admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 05:11:02 +00:00
parent daaeb55651
commit 556da6039c
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
64 changed files with 5166 additions and 5166 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
2005/0xxx/CVE-2005-0070.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0070", "ID": "CVE-2005-0070",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files." "value": "Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "DSA-681", "name": "14300",
"refsource" : "DEBIAN", "refsource": "SECUNIA",
"url" : "http://www.debian.org/security/2005/dsa-681" "url": "http://secunia.com/advisories/14300"
}, },
{ {
"name" : "12546", "name": "DSA-681",
"refsource" : "BID", "refsource": "DEBIAN",
"url" : "http://www.securityfocus.com/bid/12546" "url": "http://www.debian.org/security/2005/dsa-681"
}, },
{ {
"name" : "1013206", "name": "12546",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://securitytracker.com/id?1013206" "url": "http://www.securityfocus.com/bid/12546"
}, },
{ {
"name" : "14300", "name": "1013206",
"refsource" : "SECUNIA", "refsource": "SECTRACK",
"url" : "http://secunia.com/advisories/14300" "url": "http://securitytracker.com/id?1013206"
} }
] ]
} }

128
2005/0xxx/CVE-2005-0202.json
View File

@ -1,116 +1,116 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0202", "ID": "CVE-2005-0202",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via \".../....///\" sequences, which are not properly cleansed by regular expressions that are intended to remove \"../\" and \"./\" sequences." "value": "Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via \".../....///\" sequences, which are not properly cleansed by regular expressions that are intended to remove \"../\" and \"./\" sequences."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050209 Administrivia: List Compromised due to Mailman Vulnerability", "name": "RHSA-2005:137",
"refsource" : "FULLDISC", "refsource": "REDHAT",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031562.html" "url": "http://www.redhat.com/support/errata/RHSA-2005-137.html"
}, },
{ {
"name" : "APPLE-SA-2005-03-21", "name": "1013145",
"refsource" : "APPLE", "refsource": "SECTRACK",
"url" : "http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html" "url": "http://securitytracker.com/id?1013145"
}, },
{ {
"name" : "DSA-674", "name": "oval:org.mitre.oval:def:10657",
"refsource" : "DEBIAN", "refsource": "OVAL",
"url" : "http://www.debian.org/security/2005/dsa-674" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10657"
}, },
{ {
"name" : "GLSA-200502-11", "name": "MDKSA-2005:037",
"refsource" : "GENTOO", "refsource": "MANDRAKE",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200502-11.xml" "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:037"
}, },
{ {
"name" : "MDKSA-2005:037", "name": "GLSA-200502-11",
"refsource" : "MANDRAKE", "refsource": "GENTOO",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:037" "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-11.xml"
}, },
{ {
"name" : "RHSA-2005:136", "name": "20050209 Administrivia: List Compromised due to Mailman Vulnerability",
"refsource" : "REDHAT", "refsource": "FULLDISC",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-136.html" "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031562.html"
}, },
{ {
"name" : "RHSA-2005:137", "name": "20050209 [USN-78-1] Mailman vulnerability",
"refsource" : "REDHAT", "refsource": "BUGTRAQ",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-137.html" "url": "http://marc.info/?l=bugtraq&m=110805795122386&w=2"
}, },
{ {
"name" : "20050209 [USN-78-1] Mailman vulnerability", "name": "SUSE-SA:2005:007",
"refsource" : "BUGTRAQ", "refsource": "SUSE",
"url" : "http://marc.info/?l=bugtraq&m=110805795122386&w=2" "url": "http://www.novell.com/linux/security/advisories/2005_07_mailman.html"
}, },
{ {
"name" : "SUSE-SA:2005:007", "name": "RHSA-2005:136",
"refsource" : "SUSE", "refsource": "REDHAT",
"url" : "http://www.novell.com/linux/security/advisories/2005_07_mailman.html" "url": "http://www.redhat.com/support/errata/RHSA-2005-136.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:10657", "name": "DSA-674",
"refsource" : "OVAL", "refsource": "DEBIAN",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10657" "url": "http://www.debian.org/security/2005/dsa-674"
}, },
{ {
"name" : "1013145", "name": "14211",
"refsource" : "SECTRACK", "refsource": "SECUNIA",
"url" : "http://securitytracker.com/id?1013145" "url": "http://secunia.com/advisories/14211"
}, },
{ {
"name" : "14211", "name": "APPLE-SA-2005-03-21",
"refsource" : "SECUNIA", "refsource": "APPLE",
"url" : "http://secunia.com/advisories/14211" "url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html"
} }
] ]
} }

86
2005/0xxx/CVE-2005-0285.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0285", "ID": "CVE-2005-0285",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Webseries Payment Application does not properly restrict privileged operations, which allows remote authenticated users to gain privileges by directly accessing certain URLs." "value": "Webseries Payment Application does not properly restrict privileged operations, which allows remote authenticated users to gain privileges by directly accessing certain URLs."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050110 Portcullis Security Advisory 05-001", "name": "1012854",
"refsource" : "BUGTRAQ", "refsource": "SECTRACK",
"url" : "http://marc.info/?l=bugtraq&m=110547396124885&w=2" "url": "http://securitytracker.com/id?1012854"
}, },
{ {
"name" : "12216", "name": "20050110 Portcullis Security Advisory 05-001",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/12216" "url": "http://marc.info/?l=bugtraq&m=110547396124885&w=2"
}, },
{ {
"name" : "1012854", "name": "12216",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://securitytracker.com/id?1012854" "url": "http://www.securityfocus.com/bid/12216"
}, },
{ {
"name" : "13821", "name": "webseries-pa-url-security-bypass(18848)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/13821" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18848"
}, },
{ {
"name" : "webseries-pa-url-security-bypass(18848)", "name": "13821",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18848" "url": "http://secunia.com/advisories/13821"
} }
] ]
} }

62
2005/0xxx/CVE-2005-0418.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0418", "ID": "CVE-2005-0418",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. NOTE: it is highly likely that this item will be MERGED with CVE-2005-0836." "value": "Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. NOTE: it is highly likely that this item will be MERGED with CVE-2005-0836."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "APPLE-SA-2005-03-24", "name": "APPLE-SA-2005-03-24",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2005/Mar/msg00001.html" "url": "http://lists.apple.com/archives/security-announce/2005/Mar/msg00001.html"
} }
] ]
} }

74
2005/0xxx/CVE-2005-0481.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-0481", "ID": "CVE-2005-0481",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "TrackerCam 5.12 and earlier allows remote attackers to read log files via the fn parameter in a direct request to the ComGetLogFile.php3 script." "value": "TrackerCam 5.12 and earlier allows remote attackers to read log files via the fn parameter in a direct request to the ComGetLogFile.php3 script."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050218 Multiple vulnerabilities in TrackerCam 5.12", "name": "20050218 Multiple vulnerabilities in TrackerCam 5.12",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/390918" "url": "http://www.securityfocus.com/archive/1/390918"
}, },
{ {
"name" : "12592", "name": "12592",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/12592" "url": "http://www.securityfocus.com/bid/12592"
}, },
{ {
"name" : "trackercam-fn-path-disclosure(19415)", "name": "trackercam-fn-path-disclosure(19415)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/19415" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19415"
} }
] ]
} }

80
2005/1xxx/CVE-2005-1365.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1365", "ID": "CVE-2005-1365",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Pico Server (pServ) 3.2 and earlier allows remote attackers to execute arbitrary commands via a URL with multiple leading \"/\" (slash) characters and \"..\" sequences." "value": "Pico Server (pServ) 3.2 and earlier allows remote attackers to execute arbitrary commands via a URL with multiple leading \"/\" (slash) characters and \"..\" sequences."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050516 Advisory: Pico Server (pServ) Remote Command Injection", "name": "20050516 Advisory: Pico Server (pServ) Remote Command Injection",
"refsource" : "FULLDISC", "refsource": "FULLDISC",
"url" : "http://marc.info/?l=full-disclosure&m=111625635716712&w=2" "url": "http://marc.info/?l=full-disclosure&m=111625635716712&w=2"
}, },
{ {
"name" : "http://www.redteam-pentesting.de/advisories/rt-sa-2005-010.txt", "name": "http://www.redteam-pentesting.de/advisories/rt-sa-2005-010.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.redteam-pentesting.de/advisories/rt-sa-2005-010.txt" "url": "http://www.redteam-pentesting.de/advisories/rt-sa-2005-010.txt"
}, },
{ {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=327708", "name": "13642",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=327708" "url": "http://www.securityfocus.com/bid/13642"
}, },
{ {
"name" : "13642", "name": "http://sourceforge.net/project/shownotes.php?release_id=327708",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/13642" "url": "http://sourceforge.net/project/shownotes.php?release_id=327708"
} }
] ]
} }

92
2005/2xxx/CVE-2005-2950.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2950", "ID": "CVE-2005-2950",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Sawmill 7.0.0 through 7.1.13 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP GET request." "value": "Cross-site scripting (XSS) vulnerability in Sawmill 7.0.0 through 7.1.13 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP GET request."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050912 Sawmill XSS vuln", "name": "http://www.sawmill.net/version_history.html",
"refsource" : "BUGTRAQ", "refsource": "CONFIRM",
"url" : "http://marc.info/?l=bugtraq&m=112654659400488&w=2" "url": "http://www.sawmill.net/version_history.html"
}, },
{ {
"name" : "http://www.nta-monitor.com/news/xss/sawmill/index.htm", "name": "http://www.nta-monitor.com/news/xss/sawmill/index.htm",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.nta-monitor.com/news/xss/sawmill/index.htm" "url": "http://www.nta-monitor.com/news/xss/sawmill/index.htm"
}, },
{ {
"name" : "http://www.sawmill.net/version_history.html", "name": "16744",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.sawmill.net/version_history.html" "url": "http://secunia.com/advisories/16744/"
}, },
{ {
"name" : "16744", "name": "sawmill-unknown-xss(22206)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/16744/" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22206"
}, },
{ {
"name" : "1", "name": "20050912 Sawmill XSS vuln",
"refsource" : "SREASON", "refsource": "BUGTRAQ",
"url" : "http://securityreason.com/securityalert/1" "url": "http://marc.info/?l=bugtraq&m=112654659400488&w=2"
}, },
{ {
"name" : "sawmill-unknown-xss(22206)", "name": "1",
"refsource" : "XF", "refsource": "SREASON",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22206" "url": "http://securityreason.com/securityalert/1"
} }
] ]
} }

98
2005/3xxx/CVE-2005-3521.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3521", "ID": "CVE-2005-3521",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in resetcore.php in e107 0.617 through 0.6173 allows remote attackers to execute arbitrary SQL commands, bypass authentication, and inject HTML or script via the (1) a_name parameter or (2) user field of the login page." "value": "SQL injection vulnerability in resetcore.php in e107 0.617 through 0.6173 allows remote attackers to execute arbitrary SQL commands, bypass authentication, and inject HTML or script via the (1) a_name parameter or (2) user field of the login page."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20051018 e107 remote commands execution", "name": "e107-resetcore-sql-injection(22780)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://marc.info/?l=bugtraq&m=112967223222966&w=2" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22780"
}, },
{ {
"name" : "http://e107.org/news.php", "name": "1015069",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://e107.org/news.php" "url": "http://securitytracker.com/id?1015069"
}, },
{ {
"name" : "15125", "name": "20051018 e107 remote commands execution",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/15125" "url": "http://marc.info/?l=bugtraq&m=112967223222966&w=2"
}, },
{ {
"name" : "20070", "name": "20070",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/20070" "url": "http://www.osvdb.org/20070"
}, },
{ {
"name" : "1015069", "name": "17237",
"refsource" : "SECTRACK", "refsource": "SECUNIA",
"url" : "http://securitytracker.com/id?1015069" "url": "http://secunia.com/advisories/17237/"
}, },
{ {
"name" : "17237", "name": "15125",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/17237/" "url": "http://www.securityfocus.com/bid/15125"
}, },
{ {
"name" : "e107-resetcore-sql-injection(22780)", "name": "http://e107.org/news.php",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22780" "url": "http://e107.org/news.php"
} }
] ]
} }

152
2005/3xxx/CVE-2005-3893.json
View File

@ -1,136 +1,136 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3893", "ID": "CVE-2005-3893",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple SQL injection vulnerabilities in index.pl in Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) user parameter in the Login action, and remote authenticated users via the (2) TicketID and (3) ArticleID parameters of the AgentTicketPlain action." "value": "Multiple SQL injection vulnerabilities in index.pl in Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) user parameter in the Login action, and remote authenticated users via the (2) TicketID and (3) ArticleID parameters of the AgentTicketPlain action."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20051122 OTRS 1.x/2.x Multiple Security Issues", "name": "21065",
"refsource" : "BUGTRAQ", "refsource": "OSVDB",
"url" : "http://marc.info/?l=bugtraq&m=113272360804853&w=2" "url": "http://www.osvdb.org/21065"
}, },
{ {
"name" : "20051122 OTRS 1.x/2.x Multiple Security Issues", "name": "18887",
"refsource" : "FULLDISC", "refsource": "SECUNIA",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/039001.html" "url": "http://secunia.com/advisories/18887"
}, },
{ {
"name" : "http://moritz-naumann.com/adv/0007/otrsmulti/0007.txt", "name": "20051122 OTRS 1.x/2.x Multiple Security Issues",
"refsource" : "MISC", "refsource": "FULLDISC",
"url" : "http://moritz-naumann.com/adv/0007/otrsmulti/0007.txt" "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/039001.html"
}, },
{ {
"name" : "http://otrs.org/advisory/OSA-2005-01-en/", "name": "http://moritz-naumann.com/adv/0007/otrsmulti/0007.txt",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://otrs.org/advisory/OSA-2005-01-en/" "url": "http://moritz-naumann.com/adv/0007/otrsmulti/0007.txt"
}, },
{ {
"name" : "DSA-973", "name": "http://otrs.org/advisory/OSA-2005-01-en/",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "http://www.debian.org/security/2006/dsa-973" "url": "http://otrs.org/advisory/OSA-2005-01-en/"
}, },
{ {
"name" : "SUSE-SR:2005:030", "name": "20051122 OTRS 1.x/2.x Multiple Security Issues",
"refsource" : "SUSE", "refsource": "BUGTRAQ",
"url" : "http://www.novell.com/linux/security/advisories/2005_30_sr.html" "url": "http://marc.info/?l=bugtraq&m=113272360804853&w=2"
}, },
{ {
"name" : "15537", "name": "ADV-2005-2535",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/15537/" "url": "http://www.vupen.com/english/advisories/2005/2535"
}, },
{ {
"name" : "ADV-2005-2535", "name": "DSA-973",
"refsource" : "VUPEN", "refsource": "DEBIAN",
"url" : "http://www.vupen.com/english/advisories/2005/2535" "url": "http://www.debian.org/security/2006/dsa-973"
}, },
{ {
"name" : "21064", "name": "18101",
"refsource" : "OSVDB", "refsource": "SECUNIA",
"url" : "http://www.osvdb.org/21064" "url": "http://secunia.com/advisories/18101"
}, },
{ {
"name" : "21065", "name": "21064",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/21065" "url": "http://www.osvdb.org/21064"
}, },
{ {
"name" : "1015262", "name": "otrs-login-sql-injection(23352)",
"refsource" : "SECTRACK", "refsource": "XF",
"url" : "http://securitytracker.com/id?1015262" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23352"
}, },
{ {
"name" : "17685", "name": "SUSE-SR:2005:030",
"refsource" : "SECUNIA", "refsource": "SUSE",
"url" : "http://secunia.com/advisories/17685/" "url": "http://www.novell.com/linux/security/advisories/2005_30_sr.html"
}, },
{ {
"name" : "18101", "name": "otrs-agentticketplain-sql-injection(23354)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/18101" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23354"
}, },
{ {
"name" : "18887", "name": "1015262",
"refsource" : "SECUNIA", "refsource": "SECTRACK",
"url" : "http://secunia.com/advisories/18887" "url": "http://securitytracker.com/id?1015262"
}, },
{ {
"name" : "otrs-agentticketplain-sql-injection(23354)", "name": "17685",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23354" "url": "http://secunia.com/advisories/17685/"
}, },
{ {
"name" : "otrs-login-sql-injection(23352)", "name": "15537",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23352" "url": "http://www.securityfocus.com/bid/15537/"
} }
] ]
} }

86
2005/4xxx/CVE-2005-4160.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4160", "ID": "CVE-2005-4160",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in getdox.php in Torrential 1.2 allows remote attackers to read arbitrary files via \"../\" sequences in the query string argument." "value": "Directory traversal vulnerability in getdox.php in Torrential 1.2 allows remote attackers to read arbitrary files via \"../\" sequences in the query string argument."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20051209 Torrential 1.2 Directory Traversal", "name": "15530",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/archive/1/419103/100/0/threaded" "url": "http://www.securityfocus.com/bid/15530"
}, },
{ {
"name" : "15530", "name": "21305",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/15530" "url": "http://www.osvdb.org/21305"
}, },
{ {
"name" : "21305", "name": "1015338",
"refsource" : "OSVDB", "refsource": "SECTRACK",
"url" : "http://www.osvdb.org/21305" "url": "http://securitytracker.com/id?1015338"
}, },
{ {
"name" : "1015338", "name": "torrential-getdox-directory-traversal(23219)",
"refsource" : "SECTRACK", "refsource": "XF",
"url" : "http://securitytracker.com/id?1015338" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23219"
}, },
{ {
"name" : "torrential-getdox-directory-traversal(23219)", "name": "20051209 Torrential 1.2 Directory Traversal",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23219" "url": "http://www.securityfocus.com/archive/1/419103/100/0/threaded"
} }
] ]
} }

86
2005/4xxx/CVE-2005-4449.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4449", "ID": "CVE-2005-4449",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "verify.php in FlatNuke 2.5.6 allows remote authenticated administrators to modify arbitrary PHP files by setting the file parameter to an arbitrary file and injecting the code into the body parameter. NOTE: if a FlatNuke administrator is normally assumed to be able to modify arbitrary content, then this issue does not cross privilege boundaries and would not be a vulnerability." "value": "verify.php in FlatNuke 2.5.6 allows remote authenticated administrators to modify arbitrary PHP files by setting the file parameter to an arbitrary file and injecting the code into the body parameter. NOTE: if a FlatNuke administrator is normally assumed to be able to modify arbitrary content, then this issue does not cross privilege boundaries and would not be a vulnerability."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit", "name": "flatnuke-multiple-obtain-information(22159)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/419107" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22159"
}, },
{ {
"name" : "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78&view=markup", "name": "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78&view=markup",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78&view=markup" "url": "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78&view=markup"
}, },
{ {
"name" : "1015339", "name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit",
"refsource" : "SECTRACK", "refsource": "BUGTRAQ",
"url" : "http://securitytracker.com/id?1015339" "url": "http://www.securityfocus.com/archive/1/419107"
}, },
{ {
"name" : "248", "name": "1015339",
"refsource" : "SREASON", "refsource": "SECTRACK",
"url" : "http://securityreason.com/securityalert/248" "url": "http://securitytracker.com/id?1015339"
}, },
{ {
"name" : "flatnuke-multiple-obtain-information(22159)", "name": "248",
"refsource" : "XF", "refsource": "SREASON",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22159" "url": "http://securityreason.com/securityalert/248"
} }
] ]
} }

86
2005/4xxx/CVE-2005-4517.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4517", "ID": "CVE-2005-4517",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in PHP-Fusion 6.00.200 through 6.00.300 allows remote attackers to execute arbitrary SQL commands via the ratings parameter in multiple scripts, such as ratings_include.php." "value": "SQL injection vulnerability in PHP-Fusion 6.00.200 through 6.00.300 allows remote attackers to execute arbitrary SQL commands via the ratings parameter in multiple scripts, such as ratings_include.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20051222 XSS&Sql injection attack in PHP-Fusion 6.00.3 Released", "name": "ADV-2005-3063",
"refsource" : "BUGTRAQ", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/archive/1/420109/100/0/threaded" "url": "http://www.vupen.com/english/advisories/2005/3063"
}, },
{ {
"name" : "ADV-2005-3063", "name": "22049",
"refsource" : "VUPEN", "refsource": "OSVDB",
"url" : "http://www.vupen.com/english/advisories/2005/3063" "url": "http://www.osvdb.org/22049"
}, },
{ {
"name" : "22049", "name": "272",
"refsource" : "OSVDB", "refsource": "SREASON",
"url" : "http://www.osvdb.org/22049" "url": "http://securityreason.com/securityalert/272"
}, },
{ {
"name" : "18190", "name": "18190",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/18190/" "url": "http://secunia.com/advisories/18190/"
}, },
{ {
"name" : "272", "name": "20051222 XSS&Sql injection attack in PHP-Fusion 6.00.3 Released",
"refsource" : "SREASON", "refsource": "BUGTRAQ",
"url" : "http://securityreason.com/securityalert/272" "url": "http://www.securityfocus.com/archive/1/420109/100/0/threaded"
} }
] ]
} }

68
2005/4xxx/CVE-2005-4888.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-4888", "ID": "CVE-2005-4888",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed." "value": "NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1", "name": "http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1" "url": "http://www.novell.com/support/viewContent.do?externalId=3238588&sliceId=1"
}, },
{ {
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=97819", "name": "https://bugzilla.novell.com/show_bug.cgi?id=97819",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=97819" "url": "https://bugzilla.novell.com/show_bug.cgi?id=97819"
} }
] ]
} }

86
2009/0xxx/CVE-2009-0271.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0271", "ID": "CVE-2009-0271",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in the TFTP service in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors." "value": "Directory traversal vulnerability in the TFTP service in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.fujitsu.com/global/services/computing/server/primequest/products/os/windows-server-2008-2.html", "name": "33344",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.fujitsu.com/global/services/computing/server/primequest/products/os/windows-server-2008-2.html" "url": "http://www.securityfocus.com/bid/33344"
}, },
{ {
"name" : "33344", "name": "51487",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/33344" "url": "http://osvdb.org/51487"
}, },
{ {
"name" : "ADV-2009-0176", "name": "ADV-2009-0176",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/0176" "url": "http://www.vupen.com/english/advisories/2009/0176"
}, },
{ {
"name" : "51487", "name": "http://www.fujitsu.com/global/services/computing/server/primequest/products/os/windows-server-2008-2.html",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://osvdb.org/51487" "url": "http://www.fujitsu.com/global/services/computing/server/primequest/products/os/windows-server-2008-2.html"
}, },
{ {
"name" : "33594", "name": "33594",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/33594" "url": "http://secunia.com/advisories/33594"
} }
] ]
} }

80
2009/0xxx/CVE-2009-0330.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0330", "ID": "CVE-2009-0330",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in index.php in Simple Content Management System (SCMS) 1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter." "value": "Directory traversal vulnerability in index.php in Simple Content Management System (SCMS) 1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "7818", "name": "33608",
"refsource" : "EXPLOIT-DB", "refsource": "SECUNIA",
"url" : "https://www.exploit-db.com/exploits/7818" "url": "http://secunia.com/advisories/33608"
}, },
{ {
"name" : "33330", "name": "scms-index-file-include(48081)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/33330" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48081"
}, },
{ {
"name" : "33608", "name": "33330",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/33608" "url": "http://www.securityfocus.com/bid/33330"
}, },
{ {
"name" : "scms-index-file-include(48081)", "name": "7818",
"refsource" : "XF", "refsource": "EXPLOIT-DB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48081" "url": "https://www.exploit-db.com/exploits/7818"
} }
] ]
} }

74
2009/0xxx/CVE-2009-0616.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2009-0616", "ID": "CVE-2009-0616",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cisco Application Networking Manager (ANM) before 2.0 uses default usernames and passwords, which makes it easier for remote attackers to access the application, or cause a denial of service via configuration changes, related to \"default user credentials during installation.\"" "value": "Cisco Application Networking Manager (ANM) before 2.0 uses default usernames and passwords, which makes it easier for remote attackers to access the application, or cause a denial of service via configuration changes, related to \"default user credentials during installation.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20090225 Cisco ACE Application Control Engine Device Manager and Application Networking Manager Vulnerabilities", "name": "33903",
"refsource" : "CISCO", "refsource": "BID",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc84.shtml" "url": "http://www.securityfocus.com/bid/33903"
}, },
{ {
"name" : "33903", "name": "1021771",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/33903" "url": "http://www.securitytracker.com/id?1021771"
}, },
{ {
"name" : "1021771", "name": "20090225 Cisco ACE Application Control Engine Device Manager and Application Networking Manager Vulnerabilities",
"refsource" : "SECTRACK", "refsource": "CISCO",
"url" : "http://www.securitytracker.com/id?1021771" "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc84.shtml"
} }
] ]
} }

80
2009/0xxx/CVE-2009-0741.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-0741", "ID": "CVE-2009-0741",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in Login.asp in Craft Silicon Banking@Home 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the LoginName parameter." "value": "SQL injection vulnerability in Login.asp in Craft Silicon Banking@Home 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the LoginName parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20090210 Craft Silicon Banking@Home SQL Injection", "name": "20090210 Craft Silicon Banking@Home SQL Injection",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/500824/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/500824/100/0/threaded"
}, },
{ {
"name" : "20090210 Craft Silicon Banking at Home SQL Injection", "name": "20090210 Craft Silicon Banking at Home SQL Injection",
"refsource" : "FULLDISC", "refsource": "FULLDISC",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2009-February/067879.html" "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2009-February/067879.html"
}, },
{ {
"name" : "33721", "name": "33721",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/33721" "url": "http://www.securityfocus.com/bid/33721"
}, },
{ {
"name" : "33907", "name": "33907",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/33907" "url": "http://secunia.com/advisories/33907"
} }
] ]
} }

68
2009/2xxx/CVE-2009-2215.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2215", "ID": "CVE-2009-2215",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in URD before 0.6.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to the fatal_error page and unspecified other components." "value": "Multiple cross-site scripting (XSS) vulnerabilities in URD before 0.6.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to the fatal_error page and unspecified other components."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=692011", "name": "35540",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=692011" "url": "http://secunia.com/advisories/35540"
}, },
{ {
"name" : "35540", "name": "http://sourceforge.net/project/shownotes.php?release_id=692011",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/35540" "url": "http://sourceforge.net/project/shownotes.php?release_id=692011"
} }
] ]
} }

