysql/2005-002.html",
}, "refsource": "MISC",
{ "url": "http://www.appsecinc.com/resources/alerts/mysql/2005-002.html"
"name" : "mysql-user-defined-function-bo(21737)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21737" "name": "20050808 [AppSecInc Advisory MYSQL05-V0002] Buffer Overflow in MySQL User Defined Functions",
} "refsource": "BUGTRAQ",
] "url": "http://marc.info/?l=bugtraq&m=112354450412427&w=2"
} },
} {
"name": "ADV-2008-1326",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1326/references"
},
{
"name": "SCOSA-2006.18",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.18.1/SCOSA-2006.18.1.txt"
},
{
"name": "17027",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17027"
},
{
"name": "29847",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29847"
}
]
}
}

34
2005/2xxx/CVE-2005-2795.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2795", "ID": "CVE-2005-2795",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

160
2005/3xxx/CVE-2005-3464.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3464", "ID": "CVE-2005-3464",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.44 up to 8.46 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE04."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html" "lang": "eng",
}, "value": "Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.44 up to 8.46 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE04."
{ }
"name" : "TA05-292A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA05-292A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#210524", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/210524" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "15134", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/15134" ]
}, },
{ "references": {
"name" : "17250", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17250" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html",
} "refsource": "CONFIRM",
] "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html"
} },
} {
"name": "TA05-292A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA05-292A.html"
},
{
"name": "15134",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15134"
},
{
"name": "VU#210524",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/210524"
},
{
"name": "17250",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17250"
}
]
}
}

160
2005/3xxx/CVE-2005-3892.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3892", "ID": "CVE-2005-3892",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Gadu-Gadu 7.20 allows remote attackers to eavesdrop on a user via a web page that accesses the EasycallLite.oce ActiveX control, which can initiate an outgoing phone call and listen to the microphone."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20051121 Gadu-Gadu several vulnerabilities (version <= 7.20)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=113261573023912&w=2" "lang": "eng",
}, "value": "Gadu-Gadu 7.20 allows remote attackers to eavesdrop on a user via a web page that accesses the EasycallLite.oce ActiveX control, which can initiate an outgoing phone call and listen to the microphone."
{ }
"name" : "20051121 Gadu-Gadu several vulnerabilities (version <= 7.20)", ]
"refsource" : "FULLDISC", },
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0658.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "15520", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/15520/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "21020", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/21020" ]
}, },
{ "references": {
"name" : "17597", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17597/" "name": "21020",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/21020"
} },
} {
"name": "15520",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15520/"
},
{
"name": "20051121 Gadu-Gadu several vulnerabilities (version <= 7.20)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=113261573023912&w=2"
},
{
"name": "17597",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17597/"
},
{
"name": "20051121 Gadu-Gadu several vulnerabilities (version <= 7.20)",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0658.html"
}
]
}
}

120
2005/4xxx/CVE-2005-4275.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4275", "ID": "CVE-2005-4275",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Scientific Atlanta DPX2100 Cable Modem allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD), as demonstrated using hping2. NOTE: the provenance of this issue is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "15870", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/15870" "lang": "eng",
} "value": "Scientific Atlanta DPX2100 Cable Modem allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD), as demonstrated using hping2. NOTE: the provenance of this issue is unknown; the details are obtained solely from third party information."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "15870",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15870"
}
]
}
}

150
2005/4xxx/CVE-2005-4281.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4281", "ID": "CVE-2005-4281",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Zaygo HostingCart 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via certain search module parameters, possibly the root parameter to zaygo.cgi."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pridels0.blogspot.com/2005/12/hostingcart-xss.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://pridels0.blogspot.com/2005/12/hostingcart-xss.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Zaygo HostingCart 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via certain search module parameters, possibly the root parameter to zaygo.cgi."
{ }
"name" : "ADV-2005-2916", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2005/2916" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "21729", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/21729" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "18036", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/18036" ]
} },
] "references": {
} "reference_data": [
} {
"name": "ADV-2005-2916",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2916"
},
{
"name": "http://pridels0.blogspot.com/2005/12/hostingcart-xss.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2005/12/hostingcart-xss.html"
},
{
"name": "18036",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18036"
},
{
"name": "21729",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21729"
}
]
}
}

180
2005/4xxx/CVE-2005-4293.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4293", "ID": "CVE-2005-4293",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in cp-app.cgi in ClickCartPro (CCP) 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the affl parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pridels0.blogspot.com/2005/12/clickcartpro-ccp-xss-vuln.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://pridels0.blogspot.com/2005/12/clickcartpro-ccp-xss-vuln.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in cp-app.cgi in ClickCartPro (CCP) 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the affl parameter."
{ }
"name" : "20060124 vendor ack/fix - OSVDB ID: 21716 (fwd)", ]
"refsource" : "VIM", },
"url" : "http://www.attrition.org/pipermail/vim/2006-January/000510.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.clickcartpro.com/forum/index.php?showtopic=12172", "description": [
"refsource" : "MISC", {
"url" : "http://www.clickcartpro.com/forum/index.php?showtopic=12172" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "15896", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/15896" ]
}, },
{ "references": {
"name" : "ADV-2005-2914", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2914" "name": "21716",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/21716"
"name" : "21716", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/21716" "name": "http://www.clickcartpro.com/forum/index.php?showtopic=12172",
}, "refsource": "MISC",
{ "url": "http://www.clickcartpro.com/forum/index.php?showtopic=12172"
"name" : "17927", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17927" "name": "http://pridels0.blogspot.com/2005/12/clickcartpro-ccp-xss-vuln.html",
} "refsource": "MISC",
] "url": "http://pridels0.blogspot.com/2005/12/clickcartpro-ccp-xss-vuln.html"
} },
} {
"name": "17927",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17927"
},
{
"name": "20060124 vendor ack/fix - OSVDB ID: 21716 (fwd)",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2006-January/000510.html"
},
{
"name": "15896",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15896"
},
{
"name": "ADV-2005-2914",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2914"
}
]
}
}

130
2005/4xxx/CVE-2005-4588.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4588", "ID": "CVE-2005-4588",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Koobi 5 allows remote attackers to inject arbitrary web script or HTML via nested, malformed url BBCode tags. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "16078", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16078" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Koobi 5 allows remote attackers to inject arbitrary web script or HTML via nested, malformed url BBCode tags. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "koobi-bbcode-tag-xss(24329)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24329" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "16078",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16078"
},
{
"name": "koobi-bbcode-tag-xss(24329)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24329"
}
]
}
}

