admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 05:45:51 +00:00
parent e56c8d0de7
commit 4c7fbf6f19
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
54 changed files with 3693 additions and 3693 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

180
2002/0xxx/CVE-2002-0089.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0089", "ID": "CVE-2002-0089",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020429 eSecurityOnline Security Advisory 2397 - Sun Solaris admintool -d and PRODVERS buffer overflow vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://online.securityfocus.com/archive/1/270122" "lang": "eng",
}, "value": "Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file."
{ }
"name" : "http://www.esecurityonline.com/advisories/eSO2397.asp", ]
"refsource" : "MISC", },
"url" : "http://www.esecurityonline.com/advisories/eSO2397.asp" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "4624", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/4624" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:67", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A67" ]
}, },
{ "references": {
"name" : "oval:org.mitre.oval:def:68", "reference_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A68" "name": "solaris-admintool-prodvers-bo(8955)",
}, "refsource": "XF",
{ "url": "http://www.iss.net/security_center/static/8955.php"
"name" : "solaris-admintool-d-bo(8954)", },
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/8954.php" "name": "solaris-admintool-d-bo(8954)",
}, "refsource": "XF",
{ "url": "http://www.iss.net/security_center/static/8954.php"
"name" : "solaris-admintool-prodvers-bo(8955)", },
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/8955.php" "name": "oval:org.mitre.oval:def:67",
} "refsource": "OVAL",
] "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A67"
} },
} {
"name": "4624",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4624"
},
{
"name": "http://www.esecurityonline.com/advisories/eSO2397.asp",
"refsource": "MISC",
"url": "http://www.esecurityonline.com/advisories/eSO2397.asp"
},
{
"name": "20020429 eSecurityOnline Security Advisory 2397 - Sun Solaris admintool -d and PRODVERS buffer overflow vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/270122"
},
{
"name": "oval:org.mitre.oval:def:68",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A68"
}
]
}
}

220
2005/0xxx/CVE-2005-0010.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0010", "ID": "CVE-2005-0010",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unknown vulnerability in the MMSE dissector in Ethereal 0.10.4 through 0.10.8 allows remote attackers to cause a denial of service by triggering a free of statically allocated memory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ethereal.com/appnotes/enpa-sa-00017.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ethereal.com/appnotes/enpa-sa-00017.html" "lang": "eng",
}, "value": "Unknown vulnerability in the MMSE dissector in Ethereal 0.10.4 through 0.10.8 allows remote attackers to cause a denial of service by triggering a free of statically allocated memory."
{ }
"name" : "FLSA-2006:152922", ]
"refsource" : "FEDORA", },
"url" : "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-200501-27", "description": [
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200501-27.xml" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "MDKSA-2005:013", ]
"refsource" : "MANDRAKE", }
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:013" ]
}, },
{ "references": {
"name" : "RHSA-2005:037", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-037.html" "name": "12326",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/12326"
"name" : "RHSA-2005:011", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-011.html" "name": "http://www.ethereal.com/appnotes/enpa-sa-00017.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.ethereal.com/appnotes/enpa-sa-00017.html"
"name" : "P-106", },
"refsource" : "CIAC", {
"url" : "http://www.ciac.org/ciac/bulletins/p-106.shtml" "name": "RHSA-2005:037",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-037.html"
"name" : "12326", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/12326" "name": "13946",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/13946/"
"name" : "oval:org.mitre.oval:def:9521", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9521" "name": "RHSA-2005:011",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-011.html"
"name" : "13946", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/13946/" "name": "ethereal-mmse-free-memory(19003)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19003"
"name" : "ethereal-mmse-free-memory(19003)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19003" "name": "oval:org.mitre.oval:def:9521",
} "refsource": "OVAL",
] "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9521"
} },
} {
"name": "GLSA-200501-27",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200501-27.xml"
},
{
"name": "P-106",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/p-106.shtml"
},
{
"name": "FLSA-2006:152922",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html"
},
{
"name": "MDKSA-2005:013",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:013"
}
]
}
}

210
2005/0xxx/CVE-2005-0033.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0033", "ID": "CVE-2005-0033",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the code for recursion and glue fetching in BIND 8.4.4 and 8.4.5 allows remote attackers to cause a denial of service (crash) via queries that trigger the overflow in the q_usedns array that tracks nameservers and addresses."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.uniras.gov.uk/niscc/docs/al-20050125-00059.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.uniras.gov.uk/niscc/docs/al-20050125-00059.html" "lang": "eng",
}, "value": "Buffer overflow in the code for recursion and glue fetching in BIND 8.4.4 and 8.4.5 allows remote attackers to cause a denial of service (crash) via queries that trigger the overflow in the q_usedns array that tracks nameservers and addresses."
{ }
"name" : "http://www.isc.org/index.pl?/sw/bind/bind-security.php", ]
"refsource" : "CONFIRM", },
"url" : "http://www.isc.org/index.pl?/sw/bind/bind-security.php" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.isc.org/index.pl?/sw/bind/bind8.php", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.isc.org/index.pl?/sw/bind/bind8.php" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SCOSA-2006.1", ]
"refsource" : "SCO", }
"url" : "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.1/SCOSA-2006.1.txt" ]
}, },
{ "references": {
"name" : "VU#327633", "reference_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/327633" "name": "1012996",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1012996"
"name" : "12364", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/12364" "name": "http://www.uniras.gov.uk/niscc/docs/al-20050125-00059.html",
}, "refsource": "MISC",
{ "url": "http://www.uniras.gov.uk/niscc/docs/al-20050125-00059.html"
"name" : "1012996", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1012996" "name": "VU#327633",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/327633"
"name" : "14009", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/14009" "name": "14009",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/14009"
"name" : "18291", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18291" "name": "12364",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/12364"
"name" : "bind-qusedns-bo(19063)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19063" "name": "http://www.isc.org/index.pl?/sw/bind/bind8.php",
} "refsource": "CONFIRM",
] "url": "http://www.isc.org/index.pl?/sw/bind/bind8.php"
} },
} {
"name": "SCOSA-2006.1",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.1/SCOSA-2006.1.txt"
},
{
"name": "http://www.isc.org/index.pl?/sw/bind/bind-security.php",
"refsource": "CONFIRM",
"url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"
},
{
"name": "18291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18291"
},
{
"name": "bind-qusedns-bo(19063)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19063"
}
]
}
}

150
2005/0xxx/CVE-2005-0436.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0436", "ID": "CVE-2005-0436",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Direct code injection vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to execute portions of Perl code via the PluginMode parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050214 AWStats <= 6.4 Multiple vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/390368" "lang": "eng",
}, "value": "Direct code injection vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to execute portions of Perl code via the PluginMode parameter."
{ }
"name" : "13832", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/13832" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "14299", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/14299" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "awstats-function-code-execution(19336)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19336" ]
} },
] "references": {
} "reference_data": [
} {
"name": "14299",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14299"
},
{
"name": "awstats-function-code-execution(19336)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19336"
},
{
"name": "20050214 AWStats <= 6.4 Multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/390368"
},
{
"name": "13832",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/13832"
}
]
}
}

120
2005/0xxx/CVE-2005-0493.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0493", "ID": "CVE-2005-0493",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CRLF injection vulnerability in bizmail.cgi in Biz Mail Form before 2.2 allows remote attackers to bypass the email check and send spam e-mail via CRLF sequences and forged mail headers in the email parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050218 BizMail 2.1 Spam Exploit", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=110876655521321&w=2" "lang": "eng",
} "value": "CRLF injection vulnerability in bizmail.cgi in Biz Mail Form before 2.2 allows remote attackers to bypass the email check and send spam e-mail via CRLF sequences and forged mail headers in the email parameter."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050218 BizMail 2.1 Spam Exploit",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110876655521321&w=2"
}
]
}
}

