admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2017-12-15 13:04:06 -05:00
parent c74fefe565
commit 4797793190
No known key found for this signature in database
GPG Key ID: 3504EC0FB4B2FE56
41 changed files with 362 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
2014/0xxx/CVE-2014-0076.json
View File

@ -175,6 +175,12 @@
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2165-1"
},
{
"url" : "http://www.securityfocus.com/bid/66363"
},

12
2014/0xxx/CVE-2014-0101.json
View File

@ -70,6 +70,18 @@
{
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0328.html"
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0419.html"
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0432.html"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2173-1"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2174-1"
},
{
"url" : "http://www.securityfocus.com/bid/65943"
},

3
2014/0xxx/CVE-2014-0105.json
View File

@ -60,6 +60,9 @@
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0382.html"
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0409.html"
}
]
}

3
2014/0xxx/CVE-2014-0106.json
View File

@ -70,6 +70,9 @@
{
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0266.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00003.html"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2146-1"
},

6
2014/0xxx/CVE-2014-0107.json
View File

@ -88,12 +88,18 @@
{
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2886"
},
{
"url" : "https://security.gentoo.org/glsa/201604-02"
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1351.html"
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0348.html"
},
{
"url" : "http://www.securityfocus.com/bid/66397"
},

3
2014/0xxx/CVE-2014-0128.json
View File

@ -67,6 +67,9 @@
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-04/msg00060.html"
},
{
"url" : "http://www.securityfocus.com/bid/66112"
},

6
2014/0xxx/CVE-2014-0138.json
View File

@ -85,6 +85,12 @@
{
"url" : "http://www.debian.org/security/2014/dsa-2902"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-04/msg00042.html"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2167-1"
},
{
"url" : "http://secunia.com/advisories/57836"
},

6
2014/0xxx/CVE-2014-0139.json
View File

@ -82,6 +82,12 @@
{
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:213"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-04/msg00042.html"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2167-1"
},
{
"url" : "http://secunia.com/advisories/57836"
},

6
2014/0xxx/CVE-2014-0150.json
View File

@ -61,6 +61,12 @@
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1078846"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2909"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2910"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2182-1"
},

6
2014/0xxx/CVE-2014-0160.json
View File

@ -349,6 +349,12 @@
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2165-1"
},
{
"url" : "http://www.us-cert.gov/ncas/alerts/TA14-098A"
},

3
2014/0xxx/CVE-2014-0165.json
View File

@ -63,6 +63,9 @@
},
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1085866"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2901"
}
]
}

3
2014/0xxx/CVE-2014-0166.json
View File

@ -63,6 +63,9 @@
},
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1085858"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2901"
}
]
}

3
2014/0xxx/CVE-2014-0331.json
View File

@ -58,6 +58,9 @@
{
"url" : "http://www.fortiguard.com/advisory/FG-IR-14-004"
},
{
"url" : "http://www.kb.cert.org/vuls/id/667340"
},
{
"url" : "http://www.securityfocus.com/bid/66642"
},

3
2014/0xxx/CVE-2014-0466.json
View File

@ -61,6 +61,9 @@
{
"url" : "https://security.gentoo.org/glsa/201701-67"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-04/msg00021.html"
},
{
"url" : "http://www.securityfocus.com/bid/66660"
}

12
2014/0xxx/CVE-2014-0506.json
View File

@ -63,6 +63,18 @@
},
{
"url" : "http://security.gentoo.org/glsa/glsa-201405-04.xml"
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0380.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00012.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-04/msg00036.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-04/msg00050.html"
}
]
}

12
2014/0xxx/CVE-2014-0507.json
View File

@ -58,6 +58,18 @@
{
"url" : "http://security.gentoo.org/glsa/glsa-201405-04.xml"
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0380.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00012.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-04/msg00036.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-04/msg00050.html"
},
{
"url" : "http://www.securityfocus.com/bid/66701"
},