120
2009/2xxx/CVE-2009-2129.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2129", "ID": "CVE-2009-2129",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in login.php in Elvin 1.2.0 allows remote attackers to hijack the authentication of arbitrary users via a logout action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "8953", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/8953" "lang": "eng",
} "value": "Cross-site request forgery (CSRF) vulnerability in login.php in Elvin 1.2.0 allows remote attackers to hijack the authentication of arbitrary users via a logout action."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "8953",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8953"
}
]
}
}

120
2009/2xxx/CVE-2009-2619.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2619", "ID": "CVE-2009-2619",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in login.asp in DataCheck Solutions V-SpacePal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "35612", "description_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35612" "lang": "eng",
} "value": "SQL injection vulnerability in login.asp in DataCheck Solutions V-SpacePal allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35612",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35612"
}
]
}
}

130
2009/2xxx/CVE-2009-2638.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2638", "ID": "CVE-2009-2638",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the AkoBook (com_akobook) component 2.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a reply action to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "8911", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/8911" "lang": "eng",
}, "value": "SQL injection vulnerability in the AkoBook (com_akobook) component 2.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gbid parameter in a reply action to index.php."
{ }
"name" : "35268", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/35268" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "8911",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/8911"
},
{
"name": "35268",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35268"
}
]
}
}

130
2009/3xxx/CVE-2009-3149.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3149", "ID": "CVE-2009-3149",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in _css/js.php in Elgg 1.5, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the js parameter. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "9355", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/9355" "lang": "eng",
}, "value": "Directory traversal vulnerability in _css/js.php in Elgg 1.5, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the js parameter. NOTE: some of these details are obtained from third party information."
{ }
"name" : "36147", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/36147" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9355",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9355"
},
{
"name": "36147",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36147"
}
]
}
}

160
2009/3xxx/CVE-2009-3160.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3160", "ID": "CVE-2009-3160",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM WebSphere MQ 6.x through 6.0.2.7, 7.0.0.0, 7.0.0.1, 7.0.0.2, and 7.0.1.0, when read ahead or asynchronous message consumption is enabled, allows attackers to have an unspecified impact via unknown vectors, related to a \"memory overwrite\" issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg24024153", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg24024153" "lang": "eng",
}, "value": "IBM WebSphere MQ 6.x through 6.0.2.7, 7.0.0.0, 7.0.0.1, 7.0.0.2, and 7.0.1.0, when read ahead or asynchronous message consumption is enabled, allows attackers to have an unspecified impact via unknown vectors, related to a \"memory overwrite\" issue."
{ }
"name" : "IZ56259", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ56259" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36310", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36310" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "36647", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/36647" ]
}, },
{ "references": {
"name" : "ADV-2009-2578", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/2578" "name": "ADV-2009-2578",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2009/2578"
} },
} {
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg24024153",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24024153"
},
{
"name": "36310",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36310"
},
{
"name": "IZ56259",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ56259"
},
{
"name": "36647",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36647"
}
]
}
}

260
2009/3xxx/CVE-2009-3293.json
View File

@ -1,132 +1,132 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3293", "ID": "CVE-2009-3293",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect \"sanity check for the color index.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.php.net/ChangeLog-5.php#5.2.11", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.php.net/ChangeLog-5.php#5.2.11" "lang": "eng",
}, "value": "Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect \"sanity check for the color index.\""
{ }
"name" : "http://www.php.net/releases/5_2_11.php", ]
"refsource" : "CONFIRM", },
"url" : "http://www.php.net/releases/5_2_11.php" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/kb/HT3937", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT3937" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2009-11-09-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html" ]
}, },
{ "references": {
"name" : "HPSBUX02543", "reference_data": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=127680701405735&w=2" "name": "http://www.php.net/ChangeLog-5.php#5.2.11",
}, "refsource": "CONFIRM",
{ "url": "http://www.php.net/ChangeLog-5.php#5.2.11"
"name" : "SSRT100152", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=127680701405735&w=2" "name": "40262",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/40262"
"name" : "HPSBOV02683", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=130497311408250&w=2" "name": "HPSBUX02543",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=127680701405735&w=2"
"name" : "SSRT090208", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=130497311408250&w=2" "name": "SSRT090208",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2"
"name" : "SUSE-SR:2009:017", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html" "name": "http://www.php.net/releases/5_2_11.php",
}, "refsource": "CONFIRM",
{ "url": "http://www.php.net/releases/5_2_11.php"
"name" : "58187", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/58187" "name": "1022914",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1022914"
"name" : "oval:org.mitre.oval:def:7047", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7047" "name": "36791",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/36791"
"name" : "1022914", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1022914" "name": "oval:org.mitre.oval:def:7047",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7047"
"name" : "36791", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36791" "name": "HPSBOV02683",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2"
"name" : "40262", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40262" "name": "58187",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/58187"
"name" : "ADV-2009-3184", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/3184" "name": "ADV-2009-3184",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2009/3184"
} },
} {
"name": "SSRT100152",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=127680701405735&w=2"
},
{
"name": "APPLE-SA-2009-11-09-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"name": "SUSE-SR:2009:017",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html"
},
{
"name": "http://support.apple.com/kb/HT3937",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3937"
}
]
}
}

140
2009/3xxx/CVE-2009-3650.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3650", "ID": "CVE-2009-3650",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Dex 5.x-1.0 and earlier and 6.x-1.0-rc1 and earlier, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://drupal.org/node/592394", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://drupal.org/node/592394" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Dex 5.x-1.0 and earlier and 6.x-1.0-rc1 and earlier, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "36559", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/36559" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "dex-unspecified-xss(53569)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/53569" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "dex-unspecified-xss(53569)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53569"
},
{
"name": "http://drupal.org/node/592394",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/592394"
},
{
"name": "36559",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36559"
}
]
}
}