190
2005/0xxx/CVE-2005-0696.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0696", "ID": "CVE-2005-0696",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in ArGoSoft FTP Server 1.4.2.8 allows remote authenticated users to execute arbitrary code via a long DELE command. NOTE: this issue was later reported to also affect 1.4.3.5."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050308 ArGoSoft FTP Server 1.4.2.8 Buffer Overflow", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/392653" "lang": "eng",
}, "value": "Buffer overflow in ArGoSoft FTP Server 1.4.2.8 allows remote authenticated users to execute arbitrary code via a long DELE command. NOTE: this issue was later reported to also affect 1.4.3.5."
{ }
"name" : "20060225 ArGoSoft FTP server remote heap overflow", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/426081/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20060225 ArGoSoft FTP server remote heap overflow", "description": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042523.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.securinfos.info/english/security-advisories-alerts/20060225_ArGoSoft.FTP.Server_Heap.Overflow.html", ]
"refsource" : "MISC", }
"url" : "https://www.securinfos.info/english/security-advisories-alerts/20060225_ArGoSoft.FTP.Server_Heap.Overflow.html" ]
}, },
{ "references": {
"name" : "12755", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/12755" "name": "20050308 ArGoSoft FTP Server 1.4.2.8 Buffer Overflow",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/392653"
"name" : "1015681", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015681" "name": "14526",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/14526"
"name" : "14526", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/14526" "name": "1015681",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015681"
"name" : "494", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/494" "name": "494",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/494"
} },
} {
"name": "12755",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12755"
},
{
"name": "https://www.securinfos.info/english/security-advisories-alerts/20060225_ArGoSoft.FTP.Server_Heap.Overflow.html",
"refsource": "MISC",
"url": "https://www.securinfos.info/english/security-advisories-alerts/20060225_ArGoSoft.FTP.Server_Heap.Overflow.html"
},
{
"name": "20060225 ArGoSoft FTP server remote heap overflow",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042523.html"
},
{
"name": "20060225 ArGoSoft FTP server remote heap overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/426081/100/0/threaded"
}
]
}
}

140
2005/0xxx/CVE-2005-0701.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0701", "ID": "CVE-2005-0701",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Oracle Database Server 8i and 9i allows remote attackers to read or rename arbitrary files via \"\\\\.\\\\..\" (modified dot dot backslash) sequences to UTL_FILE functions such as (1) UTL_FILE.FOPEN or (2) UTL_FILE.frename."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050307 - Argeniss - Oracle Database Server Directory transversal", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=111023635928211&w=2" "lang": "eng",
}, "value": "Directory traversal vulnerability in Oracle Database Server 8i and 9i allows remote attackers to read or rename arbitrary files via \"\\\\.\\\\..\" (modified dot dot backslash) sequences to UTL_FILE functions such as (1) UTL_FILE.FOPEN or (2) UTL_FILE.frename."
{ }
"name" : "20050307 - Argeniss - Oracle Database Server Directory transversal", ]
"refsource" : "FULLDISC", },
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032273.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.argeniss.com/research/ARGENISS-ADV-030501.txt", "description": [
"refsource" : "MISC", {
"url" : "http://www.argeniss.com/research/ARGENISS-ADV-030501.txt" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20050307 - Argeniss - Oracle Database Server Directory transversal",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032273.html"
},
{
"name": "20050307 - Argeniss - Oracle Database Server Directory transversal",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111023635928211&w=2"
},
{
"name": "http://www.argeniss.com/research/ARGENISS-ADV-030501.txt",
"refsource": "MISC",
"url": "http://www.argeniss.com/research/ARGENISS-ADV-030501.txt"
}
]
}
}

190
2005/0xxx/CVE-2005-0736.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0736", "ID": "CVE-2005-0736",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050309 overwriting low kernel memory", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032314.html" "lang": "eng",
}, "value": "Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events."
{ }
"name" : "http://linux.bkbits.net:8080/linux-2.6/cset@422dd06a1p5PsyFhoGAJseinjEq3ew?nav=index.html|ChangeSet@-1d", ]
"refsource" : "CONFIRM", },
"url" : "http://linux.bkbits.net:8080/linux-2.6/cset@422dd06a1p5PsyFhoGAJseinjEq3ew?nav=index.html|ChangeSet@-1d" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2005:293", "description": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-293.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2005:366", ]
"refsource" : "REDHAT", }
"url" : "http://www.redhat.com/support/errata/RHSA-2005-366.html" ]
}, },
{ "references": {
"name" : "SUSE-SA:2005:018", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2005_18_kernel.html" "name": "RHSA-2005:366",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2005-366.html"
"name" : "USN-95-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/95-1/" "name": "12763",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/12763"
"name" : "12763", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/12763" "name": "http://linux.bkbits.net:8080/linux-2.6/cset@422dd06a1p5PsyFhoGAJseinjEq3ew?nav=index.html|ChangeSet@-1d",
}, "refsource": "CONFIRM",
{ "url": "http://linux.bkbits.net:8080/linux-2.6/cset@422dd06a1p5PsyFhoGAJseinjEq3ew?nav=index.html|ChangeSet@-1d"
"name" : "oval:org.mitre.oval:def:9870", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9870" "name": "SUSE-SA:2005:018",
} "refsource": "SUSE",
] "url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html"
} },
} {
"name": "20050309 overwriting low kernel memory",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032314.html"
},
{
"name": "oval:org.mitre.oval:def:9870",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9870"
},
{
"name": "RHSA-2005:293",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-293.html"
},
{
"name": "USN-95-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/95-1/"
}
]
}
}

140
2005/1xxx/CVE-2005-1148.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1148", "ID": "CVE-2005-1148",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "calendar.pl in CalendarScript 3.21 allows remote attackers to obtain sensitive information via invalid (1) year or (2) month parameters, which leaks the full pathname and debug information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.snkenjoi.com/secadv/secadv3.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.snkenjoi.com/secadv/secadv3.txt" "lang": "eng",
}, "value": "calendar.pl in CalendarScript 3.21 allows remote attackers to obtain sensitive information via invalid (1) year or (2) month parameters, which leaks the full pathname and debug information."
{ }
"name" : "1013705", ]
"refsource" : "SECTRACK", },
"url" : "http://securitytracker.com/id?1013705" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "calendarscript-path-disclosure(20102)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/20102" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1013705",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013705"
},
{
"name": "http://www.snkenjoi.com/secadv/secadv3.txt",
"refsource": "MISC",
"url": "http://www.snkenjoi.com/secadv/secadv3.txt"
},
{
"name": "calendarscript-path-disclosure(20102)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20102"
}
]
}
}

150
2005/1xxx/CVE-2005-1285.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1285", "ID": "CVE-2005-1285",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in thread.php in WoltLab Burning Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the hilight parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050422 [SePro Bugtraq] WBB - WoltLab Burning Board <= 2.3.1 - XSS", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=111420516900814&w=2" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in thread.php in WoltLab Burning Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the hilight parameter."
{ }
"name" : "13325", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/13325" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1013790", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1013790" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "15058", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/15058" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20050422 [SePro Bugtraq] WBB - WoltLab Burning Board <= 2.3.1 - XSS",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111420516900814&w=2"
},
{
"name": "1013790",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013790"
},
{
"name": "15058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15058"
},
{
"name": "13325",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13325"
}
]
}
}

34
2005/1xxx/CVE-2005-1731.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2005-1731", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2005-1731",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none."
} }
] ]
} }
} }