110
2009/2xxx/CVE-2009-2911.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2009-2911", "ID": "CVE-2009-2911",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, (2) cause a denial of service via crafted DWARF expressions that trigger a kernel stack frame overflow, or (3) cause a denial of service (infinite loop) via vectors that trigger creation of large unwind tables, related to Common Information Entry (CIE) and Call Frame Instruction (CFI) records." "value": "SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, (2) cause a denial of service via crafted DWARF expressions that trigger a kernel stack frame overflow, or (3) cause a denial of service (infinite loop) via vectors that trigger creation of large unwind tables, related to Common Information Entry (CIE) and Call Frame Instruction (CFI) records."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20091021 CVE assignment notification -- CVE-2009-2911 - Three SystemTap-1.0 DoS issues", "name": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10750",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2009/10/21/1" "url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10750"
}, },
{ {
"name" : "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41633", "name": "FEDORA-2009-10849",
"refsource" : "MISC", "refsource": "FEDORA",
"url" : "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41633" "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00793.html"
}, },
{ {
"name" : "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10750", "name": "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41633",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10750" "url": "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41633"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=529175", "name": "[oss-security] 20091021 CVE assignment notification -- CVE-2009-2911 - Three SystemTap-1.0 DoS issues",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=529175" "url": "http://www.openwall.com/lists/oss-security/2009/10/21/1"
}, },
{ {
"name" : "FEDORA-2009-10719", "name": "FEDORA-2009-10719",
"refsource" : "FEDORA", "refsource": "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00627.html" "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00627.html"
}, },
{ {
"name" : "FEDORA-2009-10849", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=529175",
"refsource" : "FEDORA", "refsource": "CONFIRM",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00793.html" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=529175"
}, },
{ {
"name" : "36778", "name": "37167",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/36778" "url": "http://secunia.com/advisories/37167"
}, },
{ {
"name" : "37167", "name": "36778",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/37167" "url": "http://www.securityfocus.com/bid/36778"
}, },
{ {
"name" : "ADV-2009-2989", "name": "ADV-2009-2989",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/2989" "url": "http://www.vupen.com/english/advisories/2009/2989"
} }
] ]
} }

98
2009/3xxx/CVE-2009-3033.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3033", "ID": "CVE-2009-3033",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in the RunCmd method in the Altiris eXpress NS Console Utilities ActiveX control in AeXNSConsoleUtilities.dll in the web console in Symantec Altiris Deployment Solution 6.9.x, Altiris Notification Server 6.0.x, and Management Platform 7.0.x allows remote attackers to execute arbitrary code via a long string in the second argument." "value": "Buffer overflow in the RunCmd method in the Altiris eXpress NS Console Utilities ActiveX control in AeXNSConsoleUtilities.dll in the web console in Symantec Altiris Deployment Solution 6.9.x, Altiris Notification Server 6.0.x, and Management Platform 7.0.x allows remote attackers to execute arbitrary code via a long string in the second argument."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20091124_00", "name": "37092",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20091124_00" "url": "http://www.securityfocus.com/bid/37092"
}, },
{ {
"name" : "https://kb.altiris.com/article.asp?article=50072&p=1", "name": "ADV-2009-3328",
"refsource" : "CONFIRM", "refsource": "VUPEN",
"url" : "https://kb.altiris.com/article.asp?article=50072&p=1" "url": "http://www.vupen.com/english/advisories/2009/3328"
}, },
{ {
"name" : "https://kb.altiris.com/article.asp?article=50279&p=1", "name": "symantec-console-utilities-bo(54415)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "https://kb.altiris.com/article.asp?article=50279&p=1" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54415"
}, },
{ {
"name" : "37092", "name": "https://kb.altiris.com/article.asp?article=50072&p=1",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/37092" "url": "https://kb.altiris.com/article.asp?article=50072&p=1"
}, },
{ {
"name" : "60496", "name": "https://kb.altiris.com/article.asp?article=50279&p=1",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://osvdb.org/60496" "url": "https://kb.altiris.com/article.asp?article=50279&p=1"
}, },
{ {
"name" : "ADV-2009-3328", "name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20091124_00",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2009/3328" "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20091124_00"
}, },
{ {
"name" : "symantec-console-utilities-bo(54415)", "name": "60496",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54415" "url": "http://osvdb.org/60496"
} }
] ]
} }

86
2009/3xxx/CVE-2009-3214.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3214", "ID": "CVE-2009-3214",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple stack-based buffer overflows in Photodex ProShow Gold 4.0.2549 allow remote attackers to execute arbitrary code via a crafted Slideshow project (.psh) file, related to the (1) cell[n].images[m].image and (2) cell[n].sound.file fields." "value": "Multiple stack-based buffer overflows in Photodex ProShow Gold 4.0.2549 allow remote attackers to execute arbitrary code via a crafted Slideshow project (.psh) file, related to the (1) cell[n].images[m].image and (2) cell[n].sound.file fields."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20090820 [Bkis-11-2009] ProShow Gold Buffer Overflow Vulnerabilities", "name": "20090820 [Bkis-11-2009] ProShow Gold Buffer Overflow Vulnerabilities",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/505957/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/505957/100/0/threaded"
}, },
{ {
"name" : "http://blog.bkis.com/?p=737", "name": "proshow-psh-bo(52606)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://blog.bkis.com/?p=737" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52606"
}, },
{ {
"name" : "57226", "name": "http://blog.bkis.com/?p=737",
"refsource" : "OSVDB", "refsource": "MISC",
"url" : "http://osvdb.org/57226" "url": "http://blog.bkis.com/?p=737"
}, },
{ {
"name" : "36357", "name": "36357",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/36357" "url": "http://secunia.com/advisories/36357"
}, },
{ {
"name" : "proshow-psh-bo(52606)", "name": "57226",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/52606" "url": "http://osvdb.org/57226"
} }
] ]
} }

482
2009/3xxx/CVE-2009-3720.json
View File

@ -1,411 +1,411 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2009-3720", "ID": "CVE-2009-3720",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625." "value": "The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[expat-bugs] 20090117 [ expat-Bugs-1990430 ] Parser crash with specially formatted UTF-8 sequences", "name": "SSA:2011-041-02",
"refsource" : "MLIST", "refsource": "SLACKWARE",
"url" : "http://mail.python.org/pipermail/expat-bugs/2009-January/002781.html" "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.486026"
}, },
{ {
"name" : "[oss-security] 20090821 expat bug 1990430", "name": "http://svn.python.org/view?view=rev&revision=74429",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2009/08/21/2" "url": "http://svn.python.org/view?view=rev&revision=74429"
}, },
{ {
"name" : "[oss-security] 20090826 Re: Re: expat bug 1990430", "name": "MDVSA-2009:215",
"refsource" : "MLIST", "refsource": "MANDRIVA",
"url" : "http://www.openwall.com/lists/oss-security/2009/08/26/4" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:215"
}, },
{ {
"name" : "[oss-security] 20090826 Re: expat bug 1990430", "name": "FEDORA-2010-17807",
"refsource" : "MLIST", "refsource": "FEDORA",
"url" : "http://www.openwall.com/lists/oss-security/2009/08/26/3" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051442.html"
}, },
{ {
"name" : "[oss-security] 20090827 Re: Re: expat bug 1990430", "name": "FEDORA-2009-12753",
"refsource" : "MLIST", "refsource": "FEDORA",
"url" : "http://www.openwall.com/lists/oss-security/2009/08/27/6" "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01274.html"
}, },
{ {
"name" : "[oss-security] 20090906 Re: Re: expat bug 1990430", "name": "FEDORA-2009-12690",
"refsource" : "MLIST", "refsource": "FEDORA",
"url" : "http://www.openwall.com/lists/oss-security/2009/09/06/1" "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00370.html"
}, },
{ {
"name" : "[oss-security] 20091022 Re: Re: Regarding expat bug 1990430", "name": "38832",
"refsource" : "MLIST", "refsource": "SECUNIA",
"url" : "http://www.openwall.com/lists/oss-security/2009/10/23/2" "url": "http://secunia.com/advisories/38832"
}, },
{ {
"name" : "[oss-security] 20091022 Re: Regarding expat bug 1990430", "name": "RHSA-2010:0002",
"refsource" : "MLIST", "refsource": "REDHAT",
"url" : "http://www.openwall.com/lists/oss-security/2009/10/22/9" "url": "http://www.redhat.com/support/errata/RHSA-2010-0002.html"
}, },
{ {
"name" : "[oss-security] 20091022 Regarding expat bug 1990430", "name": "MDVSA-2009:216",
"refsource" : "MLIST", "refsource": "MANDRIVA",
"url" : "http://www.openwall.com/lists/oss-security/2009/10/22/5" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:216"
}, },
{ {
"name" : "[oss-security] 20091023 Re: CVE Request -- expat [was: Re: Regarding expat bug 1990430]", "name": "USN-890-1",
"refsource" : "MLIST", "refsource": "UBUNTU",
"url" : "http://www.openwall.com/lists/oss-security/2009/10/23/6" "url": "http://www.ubuntu.com/usn/USN-890-1"
}, },
{ {
"name" : "[oss-security] 20091026 Re: CVE Request -- expat [was: Re: Regarding expat bug 1990430]", "name": "http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.13&r2=1.15&view=patch",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2009/10/26/3" "url": "http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.13&r2=1.15&view=patch"
}, },
{ {
"name" : "[oss-security] 20091028 Re: CVE Request -- expat [was: Re: Regarding expat bug 1990430]", "name": "http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?view=log",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2009/10/28/3" "url": "http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?view=log"
}, },
{ {
"name" : "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates", "name": "SUSE-SR:2009:018",
"refsource" : "MLIST", "refsource": "SUSE",
"url" : "http://lists.vmware.com/pipermail/security-announce/2010/000082.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"
}, },
{ {
"name" : "http://sourceforge.net/tracker/index.php?func=detail&aid=1990430&group_id=10127&atid=110127", "name": "[oss-security] 20091022 Re: Regarding expat bug 1990430",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "http://sourceforge.net/tracker/index.php?func=detail&aid=1990430&group_id=10127&atid=110127" "url": "http://www.openwall.com/lists/oss-security/2009/10/22/9"
}, },
{ {
"name" : "http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.13&r2=1.15&view=patch", "name": "MDVSA-2009:220",
"refsource" : "CONFIRM", "refsource": "MANDRIVA",
"url" : "http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.13&r2=1.15&view=patch" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:220"
}, },
{ {
"name" : "http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?view=log", "name": "[expat-bugs] 20090117 [ expat-Bugs-1990430 ] Parser crash with specially formatted UTF-8 sequences",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?view=log" "url": "http://mail.python.org/pipermail/expat-bugs/2009-January/002781.html"
}, },
{ {
"name" : "http://svn.python.org/view?view=rev&revision=74429", "name": "38794",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://svn.python.org/view?view=rev&revision=74429" "url": "http://secunia.com/advisories/38794"
}, },
{ {
"name" : "https://bugs.gentoo.org/show_bug.cgi?id=280615", "name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://bugs.gentoo.org/show_bug.cgi?id=280615" "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=531697", "name": "oval:org.mitre.oval:def:11019",
"refsource" : "CONFIRM", "refsource": "OVAL",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=531697" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11019"
}, },
{ {
"name" : "FEDORA-2009-12690", "name": "ADV-2010-1107",
"refsource" : "FEDORA", "refsource": "VUPEN",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00370.html" "url": "http://www.vupen.com/english/advisories/2010/1107"
}, },
{ {
"name" : "FEDORA-2009-12737", "name": "MDVSA-2009:211",
"refsource" : "FEDORA", "refsource": "MANDRIVA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00413.html" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:211"
}, },
{ {
"name" : "FEDORA-2009-12753", "name": "[oss-security] 20090826 Re: Re: expat bug 1990430",
"refsource" : "FEDORA", "refsource": "MLIST",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01274.html" "url": "http://www.openwall.com/lists/oss-security/2009/08/26/4"
}, },
{ {
"name" : "FEDORA-2010-17720", "name": "41701",
"refsource" : "FEDORA", "refsource": "SECUNIA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051367.html" "url": "http://secunia.com/advisories/41701"
}, },
{ {
"name" : "FEDORA-2010-17732", "name": "SUSE-SR:2010:011",
"refsource" : "FEDORA", "refsource": "SUSE",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051247.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
}, },
{ {
"name" : "FEDORA-2010-17762", "name": "[oss-security] 20090821 expat bug 1990430",
"refsource" : "FEDORA", "refsource": "MLIST",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051228.html" "url": "http://www.openwall.com/lists/oss-security/2009/08/21/2"
}, },
{ {
"name" : "FEDORA-2010-17807", "name": "37925",
"refsource" : "FEDORA", "refsource": "SECUNIA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051442.html" "url": "http://secunia.com/advisories/37925"
}, },
{ {
"name" : "FEDORA-2010-17819", "name": "38050",
"refsource" : "FEDORA", "refsource": "SECUNIA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051405.html" "url": "http://secunia.com/advisories/38050"
}, },
{ {
"name" : "HPSBUX02645", "name": "1023160",
"refsource" : "HP", "refsource": "SECTRACK",
"url" : "http://marc.info/?l=bugtraq&m=130168502603566&w=2" "url": "http://www.securitytracker.com/id?1023160"
}, },
{ {
"name" : "MDVSA-2009:211", "name": "SUSE-SR:2010:013",
"refsource" : "MANDRIVA", "refsource": "SUSE",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:211" "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
}, },
{ {
"name" : "MDVSA-2009:212", "name": "oval:org.mitre.oval:def:7112",
"refsource" : "MANDRIVA", "refsource": "OVAL",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:212" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7112"
}, },
{ {
"name" : "MDVSA-2009:215", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=531697",
"refsource" : "MANDRIVA", "refsource": "CONFIRM",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:215" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=531697"
}, },
{ {
"name" : "MDVSA-2009:216", "name": "FEDORA-2010-17720",
"refsource" : "MANDRIVA", "refsource": "FEDORA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:216" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051367.html"
}, },
{ {
"name" : "MDVSA-2009:217", "name": "[oss-security] 20091022 Re: Re: Regarding expat bug 1990430",
"refsource" : "MANDRIVA", "refsource": "MLIST",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:217" "url": "http://www.openwall.com/lists/oss-security/2009/10/23/2"
}, },
{ {
"name" : "MDVSA-2009:218", "name": "USN-890-6",
"refsource" : "MANDRIVA", "refsource": "UBUNTU",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:218" "url": "http://www.ubuntu.com/usn/USN-890-6"
}, },
{ {
"name" : "MDVSA-2009:220", "name": "[oss-security] 20091026 Re: CVE Request -- expat [was: Re: Regarding expat bug 1990430]",
"refsource" : "MANDRIVA", "refsource": "MLIST",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:220" "url": "http://www.openwall.com/lists/oss-security/2009/10/26/3"
}, },
{ {
"name" : "MDVSA-2009:219", "name": "FEDORA-2010-17732",
"refsource" : "MANDRIVA", "refsource": "FEDORA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:219" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051247.html"
}, },
{ {
"name" : "RHSA-2010:0002", "name": "[oss-security] 20090826 Re: expat bug 1990430",
"refsource" : "REDHAT", "refsource": "MLIST",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0002.html" "url": "http://www.openwall.com/lists/oss-security/2009/08/26/3"
}, },
{ {
"name" : "RHSA-2011:0896", "name": "42338",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0896.html" "url": "http://secunia.com/advisories/42338"
}, },
{ {
"name" : "SSA:2011-041-02", "name": "https://bugs.gentoo.org/show_bug.cgi?id=280615",
"refsource" : "SLACKWARE", "refsource": "CONFIRM",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.486026" "url": "https://bugs.gentoo.org/show_bug.cgi?id=280615"
}, },
{ {
"name" : "273630", "name": "FEDORA-2009-12737",
"refsource" : "SUNALERT", "refsource": "FEDORA",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273630-1" "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00413.html"
}, },
{ {
"name" : "SUSE-SR:2009:018", "name": "38231",
"refsource" : "SUSE", "refsource": "SECUNIA",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html" "url": "http://secunia.com/advisories/38231"
}, },
{ {
"name" : "SUSE-SR:2010:011", "name": "ADV-2010-3053",
"refsource" : "SUSE", "refsource": "VUPEN",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html" "url": "http://www.vupen.com/english/advisories/2010/3053"
}, },
{ {
"name" : "SUSE-SR:2010:012", "name": "[oss-security] 20091028 Re: CVE Request -- expat [was: Re: Regarding expat bug 1990430]",
"refsource" : "SUSE", "refsource": "MLIST",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html" "url": "http://www.openwall.com/lists/oss-security/2009/10/28/3"
}, },
{ {
"name" : "SUSE-SR:2010:013", "name": "FEDORA-2010-17762",
"refsource" : "SUSE", "refsource": "FEDORA",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051228.html"
}, },
{ {
"name" : "SUSE-SR:2010:014", "name": "SUSE-SR:2010:012",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html"
}, },
{ {
"name" : "USN-890-1", "name": "MDVSA-2009:212",
"refsource" : "UBUNTU", "refsource": "MANDRIVA",
"url" : "http://www.ubuntu.com/usn/USN-890-1" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:212"
}, },
{ {
"name" : "USN-890-6", "name": "MDVSA-2009:218",
"refsource" : "UBUNTU", "refsource": "MANDRIVA",
"url" : "http://www.ubuntu.com/usn/USN-890-6" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:218"
}, },
{ {
"name" : "oval:org.mitre.oval:def:11019", "name": "38834",
"refsource" : "OVAL", "refsource": "SECUNIA",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11019" "url": "http://secunia.com/advisories/38834"
}, },
{ {
"name" : "oval:org.mitre.oval:def:7112", "name": "ADV-2010-3061",
"refsource" : "OVAL", "refsource": "VUPEN",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7112" "url": "http://www.vupen.com/english/advisories/2010/3061"
}, },
{ {
"name" : "oval:org.mitre.oval:def:12719", "name": "http://sourceforge.net/tracker/index.php?func=detail&aid=1990430&group_id=10127&atid=110127",
"refsource" : "OVAL", "refsource": "MISC",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12719" "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1990430&group_id=10127&atid=110127"
}, },
{ {
"name" : "1023160", "name": "39478",
"refsource" : "SECTRACK", "refsource": "SECUNIA",
"url" : "http://www.securitytracker.com/id?1023160" "url": "http://secunia.com/advisories/39478"
}, },
{ {
"name" : "37324", "name": "SUSE-SR:2010:014",
"refsource" : "SECUNIA", "refsource": "SUSE",
"url" : "http://secunia.com/advisories/37324" "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
}, },
{ {
"name" : "37537", "name": "37537",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/37537" "url": "http://secunia.com/advisories/37537"
}, },
{ {
"name" : "37925", "name": "[oss-security] 20091022 Regarding expat bug 1990430",
"refsource" : "SECUNIA", "refsource": "MLIST",
"url" : "http://secunia.com/advisories/37925" "url": "http://www.openwall.com/lists/oss-security/2009/10/22/5"
}, },
{ {
"name" : "38231", "name": "oval:org.mitre.oval:def:12719",
"refsource" : "SECUNIA", "refsource": "OVAL",
"url" : "http://secunia.com/advisories/38231" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12719"
}, },
{ {
"name" : "38794", "name": "43300",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/38794" "url": "http://secunia.com/advisories/43300"
}, },
{ {
"name" : "38832", "name": "RHSA-2011:0896",
"refsource" : "SECUNIA", "refsource": "REDHAT",
"url" : "http://secunia.com/advisories/38832" "url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html"
}, },
{ {
"name" : "38834", "name": "ADV-2010-0896",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/38834" "url": "http://www.vupen.com/english/advisories/2010/0896"
}, },
{ {
"name" : "39478", "name": "273630",
"refsource" : "SECUNIA", "refsource": "SUNALERT",
"url" : "http://secunia.com/advisories/39478" "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-273630-1"
}, },
{ {
"name" : "38050", "name": "HPSBUX02645",
"refsource" : "SECUNIA", "refsource": "HP",
"url" : "http://secunia.com/advisories/38050" "url": "http://marc.info/?l=bugtraq&m=130168502603566&w=2"
}, },
{ {
"name" : "41701", "name": "[oss-security] 20090827 Re: Re: expat bug 1990430",
"refsource" : "SECUNIA", "refsource": "MLIST",
"url" : "http://secunia.com/advisories/41701" "url": "http://www.openwall.com/lists/oss-security/2009/08/27/6"
}, },
{ {
"name" : "43300", "name": "FEDORA-2010-17819",
"refsource" : "SECUNIA", "refsource": "FEDORA",
"url" : "http://secunia.com/advisories/43300" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051405.html"
}, },
{ {
"name" : "42326", "name": "[oss-security] 20090906 Re: Re: expat bug 1990430",
"refsource" : "SECUNIA", "refsource": "MLIST",
"url" : "http://secunia.com/advisories/42326" "url": "http://www.openwall.com/lists/oss-security/2009/09/06/1"
}, },
{ {
"name" : "42338", "name": "[oss-security] 20091023 Re: CVE Request -- expat [was: Re: Regarding expat bug 1990430]",
"refsource" : "SECUNIA", "refsource": "MLIST",
"url" : "http://secunia.com/advisories/42338" "url": "http://www.openwall.com/lists/oss-security/2009/10/23/6"
}, },
{ {
"name" : "ADV-2010-0528", "name": "ADV-2011-0359",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/0528" "url": "http://www.vupen.com/english/advisories/2011/0359"
}, },
{ {
"name" : "ADV-2010-0896", "name": "MDVSA-2009:219",
"refsource" : "VUPEN", "refsource": "MANDRIVA",
"url" : "http://www.vupen.com/english/advisories/2010/0896" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:219"
}, },
{ {
"name" : "ADV-2010-1107", "name": "ADV-2010-3035",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1107" "url": "http://www.vupen.com/english/advisories/2010/3035"
}, },
{ {
"name" : "ADV-2011-0359", "name": "MDVSA-2009:217",
"refsource" : "VUPEN", "refsource": "MANDRIVA",
"url" : "http://www.vupen.com/english/advisories/2011/0359" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:217"
}, },
{ {
"name" : "ADV-2010-3035", "name": "37324",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2010/3035" "url": "http://secunia.com/advisories/37324"
}, },
{ {
"name" : "ADV-2010-3053", "name": "42326",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2010/3053" "url": "http://secunia.com/advisories/42326"
}, },
{ {
"name" : "ADV-2010-3061", "name": "ADV-2010-0528",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/3061" "url": "http://www.vupen.com/english/advisories/2010/0528"
} }
] ]
} }

110
2009/3xxx/CVE-2009-3938.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3938", "ID": "CVE-2009-3938",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file." "value": "Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://bugs.freedesktop.org/attachment.cgi?id=30599&action=edit", "name": "DSA-1941",
"refsource" : "MISC", "refsource": "DEBIAN",
"url" : "http://bugs.freedesktop.org/attachment.cgi?id=30599&action=edit" "url": "http://www.debian.org/security/2009/dsa-1941"
}, },
{ {
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680", "name": "http://bugs.freedesktop.org/attachment.cgi?id=30599&action=edit",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680" "url": "http://bugs.freedesktop.org/attachment.cgi?id=30599&action=edit"
}, },
{ {
"name" : "http://bugs.freedesktop.org/show_bug.cgi?id=23074", "name": "MDVSA-2011:175",
"refsource" : "CONFIRM", "refsource": "MANDRIVA",
"url" : "http://bugs.freedesktop.org/show_bug.cgi?id=23074" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175"
}, },
{ {
"name" : "DSA-1941", "name": "36976",
"refsource" : "DEBIAN", "refsource": "BID",
"url" : "http://www.debian.org/security/2009/dsa-1941" "url": "http://www.securityfocus.com/bid/36976"
}, },
{ {
"name" : "MDVSA-2011:175", "name": "http://bugs.freedesktop.org/show_bug.cgi?id=23074",
"refsource" : "MANDRIVA", "refsource": "CONFIRM",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175" "url": "http://bugs.freedesktop.org/show_bug.cgi?id=23074"
}, },
{ {
"name" : "36976", "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/36976" "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680"
}, },
{ {
"name" : "37333", "name": "poppler-abwoutputdev-bo(54215)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/37333" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54215"
}, },
{ {
"name" : "ADV-2009-3227", "name": "37333",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2009/3227" "url": "http://secunia.com/advisories/37333"
}, },
{ {
"name" : "poppler-abwoutputdev-bo(54215)", "name": "ADV-2009-3227",
"refsource" : "XF", "refsource": "VUPEN",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54215" "url": "http://www.vupen.com/english/advisories/2009/3227"
} }
] ]
} }

98
2009/4xxx/CVE-2009-4369.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4369", "ID": "CVE-2009-4369",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Contact module (modules/contact/contact.admin.inc or modules/contact/contact.module) in Drupal Core 5.x before 5.21 and 6.x before 6.15 allows remote authenticated users with \"administer site-wide contact form\" permissions to inject arbitrary web script or HTML via the contact category name." "value": "Cross-site scripting (XSS) vulnerability in the Contact module (modules/contact/contact.admin.inc or modules/contact/contact.module) in Drupal Core 5.x before 5.21 and 6.x before 6.15 allows remote authenticated users with \"administer site-wide contact form\" permissions to inject arbitrary web script or HTML via the contact category name."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.madirish.net/?article=441", "name": "http://drupal.org/files/sa-core-2009-009/SA-CORE-2009-009-6.14.patch",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://www.madirish.net/?article=441" "url": "http://drupal.org/files/sa-core-2009-009/SA-CORE-2009-009-6.14.patch"
}, },
{ {
"name" : "http://drupal.org/files/sa-core-2009-009/SA-CORE-2009-009-6.14.patch", "name": "http://drupal.org/node/661586",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://drupal.org/files/sa-core-2009-009/SA-CORE-2009-009-6.14.patch" "url": "http://drupal.org/node/661586"
}, },
{ {
"name" : "http://drupal.org/node/661586", "name": "37372",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://drupal.org/node/661586" "url": "http://www.securityfocus.com/bid/37372"
}, },
{ {
"name" : "37372", "name": "37824",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/37372" "url": "http://secunia.com/advisories/37824"
}, },
{ {
"name" : "37815", "name": "drupal-contact-xss(54867)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/37815" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54867"
}, },
{ {
"name" : "37824", "name": "http://www.madirish.net/?article=441",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/37824" "url": "http://www.madirish.net/?article=441"
}, },
{ {
"name" : "drupal-contact-xss(54867)", "name": "37815",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54867" "url": "http://secunia.com/advisories/37815"
} }
] ]
} }

80
2009/4xxx/CVE-2009-4436.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4436", "ID": "CVE-2009-4436",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple SQL injection vulnerabilities in Active Web Softwares eWebquiz 8 allow remote attackers to execute arbitrary SQL commands via the QuizID parameter to (1) questions.asp, (2) importquestions.asp, and (3) quiztakers.asp, different vectors than CVE-2007-1706." "value": "Multiple SQL injection vulnerabilities in Active Web Softwares eWebquiz 8 allow remote attackers to execute arbitrary SQL commands via the QuizID parameter to (1) questions.asp, (2) importquestions.asp, and (3) quiztakers.asp, different vectors than CVE-2007-1706."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "10529", "name": "37402",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "http://www.exploit-db.com/exploits/10529" "url": "http://www.securityfocus.com/bid/37402"
}, },
{ {
"name" : "37402", "name": "10529",
"refsource" : "BID", "refsource": "EXPLOIT-DB",
"url" : "http://www.securityfocus.com/bid/37402" "url": "http://www.exploit-db.com/exploits/10529"
}, },
{ {
"name" : "24653", "name": "24653",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/24653" "url": "http://secunia.com/advisories/24653"
}, },
{ {
"name" : "ewebquiz-quizid-sql-injection(54892)", "name": "ewebquiz-quizid-sql-injection(54892)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54892" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54892"
} }
] ]
} }

86
2009/4xxx/CVE-2009-4600.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4600", "ID": "CVE-2009-4600",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in realestate20/loginaction.php in NetArt Media Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the Email parameter (aka the username field). NOTE: some of these details are obtained from third party information." "value": "SQL injection vulnerability in realestate20/loginaction.php in NetArt Media Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the Email parameter (aka the username field). NOTE: some of these details are obtained from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "10361", "name": "37265",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "http://www.exploit-db.com/exploits/10361" "url": "http://www.securityfocus.com/bid/37265"
}, },
{ {
"name" : "37265", "name": "netart-realestate-username-sql-injection(54647)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/37265" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54647"
}, },
{ {
"name" : "60866", "name": "60866",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/60866" "url": "http://osvdb.org/60866"
}, },
{ {
"name" : "37633", "name": "10361",
"refsource" : "SECUNIA", "refsource": "EXPLOIT-DB",
"url" : "http://secunia.com/advisories/37633" "url": "http://www.exploit-db.com/exploits/10361"
}, },
{ {
"name" : "netart-realestate-username-sql-injection(54647)", "name": "37633",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54647" "url": "http://secunia.com/advisories/37633"
} }
] ]
} }

62
2009/4xxx/CVE-2009-4701.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4701", "ID": "CVE-2009-4701",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in the Myth download (myth_download) extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors." "value": "SQL injection vulnerability in the Myth download (myth_download) extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-010/", "name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-010/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-010/" "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-010/"
} }
] ]
} }

86
2009/4xxx/CVE-2009-4798.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4798", "ID": "CVE-2009-4798",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple SQL injection vulnerabilities in Diskos CMS 6.x allow remote attackers to execute arbitrary SQL commands via the (1) kat parameter to side.asp, and the (2) brugerid and (3) password fields to the administration login feature." "value": "Multiple SQL injection vulnerabilities in Diskos CMS 6.x allow remote attackers to execute arbitrary SQL commands via the (1) kat parameter to side.asp, and the (2) brugerid and (3) password fields to the administration login feature."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "8307", "name": "8307",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/8307" "url": "http://www.exploit-db.com/exploits/8307"
}, },
{ {
"name" : "34289", "name": "34289",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/34289" "url": "http://www.securityfocus.com/bid/34289"
}, },
{ {
"name" : "34540", "name": "diskos-side-sql-injection(49509)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/34540" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49509"
}, },
{ {
"name" : "diskos-login-sql-injection(49510)", "name": "diskos-login-sql-injection(49510)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49510" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49510"
}, },
{ {
"name" : "diskos-side-sql-injection(49509)", "name": "34540",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/49509" "url": "http://secunia.com/advisories/34540"
} }
] ]
} }

86
2009/4xxx/CVE-2009-4863.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-4863", "ID": "CVE-2009-4863",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Stack-based buffer overflow in UltraPlayer Media Player 2.112 allows remote attackers to execute arbitrary code via a long string in a .usk file." "value": "Stack-based buffer overflow in UltraPlayer Media Player 2.112 allows remote attackers to execute arbitrary code via a long string in a .usk file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "9368", "name": "oval:org.mitre.oval:def:7438",
"refsource" : "EXPLOIT-DB", "refsource": "OVAL",
"url" : "http://www.exploit-db.com/exploits/9368" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7438"
}, },
{ {
"name" : "35956", "name": "35956",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/35956" "url": "http://www.securityfocus.com/bid/35956"
}, },
{ {
"name" : "oval:org.mitre.oval:def:7438", "name": "ADV-2009-2160",
"refsource" : "OVAL", "refsource": "VUPEN",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7438" "url": "http://www.vupen.com/english/advisories/2009/2160"
}, },
{ {
"name" : "ADV-2009-2160", "name": "ultraplayer-usk-bo(52281)",
"refsource" : "VUPEN", "refsource": "XF",
"url" : "http://www.vupen.com/english/advisories/2009/2160" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52281"
}, },
{ {
"name" : "ultraplayer-usk-bo(52281)", "name": "9368",
"refsource" : "XF", "refsource": "EXPLOIT-DB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/52281" "url": "http://www.exploit-db.com/exploits/9368"
} }
] ]
} }

68
2012/2xxx/CVE-2012-2626.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-2626", "ID": "CVE-2012-2626",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 does not require token authentication, which allows remote attackers to add administrative accounts via a userprefs action." "value": "cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 does not require token authentication, which allows remote attackers to add administrative accounts via a userprefs action."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.plixer.com/Press-Releases/plixer-releases-9-5-2.html", "name": "https://www.trustwave.com/spiderlabs/advisories/TWSL2012-014.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.plixer.com/Press-Releases/plixer-releases-9-5-2.html" "url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2012-014.txt"
}, },
{ {
"name" : "https://www.trustwave.com/spiderlabs/advisories/TWSL2012-014.txt", "name": "http://www.plixer.com/Press-Releases/plixer-releases-9-5-2.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.trustwave.com/spiderlabs/advisories/TWSL2012-014.txt" "url": "http://www.plixer.com/Press-Releases/plixer-releases-9-5-2.html"
} }
] ]
} }

104
2012/2xxx/CVE-2012-2711.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-2711", "ID": "CVE-2012-2711",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy List module 6.x-1.x before 6.x-1.4 for Drupal allow remote authenticated users with create or edit taxonomy terms permissions to inject arbitrary web script or HTML via vectors related to taxonomy information." "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy List module 6.x-1.x before 6.x-1.4 for Drupal allow remote authenticated users with create or edit taxonomy terms permissions to inject arbitrary web script or HTML via vectors related to taxonomy information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20120613 Re: CVE Request for Drupal contributed modules", "name": "82164",
"refsource" : "MLIST", "refsource": "OSVDB",
"url" : "http://www.openwall.com/lists/oss-security/2012/06/14/3" "url": "http://www.osvdb.org/82164"
}, },
{ {
"name" : "http://drupal.org/node/1597262", "name": "http://drupal.org/node/1597262",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://drupal.org/node/1597262" "url": "http://drupal.org/node/1597262"
}, },
{ {
"name" : "http://drupal.org/node/1595396", "name": "http://drupalcode.org/project/taxonomy_list.git/commitdiff/7dd21a0",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://drupal.org/node/1595396" "url": "http://drupalcode.org/project/taxonomy_list.git/commitdiff/7dd21a0"
}, },
{ {
"name" : "http://drupalcode.org/project/taxonomy_list.git/commitdiff/7dd21a0", "name": "taxonomylist-taxonomyinformation-xss(75867)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://drupalcode.org/project/taxonomy_list.git/commitdiff/7dd21a0" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75867"
}, },
{ {
"name" : "53671", "name": "53671",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/53671" "url": "http://www.securityfocus.com/bid/53671"
}, },
{ {
"name" : "82164", "name": "[oss-security] 20120613 Re: CVE Request for Drupal contributed modules",
"refsource" : "OSVDB", "refsource": "MLIST",
"url" : "http://www.osvdb.org/82164" "url": "http://www.openwall.com/lists/oss-security/2012/06/14/3"
}, },
{ {
"name" : "49238", "name": "http://drupal.org/node/1595396",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/49238" "url": "http://drupal.org/node/1595396"
}, },
{ {
"name" : "taxonomylist-taxonomyinformation-xss(75867)", "name": "49238",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75867" "url": "http://secunia.com/advisories/49238"
} }
] ]
} }

104
2012/2xxx/CVE-2012-2739.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-2739", "ID": "CVE-2012-2739",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Oracle Java SE before 7 Update 6, and OpenJDK 7 before 7u6 build 12 and 8 before build 39, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table." "value": "Oracle Java SE before 7 Update 6, and OpenJDK 7 before 7u6 build 12 and 8 before build 39, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[core-libs-dev] 20120522 Review Request CR#7118743 : Alternative Hashing for String with Hash-based Maps", "name": "http://www.nruns.com/_downloads/advisory28122011.pdf",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://mail.openjdk.java.net/pipermail/core-libs-dev/2012-May/010238.html" "url": "http://www.nruns.com/_downloads/advisory28122011.pdf"
}, },
{ {
"name" : "[oss-security] 20120615 CVE request: java hashdos vulnerability", "name": "http://armoredbarista.blogspot.de/2012/02/investigating-hashdos-issue.html",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://www.openwall.com/lists/oss-security/2012/06/15/12" "url": "http://armoredbarista.blogspot.de/2012/02/investigating-hashdos-issue.html"
}, },
{ {
"name" : "[oss-security] 20120616 Re: CVE request: java hashdos vulnerability", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=750533",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2012/06/17/1" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=750533"
}, },
{ {
"name" : "http://armoredbarista.blogspot.de/2012/02/investigating-hashdos-issue.html", "name": "[oss-security] 20120616 Re: CVE request: java hashdos vulnerability",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "http://armoredbarista.blogspot.de/2012/02/investigating-hashdos-issue.html" "url": "http://www.openwall.com/lists/oss-security/2012/06/17/1"
}, },
{ {
"name" : "http://www.nruns.com/_downloads/advisory28122011.pdf", "name": "VU#903934",
"refsource" : "MISC", "refsource": "CERT-VN",
"url" : "http://www.nruns.com/_downloads/advisory28122011.pdf" "url": "http://www.kb.cert.org/vuls/id/903934"
}, },
{ {
"name" : "http://www.ocert.org/advisories/ocert-2011-003.html", "name": "[oss-security] 20120615 CVE request: java hashdos vulnerability",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "http://www.ocert.org/advisories/ocert-2011-003.html" "url": "http://www.openwall.com/lists/oss-security/2012/06/15/12"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=750533", "name": "[core-libs-dev] 20120522 Review Request CR#7118743 : Alternative Hashing for String with Hash-based Maps",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=750533" "url": "http://mail.openjdk.java.net/pipermail/core-libs-dev/2012-May/010238.html"
}, },
{ {
"name" : "VU#903934", "name": "http://www.ocert.org/advisories/ocert-2011-003.html",
"refsource" : "CERT-VN", "refsource": "MISC",
"url" : "http://www.kb.cert.org/vuls/id/903934" "url": "http://www.ocert.org/advisories/ocert-2011-003.html"
} }
] ]
} }

80
2012/2xxx/CVE-2012-2823.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2012-2823", "ID": "CVE-2012-2823",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG resources." "value": "Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG resources."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://code.google.com/p/chromium/issues/detail?id=124356", "name": "openSUSE-SU-2012:0813",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "http://code.google.com/p/chromium/issues/detail?id=124356" "url": "https://hermes.opensuse.org/messages/15075728"
}, },
{ {
"name" : "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html", "name": "oval:org.mitre.oval:def:15204",
"refsource" : "CONFIRM", "refsource": "OVAL",
"url" : "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15204"
}, },
{ {
"name" : "openSUSE-SU-2012:0813", "name": "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "https://hermes.opensuse.org/messages/15075728" "url": "http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:15204", "name": "http://code.google.com/p/chromium/issues/detail?id=124356",
"refsource" : "OVAL", "refsource": "CONFIRM",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15204" "url": "http://code.google.com/p/chromium/issues/detail?id=124356"
} }
] ]
} }

22
2015/0xxx/CVE-2015-0148.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-0148", "ID": "CVE-2015-0148",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2015/0xxx/CVE-2015-0612.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-0612", "ID": "CVE-2015-0612",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU6, 8.6 before 8.6(2a)SU4, and 9.x before 9.1(2)SU2, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (SIP outage) via a crafted UDP packet, aka Bug ID CSCuh25062." "value": "The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU6, 8.6 before 8.6(2a)SU4, and 9.x before 9.1(2)SU2, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (SIP outage) via a crafted UDP packet, aka Bug ID CSCuh25062."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20150401 Multiple Vulnerabilities in Cisco Unity Connection", "name": "20150401 Multiple Vulnerabilities in Cisco Unity Connection",
"refsource" : "CISCO", "refsource": "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-cuc" "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-cuc"
}, },
{ {
"name" : "1032010", "name": "1032010",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032010" "url": "http://www.securitytracker.com/id/1032010"
} }
] ]
} }

74
2015/1xxx/CVE-2015-1477.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-1477", "ID": "CVE-2015-1477",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in the CMSJunkie J-ClassifiedsManager component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewad task to classifieds/offerring-ads." "value": "SQL injection vulnerability in the CMSJunkie J-ClassifiedsManager component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewad task to classifieds/offerring-ads."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "35911", "name": "http://packetstormsecurity.com/files/130093/JClassifiedsManager-Cross-Site-Scripting-SQL-Injection.html",
"refsource" : "EXPLOIT-DB", "refsource": "MISC",
"url" : "http://www.exploit-db.com/exploits/35911" "url": "http://packetstormsecurity.com/files/130093/JClassifiedsManager-Cross-Site-Scripting-SQL-Injection.html"
}, },
{ {
"name" : "http://packetstormsecurity.com/files/130093/JClassifiedsManager-Cross-Site-Scripting-SQL-Injection.html", "name": "117567",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://packetstormsecurity.com/files/130093/JClassifiedsManager-Cross-Site-Scripting-SQL-Injection.html" "url": "http://osvdb.org/show/osvdb/117567"
}, },
{ {
"name" : "117567", "name": "35911",
"refsource" : "OSVDB", "refsource": "EXPLOIT-DB",
"url" : "http://osvdb.org/show/osvdb/117567" "url": "http://www.exploit-db.com/exploits/35911"
} }
] ]
} }

116
2015/1xxx/CVE-2015-1547.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-1547", "ID": "CVE-2015-1547",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff5.tif." "value": "The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff5.tif."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20150124 Multiple vulnerabilities in LibTIFF and associated tools", "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://openwall.com/lists/oss-security/2015/01/24/16" "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
}, },
{ {
"name" : "[oss-security] 20150207 Re: Multiple vulnerabilities in LibTIFF and associated tools", "name": "RHSA-2016:1547",
"refsource" : "MLIST", "refsource": "REDHAT",
"url" : "http://openwall.com/lists/oss-security/2015/02/07/5" "url": "http://rhn.redhat.com/errata/RHSA-2016-1547.html"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "name": "GLSA-201701-16",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" "url": "https://security.gentoo.org/glsa/201701-16"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "name": "73438",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" "url": "http://www.securityfocus.com/bid/73438"
}, },
{ {
"name" : "DSA-3467", "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "http://www.debian.org/security/2016/dsa-3467" "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
}, },
{ {
"name" : "GLSA-201701-16", "name": "RHSA-2016:1546",
"refsource" : "GENTOO", "refsource": "REDHAT",
"url" : "https://security.gentoo.org/glsa/201701-16" "url": "http://rhn.redhat.com/errata/RHSA-2016-1546.html"
}, },
{ {
"name" : "RHSA-2016:1546", "name": "[oss-security] 20150207 Re: Multiple vulnerabilities in LibTIFF and associated tools",
"refsource" : "REDHAT", "refsource": "MLIST",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1546.html" "url": "http://openwall.com/lists/oss-security/2015/02/07/5"
}, },
{ {
"name" : "RHSA-2016:1547", "name": "DSA-3467",
"refsource" : "REDHAT", "refsource": "DEBIAN",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1547.html" "url": "http://www.debian.org/security/2016/dsa-3467"
}, },
{ {
"name" : "73438", "name": "[oss-security] 20150124 Multiple vulnerabilities in LibTIFF and associated tools",
"refsource" : "BID", "refsource": "MLIST",
"url" : "http://www.securityfocus.com/bid/73438" "url": "http://openwall.com/lists/oss-security/2015/01/24/16"
} }
] ]
} }

128
2015/1xxx/CVE-2015-1794.json
View File

@ -1,116 +1,116 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-1794", "ID": "CVE-2015-1794",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 before 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message." "value": "The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 before 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://openssl.org/news/secadv/20151203.txt", "name": "20151204 Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products",
"refsource" : "CONFIRM", "refsource": "CISCO",
"url" : "http://openssl.org/news/secadv/20151203.txt" "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl"
}, },
{ {
"name" : "https://git.openssl.org/?p=openssl.git;a=commit;h=ada57746b6b80beae73111fe1291bf8dd89af91c", "name": "SSA:2015-349-04",
"refsource" : "CONFIRM", "refsource": "SLACKWARE",
"url" : "https://git.openssl.org/?p=openssl.git;a=commit;h=ada57746b6b80beae73111fe1291bf8dd89af91c" "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.754583"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761"
}, },
{ {
"name" : "http://fortiguard.com/advisory/openssl-advisory-december-2015", "name": "USN-2830-1",
"refsource" : "CONFIRM", "refsource": "UBUNTU",
"url" : "http://fortiguard.com/advisory/openssl-advisory-december-2015" "url": "http://www.ubuntu.com/usn/USN-2830-1"
}, },
{ {
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
}, },
{ {
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761", "name": "http://openssl.org/news/secadv/20151203.txt",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761" "url": "http://openssl.org/news/secadv/20151203.txt"
}, },
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322", "name": "https://git.openssl.org/?p=openssl.git;a=commit;h=ada57746b6b80beae73111fe1291bf8dd89af91c",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322" "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=ada57746b6b80beae73111fe1291bf8dd89af91c"
}, },
{ {
"name" : "20151204 Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products", "name": "1034294",
"refsource" : "CISCO", "refsource": "SECTRACK",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl" "url": "http://www.securitytracker.com/id/1034294"
}, },
{ {
"name" : "SSA:2015-349-04", "name": "openSUSE-SU-2016:0637",
"refsource" : "SLACKWARE", "refsource": "SUSE",
"url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.754583" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html"
}, },
{ {
"name" : "openSUSE-SU-2016:0637", "name": "http://fortiguard.com/advisory/openssl-advisory-december-2015",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html" "url": "http://fortiguard.com/advisory/openssl-advisory-december-2015"
}, },
{ {
"name" : "USN-2830-1", "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "http://www.ubuntu.com/usn/USN-2830-1" "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322"
}, },
{ {
"name" : "1034294", "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1034294" "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759"
} }
] ]
} }

86
2015/1xxx/CVE-2015-1874.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-1874", "ID": "CVE-2015-1874",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in the Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin before 2.8.32 for WordPress allows remote attackers to hijack the authentication of administrators for requests that delete all plugin records via a request in the CF7DBPluginSubmissions page to wp-admin/admin.php." "value": "Cross-site request forgery (CSRF) vulnerability in the Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin before 2.8.32 for WordPress allows remote attackers to hijack the authentication of administrators for requests that delete all plugin records via a request in the CF7DBPluginSubmissions page to wp-admin/admin.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20150304 CSRF in Contact Form DB allows attacker to delete all stored form submissions (WordPress plugin)", "name": "72964",
"refsource" : "FULLDISC", "refsource": "BID",
"url" : "http://seclists.org/fulldisclosure/2015/Mar/21" "url": "http://www.securityfocus.com/bid/72964"
}, },
{ {
"name" : "http://packetstormsecurity.com/files/130654/WordPress-Contact-Form-DB-2.8.29-Cross-Site-Request-Forgery.html", "name": "http://packetstormsecurity.com/files/130654/WordPress-Contact-Form-DB-2.8.29-Cross-Site-Request-Forgery.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://packetstormsecurity.com/files/130654/WordPress-Contact-Form-DB-2.8.29-Cross-Site-Request-Forgery.html" "url": "http://packetstormsecurity.com/files/130654/WordPress-Contact-Form-DB-2.8.29-Cross-Site-Request-Forgery.html"
}, },
{ {
"name" : "https://security.dxw.com/advisories/csrf-in-contact-form-db-allows-attacker-to-delete-all-stored-form-submissions/", "name": "20150304 CSRF in Contact Form DB allows attacker to delete all stored form submissions (WordPress plugin)",
"refsource" : "MISC", "refsource": "FULLDISC",
"url" : "https://security.dxw.com/advisories/csrf-in-contact-form-db-allows-attacker-to-delete-all-stored-form-submissions/" "url": "http://seclists.org/fulldisclosure/2015/Mar/21"
}, },
{ {
"name" : "https://wordpress.org/plugins/contact-form-7-to-database-extension/changelog/", "name": "https://security.dxw.com/advisories/csrf-in-contact-form-db-allows-attacker-to-delete-all-stored-form-submissions/",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://wordpress.org/plugins/contact-form-7-to-database-extension/changelog/" "url": "https://security.dxw.com/advisories/csrf-in-contact-form-db-allows-attacker-to-delete-all-stored-form-submissions/"
}, },
{ {
"name" : "72964", "name": "https://wordpress.org/plugins/contact-form-7-to-database-extension/changelog/",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/72964" "url": "https://wordpress.org/plugins/contact-form-7-to-database-extension/changelog/"
} }
] ]
} }

68
2015/5xxx/CVE-2015-5038.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-5038", "ID": "CVE-2015-5038",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before CR4, 4.5 before CR5, and 5.0 before CR3 does not properly detect recursion during XML entity expansion, which allows remote attackers to cause a denial of service (CPU consumption and application crash) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564." "value": "IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before CR4, 4.5 before CR5, and 5.0 before CR3 does not properly detect recursion during XML entity expansion, which allows remote attackers to cause a denial of service (CPU consumption and application crash) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21971439", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21971439",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21971439" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21971439"
}, },
{ {
"name" : "LO87020", "name": "LO87020",
"refsource" : "AIXAPAR", "refsource": "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1LO87020" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1LO87020"
} }
] ]
} }

68
2015/5xxx/CVE-2015-5058.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-5058", "ID": "CVE-2015-5058",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Memory leak in the virtual server component in F5 Big-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.5.x before 11.5.1 HF10, 11.5.3 before HF1, and 11.6.0 before HF5, BIG-IQ Cloud, Device, and Security 4.4.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted ICMP packets." "value": "Memory leak in the virtual server component in F5 Big-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.5.x before 11.5.1 HF10, 11.5.3 before HF1, and 11.6.0 before HF5, BIG-IQ Cloud, Device, and Security 4.4.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted ICMP packets."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.f5.com/kb/en-us/solutions/public/17000/000/sol17047.html", "name": "https://support.f5.com/kb/en-us/solutions/public/17000/000/sol17047.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.f5.com/kb/en-us/solutions/public/17000/000/sol17047.html" "url": "https://support.f5.com/kb/en-us/solutions/public/17000/000/sol17047.html"
}, },
{ {
"name" : "1033334", "name": "1033334",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033334" "url": "http://www.securitytracker.com/id/1033334"
} }
] ]
} }

110
2015/5xxx/CVE-2015-5559.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-5559", "ID": "CVE-2015-5559",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565." "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-19.html", "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-19.html" "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
}, },
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", "name": "GLSA-201508-01",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" "url": "https://security.gentoo.org/glsa/201508-01"
}, },
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
}, },
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-19.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-19.html"
}, },
{ {
"name" : "GLSA-201508-01", "name": "openSUSE-SU-2015:1781",
"refsource" : "GENTOO", "refsource": "SUSE",
"url" : "https://security.gentoo.org/glsa/201508-01" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html"
}, },
{ {
"name" : "RHSA-2015:1603", "name": "1033235",
"refsource" : "REDHAT", "refsource": "SECTRACK",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1603.html" "url": "http://www.securitytracker.com/id/1033235"
}, },
{ {
"name" : "openSUSE-SU-2015:1781", "name": "76288",
"refsource" : "SUSE", "refsource": "BID",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html" "url": "http://www.securityfocus.com/bid/76288"
}, },
{ {
"name" : "76288", "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/76288" "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
}, },
{ {
"name" : "1033235", "name": "RHSA-2015:1603",
"refsource" : "SECTRACK", "refsource": "REDHAT",
"url" : "http://www.securitytracker.com/id/1033235" "url": "http://rhn.redhat.com/errata/RHSA-2015-1603.html"
} }
] ]
} }

128
2015/5xxx/CVE-2015-5567.json
View File

@ -1,116 +1,116 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-5567", "ID": "CVE-2015-5567",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5579." "value": "Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5579."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-23.html", "name": "RHSA-2015:1814",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-23.html" "url": "http://rhn.redhat.com/errata/RHSA-2015-1814.html"
}, },
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
}, },
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", "name": "openSUSE-SU-2015:1616",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00023.html"
}, },
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "name": "1033629",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" "url": "http://www.securitytracker.com/id/1033629"
}, },
{ {
"name" : "GLSA-201509-07", "name": "SUSE-SU-2015:1618",
"refsource" : "GENTOO", "refsource": "SUSE",
"url" : "https://security.gentoo.org/glsa/201509-07" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00024.html"
}, },
{ {
"name" : "RHSA-2015:1814", "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1814.html" "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
}, },
{ {
"name" : "openSUSE-SU-2015:1781", "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-23.html",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html" "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-23.html"
}, },
{ {
"name" : "SUSE-SU-2015:1614", "name": "SUSE-SU-2015:1614",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html"
}, },
{ {
"name" : "SUSE-SU-2015:1618", "name": "GLSA-201509-07",
"refsource" : "SUSE", "refsource": "GENTOO",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00024.html" "url": "https://security.gentoo.org/glsa/201509-07"
}, },
{ {
"name" : "openSUSE-SU-2015:1616", "name": "openSUSE-SU-2015:1781",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00023.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html"
}, },
{ {
"name" : "76800", "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/76800" "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
}, },
{ {
"name" : "1033629", "name": "76800",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1033629" "url": "http://www.securityfocus.com/bid/76800"
} }
] ]
} }

114
2018/11xxx/CVE-2018-11082.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@dell.com", "ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC" : "2018-10-01T07:00:00.000Z", "DATE_PUBLIC": "2018-10-01T07:00:00.000Z",
"ID" : "CVE-2018-11082", "ID": "CVE-2018-11082",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Cloud Foundry UAA MFA does not prevent brute force of MFA code" "TITLE": "Cloud Foundry UAA MFA does not prevent brute force of MFA code"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "UAA Release", "product_name": "UAA Release",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_name" : "all versions", "version_name": "all versions",
"version_value" : "61.0" "version_value": "61.0"
} }
] ]
} }
}, },
{ {
"product_name" : "UAA", "product_name": "UAA",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_name" : "all versions", "version_name": "all versions",
"version_value" : "4.20.0" "version_value": "4.20.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Cloud Foundry" "vendor_name": "Cloud Foundry"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cloud Foundry UAA, all versions prior to 4.20.0 and Cloud Foundry UAA Release, all versions prior to 61.0, allows brute forcing of MFA codes. A remote unauthenticated malicious user in possession of a valid username and password can brute force MFA to login as the targeted user." "value": "Cloud Foundry UAA, all versions prior to 4.20.0 and Cloud Foundry UAA Release, all versions prior to 61.0, allows brute forcing of MFA codes. A remote unauthenticated malicious user in possession of a valid username and password can brute force MFA to login as the targeted user."
} }
] ]
}, },
"impact" : { "impact": {
"cvss" : { "cvss": {
"attackComplexity" : "HIGH", "attackComplexity": "HIGH",
"attackVector" : "NETWORK", "attackVector": "NETWORK",
"availabilityImpact" : "HIGH", "availabilityImpact": "HIGH",
"baseScore" : 6.6, "baseScore": 6.6,
"baseSeverity" : "MEDIUM", "baseSeverity": "MEDIUM",
"confidentialityImpact" : "HIGH", "confidentialityImpact": "HIGH",
"integrityImpact" : "HIGH", "integrityImpact": "HIGH",
"privilegesRequired" : "HIGH", "privilegesRequired": "HIGH",
"scope" : "UNCHANGED", "scope": "UNCHANGED",
"userInteraction" : "NONE", "userInteraction": "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version" : "3.0" "version": "3.0"
} }
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Improper Access Control" "value": "Improper Access Control"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.cloudfoundry.org/blog/cve-2018-11082/", "name": "https://www.cloudfoundry.org/blog/cve-2018-11082/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.cloudfoundry.org/blog/cve-2018-11082/" "url": "https://www.cloudfoundry.org/blog/cve-2018-11082/"
} }
] ]
}, },
"source" : { "source": {
"discovery" : "UNKNOWN" "discovery": "UNKNOWN"
} }
} }

62
2018/11xxx/CVE-2018-11133.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11133", "ID": "CVE-2018-11133",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The 'fmt' parameter of the '/common/run_cross_report.php' script in the the Quest KACE System Management Appliance 8.0.318 is vulnerable to cross-site scripting." "value": "The 'fmt' parameter of the '/common/run_cross_report.php' script in the the Quest KACE System Management Appliance 8.0.318 is vulnerable to cross-site scripting."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.coresecurity.com/advisories/quest-kace-system-management-appliance-multiple-vulnerabilities", "name": "https://www.coresecurity.com/advisories/quest-kace-system-management-appliance-multiple-vulnerabilities",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.coresecurity.com/advisories/quest-kace-system-management-appliance-multiple-vulnerabilities" "url": "https://www.coresecurity.com/advisories/quest-kace-system-management-appliance-multiple-vulnerabilities"
} }
] ]
} }

74
2018/11xxx/CVE-2018-11179.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11179", "ID": "CVE-2018-11179",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 37 of 46)." "value": "Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 37 of 46)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20180531 [CORE-2018-0002] - Quest DR Series Disk Backup Multiple Vulnerabilities", "name": "20180531 [CORE-2018-0002] - Quest DR Series Disk Backup Multiple Vulnerabilities",
"refsource" : "FULLDISC", "refsource": "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2018/May/71" "url": "http://seclists.org/fulldisclosure/2018/May/71"
}, },
{ {
"name" : "http://packetstormsecurity.com/files/148003/Quest-DR-Series-Disk-Backup-Software-4.0.3-Code-Execution.html", "name": "http://packetstormsecurity.com/files/148003/Quest-DR-Series-Disk-Backup-Software-4.0.3-Code-Execution.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://packetstormsecurity.com/files/148003/Quest-DR-Series-Disk-Backup-Software-4.0.3-Code-Execution.html" "url": "http://packetstormsecurity.com/files/148003/Quest-DR-Series-Disk-Backup-Software-4.0.3-Code-Execution.html"
}, },
{ {
"name" : "https://www.coresecurity.com/advisories/quest-dr-series-disk-backup-multiple-vulnerabilities", "name": "https://www.coresecurity.com/advisories/quest-dr-series-disk-backup-multiple-vulnerabilities",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.coresecurity.com/advisories/quest-dr-series-disk-backup-multiple-vulnerabilities" "url": "https://www.coresecurity.com/advisories/quest-dr-series-disk-backup-multiple-vulnerabilities"
} }
] ]
} }

22
2018/3xxx/CVE-2018-3482.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-3482", "ID": "CVE-2018-3482",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/3xxx/CVE-2018-3521.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-3521", "ID": "CVE-2018-3521",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2018/3xxx/CVE-2018-3831.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "bressers@elastic.co", "ASSIGNER": "security@elastic.co",
"ID" : "CVE-2018-3831", "ID": "CVE-2018-3831",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Elasticsearch", "product_name": "Elasticsearch",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "before 5.6.12 and 6.4.1" "version_value": "before 5.6.12 and 6.4.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Elastic" "vendor_name": "Elastic"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch _cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens, or usernames. This could allow an authenticated Elasticsearch user to improperly view these details." "value": "Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. The Elasticsearch _cluster/settings API, when queried, could leak sensitive configuration information such as passwords, tokens, or usernames. This could allow an authenticated Elasticsearch user to improperly view these details."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-200: Information Exposure" "value": "CWE-200: Information Exposure"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://discuss.elastic.co/t/elastic-stack-6-4-1-and-5-6-12-security-update/149035", "name": "https://discuss.elastic.co/t/elastic-stack-6-4-1-and-5-6-12-security-update/149035",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://discuss.elastic.co/t/elastic-stack-6-4-1-and-5-6-12-security-update/149035" "url": "https://discuss.elastic.co/t/elastic-stack-6-4-1-and-5-6-12-security-update/149035"
}, },
{ {
"name" : "https://www.elastic.co/community/security", "name": "https://www.elastic.co/community/security",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.elastic.co/community/security" "url": "https://www.elastic.co/community/security"
} }
] ]
} }

70
2018/3xxx/CVE-2018-3971.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "talos-cna@cisco.com", "ASSIGNER": "talos-cna@cisco.com",
"DATE_PUBLIC" : "2018-10-25T00:00:00", "DATE_PUBLIC": "2018-10-25T00:00:00",
"ID" : "CVE-2018-3971", "ID": "CVE-2018-3971",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Sophos", "product_name": "Sophos",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Sophos HitmanPro.Alert - hmpalert.sys 3.7.6.744 - Windows 7 x86" "version_value": "Sophos HitmanPro.Alert - hmpalert.sys 3.7.6.744 - Windows 7 x86"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Talos" "vendor_name": "Talos"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP request to trigger this vulnerability." "value": "An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP request to trigger this vulnerability."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "write-what-where condition" "value": "write-what-where condition"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0636", "name": "105743",
"refsource" : "MISC", "refsource": "BID",
"url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0636" "url": "http://www.securityfocus.com/bid/105743"
}, },
{ {
"name" : "105743", "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0636",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/105743" "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0636"
} }
] ]
} }

64
2018/6xxx/CVE-2018-6263.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@nvidia.com", "ASSIGNER": "psirt@nvidia.com",
"DATE_PUBLIC" : "2018-11-19T00:00:00", "DATE_PUBLIC": "2018-11-19T00:00:00",
"ID" : "CVE-2018-6263", "ID": "CVE-2018-6263",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "GeForce Experience", "product_name": "GeForce Experience",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "3.16" "version_value": "3.16"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Nvidia Corporation" "vendor_name": "Nvidia Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows in which an attacker who has access to a local user account can plant a malicious dynamic link library (DLL) during application installation, which may lead to escalation of privileges." "value": "NVIDIA GeForce Experience contains a vulnerability in all versions prior to 3.16 on Windows in which an attacker who has access to a local user account can plant a malicious dynamic link library (DLL) during application installation, which may lead to escalation of privileges."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Escalation of privileges" "value": "Escalation of privileges"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://nvidia.custhelp.com/app/answers/detail/a_id/4740", "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4740",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/4740" "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4740"
} }
] ]
} }

74
2018/6xxx/CVE-2018-6393.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6393", "ID": "CVE-2018-6393",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** DISPUTED ** FreePBX 10.13.66-32bit and 14.0.1.24 (SNG7-PBX-64bit-1712-2) allow post-authentication SQL injection via the order parameter. NOTE: the vendor disputes this issue because it is intentional that a user can \"directly modify SQL tables ... [or] run shell scripts ... once ... logged in to the administration interface; there is no need to try to find input validation errors.\"" "value": "** DISPUTED ** FreePBX 10.13.66-32bit and 14.0.1.24 (SNG7-PBX-64bit-1712-2) allow post-authentication SQL injection via the order parameter. NOTE: the vendor disputes this issue because it is intentional that a user can \"directly modify SQL tables ... [or] run shell scripts ... once ... logged in to the administration interface; there is no need to try to find input validation errors.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://code610.blogspot.com/2018/01/post-auth-sql-injection-in-freepbx.html", "name": "https://github.com/c610/tmp/blob/master/sqlipoc-freepbx-14.0.1.24-req.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://code610.blogspot.com/2018/01/post-auth-sql-injection-in-freepbx.html" "url": "https://github.com/c610/tmp/blob/master/sqlipoc-freepbx-14.0.1.24-req.txt"
}, },
{ {
"name" : "https://github.com/c610/tmp/blob/master/sqlipoc-freepbx-14.0.1.24-req.txt", "name": "102854",
"refsource" : "MISC", "refsource": "BID",
"url" : "https://github.com/c610/tmp/blob/master/sqlipoc-freepbx-14.0.1.24-req.txt" "url": "http://www.securityfocus.com/bid/102854"
}, },
{ {
"name" : "102854", "name": "http://code610.blogspot.com/2018/01/post-auth-sql-injection-in-freepbx.html",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/102854" "url": "http://code610.blogspot.com/2018/01/post-auth-sql-injection-in-freepbx.html"
} }
] ]
} }

80
2018/7xxx/CVE-2018-7115.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security-alert@hpe.com", "ASSIGNER": "security-alert@hpe.com",
"ID" : "CVE-2018-7115", "ID": "CVE-2018-7115",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "HPE Intelligent Management Center (IMC)", "product_name": "HPE Intelligent Management Center (IMC)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "prior to IMC PLAT 7.3 (E0605P06)" "version_value": "prior to IMC PLAT 7.3 (E0605P06)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Hewlett Packard Enterprise" "vendor_name": "Hewlett Packard Enterprise"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote buffer overflow in dbman.exe opcode 10001 on Windows. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions." "value": "HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote buffer overflow in dbman.exe opcode 10001 on Windows. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "remote buffer overflow" "value": "remote buffer overflow"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03906en_us", "name": "1042182",
"refsource" : "MISC", "refsource": "SECTRACK",
"url" : "https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03906en_us" "url": "http://www.securitytracker.com/id/1042182"
}, },
{ {
"name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03906en_us", "name": "106211",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03906en_us" "url": "http://www.securityfocus.com/bid/106211"
}, },
{ {
"name" : "106211", "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03906en_us",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/106211" "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03906en_us"
}, },
{ {
"name" : "1042182", "name": "https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03906en_us",
"refsource" : "SECTRACK", "refsource": "MISC",
"url" : "http://www.securitytracker.com/id/1042182" "url": "https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03906en_us"
} }
] ]
} }

74
2018/7xxx/CVE-2018-7422.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7422", "ID": "CVE-2018-7422",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path traversal." "value": "A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path traversal."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "44340", "name": "http://seclists.org/fulldisclosure/2018/Mar/40",
"refsource" : "EXPLOIT-DB", "refsource": "MISC",
"url" : "https://www.exploit-db.com/exploits/44340/" "url": "http://seclists.org/fulldisclosure/2018/Mar/40"
}, },
{ {
"name" : "http://seclists.org/fulldisclosure/2018/Mar/40", "name": "44340",
"refsource" : "MISC", "refsource": "EXPLOIT-DB",
"url" : "http://seclists.org/fulldisclosure/2018/Mar/40" "url": "https://www.exploit-db.com/exploits/44340/"
}, },
{ {
"name" : "https://wpvulndb.com/vulnerabilities/9044", "name": "https://wpvulndb.com/vulnerabilities/9044",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://wpvulndb.com/vulnerabilities/9044" "url": "https://wpvulndb.com/vulnerabilities/9044"
} }
] ]
} }

68
2018/7xxx/CVE-2018-7745.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7745", "ID": "CVE-2018-7745",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in Western Bridge Cobub Razor 0.7.2. Authentication is not required for /index.php?/install/installation/createuserinfo requests, resulting in account creation." "value": "An issue was discovered in Western Bridge Cobub Razor 0.7.2. Authentication is not required for /index.php?/install/installation/createuserinfo requests, resulting in account creation."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "44419", "name": "44419",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/44419/" "url": "https://www.exploit-db.com/exploits/44419/"
}, },
{ {
"name" : "https://github.com/cobub/razor/issues/161", "name": "https://github.com/cobub/razor/issues/161",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/cobub/razor/issues/161" "url": "https://github.com/cobub/razor/issues/161"
} }
] ]
} }

86
2018/7xxx/CVE-2018-7747.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7747", "ID": "CVE-2018-7747",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the Caldera Forms plugin before 1.6.0-rc.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a greeting message, (2) the email transaction log, or (3) an imported form." "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Caldera Forms plugin before 1.6.0-rc.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a greeting message, (2) the email transaction log, or (3) an imported form."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "44489", "name": "https://calderaforms.com/2018/03/caldera-forms-1-6-is-here/",
"refsource" : "EXPLOIT-DB", "refsource": "CONFIRM",
"url" : "https://www.exploit-db.com/exploits/44489/" "url": "https://calderaforms.com/2018/03/caldera-forms-1-6-is-here/"
}, },
{ {
"name" : "http://packetstormsecurity.com/files/147257/WordPress-Caldera-Forms-1.5.9.1-Cross-Site-Scripting.html", "name": "https://wordpress.org/plugins/caldera-forms/#developers",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://packetstormsecurity.com/files/147257/WordPress-Caldera-Forms-1.5.9.1-Cross-Site-Scripting.html" "url": "https://wordpress.org/plugins/caldera-forms/#developers"
}, },
{ {
"name" : "https://wordpress.org/plugins/caldera-forms/#developers", "name": "http://packetstormsecurity.com/files/147257/WordPress-Caldera-Forms-1.5.9.1-Cross-Site-Scripting.html",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://wordpress.org/plugins/caldera-forms/#developers" "url": "http://packetstormsecurity.com/files/147257/WordPress-Caldera-Forms-1.5.9.1-Cross-Site-Scripting.html"
}, },
{ {
"name" : "https://calderaforms.com/2018/03/caldera-forms-1-6-is-here/", "name": "https://calderaforms.com/updates/caldera-forms-1-6-0/#security",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://calderaforms.com/2018/03/caldera-forms-1-6-is-here/" "url": "https://calderaforms.com/updates/caldera-forms-1-6-0/#security"
}, },
{ {
"name" : "https://calderaforms.com/updates/caldera-forms-1-6-0/#security", "name": "44489",
"refsource" : "CONFIRM", "refsource": "EXPLOIT-DB",
"url" : "https://calderaforms.com/updates/caldera-forms-1-6-0/#security" "url": "https://www.exploit-db.com/exploits/44489/"
} }
] ]
} }

68
2018/7xxx/CVE-2018-7813.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cybersecurity@se.com", "ASSIGNER": "cybersecurity@schneider-electric.com",
"ID" : "CVE-2018-7813", "ID": "CVE-2018-7813",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0)", "product_name": "Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0)" "version_value": "Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Schneider Electric SE" "vendor_name": "Schneider Electric SE"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on pcwin.dll which could cause remote code to be executed when parsing a GD1 file" "value": "A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on pcwin.dll which could cause remote code to be executed when parsing a GD1 file"
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Type Confusion" "value": "Type Confusion"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.schneider-electric.com/ww/en/download/document/SEVD-2018-338-01", "name": "https://www.schneider-electric.com/ww/en/download/document/SEVD-2018-338-01",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.schneider-electric.com/ww/en/download/document/SEVD-2018-338-01" "url": "https://www.schneider-electric.com/ww/en/download/document/SEVD-2018-338-01"
}, },
{ {
"name" : "106218", "name": "106218",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/106218" "url": "http://www.securityfocus.com/bid/106218"
} }
] ]
} }

22
2018/7xxx/CVE-2018-7980.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-7980", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2018-7980",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none."
} }
] ]
} }

82
2018/8xxx/CVE-2018-8041.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@apache.org", "ASSIGNER": "security@apache.org",
"DATE_PUBLIC" : "2018-07-09T00:00:00", "DATE_PUBLIC": "2018-07-09T00:00:00",
"ID" : "CVE-2018-8041", "ID": "CVE-2018-8041",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Apache Camel", "product_name": "Apache Camel",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Camel 2.20.0 to 2.20.3, Camel 2.21.0 to 2.21.1 and Camel 2.22.0" "version_value": "Camel 2.20.0 to 2.20.3, Camel 2.21.0 to 2.21.1 and Camel 2.22.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Apache Software Foundation" "vendor_name": "Apache Software Foundation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Apache Camel's Mail 2.20.0 through 2.20.3, 2.21.0 through 2.21.1 and 2.22.0 is vulnerable to path traversal." "value": "Apache Camel's Mail 2.20.0 through 2.20.3, 2.21.0 through 2.21.1 and 2.22.0 is vulnerable to path traversal."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Path traversal" "value": "Path traversal"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://camel.apache.org/security-advisories.data/CVE-2018-8041.txt.asc?version=1&modificationDate=1536746339000&api=v2", "name": "http://camel.apache.org/security-advisories.data/CVE-2018-8041.txt.asc?version=1&modificationDate=1536746339000&api=v2",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://camel.apache.org/security-advisories.data/CVE-2018-8041.txt.asc?version=1&modificationDate=1536746339000&api=v2" "url": "http://camel.apache.org/security-advisories.data/CVE-2018-8041.txt.asc?version=1&modificationDate=1536746339000&api=v2"
}, },
{ {
"name" : "https://issues.apache.org/jira/browse/CAMEL-12630", "name": "105352",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://issues.apache.org/jira/browse/CAMEL-12630" "url": "http://www.securityfocus.com/bid/105352"
}, },
{ {
"name" : "RHSA-2018:3768", "name": "https://issues.apache.org/jira/browse/CAMEL-12630",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "https://access.redhat.com/errata/RHSA-2018:3768" "url": "https://issues.apache.org/jira/browse/CAMEL-12630"
}, },
{ {
"name" : "105352", "name": "RHSA-2018:3768",
"refsource" : "BID", "refsource": "REDHAT",
"url" : "http://www.securityfocus.com/bid/105352" "url": "https://access.redhat.com/errata/RHSA-2018:3768"
} }
] ]
} }

22
2018/8xxx/CVE-2018-8135.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-8135", "ID": "CVE-2018-8135",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

112
2018/8xxx/CVE-2018-8214.json
View File

@ -1,120 +1,120 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8214", "ID": "CVE-2018-8214",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Windows Server 2016", "product_name": "Windows Server 2016",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 10", "product_name": "Windows 10",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Version 1607 for 32-bit Systems" "version_value": "Version 1607 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1607 for x64-based Systems" "version_value": "Version 1607 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1703 for 32-bit Systems" "version_value": "Version 1703 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1703 for x64-based Systems" "version_value": "Version 1703 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1709 for 32-bit Systems" "version_value": "Version 1709 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1709 for x64-based Systems" "version_value": "Version 1709 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1803 for 32-bit Systems" "version_value": "Version 1803 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1803 for x64-based Systems" "version_value": "Version 1803 for x64-based Systems"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 10 Servers", "product_name": "Windows 10 Servers",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "version 1709 (Server Core Installation)" "version_value": "version 1709 (Server Core Installation)"
}, },
{ {
"version_value" : "version 1803 (Server Core Installation)" "version_value": "version 1803 (Server Core Installation)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka \"Windows Desktop Bridge Elevation of Privilege Vulnerability.\" This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8208." "value": "An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka \"Windows Desktop Bridge Elevation of Privilege Vulnerability.\" This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8208."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Elevation of Privilege" "value": "Elevation of Privilege"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "44915", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8214",
"refsource" : "EXPLOIT-DB", "refsource": "CONFIRM",
"url" : "https://www.exploit-db.com/exploits/44915/" "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8214"
}, },
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8214", "name": "44915",
"refsource" : "CONFIRM", "refsource": "EXPLOIT-DB",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8214" "url": "https://www.exploit-db.com/exploits/44915/"
}, },
{ {
"name" : "104394", "name": "104394",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/104394" "url": "http://www.securityfocus.com/bid/104394"
}, },
{ {
"name" : "1041093", "name": "1041093",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041093" "url": "http://www.securitytracker.com/id/1041093"
} }
] ]
} }

74
2018/8xxx/CVE-2018-8298.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8298", "ID": "CVE-2018-8298",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "ChakraCore", "product_name": "ChakraCore",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "ChakraCore" "version_value": "ChakraCore"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296." "value": "A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8291, CVE-2018-8296."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Remote Code Execution" "value": "Remote Code Execution"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "45217", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8298",
"refsource" : "EXPLOIT-DB", "refsource": "CONFIRM",
"url" : "https://www.exploit-db.com/exploits/45217/" "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8298"
}, },
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8298", "name": "104639",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8298" "url": "http://www.securityfocus.com/bid/104639"
}, },
{ {
"name" : "104639", "name": "45217",
"refsource" : "BID", "refsource": "EXPLOIT-DB",
"url" : "http://www.securityfocus.com/bid/104639" "url": "https://www.exploit-db.com/exploits/45217/"
} }
] ]
} }

76
2018/8xxx/CVE-2018-8366.json
View File

@ -1,74 +1,74 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2018-8366", "ID": "CVE-2018-8366",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Microsoft Edge", "product_name": "Microsoft Edge",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows 10 Version 1803 for 32-bit Systems" "version_value": "Windows 10 Version 1803 for 32-bit Systems"
}, },
{ {
"version_value" : "Windows 10 Version 1803 for x64-based Systems" "version_value": "Windows 10 Version 1803 for x64-based Systems"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type, aka \"Microsoft Edge Information Disclosure Vulnerability.\" This affects Microsoft Edge." "value": "An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type, aka \"Microsoft Edge Information Disclosure Vulnerability.\" This affects Microsoft Edge."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Information Disclosure" "value": "Information Disclosure"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8366", "name": "105253",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8366" "url": "http://www.securityfocus.com/bid/105253"
}, },
{ {
"name" : "105253", "name": "1041623",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/105253" "url": "http://www.securitytracker.com/id/1041623"
}, },
{ {
"name" : "1041623", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8366",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1041623" "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8366"
} }
] ]
} }

88
2018/8xxx/CVE-2018-8859.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "ics-cert@hq.dhs.gov", "ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC" : "2018-07-19T00:00:00", "DATE_PUBLIC": "2018-07-19T00:00:00",
"ID" : "CVE-2018-8859", "ID": "CVE-2018-8859",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SmartServer 1", "product_name": "SmartServer 1",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "all versions" "version_value": "all versions"
} }
] ]
} }
}, },
{ {
"product_name" : "SmartServer 2", "product_name": "SmartServer 2",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "all versions prior to release 4.11.007" "version_value": "all versions prior to release 4.11.007"
} }
] ]
} }
}, },
{ {
"product_name" : "i.LON 100", "product_name": "i.LON 100",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "all versions" "version_value": "all versions"
} }
] ]
} }
}, },
{ {
"product_name" : "i.LON 600", "product_name": "i.LON 600",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "all versions" "version_value": "all versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Echelon" "vendor_name": "Echelon"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can bypass the required authentication specified in the security configuration file by including extra characters in the directory name when specifying the directory to be accessed. This vulnerability does not affect the i.LON 600 product." "value": "Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can bypass the required authentication specified in the security configuration file by including extra characters in the directory name when specifying the directory to be accessed. This vulnerability does not affect the i.LON 600 product."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "AUTHENTICATION BYPASS USING AN ALTERNATE PATH OR CHANNEL CWE-288" "value": "AUTHENTICATION BYPASS USING AN ALTERNATE PATH OR CHANNEL CWE-288"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-200-03", "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-200-03",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-200-03" "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-200-03"
} }
] ]
} }