admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 01:20:28 +00:00
parent d51893c27d
commit 54a23b831c
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
68 changed files with 4625 additions and 4625 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

120
1999/0xxx/CVE-1999-0443.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0443", "ID": "CVE-1999-0443",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Patrol management software allows a remote attacker to conduct a replay attack to steal the administrator password."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19990409 Patrol security bugs", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/13204" "lang": "eng",
} "value": "Patrol management software allows a remote attacker to conduct a replay attack to steal the administrator password."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990409 Patrol security bugs",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/13204"
}
]
}
}

130
1999/0xxx/CVE-1999-0912.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0912", "ID": "CVE-1999-0912",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large number of files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "653", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/653" "lang": "eng",
}, "value": "FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large number of files."
{ }
"name" : "1079", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/1079" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1079",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1079"
},
{
"name": "653",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/653"
}
]
}
}

160
1999/1xxx/CVE-1999-1384.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1384", "ID": "CVE-1999-1384",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19961030 (Another) vulnerability in new SGIs", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=87602167420095&w=2" "lang": "eng",
}, "value": "Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program."
{ }
"name" : "AA-96.08", ]
"refsource" : "AUSCERT", },
"url" : "ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-96.08.SGI.systour.vul" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "19961101-01-I", "description": [
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/19961101-01-I" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "470", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/470" ]
}, },
{ "references": {
"name" : "irix-systour(7456)", "reference_data": [
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/7456.php" "name": "19961030 (Another) vulnerability in new SGIs",
} "refsource": "BUGTRAQ",
] "url": "http://marc.info/?l=bugtraq&m=87602167420095&w=2"
} },
} {
"name": "AA-96.08",
"refsource": "AUSCERT",
"url": "ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-96.08.SGI.systour.vul"
},
{
"name": "irix-systour(7456)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7456.php"
},
{
"name": "470",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/470"
},
{
"name": "19961101-01-I",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19961101-01-I"
}
]
}
}

140
1999/1xxx/CVE-1999-1562.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1562", "ID": "CVE-1999-1562",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "gFTP FTP client 1.13, and other versions before 2.0.0, records a password in plaintext in (1) the log window, or (2) in a log file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19990905 gftp", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/26915" "lang": "eng",
}, "value": "gFTP FTP client 1.13, and other versions before 2.0.0, records a password in plaintext in (1) the log window, or (2) in a log file."
{ }
"name" : "DSA-084", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2001/dsa-084" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "3446", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/3446" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "3446",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3446"
},
{
"name": "19990905 gftp",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/26915"
},
{
"name": "DSA-084",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2001/dsa-084"
}
]
}
}

130
1999/1xxx/CVE-1999-1584.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1584", "ID": "CVE-1999-1584",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unknown vulnerability in (1) loadmodule, and (2) modload if modload is installed with setuid/setgid privileges, in SunOS 4.1.1 through 4.1.3c, and Open Windows 3.0, allows local users to gain root privileges via environment variables, a different vulnerability than CVE-1999-1586."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "00124", "description_data": [
"refsource" : "SUN", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00124-1" "lang": "eng",
}, "value": "Unknown vulnerability in (1) loadmodule, and (2) modload if modload is installed with setuid/setgid privileges, in SunOS 4.1.1 through 4.1.3c, and Open Windows 3.0, allows local users to gain root privileges via environment variables, a different vulnerability than CVE-1999-1586."
{ }
"name" : "CA-93.18", ]
"refsource" : "CERT", },
"url" : "http://www.cert.org/advisories/CA-1993-18.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "00124",
"refsource": "SUN",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00124-1"
},
{
"name": "CA-93.18",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-1993-18.html"
}
]
}
}

120
1999/1xxx/CVE-1999-1590.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1590", "ID": "CVE-1999-1590",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Count.cgi) 2.3 allows remote attackers to read arbitrary GIF files via \"..\" sequences in the image parameter, a different vulnerability than CVE-1999-0021."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19971010 Security flaw in Count.cgi (wwwcount)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://seclists.org/bugtraq/1997/Oct/0058.html" "lang": "eng",
} "value": "Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Count.cgi) 2.3 allows remote attackers to read arbitrary GIF files via \"..\" sequences in the image parameter, a different vulnerability than CVE-1999-0021."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19971010 Security flaw in Count.cgi (wwwcount)",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/1997/Oct/0058.html"
}
]
}
}

130
2000/0xxx/CVE-2000-0155.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0155", "ID": "CVE-2000-0155",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000218 AUTORUN.INF Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-15&msg=000701bf79cd$fdb5a620$4c4342a6@mightye.org" "lang": "eng",
}, "value": "Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive."
{ }
"name" : "993", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/993" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "993",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/993"
},
{
"name": "20000218 AUTORUN.INF Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-15&msg=000701bf79cd$fdb5a620$4c4342a6@mightye.org"
}
]
}
}

140
2000/0xxx/CVE-2000-0402.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0402", "ID": "CVE-2000-0402",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log file which is readable by any user, aka the \"SQL Server 7.0 Service Pack Password\" vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS00-035", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-035" "lang": "eng",
}, "value": "The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log file which is readable by any user, aka the \"SQL Server 7.0 Service Pack Password\" vulnerability."
{ }
"name" : "Q263968", ]
"refsource" : "MSKB", },
"url" : "http://www.microsoft.com/technet/support/kb.asp?ID=263968" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1281", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1281" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "MS00-035",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-035"
},
{
"name": "Q263968",
"refsource": "MSKB",
"url": "http://www.microsoft.com/technet/support/kb.asp?ID=263968"
},
{
"name": "1281",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1281"
}
]
}
}

130
2000/0xxx/CVE-2000-0429.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0429", "ID": "CVE-2000-0429",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A backdoor password in Cart32 3.0 and earlier allows remote attackers to execute arbitrary commands."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000427 Alert: Cart32 secret password backdoor (CISADV000427)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=95686068203138&w=2" "lang": "eng",
}, "value": "A backdoor password in Cart32 3.0 and earlier allows remote attackers to execute arbitrary commands."
{ }
"name" : "http://www.cart32.com/kbshow.asp?article=c048", ]
"refsource" : "CONFIRM", },
"url" : "http://www.cart32.com/kbshow.asp?article=c048" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cart32.com/kbshow.asp?article=c048",
"refsource": "CONFIRM",
"url": "http://www.cart32.com/kbshow.asp?article=c048"
},
{
"name": "20000427 Alert: Cart32 secret password backdoor (CISADV000427)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=95686068203138&w=2"
}
]
}
}

130
2000/0xxx/CVE-2000-0458.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0458", "ID": "CVE-2000-0458",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The MSWordView application in IMP creates world-readable files in the /tmp directory, which allows other local users to read potentially sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000424 Two Problems in IMP 2", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=95672120116627&w=2" "lang": "eng",
}, "value": "The MSWordView application in IMP creates world-readable files in the /tmp directory, which allows other local users to read potentially sensitive information."
{ }
"name" : "1360", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1360" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1360",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1360"
},
{
"name": "20000424 Two Problems in IMP 2",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=95672120116627&w=2"
}
]
}
}

140
2000/0xxx/CVE-2000-0630.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0630", "ID": "CVE-2000-0630",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to the URL, a variant of the \"File Fragment Reading via .HTR\" vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS00-044", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-044" "lang": "eng",
}, "value": "IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to the URL, a variant of the \"File Fragment Reading via .HTR\" vulnerability."
{ }
"name" : "1488", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1488" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "iis-htr-obtain-code(5104)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5104" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1488",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1488"
},
{
"name": "MS00-044",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-044"
},
{
"name": "iis-htr-obtain-code(5104)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5104"
}
]
}
}

200
2000/0xxx/CVE-2000-0703.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0703", "ID": "CVE-2000-0703",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "suidperl (aka sperl) does not properly cleanse the escape sequence \"~!\" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the \"interactive\" environmental variable and calling suidperl with a filename that contains the escape sequence."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000805 sperl 5.00503 (and newer ;) exploit", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-08/0022.html" "lang": "eng",
}, "value": "suidperl (aka sperl) does not properly cleanse the escape sequence \"~!\" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the \"interactive\" environmental variable and calling suidperl with a filename that contains the escape sequence."
{ }
"name" : "20000810 Security Hole in perl, all versions", ]
"refsource" : "SUSE", },
"url" : "http://www.novell.com/linux/security/advisories/suse_security_announce_59.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "CSSA-2000-026.0", "description": [
"refsource" : "CALDERA", {
"url" : "http://www.calderasystems.com/support/security/advisories/CSSA-2000-026.0.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2000:048", ]
"refsource" : "REDHAT", }
"url" : "http://www.redhat.com/support/errata/RHSA-2000-048.html" ]
}, },
{ "references": {
"name" : "TLSA2000018-1", "reference_data": [
"refsource" : "TURBO", {
"url" : "http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000017.html" "name": "TLSA2000018-1",
}, "refsource": "TURBO",
{ "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000017.html"
"name" : "20000814 Trustix Security Advisory - perl and mailx", },
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-08/0153.html" "name": "1547",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/1547"
"name" : "20000808 MDKSA-2000:031 perl update", },
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-08/0086.html" "name": "RHSA-2000:048",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2000-048.html"
"name" : "20000810 Conectiva Linux security announcemente - PERL", },
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-08/0113.html" "name": "CSSA-2000-026.0",
}, "refsource": "CALDERA",
{ "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-026.0.txt"
"name" : "1547", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1547" "name": "20000808 MDKSA-2000:031 perl update",
} "refsource": "BUGTRAQ",
] "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0086.html"
} },
} {
"name": "20000814 Trustix Security Advisory - perl and mailx",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0153.html"
},
{
"name": "20000805 sperl 5.00503 (and newer ;) exploit",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0022.html"
},
{
"name": "20000810 Security Hole in perl, all versions",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_59.html"
},
{
"name": "20000810 Conectiva Linux security announcemente - PERL",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0113.html"
}
]
}
}

150
2000/0xxx/CVE-2000-0857.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0857", "ID": "CVE-2000-0857",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The logging capability in muh 2.05d IRC server does not properly cleanse user-injected format strings, which allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed nickname."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000909 format string bug in muh", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-09/0067.html" "lang": "eng",
}, "value": "The logging capability in muh 2.05d IRC server does not properly cleanse user-injected format strings, which allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed nickname."
{ }
"name" : "20000909 Re: format string bug in muh", ]
"refsource" : "BUGTRAQ", },
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-09/0068.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1665", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1665" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "muh-log-dos(5215)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5215" ]
} },
] "references": {
} "reference_data": [
} {
"name": "muh-log-dos(5215)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5215"
},
{
"name": "20000909 format string bug in muh",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0067.html"
},
{
"name": "1665",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1665"
},
{
"name": "20000909 Re: format string bug in muh",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0068.html"
}
]
}
}

140
2000/1xxx/CVE-2000-1082.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-1082", "ID": "CVE-2000-1082",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The xp_enumresultset function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the \"Extended Stored Procedure Parameter Parsing\" vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20001201 Microsoft SQL Server extended stored procedure vulnerability", "description_data": [
"refsource" : "ATSTAKE", {
"url" : "http://marc.info/?l=bugtraq&m=97570878710037&w=2" "lang": "eng",
}, "value": "The xp_enumresultset function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the \"Extended Stored Procedure Parameter Parsing\" vulnerability."
{ }
"name" : "MS00-092", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-092" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "2031", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/2031" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20001201 Microsoft SQL Server extended stored procedure vulnerability",
"refsource": "ATSTAKE",
"url": "http://marc.info/?l=bugtraq&m=97570878710037&w=2"
},
{
"name": "2031",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2031"
},
{
"name": "MS00-092",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-092"
}
]
}
}

130
2000/1xxx/CVE-2000-1161.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-1161", "ID": "CVE-2000-1161",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The installation of AdCycle banner management system leaves the build.cgi program in a web-accessible directory, which allows remote attackers to execute the program and view passwords or delete databases."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20001120 security problem in AdCycle installation", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-11/0271.html" "lang": "eng",
}, "value": "The installation of AdCycle banner management system leaves the build.cgi program in a web-accessible directory, which allows remote attackers to execute the program and view passwords or delete databases."
{ }
"name" : "1969", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1969" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1969",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1969"
},
{
"name": "20001120 security problem in AdCycle installation",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0271.html"
}
]
}
}

140
2005/2xxx/CVE-2005-2057.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2057", "ID": "CVE-2005-2057",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to inject arbitrary web script or HTML via the (1) Searchpage parameter to dosearch.php, (2) Number, (3) what, or (4) page parameter to newreply.php, (5) Number, (6) Board, or (7) what parameter to showprofile.php, (8) fpart or (9) page parameter to showflat.php, or (10) like parameter to showmembers.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050624 Infopop UBB Threads Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=111963737202040&w=2" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to inject arbitrary web script or HTML via the (1) Searchpage parameter to dosearch.php, (2) Number, (3) what, or (4) page parameter to newreply.php, (5) Number, (6) Board, or (7) what parameter to showprofile.php, (8) fpart or (9) page parameter to showflat.php, or (10) like parameter to showmembers.php."
{ }
"name" : "http://www.gulftech.org/?node=research&article_id=00084-06232005", ]
"refsource" : "MISC", },
"url" : "http://www.gulftech.org/?node=research&article_id=00084-06232005" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#Post42351", "description": [
"refsource" : "MISC", {
"url" : "http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#Post42351" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#Post42351",
"refsource": "MISC",
"url": "http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/#Post42351"
},
{
"name": "http://www.gulftech.org/?node=research&article_id=00084-06232005",
"refsource": "MISC",
"url": "http://www.gulftech.org/?node=research&article_id=00084-06232005"
},
{
"name": "20050624 Infopop UBB Threads Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111963737202040&w=2"
}
]
}
}

120
2005/2xxx/CVE-2005-2085.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2085", "ID": "CVE-2005-2085",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Inframail Advantage Server Edition 6.0 through 6.7 allows remote attackers to cause a denial of service (process crash) via a long (1) SMTP FROM field or possibly (2) FTP NLST command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050628 Multiple buffer overflows exist in Infradig Systems Inframail Advantage Server Edition 6.0", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=111998161006731&w=2" "lang": "eng",
} "value": "Buffer overflow in Inframail Advantage Server Edition 6.0 through 6.7 allows remote attackers to cause a denial of service (process crash) via a long (1) SMTP FROM field or possibly (2) FTP NLST command."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050628 Multiple buffer overflows exist in Infradig Systems Inframail Advantage Server Edition 6.0",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111998161006731&w=2"
}
]
}
}

140
2005/2xxx/CVE-2005-2227.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2227", "ID": "CVE-2005-2227",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Softiacom wMailserver 1.0 stores passwords in plaintext in the Darsite\\MAILSRV\\Admin key, which allows local users to gain administrator privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050712 SoftiaCom MailServer - Local Password Disclosure Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=112120030308592&w=2" "lang": "eng",
}, "value": "Softiacom wMailserver 1.0 stores passwords in plaintext in the Darsite\\MAILSRV\\Admin key, which allows local users to gain administrator privileges."
{ }
"name" : "14212", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/14212" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1014450", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1014450" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "14212",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14212"
},
{
"name": "1014450",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014450"
},
{
"name": "20050712 SoftiaCom MailServer - Local Password Disclosure Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112120030308592&w=2"
}
]
}
}

180
2005/3xxx/CVE-2005-3058.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3058", "ID": "CVE-2005-3058",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060213 URL filter bypass in Fortinet", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/424858/100/0/threaded" "lang": "eng",
}, "value": "Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616."
{ }
"name" : "20060213 URL filter bypass in Fortinet", ]
"refsource" : "FULLDISC", },
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042140.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.fortiguard.com/advisory/FGA-2006-10.html", "description": [
"refsource" : "MISC", {
"url" : "http://www.fortiguard.com/advisory/FGA-2006-10.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "16599", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/16599" ]
}, },
{ "references": {
"name" : "ADV-2006-0539", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0539" "name": "20060213 URL filter bypass in Fortinet",
}, "refsource": "FULLDISC",
{ "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/042140.html"
"name" : "18844", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18844" "name": "20060213 URL filter bypass in Fortinet",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/424858/100/0/threaded"
"name" : "fortinet-web-filter-bypass(24626)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24626" "name": "fortinet-web-filter-bypass(24626)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24626"
} },
} {
"name": "16599",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16599"
},
{
"name": "18844",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18844"
},
{
"name": "http://www.fortiguard.com/advisory/FGA-2006-10.html",
"refsource": "MISC",
"url": "http://www.fortiguard.com/advisory/FGA-2006-10.html"
},
{
"name": "ADV-2006-0539",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0539"
}
]
}
}

120
2005/3xxx/CVE-2005-3085.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3085", "ID": "CVE-2005-3085",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in rss.php in Riverdark Studios RSS Syndicator module 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) forum or (2) topic parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "1014969", "description_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1014969" "lang": "eng",
} "value": "Multiple cross-site scripting (XSS) vulnerabilities in rss.php in Riverdark Studios RSS Syndicator module 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) forum or (2) topic parameters."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1014969",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014969"
}
]
}
}

190
2005/3xxx/CVE-2005-3161.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3161", "ID": "CVE-2005-3161",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in PHP-Fusion before 6.00.110 allow remote attackers to execute arbitrary SQL commands via (1) the activate parameter in register.php and (2) the cat_id parameter in faq.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://secunia.com/secunia_research/2005-52/advisory/", "description_data": [
"refsource" : "MISC", {
"url" : "http://secunia.com/secunia_research/2005-52/advisory/" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in PHP-Fusion before 6.00.110 allow remote attackers to execute arbitrary SQL commands via (1) the activate parameter in register.php and (2) the cat_id parameter in faq.php."
{ }
"name" : "http://www.php-fusion.co.uk/news.php?readmore=261", ]
"refsource" : "CONFIRM", },
"url" : "http://www.php-fusion.co.uk/news.php?readmore=261" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "15018", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/15018" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "19866", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/19866" ]
}, },
{ "references": {
"name" : "19867", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/19867" "name": "19867",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/19867"
"name" : "17055", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17055" "name": "phpfusion-faq-register-sql-injection(22532)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22532"
"name" : "54", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/54" "name": "19866",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/19866"
"name" : "phpfusion-faq-register-sql-injection(22532)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22532" "name": "15018",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/15018"
} },
} {
"name": "http://secunia.com/secunia_research/2005-52/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2005-52/advisory/"
},
{
"name": "http://www.php-fusion.co.uk/news.php?readmore=261",
"refsource": "CONFIRM",
"url": "http://www.php-fusion.co.uk/news.php?readmore=261"
},
{
"name": "54",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/54"
},
{
"name": "17055",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17055"
}
]
}
}

650
2005/3xxx/CVE-2005-3357.json
View File

@ -1,327 +1,327 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2005-3357", "ID": "CVE-2005-3357",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://svn.apache.org/viewcvs?rev=358026&view=rev", "description_data": [
"refsource" : "MISC", {
"url" : "http://svn.apache.org/viewcvs?rev=358026&view=rev" "lang": "eng",
}, "value": "mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference."
{ }
"name" : "http://issues.apache.org/bugzilla/show_bug.cgi?id=37791", ]
"refsource" : "CONFIRM", },
"url" : "http://issues.apache.org/bugzilla/show_bug.cgi?id=37791" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm", ]
"refsource" : "CONFIRM", }
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm" ]
}, },
{ "references": {
"name" : "APPLE-SA-2008-05-28", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html" "name": "ADV-2006-3995",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3995"
"name" : "FEDORA-2006-052", },
"refsource" : "FEDORA", {
"url" : "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html" "name": "22992",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22992"
"name" : "FLSA-2006:175406", },
"refsource" : "FEDORA", {
"url" : "http://www.securityfocus.com/archive/1/425399/100/0/threaded" "name": "102662",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1"
"name" : "GLSA-200602-03", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml" "name": "SSRT071293",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449"
"name" : "HPSBUX02145", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/445206/100/0/threaded" "name": "18339",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18339"
"name" : "SSRT061202", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/445206/100/0/threaded" "name": "ADV-2006-4300",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/4300"
"name" : "HPSBUX02172", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/450315/100/0/threaded" "name": "SUSE-SR:2006:004",
}, "refsource": "SUSE",
{ "url": "http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html"
"name" : "SSRT061269", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/450315/100/0/threaded" "name": "18340",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18340"
"name" : "HPSBMA02328", },
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449" "name": "22523",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22523"
"name" : "SSRT071293", },
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449" "name": "ADV-2008-1246",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/1246/references"
"name" : "HPSBOV02683", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=130497311408250&w=2" "name": "SSRT061269",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/450315/100/0/threaded"
"name" : "SSRT090208", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=130497311408250&w=2" "name": "SSRT090208",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2"
"name" : "RHSA-2006:0159", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0159.html" "name": "23260",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23260"
"name" : "20060101-01-U", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" "name": "RHSA-2006:0159",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2006-0159.html"
"name" : "102640", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102640-1" "name": "29849",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29849"
"name" : "102662", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102662-1" "name": "ADV-2006-3920",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3920"
"name" : "SUSE-SR:2006:004", },
"refsource" : "SUSE", {
"url" : "http://lists.suse.de/archive/suse-security-announce/2006-Feb/0008.html" "name": "18333",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18333"
"name" : "SuSE-SA:2006:051", },
"refsource" : "SUSE", {
"url" : "https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html" "name": "USN-241-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntulinux.org/usn/usn-241-1"
"name" : "TSLSA-2005-0074", },
"refsource" : "TRUSTIX", {
"url" : "http://www.trustix.org/errata/2005/0074/" "name": "TA08-150A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"
"name" : "USN-241-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntulinux.org/usn/usn-241-1" "name": "18307",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18307"
"name" : "TA08-150A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA08-150A.html" "name": "20060101-01-U",
}, "refsource": "SGI",
{ "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
"name" : "16152", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16152" "name": "22368",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22368"
"name" : "oval:org.mitre.oval:def:11467", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11467" "name": "HPSBUX02145",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/445206/100/0/threaded"
"name" : "ADV-2006-0056", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0056" "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117",
}, "refsource": "CONFIRM",
{ "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117"
"name" : "ADV-2006-3920", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3920" "name": "SuSE-SA:2006:051",
}, "refsource": "SUSE",
{ "url": "https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html"
"name" : "ADV-2006-3995", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3995" "name": "FLSA-2006:175406",
}, "refsource": "FEDORA",
{ "url": "http://www.securityfocus.com/archive/1/425399/100/0/threaded"
"name" : "ADV-2006-4207", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4207" "name": "FEDORA-2006-052",
}, "refsource": "FEDORA",
{ "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00060.html"
"name" : "ADV-2006-4300", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4300" "name": "ADV-2006-4868",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/4868"
"name" : "ADV-2006-4868", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4868" "name": "HPSBMA02328",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01428449"
"name" : "ADV-2008-1246", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1246/references" "name": "30430",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30430"
"name" : "ADV-2008-1697", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1697" "name": "ADV-2006-4207",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/4207"
"name" : "1015447", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015447" "name": "APPLE-SA-2008-05-28",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"
"name" : "18307", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18307" "name": "HPSBOV02683",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2"
"name" : "18340", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18340" "name": "21848",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21848"
"name" : "18333", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18333" "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm"
"name" : "18339", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18339" "name": "18517",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18517"
"name" : "18429", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18429" "name": "22669",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22669"
"name" : "18585", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18585" "name": "TSLSA-2005-0074",
}, "refsource": "TRUSTIX",
{ "url": "http://www.trustix.org/errata/2005/0074/"
"name" : "18517", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18517" "name": "http://svn.apache.org/viewcvs?rev=358026&view=rev",
}, "refsource": "MISC",
{ "url": "http://svn.apache.org/viewcvs?rev=358026&view=rev"
"name" : "18743", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18743" "name": "SSRT061202",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/445206/100/0/threaded"
"name" : "19012", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19012" "name": "oval:org.mitre.oval:def:11467",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11467"
"name" : "21848", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21848" "name": "18585",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18585"
"name" : "22233", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22233" "name": "http://issues.apache.org/bugzilla/show_bug.cgi?id=37791",
}, "refsource": "CONFIRM",
{ "url": "http://issues.apache.org/bugzilla/show_bug.cgi?id=37791"
"name" : "22368", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22368" "name": "GLSA-200602-03",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200602-03.xml"
"name" : "22523", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22523" "name": "ADV-2008-1697",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/1697"
"name" : "22669", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22669" "name": "22233",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22233"
"name" : "23260", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23260" "name": "19012",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19012"
"name" : "22992", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22992" "name": "18429",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18429"
"name" : "29849", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29849" "name": "102640",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102640-1"
"name" : "30430", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30430" "name": "1015447",
} "refsource": "SECTRACK",
] "url": "http://securitytracker.com/id?1015447"
} },
} {
"name": "ADV-2006-0056",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0056"
},
{
"name": "18743",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18743"
},
{
"name": "HPSBUX02172",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/450315/100/0/threaded"
},
{
"name": "16152",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16152"
}
]
}
}

140
2005/3xxx/CVE-2005-3719.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3719", "ID": "CVE-2005-3719",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Hitachi IP5000 VOIP WIFI Phone 1.5.6 has a hard-coded administrator password of \"0000\", which allows attackers with physical access to obtain sensitive information and modify the phone's configuration."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20051116 Hitachi IP5000 VoIP Wifi phone multiple", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://marc.info/?l=full-disclosure&m=113217425618951&w=2" "lang": "eng",
}, "value": "Hitachi IP5000 VOIP WIFI Phone 1.5.6 has a hard-coded administrator password of \"0000\", which allows attackers with physical access to obtain sensitive information and modify the phone's configuration."
{ }
"name" : "http://www.hitachi-cable.co.jp/ICSFiles/infosystem/security/76659792_e.pdf", ]
"refsource" : "MISC", },
"url" : "http://www.hitachi-cable.co.jp/ICSFiles/infosystem/security/76659792_e.pdf" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "17628", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17628" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "17628",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17628"
},
{
"name": "http://www.hitachi-cable.co.jp/ICSFiles/infosystem/security/76659792_e.pdf",
"refsource": "MISC",
"url": "http://www.hitachi-cable.co.jp/ICSFiles/infosystem/security/76659792_e.pdf"
},
{
"name": "20051116 Hitachi IP5000 VoIP Wifi phone multiple",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=113217425618951&w=2"
}
]
}
}

160
2005/4xxx/CVE-2005-4433.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4433", "ID": "CVE-2005-4433",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in search.php in Esselbach Storyteller CMS 1.8 allows remote attackers to inject arbitrary web script or HTML via the query parameter, which is used by the Search field."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pridels0.blogspot.com/2005/12/esselbach-storyteller-cms-xss-vuln.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://pridels0.blogspot.com/2005/12/esselbach-storyteller-cms-xss-vuln.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in search.php in Esselbach Storyteller CMS 1.8 allows remote attackers to inject arbitrary web script or HTML via the query parameter, which is used by the Search field."
{ }
"name" : "15945", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/15945" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2005-2985", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2985" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "21787", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/21787" ]
}, },
{ "references": {
"name" : "18130", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18130" "name": "18130",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/18130"
} },
} {
"name": "21787",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21787"
},
{
"name": "ADV-2005-2985",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2985"
},
{
"name": "15945",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15945"
},
{
"name": "http://pridels0.blogspot.com/2005/12/esselbach-storyteller-cms-xss-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2005/12/esselbach-storyteller-cms-xss-vuln.html"
}
]
}
}

170
2009/2xxx/CVE-2009-2344.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2344", "ID": "CVE-2009-2344",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The web-based management interfaces in Sourcefire Defense Center (DC) and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090701 Sourcefire 3D Sensor and DC, privilege escalation vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/504694/100/0/threaded" "lang": "eng",
}, "value": "The web-based management interfaces in Sourcefire Defense Center (DC) and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components."
{ }
"name" : "9074", ]
"refsource" : "EXPLOIT-DB", },
"url" : "http://www.exploit-db.com/exploits/9074" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "35553", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/35553" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1022500", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1022500" ]
}, },
{ "references": {
"name" : "35658", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35658" "name": "35658",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35658"
"name" : "ADV-2009-1785", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/1785" "name": "1022500",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1022500"
} },
} {
"name": "9074",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9074"
},
{
"name": "20090701 Sourcefire 3D Sensor and DC, privilege escalation vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504694/100/0/threaded"
},
{
"name": "ADV-2009-1785",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1785"
},
{
"name": "35553",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35553"
}
]
}
}

120
2009/2xxx/CVE-2009-2614.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2614", "ID": "CVE-2009-2614",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in z_admin_login.asp in DataCheck Solutions LinkPal 1.x allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "35598", "description_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35598" "lang": "eng",
} "value": "SQL injection vulnerability in z_admin_login.asp in DataCheck Solutions LinkPal 1.x allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35598",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35598"
}
]
}
}

140
2009/2xxx/CVE-2009-2649.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2649", "ID": "CVE-2009-2649",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The IATA (ata) driver in FreeBSD 6.0 and 8.0, when read access to /dev is available, allows local users to cause a denial of service (kernel panic) via a certain IOCTL request with a large count, which triggers a malloc call with a large value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "9134", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/9134" "lang": "eng",
}, "value": "The IATA (ata) driver in FreeBSD 6.0 and 8.0, when read access to /dev is available, allows local users to cause a denial of service (kernel panic) via a certain IOCTL request with a large count, which triggers a malloc call with a large value."
{ }
"name" : "35645", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/35645" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1022538", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1022538" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1022538",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022538"
},
{
"name": "9134",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/9134"
},
{
"name": "35645",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35645"
}
]
}
}

160
2009/2xxx/CVE-2009-2860.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2860", "ID": "CVE-2009-2860",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in db2jds in IBM DB2 8.1 before FP18 allows remote attackers to cause a denial of service (service crash) via \"malicious packets.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT", "description_data": [
"refsource" : "CONFIRM", {
"url" : "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT" "lang": "eng",
}, "value": "Unspecified vulnerability in db2jds in IBM DB2 8.1 before FP18 allows remote attackers to cause a denial of service (service crash) via \"malicious packets.\""
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg24024075", ]
"refsource" : "CONFIRM", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg24024075" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "IZ52433", "description": [
"refsource" : "AIXAPAR", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ52433" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "36313", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/36313" ]
}, },
{ "references": {
"name" : "ADV-2009-2293", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/2293" "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT",
} "refsource": "CONFIRM",
] "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
} },
} {
"name": "IZ52433",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ52433"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg24024075",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24024075"
},
{
"name": "36313",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36313"
},
{
"name": "ADV-2009-2293",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2293"
}
]
}
}

220
2009/2xxx/CVE-2009-2904.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2009-2904", "ID": "CVE-2009-2904",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates", "description_data": [
"refsource" : "MLIST", {
"url" : "http://lists.vmware.com/pipermail/security-announce/2010/000082.html" "lang": "eng",
}, "value": "A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=522141", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=522141" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "FEDORA-2010-5429", "description": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/038214.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2009:1470", ]
"refsource" : "REDHAT", }
"url" : "https://rhn.redhat.com/errata/RHSA-2009-1470.html" ]
}, },
{ "references": {
"name" : "36552", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36552" "name": "38794",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/38794"
"name" : "58495", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/58495" "name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
}, "refsource": "MLIST",
{ "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
"name" : "oval:org.mitre.oval:def:9862", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9862" "name": "36552",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/36552"
"name" : "39182", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39182" "name": "RHSA-2009:1470",
}, "refsource": "REDHAT",
{ "url": "https://rhn.redhat.com/errata/RHSA-2009-1470.html"
"name" : "38794", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38794" "name": "FEDORA-2010-5429",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/038214.html"
"name" : "38834", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38834" "name": "38834",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/38834"
"name" : "ADV-2010-0528", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/0528" "name": "58495",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/58495"
} },
} {
"name": "39182",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39182"
},
{
"name": "oval:org.mitre.oval:def:9862",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9862"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=522141",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=522141"
},
{
"name": "ADV-2010-0528",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0528"
}
]
}
}

150
2009/2xxx/CVE-2009-2934.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2934", "ID": "CVE-2009-2934",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in xaudio.dll in Programmed Integration PIPL 2.5.0 and 2.5.0D allow remote attackers to execute arbitrary code via a long string in a (1) .pls or (2) .pl playlist file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "9428", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/9428" "lang": "eng",
}, "value": "Multiple stack-based buffer overflows in xaudio.dll in Programmed Integration PIPL 2.5.0 and 2.5.0D allow remote attackers to execute arbitrary code via a long string in a (1) .pls or (2) .pl playlist file."
{ }
"name" : "56996", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/56996" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36297", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36297" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "pipl-pls-bo(52440)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/52440" ]
} },
] "references": {
} "reference_data": [
} {
"name": "9428",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9428"
},
{
"name": "pipl-pls-bo(52440)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52440"
},
{
"name": "56996",
"refsource": "OSVDB",
"url": "http://osvdb.org/56996"
},
{
"name": "36297",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36297"
}
]
}
}

150
2009/3xxx/CVE-2009-3125.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3125", "ID": "CVE-2009-3125",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the Bug.search WebService function in Bugzilla 3.3.2 through 3.4.1, and 3.5, allows remote attackers to execute arbitrary SQL commands via unspecified parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.bugzilla.org/security/3.0.8/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.bugzilla.org/security/3.0.8/" "lang": "eng",
}, "value": "SQL injection vulnerability in the Bug.search WebService function in Bugzilla 3.3.2 through 3.4.1, and 3.5, allows remote attackers to execute arbitrary SQL commands via unspecified parameters."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=515191", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=515191" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36371", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36371" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "36718", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/36718" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.bugzilla.org/security/3.0.8/",
"refsource": "CONFIRM",
"url": "http://www.bugzilla.org/security/3.0.8/"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=515191",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=515191"
},
{
"name": "36371",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36371"
},
{
"name": "36718",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36718"
}
]
}
}

170
2009/3xxx/CVE-2009-3458.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2009-3458", "ID": "CVE-2009-3458",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2998."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.adobe.com/support/security/bulletins/apsb09-15.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb09-15.html" "lang": "eng",
}, "value": "Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2998."
{ }
"name" : "TA09-286B", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-286B.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36638", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36638" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:6499", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6499" ]
}, },
{ "references": {
"name" : "1023007", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1023007" "name": "36638",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/36638"
"name" : "ADV-2009-2898", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/2898" "name": "TA09-286B",
} "refsource": "CERT",
] "url": "http://www.us-cert.gov/cas/techalerts/TA09-286B.html"
} },
} {
"name": "1023007",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023007"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb09-15.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-15.html"
},
{
"name": "oval:org.mitre.oval:def:6499",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6499"
},
{
"name": "ADV-2009-2898",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2898"
}
]
}
}

140
2009/3xxx/CVE-2009-3912.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3912", "ID": "CVE-2009-3912",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in index.php in TFTgallery 0.13 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the album parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.org/0911-exploits/tftgallery-traversal.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.org/0911-exploits/tftgallery-traversal.txt" "lang": "eng",
}, "value": "Directory traversal vulnerability in index.php in TFTgallery 0.13 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the album parameter."
{ }
"name" : "36899", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/36899" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "37156", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37156" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "37156",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37156"
},
{
"name": "36899",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36899"
},
{
"name": "http://packetstormsecurity.org/0911-exploits/tftgallery-traversal.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0911-exploits/tftgallery-traversal.txt"
}
]
}
}

140
2015/0xxx/CVE-2015-0213.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-0213", "ID": "CVE-2015-0213",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in (1) editcategories.html and (2) editcategories.php in the Glossary module in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allow remote attackers to hijack the authentication of unspecified victims."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150119 Moodle security issues are now public", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2015/01/19/1" "lang": "eng",
}, "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in (1) editcategories.html and (2) editcategories.php in the Glossary module in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allow remote attackers to hijack the authentication of unspecified victims."
{ }
"name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48106", ]
"refsource" : "CONFIRM", },
"url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48106" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://moodle.org/mod/forum/discuss.php?d=278613", "description": [
"refsource" : "CONFIRM", {
"url" : "https://moodle.org/mod/forum/discuss.php?d=278613" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48106",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48106"
},
{
"name": "[oss-security] 20150119 Moodle security issues are now public",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2015/01/19/1"
},
{
"name": "https://moodle.org/mod/forum/discuss.php?d=278613",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=278613"
}
]
}
}

34
2015/0xxx/CVE-2015-0262.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-0262", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-0262",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
} }
] ]
} }
} }

150
2015/0xxx/CVE-2015-0582.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-0582", "ID": "CVE-2015-0582",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The High Availability (HA) subsystem in Cisco NX-OS on MDS 9000 devices allows remote attackers to cause a denial of service via crafted traffic, aka Bug ID CSCuo09129."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150109 Cisco MDS 9000 Series Denial of Service Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0582" "lang": "eng",
}, "value": "The High Availability (HA) subsystem in Cisco NX-OS on MDS 9000 devices allows remote attackers to cause a denial of service via crafted traffic, aka Bug ID CSCuo09129."
{ }
"name" : "71979", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/71979" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1031539", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031539" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "cisco-nxos-cve20150582-dos(99995)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99995" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20150109 Cisco MDS 9000 Series Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0582"
},
{
"name": "71979",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71979"
},
{
"name": "cisco-nxos-cve20150582-dos(99995)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99995"
},
{
"name": "1031539",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031539"
}
]
}
}

130
2015/0xxx/CVE-2015-0656.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-0656", "ID": "CVE-2015-0656",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the login page in Cisco Network Analysis Module (NAM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCum81269."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150303 Cisco Network Analysis Module Cross-Site Scripting Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0656" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the login page in Cisco Network Analysis Module (NAM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCum81269."
{ }
"name" : "1031827", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1031827" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150303 Cisco Network Analysis Module Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0656"
},
{
"name": "1031827",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031827"
}
]
}
}

150
2015/1xxx/CVE-2015-1090.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-1090", "ID": "CVE-2015-1090",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CFNetwork in Apple iOS before 8.3 does not delete HTTP Strict Transport Security (HSTS) state information in response to a Safari history-clearing action, which allows attackers to obtain sensitive information by reading a history file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT204661", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT204661" "lang": "eng",
}, "value": "CFNetwork in Apple iOS before 8.3 does not delete HTTP Strict Transport Security (HSTS) state information in response to a Safari history-clearing action, which allows attackers to obtain sensitive information by reading a history file."
{ }
"name" : "APPLE-SA-2015-04-08-3", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "73978", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/73978" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1032050", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1032050" ]
} },
] "references": {
} "reference_data": [
} {
"name": "APPLE-SA-2015-04-08-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00002.html"
},
{
"name": "1032050",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032050"
},
{
"name": "73978",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73978"
},
{
"name": "https://support.apple.com/HT204661",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT204661"
}
]
}
}

150
2015/1xxx/CVE-2015-1145.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-1145", "ID": "CVE-2015-1145",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1146."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT204659", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT204659" "lang": "eng",
}, "value": "The Code Signing implementation in Apple OS X before 10.10.3 does not properly validate signatures, which allows local users to bypass intended access restrictions via a crafted bundle, a different vulnerability than CVE-2015-1146."
{ }
"name" : "APPLE-SA-2015-04-08-2", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "73982", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/73982" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1032048", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1032048" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://support.apple.com/HT204659",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT204659"
},
{
"name": "73982",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73982"
},
{
"name": "1032048",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032048"
},
{
"name": "APPLE-SA-2015-04-08-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
}
]
}
}

150
2015/1xxx/CVE-2015-1588.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-1588", "ID": "CVE-2015-1588",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Server 6 and OX AppSuite before 7.4.2-rev43, 7.6.0-rev38, and 7.6.1-rev21."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150427 Open-Xchange Security Advisory 2015-04-27", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/535388/100/1100/threaded" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Server 6 and OX AppSuite before 7.4.2-rev43, 7.6.0-rev38, and 7.6.1-rev21."
{ }
"name" : "http://packetstormsecurity.com/files/131649/Open-Xchange-Server-6-OX-AppSuite-Cross-Site-Scripting.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/131649/Open-Xchange-Server-6-OX-AppSuite-Cross-Site-Scripting.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "74350", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/74350" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1032202", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1032202" ]
} },
] "references": {
} "reference_data": [
} {
"name": "1032202",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032202"
},
{
"name": "74350",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74350"
},
{
"name": "http://packetstormsecurity.com/files/131649/Open-Xchange-Server-6-OX-AppSuite-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/131649/Open-Xchange-Server-6-OX-AppSuite-Cross-Site-Scripting.html"
},
{
"name": "20150427 Open-Xchange Security Advisory 2015-04-27",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535388/100/1100/threaded"
}
]
}
}

140
2015/1xxx/CVE-2015-1717.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-1717", "ID": "CVE-2015-1717",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-1658, CVE-2015-1706, CVE-2015-1711, and CVE-2015-1718."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS15-043", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-043" "lang": "eng",
}, "value": "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-1658, CVE-2015-1706, CVE-2015-1711, and CVE-2015-1718."
{ }
"name" : "74606", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/74606" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1032282", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032282" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "74606",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74606"
},
{
"name": "1032282",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032282"
},
{
"name": "MS15-043",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-043"
}
]
}
}

140
2015/1xxx/CVE-2015-1975.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-1975", "ID": "CVE-2015-1975",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The web administration tool in IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iFix 68, 6.2 before iFix 44, and 6.3 before iFix 37 and IBM Security Directory Server 6.3.1 before iFix 11 and 6.4 before iFix 2 allows local users to gain privileges via vectors related to argument injection. IBM X-Force ID: 103694."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21960659", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21960659" "lang": "eng",
}, "value": "The web administration tool in IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iFix 68, 6.2 before iFix 44, and 6.3 before iFix 37 and IBM Security Directory Server 6.3.1 before iFix 11 and 6.4 before iFix 2 allows local users to gain privileges via vectors related to argument injection. IBM X-Force ID: 103694."
{ }
"name" : "103717", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103717" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ibm-sds-cve20151975-arg-injection(103694)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/103694" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "ibm-sds-cve20151975-arg-injection(103694)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/103694"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21960659",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21960659"
},
{
"name": "103717",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103717"
}
]
}
}

230
2015/4xxx/CVE-2015-4510.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2015-4510", "ID": "CVE-2015-4510",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in the WorkerPrivate::NotifyFeatures function in Mozilla Firefox before 41.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) by leveraging improper interaction between shared workers and the IndexedDB implementation."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-104.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-104.html" "lang": "eng",
}, "value": "Race condition in the WorkerPrivate::NotifyFeatures function in Mozilla Firefox before 41.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) by leveraging improper interaction between shared workers and the IndexedDB implementation."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1200004", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1200004" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2015:1658", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html" "name": "openSUSE-SU-2015:1681",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html"
"name" : "openSUSE-SU-2015:1681", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html" "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-104.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-104.html"
"name" : "USN-2743-4", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2743-4" "name": "USN-2743-4",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2743-4"
"name" : "USN-2743-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2743-1" "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
"name" : "USN-2743-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2743-2" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
"name" : "USN-2743-3", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2743-3" "name": "USN-2743-3",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2743-3"
"name" : "76815", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76815" "name": "76815",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/76815"
"name" : "1033640", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033640" "name": "USN-2743-2",
} "refsource": "UBUNTU",
] "url": "http://www.ubuntu.com/usn/USN-2743-2"
} },
} {
"name": "1033640",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033640"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1200004",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1200004"
},
{
"name": "openSUSE-SU-2015:1658",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html"
},
{
"name": "USN-2743-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2743-1"
}
]
}
}

210
2015/4xxx/CVE-2015-4604.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-4604", "ID": "CVE-2015-4604",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a \"Python script text executable\" rule."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150616 Re: CVE Request: various issues in PHP", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/06/16/12" "lang": "eng",
}, "value": "The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a \"Python script text executable\" rule."
{ }
"name" : "http://git.php.net/?p=php-src.git;a=commit;h=f938112c495b0d26572435c0be73ac0bfe642ecd", ]
"refsource" : "CONFIRM", },
"url" : "http://git.php.net/?p=php-src.git;a=commit;h=f938112c495b0d26572435c0be73ac0bfe642ecd" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://php.net/ChangeLog-5.php", "description": [
"refsource" : "CONFIRM", {
"url" : "http://php.net/ChangeLog-5.php" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugs.php.net/bug.php?id=68819", ]
"refsource" : "CONFIRM", }
"url" : "https://bugs.php.net/bug.php?id=68819" ]
}, },
{ "references": {
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" "name": "RHSA-2015:1187",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"
"name" : "RHSA-2015:1187", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1187.html" "name": "1032709",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1032709"
"name" : "RHSA-2015:1135", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1135.html" "name": "RHSA-2015:1186",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"
"name" : "RHSA-2015:1186", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1186.html" "name": "https://bugs.php.net/bug.php?id=68819",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.php.net/bug.php?id=68819"
"name" : "75241", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75241" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
"name" : "1032709", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032709" "name": "75241",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/75241"
} },
} {
"name": "http://php.net/ChangeLog-5.php",
"refsource": "CONFIRM",
"url": "http://php.net/ChangeLog-5.php"
},
{
"name": "[oss-security] 20150616 Re: CVE Request: various issues in PHP",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/06/16/12"
},
{
"name": "http://git.php.net/?p=php-src.git;a=commit;h=f938112c495b0d26572435c0be73ac0bfe642ecd",
"refsource": "CONFIRM",
"url": "http://git.php.net/?p=php-src.git;a=commit;h=f938112c495b0d26572435c0be73ac0bfe642ecd"
},
{
"name": "RHSA-2015:1135",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
}
]
}
}

130
2015/4xxx/CVE-2015-4936.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-4936", "ID": "CVE-2015-4936",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in IBM WebSphere eXtreme Scale 8.6 through 8.6.0.8 allows remote attackers to cause a denial of service via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21962716", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21962716" "lang": "eng",
}, "value": "Unspecified vulnerability in IBM WebSphere eXtreme Scale 8.6 through 8.6.0.8 allows remote attackers to cause a denial of service via unknown vectors."
{ }
"name" : "PI44031", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI44031" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21962716",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962716"
},
{
"name": "PI44031",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI44031"
}
]
}
}

180
2015/8xxx/CVE-2015-8397.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8397", "ID": "CVE-2015-8397",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The JPEGLSCodec::DecodeExtent function in MediaStorageAndFileFormat/gdcmJPEGLSCodec.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (application crash) via an embedded JPEG-LS image with dimensions larger than the selected region in a (1) two-dimensional or (2) three-dimensional DICOM image file, which triggers an out-of-bounds read."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160111 CVE-2015-8397: GDCM out-of-bounds read in JPEGLSCodec::DecodeExtent", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/537263/100/0/threaded" "lang": "eng",
}, "value": "The JPEGLSCodec::DecodeExtent function in MediaStorageAndFileFormat/gdcmJPEGLSCodec.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (application crash) via an embedded JPEG-LS image with dimensions larger than the selected region in a (1) two-dimensional or (2) three-dimensional DICOM image file, which triggers an out-of-bounds read."
{ }
"name" : "20160111 CVE-2015-8397: GDCM out-of-bounds read in JPEGLSCodec::DecodeExtent", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2016/Jan/33" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[gdcm-developers] 20151204 [Gdcm2] GDCM <2.6.1 two vulnerabilites", "description": [
"refsource" : "MLIST", {
"url" : "http://sourceforge.net/p/gdcm/mailman/message/34670701/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[gdcm-developers] 20151221 Re: [Gdcm2] GDCM <2.6.1 two vulnerabilites", ]
"refsource" : "MLIST", }
"url" : "http://sourceforge.net/p/gdcm/mailman/message/34687533/" ]
}, },
{ "references": {
"name" : "http://census-labs.com/news/2016/01/11/gdcm-out-bounds-read-jpeglscodec-decodeextent/", "reference_data": [
"refsource" : "MISC", {
"url" : "http://census-labs.com/news/2016/01/11/gdcm-out-bounds-read-jpeglscodec-decodeextent/" "name": "http://packetstormsecurity.com/files/135206/GDCM-2.6.0-2.6.1-Out-Of-Bounds-Read.html",
}, "refsource": "MISC",
{ "url": "http://packetstormsecurity.com/files/135206/GDCM-2.6.0-2.6.1-Out-Of-Bounds-Read.html"
"name" : "http://packetstormsecurity.com/files/135206/GDCM-2.6.0-2.6.1-Out-Of-Bounds-Read.html", },
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/135206/GDCM-2.6.0-2.6.1-Out-Of-Bounds-Read.html" "name": "[gdcm-developers] 20151204 [Gdcm2] GDCM <2.6.1 two vulnerabilites",
}, "refsource": "MLIST",
{ "url": "http://sourceforge.net/p/gdcm/mailman/message/34670701/"
"name" : "http://sourceforge.net/p/gdcm/gdcm/ci/e547b1ded3fd21e0b0ad149f13045aa12d4b9b7c/", },
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/p/gdcm/gdcm/ci/e547b1ded3fd21e0b0ad149f13045aa12d4b9b7c/" "name": "http://sourceforge.net/p/gdcm/gdcm/ci/e547b1ded3fd21e0b0ad149f13045aa12d4b9b7c/",
} "refsource": "CONFIRM",
] "url": "http://sourceforge.net/p/gdcm/gdcm/ci/e547b1ded3fd21e0b0ad149f13045aa12d4b9b7c/"
} },
} {
"name": "[gdcm-developers] 20151221 Re: [Gdcm2] GDCM <2.6.1 two vulnerabilites",
"refsource": "MLIST",
"url": "http://sourceforge.net/p/gdcm/mailman/message/34687533/"
},
{
"name": "20160111 CVE-2015-8397: GDCM out-of-bounds read in JPEGLSCodec::DecodeExtent",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537263/100/0/threaded"
},
{
"name": "20160111 CVE-2015-8397: GDCM out-of-bounds read in JPEGLSCodec::DecodeExtent",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jan/33"
},
{
"name": "http://census-labs.com/news/2016/01/11/gdcm-out-bounds-read-jpeglscodec-decodeextent/",
"refsource": "MISC",
"url": "http://census-labs.com/news/2016/01/11/gdcm-out-bounds-read-jpeglscodec-decodeextent/"
}
]
}
}

34
2015/9xxx/CVE-2015-9074.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-9074", "ID": "CVE-2015-9074",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/2xxx/CVE-2018-2043.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-2043", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-2043",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

34
2018/2xxx/CVE-2018-2050.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-2050", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-2050",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

34
2018/2xxx/CVE-2018-2105.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-2105", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-2105",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

34
2018/2xxx/CVE-2018-2270.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-2270", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-2270",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

188
2018/2xxx/CVE-2018-2478.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cna@sap.com", "ASSIGNER": "cna@sap.com",
"ID" : "CVE-2018-2478", "ID": "CVE-2018-2478",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SAP Basis (TREX / BWA installation)", "product_name": "SAP Basis (TREX / BWA installation)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_name" : "=", "version_name": "=",
"version_value" : "7.0 to 7.02" "version_value": "7.0 to 7.02"
}, },
{ {
"version_name" : "=", "version_name": "=",
"version_value" : "7.10 to 7.11" "version_value": "7.10 to 7.11"
}, },
{ {
"version_name" : "=", "version_name": "=",
"version_value" : "7.30" "version_value": "7.30"
}, },
{ {
"version_name" : "=", "version_name": "=",
"version_value" : "7.31" "version_value": "7.31"
}, },
{ {
"version_name" : "=", "version_name": "=",
"version_value" : "7.40" "version_value": "7.40"
}, },
{ {
"version_name" : "=", "version_name": "=",
"version_value" : "7.50 to 7.53" "version_value": "7.50 to 7.53"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "SAP" "vendor_name": "SAP"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An attacker can use specially crafted inputs to execute commands on the host of a TREX / BWA installation, SAP Basis, versions: 7.0 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40 and 7.50 to 7.53. Not all commands are possible, only those that can be executed by the <sid>adm user. The commands executed depend upon the privileges of the <sid>adm user."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Other"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://launchpad.support.sap.com/#/notes/2675696", "description_data": [
"refsource" : "MISC", {
"url" : "https://launchpad.support.sap.com/#/notes/2675696" "lang": "eng",
}, "value": "An attacker can use specially crafted inputs to execute commands on the host of a TREX / BWA installation, SAP Basis, versions: 7.0 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40 and 7.50 to 7.53. Not all commands are possible, only those that can be executed by the <sid>adm user. The commands executed depend upon the privileges of the <sid>adm user."
{ }
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832", ]
"refsource" : "MISC", },
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "105904", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/105904" "lang": "eng",
} "value": "Other"
] }
}, ]
"source" : { }
"discovery" : "UNKNOWN" ]
} },
} "references": {
"reference_data": [
{
"name": "105904",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105904"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2675696",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2675696"
},
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

142
2018/2xxx/CVE-2018-2834.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2834", "ID": "CVE-2018-2834",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Data Visualization Desktop", "product_name": "Data Visualization Desktop",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.4.1.1" "version_value": "12.2.4.1.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Data Visualization Desktop component of Oracle Fusion Middleware (subcomponent: Security). The supported version that is affected is 12.2.4.1.1. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Data Visualization Desktop executes to compromise Oracle Data Visualization Desktop. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Data Visualization Desktop, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Data Visualization Desktop accessible data as well as unauthorized read access to a subset of Oracle Data Visualization Desktop accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Data Visualization Desktop. Note: Please refer to Doc ID <a href=\"http://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=2384640.1\">My Oracle Support Note 2384640.1 for instructions on how to address this issue. CVSS 3.0 Base Score 8.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Data Visualization Desktop executes to compromise Oracle Data Visualization Desktop. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Data Visualization Desktop, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Data Visualization Desktop accessible data as well as unauthorized read access to a subset of Oracle Data Visualization Desktop accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Data Visualization Desktop."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle Data Visualization Desktop component of Oracle Fusion Middleware (subcomponent: Security). The supported version that is affected is 12.2.4.1.1. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Data Visualization Desktop executes to compromise Oracle Data Visualization Desktop. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Data Visualization Desktop, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Data Visualization Desktop accessible data as well as unauthorized read access to a subset of Oracle Data Visualization Desktop accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Data Visualization Desktop. Note: Please refer to Doc ID <a href=\"http://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=2384640.1\">My Oracle Support Note 2384640.1 for instructions on how to address this issue. CVSS 3.0 Base Score 8.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:H)."
{ }
"name" : "103792", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103792" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1040695", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040695" "lang": "eng",
} "value": "Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Data Visualization Desktop executes to compromise Oracle Data Visualization Desktop. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Data Visualization Desktop, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Data Visualization Desktop accessible data as well as unauthorized read access to a subset of Oracle Data Visualization Desktop accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Data Visualization Desktop."
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1040695",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040695"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "103792",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103792"
}
]
}
}

152
2018/3xxx/CVE-2018-3080.json
View File

@ -1,78 +1,78 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-3080", "ID": "CVE-2018-3080",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Server", "product_name": "MySQL Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.0.11 and prior" "version_value": "8.0.11 and prior"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" "lang": "eng",
}, "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
{ }
"name" : "https://security.netapp.com/advisory/ntap-20180726-0002/", ]
"refsource" : "CONFIRM", },
"url" : "https://security.netapp.com/advisory/ntap-20180726-0002/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "104772", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/104772" "lang": "eng",
}, "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
{ }
"name" : "1041294", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1041294" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "1041294",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041294"
},
{
"name": "104772",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104772"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180726-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180726-0002/"
}
]
}
}

122
2018/3xxx/CVE-2018-3584.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2018-3584", "ID": "CVE-2018-3584",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", "product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a Use After Free condition can occur in the function rmnet_usb_ctrl_init()."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Use After Free in Wiredconnectivity"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/pixel/2018-04-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/pixel/2018-04-01" "lang": "eng",
} "value": "In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a Use After Free condition can occur in the function rmnet_usb_ctrl_init()."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free in Wiredconnectivity"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/pixel/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/pixel/2018-04-01"
}
]
}
}

162
2018/6xxx/CVE-2018-6075.json
View File

@ -1,83 +1,83 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "chrome-cve-admin@google.com", "ASSIGNER": "security@google.com",
"ID" : "CVE-2018-6075", "ID": "CVE-2018-6075",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Chrome", "product_name": "Chrome",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "65.0.3325.146" "version_value": "65.0.3325.146"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google" "vendor_name": "Google"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Incorrect handling of specified filenames in file downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page and user interaction."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Inappropriate implementation"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://crbug.com/608669", "description_data": [
"refsource" : "MISC", {
"url" : "https://crbug.com/608669" "lang": "eng",
}, "value": "Incorrect handling of specified filenames in file downloads in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cross-origin data via a crafted HTML page and user interaction."
{ }
"name" : "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html", ]
"refsource" : "CONFIRM", },
"url" : "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-4182", "description": [
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2018/dsa-4182" "lang": "eng",
}, "value": "Inappropriate implementation"
{ }
"name" : "RHSA-2018:0484", ]
"refsource" : "REDHAT", }
"url" : "https://access.redhat.com/errata/RHSA-2018:0484" ]
}, },
{ "references": {
"name" : "103297", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/103297" "name": "https://crbug.com/608669",
} "refsource": "MISC",
] "url": "https://crbug.com/608669"
} },
} {
"name": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html",
"refsource": "CONFIRM",
"url": "https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html"
},
{
"name": "103297",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103297"
},
{
"name": "RHSA-2018:0484",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0484"
},
{
"name": "DSA-4182",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4182"
}
]
}
}

172
2018/6xxx/CVE-2018-6165.json
View File

@ -1,88 +1,88 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "chrome-cve-admin@google.com", "ASSIGNER": "security@google.com",
"ID" : "CVE-2018-6165", "ID": "CVE-2018-6165",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Chrome", "product_name": "Chrome",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "68.0.3440.75" "version_value": "68.0.3440.75"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google" "vendor_name": "Google"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Incorrect handling of reloads in Navigation in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Inappropriate implementation"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://crbug.com/847718", "description_data": [
"refsource" : "MISC", {
"url" : "https://crbug.com/847718" "lang": "eng",
}, "value": "Incorrect handling of reloads in Navigation in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page."
{ }
"name" : "https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html", ]
"refsource" : "CONFIRM", },
"url" : "https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-4256", "description": [
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2018/dsa-4256" "lang": "eng",
}, "value": "Inappropriate implementation"
{ }
"name" : "GLSA-201808-01", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201808-01" ]
}, },
{ "references": {
"name" : "RHSA-2018:2282", "reference_data": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2282" "name": "https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html",
}, "refsource": "CONFIRM",
{ "url": "https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html"
"name" : "104887", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/104887" "name": "https://crbug.com/847718",
} "refsource": "MISC",
] "url": "https://crbug.com/847718"
} },
} {
"name": "RHSA-2018:2282",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2282"
},
{
"name": "GLSA-201808-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201808-01"
},
{
"name": "DSA-4256",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4256"
},
{
"name": "104887",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104887"
}
]
}
}

130
2018/6xxx/CVE-2018-6353.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6353", "ID": "CVE-2018-6353",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Python console in Electrum through 2.9.4 and 3.x through 3.0.5 supports arbitrary Python code without considering (1) social-engineering attacks in which a user pastes code that they do not understand and (2) code pasted by a physically proximate attacker at an unattended workstation, which makes it easier for attackers to steal Bitcoin via hook code that runs at a later time when the wallet password has been entered, a different vulnerability than CVE-2018-1000022."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/spesmilo/electrum/issues/3678", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/spesmilo/electrum/issues/3678" "lang": "eng",
}, "value": "The Python console in Electrum through 2.9.4 and 3.x through 3.0.5 supports arbitrary Python code without considering (1) social-engineering attacks in which a user pastes code that they do not understand and (2) code pasted by a physically proximate attacker at an unattended workstation, which makes it easier for attackers to steal Bitcoin via hook code that runs at a later time when the wallet password has been entered, a different vulnerability than CVE-2018-1000022."
{ }
"name" : "https://github.com/spesmilo/electrum/pull/3700", ]
"refsource" : "MISC", },
"url" : "https://github.com/spesmilo/electrum/pull/3700" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/spesmilo/electrum/issues/3678",
"refsource": "MISC",
"url": "https://github.com/spesmilo/electrum/issues/3678"
},
{
"name": "https://github.com/spesmilo/electrum/pull/3700",
"refsource": "MISC",
"url": "https://github.com/spesmilo/electrum/pull/3700"
}
]
}
}

122
2018/6xxx/CVE-2018-6440.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "sirt@brocade.com", "ASSIGNER": "sirt@brocade.com",
"DATE_PUBLIC" : "2018-10-29T00:00:00", "DATE_PUBLIC": "2018-10-29T00:00:00",
"ID" : "CVE-2018-6440", "ID": "CVE-2018-6440",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Brocade Fabric OS", "product_name": "Brocade Fabric OS",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions prior to version 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d" "version_value": "All versions prior to version 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Brocade Communications Systems, Inc." "vendor_name": "Brocade Communications Systems, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in the proxy service of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote unauthenticated attackers to obtain sensitive information and possibly cause a denial of service attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Exposure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-733", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-733" "lang": "eng",
} "value": "A vulnerability in the proxy service of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote unauthenticated attackers to obtain sensitive information and possibly cause a denial of service attack."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-733",
"refsource": "CONFIRM",
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-733"
}
]
}
}

142
2018/6xxx/CVE-2018-6586.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vuln@ca.com", "ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC" : "2018-03-29T04:00:00.000Z", "DATE_PUBLIC": "2018-03-29T04:00:00.000Z",
"ID" : "CVE-2018-6586", "ID": "CVE-2018-6586",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "CA API Developer Portal", "product_name": "CA API Developer Portal",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_name" : "3.5", "version_name": "3.5",
"version_value" : "3.5 CR7" "version_value": "3.5 CR7"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "CA Technologies" "vendor_name": "CA Technologies"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored cross-site scripting vulnerability related to profile picture processing."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180328-01--security-notice-for-ca-api-developer-portal.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180328-01--security-notice-for-ca-api-developer-portal.html" "lang": "eng",
}, "value": "CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored cross-site scripting vulnerability related to profile picture processing."
{ }
"name" : "1040603", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1040603" "problemtype": {
} "problemtype_data": [
] {
}, "description": [
"source" : { {
"discovery" : "UNKNOWN" "lang": "eng",
} "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
} }
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040603",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040603"
},
{
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180328-01--security-notice-for-ca-api-developer-portal.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180328-01--security-notice-for-ca-api-developer-portal.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

34
2018/6xxx/CVE-2018-6691.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6691", "ID": "CVE-2018-6691",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/7xxx/CVE-2018-7404.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7404", "ID": "CVE-2018-7404",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2018/7xxx/CVE-2018-7496.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "ics-cert@hq.dhs.gov", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2018-7496", "ID": "CVE-2018-7496",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "OSIsoft PI Vision", "product_name": "OSIsoft PI Vision",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "OSIsoft PI Vision" "version_value": "OSIsoft PI Vision"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An Information Exposure issue was discovered in OSIsoft PI Vision versions 2017 and prior. The server response header and referrer-policy response header each provide unintended information disclosure."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-200"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-072-03", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-072-03" "lang": "eng",
}, "value": "An Information Exposure issue was discovered in OSIsoft PI Vision versions 2017 and prior. The server response header and referrer-policy response header each provide unintended information disclosure."
{ }
"name" : "103390", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103390" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103390",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103390"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-072-03",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-072-03"
}
]
}
}

34
2018/7xxx/CVE-2018-7575.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7575", "ID": "CVE-2018-7575",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2018/7xxx/CVE-2018-7877.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7877", "ID": "CVE-2018-7877",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for DOUBLE data. A Crafted input will lead to a denial of service attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892260", "description_data": [
"refsource" : "MISC", {
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892260" "lang": "eng",
}, "value": "There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for DOUBLE data. A Crafted input will lead to a denial of service attack."
{ }
"name" : "https://github.com/libming/libming/issues/110", ]
"refsource" : "MISC", },
"url" : "https://github.com/libming/libming/issues/110" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/libming/libming/issues/110",
"refsource": "MISC",
"url": "https://github.com/libming/libming/issues/110"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892260",
"refsource": "MISC",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892260"
}
]
}
}

34
2019/5xxx/CVE-2019-5640.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5640", "ID": "CVE-2019-5640",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5681.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5681", "ID": "CVE-2019-5681",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5865.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5865", "ID": "CVE-2019-5865",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }