admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #212 from CVEProject/master

Browse Source 
XFA Rebase
This commit is contained in:
Scott Moore 2020-01-10 10:33:24 -05:00 committed by GitHub
commit 4debb9675c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
213 changed files with 6709 additions and 312 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
2010/3xxx/CVE-2010-3282.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2010-3282",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,83 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-rootpw, which might allow local users to obtain sensitive information by reading the log."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Disclosure"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "389 Directory Server",
"version": {
"version_data": [
{
"version_value": "before 1.2.7.1"
}
]
}
}
]
}
},
{
"vendor_name": "HP",
"product": {
"product_data": [
{
"product_name": "HP-UX Directory Server",
"version": {
"version_data": [
{
"version_value": "before B.08.10.03"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "OVAL",
"name": "oval:org.mitre.oval:def:6914",
"url": "http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6914"
},
{
"refsource": "CONFIRM",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=625950",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=625950"
},
{
"refsource": "CONFIRM",
"name": "https://git.fedorahosted.org/cgit/389/ds.git/commit/?id=d38ae06",
"url": "https://git.fedorahosted.org/cgit/389/ds.git/commit/?id=d38ae06"
},
{
"refsource": "CONFIRM",
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c02522633&docLocale=en_US",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c02522633&docLocale=en_US"
}
]
}

55
2011/4xxx/CVE-2011-4595.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4595",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "pretty-link plugin",
"version": {
"version_data": [
{
"version_value": "1.5.2"
}
]
}
}
]
},
"vendor_name": "pretty-link"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Pretty-Link WordPress plugin 1.5.2 has XSS"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.openwall.com/lists/oss-security/2011/12/08/5",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/12/08/5"
},
{
"refsource": "MISC",
"name": "https://wordpress.org/support/topic/plugin-pretty-link-lite-152-xss-vulnerability/",
"url": "https://wordpress.org/support/topic/plugin-pretty-link-lite-152-xss-vulnerability/"
}
]
}

68
2012/1xxx/CVE-2012-1258.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1258",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,71 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer before 9.0.1.19899 does not validate user permissions, which allow remote attackers to add user accounts with administrator privileges via the newuser, pwd, and selectedUserGroup parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://packetstormsecurity.org/files/111791/Scrutinizer-8.6.2-Bypass-Cross-Site-Scripting-SQL-Injection.html",
"url": "http://packetstormsecurity.org/files/111791/Scrutinizer-8.6.2-Bypass-Cross-Site-Scripting-SQL-Injection.html"
},
{
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/18750",
"url": "http://www.exploit-db.com/exploits/18750"
},
{
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/52989",
"url": "http://www.securityfocus.com/bid/52989"
},
{
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74824",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74824"
},
{
"refsource": "MISC",
"name": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/twsl2012-008-multiple-vulnerabilities-in-scrutinizer-netflow-sflow-analyzer/",
"url": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/twsl2012-008-multiple-vulnerabilities-in-scrutinizer-netflow-sflow-analyzer/"
}
]
}

68
2012/1xxx/CVE-2012-1259.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1259",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,71 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allow remote attackers to execute arbitrary SQL commands via the (1) addip parameter to cgi-bin/scrut_fa_exclusions.cgi, (2) getPermissionsAndPreferences parameter to cgi-bin/login.cgi, or (3) possibly certain parameters to d4d/alarms.php as demonstrated by the search_str parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://packetstormsecurity.org/files/111791/Scrutinizer-8.6.2-Bypass-Cross-Site-Scripting-SQL-Injection.html",
"url": "http://packetstormsecurity.org/files/111791/Scrutinizer-8.6.2-Bypass-Cross-Site-Scripting-SQL-Injection.html"
},
{
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/18750",
"url": "http://www.exploit-db.com/exploits/18750"
},
{
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/52989",
"url": "http://www.securityfocus.com/bid/52989"
},
{
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74826",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74826"
},
{
"refsource": "MISC",
"name": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/twsl2012-008-multiple-vulnerabilities-in-scrutinizer-netflow-sflow-analyzer/",
"url": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/twsl2012-008-multiple-vulnerabilities-in-scrutinizer-netflow-sflow-analyzer/"
}
]
}

68
2012/1xxx/CVE-2012-1260.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1260",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,71 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting (XSS) vulnerability in cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allows remote attackers to inject arbitrary web script or HTML via the newUser parameter. NOTE: this might not be a vulnerability, since an administrator might already have the privileges to create arbitrary script."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://packetstormsecurity.org/files/111791/Scrutinizer-8.6.2-Bypass-Cross-Site-Scripting-SQL-Injection.html",
"url": "http://packetstormsecurity.org/files/111791/Scrutinizer-8.6.2-Bypass-Cross-Site-Scripting-SQL-Injection.html"
},
{
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/18750",
"url": "http://www.exploit-db.com/exploits/18750"
},
{
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/52989",
"url": "http://www.securityfocus.com/bid/52989"
},
{
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74825",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74825"
},
{
"refsource": "MISC",
"name": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/twsl2012-008-multiple-vulnerabilities-in-scrutinizer-netflow-sflow-analyzer/",
"url": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/twsl2012-008-multiple-vulnerabilities-in-scrutinizer-netflow-sflow-analyzer/"
}
]
}

68
2012/1xxx/CVE-2012-1261.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1261",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,71 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting (XSS) vulnerability in cgi-bin/scrut_fa_exclusions.cgi in Plixer International Scrutinizer NetFlow and sFlow Analyzer 8.6.2.16204 and other versions before 9.0.1.19899 allows remote attackers to inject arbitrary web script or HTML via the standalone parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://packetstormsecurity.org/files/111791/Scrutinizer-8.6.2-Bypass-Cross-Site-Scripting-SQL-Injection.html",
"url": "http://packetstormsecurity.org/files/111791/Scrutinizer-8.6.2-Bypass-Cross-Site-Scripting-SQL-Injection.html"
},
{
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/18750",
"url": "http://www.exploit-db.com/exploits/18750"
},
{
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/52989",
"url": "http://www.securityfocus.com/bid/52989"
},
{
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74827",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74827"
},
{
"refsource": "MISC",
"name": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/twsl2012-008-multiple-vulnerabilities-in-scrutinizer-netflow-sflow-analyzer/",
"url": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/twsl2012-008-multiple-vulnerabilities-in-scrutinizer-netflow-sflow-analyzer/"
}
]
}

48
2012/1xxx/CVE-2012-1915.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1915",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "54620",
"url": "http://www.securityfocus.com/bid/54620"
}
]
}

75
2012/2xxx/CVE-2012-2142.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2142",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,76 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "poppler",
"product": {
"product_data": [
{
"product_name": "poppler",
"version": {
"version_data": [
{
"version_value": "before 0.21.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/08/09/6",
"url": "http://www.openwall.com/lists/oss-security/2013/08/09/6"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/08/09/5",
"url": "http://www.openwall.com/lists/oss-security/2013/08/09/5"
},
{
"refsource": "MISC",
"name": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d08992c8db56845c71e40",
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d08992c8db56845c71e40"
},
{
"refsource": "MISC",
"name": "http://cgit.freedesktop.org/poppler/poppler/commit/NEWS?id=2bc48d5369f1dbecfc4db2878f33bdeb80d8d90f",
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/NEWS?id=2bc48d5369f1dbecfc4db2878f33bdeb80d8d90f"
},
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=789936",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=789936"
},
{
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00049.html",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00049.html"
}
]
}

53
2012/2xxx/CVE-2012-2226.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2226",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Invision Power Board before 3.3.1 fails to sanitize user-supplied input which could allow remote attackers to obtain sensitive information or execute arbitrary code by uploading a malicious file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "52998",
"url": "http://www.securityfocus.com/bid/52998"
},
{
"refsource": "XF",
"name": "74855",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74855"
}
]
}

65
2012/2xxx/CVE-2012-2714.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2714",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,66 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The BrowserID (Mozilla Persona) module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users via the audience identifier."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "BrowserID",
"product": {
"product_data": [
{
"product_name": "BrowserID",
"version": {
"version_data": [
{
"version_value": "7.x-1.x before 7.x-1.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://drupal.org/node/1597414",
"url": "http://drupal.org/node/1597414"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/06/14/3",
"url": "http://www.openwall.com/lists/oss-security/2012/06/14/3"
},
{
"refsource": "MISC",
"name": "https://drupal.org/node/1596464",
"url": "https://drupal.org/node/1596464"
},
{
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53673",
"url": "http://www.securityfocus.com/bid/53673"
}
]
}

101
2012/2xxx/CVE-2012-2724.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2724",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,102 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Simplenews module 6.x-1.x before 6.x-1.4, 6.x-2.x before 6.x-2.0-alpha4, and 7.x-1.x before 7.x-1.0-rc1 for Drupal reveals the email addresses of new mailing list subscribers when confirmation is required, which allows remote attackers to obtain sensitive information via the confirmation page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Disclosure"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Simplenews",
"product": {
"product_data": [
{
"product_name": "Simplenews",
"version": {
"version_data": [
{
"version_value": "6.x-1.x before 6.x-1.4"
},
{
"version_value": "6.x-2.x before 6.x-2.0-alpha4"
},
{
"version_value": "and 7.x-1.x before 7.x-1.0-rc1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://drupal.org/node/1619848",
"url": "http://drupal.org/node/1619848"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/06/14/3",
"url": "http://www.openwall.com/lists/oss-security/2012/06/14/3"
},
{
"refsource": "MISC",
"name": "http://drupal.org/node/1619812",
"url": "http://drupal.org/node/1619812"
},
{
"refsource": "MISC",
"name": "http://drupal.org/node/1619818",
"url": "http://drupal.org/node/1619818"
},
{
"refsource": "MISC",
"name": "http://drupal.org/node/1619820",
"url": "http://drupal.org/node/1619820"
},
{
"refsource": "MISC",
"name": "http://drupalcode.org/project/simplenews.git/commitdiff/36352c1",
"url": "http://drupalcode.org/project/simplenews.git/commitdiff/36352c1"
},
{
"refsource": "MISC",
"name": "http://drupalcode.org/project/simplenews.git/commitdiff/6d5704c",
"url": "http://drupalcode.org/project/simplenews.git/commitdiff/6d5704c"
},
{
"refsource": "MISC",
"name": "http://drupalcode.org/project/simplenews.git/commitdiff/faec6a6",
"url": "http://drupalcode.org/project/simplenews.git/commitdiff/faec6a6"
},
{
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53839",
"url": "http://www.securityfocus.com/bid/53839"
},
{
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76143",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76143"
}
]
}

48
2012/2xxx/CVE-2012-2931.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2931",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "PHP code injection in TinyWebGallery before 1.8.8 allows remote authenticated users with admin privileges to inject arbitrary code into the .htusers.php file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.htbridge.com/advisory/HTB23093",
"refsource": "MISC",
"name": "https://www.htbridge.com/advisory/HTB23093"
}
]
}

53
2012/2xxx/CVE-2012-2950.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2950",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Gateway Geomatics MapServer for Windows before 3.0.6 contains a Local File Include Vulnerability which allows remote attackers to execute local PHP code and obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "53737",
"url": "http://www.securityfocus.com/bid/53737"
},
{
"refsource": "XF",
"name": "75983",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75983"
}
]
}

70
2012/3xxx/CVE-2012-3490.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3490",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,71 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created with root privileges and allow remote attackers to gain privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Condor",
"product": {
"product_data": [
{
"product_name": "Condor",
"version": {
"version_data": [
{
"version_value": "7.6.x before 7.6.10 and 7.8.x before 7.8.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=94e84ce4",
"url": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=94e84ce4"
},
{
"refsource": "MISC",
"name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
},
{
"refsource": "MISC",
"name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/20/9",
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3490",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3490"
}
]
}