12
2014/0xxx/CVE-2014-0508.json
View File

@ -58,6 +58,18 @@
{
"url" : "http://security.gentoo.org/glsa/glsa-201405-04.xml"
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0380.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00012.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-04/msg00036.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-04/msg00050.html"
},
{
"url" : "http://www.securitytracker.com/id/1030035"
}

12
2014/0xxx/CVE-2014-0509.json
View File

@ -58,6 +58,18 @@
{
"url" : "http://security.gentoo.org/glsa/glsa-201405-04.xml"
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0380.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00012.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-04/msg00036.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-04/msg00050.html"
},
{
"url" : "http://www.securityfocus.com/bid/66703"
},

3
2014/0xxx/CVE-2014-0981.json
View File

@ -70,6 +70,9 @@
{
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2904"
},
{
"url" : "https://security.gentoo.org/glsa/201612-27"
},

3
2014/0xxx/CVE-2014-0983.json
View File

@ -70,6 +70,9 @@
{
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2904"
},
{
"url" : "https://security.gentoo.org/glsa/201612-27"
},

3
2014/1xxx/CVE-2014-1493.json
View File

@ -82,6 +82,9 @@
{
"url" : "http://www.debian.org/security/2014/dsa-2881"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2911"
},
{
"url" : "https://security.gentoo.org/glsa/201504-01"
},

3
2014/1xxx/CVE-2014-1497.json
View File

@ -64,6 +64,9 @@
{
"url" : "http://www.debian.org/security/2014/dsa-2881"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2911"
},
{
"url" : "https://security.gentoo.org/glsa/201504-01"
},

3
2014/1xxx/CVE-2014-1505.json
View File

@ -64,6 +64,9 @@
{
"url" : "http://www.debian.org/security/2014/dsa-2881"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2911"
},
{
"url" : "https://security.gentoo.org/glsa/201504-01"
},

3
2014/1xxx/CVE-2014-1508.json
View File

@ -64,6 +64,9 @@
{
"url" : "http://www.debian.org/security/2014/dsa-2881"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2911"
},
{
"url" : "https://security.gentoo.org/glsa/201504-01"
},

3
2014/1xxx/CVE-2014-1510.json
View File

@ -64,6 +64,9 @@
{
"url" : "http://www.debian.org/security/2014/dsa-2881"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2911"
},
{
"url" : "https://security.gentoo.org/glsa/201504-01"
},

3
2014/1xxx/CVE-2014-1511.json
View File

@ -64,6 +64,9 @@
{
"url" : "http://www.debian.org/security/2014/dsa-2881"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2911"
},
{
"url" : "https://security.gentoo.org/glsa/201504-01"
},

3
2014/1xxx/CVE-2014-1512.json
View File

@ -67,6 +67,9 @@
{
"url" : "http://www.debian.org/security/2014/dsa-2881"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2911"
},
{
"url" : "https://security.gentoo.org/glsa/201504-01"
},

3
2014/1xxx/CVE-2014-1513.json
View File

@ -64,6 +64,9 @@
{
"url" : "http://www.debian.org/security/2014/dsa-2881"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2911"
},
{
"url" : "https://security.gentoo.org/glsa/201504-01"
},

3
2014/1xxx/CVE-2014-1514.json
View File

@ -64,6 +64,9 @@
{
"url" : "http://www.debian.org/security/2014/dsa-2881"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2911"
},
{
"url" : "https://security.gentoo.org/glsa/201504-01"
},

3
2014/1xxx/CVE-2014-1878.json
View File

@ -61,6 +61,9 @@
{
"url" : "https://www.icinga.org/2014/02/11/bugfix-releases-1-10-3-1-9-5-1-8-6"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-04/msg00033.html"
},
{
"url" : "http://www.securityfocus.com/bid/65605"
},

3
2014/1xxx/CVE-2014-1912.json
View File

@ -91,6 +91,9 @@
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-04/msg00035.html"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2125-1"
},

6
2014/1xxx/CVE-2014-1985.json
View File

@ -67,6 +67,12 @@
{
"url" : "https://github.com/redmine/redmine/commit/7567c3d8b21fe67e5f04e6839c1fce061600f2f3"
},
{
"url" : "http://jvn.jp/en/jp/JVN93004610/index.html"
},
{
"url" : "http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000041.html"
},
{
"url" : "http://www.securityfocus.com/bid/66674"
},

6
2014/2xxx/CVE-2014-2523.json
View File

@ -67,6 +67,12 @@
{
"url" : "https://github.com/torvalds/linux/commit/b22f5126a24b3b2f15448c3f2a254fc10cbc2b92"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2173-1"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2174-1"
},
{
"url" : "http://www.securityfocus.com/bid/66279"
},

3
2014/2xxx/CVE-2014-2668.json
View File

@ -58,6 +58,9 @@
{
"url" : "http://packetstormsecurity.com/files/125889"
},
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-04/msg00039.html"
},
{
"url" : "http://www.securityfocus.com/bid/66474"
},

3
2014/2xxx/CVE-2014-2855.json
View File

@ -79,6 +79,9 @@
{
"url" : "http://lists.opensuse.org/opensuse-updates/2014-05/msg00006.html"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2171-1"
},
{
"url" : "http://secunia.com/advisories/57948"
}

3
2014/2xxx/CVE-2014-2856.json
View File

@ -73,6 +73,9 @@
{
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1388.html"
},
{
"url" : "http://www.ubuntu.com/usn/USN-2172-1"
},
{
"url" : "http://www.securityfocus.com/bid/66788"
},

6
2014/2xxx/CVE-2014-2983.json
View File

@ -57,6 +57,12 @@
},
{
"url" : "https://drupal.org/SA-CORE-2014-002"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2913"
},
{
"url" : "http://www.debian.org/security/2014/dsa-2914"
}
]
}

46
2017/14xxx/CVE-2017-14101.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-14101",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "A security researcher found an XML External Entity (XXE) vulnerability on the Conserus Image Repository archive solution version 2.1.1.105 by McKesson Medical Imaging Company, which is now a Change Healthcare company. An unauthenticated user supplying a modified HTTP SOAP request to the vulnerable service allows for arbitrary file read access to the local file system as well as the transmittal of the application service's account hashed credentials to a remote attacker."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://technical.nttsecurity.com/post/102emjg/conserus-image-repository-xml-external-entity-vulnerability"
}
]
}

46
2017/16xxx/CVE-2017-16776.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-16776",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Security researchers discovered an authentication bypass vulnerability in version 2.0.2 of the Conserus Workflow Intelligence application by McKesson Medical Imaging Company, which is now a Change Healthcare company. The attacker must send a malicious HTTP GET request to exploit the vulnerability. The vulnerability allows an attacker to bypass authentication and escalate privileges of valid users. An unauthenticated attacker can exploit the vulnerability and be granted limited access to other accounts. An authenticated attacker can exploit the vulnerability and be granted access reserved for higher privilege users."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://technical.nttsecurity.com/post/102emjm/conserus-workflow-intelligence-authentication-bypass-vulnerability"
}
]
}

49
2017/16xxx/CVE-2017-16787.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-16787",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "The Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote authenticated users with certain privileges to read arbitrary files via (1) the ntpclientcounterlogfile parameter to cgi-bin/mainv2 or (2) vectors involving curl support of the \"file\" schema in the firmware update functionality."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://seclists.org/fulldisclosure/2017/Dec/31"
},
{
"url" : "http://seclists.org/fulldisclosure/2017/Dec/33"
}
]
}

46
2017/16xxx/CVE-2017-16788.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-16788",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Directory traversal vulnerability in the \"Upload Groupkey\" functionality in the Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote authenticated users with Admin-User access to write to arbitrary files and consequently gain root privileges by uploading a file, as demonstrated by storing a file in the cron.d directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://seclists.org/fulldisclosure/2017/Dec/32"
}
]
}