admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:14:09 +00:00
parent fac653e296
commit 4d711caec7
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
50 changed files with 3301 additions and 3296 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
2002/1xxx/CVE-2002-1307.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1307", "ID": "CVE-2002-1307",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting vulnerability (XSS) in MHonArc 2.5.12 and earlier allows remote attackers to insert script or HTML via an email message with the script in a MIME header name." "value": "Cross-site scripting vulnerability (XSS) in MHonArc 2.5.12 and earlier allows remote attackers to insert script or HTML via an email message with the script in a MIME header name."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "DSA-199", "name": "mhonarc-mime-header-xss(10666)",
"refsource" : "DEBIAN", "refsource": "XF",
"url" : "http://www.debian.org/security/2002/dsa-199" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10666"
}, },
{ {
"name" : "http://www.mhonarc.org/archive/cgi-bin/mesg.cgi?a=mhonarc-users&i=200210211713.g9LHDXE02256@mcguire.earlhood.com", "name": "http://www.mhonarc.org/archive/cgi-bin/mesg.cgi?a=mhonarc-users&i=200210211713.g9LHDXE02256@mcguire.earlhood.com",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.mhonarc.org/archive/cgi-bin/mesg.cgi?a=mhonarc-users&i=200210211713.g9LHDXE02256@mcguire.earlhood.com" "url": "http://www.mhonarc.org/archive/cgi-bin/mesg.cgi?a=mhonarc-users&i=200210211713.g9LHDXE02256@mcguire.earlhood.com"
}, },
{ {
"name" : "6204", "name": "6204",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/6204" "url": "http://www.securityfocus.com/bid/6204"
}, },
{ {
"name" : "mhonarc-mime-header-xss(10666)", "name": "DSA-199",
"refsource" : "XF", "refsource": "DEBIAN",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/10666" "url": "http://www.debian.org/security/2002/dsa-199"
}, },
{ {
"name" : "7353", "name": "7353",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/7353" "url": "http://www.osvdb.org/7353"
} }
] ]
} }

74
2002/1xxx/CVE-2002-1408.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1408", "ID": "CVE-2002-1408",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) \"'read-only' community access,\" and/or (2) an easily guessable community name." "value": "Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) \"'read-only' community access,\" and/or (2) an easily guessable community name."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "HPSBUX0208-208", "name": "HPSBUX0208-208",
"refsource" : "HP", "refsource": "HP",
"url" : "http://online.securityfocus.com/advisories/4360" "url": "http://online.securityfocus.com/advisories/4360"
}, },
{ {
"name" : "hp-emanate-default-snmp(9814)", "name": "5428",
"refsource" : "XF", "refsource": "BID",
"url" : "http://www.iss.net/security_center/static/9814.php" "url": "http://www.securityfocus.com/bid/5428"
}, },
{ {
"name" : "5428", "name": "hp-emanate-default-snmp(9814)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/5428" "url": "http://www.iss.net/security_center/static/9814.php"
} }
] ]
} }

80
2002/1xxx/CVE-2002-1522.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1522", "ID": "CVE-2002-1522",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in PowerFTP FTP server 2.24, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long USER argument." "value": "Buffer overflow in PowerFTP FTP server 2.24, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long USER argument."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20021005 Vulnerabilitie in PowerFTP server", "name": "20021005 Vulnerabilitie in PowerFTP server",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-10/0075.html" "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0075.html"
}, },
{ {
"name" : "20021012 Coolsoft PowerFTP <= v2.24 Denial of Service (Linux Source)", "name": "5899",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-10/0194.html" "url": "http://www.securityfocus.com/bid/5899"
}, },
{ {
"name" : "5899", "name": "20021012 Coolsoft PowerFTP <= v2.24 Denial of Service (Linux Source)",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/5899" "url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0194.html"
}, },
{ {
"name" : "powerftp-long-username-dos(10286)", "name": "powerftp-long-username-dos(10286)",
"refsource" : "XF", "refsource": "XF",
"url" : "http://www.iss.net/security_center/static/10286.php" "url": "http://www.iss.net/security_center/static/10286.php"
} }
] ]
} }

110
2003/0xxx/CVE-2003-0039.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0039", "ID": "CVE-2003-0039",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is not restricted by a hop count." "value": "ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is not restricted by a hop count."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20030115 DoS against DHCP infrastructure with isc dhcrelay", "name": "CLSA-2003:616",
"refsource" : "BUGTRAQ", "refsource": "CONECTIVA",
"url" : "http://marc.info/?l=bugtraq&m=104310927813830&w=2" "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000616"
}, },
{ {
"name" : "CLSA-2003:616", "name": "VU#149953",
"refsource" : "CONECTIVA", "refsource": "CERT-VN",
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000616" "url": "http://www.kb.cert.org/vuls/id/149953"
}, },
{ {
"name" : "DSA-245", "name": "DSA-245",
"refsource" : "DEBIAN", "refsource": "DEBIAN",
"url" : "http://www.debian.org/security/2003/dsa-245" "url": "http://www.debian.org/security/2003/dsa-245"
}, },
{ {
"name" : "RHSA-2003:034", "name": "TLSA-2003-26",
"refsource" : "REDHAT", "refsource": "TURBO",
"url" : "http://www.redhat.com/support/errata/RHSA-2003-034.html" "url": "http://cc.turbolinux.com/security/TLSA-2003-26.txt"
}, },
{ {
"name" : "TLSA-2003-26", "name": "RHSA-2003:034",
"refsource" : "TURBO", "refsource": "REDHAT",
"url" : "http://cc.turbolinux.com/security/TLSA-2003-26.txt" "url": "http://www.redhat.com/support/errata/RHSA-2003-034.html"
}, },
{ {
"name" : "20030219 [OpenPKG-SA-2003.012] OpenPKG Security Advisory (dhcpd)", "name": "20030219 [OpenPKG-SA-2003.012] OpenPKG Security Advisory (dhcpd)",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.openpkg.org/security/OpenPKG-SA-2003.012-dhcpd.html" "url": "http://www.openpkg.org/security/OpenPKG-SA-2003.012-dhcpd.html"
}, },
{ {
"name" : "VU#149953", "name": "dhcp-dhcrelay-dos(11187)",
"refsource" : "CERT-VN", "refsource": "XF",
"url" : "http://www.kb.cert.org/vuls/id/149953" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11187"
}, },
{ {
"name" : "6628", "name": "20030115 DoS against DHCP infrastructure with isc dhcrelay",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/6628" "url": "http://marc.info/?l=bugtraq&m=104310927813830&w=2"
}, },
{ {
"name" : "dhcp-dhcrelay-dos(11187)", "name": "6628",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11187" "url": "http://www.securityfocus.com/bid/6628"
} }
] ]
} }

104
2003/0xxx/CVE-2003-0289.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0289", "ID": "CVE-2003-0289",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Format string vulnerability in scsiopen.c of the cdrecord program in cdrtools 2.0 allows local users to gain privileges via format string specifiers in the dev parameter." "value": "Format string vulnerability in scsiopen.c of the cdrecord program in cdrtools 2.0 allows local users to gain privileges via format string specifiers in the dev parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20030513 cdrtools2.0 Format String Vulnerability", "name": "200305-06",
"refsource" : "BUGTRAQ", "refsource": "GENTOO",
"url" : "http://marc.info/?l=bugtraq&m=105285564307225&w=2" "url": "http://forums.gentoo.org/viewtopic.php?t=54904"
}, },
{ {
"name" : "20030513 Cdrecord_local_root_exploit.", "name": "7565",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://marc.info/?l=bugtraq&m=105286031812533&w=2" "url": "http://www.securityfocus.com/bid/7565"
}, },
{ {
"name" : "ftp://ftp.berlios.de/pub/cdrecord/alpha/cdrtools-2.01a14.tar.gz", "name": "ftp://ftp.berlios.de/pub/cdrecord/alpha/cdrtools-2.01a14.tar.gz",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "ftp://ftp.berlios.de/pub/cdrecord/alpha/cdrtools-2.01a14.tar.gz" "url": "ftp://ftp.berlios.de/pub/cdrecord/alpha/cdrtools-2.01a14.tar.gz"
}, },
{ {
"name" : "200305-06", "name": "http://www.securiteam.com/exploits/5ZP0C2AAAC.html",
"refsource" : "GENTOO", "refsource": "MISC",
"url" : "http://forums.gentoo.org/viewtopic.php?t=54904" "url": "http://www.securiteam.com/exploits/5ZP0C2AAAC.html"
}, },
{ {
"name" : "MDKSA-2003:058", "name": "20030513 cdrtools2.0 Format String Vulnerability",
"refsource" : "MANDRAKE", "refsource": "BUGTRAQ",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2003:058" "url": "http://marc.info/?l=bugtraq&m=105285564307225&w=2"
}, },
{ {
"name" : "http://www.securiteam.com/exploits/5ZP0C2AAAC.html", "name": "MDKSA-2003:058",
"refsource" : "MISC", "refsource": "MANDRAKE",
"url" : "http://www.securiteam.com/exploits/5ZP0C2AAAC.html" "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:058"
}, },
{ {
"name" : "7565", "name": "20030513 Cdrecord_local_root_exploit.",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/7565" "url": "http://marc.info/?l=bugtraq&m=105286031812533&w=2"
}, },
{ {
"name" : "cdrtools-scsiopen-format-string(12007)", "name": "cdrtools-scsiopen-format-string(12007)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/12007" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12007"
} }
] ]
} }

62
2003/0xxx/CVE-2003-0606.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0606", "ID": "CVE-2003-0606",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "sup 1.8 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files." "value": "sup 1.8 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "DSA-353", "name": "DSA-353",
"refsource" : "DEBIAN", "refsource": "DEBIAN",
"url" : "http://www.debian.org/security/2003/dsa-353" "url": "http://www.debian.org/security/2003/dsa-353"
} }
] ]
} }

62
2003/0xxx/CVE-2003-0762.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0762", "ID": "CVE-2003-0762",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in (1) foxweb.dll and (2) foxweb.exe of Foxweb 2.5 allows remote attackers to execute arbitrary code via a long URL (PATH_INFO value)." "value": "Buffer overflow in (1) foxweb.dll and (2) foxweb.exe of Foxweb 2.5 allows remote attackers to execute arbitrary code via a long URL (PATH_INFO value)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20030905 [SCAN Associates Sdn Bhd Security Advisory] Foxweb 2.5 bufferoverflow in CGI and ISAPI extension", "name": "20030905 [SCAN Associates Sdn Bhd Security Advisory] Foxweb 2.5 bufferoverflow in CGI and ISAPI extension",
"refsource" : "VULNWATCH", "refsource": "VULNWATCH",
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0096.html" "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0096.html"
} }
] ]
} }

74
2003/1xxx/CVE-2003-1330.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1330", "ID": "CVE-2003-1330",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom \"on strip unsuccessful\" hooks, which allows remote attackers to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove." "value": "Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom \"on strip unsuccessful\" hooks, which allows remote attackers to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.mimesweeper.com/download/bin/Patches/MAILsweeper_Patches_301_ReadMe.htm", "name": "http://www.mimesweeper.com/download/bin/Patches/MAILsweeper_Patches_301_ReadMe.htm",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.mimesweeper.com/download/bin/Patches/MAILsweeper_Patches_301_ReadMe.htm" "url": "http://www.mimesweeper.com/download/bin/Patches/MAILsweeper_Patches_301_ReadMe.htm"
}, },
{ {
"name" : "7226", "name": "mailsweeper-onstrip-bypass-filter(11745)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/7226" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11745"
}, },
{ {
"name" : "mailsweeper-onstrip-bypass-filter(11745)", "name": "7226",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11745" "url": "http://www.securityfocus.com/bid/7226"
} }
] ]
} }

74
2003/1xxx/CVE-2003-1374.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1374", "ID": "CVE-2003-1374",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options." "value": "Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20030213 HPUX disable buffer overflow vulnerability", "name": "20030213 HPUX disable buffer overflow vulnerability",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2003-02/0156.html" "url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0156.html"
}, },
{ {
"name" : "hp-lp-disable-bo(11316)", "name": "6845",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11316" "url": "http://www.securityfocus.com/bid/6845"
}, },
{ {
"name" : "6845", "name": "hp-lp-disable-bo(11316)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/6845" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11316"
} }
] ]
} }

86
2003/1xxx/CVE-2003-1447.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1447", "ID": "CVE-2003-1447",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IBM WebSphere Advanced Server Edition 4.0.4 uses a weak encryption algorithm (XOR and base64 encoding), which allows local users to decrypt passwords when the configuration file is exported to XML." "value": "IBM WebSphere Advanced Server Edition 4.0.4 uses a weak encryption algorithm (XOR and base64 encoding), which allows local users to decrypt passwords when the configuration file is exported to XML."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20030204 Weak password protection in WebSphere 4.0.4 XML configuration export", "name": "websphere-xml-weak-encryption(11245)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/310118" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11245"
}, },
{ {
"name" : "20030206 Re: Weak password protection in WebSphere 4.0.4 XML configuration export", "name": "20030206 Re: Weak password protection in WebSphere 4.0.4 XML configuration export",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/310796" "url": "http://www.securityfocus.com/archive/1/310796"
}, },
{ {
"name" : "6758", "name": "6758",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/6758" "url": "http://www.securityfocus.com/bid/6758"
}, },
{ {
"name" : "3277", "name": "20030204 Weak password protection in WebSphere 4.0.4 XML configuration export",
"refsource" : "SREASON", "refsource": "BUGTRAQ",
"url" : "http://securityreason.com/securityalert/3277" "url": "http://www.securityfocus.com/archive/1/310118"
}, },
{ {
"name" : "websphere-xml-weak-encryption(11245)", "name": "3277",
"refsource" : "XF", "refsource": "SREASON",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11245" "url": "http://securityreason.com/securityalert/3277"
} }
] ]
} }

80
2004/2xxx/CVE-2004-2331.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2331", "ID": "CVE-2004-2331",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "ColdFusion MX 6.1 and 6.1 J2EE allows local users to bypass sandbox security restrictions and obtain sensitive information by using Java reflection methods to access trusted Java objects without using the CreateObject function or cfobject tag." "value": "ColdFusion MX 6.1 and 6.1 J2EE allows local users to bypass sandbox security restrictions and obtain sensitive information by using Java reflection methods to access trusted Java objects without using the CreateObject function or cfobject tag."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.macromedia.com/devnet/security/security_zone/mpsb04-01.html", "name": "http://www.macromedia.com/devnet/security/security_zone/mpsb04-01.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.macromedia.com/devnet/security/security_zone/mpsb04-01.html" "url": "http://www.macromedia.com/devnet/security/security_zone/mpsb04-01.html"
}, },
{ {
"name" : "9521", "name": "coldfusion-mx-sandbox-bypass(14984)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/9521" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14984"
}, },
{ {
"name" : "10743", "name": "9521",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/10743/" "url": "http://www.securityfocus.com/bid/9521"
}, },
{ {
"name" : "coldfusion-mx-sandbox-bypass(14984)", "name": "10743",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/14984" "url": "http://secunia.com/advisories/10743/"
} }
] ]
} }

68
2004/2xxx/CVE-2004-2354.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2354", "ID": "CVE-2004-2354",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered." "value": "SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20040315 [waraxe-2004-SA#007 - XSS and SQL injection bugs in 4nguestbook module for PhpNuke]", "name": "4nguestbook-modules-xss(15478)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2004-03/0139.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15478"
}, },
{ {
"name" : "4nguestbook-modules-xss(15478)", "name": "20040315 [waraxe-2004-SA#007 - XSS and SQL injection bugs in 4nguestbook module for PhpNuke]",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15478" "url": "http://archives.neohapsis.com/archives/bugtraq/2004-03/0139.html"
} }
] ]
} }

104
2004/2xxx/CVE-2004-2411.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2411", "ID": "CVE-2004-2411",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The CleanseMessage function in shop$db.asp for VP-ASP Shopping Cart 4.0 through 5.0 does not sufficiently cleanse inputs, which allows remote attackers to conduct cross-site scripting (XSS) attacks that do not use <script> tags, as demonstrated via javascript in IMG tags to (1) the cat parameter in shopdisplayproducts.asp or (2) the msg parameter in shoperror.asp, and possibly other vectors." "value": "The CleanseMessage function in shop$db.asp for VP-ASP Shopping Cart 4.0 through 5.0 does not sufficiently cleanse inputs, which allows remote attackers to conduct cross-site scripting (XSS) attacks that do not use <script> tags, as demonstrated via javascript in IMG tags to (1) the cat parameter in shopdisplayproducts.asp or (2) the msg parameter in shoperror.asp, and possibly other vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20040613 VP-ASP Shopping Cart Multiple Vulnerabilities", "name": "11846",
"refsource" : "FULLDISC", "refsource": "SECUNIA",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0363.html" "url": "http://secunia.com/advisories/11846"
}, },
{ {
"name" : "http://www.providesecurity.com/research/advisories/06142004-01.asp", "name": "http://www.providesecurity.com/research/advisories/06142004-01.asp",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.providesecurity.com/research/advisories/06142004-01.asp" "url": "http://www.providesecurity.com/research/advisories/06142004-01.asp"
}, },
{ {
"name" : "http://www.vpasp.com/virtprog/info/faq_securityfixes.htm", "name": "6949",
"refsource" : "CONFIRM", "refsource": "OSVDB",
"url" : "http://www.vpasp.com/virtprog/info/faq_securityfixes.htm" "url": "http://www.osvdb.org/6949"
}, },
{ {
"name" : "10530", "name": "10530",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/10530" "url": "http://www.securityfocus.com/bid/10530"
}, },
{ {
"name" : "10534", "name": "10534",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/10534" "url": "http://www.securityfocus.com/bid/10534"
}, },
{ {
"name" : "6949", "name": "http://www.vpasp.com/virtprog/info/faq_securityfixes.htm",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://www.osvdb.org/6949" "url": "http://www.vpasp.com/virtprog/info/faq_securityfixes.htm"
}, },
{ {
"name" : "11846", "name": "vpasp-shoperror-xss(16411)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/11846" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16411"
}, },
{ {
"name" : "vpasp-shoperror-xss(16411)", "name": "20040613 VP-ASP Shopping Cart Multiple Vulnerabilities",
"refsource" : "XF", "refsource": "FULLDISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16411" "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0363.html"
} }
] ]
} }

86
2004/2xxx/CVE-2004-2453.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2453", "ID": "CVE-2004-2453",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unknown vulnerability in Tutti Nova 0.10 through 0.12 (Beta) and 0.9.4, when register_globals is enabled, has unknown impact and attack vectors." "value": "Unknown vulnerability in Tutti Nova 0.10 through 0.12 (Beta) and 0.9.4, when register_globals is enabled, has unknown impact and attack vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=265832", "name": "11127",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=265832" "url": "http://www.securityfocus.com/bid/11127"
}, },
{ {
"name" : "11127", "name": "tutti-nova-registerglobals-enabled(17279)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/11127" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17279"
}, },
{ {
"name" : "9741", "name": "12467",
"refsource" : "OSVDB", "refsource": "SECUNIA",
"url" : "http://www.osvdb.org/9741" "url": "http://secunia.com/advisories/12467"
}, },
{ {
"name" : "12467", "name": "9741",
"refsource" : "SECUNIA", "refsource": "OSVDB",
"url" : "http://secunia.com/advisories/12467" "url": "http://www.osvdb.org/9741"
}, },
{ {
"name" : "tutti-nova-registerglobals-enabled(17279)", "name": "http://sourceforge.net/project/shownotes.php?release_id=265832",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17279" "url": "http://sourceforge.net/project/shownotes.php?release_id=265832"
} }
] ]
} }

74
2008/2xxx/CVE-2008-2348.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2348", "ID": "CVE-2008-2348",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "MeltingIce File System 1.0 allows remote attackers to bypass application authentication, create new user accounts, and exceed application quotas via a direct request to admin/adduser.php." "value": "MeltingIce File System 1.0 allows remote attackers to bypass application authentication, create new user accounts, and exceed application quotas via a direct request to admin/adduser.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "5648", "name": "5648",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/5648" "url": "https://www.exploit-db.com/exploits/5648"
}, },
{ {
"name" : "29271", "name": "29271",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/29271" "url": "http://www.securityfocus.com/bid/29271"
}, },
{ {
"name" : "meltingice-adduser-security-bypass(42503)", "name": "meltingice-adduser-security-bypass(42503)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42503" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42503"
} }
] ]
} }

86
2008/2xxx/CVE-2008-2486.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2486", "ID": "CVE-2008-2486",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in eMule Plus before 1.2d has unknown impact and attack vectors related to \"staticservers.dat processing.\"" "value": "Unspecified vulnerability in eMule Plus before 1.2d has unknown impact and attack vectors related to \"staticservers.dat processing.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=600155", "name": "emuleplus-staticservers-unspecified(42620)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=600155" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42620"
}, },
{ {
"name" : "29361", "name": "30277",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/29361" "url": "http://secunia.com/advisories/30277"
}, },
{ {
"name" : "ADV-2008-1651", "name": "http://sourceforge.net/project/shownotes.php?release_id=600155",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2008/1651/references" "url": "http://sourceforge.net/project/shownotes.php?release_id=600155"
}, },
{ {
"name" : "30277", "name": "29361",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/30277" "url": "http://www.securityfocus.com/bid/29361"
}, },
{ {
"name" : "emuleplus-staticservers-unspecified(42620)", "name": "ADV-2008-1651",
"refsource" : "XF", "refsource": "VUPEN",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42620" "url": "http://www.vupen.com/english/advisories/2008/1651/references"
} }
] ]
} }

86
2008/2xxx/CVE-2008-2790.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2790", "ID": "CVE-2008-2790",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in detail.php in MountainGrafix easyTrade 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter." "value": "SQL injection vulnerability in detail.php in MountainGrafix easyTrade 2.x allows remote attackers to execute arbitrary SQL commands via the id parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "5840", "name": "easytrade-detail-sql-injection(43152)",
"refsource" : "EXPLOIT-DB", "refsource": "XF",
"url" : "https://www.exploit-db.com/exploits/5840" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43152"
}, },
{ {
"name" : "http://shop.mountaingrafix.at/media/patches/etv_patch_2_3_2.zip", "name": "http://shop.mountaingrafix.at/media/patches/etv_patch_2_3_2.zip",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://shop.mountaingrafix.at/media/patches/etv_patch_2_3_2.zip" "url": "http://shop.mountaingrafix.at/media/patches/etv_patch_2_3_2.zip"
}, },
{ {
"name" : "29775", "name": "29775",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/29775" "url": "http://www.securityfocus.com/bid/29775"
}, },
{ {
"name" : "30673", "name": "30673",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/30673" "url": "http://secunia.com/advisories/30673"
}, },
{ {
"name" : "easytrade-detail-sql-injection(43152)", "name": "5840",
"refsource" : "XF", "refsource": "EXPLOIT-DB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43152" "url": "https://www.exploit-db.com/exploits/5840"
} }
] ]
} }

86
2008/2xxx/CVE-2008-2836.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2836", "ID": "CVE-2008-2836",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "PHP remote file inclusion vulnerability in send_reminders.php in WebCalendar 1.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter and a 0 value for the noSet parameter, a different vector than CVE-2007-1483." "value": "PHP remote file inclusion vulnerability in send_reminders.php in WebCalendar 1.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter and a 0 value for the noSet parameter, a different vector than CVE-2007-1483."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "5847", "name": "5847",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/5847" "url": "https://www.exploit-db.com/exploits/5847"
}, },
{ {
"name" : "[webcalendar-announce] 20070304 Announce: Release 1.0.5 (security patch)", "name": "webcalendar-send-reminders-file-include(43156)",
"refsource" : "MLIST", "refsource": "XF",
"url" : "http://sourceforge.net/mailarchive/forum.php?thread_name=45EAF486.9080902%40k5n.us&forum_name=webcalendar-announce" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43156"
}, },
{ {
"name" : "29783", "name": "1020357",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/29783" "url": "http://www.securitytracker.com/id?1020357"
}, },
{ {
"name" : "1020357", "name": "29783",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id?1020357" "url": "http://www.securityfocus.com/bid/29783"
}, },
{ {
"name" : "webcalendar-send-reminders-file-include(43156)", "name": "[webcalendar-announce] 20070304 Announce: Release 1.0.5 (security patch)",
"refsource" : "XF", "refsource": "MLIST",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43156" "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=45EAF486.9080902%40k5n.us&forum_name=webcalendar-announce"
} }
] ]
} }

80
2008/2xxx/CVE-2008-2847.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2847", "ID": "CVE-2008-2847",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in the Trade module in Maxtrade AIO 1.3.23 allows remote attackers to execute arbitrary SQL commands via the categori parameter in a pocategorisell action to modules.php." "value": "SQL injection vulnerability in the Trade module in Maxtrade AIO 1.3.23 allows remote attackers to execute arbitrary SQL commands via the categori parameter in a pocategorisell action to modules.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "5853", "name": "29799",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "https://www.exploit-db.com/exploits/5853" "url": "http://www.securityfocus.com/bid/29799"
}, },
{ {
"name" : "29799", "name": "5853",
"refsource" : "BID", "refsource": "EXPLOIT-DB",
"url" : "http://www.securityfocus.com/bid/29799" "url": "https://www.exploit-db.com/exploits/5853"
}, },
{ {
"name" : "30722", "name": "30722",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/30722" "url": "http://secunia.com/advisories/30722"
}, },
{ {
"name" : "maxtradeaio-modules-sql-injection(43203)", "name": "maxtradeaio-modules-sql-injection(43203)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/43203" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43203"
} }
] ]
} }

68
2012/0xxx/CVE-2012-0333.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2012-0333", "ID": "CVE-2012-0333",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cisco Small Business IP phones with SPA 500 series firmware 7.4.9 and earlier do not require authentication for Push XML requests, which allows remote attackers to make telephone calls via an XML document, aka Bug ID CSCts08768." "value": "Cisco Small Business IP phones with SPA 500 series firmware 7.4.9 and earlier do not require authentication for Push XML requests, which allows remote attackers to make telephone calls via an XML document, aka Bug ID CSCts08768."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www-europe.cisco.com/en/US/docs/voice_ip_comm/csbpipp/ip_phones/release/notes/spa525g_relnote_7_5_1.pdf", "name": "http://www-europe.cisco.com/en/US/docs/voice_ip_comm/csbpipp/ip_phones/release/notes/spa525g_relnote_7_5_1.pdf",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www-europe.cisco.com/en/US/docs/voice_ip_comm/csbpipp/ip_phones/release/notes/spa525g_relnote_7_5_1.pdf" "url": "http://www-europe.cisco.com/en/US/docs/voice_ip_comm/csbpipp/ip_phones/release/notes/spa525g_relnote_7_5_1.pdf"
}, },
{ {
"name" : "1027012", "name": "1027012",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id?1027012" "url": "http://www.securitytracker.com/id?1027012"
} }
] ]
} }

74
2012/0xxx/CVE-2012-0898.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-0898", "ID": "CVE-2012-0898",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in meb_download.php in the myEASYbackup plugin 1.0.8.1 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dwn_file parameter." "value": "Directory traversal vulnerability in meb_download.php in the myEASYbackup plugin 1.0.8.1 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dwn_file parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://packetstormsecurity.org/files/view/108711/wpmyeasybackup-traversal.txt", "name": "myeasy-mebdownload-directory-traversal(72404)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://packetstormsecurity.org/files/view/108711/wpmyeasybackup-traversal.txt" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72404"
}, },
{ {
"name" : "47594", "name": "47594",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/47594" "url": "http://secunia.com/advisories/47594"
}, },
{ {
"name" : "myeasy-mebdownload-directory-traversal(72404)", "name": "http://packetstormsecurity.org/files/view/108711/wpmyeasybackup-traversal.txt",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72404" "url": "http://packetstormsecurity.org/files/view/108711/wpmyeasybackup-traversal.txt"
} }
] ]
} }

116
2012/1xxx/CVE-2012-1090.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-1090", "ID": "CVE-2012-1090",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO." "value": "The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20120228 Re: CVE request -- kernel: cifs: dentry refcount leak when opening a FIFO on lookup leads to panic on unmount", "name": "https://github.com/torvalds/linux/commit/88d7d4e4a439f32acc56a6d860e415ee71d3df08",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2012/02/28/4" "url": "https://github.com/torvalds/linux/commit/88d7d4e4a439f32acc56a6d860e415ee71d3df08"
}, },
{ {
"name" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.10", "name": "RHSA-2012:0531",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.10" "url": "http://rhn.redhat.com/errata/RHSA-2012-0531.html"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=798293", "name": "SUSE-SU-2012:0554",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=798293" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html"
}, },
{ {
"name" : "https://github.com/torvalds/linux/commit/88d7d4e4a439f32acc56a6d860e415ee71d3df08", "name": "RHSA-2012:0481",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://github.com/torvalds/linux/commit/88d7d4e4a439f32acc56a6d860e415ee71d3df08" "url": "http://rhn.redhat.com/errata/RHSA-2012-0481.html"
}, },
{ {
"name" : "RHSA-2012:0531", "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.10",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0531.html" "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.10"
}, },
{ {
"name" : "RHSA-2012:0481", "name": "48964",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0481.html" "url": "http://secunia.com/advisories/48964"
}, },
{ {
"name" : "SUSE-SU-2012:0554", "name": "SUSE-SU-2012:0616",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html"
}, },
{ {
"name" : "SUSE-SU-2012:0616", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=798293",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=798293"
}, },
{ {
"name" : "48842", "name": "48842",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/48842" "url": "http://secunia.com/advisories/48842"
}, },
{ {
"name" : "48964", "name": "[oss-security] 20120228 Re: CVE request -- kernel: cifs: dentry refcount leak when opening a FIFO on lookup leads to panic on unmount",
"refsource" : "SECUNIA", "refsource": "MLIST",
"url" : "http://secunia.com/advisories/48964" "url": "http://www.openwall.com/lists/oss-security/2012/02/28/4"
} }
] ]
} }

22
2012/1xxx/CVE-2012-1411.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-1411", "ID": "CVE-2012-1411",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2012/1xxx/CVE-2012-1486.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-1486", "ID": "CVE-2012-1486",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2012/5xxx/CVE-2012-5013.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-5013", "ID": "CVE-2012-5013",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

284
2012/5xxx/CVE-2012-5075.json
View File

@ -1,246 +1,246 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2012-5075", "ID": "CVE-2012-5075",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX." "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "name": "javaruntimeenvironment-comjmx-info-disc(79431)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79431"
}, },
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21616490", "name": "SUSE-SU-2012:1398",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21616490" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"
}, },
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21621154", "name": "GLSA-201406-32",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21621154" "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
}, },
{ {
"name" : "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf", "name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf" "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html"
}, },
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21620037", "name": "RHSA-2012:1466",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21620037" "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
}, },
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21631786", "name": "RHSA-2012:1386",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21631786" "url": "http://rhn.redhat.com/errata/RHSA-2012-1386.html"
}, },
{ {
"name" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html", "name": "51315",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html" "url": "http://secunia.com/advisories/51315"
}, },
{ {
"name" : "GLSA-201406-32", "name": "51438",
"refsource" : "GENTOO", "refsource": "SECUNIA",
"url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" "url": "http://secunia.com/advisories/51438"
}, },
{ {
"name" : "HPSBUX02832", "name": "51141",
"refsource" : "HP", "refsource": "SECUNIA",
"url" : "http://marc.info/?l=bugtraq&m=135542848327757&w=2" "url": "http://secunia.com/advisories/51141"
}, },
{ {
"name" : "SSRT101042", "name": "SSRT101043",
"refsource" : "HP", "refsource": "HP",
"url" : "http://marc.info/?l=bugtraq&m=135542848327757&w=2" "url": "http://marc.info/?l=bugtraq&m=135758563611658&w=2"
}, },
{ {
"name" : "HPSBOV02833", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154",
"refsource" : "HP", "refsource": "CONFIRM",
"url" : "http://marc.info/?l=bugtraq&m=135758563611658&w=2" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
}, },
{ {
"name" : "SSRT101043", "name": "oval:org.mitre.oval:def:16684",
"refsource" : "HP", "refsource": "OVAL",
"url" : "http://marc.info/?l=bugtraq&m=135758563611658&w=2" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16684"
}, },
{ {
"name" : "RHSA-2012:1385", "name": "openSUSE-SU-2012:1423",
"refsource" : "REDHAT", "refsource": "SUSE",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1385.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html"
}, },
{ {
"name" : "RHSA-2012:1386", "name": "RHSA-2013:1455",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1386.html" "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
}, },
{ {
"name" : "RHSA-2012:1391", "name": "RHSA-2012:1391",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1391.html" "url": "http://rhn.redhat.com/errata/RHSA-2012-1391.html"
}, },
{ {
"name" : "RHSA-2012:1392", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21620037",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1392.html" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21620037"
}, },
{ {
"name" : "RHSA-2012:1465", "name": "51029",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1465.html" "url": "http://secunia.com/advisories/51029"
}, },
{ {
"name" : "RHSA-2012:1466", "name": "HPSBOV02833",
"refsource" : "REDHAT", "refsource": "HP",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1466.html" "url": "http://marc.info/?l=bugtraq&m=135758563611658&w=2"
}, },
{ {
"name" : "RHSA-2012:1467", "name": "51166",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1467.html" "url": "http://secunia.com/advisories/51166"
}, },
{ {
"name" : "RHSA-2013:1455", "name": "51390",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1455.html" "url": "http://secunia.com/advisories/51390"
}, },
{ {
"name" : "RHSA-2013:1456", "name": "RHSA-2012:1392",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1456.html" "url": "http://rhn.redhat.com/errata/RHSA-2012-1392.html"
}, },
{ {
"name" : "openSUSE-SU-2012:1423", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00023.html" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
}, },
{ {
"name" : "SUSE-SU-2012:1398", "name": "SUSE-SU-2012:1489",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html"
}, },
{ {
"name" : "SUSE-SU-2012:1595", "name": "SUSE-SU-2012:1595",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html"
}, },
{ {
"name" : "SUSE-SU-2012:1489", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
}, },
{ {
"name" : "56081", "name": "51327",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/56081" "url": "http://secunia.com/advisories/51327"
}, },
{ {
"name" : "oval:org.mitre.oval:def:16684", "name": "RHSA-2012:1467",
"refsource" : "OVAL", "refsource": "REDHAT",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16684" "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
}, },
{ {
"name" : "51028", "name": "RHSA-2012:1465",
"refsource" : "SECUNIA", "refsource": "REDHAT",
"url" : "http://secunia.com/advisories/51028" "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
}, },
{ {
"name" : "51029", "name": "51328",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/51029" "url": "http://secunia.com/advisories/51328"
}, },
{ {
"name" : "51141", "name": "SSRT101042",
"refsource" : "SECUNIA", "refsource": "HP",
"url" : "http://secunia.com/advisories/51141" "url": "http://marc.info/?l=bugtraq&m=135542848327757&w=2"
}, },
{ {
"name" : "51315", "name": "51028",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/51315" "url": "http://secunia.com/advisories/51028"
}, },
{ {
"name" : "51326", "name": "56081",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/51326" "url": "http://www.securityfocus.com/bid/56081"
}, },
{ {
"name" : "51327", "name": "RHSA-2013:1456",
"refsource" : "SECUNIA", "refsource": "REDHAT",
"url" : "http://secunia.com/advisories/51327" "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
}, },
{ {
"name" : "51328", "name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/51328" "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html"
}, },
{ {
"name" : "51390", "name": "51326",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/51390" "url": "http://secunia.com/advisories/51326"
}, },
{ {
"name" : "51438", "name": "RHSA-2012:1385",
"refsource" : "SECUNIA", "refsource": "REDHAT",
"url" : "http://secunia.com/advisories/51438" "url": "http://rhn.redhat.com/errata/RHSA-2012-1385.html"
}, },
{ {
"name" : "51166", "name": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/51166" "url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"
}, },
{ {
"name" : "javaruntimeenvironment-comjmx-info-disc(79431)", "name": "HPSBUX02832",
"refsource" : "XF", "refsource": "HP",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/79431" "url": "http://marc.info/?l=bugtraq&m=135542848327757&w=2"
} }
] ]
} }

22
2012/5xxx/CVE-2012-5725.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-5725", "ID": "CVE-2012-5725",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

82
2017/3xxx/CVE-2017-3132.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@fortinet.com", "ASSIGNER": "psirt@fortinet.com",
"DATE_PUBLIC" : "2017-09-11T00:00:00", "DATE_PUBLIC": "2017-09-11T00:00:00",
"ID" : "CVE-2017-3132", "ID": "CVE-2017-3132",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Fortinet FortiOS", "product_name": "Fortinet FortiOS",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "FortiOS versions 5.6.0 and earlier" "version_value": "FortiOS versions 5.6.0 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Fortinet, Inc." "vendor_name": "Fortinet, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to Execute unauthorized code or commands via the action input during the activation of a FortiToken." "value": "A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to Execute unauthorized code or commands via the action input during the activation of a FortiToken."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Execute unauthorized code or commands" "value": "Execute unauthorized code or commands"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "42388", "name": "100009",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "https://www.exploit-db.com/exploits/42388/" "url": "http://www.securityfocus.com/bid/100009"
}, },
{ {
"name" : "https://fortiguard.com/advisory/FG-IR-17-104", "name": "1039020",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://fortiguard.com/advisory/FG-IR-17-104" "url": "http://www.securitytracker.com/id/1039020"
}, },
{ {
"name" : "100009", "name": "https://fortiguard.com/advisory/FG-IR-17-104",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/100009" "url": "https://fortiguard.com/advisory/FG-IR-17-104"
}, },
{ {
"name" : "1039020", "name": "42388",
"refsource" : "SECTRACK", "refsource": "EXPLOIT-DB",
"url" : "http://www.securitytracker.com/id/1039020" "url": "https://www.exploit-db.com/exploits/42388/"
} }
] ]
} }

22
2017/3xxx/CVE-2017-3566.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-3566", "ID": "CVE-2017-3566",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2017/3xxx/CVE-2017-3693.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-3693", "ID": "CVE-2017-3693",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

64
2017/3xxx/CVE-2017-3750.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@lenovo.com", "ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC" : "2017-06-28T00:00:00", "DATE_PUBLIC": "2017-06-28T00:00:00",
"ID" : "CVE-2017-3750", "ID": "CVE-2017-3750",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Lenovo Vibe and Lenovo China-only Moto Mobile Phones", "product_name": "Lenovo Vibe and Lenovo China-only Moto Mobile Phones",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Earlier than 6.0" "version_value": "Earlier than 6.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Lenovo Group Ltd." "vendor_name": "Lenovo Group Ltd."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "On Lenovo VIBE mobile phones, the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3749." "value": "On Lenovo VIBE mobile phones, the Lenovo Security Android application allows private data to be backed up and restored via Android Debug Bridge, which allows tampering leading to privilege escalation in conjunction with CVE-2017-3748 and CVE-2017-3749."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Privilege escalation" "value": "Privilege escalation"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.lenovo.com/us/en/product_security/LEN-15823", "name": "https://support.lenovo.com/us/en/product_security/LEN-15823",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.lenovo.com/us/en/product_security/LEN-15823" "url": "https://support.lenovo.com/us/en/product_security/LEN-15823"
} }
] ]
} }

74
2017/3xxx/CVE-2017-3812.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2017-3812", "ID": "CVE-2017-3812",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco Industrial Ethernet 2000 Switches 15.2(5.4.32i)E2", "product_name": "Cisco Industrial Ethernet 2000 Switches 15.2(5.4.32i)E2",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Cisco Industrial Ethernet 2000 Switches 15.2(5.4.32i)E2" "version_value": "Cisco Industrial Ethernet 2000 Switches 15.2(5.4.32i)E2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A vulnerability in the implementation of Common Industrial Protocol (CIP) functionality in Cisco Industrial Ethernet 2000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to a system memory leak. More Information: CSCvc54788. Known Affected Releases: 15.2(5.4.32i)E2. Known Fixed Releases: 15.2(5.4.62i)E2." "value": "A vulnerability in the implementation of Common Industrial Protocol (CIP) functionality in Cisco Industrial Ethernet 2000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to a system memory leak. More Information: CSCvc54788. Known Affected Releases: 15.2(5.4.32i)E2. Known Fixed Releases: 15.2(5.4.62i)E2."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "denial of service (DoS)" "value": "denial of service (DoS)"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-psc1", "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-psc1",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-psc1" "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-psc1"
}, },
{ {
"name" : "95946", "name": "95946",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/95946" "url": "http://www.securityfocus.com/bid/95946"
}, },
{ {
"name" : "1037771", "name": "1037771",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037771" "url": "http://www.securitytracker.com/id/1037771"
} }
] ]
} }

80
2017/3xxx/CVE-2017-3852.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2017-3852", "ID": "CVE-2017-3852",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco Application-Hosting Framework", "product_name": "Cisco Application-Hosting Framework",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Cisco Application-Hosting Framework" "version_value": "Cisco Application-Hosting Framework"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A vulnerability in the Cisco application-hosting framework (CAF) component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance running on the affected device. The vulnerability is due to insufficient input validation of user-supplied application packages. An attacker who can upload a malicious package within Cisco IOx could exploit the vulnerability to modify arbitrary files. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco IOx. Cisco IOx Releases 1.0.0.0 and 1.1.0.0 are vulnerable. Cisco Bug IDs: CSCuy52317." "value": "A vulnerability in the Cisco application-hosting framework (CAF) component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance running on the affected device. The vulnerability is due to insufficient input validation of user-supplied application packages. An attacker who can upload a malicious package within Cisco IOx could exploit the vulnerability to modify arbitrary files. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco IOx. Cisco IOx Releases 1.0.0.0 and 1.1.0.0 are vulnerable. Cisco Bug IDs: CSCuy52317."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-20 Arbitrary File Creation Vulnerability" "value": "CWE-20 Arbitrary File Creation Vulnerability"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-caf2", "name": "97014",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-caf2" "url": "http://www.securityfocus.com/bid/97014"
}, },
{ {
"name" : "97014", "name": "1038109",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/97014" "url": "http://www.securitytracker.com/id/1038109"
}, },
{ {
"name" : "1038108", "name": "1038108",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038108" "url": "http://www.securitytracker.com/id/1038108"
}, },
{ {
"name" : "1038109", "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-caf2",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1038109" "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170322-caf2"
} }
] ]
} }

22
2017/7xxx/CVE-2017-7193.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-7193", "ID": "CVE-2017-7193",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

74
2017/8xxx/CVE-2017-8325.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-8325", "ID": "CVE-2017-8325",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The iw_process_cols_to_intermediate function in imagew-main.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image." "value": "The iw_process_cols_to_intermediate function in imagew-main.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://blogs.gentoo.org/ago/2017/04/27/imageworsener-heap-based-buffer-overflow-in-iw_process_cols_to_intermediate-imagew-main-c/", "name": "GLSA-201706-06",
"refsource" : "MISC", "refsource": "GENTOO",
"url" : "https://blogs.gentoo.org/ago/2017/04/27/imageworsener-heap-based-buffer-overflow-in-iw_process_cols_to_intermediate-imagew-main-c/" "url": "https://security.gentoo.org/glsa/201706-06"
}, },
{ {
"name" : "https://github.com/jsummers/imageworsener/commit/86564051db45b466e5f667111ce00b5eeedc8fb6", "name": "https://github.com/jsummers/imageworsener/commit/86564051db45b466e5f667111ce00b5eeedc8fb6",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/jsummers/imageworsener/commit/86564051db45b466e5f667111ce00b5eeedc8fb6" "url": "https://github.com/jsummers/imageworsener/commit/86564051db45b466e5f667111ce00b5eeedc8fb6"
}, },
{ {
"name" : "GLSA-201706-06", "name": "https://blogs.gentoo.org/ago/2017/04/27/imageworsener-heap-based-buffer-overflow-in-iw_process_cols_to_intermediate-imagew-main-c/",
"refsource" : "GENTOO", "refsource": "MISC",
"url" : "https://security.gentoo.org/glsa/201706-06" "url": "https://blogs.gentoo.org/ago/2017/04/27/imageworsener-heap-based-buffer-overflow-in-iw_process_cols_to_intermediate-imagew-main-c/"
} }
] ]
} }

74
2017/8xxx/CVE-2017-8891.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-8891", "ID": "CVE-2017-8891",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a malformed lepton file because the code does not ensure setup of a correct number of threads." "value": "Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a malformed lepton file because the code does not ensure setup of a correct number of threads."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://openwall.com/lists/oss-security/2017/05/10/1", "name": "http://openwall.com/lists/oss-security/2017/05/10/1",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://openwall.com/lists/oss-security/2017/05/10/1" "url": "http://openwall.com/lists/oss-security/2017/05/10/1"
}, },
{ {
"name" : "https://github.com/dropbox/lepton/commit/82167c144a322cc956da45407f6dce8d4303d346", "name": "https://github.com/dropbox/lepton/issues/87",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/dropbox/lepton/commit/82167c144a322cc956da45407f6dce8d4303d346" "url": "https://github.com/dropbox/lepton/issues/87"
}, },
{ {
"name" : "https://github.com/dropbox/lepton/issues/87", "name": "https://github.com/dropbox/lepton/commit/82167c144a322cc956da45407f6dce8d4303d346",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/dropbox/lepton/issues/87" "url": "https://github.com/dropbox/lepton/commit/82167c144a322cc956da45407f6dce8d4303d346"
} }
] ]
} }

68
2018/10xxx/CVE-2018-10532.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10532", "ID": "CVE-2018-10532",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered on EE 4GEE HH70VB-2BE8GB3 HH70_E1_02.00_19 devices. Hardcoded root SSH credentials were discovered to be stored within the \"core_app\" binary utilised by the EE router for networking services. An attacker with knowledge of the default password (oelinux123) could login to the router via SSH as the root user, which could allow for the loss of confidentiality, integrity, and availability of the system. This would also allow for the bypass of the \"AP Isolation\" mode that is supported by the router, as well as the settings for multiple Wireless networks, which a user may use for guest clients." "value": "An issue was discovered on EE 4GEE HH70VB-2BE8GB3 HH70_E1_02.00_19 devices. Hardcoded root SSH credentials were discovered to be stored within the \"core_app\" binary utilised by the EE router for networking services. An attacker with knowledge of the default password (oelinux123) could login to the router via SSH as the root user, which could allow for the loss of confidentiality, integrity, and availability of the system. This would also allow for the bypass of the \"AP Isolation\" mode that is supported by the router, as well as the settings for multiple Wireless networks, which a user may use for guest clients."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://blog.jameshemmings.co.uk/2018/10/24/4gee-hh70-router-vulnerability-disclosure/", "name": "https://www.theregister.co.uk/2018/10/26/ee_4gee_hh70_ssh_backdoor/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://blog.jameshemmings.co.uk/2018/10/24/4gee-hh70-router-vulnerability-disclosure/" "url": "https://www.theregister.co.uk/2018/10/26/ee_4gee_hh70_ssh_backdoor/"
}, },
{ {
"name" : "https://www.theregister.co.uk/2018/10/26/ee_4gee_hh70_ssh_backdoor/", "name": "https://blog.jameshemmings.co.uk/2018/10/24/4gee-hh70-router-vulnerability-disclosure/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.theregister.co.uk/2018/10/26/ee_4gee_hh70_ssh_backdoor/" "url": "https://blog.jameshemmings.co.uk/2018/10/24/4gee-hh70-router-vulnerability-disclosure/"
} }
] ]
} }

74
2018/10xxx/CVE-2018-10718.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10718", "ID": "CVE-2018-10718",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 before 2018-04-26 allows remote attackers to execute arbitrary code via crafted packets." "value": "Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 before 2018-04-26 allows remote attackers to execute arbitrary code via crafted packets."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "44987", "name": "https://github.com/momo5502/cod-exploit",
"refsource" : "EXPLOIT-DB", "refsource": "MISC",
"url" : "https://www.exploit-db.com/exploits/44987/" "url": "https://github.com/momo5502/cod-exploit"
}, },
{ {
"name" : "https://github.com/momo5502/cod-exploit", "name": "https://momo5502.com/blog/?p=34",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/momo5502/cod-exploit" "url": "https://momo5502.com/blog/?p=34"
}, },
{ {
"name" : "https://momo5502.com/blog/?p=34", "name": "44987",
"refsource" : "MISC", "refsource": "EXPLOIT-DB",
"url" : "https://momo5502.com/blog/?p=34" "url": "https://www.exploit-db.com/exploits/44987/"
} }
] ]
} }

22
2018/10xxx/CVE-2018-10837.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10837", "ID": "CVE-2018-10837",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

78
2018/10xxx/CVE-2018-10843.json
View File

@ -1,79 +1,79 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "lpardo@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2018-10843", "ID": "CVE-2018-10843",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "source-to-image", "product_name": "source-to-image",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "atomic-openshift 3.7.53" "version_value": "atomic-openshift 3.7.53"
}, },
{ {
"version_value" : "atomic-openshift 3.9.31" "version_value": "atomic-openshift 3.9.31"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "[UNKNOWN]" "vendor_name": "[UNKNOWN]"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host which are normally only available to a root user." "value": "source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host which are normally only available to a root user."
} }
] ]
}, },
"impact" : { "impact": {
"cvss" : [ "cvss": [
[ [
{ {
"vectorString" : "8.5/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "vectorString": "8.5/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version" : "3.0" "version": "3.0"
} }
] ]
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-20" "value": "CWE-20"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10843", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10843",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10843" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10843"
}, },
{ {
"name" : "RHSA-2018:2013", "name": "RHSA-2018:2013",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2013" "url": "https://access.redhat.com/errata/RHSA-2018:2013"
} }
] ]
} }

91
2018/13xxx/CVE-2018-13053.json
View File

@ -1,81 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13053", "ID": "CVE-2018-13053",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used." "value": "The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.kernel.org/show_bug.cgi?id=200303", "name": "USN-3821-1",
"refsource" : "MISC", "refsource": "UBUNTU",
"url" : "https://bugzilla.kernel.org/show_bug.cgi?id=200303" "url": "https://usn.ubuntu.com/3821-1/"
}, },
{ {
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=5f936e19cc0ef97dbe3a56e9498922ad5ba1edef", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=5f936e19cc0ef97dbe3a56e9498922ad5ba1edef",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=5f936e19cc0ef97dbe3a56e9498922ad5ba1edef" "url": "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=5f936e19cc0ef97dbe3a56e9498922ad5ba1edef"
}, },
{ {
"name" : "USN-3821-1", "name": "https://bugzilla.kernel.org/show_bug.cgi?id=200303",
"refsource" : "UBUNTU", "refsource": "MISC",
"url" : "https://usn.ubuntu.com/3821-1/" "url": "https://bugzilla.kernel.org/show_bug.cgi?id=200303"
}, },
{ {
"name" : "USN-3821-2", "name": "USN-3821-2",
"refsource" : "UBUNTU", "refsource": "UBUNTU",
"url" : "https://usn.ubuntu.com/3821-2/" "url": "https://usn.ubuntu.com/3821-2/"
}, },
{ {
"name" : "104671", "refsource": "MLIST",
"refsource" : "BID", "name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
"url" : "http://www.securityfocus.com/bid/104671" "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
},
{
"name": "104671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104671"
} }
] ]
} }

68
2018/13xxx/CVE-2018-13491.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13491", "ID": "CVE-2018-13491",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The mintToken function of a smart contract implementation for Carrot, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value." "value": "The mintToken function of a smart contract implementation for Carrot, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md", "name": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/Carrot",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md" "url": "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/Carrot"
}, },
{ {
"name" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/Carrot", "name": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/BlockChainsSecurity/EtherTokens/tree/master/Carrot" "url": "https://github.com/BlockChainsSecurity/EtherTokens/blob/master/GEMCHAIN/mint%20integer%20overflow.md"
} }
] ]
} }

22
2018/13xxx/CVE-2018-13817.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13817", "ID": "CVE-2018-13817",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/17xxx/CVE-2018-17268.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-17268", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2018-17268",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none."
} }
] ]
} }

62
2018/17xxx/CVE-2018-17427.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17427", "ID": "CVE-2018-17427",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SIMDComp before 0.1.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) because it can read (and then discard) extra bytes." "value": "SIMDComp before 0.1.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) because it can read (and then discard) extra bytes."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/lemire/simdcomp/issues/21", "name": "https://github.com/lemire/simdcomp/issues/21",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/lemire/simdcomp/issues/21" "url": "https://github.com/lemire/simdcomp/issues/21"
} }
] ]
} }

74
2018/17xxx/CVE-2018-17859.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17859", "ID": "CVE-2018-17859",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in Joomla! before 3.8.13. Inadequate checks in com_contact could allow mail submission in disabled forms." "value": "An issue was discovered in Joomla! before 3.8.13. Inadequate checks in com_contact could allow mail submission in disabled forms."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://developer.joomla.org/security-centre/751-20181001-core-hardening-com-contact-contact-form.html", "name": "105559",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://developer.joomla.org/security-centre/751-20181001-core-hardening-com-contact-contact-form.html" "url": "http://www.securityfocus.com/bid/105559"
}, },
{ {
"name" : "105559", "name": "1041914",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/105559" "url": "http://www.securitytracker.com/id/1041914"
}, },
{ {
"name" : "1041914", "name": "https://developer.joomla.org/security-centre/751-20181001-core-hardening-com-contact-contact-form.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1041914" "url": "https://developer.joomla.org/security-centre/751-20181001-core-hardening-com-contact-contact-form.html"
} }
] ]
} }

68
2018/9xxx/CVE-2018-9137.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9137", "ID": "CVE-2018-9137",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Open-AudIT before 2.2 has CSV Injection." "value": "Open-AudIT before 2.2 has CSV Injection."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "44511", "name": "44511",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/44511/" "url": "https://www.exploit-db.com/exploits/44511/"
}, },
{ {
"name" : "https://community.opmantek.com/display/OA/Errata+-+2.1+Security+Update%2C+April+2018", "name": "https://community.opmantek.com/display/OA/Errata+-+2.1+Security+Update%2C+April+2018",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://community.opmantek.com/display/OA/Errata+-+2.1+Security+Update%2C+April+2018" "url": "https://community.opmantek.com/display/OA/Errata+-+2.1+Security+Update%2C+April+2018"
} }
] ]
} }

62
2018/9xxx/CVE-2018-9162.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9162", "ID": "CVE-2018-9162",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Contec Smart Home 4.15 devices do not require authentication for new_user.php, edit_user.php, delete_user.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors." "value": "Contec Smart Home 4.15 devices do not require authentication for new_user.php, edit_user.php, delete_user.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "44295", "name": "44295",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/44295/" "url": "https://www.exploit-db.com/exploits/44295/"
} }
] ]
} }

68
2018/9xxx/CVE-2018-9303.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9303", "ID": "CVE-2018-9303",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In Exiv2 0.26, an assertion failure in BigTiffImage::readData in bigtiffimage.cpp results in an abort." "value": "In Exiv2 0.26, an assertion failure in BigTiffImage::readData in bigtiffimage.cpp results in an abort."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/xiaoqx/pocs/blob/master/exiv2/readme.md", "name": "https://github.com/xiaoqx/pocs/blob/master/exiv2/readme.md",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/xiaoqx/pocs/blob/master/exiv2/readme.md" "url": "https://github.com/xiaoqx/pocs/blob/master/exiv2/readme.md"
}, },
{ {
"name" : "GLSA-201811-14", "name": "GLSA-201811-14",
"refsource" : "GENTOO", "refsource": "GENTOO",
"url" : "https://security.gentoo.org/glsa/201811-14" "url": "https://security.gentoo.org/glsa/201811-14"
} }
] ]
} }

88
2018/9xxx/CVE-2018-9503.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"DATE_PUBLIC" : "2018-10-02T00:00:00", "DATE_PUBLIC": "2018-10-02T00:00:00",
"ID" : "CVE-2018-9503", "ID": "CVE-2018-9503",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0" "version_value": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In rfc_process_mx_message of rfc_ts_frames.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-80432928" "value": "In rfc_process_mx_message of rfc_ts_frames.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-80432928"
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Information disclosure" "value": "Information disclosure"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://android.googlesource.com/platform/system/bt/+/92a7bf8c44a236607c146240f3c0adc1ae01fedf,", "name": "https://android.googlesource.com/platform/system/bt/+/92a7bf8c44a236607c146240f3c0adc1ae01fedf,",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://android.googlesource.com/platform/system/bt/+/92a7bf8c44a236607c146240f3c0adc1ae01fedf," "url": "https://android.googlesource.com/platform/system/bt/+/92a7bf8c44a236607c146240f3c0adc1ae01fedf,"
}, },
{ {
"name" : "https://android.googlesource.com/platform/system/bt/+/9fe27a9b445f7e911286ed31c1087ceac567736b", "name": "105482",
"refsource" : "MISC", "refsource": "BID",
"url" : "https://android.googlesource.com/platform/system/bt/+/9fe27a9b445f7e911286ed31c1087ceac567736b" "url": "http://www.securityfocus.com/bid/105482"
}, },
{ {
"name" : "https://android.googlesource.com/platform/system/bt/+/d4a34fefbf292d1e02336e4e272da3ef1e3eef85,", "name": "https://source.android.com/security/bulletin/2018-10-01,",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "https://android.googlesource.com/platform/system/bt/+/d4a34fefbf292d1e02336e4e272da3ef1e3eef85," "url": "https://source.android.com/security/bulletin/2018-10-01,"
}, },
{ {
"name" : "https://source.android.com/security/bulletin/2018-10-01,", "name": "https://android.googlesource.com/platform/system/bt/+/9fe27a9b445f7e911286ed31c1087ceac567736b",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://source.android.com/security/bulletin/2018-10-01," "url": "https://android.googlesource.com/platform/system/bt/+/9fe27a9b445f7e911286ed31c1087ceac567736b"
}, },
{ {
"name" : "105482", "name": "https://android.googlesource.com/platform/system/bt/+/d4a34fefbf292d1e02336e4e272da3ef1e3eef85,",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/105482" "url": "https://android.googlesource.com/platform/system/bt/+/d4a34fefbf292d1e02336e4e272da3ef1e3eef85,"
} }
] ]
} }