58
2012/3xxx/CVE-2012-3806.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3806",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Samsung Kies before 2.5.0.12094_27_11 contains a NULL pointer dereference vulnerability which could allow remote attackers to perform a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "55936",
"url": "https://www.securityfocus.com/bid/55936"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/cve/CVE-2012-3806",
"url": "https://packetstormsecurity.com/files/cve/CVE-2012-3806"
},
{
"refsource": "MISC",
"name": "https://www.tenable.com/plugins/nessus/65612",
"url": "https://www.tenable.com/plugins/nessus/65612"
}
]
}

58
2012/3xxx/CVE-2012-3807.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3807",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Samsung Kies before 2.5.0.12094_27_11 has arbitrary file execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "55936",
"url": "https://www.securityfocus.com/bid/55936"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/cve/CVE-2012-3806",
"url": "https://packetstormsecurity.com/files/cve/CVE-2012-3806"
},
{
"refsource": "MISC",
"name": "https://www.tenable.com/plugins/nessus/65612",
"url": "https://www.tenable.com/plugins/nessus/65612"
}
]
}

58
2012/3xxx/CVE-2012-3808.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3808",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Samsung Kies before 2.5.0.12094_27_11 has arbitrary file modification."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "55936",
"url": "https://www.securityfocus.com/bid/55936"
},
{
"refsource": "MISC",
"name": "https://www.tenable.com/plugins/nessus/65612",
"url": "https://www.tenable.com/plugins/nessus/65612"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/cve/CVE-2012-3808",
"url": "https://packetstormsecurity.com/files/cve/CVE-2012-3808"
}
]
}

58
2012/3xxx/CVE-2012-3809.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3809",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Samsung Kies before 2.5.0.12094_27_11 has arbitrary directory modification."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "55936",
"url": "https://www.securityfocus.com/bid/55936"
},
{
"refsource": "MISC",
"name": "https://www.tenable.com/plugins/nessus/65612",
"url": "https://www.tenable.com/plugins/nessus/65612"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/cve/CVE-2012-3809",
"url": "https://packetstormsecurity.com/files/cve/CVE-2012-3809"
}
]
}

58
2012/3xxx/CVE-2012-3810.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3810",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Samsung Kies before 2.5.0.12094_27_11 has registry modification."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "55936",
"url": "https://www.securityfocus.com/bid/55936"
},
{
"refsource": "MISC",
"name": "https://www.tenable.com/plugins/nessus/65612",
"url": "https://www.tenable.com/plugins/nessus/65612"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/cve/CVE-2012-3809",
"url": "https://packetstormsecurity.com/files/cve/CVE-2012-3809"
}
]
}

60
2012/4xxx/CVE-2012-4434.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4434",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,61 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "fwknop before 2.0.3 allow remote authenticated users to cause a denial of service (server crash) or possibly execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "fwknop",
"product": {
"product_data": [
{
"product_name": "fwknop",
"version": {
"version_data": [
{
"version_value": "before 2.0.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/19/2",
"url": "http://www.openwall.com/lists/oss-security/2012/09/19/2"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/20/4",
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/4"
},
{
"refsource": "MISC",
"name": "http://www.cipherdyne.org/blog/2012/09/software-release-fwknop-2.0.3.html",
"url": "http://www.cipherdyne.org/blog/2012/09/software-release-fwknop-2.0.3.html"
}
]
}

75
2012/5xxx/CVE-2012-5558.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5558",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,76 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting (XSS) vulnerability in the Smiley module 6.x-1.x versions prior to 6.x-1.1 and Smileys module 6.x-1.x versions prior to 6.x-1.1 for Drupal allows remote authenticated users with the \"administer smiley\" permission to inject arbitrary web script or HTML via a smiley acronym."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Smiley;Smileys",
"product": {
"product_data": [
{
"product_name": "Smiley",
"version": {
"version_data": [
{
"version_value": "6.x-1.x versions prior to 6.x-1.1"
}
]
}
},
{
"product_name": "Smileys",
"version": {
"version_data": [
{
"version_value": "6.x-1.x versions prior to 6.x-1.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://drupal.org/node/1840892",
"url": "http://drupal.org/node/1840892"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/11/20/4",
"url": "http://www.openwall.com/lists/oss-security/2012/11/20/4"
},
{
"refsource": "MISC",
"name": "http://drupal.org/node/1840954",
"url": "http://drupal.org/node/1840954"
},
{
"refsource": "MISC",
"name": "http://drupal.org/node/1840956",
"url": "http://drupal.org/node/1840956"
}
]
}

58
2013/6xxx/CVE-2013-6231.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-6231",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SpagoBI before 4.1 has Privilege Escalation via an error in the AdapterHTTP script"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/65925",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/65925"
},
{
"url": "http://www.exploit-db.com/exploits/31990",
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/31990"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91495",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91495"
}
]
}

60
2013/6xxx/CVE-2013-6430.json
View File

@ -1,8 +1,8 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-6430",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +11,61 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a (1) line separator or (2) paragraph separator Unicode character or (3) left or (4) right angle bracket."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Pivotal",
"product": {
"product_data": [
{
"product_name": "Spring MVC",
"version": {
"version_data": [
{
"version_value": "before 3.2.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.gopivotal.com/security/cve-2013-6430",
"url": "http://www.gopivotal.com/security/cve-2013-6430"
},
{
"refsource": "MISC",
"name": "https://github.com/spring-projects/spring-framework/commit/7a7df6637478607bef0277bf52a4e0a03e20a248",
"url": "https://github.com/spring-projects/spring-framework/commit/7a7df6637478607bef0277bf52a4e0a03e20a248"
},
{
"refsource": "MISC",
"name": "https://jira.springsource.org/browse/SPR-9983",
"url": "https://jira.springsource.org/browse/SPR-9983"
}
]
}

53
2013/7xxx/CVE-2013-7380.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-7380",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Etherpad Lite ep_imageconvert Plugin has a Remote Command Injection Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2014/05/15/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/05/15/2"
},
{
"url": "http://www.securityfocus.com/bid/67351",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/67351"
}
]
}

5
2014/0xxx/CVE-2014-0114.json
View File

@ -626,6 +626,11 @@
"refsource": "MLIST",
"name": "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities",
"url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[activemq-issues] 20200109 [jira] [Resolved] (ARTEMIS-2470) Update Apache BeanUtils to Address CVE-2014-0114",
"url": "https://lists.apache.org/thread.html/r75d67108e557bb5d4c4318435067714a0180de525314b7e8dab9d04e@%3Cissues.activemq.apache.org%3E"
}
]
}

48
2014/4xxx/CVE-2014-4530.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4530",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "flog plugin 0.1 for WordPress has XSS"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://codevigilant.com/disclosure/wp-plugin-flog-a3-cross-site-scripting-xss/",
"refsource": "MISC",
"name": "http://codevigilant.com/disclosure/wp-plugin-flog-a3-cross-site-scripting-xss/"
}
]
}

48
2014/4xxx/CVE-2014-4561.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4561",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The ultimate-weather plugin 1.0 for WordPress has XSS"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://codevigilant.com/disclosure/wp-plugin-ultimate-weather-plugin-a3-cross-site-scripting-xss/",
"refsource": "MISC",
"name": "http://codevigilant.com/disclosure/wp-plugin-ultimate-weather-plugin-a3-cross-site-scripting-xss/"
}
]
}

63
2014/4xxx/CVE-2014-4982.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4982",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "LPAR2RRD \u2264 4.53 and \u2264 3.5 has arbitrary command injection on the application server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://packetstormsecurity.com/files/127593/LPAR2RRD-3.5-4.53-Command-Injection.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/127593/LPAR2RRD-3.5-4.53-Command-Injection.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2014/07/23/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/07/23/6"
},
{
"url": "http://www.securityfocus.com/bid/68850",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/68850"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94785",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94785"
}
]
}

58
2014/4xxx/CVE-2014-4984.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4984",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "D\u00e9j\u00e0 Vu Crescendo Sales CRM has remote SQL Injection"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://packetstormsecurity.com/files/127769/Crescendo-Sales-CRM-SQL-Injection.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/127769/Crescendo-Sales-CRM-SQL-Injection.html"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95176",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95176"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/bid/69085/info",
"url": "https://www.securityfocus.com/bid/69085/info"
}
]
}

53
2014/5xxx/CVE-2014-5011.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5011",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "DOMPDF before 0.6.2 allows Information Disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/dompdf/dompdf/releases/tag/v0.6.2",
"refsource": "MISC",
"name": "https://github.com/dompdf/dompdf/releases/tag/v0.6.2"
},
{
"url": "https://github.com/dompdf/dompdf/compare/v0.6.1...v0.6.2",
"refsource": "MISC",
"name": "https://github.com/dompdf/dompdf/compare/v0.6.1...v0.6.2"
}
]
}

53
2014/5xxx/CVE-2014-5012.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5012",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "DOMPDF before 0.6.2 allows denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/dompdf/dompdf/releases/tag/v0.6.2",
"refsource": "MISC",
"name": "https://github.com/dompdf/dompdf/releases/tag/v0.6.2"
},
{
"url": "https://github.com/dompdf/dompdf/compare/v0.6.1...v0.6.2",
"refsource": "MISC",
"name": "https://github.com/dompdf/dompdf/compare/v0.6.1...v0.6.2"
}
]
}

53
2014/5xxx/CVE-2014-5013.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5013",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "DOMPDF before 0.6.2 allows remote code execution, a related issue to CVE-2014-2383."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/dompdf/dompdf/releases/tag/v0.6.2",
"refsource": "MISC",
"name": "https://github.com/dompdf/dompdf/releases/tag/v0.6.2"
},
{
"url": "https://github.com/dompdf/dompdf/compare/v0.6.1...v0.6.2",
"refsource": "MISC",
"name": "https://github.com/dompdf/dompdf/compare/v0.6.1...v0.6.2"
}
]
}

53
2014/5xxx/CVE-2014-5081.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5081",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "sphider prior to 1.3.6, sphider-pro prior to 3.2, and sphider-plus prior to 3.2 allow authentication bypass"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://packetstormsecurity.com/files/127720/Sphider-Search-Engine-Command-Execution-SQL-Injection.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/127720/Sphider-Search-Engine-Command-Execution-SQL-Injection.html"
},
{
"refsource": "EXPLOIT-DB",
"name": "Exploit Database",
"url": "https://www.exploit-db.com/exploits/34238"
}
]
}

53
2014/5xxx/CVE-2014-5092.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5092",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Status2k allows Remote Command Execution in admin/options/editpl.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://packetstormsecurity.com/files/127719/Status2k-XSS-SQL-Injection-Command-Execution.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/127719/Status2k-XSS-SQL-Injection-Command-Execution.html"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95112",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95112"
}
]
}

53
2014/5xxx/CVE-2014-5093.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5093",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Status2k does not remove the install directory allowing credential reset."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://packetstormsecurity.com/files/127719/Status2k-XSS-SQL-Injection-Command-Execution.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/127719/Status2k-XSS-SQL-Injection-Command-Execution.html"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95113",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95113"
}
]
}

31
2014/5xxx/CVE-2014-5118.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "A Security Bypass Vulnerability exists in TBOOT before 1.8.2 in the boot loader module when measuring commandline parameters."
"value": "Trusted Boot (tboot) before 1.8.2 has a 'loader.c' Security Bypass Vulnerability"
}
]
},
@ -52,25 +52,30 @@
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-5118",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-5118"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2014-5118",
"refsource": "MISC",
"name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2014-5118"
},
{
"url": "http://www.securityfocus.com/bid/68960",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/68960"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95063",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2014/07/29/1",
"url": "https://www.openwall.com/lists/oss-security/2014/07/29/1"
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95063"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136768.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136768.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136778.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136778.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2014/07/30/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/07/30/4"
}
]
}

5
2014/7xxx/CVE-2014-7297.json
View File

@ -56,6 +56,11 @@
"name": "http://themeforest.net/item/enfold-responsive-multipurpose-theme/4519990",
"refsource": "CONFIRM",
"url": "http://themeforest.net/item/enfold-responsive-multipurpose-theme/4519990"
},
{
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/9809",
"url": "https://wpvulndb.com/vulnerabilities/9809"
}
]
}

5
2016/4xxx/CVE-2016-4980.json
View File

@ -52,6 +52,11 @@
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1346016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346016"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-4980",
"refsource": "MISC",

62
2016/5xxx/CVE-2016-5285.json
View File

@ -8,15 +8,15 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "NSS",
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "NSS",
"product_name": "Network Security Services",
"version": {
"version_data": [
{
"version_value": "before 3.26"
"version_value": "3.24"
}
]
}
@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Null pointer dereference vulnerability exists in K11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime in NSS before 3.26, which causes the TLS/SSL server using NSS to crash."
"value": "A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service."
}
]
},
@ -44,7 +44,7 @@
"description": [
{
"lang": "eng",
"value": "Missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime causes server crash"
"value": "denial of service"
}
]
}
@ -52,40 +52,50 @@
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2016-5285",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2016-5285"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-5285",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-5285"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2016-5285",
"refsource": "MISC",
"name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2016-5285"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html"
},
{
"url": "http://www.securityfocus.com/bid/94349",
"refsource": "MISC",
"name": "https://downloads.avaya.com/css/P8/documents/101033728",
"url": "https://downloads.avaya.com/css/P8/documents/101033728"
"name": "http://www.securityfocus.com/bid/94349"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html",
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/cve/CVE-2016-5285",
"url": "https://packetstormsecurity.com/files/cve/CVE-2016-5285"
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html"
},
{
"url": "https://security.gentoo.org/glsa/201701-46",
"refsource": "MISC",
"name": "https://www.rapid7.com/db/vulnerabilities/amazon_linux-cve-2016-5285",
"url": "https://www.rapid7.com/db/vulnerabilities/amazon_linux-cve-2016-5285"
"name": "https://security.gentoo.org/glsa/201701-46"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2016-2779.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2016-2779.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html"
},
{
"url": "http://www.ubuntu.com/usn/USN-3163-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-3163-1"
},
{
"url": "https://bto.bluecoat.com/security-advisory/sa137",
"refsource": "MISC",
"name": "https://bto.bluecoat.com/security-advisory/sa137"
},
{
"refsource": "CONFIRM",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103"
}
]
}

80
2016/5xxx/CVE-2016-5311.json
View File

@ -1,8 +1,41 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2016-5311",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Symantec",
"product": {
"product_data": [
{
"product_name": "Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360",
"version": {
"version_data": [
{
"version_value": "before 22.7"
}
]
}
},
{
"product_name": "Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client",
"version": {
"version_data": [
{
"version_value": "before 22.8.0.50"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +44,48 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "untrusted search path"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.securityfocus.com/bid/94295",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/94295"
},
{
"url": "http://www.securitytracker.com/id/1037323",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1037323"
},
{
"url": "http://www.securitytracker.com/id/1037324",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1037324"
},
{
"url": "http://www.securitytracker.com/id/1037325",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1037325"
},
{
"refsource": "CONFIRM",
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20161117_00",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20161117_00"
}
]
}

10
2017/9xxx/CVE-2017-9841.json
View File

@ -57,11 +57,6 @@
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101798"
},
{
"name": "http://phpunit.vulnbusters.com/",
"refsource": "MISC",
"url": "http://phpunit.vulnbusters.com/"
},
{
"name": "https://github.com/sebastianbergmann/phpunit/commit/284a69fb88a2d0845d23f42974a583d8f59bf5a5",
"refsource": "MISC",
@ -81,6 +76,11 @@
"name": "GLSA-201711-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-15"
},
{
"refsource": "MISC",
"name": "http://web.archive.org/web/20170701212357/http://phpunit.vulnbusters.com/",
"url": "http://web.archive.org/web/20170701212357/http://phpunit.vulnbusters.com/"
}
]
}

5
2018/0xxx/CVE-2018-0576.json
View File

@ -61,6 +61,11 @@
"name": "JVN#85531148",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN85531148/index.html"
},
{
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/9609",
"url": "https://wpvulndb.com/vulnerabilities/9609"
}
]
}

5
2018/12xxx/CVE-2018-12327.json
View File

@ -91,6 +91,11 @@
"refsource": "CONFIRM",
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us"
},
{
"refsource": "UBUNTU",
"name": "USN-4229-1",
"url": "https://usn.ubuntu.com/4229-1/"
}
]
}

14
2018/12xxx/CVE-2018-12380.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12380",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-12380",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-17009. Reason: This candidate is a duplicate of CVE-2019-17009. Notes: All CVE users should reference CVE-2019-17009 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

10
2019/11xxx/CVE-2019-11745.json
View File

@ -83,6 +83,16 @@
"refsource": "CONFIRM",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1586176",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1586176"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0003",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0002",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00001.html"
}
]
},

5
2019/12xxx/CVE-2019-12614.json
View File

@ -136,6 +136,11 @@
"refsource": "BUGTRAQ",
"name": "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)",
"url": "https://seclists.org/bugtraq/2020/Jan/10"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
"url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
}
]
}

62
2019/14xxx/CVE-2019-14918.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14918",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XSS in the DHCP lease-status table in Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an attacker to inject arbitrary HTML/JavaScript code to achieve client-side code execution via crafted DHCP request packets to etc_ro/web/internet/dhcpcliinfo.asp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/InnotecSystem/Device-Reversing/wiki/XSS-Injection-via-DHCP-requests",
"url": "https://github.com/InnotecSystem/Device-Reversing/wiki/XSS-Injection-via-DHCP-requests"
}
]
}
}

62
2019/14xxx/CVE-2019-14919.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14919",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An exposed Telnet Service on the Billion Smart Energy Router SG600R2 with firmware v3.02.rc6 allows a local network attacker to authenticate via hardcoded credentials into a shell, gaining root execution privileges over the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/InnotecSystem/Device-Reversing/wiki/Firmware-Inspection",
"url": "https://github.com/InnotecSystem/Device-Reversing/wiki/Firmware-Inspection"
}
]
}
}

62
2019/14xxx/CVE-2019-14920.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-14920",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an authenticated attacker to gain root execution privileges over the device via a hidden etc_ro/web/adm/system_command.asp shell feature."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/InnotecSystem/Device-Reversing/wiki/Firmware-Inspection",
"url": "https://github.com/InnotecSystem/Device-Reversing/wiki/Firmware-Inspection"
}
]
}
}

5
2019/15xxx/CVE-2019-15291.json
View File

@ -86,6 +86,11 @@
"refsource": "BUGTRAQ",
"name": "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)",
"url": "https://seclists.org/bugtraq/2020/Jan/10"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
"url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
}
]
}

5
2019/15xxx/CVE-2019-15917.json
View File

@ -86,6 +86,11 @@
"refsource": "BUGTRAQ",
"name": "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)",
"url": "https://seclists.org/bugtraq/2020/Jan/10"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
"url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
}
]
}

5
2019/16xxx/CVE-2019-16773.json
View File

@ -71,6 +71,11 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/9975",
"url": "https://wpvulndb.com/vulnerabilities/9975"
},
{
"name": "https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/",
"refsource": "MISC",

5
2019/16xxx/CVE-2019-16788.json
View File

@ -71,6 +71,11 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/9973",
"url": "https://wpvulndb.com/vulnerabilities/9973"
},
{
"name": "https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/",
"refsource": "MISC",

10
2019/17xxx/CVE-2019-17005.json
View File

@ -83,6 +83,16 @@
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-37/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-37/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0003",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0002",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00001.html"
}
]
},

10
2019/17xxx/CVE-2019-17008.json
View File

@ -83,6 +83,16 @@
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-37/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-37/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0003",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0002",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00001.html"
}
]
},

10
2019/17xxx/CVE-2019-17009.json
View File

@ -83,6 +83,16 @@
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-37/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-37/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0003",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0002",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00001.html"
}
]
},

10
2019/17xxx/CVE-2019-17010.json
View File

@ -83,6 +83,16 @@
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-37/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-37/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0003",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0002",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00001.html"
}
]
},

10
2019/17xxx/CVE-2019-17011.json
View File

@ -83,6 +83,16 @@
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-37/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-37/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0003",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0002",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00001.html"
}
]
},

10
2019/17xxx/CVE-2019-17012.json
View File

@ -83,6 +83,16 @@
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2019-37/",
"url": "https://www.mozilla.org/security/advisories/mfsa2019-37/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0003",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:0002",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00001.html"
}
]
},

5
2019/17xxx/CVE-2019-17016.json
View File

@ -83,6 +83,11 @@
"refsource": "DEBIAN",
"name": "DSA-4600",
"url": "https://www.debian.org/security/2020/dsa-4600"
},
{
"refsource": "UBUNTU",
"name": "USN-4234-1",
"url": "https://usn.ubuntu.com/4234-1/"
}
]
},

5
2019/17xxx/CVE-2019-17017.json
View File

@ -83,6 +83,11 @@
"refsource": "DEBIAN",
"name": "DSA-4600",
"url": "https://www.debian.org/security/2020/dsa-4600"
},
{
"refsource": "UBUNTU",
"name": "USN-4234-1",
"url": "https://usn.ubuntu.com/4234-1/"
}
]
},

5
2019/17xxx/CVE-2019-17020.json
View File

@ -53,6 +53,11 @@
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2020-01/",
"url": "https://www.mozilla.org/security/advisories/mfsa2020-01/"
},
{
"refsource": "UBUNTU",
"name": "USN-4234-1",
"url": "https://usn.ubuntu.com/4234-1/"
}
]
},

5
2019/17xxx/CVE-2019-17022.json
View File

@ -83,6 +83,11 @@
"refsource": "DEBIAN",
"name": "DSA-4600",
"url": "https://www.debian.org/security/2020/dsa-4600"
},
{
"refsource": "UBUNTU",
"name": "USN-4234-1",
"url": "https://usn.ubuntu.com/4234-1/"
}
]
},

5
2019/17xxx/CVE-2019-17023.json
View File

@ -53,6 +53,11 @@
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2020-01/",
"url": "https://www.mozilla.org/security/advisories/mfsa2020-01/"
},
{
"refsource": "UBUNTU",
"name": "USN-4234-1",
"url": "https://usn.ubuntu.com/4234-1/"
}
]
},

5
2019/17xxx/CVE-2019-17024.json
View File

@ -83,6 +83,11 @@
"refsource": "DEBIAN",
"name": "DSA-4600",
"url": "https://www.debian.org/security/2020/dsa-4600"
},
{
"refsource": "UBUNTU",
"name": "USN-4234-1",
"url": "https://usn.ubuntu.com/4234-1/"
}
]
},

5
2019/17xxx/CVE-2019-17025.json
View File

@ -53,6 +53,11 @@
"refsource": "CONFIRM",
"name": "https://www.mozilla.org/security/advisories/mfsa2020-01/",
"url": "https://www.mozilla.org/security/advisories/mfsa2020-01/"
},
{
"refsource": "UBUNTU",
"name": "USN-4234-1",
"url": "https://usn.ubuntu.com/4234-1/"
}
]
},

5
2019/17xxx/CVE-2019-17571.json
View File

@ -153,6 +153,11 @@
"refsource": "MLIST",
"name": "[tika-dev] 20200108 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]",
"url": "https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7@%3Cdev.tika.apache.org%3E"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200110-0001/",
"url": "https://security.netapp.com/advisory/ntap-20200110-0001/"
}
]
},

2
2019/18xxx/CVE-2019-18386.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Systems management on Unisys Libra and Libra Software Series, with MCP-FIRMWARE through 2019-10-23, can fault and have other unspecified impact when receiving specifically crafted message payloads over a systems management communication channel."
"value": "Systems management on Unisys ClearPath Forward Libra and ClearPath MCP Software Series can fault and have other unspecified impact when receiving specifically crafted message payloads over a systems management communication channel"
}
]
},

5
2019/18xxx/CVE-2019-18660.json
View File

@ -126,6 +126,11 @@
"refsource": "BUGTRAQ",
"name": "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)",
"url": "https://seclists.org/bugtraq/2020/Jan/10"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
"url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
}
]
}

5
2019/18xxx/CVE-2019-18683.json
View File

@ -81,6 +81,11 @@
"refsource": "BUGTRAQ",
"name": "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)",
"url": "https://seclists.org/bugtraq/2020/Jan/10"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
"url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
}
]
}

62
2019/18xxx/CVE-2019-18859.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18859",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Digi AnywhereUSB 14 allows XSS via a link for the Digi Page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://gist.github.com/RNPG/e0d25ad51aa5c288b9005900f88a4f03",
"url": "https://gist.github.com/RNPG/e0d25ad51aa5c288b9005900f88a4f03"
}
]
}
}

18
2019/18xxx/CVE-2019-18961.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-18961",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none."
}
]
}
}

18
2019/18xxx/CVE-2019-18962.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-18962",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none."
}
]
}
}

18
2019/18xxx/CVE-2019-18963.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-18963",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none."
}
]
}
}

18
2019/18xxx/CVE-2019-18964.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-18964",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none."
}
]
}
}

18
2019/18xxx/CVE-2019-18965.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-18965",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none."
}
]
}
}

18
2019/18xxx/CVE-2019-18966.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-18966",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none."
}
]
}
}

18
2019/18xxx/CVE-2019-18967.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-18967",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none."
}
]
}
}

18
2019/18xxx/CVE-2019-18968.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-18968",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none."
}
]
}
}

18
2019/18xxx/CVE-2019-18969.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-18969",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none."
}
]
}
}

18
2019/18xxx/CVE-2019-18970.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-18970",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none."
}
]
}
}

5
2019/19xxx/CVE-2019-19057.json
View File

@ -81,6 +81,11 @@
"refsource": "BUGTRAQ",
"name": "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)",
"url": "https://seclists.org/bugtraq/2020/Jan/10"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
"url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
}
]
}

5
2019/19xxx/CVE-2019-19062.json
View File

@ -81,6 +81,11 @@
"refsource": "BUGTRAQ",
"name": "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)",
"url": "https://seclists.org/bugtraq/2020/Jan/10"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
"url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
}
]
}

5
2019/19xxx/CVE-2019-19063.json
View File

@ -81,6 +81,11 @@
"refsource": "BUGTRAQ",
"name": "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)",
"url": "https://seclists.org/bugtraq/2020/Jan/10"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
"url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
}
]
}

5
2019/19xxx/CVE-2019-19227.json
View File

@ -76,6 +76,11 @@
"refsource": "BUGTRAQ",
"name": "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)",
"url": "https://seclists.org/bugtraq/2020/Jan/10"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
"url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
}
]
}

5
2019/19xxx/CVE-2019-19332.json
View File

@ -58,6 +58,11 @@
"url": "https://lore.kernel.org/kvm/000000000000ea5ec20598d90e50@google.com/",
"refsource": "MISC",
"name": "https://lore.kernel.org/kvm/000000000000ea5ec20598d90e50@google.com/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
"url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
}
]
},

5
2019/19xxx/CVE-2019-19524.json
View File

@ -106,6 +106,11 @@
"refsource": "BUGTRAQ",
"name": "20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01)",
"url": "https://seclists.org/bugtraq/2020/Jan/10"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
"url": "http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
}
]
}

5
2019/19xxx/CVE-2019-19781.json
View File

@ -61,6 +61,11 @@
"refsource": "CERT-VN",
"name": "VU#619785",
"url": "https://www.kb.cert.org/vuls/id/619785"
},
{
"refsource": "MISC",
"name": "https://twitter.com/bad_packets/status/1215431625766424576",
"url": "https://twitter.com/bad_packets/status/1215431625766424576"
}
]
}

5
2019/19xxx/CVE-2019-19844.json
View File

@ -86,6 +86,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html",
"url": "http://packetstormsecurity.com/files/155872/Django-Account-Hijack.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20200110-0003/",
"url": "https://security.netapp.com/advisory/ntap-20200110-0003/"
}
]
}

5
2019/19xxx/CVE-2019-19920.json
View File

@ -66,6 +66,11 @@
"url": "https://marc.info/?l=spamassassin-users&m=157668305026635&w=2",
"refsource": "MISC",
"name": "https://marc.info/?l=spamassassin-users&m=157668305026635&w=2"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200109 [SECURITY] [DLA 2062-1] sa-exim security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00006.html"
}
]
}

56
2019/20xxx/CVE-2019-20178.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-20178",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-20178",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Advisto PEEL Shopping 9.2.1 has CSRF via administrer/utilisateurs.php to delete a user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://medium.com/@Pablo0xSantiago/cve-2019-20178-peel-shopping-ecommerce-shopping-cart-9-2-1-cross-site-request-forgery-17fc49ab5a65",
"url": "https://medium.com/@Pablo0xSantiago/cve-2019-20178-peel-shopping-ecommerce-shopping-cart-9-2-1-cross-site-request-forgery-17fc49ab5a65"
}
]
}

56
2019/20xxx/CVE-2019-20179.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-20179",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-20179",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SOPlanning 1.45 has SQL injection via the user_list.php \"by\" parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://medium.com/@Pablo0xSantiago/cve-2019-20179-so-planning-1-45-sql-injection-5f0050ad81d1",
"url": "https://medium.com/@Pablo0xSantiago/cve-2019-20179-so-planning-1-45-sql-injection-5f0050ad81d1"
}
]
}

61
2019/20xxx/CVE-2019-20180.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-20180",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-20180",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The TablePress plugin 1.9.2 for WordPress allows tablepress[data] CSV injection by Editor users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://medium.com/@Pablo0xSantiago/cve-2019-20180-tablepress-version-1-9-2-csv-injection-65309fcc8be8",
"url": "https://medium.com/@Pablo0xSantiago/cve-2019-20180-tablepress-version-1-9-2-csv-injection-65309fcc8be8"
},
{
"refsource": "MISC",
"name": "https://wpvulndb.com/vulnerabilities/10016",
"url": "https://wpvulndb.com/vulnerabilities/10016"
}
]
}

56
2019/20xxx/CVE-2019-20181.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-20181",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-20181",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The awesome-support plugin 5.8.0 for WordPress allows XSS via the post_title parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://medium.com/@Pablo0xSantiago/cve-2019-20181-awesome-support-wordpress-helpdesk-support-plugin-5-8-0-84a0c022cf53",
"url": "https://medium.com/@Pablo0xSantiago/cve-2019-20181-awesome-support-wordpress-helpdesk-support-plugin-5-8-0-84a0c022cf53"
}
]
}

56
2019/20xxx/CVE-2019-20182.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-20182",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-20182",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The FooGallery plugin 1.8.12 for WordPress allow XSS via the post_title parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://medium.com/@Pablo0xSantiago/cve-2019-20182-foogallery-image-gallery-wordpress-plugin-1-8-12-stored-cross-site-scripting-d5864f1259f",
"url": "https://medium.com/@Pablo0xSantiago/cve-2019-20182-foogallery-image-gallery-wordpress-plugin-1-8-12-stored-cross-site-scripting-d5864f1259f"
}
]
}

56
2019/20xxx/CVE-2019-20183.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-20183",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-20183",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "uploadimage.php in Employee Records System 1.0 allows upload and execution of arbitrary PHP code because file-extension validation is only on the client side. The attacker can modify global.js to allow the .php extension."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://medium.com/@Pablo0xSantiago/cve-2019-20183-employee-records-system-bypass-file-upload-to-rce-ea2653660b34",
"url": "https://medium.com/@Pablo0xSantiago/cve-2019-20183-employee-records-system-bypass-file-upload-to-rce-ea2653660b34"
}
]
}

56
2019/20xxx/CVE-2019-20184.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-20184",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-20184",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "KeePass 2.4.1 allows CSV injection in the title field of a CSV export."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://medium.com/@Pablo0xSantiago/cve-2019-20184-keepass-2-4-1-csv-injection-33f08de3c11a",
"url": "https://medium.com/@Pablo0xSantiago/cve-2019-20184-keepass-2-4-1-csv-injection-33f08de3c11a"
}
]
}

77
2019/20xxx/CVE-2019-20372.json Normal file
View File

@ -0,0 +1,77 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20372",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bertjwregeer.keybase.pub/2019-12-10%20-%20error_page%20request%20smuggling.pdf",
"refsource": "MISC",
"name": "https://bertjwregeer.keybase.pub/2019-12-10%20-%20error_page%20request%20smuggling.pdf"
},
{
"url": "http://nginx.org/en/CHANGES",
"refsource": "MISC",
"name": "http://nginx.org/en/CHANGES"
},
{
"url": "https://duo.com/docs/dng-notes#version-1.5.4-january-2020",
"refsource": "MISC",
"name": "https://duo.com/docs/dng-notes#version-1.5.4-january-2020"
},
{
"url": "https://github.com/kubernetes/ingress-nginx/pull/4859",
"refsource": "MISC",
"name": "https://github.com/kubernetes/ingress-nginx/pull/4859"
}
]
}
}

62
2019/20xxx/CVE-2019-20373.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20373",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LTSP LDM through 2.18.06 allows fat-client root access because the LDM_USERNAME variable may have an empty value if the user's shell lacks support for Bourne shell syntax. This is related to a run-x-session script."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://git.launchpad.net/~ltsp-upstream/ltsp/+git/ldm/commit/?id=c351ac69ef63ed6c84221cef73e409059661b8ba",
"refsource": "MISC",
"name": "https://git.launchpad.net/~ltsp-upstream/ltsp/+git/ldm/commit/?id=c351ac69ef63ed6c84221cef73e409059661b8ba"
}
]
}
}

81
2019/20xxx/CVE-2019-20374.json Normal file
View File

@ -0,0 +1,81 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20374",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A mutation cross-site scripting (XSS) issue in Typora through 0.9.9.31.2 on macOS and through 0.9.81 on Linux leads to Remote Code Execution through Mermaid code blocks. To exploit this vulnerability, one must open a file in Typora. The XSS vulnerability is then triggered due to improper HTML sanitization. Given that the application is based on the Electron framework, the XSS leads to remote code execution in an unsandboxed environment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/typora/typora-issues/issues/3124",
"refsource": "MISC",
"name": "https://github.com/typora/typora-issues/issues/3124"
},
{
"url": "https://github.com/cure53/DOMPurify/commit/4e8af7b2c4a159b683d317e02c5cbddb86dc4a0e",
"refsource": "MISC",
"name": "https://github.com/cure53/DOMPurify/commit/4e8af7b2c4a159b683d317e02c5cbddb86dc4a0e"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:R",
"version": "3.0"
}
}
}

Some files were not shown because too many files have changed in this diff Show More