320
2009/3xxx/CVE-2009-3798.json
View File

@ -1,162 +1,162 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2009-3798", "ID": "CVE-2009-3798",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.adobe.com/support/security/bulletins/apsb09-19.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb09-19.html" "lang": "eng",
}, "value": "Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=543857", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=543857" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/kb/HT4004", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT4004" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2010-01-19-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html" ]
}, },
{ "references": {
"name" : "RHSA-2009:1657", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2009-1657.html" "name": "RHSA-2009:1657",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2009-1657.html"
"name" : "RHSA-2009:1658", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2009-1658.html" "name": "1023307",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1023307"
"name" : "1021716", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021716.1-1" "name": "oval:org.mitre.oval:def:6899",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6899"
"name" : "SUSE-SA:2009:062", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00003.html" "name": "flash-air-unspecified-code-execution(54634)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54634"
"name" : "TA09-343A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-343A.html" "name": "http://support.apple.com/kb/HT4004",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT4004"
"name" : "37199", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/37199" "name": "1021716",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021716.1-1"
"name" : "oval:org.mitre.oval:def:6899", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6899" "name": "APPLE-SA-2010-01-19-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html"
"name" : "oval:org.mitre.oval:def:7902", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7902" "name": "ADV-2009-3456",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/3456"
"name" : "oval:org.mitre.oval:def:16340", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16340" "name": "SUSE-SA:2009:062",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00003.html"
"name" : "1023306", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1023306" "name": "oval:org.mitre.oval:def:7902",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7902"
"name" : "1023307", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1023307" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=543857",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=543857"
"name" : "37584", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37584" "name": "37584",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/37584"
"name" : "37902", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37902" "name": "37902",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/37902"
"name" : "38241", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38241" "name": "oval:org.mitre.oval:def:16340",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16340"
"name" : "ADV-2009-3456", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/3456" "name": "http://www.adobe.com/support/security/bulletins/apsb09-19.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.adobe.com/support/security/bulletins/apsb09-19.html"
"name" : "ADV-2010-0173", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/0173" "name": "1023306",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1023306"
"name" : "flash-air-unspecified-code-execution(54634)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54634" "name": "RHSA-2009:1658",
} "refsource": "REDHAT",
] "url": "http://www.redhat.com/support/errata/RHSA-2009-1658.html"
} },
} {
"name": "TA09-343A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-343A.html"
},
{
"name": "38241",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38241"
},
{
"name": "37199",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37199"
},
{
"name": "ADV-2010-0173",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0173"
}
]
}
}

150
2009/4xxx/CVE-2009-4116.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4116", "ID": "CVE-2009-4116",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple directory traversal vulnerabilities in CutePHP CuteNews 1.4.6, when magic_quotes_gpc is disabled, allow remote authenticated users with editor or administrative application access to read arbitrary files via a .. (dot dot) in the source parameter in a (1) list or (2) editnews action to the Editnews module, and (3) the save_con[skin] parameter in the Options module. NOTE: vector 3 can be leveraged for code execution by using a .. to include and execute arbitrary local files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20091110 [MORNINGSTAR-2009-02] Multiple security issues in Cute News and UTF-8 Cute News", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/507782/100/0/threaded" "lang": "eng",
}, "value": "Multiple directory traversal vulnerabilities in CutePHP CuteNews 1.4.6, when magic_quotes_gpc is disabled, allow remote authenticated users with editor or administrative application access to read arbitrary files via a .. (dot dot) in the source parameter in a (1) list or (2) editnews action to the Editnews module, and (3) the save_con[skin] parameter in the Options module. NOTE: vector 3 can be leveraged for code execution by using a .. to include and execute arbitrary local files."
{ }
"name" : "http://www.morningstarsecurity.com/advisories/MORNINGSTAR-2009-02-CuteNews.txt", ]
"refsource" : "MISC", },
"url" : "http://www.morningstarsecurity.com/advisories/MORNINGSTAR-2009-02-CuteNews.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "cutenews-editnews-dir-traversal(54246)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54246" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "cutenews-options-file-include(54244)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54244" ]
} },
] "references": {
} "reference_data": [
} {
"name": "cutenews-editnews-dir-traversal(54246)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54246"
},
{
"name": "cutenews-options-file-include(54244)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54244"
},
{
"name": "http://www.morningstarsecurity.com/advisories/MORNINGSTAR-2009-02-CuteNews.txt",
"refsource": "MISC",
"url": "http://www.morningstarsecurity.com/advisories/MORNINGSTAR-2009-02-CuteNews.txt"
},
{
"name": "20091110 [MORNINGSTAR-2009-02] Multiple security issues in Cute News and UTF-8 Cute News",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507782/100/0/threaded"
}
]
}
}

160
2009/4xxx/CVE-2009-4422.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4422", "ID": "CVE-2009-4422",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the GetURLArguments function in jpgraph.php in Aditus Consulting JpGraph 3.0.6 allow remote attackers to inject arbitrary web script or HTML via a key to csim_in_html_ex1.php, and other unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20091222 XSS Vulnerability in JpGraph 3.0.6", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/508586/100/0/threaded" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in the GetURLArguments function in jpgraph.php in Aditus Consulting JpGraph 3.0.6 allow remote attackers to inject arbitrary web script or HTML via a key to csim_in_html_ex1.php, and other unspecified vectors."
{ }
"name" : "MDVSA-2009:340", ]
"refsource" : "MANDRIVA", },
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:340" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "37483", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/37483" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "61268", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/61268" ]
}, },
{ "references": {
"name" : "37832", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37832" "name": "37483",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/37483"
} },
} {
"name": "20091222 XSS Vulnerability in JpGraph 3.0.6",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508586/100/0/threaded"
},
{
"name": "37832",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37832"
},
{
"name": "MDVSA-2009:340",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:340"
},
{
"name": "61268",
"refsource": "OSVDB",
"url": "http://osvdb.org/61268"
}
]
}
}

150
2009/4xxx/CVE-2009-4761.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4761", "ID": "CVE-2009-4761",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in Mini-stream RM Downloader allows remote attackers to execute arbitrary code via a long string in a .smi file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "8589", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/8589" "lang": "eng",
}, "value": "Stack-based buffer overflow in Mini-stream RM Downloader allows remote attackers to execute arbitrary code via a long string in a .smi file."
{ }
"name" : "8594", ]
"refsource" : "EXPLOIT-DB", },
"url" : "http://www.exploit-db.com/exploits/8594" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "34794", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/34794" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "rmdownloader-smi-bo(50266)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50266" ]
} },
] "references": {
} "reference_data": [
} {
"name": "rmdownloader-smi-bo(50266)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50266"
},
{
"name": "8594",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/8594"
},
{
"name": "8589",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/8589"
},
{
"name": "34794",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34794"
}
]
}
}

140
2009/4xxx/CVE-2009-4828.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4828", "ID": "CVE-2009-4828",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in administration/admins.php in Ad Manager Pro (aka AdManagerPro) 3.0 allows remote attackers to hijack the authentication of administrators for requests that create new administrative users via an admin_created action. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "10438", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/10438" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in administration/admins.php in Ad Manager Pro (aka AdManagerPro) 3.0 allows remote attackers to hijack the authentication of administrators for requests that create new administrative users via an admin_created action. NOTE: some of these details are obtained from third party information."
{ }
"name" : "37713", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/37713" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2009-3530", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/3530" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-3530",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3530"
},
{
"name": "37713",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37713"
},
{
"name": "10438",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/10438"
}
]
}
}