180
2005/4xxx/CVE-2005-4010.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4010", "ID": "CVE-2005-4010",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in KBase Express 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to category.php and (2) search parameters to search.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pridels0.blogspot.com/2005/11/kbase-express-sql-inj-vuln.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://pridels0.blogspot.com/2005/11/kbase-express-sql-inj-vuln.html" "lang": "eng",
}, "value": "SQL injection vulnerability in KBase Express 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to category.php and (2) search parameters to search.php."
{ }
"name" : "15635", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/15635" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2005-2641", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2641" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "21340", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/21340" ]
}, },
{ "references": {
"name" : "21341", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/21341" "name": "21340",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/21340"
"name" : "17806", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17806" "name": "ADV-2005-2641",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2005/2641"
"name" : "kbaseexpress-multiple-sql-injection(23309)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23309" "name": "17806",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/17806"
} },
} {
"name": "21341",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21341"
},
{
"name": "kbaseexpress-multiple-sql-injection(23309)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23309"
},
{
"name": "15635",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15635"
},
{
"name": "http://pridels0.blogspot.com/2005/11/kbase-express-sql-inj-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2005/11/kbase-express-sql-inj-vuln.html"
}
]
}
}

170
2005/4xxx/CVE-2005-4037.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4037", "ID": "CVE-2005-4037",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in functions.php in Web4Future Affiliate Manager PRO 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pridels0.blogspot.com/2005/12/web4future-affiliate-manager-pro-sql.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://pridels0.blogspot.com/2005/12/web4future-affiliate-manager-pro-sql.html" "lang": "eng",
}, "value": "SQL injection vulnerability in functions.php in Web4Future Affiliate Manager PRO 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter."
{ }
"name" : "15717", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/15717" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2005-2745", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2745" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "21457", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/21457" ]
}, },
{ "references": {
"name" : "17883", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17883" "name": "21457",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/21457"
"name" : "affiliatemanager-functions-sql-injection(23415)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23415" "name": "http://pridels0.blogspot.com/2005/12/web4future-affiliate-manager-pro-sql.html",
} "refsource": "MISC",
] "url": "http://pridels0.blogspot.com/2005/12/web4future-affiliate-manager-pro-sql.html"
} },
} {
"name": "15717",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15717"
},
{
"name": "affiliatemanager-functions-sql-injection(23415)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23415"
},
{
"name": "17883",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17883"
},
{
"name": "ADV-2005-2745",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2745"
}
]
}
}

160
2005/4xxx/CVE-2005-4610.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4610", "ID": "CVE-2005-4610",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in the server for Dopewars before 1.5.12, when running as an NT service, allows remote attackers to execute arbitrary code via unspecified attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=381793", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/project/shownotes.php?release_id=381793" "lang": "eng",
}, "value": "Format string vulnerability in the server for Dopewars before 1.5.12, when running as an NT service, allows remote attackers to execute arbitrary code via unspecified attack vectors."
{ }
"name" : "16104", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/16104" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-0001", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0001" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "22125", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/22125" ]
}, },
{ "references": {
"name" : "18246", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18246" "name": "18246",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/18246"
} },
} {
"name": "16104",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16104"
},
{
"name": "22125",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22125"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=381793",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=381793"
},
{
"name": "ADV-2006-0001",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0001"
}
]
}
}

170
2005/4xxx/CVE-2005-4834.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4834", "ID": "CVE-2005-4834",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM WebSphere Application Server (WAS) 5.0.2.5 through 5.1.1.3 allows remote attackers to obtain JSP source code and other sensitive information, related to incorrect request processing by the web container."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21243541", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21243541" "lang": "eng",
}, "value": "IBM WebSphere Application Server (WAS) 5.0.2.5 through 5.1.1.3 allows remote attackers to obtain JSP source code and other sensitive information, related to incorrect request processing by the web container."
{ }
"name" : "PK28963", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg24013840" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "PQ99537", "description": [
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg24008814" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "22991", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/22991" ]
}, },
{ "references": {
"name" : "ADV-2007-0970", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0970" "name": "ADV-2007-0970",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/0970"
"name" : "24478", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24478" "name": "24478",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/24478"
} },
} {
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21243541",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21243541"
},
{
"name": "PQ99537",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24008814"
},
{
"name": "22991",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22991"
},
{
"name": "PK28963",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24013840"
}
]
}
}

180
2009/0xxx/CVE-2009-0085.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2009-0085", "ID": "CVE-2009-0085",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Secure Channel (aka SChannel) authentication component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, when certificate authentication is used, does not properly validate the client's key exchange data in Transport Layer Security (TLS) handshake messages, which allows remote attackers to spoof authentication by crafting a TLS packet based on knowledge of the certificate but not the private key, aka \"SChannel Spoofing Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS09-007", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-007" "lang": "eng",
}, "value": "The Secure Channel (aka SChannel) authentication component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, when certificate authentication is used, does not properly validate the client's key exchange data in Transport Layer Security (TLS) handshake messages, which allows remote attackers to spoof authentication by crafting a TLS packet based on knowledge of the certificate but not the private key, aka \"SChannel Spoofing Vulnerability.\""
{ }
"name" : "TA09-069A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-069A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "52521", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/52521" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:6011", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6011" ]
}, },
{ "references": {
"name" : "1021828", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1021828" "name": "MS09-007",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-007"
"name" : "34215", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34215" "name": "1021828",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1021828"
"name" : "ADV-2009-0660", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/0660" "name": "TA09-069A",
} "refsource": "CERT",
] "url": "http://www.us-cert.gov/cas/techalerts/TA09-069A.html"
} },
} {
"name": "ADV-2009-0660",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0660"
},
{
"name": "oval:org.mitre.oval:def:6011",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6011"
},
{
"name": "34215",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34215"
},
{
"name": "52521",
"refsource": "OSVDB",
"url": "http://osvdb.org/52521"
}
]
}
}

240
2009/0xxx/CVE-2009-0367.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0367", "ID": "CVE-2009-0367",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.wesnoth.org/forum/viewtopic.php?t=24247", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.wesnoth.org/forum/viewtopic.php?t=24247" "lang": "eng",
}, "value": "The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module."
{ }
"name" : "http://www.wesnoth.org/forum/viewtopic.php?t=24340", ]
"refsource" : "CONFIRM", },
"url" : "http://www.wesnoth.org/forum/viewtopic.php?t=24340" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://gna.org/bugs/index.php?13048", "description": [
"refsource" : "CONFIRM", {
"url" : "https://gna.org/bugs/index.php?13048" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://launchpad.net/bugs/335089", ]
"refsource" : "CONFIRM", }
"url" : "http://launchpad.net/bugs/335089" ]
}, },
{ "references": {
"name" : "http://launchpad.net/bugs/336396", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://launchpad.net/bugs/336396" "name": "http://launchpad.net/bugs/336396",
}, "refsource": "CONFIRM",
{ "url": "http://launchpad.net/bugs/336396"
"name" : "http://launchpad.net/bugs/cve/2009-0367", },
"refsource" : "CONFIRM", {
"url" : "http://launchpad.net/bugs/cve/2009-0367" "name": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog",
}, "refsource": "CONFIRM",
{ "url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog"
"name" : "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog", },
"refsource" : "CONFIRM", {
"url" : "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog" "name": "https://gna.org/bugs/index.php?13048",
}, "refsource": "CONFIRM",
{ "url": "https://gna.org/bugs/index.php?13048"
"name" : "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog", },
"refsource" : "CONFIRM", {
"url" : "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.5.12-1/changelog" "name": "wesnoth-pythonai-code-execution(49058)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49058"
"name" : "DSA-1737", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2009/dsa-1737" "name": "http://www.wesnoth.org/forum/viewtopic.php?t=24340",
}, "refsource": "CONFIRM",
{ "url": "http://www.wesnoth.org/forum/viewtopic.php?t=24340"
"name" : "34058", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34058" "name": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog",
}, "refsource": "CONFIRM",
{ "url": "http://packages.debian.org/changelogs/pool/main/w/wesnoth/wesnoth_1.4.7-4/changelog"
"name" : "34236", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34236" "name": "http://www.wesnoth.org/forum/viewtopic.php?t=24247",
}, "refsource": "CONFIRM",
{ "url": "http://www.wesnoth.org/forum/viewtopic.php?t=24247"
"name" : "ADV-2009-0595", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/0595" "name": "34058",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/34058"
"name" : "wesnoth-pythonai-code-execution(49058)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49058" "name": "ADV-2009-0595",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2009/0595"
} },
} {
"name": "http://launchpad.net/bugs/cve/2009-0367",
"refsource": "CONFIRM",
"url": "http://launchpad.net/bugs/cve/2009-0367"
},
{
"name": "34236",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34236"
},
{
"name": "DSA-1737",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1737"
},
{
"name": "http://launchpad.net/bugs/335089",
"refsource": "CONFIRM",
"url": "http://launchpad.net/bugs/335089"
}
]
}
}

130
2009/0xxx/CVE-2009-0495.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0495", "ID": "CVE-2009-0495",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in include/define.php in REALTOR 747 4.11 allows remote attackers to execute arbitrary PHP code via a URL in the INC_DIR parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "7743", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/7743" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in include/define.php in REALTOR 747 4.11 allows remote attackers to execute arbitrary PHP code via a URL in the INC_DIR parameter."
{ }
"name" : "33227", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/33227" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7743",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7743"
},
{
"name": "33227",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33227"
}
]
}
}

170
2009/0xxx/CVE-2009-0757.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0757", "ID": "CVE-2009-0757",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in GNU MPFR 2.4.0 allow context-dependent attackers to cause a denial of service (crash) via the (1) mpfr_snprintf and (2) mpfr_vsnprintf functions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20090302 CVE Request: mpfr (Buffer Overflow)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2009/03/02/4" "lang": "eng",
}, "value": "Multiple buffer overflows in GNU MPFR 2.4.0 allow context-dependent attackers to cause a denial of service (crash) via the (1) mpfr_snprintf and (2) mpfr_vsnprintf functions."
{ }
"name" : "http://mpfr.loria.fr/mpfr-2.4.1/", ]
"refsource" : "CONFIRM", },
"url" : "http://mpfr.loria.fr/mpfr-2.4.1/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "USN-772-1", "description": [
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-772-1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "33945", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/33945" ]
}, },
{ "references": {
"name" : "34204", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/34204" "name": "34204",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/34204"
"name" : "35028", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35028" "name": "USN-772-1",
} "refsource": "UBUNTU",
] "url": "http://www.ubuntu.com/usn/USN-772-1"
} },
} {
"name": "http://mpfr.loria.fr/mpfr-2.4.1/",
"refsource": "CONFIRM",
"url": "http://mpfr.loria.fr/mpfr-2.4.1/"
},
{
"name": "33945",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33945"
},
{
"name": "[oss-security] 20090302 CVE Request: mpfr (Buffer Overflow)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/03/02/4"
},
{
"name": "35028",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35028"
}
]
}
}

120
2009/1xxx/CVE-2009-1230.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1230", "ID": "CVE-2009-1230",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Static code injection vulnerability in index.php in Podcast Generator 1.1 and earlier allows remote authenticated administrators to inject arbitrary PHP code into config.php via the recent parameter in a config change action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "8324", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/8324" "lang": "eng",
} "value": "Static code injection vulnerability in index.php in Podcast Generator 1.1 and earlier allows remote authenticated administrators to inject arbitrary PHP code into config.php via the recent parameter in a config change action."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "8324",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8324"
}
]
}
}

190
2009/1xxx/CVE-2009-1943.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1943", "ID": "CVE-2009-1943",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the IKE service (ireIke.exe) in SafeNet SoftRemote before 10.8.6 allows remote attackers to execute arbitrary code via a long request to UDP port 62514."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090601 ZDI-09-024: Safenet SoftRemote IKE Service Remote Stack Overflow Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/503981/100/0/threaded" "lang": "eng",
}, "value": "Stack-based buffer overflow in the IKE service (ireIke.exe) in SafeNet SoftRemote before 10.8.6 allows remote attackers to execute arbitrary code via a long request to UDP port 62514."
{ }
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-09-024/", ]
"refsource" : "MISC", },
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-09-024/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "35154", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/35154" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "54831", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/54831" ]
}, },
{ "references": {
"name" : "1022316", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1022316" "name": "ADV-2009-1472",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/1472"
"name" : "35280", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35280" "name": "1022316",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1022316"
"name" : "ADV-2009-1472", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/1472" "name": "54831",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/54831"
"name" : "softremote-ireike-bo(50880)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50880" "name": "35280",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/35280"
} },
} {
"name": "35154",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35154"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-09-024/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-024/"
},
{
"name": "softremote-ireike-bo(50880)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50880"
},
{
"name": "20090601 ZDI-09-024: Safenet SoftRemote IKE Service Remote Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/503981/100/0/threaded"
}
]
}
}

150
2009/1xxx/CVE-2009-1947.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1947", "ID": "CVE-2009-1947",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the UnbDbEncode function in unb_lib/database.lib.php in Unclassified NewsBoard (UNB) 1.6.4 allows remote attackers to execute arbitrary SQL commands via the Query parameter in a search action to forum.php, a different vector than CVE-2005-3686."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "8841", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/8841" "lang": "eng",
}, "value": "SQL injection vulnerability in the UnbDbEncode function in unb_lib/database.lib.php in Unclassified NewsBoard (UNB) 1.6.4 allows remote attackers to execute arbitrary SQL commands via the Query parameter in a search action to forum.php, a different vector than CVE-2005-3686."
{ }
"name" : "35183", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/35183" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "35299", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35299" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "unb-forum-sql-injection(50876)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50876" ]
} },
] "references": {
} "reference_data": [
} {
"name": "unb-forum-sql-injection(50876)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50876"
},
{
"name": "35183",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35183"
},
{
"name": "35299",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35299"
},
{
"name": "8841",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8841"
}
]
}
}

250
2009/4xxx/CVE-2009-4274.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2009-4274", "ID": "CVE-2009-4274",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20100209 vulnerability in netpbm (CVE-2009-4274)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2010/02/09/11" "lang": "eng",
}, "value": "Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value."
{ }
"name" : "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch&r1=995&r2=1076&pathrev=1076", ]
"refsource" : "CONFIRM", },
"url" : "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch&r1=995&r2=1076&pathrev=1076" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup", "description": [
"refsource" : "CONFIRM", {
"url" : "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=546580", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=546580" ]
}, },
{ "references": {
"name" : "DSA-2026", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2010/dsa-2026" "name": "RHSA-2011:1811",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-1811.html"
"name" : "MDVSA-2010:039", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:039" "name": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch&r1=995&r2=1076&pathrev=1076",
}, "refsource": "CONFIRM",
{ "url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch&r1=995&r2=1076&pathrev=1076"
"name" : "RHSA-2011:1811", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1811.html" "name": "ADV-2010-0358",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/0358"
"name" : "SUSE-SR:2010:006", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html" "name": "38530",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/38530"
"name" : "38164", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/38164" "name": "[oss-security] 20100209 vulnerability in netpbm (CVE-2009-4274)",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2010/02/09/11"
"name" : "38530", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38530" "name": "ADV-2010-0780",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/0780"
"name" : "38915", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38915" "name": "netpbm-xpm-bo(56207)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56207"
"name" : "ADV-2010-0358", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/0358" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=546580",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=546580"
"name" : "ADV-2010-0780", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/0780" "name": "SUSE-SR:2010:006",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
"name" : "netpbm-xpm-bo(56207)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56207" "name": "DSA-2026",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2010/dsa-2026"
} },
} {
"name": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup",
"refsource": "CONFIRM",
"url": "http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/doc/HISTORY?view=markup"
},
{
"name": "38915",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38915"
},
{
"name": "38164",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38164"
},
{
"name": "MDVSA-2010:039",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:039"
}
]
}
}

140
2009/4xxx/CVE-2009-4359.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4359", "ID": "CVE-2009-4359",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in folder.php in the SmartMedia 0.85 Beta module for XOOPS allows remote attackers to inject arbitrary web script or HTML via the categoryid parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.packetstormsecurity.org/0911-exploits/xoopssmartmedia-xss.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.packetstormsecurity.org/0911-exploits/xoopssmartmedia-xss.txt" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in folder.php in the SmartMedia 0.85 Beta module for XOOPS allows remote attackers to inject arbitrary web script or HTML via the categoryid parameter."
{ }
"name" : "37156", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/37156" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "smartmedia-folder-xss(54488)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54488" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "37156",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37156"
},
{
"name": "http://www.packetstormsecurity.org/0911-exploits/xoopssmartmedia-xss.txt",
"refsource": "MISC",
"url": "http://www.packetstormsecurity.org/0911-exploits/xoopssmartmedia-xss.txt"
},
{
"name": "smartmedia-folder-xss(54488)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54488"
}
]
}
}

140
2009/4xxx/CVE-2009-4555.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4555", "ID": "CVE-2009-4555",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in AgoraCart 5.2.005 and 5.2.006 and AgoraCart GOLD 5.5.005 allow remote attackers to hijack the authentication of administrators for requests that (1) modify a .htaccess file via an unspecified request to protected/manager.cgi or (2) change the password of an administrative account."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://holisticinfosec.org/content/view/129/45/", "description_data": [
"refsource" : "MISC", {
"url" : "http://holisticinfosec.org/content/view/129/45/" "lang": "eng",
}, "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in AgoraCart 5.2.005 and 5.2.006 and AgoraCart GOLD 5.5.005 allow remote attackers to hijack the authentication of administrators for requests that (1) modify a .htaccess file via an unspecified request to protected/manager.cgi or (2) change the password of an administrative account."
{ }
"name" : "36789", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/36789" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "agoracart-unspecified-csrf(53808)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/53808" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "36789",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36789"
},
{
"name": "http://holisticinfosec.org/content/view/129/45/",
"refsource": "MISC",
"url": "http://holisticinfosec.org/content/view/129/45/"
},
{
"name": "agoracart-unspecified-csrf(53808)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53808"
}
]
}
}

190
2009/4xxx/CVE-2009-4652.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4652", "ID": "CVE-2009-4652",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The (1) Conn_GetCipherInfo and (2) Conn_UsesSSL functions in src/ngircd/conn.c in ngIRCd 13 and 14, when SSL/TLS support is present and standalone mode is disabled, allow remote attackers to cause a denial of service (application crash) by sending the MOTD command from another server in the same IRC network, possibly related to an array index error."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git;a=blobdiff;f=src/ngircd/conn.c;h=c6095a31c613bc5ca127d55b8723e15b836f1cca;hp=9752a6191c7e2da5b0df64779e9cc28ad1e6241c;hb=627b0b713c52406e50c84bb9459e7794262920a2;hpb=95428a72ffb5214826b61d5e77f860e7ef6a6c9e", "description_data": [
"refsource" : "MISC", {
"url" : "http://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git;a=blobdiff;f=src/ngircd/conn.c;h=c6095a31c613bc5ca127d55b8723e15b836f1cca;hp=9752a6191c7e2da5b0df64779e9cc28ad1e6241c;hb=627b0b713c52406e50c84bb9459e7794262920a2;hpb=95428a72ffb5214826b61d5e77f860e7ef6a6c9e" "lang": "eng",
}, "value": "The (1) Conn_GetCipherInfo and (2) Conn_UsesSSL functions in src/ngircd/conn.c in ngIRCd 13 and 14, when SSL/TLS support is present and standalone mode is disabled, allow remote attackers to cause a denial of service (application crash) by sending the MOTD command from another server in the same IRC network, possibly related to an array index error."
{ }
"name" : "http://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git;a=commit;h=627b0b713c52406e50c84bb9459e7794262920a2", ]
"refsource" : "CONFIRM", },
"url" : "http://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git;a=commit;h=627b0b713c52406e50c84bb9459e7794262920a2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://ngircd.barton.de/doc/ChangeLog", "description": [
"refsource" : "CONFIRM", {
"url" : "http://ngircd.barton.de/doc/ChangeLog" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://ngircd.barton.de/doc/NEWS", ]
"refsource" : "CONFIRM", }
"url" : "http://ngircd.barton.de/doc/NEWS" ]
}, },
{ "references": {
"name" : "37021", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/37021" "name": "http://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git;a=blobdiff;f=src/ngircd/conn.c;h=c6095a31c613bc5ca127d55b8723e15b836f1cca;hp=9752a6191c7e2da5b0df64779e9cc28ad1e6241c;hb=627b0b713c52406e50c84bb9459e7794262920a2;hpb=95428a72ffb5214826b61d5e77f860e7ef6a6c9e",
}, "refsource": "MISC",
{ "url": "http://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git;a=blobdiff;f=src/ngircd/conn.c;h=c6095a31c613bc5ca127d55b8723e15b836f1cca;hp=9752a6191c7e2da5b0df64779e9cc28ad1e6241c;hb=627b0b713c52406e50c84bb9459e7794262920a2;hpb=95428a72ffb5214826b61d5e77f860e7ef6a6c9e"
"name" : "37343", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37343" "name": "http://ngircd.barton.de/doc/ChangeLog",
}, "refsource": "CONFIRM",
{ "url": "http://ngircd.barton.de/doc/ChangeLog"
"name" : "ADV-2009-3240", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/3240" "name": "http://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git;a=commit;h=627b0b713c52406e50c84bb9459e7794262920a2",
}, "refsource": "CONFIRM",
{ "url": "http://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git;a=commit;h=627b0b713c52406e50c84bb9459e7794262920a2"
"name" : "ngircd-ssltls-dos(54272)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54272" "name": "37021",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/37021"
} },
} {
"name": "ADV-2009-3240",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3240"
},
{
"name": "37343",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37343"
},
{
"name": "http://ngircd.barton.de/doc/NEWS",
"refsource": "CONFIRM",
"url": "http://ngircd.barton.de/doc/NEWS"
},
{
"name": "ngircd-ssltls-dos(54272)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54272"
}
]
}
}

130
2009/4xxx/CVE-2009-4801.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4801", "ID": "CVE-2009-4801",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "EZ-Blog Beta 1 does not require authentication, which allows remote attackers to create or delete arbitrary posts via requests to PHP scripts."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090301 EZ-Blog Beta 1 Multiple SQL Injection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/501352/100/0/threaded" "lang": "eng",
}, "value": "EZ-Blog Beta 1 does not require authentication, which allows remote attackers to create or delete arbitrary posts via requests to PHP scripts."
{ }
"name" : "8128", ]
"refsource" : "EXPLOIT-DB", },
"url" : "http://www.exploit-db.com/exploits/8128" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "8128",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/8128"
},
{
"name": "20090301 EZ-Blog Beta 1 Multiple SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/501352/100/0/threaded"
}
]
}
}

150
2009/5xxx/CVE-2009-5032.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-5032", "ID": "CVE-2009-5032",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The encrypted e-mail feature in IBM Lotus Notes Traveler before 8.5.0.2 sends unencrypted messages when the feature is used without uploading a Notes ID file, which makes it easier for remote attackers to obtain sensitive information by sniffing the network."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg24019529&aid=1", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg24019529&aid=1" "lang": "eng",
}, "value": "The encrypted e-mail feature in IBM Lotus Notes Traveler before 8.5.0.2 sends unencrypted messages when the feature is used without uploading a Notes ID file, which makes it easier for remote attackers to obtain sensitive information by sniffing the network."
{ }
"name" : "http://www-10.lotus.com/ldd/dominowiki.nsf/page.xsp?documentId=A6604E906E0DF2DF8525778B005D4466&action=openDocument", ]
"refsource" : "CONFIRM", },
"url" : "http://www-10.lotus.com/ldd/dominowiki.nsf/page.xsp?documentId=A6604E906E0DF2DF8525778B005D4466&action=openDocument" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "LO38116", "description": [
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1LO38116" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ibm-lnt-email-information-disclosure(64743)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64743" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www-10.lotus.com/ldd/dominowiki.nsf/page.xsp?documentId=A6604E906E0DF2DF8525778B005D4466&action=openDocument",
"refsource": "CONFIRM",
"url": "http://www-10.lotus.com/ldd/dominowiki.nsf/page.xsp?documentId=A6604E906E0DF2DF8525778B005D4466&action=openDocument"
},
{
"name": "ibm-lnt-email-information-disclosure(64743)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64743"
},
{
"name": "LO38116",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1LO38116"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg24019529&aid=1",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24019529&aid=1"
}
]
}
}

34
2012/2xxx/CVE-2012-2260.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2012-2260", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2012-2260",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none."
} }
] ]
} }
} }

34
2012/2xxx/CVE-2012-2476.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-2476", "ID": "CVE-2012-2476",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

230
2012/2xxx/CVE-2012-2798.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2012-2798", "ID": "CVE-2012-2798",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an \"out of array write.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20120831 Information on security issues fixed in ffmpeg 0.11?", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2012/08/31/3" "lang": "eng",
}, "value": "Unspecified vulnerability in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an \"out of array write.\""
{ }
"name" : "[oss-security] 20120902 Re: Information on security issues fixed in ffmpeg 0.11?", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2012/09/02/4" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://ffmpeg.org/security.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://ffmpeg.org/security.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=72b9537d8886f679494651df517dfed9b420cf1f", ]
"refsource" : "CONFIRM", }
"url" : "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=72b9537d8886f679494651df517dfed9b420cf1f" ]
}, },
{ "references": {
"name" : "http://libav.org/releases/libav-0.7.7.changelog", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://libav.org/releases/libav-0.7.7.changelog" "name": "[oss-security] 20120902 Re: Information on security issues fixed in ffmpeg 0.11?",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2012/09/02/4"
"name" : "http://libav.org/releases/libav-0.8.4.changelog", },
"refsource" : "CONFIRM", {
"url" : "http://libav.org/releases/libav-0.8.4.changelog" "name": "http://libav.org/releases/libav-0.8.5.changelog",
}, "refsource": "CONFIRM",
{ "url": "http://libav.org/releases/libav-0.8.5.changelog"
"name" : "http://libav.org/releases/libav-0.8.5.changelog", },
"refsource" : "CONFIRM", {
"url" : "http://libav.org/releases/libav-0.8.5.changelog" "name": "http://libav.org/releases/libav-0.8.4.changelog",
}, "refsource": "CONFIRM",
{ "url": "http://libav.org/releases/libav-0.8.4.changelog"
"name" : "MDVSA-2013:079", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:079" "name": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=72b9537d8886f679494651df517dfed9b420cf1f",
}, "refsource": "CONFIRM",
{ "url": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=72b9537d8886f679494651df517dfed9b420cf1f"
"name" : "USN-1705-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1705-1" "name": "55355",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/55355"
"name" : "55355", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/55355" "name": "MDVSA-2013:079",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:079"
"name" : "50468", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/50468" "name": "[oss-security] 20120831 Information on security issues fixed in ffmpeg 0.11?",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2012/08/31/3"
"name" : "51257", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51257" "name": "http://ffmpeg.org/security.html",
} "refsource": "CONFIRM",
] "url": "http://ffmpeg.org/security.html"
} },
} {
"name": "http://libav.org/releases/libav-0.7.7.changelog",
"refsource": "CONFIRM",
"url": "http://libav.org/releases/libav-0.7.7.changelog"
},
{
"name": "USN-1705-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1705-1"
},
{
"name": "50468",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50468"
},
{
"name": "51257",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51257"
}
]
}
}

34
2012/3xxx/CVE-2012-3853.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-3853", "ID": "CVE-2012-3853",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2012/3xxx/CVE-2012-3899.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2012-3899", "ID": "CVE-2012-3899",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "sensorApp on Cisco IPS 4200 series sensors 6.0, 6.2, and 7.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and process crash, and traffic-inspection outage) via network traffic, aka Bug ID CSCtn23051."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.cisco.com/web/software/282549758/51927/IPS-6_2-4-E4-readme.txt", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.cisco.com/web/software/282549758/51927/IPS-6_2-4-E4-readme.txt" "lang": "eng",
} "value": "sensorApp on Cisco IPS 4200 series sensors 6.0, 6.2, and 7.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and process crash, and traffic-inspection outage) via network traffic, aka Bug ID CSCtn23051."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cisco.com/web/software/282549758/51927/IPS-6_2-4-E4-readme.txt",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/web/software/282549758/51927/IPS-6_2-4-E4-readme.txt"
}
]
}
}

230
2012/3xxx/CVE-2012-3960.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-3960", "ID": "CVE-2012-3960",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2012/mfsa2012-58.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2012/mfsa2012-58.html" "lang": "eng",
}, "value": "Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=771976", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=771976" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2012:1211", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1211.html" ]
}, },
{ "references": {
"name" : "RHSA-2012:1210", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1210.html" "name": "RHSA-2012:1211",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-1211.html"
"name" : "SUSE-SU-2012:1167", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html" "name": "oval:org.mitre.oval:def:16853",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16853"
"name" : "openSUSE-SU-2012:1065", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html" "name": "http://www.mozilla.org/security/announce/2012/mfsa2012-58.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2012/mfsa2012-58.html"
"name" : "SUSE-SU-2012:1157", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html" "name": "USN-1548-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1548-1"
"name" : "USN-1548-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1548-2" "name": "USN-1548-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1548-2"
"name" : "USN-1548-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1548-1" "name": "RHSA-2012:1210",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-1210.html"
"name" : "55325", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/55325" "name": "SUSE-SU-2012:1167",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html"
"name" : "oval:org.mitre.oval:def:16853", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16853" "name": "SUSE-SU-2012:1157",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html"
} },
} {
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=771976",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=771976"
},
{
"name": "openSUSE-SU-2012:1065",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html"
},
{
"name": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf",
"refsource": "CONFIRM",
"url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"
},
{
"name": "55325",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55325"
}
]
}
}

180
2012/6xxx/CVE-2012-6053.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6053", "ID": "CVE-2012-6053",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "epan/dissectors/packet-usb.c in the USB dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 relies on a length field to calculate an offset value, which allows remote attackers to cause a denial of service (infinite loop) via a zero value for this field."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-usb.c?r1=45310&r2=45309&pathrev=45310", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-usb.c?r1=45310&r2=45309&pathrev=45310" "lang": "eng",
}, "value": "epan/dissectors/packet-usb.c in the USB dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 relies on a length field to calculate an offset value, which allows remote attackers to cause a denial of service (infinite loop) via a zero value for this field."
{ }
"name" : "http://anonsvn.wireshark.org/viewvc?view=revision&revision=45310", ]
"refsource" : "CONFIRM", },
"url" : "http://anonsvn.wireshark.org/viewvc?view=revision&revision=45310" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.wireshark.org/security/wnpa-sec-2012-31.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.wireshark.org/security/wnpa-sec-2012-31.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7787", ]
"refsource" : "CONFIRM", }
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7787" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2012:1633", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2012-12/msg00022.html" "name": "oval:org.mitre.oval:def:15915",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15915"
"name" : "openSUSE-SU-2013:0151", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2013-01/msg00042.html" "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7787",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7787"
"name" : "oval:org.mitre.oval:def:15915", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15915" "name": "http://www.wireshark.org/security/wnpa-sec-2012-31.html",
} "refsource": "CONFIRM",
] "url": "http://www.wireshark.org/security/wnpa-sec-2012-31.html"
} },
} {
"name": "openSUSE-SU-2012:1633",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00022.html"
},
{
"name": "openSUSE-SU-2013:0151",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00042.html"
},
{
"name": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=45310",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=45310"
},
{
"name": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-usb.c?r1=45310&r2=45309&pathrev=45310",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-usb.c?r1=45310&r2=45309&pathrev=45310"
}
]
}
}

34
2012/6xxx/CVE-2012-6284.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2012-6284", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2012-6284",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none."
} }
] ]
} }
} }

34
2012/6xxx/CVE-2012-6448.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6448", "ID": "CVE-2012-6448",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2012/6xxx/CVE-2012-6449.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6449", "ID": "CVE-2012-6449",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2015/5xxx/CVE-2015-5047.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-5047", "ID": "CVE-2015-5047",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2015/5xxx/CVE-2015-5263.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-5263", "ID": "CVE-2015-5263",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "pulp-consumer-client 2.4.0 through 2.6.3 does not check the server's TLS certificate signatures when retrieving the server's public key upon registration."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150924 Pulp 2.6.4 released for CVE-2015-5263", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/09/24/4" "lang": "eng",
}, "value": "pulp-consumer-client 2.4.0 through 2.6.3 does not check the server's TLS certificate signatures when retrieving the server's public key upon registration."
{ }
"name" : "http://cve.killedkenny.io/cve/CVE-2015-5263", ]
"refsource" : "MISC", },
"url" : "http://cve.killedkenny.io/cve/CVE-2015-5263" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/pulp/pulp/blob/aa432bf58497b5e3682333b1d5f5ae4f45788a61/client_consumer/pulp/client/consumer/cli.py#L103", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/pulp/pulp/blob/aa432bf58497b5e3682333b1d5f5ae4f45788a61/client_consumer/pulp/client/consumer/cli.py#L103" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/pulp/pulp/commit/b542d7465f7e6e02e1ea1aec059ac607a65cefe7#diff-17110211f89c042a9267e2167dedd754", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/pulp/pulp/commit/b542d7465f7e6e02e1ea1aec059ac607a65cefe7#diff-17110211f89c042a9267e2167dedd754" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://cve.killedkenny.io/cve/CVE-2015-5263",
"refsource": "MISC",
"url": "http://cve.killedkenny.io/cve/CVE-2015-5263"
},
{
"name": "[oss-security] 20150924 Pulp 2.6.4 released for CVE-2015-5263",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/09/24/4"
},
{
"name": "https://github.com/pulp/pulp/commit/b542d7465f7e6e02e1ea1aec059ac607a65cefe7#diff-17110211f89c042a9267e2167dedd754",
"refsource": "CONFIRM",
"url": "https://github.com/pulp/pulp/commit/b542d7465f7e6e02e1ea1aec059ac607a65cefe7#diff-17110211f89c042a9267e2167dedd754"
},
{
"name": "https://github.com/pulp/pulp/blob/aa432bf58497b5e3682333b1d5f5ae4f45788a61/client_consumer/pulp/client/consumer/cli.py#L103",
"refsource": "CONFIRM",
"url": "https://github.com/pulp/pulp/blob/aa432bf58497b5e3682333b1d5f5ae4f45788a61/client_consumer/pulp/client/consumer/cli.py#L103"
}
]
}
}

150
2015/5xxx/CVE-2015-5887.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-5887", "ID": "CVE-2015-5887",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The TLS Handshake Protocol implementation in Secure Transport in Apple OS X before 10.11 accepts a Certificate Request message within a session in which no Server Key Exchange message has been sent, which allows remote attackers to have an unspecified impact via crafted TLS data."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT205267", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT205267" "lang": "eng",
}, "value": "The TLS Handshake Protocol implementation in Secure Transport in Apple OS X before 10.11 accepts a Certificate Request message within a session in which no Server Key Exchange message has been sent, which allows remote attackers to have an unspecified impact via crafted TLS data."
{ }
"name" : "APPLE-SA-2015-09-30-3", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "76908", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76908" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1033703", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1033703" ]
} },
] "references": {
} "reference_data": [
} {
"name": "1033703",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033703"
},
{
"name": "APPLE-SA-2015-09-30-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"name": "https://support.apple.com/HT205267",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205267"
},
{
"name": "76908",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76908"
}
]
}
}

180
2015/5xxx/CVE-2015-5926.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-5926", "ID": "CVE-2015-5926",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-5925."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT205370", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT205370" "lang": "eng",
}, "value": "The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2015-5925."
{ }
"name" : "https://support.apple.com/HT205375", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT205375" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT205378", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT205378" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2015-10-21-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2015-10-21-2", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00003.html" "name": "APPLE-SA-2015-10-21-4",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html"
"name" : "APPLE-SA-2015-10-21-4", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html" "name": "APPLE-SA-2015-10-21-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html"
"name" : "1033929", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033929" "name": "https://support.apple.com/HT205375",
} "refsource": "CONFIRM",
] "url": "https://support.apple.com/HT205375"
} },
} {
"name": "APPLE-SA-2015-10-21-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00003.html"
},
{
"name": "https://support.apple.com/HT205370",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205370"
},
{
"name": "https://support.apple.com/HT205378",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205378"
},
{
"name": "1033929",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033929"
}
]
}
}

130
2018/11xxx/CVE-2018-11027.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11027", "ID": "CVE-2018-11027",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A reflected XSS vulnerability on Ruckus ICX7450-48 devices allows remote attackers to inject arbitrary web script or HTML."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20180524 Ruckus (Brocade) ICX7450-48 Reflected Cross Site Scripting", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/542040/100/0/threaded" "lang": "eng",
}, "value": "A reflected XSS vulnerability on Ruckus ICX7450-48 devices allows remote attackers to inject arbitrary web script or HTML."
{ }
"name" : "https://vulmon.com/vulnerabilitydetails?qid=CVE-2018-11027", ]
"refsource" : "MISC", },
"url" : "https://vulmon.com/vulnerabilitydetails?qid=CVE-2018-11027" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20180524 Ruckus (Brocade) ICX7450-48 Reflected Cross Site Scripting",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/542040/100/0/threaded"
},
{
"name": "https://vulmon.com/vulnerabilitydetails?qid=CVE-2018-11027",
"refsource": "MISC",
"url": "https://vulmon.com/vulnerabilitydetails?qid=CVE-2018-11027"
}
]
}
}

140
2018/11xxx/CVE-2018-11153.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11153", "ID": "CVE-2018-11153",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 11 of 46)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20180531 [CORE-2018-0002] - Quest DR Series Disk Backup Multiple Vulnerabilities", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2018/May/71" "lang": "eng",
}, "value": "Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 11 of 46)."
{ }
"name" : "http://packetstormsecurity.com/files/148003/Quest-DR-Series-Disk-Backup-Software-4.0.3-Code-Execution.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/148003/Quest-DR-Series-Disk-Backup-Software-4.0.3-Code-Execution.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.coresecurity.com/advisories/quest-dr-series-disk-backup-multiple-vulnerabilities", "description": [
"refsource" : "MISC", {
"url" : "https://www.coresecurity.com/advisories/quest-dr-series-disk-backup-multiple-vulnerabilities" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20180531 [CORE-2018-0002] - Quest DR Series Disk Backup Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2018/May/71"
},
{
"name": "http://packetstormsecurity.com/files/148003/Quest-DR-Series-Disk-Backup-Software-4.0.3-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/148003/Quest-DR-Series-Disk-Backup-Software-4.0.3-Code-Execution.html"
},
{
"name": "https://www.coresecurity.com/advisories/quest-dr-series-disk-backup-multiple-vulnerabilities",
"refsource": "MISC",
"url": "https://www.coresecurity.com/advisories/quest-dr-series-disk-backup-multiple-vulnerabilities"
}
]
}
}

132
2018/11xxx/CVE-2018-11778.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@apache.org", "ASSIGNER": "security@apache.org",
"DATE_PUBLIC" : "2018-10-04T00:00:00", "DATE_PUBLIC": "2018-10-04T00:00:00",
"ID" : "CVE-2018-11778", "ID": "CVE-2018-11778",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Apache Ranger", "product_name": "Apache Ranger",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "prior to 1.2.0" "version_value": "prior to 1.2.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Apache Software Foundation" "vendor_name": "Apache Software Foundation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "UnixAuthenticationService in Apache Ranger 1.2.0 was updated to correctly handle user input to avoid Stack-based buffer overflow. Versions prior to 1.2.0 should be upgraded to 1.2.0"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Overflow"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20181004 CVE update - fixed in Apache Ranger 1.2.0", "description_data": [
"refsource" : "MLIST", {
"url" : "https://seclists.org/oss-sec/2018/q4/11" "lang": "eng",
}, "value": "UnixAuthenticationService in Apache Ranger 1.2.0 was updated to correctly handle user input to avoid Stack-based buffer overflow. Versions prior to 1.2.0 should be upgraded to 1.2.0"
{ }
"name" : "https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger", ]
"refsource" : "CONFIRM", },
"url" : "https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger"
},
{
"name": "[oss-security] 20181004 CVE update - fixed in Apache Ranger 1.2.0",
"refsource": "MLIST",
"url": "https://seclists.org/oss-sec/2018/q4/11"
}
]
}
}

34
2018/14xxx/CVE-2018-14540.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14540", "ID": "CVE-2018-14540",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

180
2018/14xxx/CVE-2018-14652.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psampaio@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2018-14652", "ID": "CVE-2018-14652",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "glusterfs", "product_name": "glusterfs",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "through 3.12 and 4.1.4" "version_value": "through 3.12 and 4.1.4"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "The Gluster Project" "vendor_name": "The Gluster Project"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Gluster file system through versions 3.12 and 4.1.4 is vulnerable to a buffer overflow in the 'features/index' translator via the code handling the 'GF_XATTR_CLRLK_CMD' xattr in the 'pl_getxattr' function. A remote authenticated attacker could exploit this on a mounted volume to cause a denial of service."
}
]
},
"impact" : {
"cvss" : [
[
{
"vectorString" : "6.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version" : "3.0"
}
]
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-120"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20181105 [SECURITY] [DLA 1565-1] glusterfs security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00003.html" "lang": "eng",
}, "value": "The Gluster file system through versions 3.12 and 4.1.4 is vulnerable to a buffer overflow in the 'features/index' translator via the code handling the 'GF_XATTR_CLRLK_CMD' xattr in the 'pl_getxattr' function. A remote authenticated attacker could exploit this on a mounted volume to cause a denial of service."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14652", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14652" "impact": {
}, "cvss": [
{ [
"name" : "RHSA-2018:3431", {
"refsource" : "REDHAT", "vectorString": "6.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"url" : "https://access.redhat.com/errata/RHSA-2018:3431" "version": "3.0"
}, }
{ ]
"name" : "RHSA-2018:3432", ]
"refsource" : "REDHAT", },
"url" : "https://access.redhat.com/errata/RHSA-2018:3432" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2018:3470", "description": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3470" "lang": "eng",
} "value": "CWE-120"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:3431",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3431"
},
{
"name": "[debian-lts-announce] 20181105 [SECURITY] [DLA 1565-1] glusterfs security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00003.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14652",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14652"
},
{
"name": "RHSA-2018:3432",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3432"
},
{
"name": "RHSA-2018:3470",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3470"
}
]
}
}

120
2018/15xxx/CVE-2018-15177.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15177", "ID": "CVE-2018-15177",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Gxlcms 2.0, a news/index.php?s=Admin-Admin-Insert CSRF attack can add an administrator account."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://gitee.com/gxlcms/gxlcms_news_system_2/issues/ILVLP", "description_data": [
"refsource" : "MISC", {
"url" : "https://gitee.com/gxlcms/gxlcms_news_system_2/issues/ILVLP" "lang": "eng",
} "value": "In Gxlcms 2.0, a news/index.php?s=Admin-Admin-Insert CSRF attack can add an administrator account."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gitee.com/gxlcms/gxlcms_news_system_2/issues/ILVLP",
"refsource": "MISC",
"url": "https://gitee.com/gxlcms/gxlcms_news_system_2/issues/ILVLP"
}
]
}
}

150
2018/15xxx/CVE-2018-15976.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2018-15976", "ID": "CVE-2018-15976",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe Technical Communications Suite", "product_name": "Adobe Technical Communications Suite",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "1.0.5.1 and below versions" "version_value": "1.0.5.1 and below versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Adobe" "vendor_name": "Adobe"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Technical Communications Suite versions 1.0.5.1 and below have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Insecure Library Loading (DLL hijacking)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/techcommsuite/apsb18-38.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/techcommsuite/apsb18-38.html" "lang": "eng",
}, "value": "Adobe Technical Communications Suite versions 1.0.5.1 and below have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation."
{ }
"name" : "105535", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/105535" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1041819", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1041819" "lang": "eng",
}, "value": "Insecure Library Loading (DLL hijacking)"
{ }
"name" : "1041820", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1041820" ]
} },
] "references": {
} "reference_data": [
} {
"name": "105535",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105535"
},
{
"name": "1041820",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041820"
},
{
"name": "https://helpx.adobe.com/security/products/techcommsuite/apsb18-38.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/techcommsuite/apsb18-38.html"
},
{
"name": "1041819",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041819"
}
]
}
}

130
2018/15xxx/CVE-2018-15992.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2018-15992", "ID": "CVE-2018-15992",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb18-41.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb18-41.html" "lang": "eng",
}, "value": "Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution."
{ }
"name" : "106164", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/106164" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106164",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106164"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb18-41.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb18-41.html"
}
]
}
}

34
2018/3xxx/CVE-2018-3114.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-3114", "ID": "CVE-2018-3114",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/8xxx/CVE-2018-8559.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8559", "ID": "CVE-2018-8559",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2018/8xxx/CVE-2018-8988.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8988", "ID": "CVE-2018-8988",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002008."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/D0neMkj/POC_BSOD/tree/master/Windows%20Optimization%20master/0xf1002008", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/D0neMkj/POC_BSOD/tree/master/Windows%20Optimization%20master/0xf1002008" "lang": "eng",
} "value": "In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002008."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/D0neMkj/POC_BSOD/tree/master/Windows%20Optimization%20master/0xf1002008",
"refsource": "MISC",
"url": "https://github.com/D0neMkj/POC_BSOD/tree/master/Windows%20Optimization%20master/0xf1002008"
}
]
}
}

120
2018/8xxx/CVE-2018-8993.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8993", "ID": "CVE-2018-8993",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002001."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/D0neMkj/POC_BSOD/tree/master/Windows%20Optimization%20master/0xf1002001", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/D0neMkj/POC_BSOD/tree/master/Windows%20Optimization%20master/0xf1002001" "lang": "eng",
} "value": "In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002001."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/D0neMkj/POC_BSOD/tree/master/Windows%20Optimization%20master/0xf1002001",
"refsource": "MISC",
"url": "https://github.com/D0neMkj/POC_BSOD/tree/master/Windows%20Optimization%20master/0xf1002001"
}
]
}
}