130
2015/0xxx/CVE-2015-0103.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-0103", "ID": "CVE-2015-0103",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the Process Portal in IBM Business Process Manager (BPM) 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 allow remote authenticated users to inject arbitrary web script or HTML via unspecified data fields."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21693270", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21693270" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Process Portal in IBM Business Process Manager (BPM) 8.0 through 8.0.1.3, 8.5.0 through 8.5.0.1, and 8.5.5 through 8.5.5.0 allow remote authenticated users to inject arbitrary web script or HTML via unspecified data fields."
{ }
"name" : "JR50457", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1JR50457" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JR50457",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR50457"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21693270",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21693270"
}
]
}
}

120
2015/0xxx/CVE-2015-0120.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-0120", "ID": "CVE-2015-0120",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the FastBackMount process in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.11.1 has unspecified impact and remote attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21700549", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21700549" "lang": "eng",
} "value": "Buffer overflow in the FastBackMount process in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.11.1 has unspecified impact and remote attack vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21700549",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700549"
}
]
}
}

280
2015/0xxx/CVE-2015-0801.json
View File

@ -1,142 +1,142 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2015-0801", "ID": "CVE-2015-0801",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving anchor navigation, a similar issue to CVE-2015-0818."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-40.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-40.html" "lang": "eng",
}, "value": "Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving anchor navigation, a similar issue to CVE-2015-0818."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1146339", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1146339" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3211", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2015/dsa-3211" ]
}, },
{ "references": {
"name" : "DSA-3212", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3212" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1146339",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1146339"
"name" : "GLSA-201512-10", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201512-10" "name": "1031996",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1031996"
"name" : "RHSA-2015:0766", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0766.html" "name": "openSUSE-SU-2015:0892",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html"
"name" : "RHSA-2015:0771", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0771.html" "name": "GLSA-201512-10",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201512-10"
"name" : "SUSE-SU-2015:0704", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00006.html" "name": "DSA-3212",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3212"
"name" : "openSUSE-SU-2015:0677", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00003.html" "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-40.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-40.html"
"name" : "openSUSE-SU-2015:1266", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html" "name": "SUSE-SU-2015:0704",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00006.html"
"name" : "openSUSE-SU-2015:0892", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html" "name": "USN-2552-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2552-1"
"name" : "USN-2550-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2550-1" "name": "RHSA-2015:0766",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-0766.html"
"name" : "USN-2552-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2552-1" "name": "73455",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/73455"
"name" : "73455", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/73455" "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
"name" : "1031996", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031996" "name": "openSUSE-SU-2015:1266",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html"
"name" : "1032000", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032000" "name": "USN-2550-1",
} "refsource": "UBUNTU",
] "url": "http://www.ubuntu.com/usn/USN-2550-1"
} },
} {
"name": "1032000",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032000"
},
{
"name": "openSUSE-SU-2015:0677",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00003.html"
},
{
"name": "RHSA-2015:0771",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0771.html"
},
{
"name": "DSA-3211",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3211"
}
]
}
}

140
2015/0xxx/CVE-2015-0887.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2015-0887", "ID": "CVE-2015-0887",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "npppd in the PPP Access Concentrator (PPPAC) on SEIL SEIL/x86 Fuji routers 1.00 through 3.30, SEIL/X1 routers 3.50 through 4.70, SEIL/X2 routers 3.50 through 4.70, and SEIL/B1 routers 3.50 through 4.70 allows remote attackers to cause a denial of service (infinite loop and device hang) via a crafted SSTP packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.seil.jp/support/security/a01541.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.seil.jp/support/security/a01541.html" "lang": "eng",
}, "value": "npppd in the PPP Access Concentrator (PPPAC) on SEIL SEIL/x86 Fuji routers 1.00 through 3.30, SEIL/X1 routers 3.50 through 4.70, SEIL/X2 routers 3.50 through 4.70, and SEIL/B1 routers 3.50 through 4.70 allows remote attackers to cause a denial of service (infinite loop and device hang) via a crafted SSTP packet."
{ }
"name" : "JVN#63949115", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN63949115/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2015-000031", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000031" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.seil.jp/support/security/a01541.html",
"refsource": "CONFIRM",
"url": "http://www.seil.jp/support/security/a01541.html"
},
{
"name": "JVNDB-2015-000031",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000031"
},
{
"name": "JVN#63949115",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN63949115/index.html"
}
]
}
}

120
2015/1xxx/CVE-2015-1002.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2015-1002", "ID": "CVE-2015-1002",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IniNet embeddedWebServer (aka eWebServer) before 2.02 mishandles URL encoding, which allows remote attackers to write to or delete files via a crafted string."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-293-02", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-293-02" "lang": "eng",
} "value": "IniNet embeddedWebServer (aka eWebServer) before 2.02 mishandles URL encoding, which allows remote attackers to write to or delete files via a crafted string."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-293-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-293-02"
}
]
}
}

180
2015/1xxx/CVE-2015-1065.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-1065", "ID": "CVE-2015-1065",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in iCloud Keychain in Apple iOS before 8.2 and Apple OS X through 10.10.2 allow man-in-the-middle attackers to execute arbitrary code by modifying the client-server data stream during keychain recovery."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT204413", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT204413" "lang": "eng",
}, "value": "Multiple buffer overflows in iCloud Keychain in Apple iOS before 8.2 and Apple OS X through 10.10.2 allow man-in-the-middle attackers to execute arbitrary code by modifying the client-server data stream during keychain recovery."
{ }
"name" : "https://support.apple.com/HT204423", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT204423" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/kb/HT204563", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT204563" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2015-03-09-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2015/Mar/msg00000.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2015-03-09-3", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Mar/msg00002.html" "name": "APPLE-SA-2015-03-09-3",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00002.html"
"name" : "73007", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/73007" "name": "73007",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/73007"
"name" : "1031864", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031864" "name": "https://support.apple.com/HT204413",
} "refsource": "CONFIRM",
] "url": "https://support.apple.com/HT204413"
} },
} {
"name": "APPLE-SA-2015-03-09-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Mar/msg00000.html"
},
{
"name": "1031864",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031864"
},
{
"name": "https://support.apple.com/kb/HT204563",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT204563"
},
{
"name": "https://support.apple.com/HT204423",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT204423"
}
]
}
}

150
2015/1xxx/CVE-2015-1143.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-1143", "ID": "CVE-2015-1143",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "LaunchServices in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted localized string, related to a \"type confusion\" issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT204659", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT204659" "lang": "eng",
}, "value": "LaunchServices in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted localized string, related to a \"type confusion\" issue."
{ }
"name" : "APPLE-SA-2015-04-08-2", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "73982", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/73982" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1032048", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1032048" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://support.apple.com/HT204659",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT204659"
},
{
"name": "73982",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73982"
},
{
"name": "1032048",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032048"
},
{
"name": "APPLE-SA-2015-04-08-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
}
]
}
}

190
2015/1xxx/CVE-2015-1259.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2015-1259", "ID": "CVE-2015-1259",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PDFium, as used in Google Chrome before 43.0.2357.65, does not properly initialize memory, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html" "lang": "eng",
}, "value": "PDFium, as used in Google Chrome before 43.0.2357.65, does not properly initialize memory, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors."
{ }
"name" : "https://code.google.com/p/chromium/issues/detail?id=468167", ]
"refsource" : "CONFIRM", },
"url" : "https://code.google.com/p/chromium/issues/detail?id=468167" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3267", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3267" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201506-04", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201506-04" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2015:1877", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-11/msg00015.html" "name": "openSUSE-SU-2015:0969",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00091.html"
"name" : "openSUSE-SU-2015:0969", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-05/msg00091.html" "name": "http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html",
}, "refsource": "CONFIRM",
{ "url": "http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html"
"name" : "74723", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/74723" "name": "GLSA-201506-04",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201506-04"
"name" : "1032375", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032375" "name": "openSUSE-SU-2015:1877",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00015.html"
} },
} {
"name": "1032375",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032375"
},
{
"name": "DSA-3267",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3267"
},
{
"name": "74723",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74723"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=468167",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=468167"
}
]
}
}

130
2015/1xxx/CVE-2015-1951.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-1951", "ID": "CVE-2015-1951",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX001, and 7.6.0 before 7.6.0.0 IFIX005 does not prevent caching of HTTPS responses, which allows physically proximate attackers to obtain sensitive local-cache information by leveraging an unattended workstation."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21959613", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21959613" "lang": "eng",
}, "value": "IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX001, and 7.6.0 before 7.6.0.0 IFIX005 does not prevent caching of HTTPS responses, which allows physically proximate attackers to obtain sensitive local-cache information by leveraging an unattended workstation."
{ }
"name" : "75340", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/75340" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75340",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75340"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21959613",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959613"
}
]
}
}

290
2015/4xxx/CVE-2015-4021.json
View File

@ -1,147 +1,147 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4021", "ID": "CVE-2015-4021",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \\0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://php.net/ChangeLog-5.php", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://php.net/ChangeLog-5.php" "lang": "eng",
}, "value": "The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \\0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive."
{ }
"name" : "https://bugs.php.net/bug.php?id=69453", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.php.net/bug.php?id=69453" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/kb/HT205031", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT205031" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2015-08-13-2", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" "name": "RHSA-2015:1187",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"
"name" : "DSA-3280", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3280" "name": "RHSA-2015:1186",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"
"name" : "FEDORA-2015-8281", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html" "name": "RHSA-2015:1219",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1219.html"
"name" : "FEDORA-2015-8370", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
"name" : "FEDORA-2015-8383", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html" "name": "openSUSE-SU-2015:0993",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html"
"name" : "GLSA-201606-10", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201606-10" "name": "http://php.net/ChangeLog-5.php",
}, "refsource": "CONFIRM",
{ "url": "http://php.net/ChangeLog-5.php"
"name" : "RHSA-2015:1187", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1187.html" "name": "74700",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/74700"
"name" : "RHSA-2015:1135", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1135.html" "name": "DSA-3280",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3280"
"name" : "RHSA-2015:1186", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1186.html" "name": "APPLE-SA-2015-08-13-2",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
"name" : "RHSA-2015:1218", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1218.html" "name": "1032433",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1032433"
"name" : "RHSA-2015:1219", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1219.html" "name": "https://bugs.php.net/bug.php?id=69453",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.php.net/bug.php?id=69453"
"name" : "openSUSE-SU-2015:0993", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html" "name": "RHSA-2015:1135",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
"name" : "74700", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/74700" "name": "https://support.apple.com/kb/HT205031",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/kb/HT205031"
"name" : "1032433", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032433" "name": "FEDORA-2015-8383",
} "refsource": "FEDORA",
] "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html"
} },
} {
"name": "FEDORA-2015-8281",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html"
},
{
"name": "FEDORA-2015-8370",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html"
},
{
"name": "GLSA-201606-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"name": "RHSA-2015:1218",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
}
]
}
}

130
2015/4xxx/CVE-2015-4265.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-4265", "ID": "CVE-2015-4265",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco Unified Computing System (UCS) B Blade Server Software 2.2.x before 2.2.6 allows local users to cause a denial of service (host OS or BMC hang) by sending crafted packets over the Inter-IC (I2C) bus, aka Bug ID CSCuq77241."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20151006 Cisco UCS B-Series Blade Servers Denial of Service Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151006-ucs" "lang": "eng",
}, "value": "Cisco Unified Computing System (UCS) B Blade Server Software 2.2.x before 2.2.6 allows local users to cause a denial of service (host OS or BMC hang) by sending crafted packets over the Inter-IC (I2C) bus, aka Bug ID CSCuq77241."
{ }
"name" : "1033752", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1033752" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1033752",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033752"
},
{
"name": "20151006 Cisco UCS B-Series Blade Servers Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151006-ucs"
}
]
}
}

34
2015/4xxx/CVE-2015-4698.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4698", "ID": "CVE-2015-4698",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2015/4xxx/CVE-2015-4740.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-4740", "ID": "CVE-2015-4740",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the RDBMS Partitioning component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the RDBMS Partitioning component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors."
{ }
"name" : "SUSE-SU-2015:1353", ]
"refsource" : "SUSE", },
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1032903", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032903" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "1032903",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032903"
},
{
"name": "SUSE-SU-2015:1353",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html"
}
]
}
}

470
2015/4xxx/CVE-2015-4872.json
View File

@ -1,237 +1,237 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-4872", "ID": "CVE-2015-4872",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security."
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10141", "description": [
"refsource" : "CONFIRM", {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10141" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3381", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2015/dsa-3381" ]
}, },
{ "references": {
"name" : "GLSA-201603-11", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201603-11" "name": "SUSE-SU-2015:2182",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
"name" : "GLSA-201603-14", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201603-14" "name": "USN-2784-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2784-1"
"name" : "RHSA-2016:1430", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1430" "name": "openSUSE-SU-2015:1905",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
"name" : "RHSA-2015:2506", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2506.html" "name": "SUSE-SU-2015:2192",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
"name" : "RHSA-2015:2507", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2507.html" "name": "openSUSE-SU-2015:1906",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
"name" : "RHSA-2015:2508", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2508.html" "name": "RHSA-2015:2507",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html"
"name" : "RHSA-2015:2509", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2509.html" "name": "RHSA-2015:1928",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
"name" : "RHSA-2015:2518", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2518.html" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
"name" : "RHSA-2015:1919", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1919.html" "name": "RHSA-2016:1430",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2016:1430"
"name" : "RHSA-2015:1920", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1920.html" "name": "RHSA-2015:2506",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html"
"name" : "RHSA-2015:1921", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1921.html" "name": "RHSA-2015:2509",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html"
"name" : "RHSA-2015:1926", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1926.html" "name": "1033884",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1033884"
"name" : "RHSA-2015:1927", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1927.html" "name": "SUSE-SU-2015:2166",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
"name" : "RHSA-2015:1928", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1928.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
"name" : "SUSE-SU-2016:0113", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html" "name": "openSUSE-SU-2016:0270",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
"name" : "openSUSE-SU-2016:0270", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" "name": "RHSA-2015:1919",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
"name" : "SUSE-SU-2015:2166", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html" "name": "GLSA-201603-11",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201603-11"
"name" : "SUSE-SU-2015:2168", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html" "name": "openSUSE-SU-2015:1902",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
"name" : "SUSE-SU-2015:2182", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html" "name": "RHSA-2015:1920",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
"name" : "SUSE-SU-2015:2192", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html" "name": "RHSA-2015:2518",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2518.html"
"name" : "SUSE-SU-2015:2216", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html" "name": "GLSA-201603-14",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201603-14"
"name" : "SUSE-SU-2015:2268", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html" "name": "SUSE-SU-2015:2216",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
"name" : "SUSE-SU-2015:1874", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html" "name": "RHSA-2015:1927",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
"name" : "SUSE-SU-2015:1875", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html" "name": "openSUSE-SU-2015:1971",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
"name" : "openSUSE-SU-2015:1902", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html" "name": "SUSE-SU-2015:2268",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
"name" : "openSUSE-SU-2015:1905", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html" "name": "SUSE-SU-2015:2168",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
"name" : "openSUSE-SU-2015:1906", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html" "name": "77211",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/77211"
"name" : "openSUSE-SU-2015:1971", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html" "name": "RHSA-2015:1921",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
"name" : "USN-2827-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2827-1" "name": "SUSE-SU-2015:1874",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
"name" : "USN-2784-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2784-1" "name": "DSA-3381",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3381"
"name" : "77211", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/77211" "name": "RHSA-2015:1926",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
"name" : "1033884", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033884" "name": "SUSE-SU-2015:1875",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
} },
} {
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10141",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10141"
},
{
"name": "RHSA-2015:2508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html"
},
{
"name": "SUSE-SU-2016:0113",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"name": "USN-2827-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2827-1"
}
]
}
}

200
2015/5xxx/CVE-2015-5552.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-5552", "ID": "CVE-2015-5552",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, and CVE-2015-5553."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-19.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-19.html" "lang": "eng",
}, "value": "Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5544, CVE-2015-5545, CVE-2015-5546, CVE-2015-5547, CVE-2015-5548, CVE-2015-5549, and CVE-2015-5553."
{ }
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", ]
"refsource" : "CONFIRM", },
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", "description": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", ]
"refsource" : "CONFIRM", }
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" ]
}, },
{ "references": {
"name" : "GLSA-201508-01", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201508-01" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
"name" : "RHSA-2015:1603", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1603.html" "name": "76283",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/76283"
"name" : "openSUSE-SU-2015:1781", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html" "name": "GLSA-201508-01",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201508-01"
"name" : "76283", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76283" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
"name" : "1033235", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033235" "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-19.html",
} "refsource": "CONFIRM",
] "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-19.html"
} },
} {
"name": "openSUSE-SU-2015:1781",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html"
},
{
"name": "1033235",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033235"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
},
{
"name": "RHSA-2015:1603",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1603.html"
}
]
}
}

156
2018/2xxx/CVE-2018-2450.json
View File

@ -1,80 +1,80 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cna@sap.com", "ASSIGNER": "cna@sap.com",
"ID" : "CVE-2018-2450", "ID": "CVE-2018-2450",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SAP MaxDB (liveCache)", "product_name": "SAP MaxDB (liveCache)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_name" : "", "version_name": "",
"version_value" : "7.8" "version_value": "7.8"
}, },
{ {
"version_name" : "", "version_name": "",
"version_value" : "7.9" "version_value": "7.9"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "SAP" "vendor_name": "SAP"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SAP MaxDB (liveCache), versions 7.8 and 7.9, allows an attacker who gets DBM operator privileges to execute crafted database queries and therefore read, modify or delete sensitive data from database."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "SQL Injection"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://launchpad.support.sap.com/#/notes/2660005", "description_data": [
"refsource" : "MISC", {
"url" : "https://launchpad.support.sap.com/#/notes/2660005" "lang": "eng",
}, "value": "SAP MaxDB (liveCache), versions 7.8 and 7.9, allows an attacker who gets DBM operator privileges to execute crafted database queries and therefore read, modify or delete sensitive data from database."
{ }
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499352742", ]
"refsource" : "CONFIRM", },
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499352742" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "105063", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/105063" "lang": "eng",
} "value": "SQL Injection"
] }
}, ]
"source" : { }
"discovery" : "UNKNOWN" ]
} },
} "references": {
"reference_data": [
{
"name": "https://launchpad.support.sap.com/#/notes/2660005",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2660005"
},
{
"name": "105063",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105063"
},
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499352742",
"refsource": "CONFIRM",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499352742"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

148
2018/2xxx/CVE-2018-2474.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cna@sap.com", "ASSIGNER": "cna@sap.com",
"ID" : "CVE-2018-2474", "ID": "CVE-2018-2474",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2)", "product_name": "SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "1.0" "version_value": "1.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "SAP" "vendor_name": "SAP"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) application allows an attacker to trick an authenticated user to send unintended request to the web server. This vulnerability is due to insufficient CSRF protection."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Request Forgery"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://launchpad.support.sap.com/#/notes/2696889", "description_data": [
"refsource" : "MISC", {
"url" : "https://launchpad.support.sap.com/#/notes/2696889" "lang": "eng",
}, "value": "SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) application allows an attacker to trick an authenticated user to send unintended request to the web server. This vulnerability is due to insufficient CSRF protection."
{ }
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095", ]
"refsource" : "CONFIRM", },
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "105534", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/105534" "lang": "eng",
} "value": "Cross-Site Request Forgery"
] }
}, ]
"source" : { }
"discovery" : "UNKNOWN" ]
} },
} "references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095",
"refsource": "CONFIRM",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095"
},
{
"name": "105534",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105534"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2696889",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2696889"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

142
2018/2xxx/CVE-2018-2584.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2584", "ID": "CVE-2018-2584",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "WebCenter Sites", "product_name": "WebCenter Sites",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "11.1.1.8.0" "version_value": "11.1.1.8.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). The supported version that is affected is 11.1.1.8.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Sites accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Sites accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). The supported version that is affected is 11.1.1.8.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Sites accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)."
{ }
"name" : "102573", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/102573" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1040207", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040207" "lang": "eng",
} "value": "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Sites accessible data."
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "102573",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102573"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "1040207",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040207"
}
]
}
}

182
2018/2xxx/CVE-2018-2762.json
View File

@ -1,93 +1,93 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2762", "ID": "CVE-2018-2762",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Server", "product_name": "MySQL Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.7.21 and prior" "version_value": "5.7.21 and prior"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" "lang": "eng",
}, "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
{ }
"name" : "https://security.netapp.com/advisory/ntap-20180419-0002/", ]
"refsource" : "CONFIRM", },
"url" : "https://security.netapp.com/advisory/ntap-20180419-0002/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2018:3655", "description": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3655" "lang": "eng",
}, "value": "Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
{ }
"name" : "USN-3629-1", ]
"refsource" : "UBUNTU", }
"url" : "https://usn.ubuntu.com/3629-1/" ]
}, },
{ "references": {
"name" : "USN-3629-3", "reference_data": [
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3629-3/" "name": "1040698",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1040698"
"name" : "103794", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/103794" "name": "https://security.netapp.com/advisory/ntap-20180419-0002/",
}, "refsource": "CONFIRM",
{ "url": "https://security.netapp.com/advisory/ntap-20180419-0002/"
"name" : "1040698", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040698" "name": "103794",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/103794"
} },
} {
"name": "RHSA-2018:3655",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3655"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "USN-3629-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3629-1/"
},
{
"name": "USN-3629-3",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3629-3/"
}
]
}
}

176
2018/2xxx/CVE-2018-2877.json
View File

@ -1,90 +1,90 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2877", "ID": "CVE-2018-2877",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Cluster", "product_name": "MySQL Cluster",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.2.27 and prior" "version_value": "7.2.27 and prior"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.3.16 and prior" "version_value": "7.3.16 and prior"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.4.14 and prior" "version_value": "7.4.14 and prior"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.5.5 and prior" "version_value": "7.5.5 and prior"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: ndbcluster/plugin). Supported versions that are affected are 7.2.27 and prior, 7.3.16 and prior, 7.4.14 and prior and 7.5.5 and prior. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Cluster. CVSS 3.0 Base Score 5.0 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Cluster."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" "lang": "eng",
}, "value": "Vulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: ndbcluster/plugin). Supported versions that are affected are 7.2.27 and prior, 7.3.16 and prior, 7.4.14 and prior and 7.5.5 and prior. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Cluster. CVSS 3.0 Base Score 5.0 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H)."
{ }
"name" : "https://security.netapp.com/advisory/ntap-20180419-0002/", ]
"refsource" : "CONFIRM", },
"url" : "https://security.netapp.com/advisory/ntap-20180419-0002/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "103838", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/103838" "lang": "eng",
}, "value": "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Cluster executes to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Cluster."
{ }
"name" : "1040698", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1040698" ]
} },
] "references": {
} "reference_data": [
} {
"name": "1040698",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040698"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180419-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180419-0002/"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "103838",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103838"
}
]
}
}

202
2018/3xxx/CVE-2018-3063.json
View File

@ -1,103 +1,103 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-3063", "ID": "CVE-2018-3063",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Server", "product_name": "MySQL Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.5.60 and prior" "version_value": "5.5.60 and prior"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html" "lang": "eng",
}, "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
{ }
"name" : "[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update", ]
"refsource" : "MLIST", },
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" "lang": "eng",
}, "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
{ }
"name" : "https://security.netapp.com/advisory/ntap-20180726-0002/", ]
"refsource" : "CONFIRM", }
"url" : "https://security.netapp.com/advisory/ntap-20180726-0002/" ]
}, },
{ "references": {
"name" : "DSA-4341", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2018/dsa-4341" "name": "DSA-4341",
}, "refsource": "DEBIAN",
{ "url": "https://www.debian.org/security/2018/dsa-4341"
"name" : "USN-3725-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3725-1/" "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
"name" : "USN-3725-2", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3725-2/" "name": "USN-3725-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3725-1/"
"name" : "104786", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/104786" "name": "1041294",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1041294"
"name" : "1041294", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1041294" "name": "104786",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/104786"
} },
} {
"name": "[debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html"
},
{
"name": "USN-3725-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3725-2/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180726-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180726-0002/"
},
{
"name": "[debian-lts-announce] 20180831 [SECURITY] [DLA 1488-1] mariadb-10.0 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html"
}
]
}
}

152
2018/3xxx/CVE-2018-3073.json
View File

@ -1,78 +1,78 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-3073", "ID": "CVE-2018-3073",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Server", "product_name": "MySQL Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.0.11 and prior" "version_value": "8.0.11 and prior"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" "lang": "eng",
}, "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)."
{ }
"name" : "https://security.netapp.com/advisory/ntap-20180726-0002/", ]
"refsource" : "CONFIRM", },
"url" : "https://security.netapp.com/advisory/ntap-20180726-0002/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "104772", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/104772" "lang": "eng",
}, "value": "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
{ }
"name" : "1041294", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1041294" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "1041294",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041294"
},
{
"name": "104772",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104772"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180726-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180726-0002/"
}
]
}
}

34
2018/3xxx/CVE-2018-3656.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-3656", "ID": "CVE-2018-3656",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/3xxx/CVE-2018-3812.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-3812", "ID": "CVE-2018-3812",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

152
2018/6xxx/CVE-2018-6068.json
View File

@ -1,78 +1,78 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "chrome-cve-admin@google.com", "ASSIGNER": "security@google.com",
"ID" : "CVE-2018-6068", "ID": "CVE-2018-6068",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Chrome", "product_name": "Chrome",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "65.0.3325.146" "version_value": "65.0.3325.146"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google" "vendor_name": "Google"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Object lifecycle issue in Chrome Custom Tab in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Object lifecycle issue"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://crbug.com/798933", "description_data": [
"refsource" : "MISC", {
"url" : "https://crbug.com/798933" "lang": "eng",
}, "value": "Object lifecycle issue in Chrome Custom Tab in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page."
{ }
"name" : "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html", ]
"refsource" : "CONFIRM", },
"url" : "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-4182", "description": [
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2018/dsa-4182" "lang": "eng",
}, "value": "Object lifecycle issue"
{ }
"name" : "103297", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/103297" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"refsource": "CONFIRM",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
},
{
"name": "103297",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103297"
},
{
"name": "https://crbug.com/798933",
"refsource": "MISC",
"url": "https://crbug.com/798933"
},
{
"name": "DSA-4182",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4182"
}
]
}
}

232
2018/6xxx/CVE-2018-6508.json
View File

@ -1,118 +1,118 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@puppet.com", "ASSIGNER": "security@puppet.com",
"DATE_PUBLIC" : "2018-02-05T00:00:00", "DATE_PUBLIC": "2018-02-05T00:00:00",
"ID" : "CVE-2018-6508", "ID": "CVE-2018-6508",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Puppet Enterprise", "product_name": "Puppet Enterprise",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2017.3.x prior to 2017.3.4" "version_value": "2017.3.x prior to 2017.3.4"
} }
] ]
} }
}, },
{ {
"product_name" : "puppetlabs/facter_task", "product_name": "puppetlabs/facter_task",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "prior to 0.1.5" "version_value": "prior to 0.1.5"
} }
] ]
} }
}, },
{ {
"product_name" : "puppetlabs/puppet_conf", "product_name": "puppetlabs/puppet_conf",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "prior to 0.1.5" "version_value": "prior to 0.1.5"
} }
] ]
} }
}, },
{ {
"product_name" : "puppetlabs/apt", "product_name": "puppetlabs/apt",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "prior to 4.5.1" "version_value": "prior to 4.5.1"
} }
] ]
} }
}, },
{ {
"product_name" : "puppetlabs/mysql", "product_name": "puppetlabs/mysql",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "prior to 5.2.1" "version_value": "prior to 5.2.1"
} }
] ]
} }
}, },
{ {
"product_name" : "puppetlabs/apache", "product_name": "puppetlabs/apache",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "prior to 2.3.1" "version_value": "prior to 2.3.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Puppet" "vendor_name": "Puppet"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Puppet Enterprise 2017.3.x prior to 2017.3.3 are vulnerable to a remote execution bug when a specially crafted string was passed into the facter_task or puppet_conf tasks. This vulnerability only affects tasks in the affected modules, if you are not using puppet tasks you are not affected by this vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://puppet.com/security/cve/CVE-2018-6508", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://puppet.com/security/cve/CVE-2018-6508" "lang": "eng",
}, "value": "Puppet Enterprise 2017.3.x prior to 2017.3.3 are vulnerable to a remote execution bug when a specially crafted string was passed into the facter_task or puppet_conf tasks. This vulnerability only affects tasks in the affected modules, if you are not using puppet tasks you are not affected by this vulnerability."
{ }
"name" : "103020", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103020" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://puppet.com/security/cve/CVE-2018-6508",
"refsource": "CONFIRM",
"url": "https://puppet.com/security/cve/CVE-2018-6508"
},
{
"name": "103020",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103020"
}
]
}
}

140
2018/6xxx/CVE-2018-6758.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6758", "ID": "CVE-2018-6758",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20180210 [SECURITY] [DLA 1275-1] uwsgi security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2018/02/msg00010.html" "lang": "eng",
}, "value": "The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length."
{ }
"name" : "http://lists.unbit.it/pipermail/uwsgi/2018-February/008835.html", ]
"refsource" : "MISC", },
"url" : "http://lists.unbit.it/pipermail/uwsgi/2018-February/008835.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/unbit/uwsgi/commit/cb4636f7c0af2e97a4eef7a3cdcbd85a71247bfe", "description": [
"refsource" : "MISC", {
"url" : "https://github.com/unbit/uwsgi/commit/cb4636f7c0af2e97a4eef7a3cdcbd85a71247bfe" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20180210 [SECURITY] [DLA 1275-1] uwsgi security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/02/msg00010.html"
},
{
"name": "http://lists.unbit.it/pipermail/uwsgi/2018-February/008835.html",
"refsource": "MISC",
"url": "http://lists.unbit.it/pipermail/uwsgi/2018-February/008835.html"
},
{
"name": "https://github.com/unbit/uwsgi/commit/cb4636f7c0af2e97a4eef7a3cdcbd85a71247bfe",
"refsource": "MISC",
"url": "https://github.com/unbit/uwsgi/commit/cb4636f7c0af2e97a4eef7a3cdcbd85a71247bfe"
}
]
}
}

120
2018/6xxx/CVE-2018-6844.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6844", "ID": "CVE-2018-6844",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MyBB 1.8.14 has XSS via the Title or Description field on the Edit Forum screen."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://websecnerd.blogspot.com/2018/02/mybb-forum-1.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://websecnerd.blogspot.com/2018/02/mybb-forum-1.html" "lang": "eng",
} "value": "MyBB 1.8.14 has XSS via the Title or Description field on the Edit Forum screen."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://websecnerd.blogspot.com/2018/02/mybb-forum-1.html",
"refsource": "MISC",
"url": "https://websecnerd.blogspot.com/2018/02/mybb-forum-1.html"
}
]
}
}

120
2018/7xxx/CVE-2018-7179.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7179", "ID": "CVE-2018-7179",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL Injection exists in the SquadManagement 1.0.3 component for Joomla! via the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "44135", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/44135" "lang": "eng",
} "value": "SQL Injection exists in the SquadManagement 1.0.3 component for Joomla! via the id parameter."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44135",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44135"
}
]
}
}

34
2018/7xxx/CVE-2018-7345.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7345", "ID": "CVE-2018-7345",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5042.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5042", "ID": "CVE-2019-5042",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }